diff --git a/kubernetes/argocd/applications/argocd.yaml b/kubernetes/argocd/applications/argocd.yaml index 44b35bcf3..97a4fe79a 100644 --- a/kubernetes/argocd/applications/argocd.yaml +++ b/kubernetes/argocd/applications/argocd.yaml @@ -14,5 +14,7 @@ spec: project: default source: path: kubernetes/argocd/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD + plugin: + name: argocd-vault-plugin-kustomize diff --git a/kubernetes/argocd/applications/bitwarden.yaml b/kubernetes/argocd/applications/bitwarden.yaml index db4fb7bd6..32f5318dd 100644 --- a/kubernetes/argocd/applications/bitwarden.yaml +++ b/kubernetes/argocd/applications/bitwarden.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/bitwarden/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/certificate-manager.yaml b/kubernetes/argocd/applications/certificate-manager.yaml index a08cba61e..89671815d 100644 --- a/kubernetes/argocd/applications/certificate-manager.yaml +++ b/kubernetes/argocd/applications/certificate-manager.yaml @@ -15,8 +15,10 @@ spec: project: default source: path: kubernetes/cert-manager/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD + plugin: + name: argocd-vault-plugin-kustomize syncPolicy: syncOptions: - CreateNamespace=true diff --git a/kubernetes/argocd/applications/cockroachdb.yaml b/kubernetes/argocd/applications/cockroachdb.yaml index 1ca1b7513..f532ccb68 100644 --- a/kubernetes/argocd/applications/cockroachdb.yaml +++ b/kubernetes/argocd/applications/cockroachdb.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/cockroachdb/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/container-security-operator.yaml b/kubernetes/argocd/applications/container-security-operator.yaml index bd9103467..920d7335e 100644 --- a/kubernetes/argocd/applications/container-security-operator.yaml +++ b/kubernetes/argocd/applications/container-security-operator.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/container-security/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/dragonfly-operator.yaml b/kubernetes/argocd/applications/dragonfly-operator.yaml index c6b912e54..2edf4b270 100644 --- a/kubernetes/argocd/applications/dragonfly-operator.yaml +++ b/kubernetes/argocd/applications/dragonfly-operator.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/dragonfly-operator/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/eclipse-che-operator.yaml b/kubernetes/argocd/applications/eclipse-che-operator.yaml index f80580594..c67acfb12 100644 --- a/kubernetes/argocd/applications/eclipse-che-operator.yaml +++ b/kubernetes/argocd/applications/eclipse-che-operator.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/eclipse-che/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/gitea.yaml b/kubernetes/argocd/applications/gitea.yaml index d022fde3b..1a084e7a5 100644 --- a/kubernetes/argocd/applications/gitea.yaml +++ b/kubernetes/argocd/applications/gitea.yaml @@ -15,8 +15,10 @@ spec: project: default source: path: kubernetes/gitea/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD + plugin: + name: argocd-vault-plugin-kustomize syncPolicy: syncOptions: - CreateNamespace=true diff --git a/kubernetes/argocd/applications/grafana.yaml b/kubernetes/argocd/applications/grafana.yaml index fb9dbc8a5..5dfa6a552 100644 --- a/kubernetes/argocd/applications/grafana.yaml +++ b/kubernetes/argocd/applications/grafana.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/grafana/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/heimdall.yaml b/kubernetes/argocd/applications/heimdall.yaml index 3ce3209e7..025b9a794 100644 --- a/kubernetes/argocd/applications/heimdall.yaml +++ b/kubernetes/argocd/applications/heimdall.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/heimdall/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/homeassistant.yaml b/kubernetes/argocd/applications/homeassistant.yaml index 6ee67867e..beb3a8081 100644 --- a/kubernetes/argocd/applications/homeassistant.yaml +++ b/kubernetes/argocd/applications/homeassistant.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/homeassistant/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/homelab.yaml b/kubernetes/argocd/applications/homelab.yaml index 60aa40b92..f7fa7f64b 100644 --- a/kubernetes/argocd/applications/homelab.yaml +++ b/kubernetes/argocd/applications/homelab.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: tekton/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/imagepuller.yaml b/kubernetes/argocd/applications/imagepuller.yaml index ebf236617..2fa8f4ece 100644 --- a/kubernetes/argocd/applications/imagepuller.yaml +++ b/kubernetes/argocd/applications/imagepuller.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/imagepuller/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/influxdb.yaml b/kubernetes/argocd/applications/influxdb.yaml index 4668dfbac..d73eb6b6a 100644 --- a/kubernetes/argocd/applications/influxdb.yaml +++ b/kubernetes/argocd/applications/influxdb.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/influxdb/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/k3s/heimdall.yaml b/kubernetes/argocd/applications/k3s/heimdall.yaml index a38e89156..a918b6b47 100644 --- a/kubernetes/argocd/applications/k3s/heimdall.yaml +++ b/kubernetes/argocd/applications/k3s/heimdall.yaml @@ -15,8 +15,10 @@ spec: project: default source: path: kubernetes/heimdall/overlays/k3s - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD + plugin: + name: argocd-vault-plugin-kustomize syncPolicy: syncOptions: - CreateNamespace=true diff --git a/kubernetes/argocd/applications/k3s/kubernetes-dashboard.yaml b/kubernetes/argocd/applications/k3s/kubernetes-dashboard.yaml index 5812a4254..4bb1bc306 100644 --- a/kubernetes/argocd/applications/k3s/kubernetes-dashboard.yaml +++ b/kubernetes/argocd/applications/k3s/kubernetes-dashboard.yaml @@ -15,8 +15,10 @@ spec: project: default source: path: kubernetes/kubernetes-dashboard/overlays/k3s - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD + plugin: + name: argocd-vault-plugin-kustomize syncPolicy: syncOptions: - CreateNamespace=true diff --git a/kubernetes/argocd/applications/k3s/longhorn.yaml b/kubernetes/argocd/applications/k3s/longhorn.yaml index 247dea982..7213435bf 100644 --- a/kubernetes/argocd/applications/k3s/longhorn.yaml +++ b/kubernetes/argocd/applications/k3s/longhorn.yaml @@ -15,8 +15,10 @@ spec: project: default source: path: kubernetes/longhorn/overlays/k3s - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD + plugin: + name: argocd-vault-plugin-kustomize syncPolicy: syncOptions: - CreateNamespace=true diff --git a/kubernetes/argocd/applications/k3s/stackrox-secure.yaml b/kubernetes/argocd/applications/k3s/stackrox-secure.yaml index 0cbab2b4d..d7af3ad09 100644 --- a/kubernetes/argocd/applications/k3s/stackrox-secure.yaml +++ b/kubernetes/argocd/applications/k3s/stackrox-secure.yaml @@ -15,8 +15,10 @@ spec: project: default source: path: kubernetes/stackrox-secure/overlays/k3s - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD + plugin: + name: argocd-vault-plugin-kustomize syncPolicy: syncOptions: - CreateNamespace=true diff --git a/kubernetes/argocd/applications/k3s/traefik.yaml b/kubernetes/argocd/applications/k3s/traefik.yaml index 213ef9e79..d3a1c1589 100644 --- a/kubernetes/argocd/applications/k3s/traefik.yaml +++ b/kubernetes/argocd/applications/k3s/traefik.yaml @@ -15,8 +15,10 @@ spec: project: default source: path: kubernetes/traefik/overlays/k3s - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD + plugin: + name: argocd-vault-plugin-kustomize syncPolicy: syncOptions: - CreateNamespace=true diff --git a/kubernetes/argocd/applications/k3s/vault.yaml b/kubernetes/argocd/applications/k3s/vault.yaml index c6c67e3a8..a1bd481dc 100644 --- a/kubernetes/argocd/applications/k3s/vault.yaml +++ b/kubernetes/argocd/applications/k3s/vault.yaml @@ -15,8 +15,10 @@ spec: project: default source: path: kubernetes/vault/overlays/k3s - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD + plugin: + name: argocd-vault-plugin-kustomize syncPolicy: syncOptions: - CreateNamespace=true diff --git a/kubernetes/argocd/applications/keep-alive.yaml b/kubernetes/argocd/applications/keep-alive.yaml index 36095f9fd..d2155305b 100644 --- a/kubernetes/argocd/applications/keep-alive.yaml +++ b/kubernetes/argocd/applications/keep-alive.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/keep-alive/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/knative.yaml b/kubernetes/argocd/applications/knative.yaml index 3887c9863..42244e230 100644 --- a/kubernetes/argocd/applications/knative.yaml +++ b/kubernetes/argocd/applications/knative.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/knative/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/kube-eagle.yaml b/kubernetes/argocd/applications/kube-eagle.yaml index e3f52fc7e..d8a4d199f 100644 --- a/kubernetes/argocd/applications/kube-eagle.yaml +++ b/kubernetes/argocd/applications/kube-eagle.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/kube-eagle/overlays/default - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/kube-vip.yaml b/kubernetes/argocd/applications/kube-vip.yaml index 47695be1b..944838024 100644 --- a/kubernetes/argocd/applications/kube-vip.yaml +++ b/kubernetes/argocd/applications/kube-vip.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/kube-vip/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/kyverno.yaml b/kubernetes/argocd/applications/kyverno.yaml index 4c0ff972a..a56302e83 100644 --- a/kubernetes/argocd/applications/kyverno.yaml +++ b/kubernetes/argocd/applications/kyverno.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/kyverno/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/loki.yaml b/kubernetes/argocd/applications/loki.yaml index 48b7c7797..dc2c41a2e 100644 --- a/kubernetes/argocd/applications/loki.yaml +++ b/kubernetes/argocd/applications/loki.yaml @@ -15,8 +15,10 @@ spec: project: default source: path: kubernetes/loki/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD + plugin: + name: argocd-vault-plugin-kustomize syncPolicy: syncOptions: - CreateNamespace=true diff --git a/kubernetes/argocd/applications/longhorn-system.yaml b/kubernetes/argocd/applications/longhorn-system.yaml index fd77cc5c1..c9e81e466 100644 --- a/kubernetes/argocd/applications/longhorn-system.yaml +++ b/kubernetes/argocd/applications/longhorn-system.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/longhorn/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/mariadb-galera.yaml b/kubernetes/argocd/applications/mariadb-galera.yaml index 95cce2d7f..f126ed494 100644 --- a/kubernetes/argocd/applications/mariadb-galera.yaml +++ b/kubernetes/argocd/applications/mariadb-galera.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/mariadb-galera/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/minio-operator.yaml b/kubernetes/argocd/applications/minio-operator.yaml index bf38e903f..c1083a559 100644 --- a/kubernetes/argocd/applications/minio-operator.yaml +++ b/kubernetes/argocd/applications/minio-operator.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/minio-operator/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/mongodb-operator.yaml b/kubernetes/argocd/applications/mongodb-operator.yaml index e7332073a..ce62cab8b 100644 --- a/kubernetes/argocd/applications/mongodb-operator.yaml +++ b/kubernetes/argocd/applications/mongodb-operator.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/mongodb-operator/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/network-observability.yaml b/kubernetes/argocd/applications/network-observability.yaml index 3d4e27236..340ebc2bf 100644 --- a/kubernetes/argocd/applications/network-observability.yaml +++ b/kubernetes/argocd/applications/network-observability.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/network-observability/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/nextcloud.yaml b/kubernetes/argocd/applications/nextcloud.yaml index 766a31580..54d14bae8 100644 --- a/kubernetes/argocd/applications/nextcloud.yaml +++ b/kubernetes/argocd/applications/nextcloud.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/nextcloud/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/okd-configuration.yaml b/kubernetes/argocd/applications/okd-configuration.yaml index cdaf42f82..b2470cf4e 100644 --- a/kubernetes/argocd/applications/okd-configuration.yaml +++ b/kubernetes/argocd/applications/okd-configuration.yaml @@ -14,5 +14,7 @@ spec: project: default source: path: okd/okd-configuration/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD + plugin: + name: argocd-vault-plugin-kustomize diff --git a/kubernetes/argocd/applications/openshift-monitoring.yaml b/kubernetes/argocd/applications/openshift-monitoring.yaml index 685d43091..98b6fcc9c 100644 --- a/kubernetes/argocd/applications/openshift-monitoring.yaml +++ b/kubernetes/argocd/applications/openshift-monitoring.yaml @@ -15,5 +15,5 @@ spec: project: default source: path: okd/openshift-monitoring/base - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD diff --git a/kubernetes/argocd/applications/photoprism.yaml b/kubernetes/argocd/applications/photoprism.yaml index ea31f0c09..b93747899 100644 --- a/kubernetes/argocd/applications/photoprism.yaml +++ b/kubernetes/argocd/applications/photoprism.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/photoprism/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/phpmyadmin.yaml b/kubernetes/argocd/applications/phpmyadmin.yaml index a1cca9a6c..11284ab2d 100644 --- a/kubernetes/argocd/applications/phpmyadmin.yaml +++ b/kubernetes/argocd/applications/phpmyadmin.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/phpmyadmin/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/postgres.yaml b/kubernetes/argocd/applications/postgres.yaml index 836fbc8f1..a02eb6212 100644 --- a/kubernetes/argocd/applications/postgres.yaml +++ b/kubernetes/argocd/applications/postgres.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/postgres/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/prometheus.yaml b/kubernetes/argocd/applications/prometheus.yaml index 183f1c65b..003003082 100644 --- a/kubernetes/argocd/applications/prometheus.yaml +++ b/kubernetes/argocd/applications/prometheus.yaml @@ -15,8 +15,10 @@ spec: project: default source: path: kubernetes/prometheus/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD + plugin: + name: argocd-vault-plugin-kustomize syncPolicy: syncOptions: - CreateNamespace=true diff --git a/kubernetes/argocd/applications/quay.yaml b/kubernetes/argocd/applications/quay.yaml index ea6d79709..88c8970ec 100644 --- a/kubernetes/argocd/applications/quay.yaml +++ b/kubernetes/argocd/applications/quay.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/quay/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/stackrox-central.yaml b/kubernetes/argocd/applications/stackrox-central.yaml index a0ffcf5a1..0a00490b6 100644 --- a/kubernetes/argocd/applications/stackrox-central.yaml +++ b/kubernetes/argocd/applications/stackrox-central.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/stackrox-central/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/stackrox-secure.yaml b/kubernetes/argocd/applications/stackrox-secure.yaml index e1e24e387..b64fabdb6 100644 --- a/kubernetes/argocd/applications/stackrox-secure.yaml +++ b/kubernetes/argocd/applications/stackrox-secure.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/stackrox-secure/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/tekton.yaml b/kubernetes/argocd/applications/tekton.yaml index 6ec2f86aa..afa1f8e63 100644 --- a/kubernetes/argocd/applications/tekton.yaml +++ b/kubernetes/argocd/applications/tekton.yaml @@ -15,8 +15,10 @@ spec: project: default source: path: kubernetes/tekton/overlays/operator - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD + plugin: + name: argocd-vault-plugin-kustomize syncPolicy: syncOptions: - CreateNamespace=true diff --git a/kubernetes/argocd/applications/traefik.yaml b/kubernetes/argocd/applications/traefik.yaml index 9192b8bc7..fa97c85e4 100644 --- a/kubernetes/argocd/applications/traefik.yaml +++ b/kubernetes/argocd/applications/traefik.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/traefik/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/unifi-network-application.yaml b/kubernetes/argocd/applications/unifi-network-application.yaml index fc8cc3c28..2ca7fd619 100644 --- a/kubernetes/argocd/applications/unifi-network-application.yaml +++ b/kubernetes/argocd/applications/unifi-network-application.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/unifi-network-application/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/uptime-kuma.yaml b/kubernetes/argocd/applications/uptime-kuma.yaml index f4d0e7e3e..d87dd8a04 100644 --- a/kubernetes/argocd/applications/uptime-kuma.yaml +++ b/kubernetes/argocd/applications/uptime-kuma.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/uptime-kuma/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/vault.yaml b/kubernetes/argocd/applications/vault.yaml index a6a818a54..c4d151416 100644 --- a/kubernetes/argocd/applications/vault.yaml +++ b/kubernetes/argocd/applications/vault.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/vault/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/version-checker.yaml b/kubernetes/argocd/applications/version-checker.yaml index 3384d453e..af85ee2d3 100644 --- a/kubernetes/argocd/applications/version-checker.yaml +++ b/kubernetes/argocd/applications/version-checker.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/version-checker/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/applications/zitadel.yaml b/kubernetes/argocd/applications/zitadel.yaml index 9cd37be4f..367ee8f63 100644 --- a/kubernetes/argocd/applications/zitadel.yaml +++ b/kubernetes/argocd/applications/zitadel.yaml @@ -15,7 +15,7 @@ spec: project: default source: path: kubernetes/zitadel/overlays/okd - repoURL: https://git./ArthurVardevanyan/HomeLab + repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD syncPolicy: syncOptions: diff --git a/kubernetes/argocd/base/argocd.yaml b/kubernetes/argocd/base/argocd.yaml index da5ba59dc..e9a89e2c2 100644 --- a/kubernetes/argocd/base/argocd.yaml +++ b/kubernetes/argocd/base/argocd.yaml @@ -13,7 +13,7 @@ spec: enabled: true server: replicas: 2 - host: argocd.apps.okd. + host: argocd.apps.okd.arthurvardevanyan.com autoscale: enabled: false grpc: @@ -106,7 +106,7 @@ spec: - name: AVP_K8S_ROLE value: argocd - name: VAULT_ADDR - value: https://vault. + value: https://vault.arthurvardevanyan.com volumeMounts: - name: custom-tools subPath: argocd-vault-plugin diff --git a/kubernetes/argocd/base/cmp-plugin.yaml b/kubernetes/argocd/base/cmp-plugin.yaml index 37e638b34..dc22c7d40 100644 --- a/kubernetes/argocd/base/cmp-plugin.yaml +++ b/kubernetes/argocd/base/cmp-plugin.yaml @@ -13,16 +13,6 @@ data: name: argocd-vault-plugin-kustomize spec: allowConcurrency: true - - # Note: this command is run _before_ anything is done, therefore the logic is to check - # if this looks like a Kustomize bundle - discover: - find: - command: - - find - - "." - - -name - - kustomization.yaml generate: command: - sh diff --git a/kubernetes/argocd/base/installplan-approver.yaml b/kubernetes/argocd/base/installplan-approver.yaml index 5f380e6fd..182b98b88 100644 --- a/kubernetes/argocd/base/installplan-approver.yaml +++ b/kubernetes/argocd/base/installplan-approver.yaml @@ -60,7 +60,7 @@ spec: containers: - name: installplan-approver imagePullPolicy: IfNotPresent - image: registry./homelab/toolbox:not_latest + image: registry.arthurvardevanyan.com/homelab/toolbox:not_latest env: - name: SUBSCRIPTION value: argocd-operator diff --git a/kubernetes/bitwarden/base/certificate.yaml b/kubernetes/bitwarden/base/certificate.yaml index ed61d3745..0863d3214 100644 --- a/kubernetes/bitwarden/base/certificate.yaml +++ b/kubernetes/bitwarden/base/certificate.yaml @@ -8,7 +8,7 @@ metadata: spec: secretName: bitwarden-cert dnsNames: - - "bitwarden." + - "bitwarden.arthurvardevanyan.com" issuerRef: kind: ClusterIssuer name: letsencrypt diff --git a/kubernetes/bitwarden/overlays/k3s/traefik.yaml b/kubernetes/bitwarden/overlays/k3s/traefik.yaml index ca8c337a6..2903d93c0 100644 --- a/kubernetes/bitwarden/overlays/k3s/traefik.yaml +++ b/kubernetes/bitwarden/overlays/k3s/traefik.yaml @@ -18,7 +18,7 @@ spec: - web - websecure routes: - - match: Host(`bitwarden.`) + - match: Host(`bitwarden.arthurvardevanyan.com`) kind: Rule services: - name: bitwarden @@ -27,4 +27,4 @@ spec: - name: https-redirect tls: domains: - - main: bitwarden. + - main: bitwarden.arthurvardevanyan.com diff --git a/kubernetes/bitwarden/overlays/okd/ingress.yaml b/kubernetes/bitwarden/overlays/okd/ingress.yaml index 70b107317..0d87647cd 100644 --- a/kubernetes/bitwarden/overlays/okd/ingress.yaml +++ b/kubernetes/bitwarden/overlays/okd/ingress.yaml @@ -9,10 +9,10 @@ spec: ingressClassName: openshift-default tls: - hosts: - - bitwarden. + - bitwarden.arthurvardevanyan.com secretName: bitwarden-cert rules: - - host: bitwarden. + - host: bitwarden.arthurvardevanyan.com http: paths: - path: / diff --git a/kubernetes/cert-manager/components/cloudflare/cluster-issuer.yaml b/kubernetes/cert-manager/components/cloudflare/cluster-issuer.yaml index b41167fb2..1b7301028 100644 --- a/kubernetes/cert-manager/components/cloudflare/cluster-issuer.yaml +++ b/kubernetes/cert-manager/components/cloudflare/cluster-issuer.yaml @@ -10,7 +10,7 @@ metadata: app.kubernetes.io/instance: certificate-manager spec: acme: - email: arthur@ + email: arthur@arthurvardevanyan.com server: https://acme-staging-v02.api.letsencrypt.org/directory privateKeySecretRef: name: issuer-letsencrypt-staging @@ -34,7 +34,7 @@ metadata: app.kubernetes.io/instance: certificate-manager spec: acme: - email: arthur@ + email: arthur@arthurvardevanyan.com server: https://acme-v02.api.letsencrypt.org/directory privateKeySecretRef: name: issuer-letsencrypt diff --git a/kubernetes/cert-manager/components/operator/installplan-approver.yaml b/kubernetes/cert-manager/components/operator/installplan-approver.yaml index e46451ea7..48b26a30d 100644 --- a/kubernetes/cert-manager/components/operator/installplan-approver.yaml +++ b/kubernetes/cert-manager/components/operator/installplan-approver.yaml @@ -60,7 +60,7 @@ spec: containers: - name: installplan-approver imagePullPolicy: IfNotPresent - image: registry./homelab/toolbox:not_latest + image: registry.arthurvardevanyan.com/homelab/toolbox:not_latest env: - name: SUBSCRIPTION value: cert-manager diff --git a/kubernetes/container-security/base/installplan-approver.yaml b/kubernetes/container-security/base/installplan-approver.yaml index 74fe2e363..af5147a0c 100644 --- a/kubernetes/container-security/base/installplan-approver.yaml +++ b/kubernetes/container-security/base/installplan-approver.yaml @@ -60,7 +60,7 @@ spec: containers: - name: installplan-approver imagePullPolicy: IfNotPresent - image: registry./homelab/toolbox:not_latest + image: registry.arthurvardevanyan.com/homelab/toolbox:not_latest env: - name: SUBSCRIPTION value: container-security-operator diff --git a/kubernetes/eclipse-che/base/installplan-approver.yaml b/kubernetes/eclipse-che/base/installplan-approver.yaml index 0e216c918..5af236f47 100644 --- a/kubernetes/eclipse-che/base/installplan-approver.yaml +++ b/kubernetes/eclipse-che/base/installplan-approver.yaml @@ -60,7 +60,7 @@ spec: containers: - name: installplan-approver imagePullPolicy: IfNotPresent - image: registry./homelab/toolbox:not_latest + image: registry.arthurvardevanyan.com/homelab/toolbox:not_latest env: - name: SUBSCRIPTION value: eclipse-che @@ -174,7 +174,7 @@ spec: containers: - name: installplan-approver imagePullPolicy: IfNotPresent - image: registry./homelab/toolbox:not_latest + image: registry.arthurvardevanyan.com/homelab/toolbox:not_latest env: - name: SUBSCRIPTION value: devworkspace-operator diff --git a/kubernetes/external-secrets-operator/base/kustomization.yaml b/kubernetes/external-secrets-operator/base/kustomization.yaml index 08badb3b4..43427fc57 100644 --- a/kubernetes/external-secrets-operator/base/kustomization.yaml +++ b/kubernetes/external-secrets-operator/base/kustomization.yaml @@ -7,3 +7,4 @@ resources: - ./operator-config.yaml - ./operator-group.yaml - ./subscription.yaml + - ./secret.yaml diff --git a/kubernetes/external-secrets-operator/base/secret.yaml b/kubernetes/external-secrets-operator/base/secret.yaml new file mode 100644 index 000000000..178c08da5 --- /dev/null +++ b/kubernetes/external-secrets-operator/base/secret.yaml @@ -0,0 +1,17 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ClusterSecretStore +metadata: + name: vault +spec: + provider: + vault: + server: "https://vault.arthurvardevanyan.com" + path: "secret" + version: "v2" + auth: + kubernetes: + mountPath: "kubernetes" + role: "argocd" + serviceAccountRef: + name: "argocd-repo-server" + namespace: "argocd" diff --git a/kubernetes/gitea/base/service-monitor.yaml b/kubernetes/gitea/base/service-monitor.yaml index ddde528db..1f2d11ddc 100644 --- a/kubernetes/gitea/base/service-monitor.yaml +++ b/kubernetes/gitea/base/service-monitor.yaml @@ -23,4 +23,4 @@ spec: scheme: https interval: 60s tlsConfig: - serverName: "git." + serverName: "git.arthurvardevanyan.com" diff --git a/kubernetes/grafana/base/dashboards/pfsense_lite.json b/kubernetes/grafana/base/dashboards/pfsense_lite.json index b78dfbaca..503fcb171 100644 --- a/kubernetes/grafana/base/dashboards/pfsense_lite.json +++ b/kubernetes/grafana/base/dashboards/pfsense_lite.json @@ -355,8 +355,8 @@ { "current": { "selected": true, - "text": "pfsense.", - "value": "pfsense." + "text": "pfsense.arthurvardevanyan.com", + "value": "pfsense.arthurvardevanyan.com" }, "datasource": { "type": "influxdb", diff --git a/kubernetes/grafana/base/secret.yaml b/kubernetes/grafana/base/secret.yaml index 6722d1307..5e404f746 100644 --- a/kubernetes/grafana/base/secret.yaml +++ b/kubernetes/grafana/base/secret.yaml @@ -12,4 +12,25 @@ stringData: GF_DATABASE_HOST: grafana-primary.postgres.svc GF_DATABASE_NAME: grafana GF_DATABASE_USER: grafana - GF_DATABASE_PASSWORD: + #GF_DATABASE_PASSWORD: +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: database + namespace: grafana + labels: + app.kubernetes.io/instance: grafana +spec: + refreshInterval: "1h" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: database + creationPolicy: "Merge" + data: + - secretKey: GF_DATABASE_PASSWORD + remoteRef: + key: homelab/postgres + property: grafana_password diff --git a/kubernetes/grafana/overlays/k3s/traefik.yaml b/kubernetes/grafana/overlays/k3s/traefik.yaml index c4f73f035..f2175ac19 100644 --- a/kubernetes/grafana/overlays/k3s/traefik.yaml +++ b/kubernetes/grafana/overlays/k3s/traefik.yaml @@ -10,7 +10,7 @@ spec: - web - websecure routes: - - match: Host(`grafana.k3s.`) + - match: Host(`grafana.k3s.arthurvardevanyan.com`) kind: Rule services: - name: grafana diff --git a/kubernetes/heimdall/overlays/k3s/traefik.yaml b/kubernetes/heimdall/overlays/k3s/traefik.yaml index 713f83e7d..2a57bed4a 100644 --- a/kubernetes/heimdall/overlays/k3s/traefik.yaml +++ b/kubernetes/heimdall/overlays/k3s/traefik.yaml @@ -21,7 +21,7 @@ spec: entryPoints: - web routes: - - match: Host(`heimdall.k3s.`) + - match: Host(`heimdall.k3s.arthurvardevanyan.com`) kind: Rule services: - name: heimdall @@ -40,7 +40,7 @@ spec: entryPoints: - websecure routes: - - match: "Host(`heimdall.k3s.`)" + - match: "Host(`heimdall.k3s.arthurvardevanyan.com`)" kind: Rule services: - name: heimdall @@ -48,4 +48,4 @@ spec: port: 443 tls: domains: - - main: heimdall.k3s. + - main: heimdall.k3s.arthurvardevanyan.com diff --git a/kubernetes/homeassistant/base/certificate.yaml b/kubernetes/homeassistant/base/certificate.yaml index 82683ac01..ba5f5e02d 100644 --- a/kubernetes/homeassistant/base/certificate.yaml +++ b/kubernetes/homeassistant/base/certificate.yaml @@ -8,7 +8,7 @@ metadata: spec: secretName: homeassistant-cert dnsNames: - - "home." + - "home.arthurvardevanyan.com" issuerRef: kind: ClusterIssuer name: letsencrypt diff --git a/kubernetes/homeassistant/overlays/k3s/traefik.yaml b/kubernetes/homeassistant/overlays/k3s/traefik.yaml index 8be72f4f1..a787c5df4 100644 --- a/kubernetes/homeassistant/overlays/k3s/traefik.yaml +++ b/kubernetes/homeassistant/overlays/k3s/traefik.yaml @@ -10,7 +10,7 @@ spec: - web - websecure routes: - - match: Host(`home.k3s.`) + - match: Host(`home.k3s.arthurvardevanyan.com`) kind: Rule services: - name: homeassistant diff --git a/kubernetes/imagepuller/base/installplan-approver.yaml b/kubernetes/imagepuller/base/installplan-approver.yaml index f511b45be..fdddc5a0f 100644 --- a/kubernetes/imagepuller/base/installplan-approver.yaml +++ b/kubernetes/imagepuller/base/installplan-approver.yaml @@ -60,7 +60,7 @@ spec: containers: - name: installplan-approver imagePullPolicy: IfNotPresent - image: registry./homelab/toolbox:not_latest + image: registry.arthurvardevanyan.com/homelab/toolbox:not_latest env: - name: SUBSCRIPTION value: kubernetes-imagepuller-operator diff --git a/kubernetes/influxdb/overlays/k3s/traefik.yaml b/kubernetes/influxdb/overlays/k3s/traefik.yaml index 06b7ba083..3c22c8c55 100644 --- a/kubernetes/influxdb/overlays/k3s/traefik.yaml +++ b/kubernetes/influxdb/overlays/k3s/traefik.yaml @@ -10,7 +10,7 @@ spec: - web - websecure routes: - - match: Host(`influxdb.k3s.`) + - match: Host(`influxdb.k3s.arthurvardevanyan.com`) kind: Rule services: - name: influxdb diff --git a/kubernetes/keep-alive/base/cronjob.yaml b/kubernetes/keep-alive/base/cronjob.yaml index 630237658..6111035a1 100644 --- a/kubernetes/keep-alive/base/cronjob.yaml +++ b/kubernetes/keep-alive/base/cronjob.yaml @@ -51,7 +51,7 @@ spec: containers: - name: keep-alive imagePullPolicy: IfNotPresent - image: registry./homelab/toolbox:not_latest + image: registry.arthurvardevanyan.com/homelab/toolbox:not_latest command: - /bin/bash - -c diff --git a/kubernetes/knative/base/installplan-approver.yaml b/kubernetes/knative/base/installplan-approver.yaml index 3998ee436..fb4708d3d 100644 --- a/kubernetes/knative/base/installplan-approver.yaml +++ b/kubernetes/knative/base/installplan-approver.yaml @@ -60,7 +60,7 @@ spec: containers: - name: installplan-approver imagePullPolicy: IfNotPresent - image: registry./homelab/toolbox:not_latest + image: registry.arthurvardevanyan.com/homelab/toolbox:not_latest env: - name: SUBSCRIPTION value: knative-operator diff --git a/kubernetes/kube-eagle/base/deployment.yaml b/kubernetes/kube-eagle/base/deployment.yaml index b2c2362b3..63c3c7867 100644 --- a/kubernetes/kube-eagle/base/deployment.yaml +++ b/kubernetes/kube-eagle/base/deployment.yaml @@ -28,7 +28,7 @@ spec: automountServiceAccountToken: true containers: - name: kube-eagle - image: registry./homelab/kube-eagle@sha256:b13b1e055e3f4eb91ee5adeb3a14b1f09c7e91c16aa87e56c6de4faab5a11645 + image: registry.arthurvardevanyan.com/homelab/kube-eagle@sha256:b13b1e055e3f4eb91ee5adeb3a14b1f09c7e91c16aa87e56c6de4faab5a11645 securityContext: # runAsGroup: 11199 # runAsUser: 11199 diff --git a/kubernetes/kubernetes-dashboard/overlays/k3s/traefik.yaml b/kubernetes/kubernetes-dashboard/overlays/k3s/traefik.yaml index db3583269..92ab7493b 100644 --- a/kubernetes/kubernetes-dashboard/overlays/k3s/traefik.yaml +++ b/kubernetes/kubernetes-dashboard/overlays/k3s/traefik.yaml @@ -10,7 +10,7 @@ spec: entryPoints: - web routes: - - match: "Host(`dashboard.k3s.`)" + - match: "Host(`dashboard.k3s.arthurvardevanyan.com`)" kind: Rule services: - name: kubernetes-dashboard @@ -31,7 +31,7 @@ spec: entryPoints: - websecure routes: - - match: "Host(`dashboard.k3s.`)" + - match: "Host(`dashboard.k3s.arthurvardevanyan.com`)" kind: Rule services: - name: kubernetes-dashboard @@ -39,7 +39,7 @@ spec: port: 443 tls: domains: - - main: dashboard.k3s. + - main: dashboard.k3s.arthurvardevanyan.com --- apiVersion: traefik.io/v1alpha1 kind: Middleware diff --git a/kubernetes/longhorn/base/backup-secret.yaml b/kubernetes/longhorn/base/backup-secret.yaml index c6b7171c4..a7a444f8d 100644 --- a/kubernetes/longhorn/base/backup-secret.yaml +++ b/kubernetes/longhorn/base/backup-secret.yaml @@ -7,6 +7,31 @@ metadata: app.kubernetes.io/instance: longhorn type: Opaque stringData: - AWS_ACCESS_KEY_ID: - AWS_SECRET_ACCESS_KEY: + # AWS_ACCESS_KEY_ID: + # AWS_SECRET_ACCESS_KEY: AWS_ENDPOINTS: http://10.0.0.3:9000 +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: truenas-secret + namespace: longhorn-system + labels: + app.kubernetes.io/instance: longhorn +spec: + refreshInterval: "1h" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: truenas-secret + creationPolicy: "Merge" + data: + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + key: homelab/minio + property: access_key + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + key: homelab/minio + property: access_key diff --git a/kubernetes/longhorn/overlays/k3s/traefik.yaml b/kubernetes/longhorn/overlays/k3s/traefik.yaml index b99165e4b..d5234a251 100644 --- a/kubernetes/longhorn/overlays/k3s/traefik.yaml +++ b/kubernetes/longhorn/overlays/k3s/traefik.yaml @@ -21,7 +21,7 @@ spec: entryPoints: - web routes: - - match: Host(`longhorn.k3s.`) + - match: Host(`longhorn.k3s.arthurvardevanyan.com`) kind: Rule services: - name: longhorn-frontend @@ -40,11 +40,11 @@ spec: entryPoints: - websecure routes: - - match: "Host(`longhorn.k3s.`)" + - match: "Host(`longhorn.k3s.arthurvardevanyan.com`)" kind: Rule services: - name: longhorn-frontend port: 80 tls: domains: - - main: longhorn.k3s. + - main: longhorn.k3s.arthurvardevanyan.com diff --git a/kubernetes/longhorn/overlays/okd/backup/backup-rsync.yaml b/kubernetes/longhorn/overlays/okd/backup/backup-rsync.yaml index bb4694368..4133a7bec 100644 --- a/kubernetes/longhorn/overlays/okd/backup/backup-rsync.yaml +++ b/kubernetes/longhorn/overlays/okd/backup/backup-rsync.yaml @@ -48,7 +48,7 @@ spec: type: RuntimeDefault containers: - name: longhorn-rsync - image: registry./homelab/toolbox:not_latest + image: registry.arthurvardevanyan.com/homelab/toolbox:not_latest command: - /bin/bash - -c diff --git a/kubernetes/mariadb-galera/base/mysqldump/cronjob.yaml b/kubernetes/mariadb-galera/base/mysqldump/cronjob.yaml index 722dabed1..5876bc153 100644 --- a/kubernetes/mariadb-galera/base/mysqldump/cronjob.yaml +++ b/kubernetes/mariadb-galera/base/mysqldump/cronjob.yaml @@ -40,7 +40,7 @@ spec: runAsUser: 65534 containers: - name: mysqldump-cron - image: registry./homelab/toolbox:not_latest + image: registry.arthurvardevanyan.com/homelab/toolbox:not_latest command: ["/bin/bash", "-c", "sh /mnt/mysqldump.sh"] resources: limits: diff --git a/kubernetes/mariadb-galera/base/mysqldump/rsync.yaml b/kubernetes/mariadb-galera/base/mysqldump/rsync.yaml index ba5b1c4a0..b3e4ccf01 100644 --- a/kubernetes/mariadb-galera/base/mysqldump/rsync.yaml +++ b/kubernetes/mariadb-galera/base/mysqldump/rsync.yaml @@ -37,7 +37,7 @@ spec: runAsUser: 65534 containers: - name: mysqldump-rsync - image: registry./homelab/toolbox:not_latest + image: registry.arthurvardevanyan.com/homelab/toolbox:not_latest command: [ "/bin/bash", diff --git a/kubernetes/mariadb-galera/base/secret.yaml b/kubernetes/mariadb-galera/base/secret.yaml index 5a05a786c..78ad0784d 100644 --- a/kubernetes/mariadb-galera/base/secret.yaml +++ b/kubernetes/mariadb-galera/base/secret.yaml @@ -1,13 +1,42 @@ -apiVersion: v1 -kind: Secret +# apiVersion: v1 +# kind: Secret +# metadata: +# name: mariadb-galera +# namespace: mariadb-galera +# labels: +# app.kubernetes.io/name: mariadb-galera +# app.kubernetes.io/instance: mariadb-galera +# type: Opaque +# stringData: +# mariadb-root-password: +# mariadb-password: +# mariadb-galera-mariabackup-password: +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret metadata: name: mariadb-galera namespace: mariadb-galera labels: - app.kubernetes.io/name: mariadb-galera app.kubernetes.io/instance: mariadb-galera - type: Opaque -stringData: - mariadb-root-password: - mariadb-password: - mariadb-galera-mariabackup-password: +spec: + refreshInterval: "1h" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: mariadb-galera + #creationPolicy: "Merge" + data: + - secretKey: mariadb-root-password + remoteRef: + key: homelab/mariadb-galera + property: mariadb-root-password + - secretKey: mariadb-password + remoteRef: + key: homelab/mariadb-galera + property: mariadb-root-password + - secretKey: mariadb-galera-mariabackup-password + remoteRef: + key: homelab/mariadb-galera + property: mariadb-galera-mariabackup-password diff --git a/kubernetes/minio-operator/base/installplan-approver.yaml b/kubernetes/minio-operator/base/installplan-approver.yaml index 784340e2b..af8f74446 100644 --- a/kubernetes/minio-operator/base/installplan-approver.yaml +++ b/kubernetes/minio-operator/base/installplan-approver.yaml @@ -60,7 +60,7 @@ spec: containers: - name: installplan-approver imagePullPolicy: IfNotPresent - image: registry./homelab/toolbox:not_latest + image: registry.arthurvardevanyan.com/homelab/toolbox:not_latest env: - name: SUBSCRIPTION value: minio-operator diff --git a/kubernetes/network-observability/base/installplan-approver.yaml b/kubernetes/network-observability/base/installplan-approver.yaml index 920f74a3c..9e91afae0 100644 --- a/kubernetes/network-observability/base/installplan-approver.yaml +++ b/kubernetes/network-observability/base/installplan-approver.yaml @@ -60,7 +60,7 @@ spec: containers: - name: installplan-approver imagePullPolicy: IfNotPresent - image: registry./homelab/toolbox:not_latest + image: registry.arthurvardevanyan.com/homelab/toolbox:not_latest env: - name: SUBSCRIPTION value: network-observability diff --git a/kubernetes/nextcloud/base/certificate.yaml b/kubernetes/nextcloud/base/certificate.yaml index 3b041ae62..17f108cbf 100644 --- a/kubernetes/nextcloud/base/certificate.yaml +++ b/kubernetes/nextcloud/base/certificate.yaml @@ -8,7 +8,7 @@ metadata: spec: secretName: nextcloud-cert dnsNames: - - "nextcloud." + - "nextcloud.arthurvardevanyan.com" issuerRef: kind: ClusterIssuer name: letsencrypt diff --git a/kubernetes/nextcloud/base/rsync-cronjob.yaml b/kubernetes/nextcloud/base/rsync-cronjob.yaml index a1ee5c28a..dbee04e59 100644 --- a/kubernetes/nextcloud/base/rsync-cronjob.yaml +++ b/kubernetes/nextcloud/base/rsync-cronjob.yaml @@ -48,7 +48,7 @@ spec: runAsUser: 33 containers: - name: nextcloud-rsync - image: registry./homelab/toolbox:not_latest + image: registry.arthurvardevanyan.com/homelab/toolbox:not_latest command: [ "/bin/bash", diff --git a/kubernetes/nextcloud/overlays/k3s/traefik.yaml b/kubernetes/nextcloud/overlays/k3s/traefik.yaml index 6145549d9..cae40a526 100644 --- a/kubernetes/nextcloud/overlays/k3s/traefik.yaml +++ b/kubernetes/nextcloud/overlays/k3s/traefik.yaml @@ -22,7 +22,7 @@ spec: - web - websecure routes: - - match: Host(`nextcloud.`) + - match: Host(`nextcloud.arthurvardevanyan.com`) kind: Rule services: - name: nextcloud @@ -31,4 +31,4 @@ spec: - name: https-redirect tls: domains: - - main: nextcloud. + - main: nextcloud.arthurvardevanyan.com diff --git a/kubernetes/photoprism/base/secret.yaml b/kubernetes/photoprism/base/secret.yaml index 71b17c4cf..f0088c16e 100644 --- a/kubernetes/photoprism/base/secret.yaml +++ b/kubernetes/photoprism/base/secret.yaml @@ -1,10 +1,35 @@ -apiVersion: v1 -kind: Secret +# apiVersion: v1 +# kind: Secret +# metadata: +# name: photoprism-secrets +# namespace: photoprism +# labels: +# app.kubernetes.io/instance: photoprism +# stringData: +# PHOTOPRISM_ADMIN_PASSWORD: +# PHOTOPRISM_DATABASE_DSN: +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret metadata: name: photoprism-secrets namespace: photoprism labels: app.kubernetes.io/instance: photoprism -stringData: - PHOTOPRISM_ADMIN_PASSWORD: - PHOTOPRISM_DATABASE_DSN: +spec: + refreshInterval: "1h" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: photoprism-secrets + #creationPolicy: "Merge" + data: + - secretKey: PHOTOPRISM_ADMIN_PASSWORD + remoteRef: + key: homelab/photoprism + property: admin_password + - secretKey: PHOTOPRISM_DATABASE_DSN + remoteRef: + key: homelab/photoprism + property: db_url diff --git a/kubernetes/photoprism/overlays/k3s/traefik.yaml b/kubernetes/photoprism/overlays/k3s/traefik.yaml index 7e8ece316..13e81d679 100644 --- a/kubernetes/photoprism/overlays/k3s/traefik.yaml +++ b/kubernetes/photoprism/overlays/k3s/traefik.yaml @@ -10,7 +10,7 @@ spec: - web - websecure routes: - - match: Host(`photoprism.k3s.`) + - match: Host(`photoprism.k3s.arthurvardevanyan.com`) kind: Rule services: - name: photoprism diff --git a/kubernetes/phpmyadmin/overlays/k3s/traefik.yaml b/kubernetes/phpmyadmin/overlays/k3s/traefik.yaml index 1c77b3a9e..5ff1e1cd3 100644 --- a/kubernetes/phpmyadmin/overlays/k3s/traefik.yaml +++ b/kubernetes/phpmyadmin/overlays/k3s/traefik.yaml @@ -10,7 +10,7 @@ spec: - web - websecure routes: - - match: Host(`phpmyadmin.k3s.`) + - match: Host(`phpmyadmin.k3s.arthurvardevanyan.com`) kind: Rule services: - name: phpmyadmin diff --git a/kubernetes/postgres/base/installplan-approver.yaml b/kubernetes/postgres/base/installplan-approver.yaml index 601bdfd2a..445565cef 100644 --- a/kubernetes/postgres/base/installplan-approver.yaml +++ b/kubernetes/postgres/base/installplan-approver.yaml @@ -60,7 +60,7 @@ spec: containers: - name: installplan-approver imagePullPolicy: IfNotPresent - image: registry./homelab/toolbox:not_latest + image: registry.arthurvardevanyan.com/homelab/toolbox:not_latest env: - name: SUBSCRIPTION value: postgresql diff --git a/kubernetes/prometheus/overlays/k3s/traefik.yaml b/kubernetes/prometheus/overlays/k3s/traefik.yaml index e5fb5a2e5..aaa08dee1 100644 --- a/kubernetes/prometheus/overlays/k3s/traefik.yaml +++ b/kubernetes/prometheus/overlays/k3s/traefik.yaml @@ -10,7 +10,7 @@ spec: - web - websecure routes: - - match: Host(`prometheus.k3s.`) + - match: Host(`prometheus.k3s.arthurvardevanyan.com`) kind: Rule services: - name: prometheus-service diff --git a/kubernetes/quay/base/config.yaml b/kubernetes/quay/base/config.yaml index 00c7e04b0..2aa8c346b 100644 --- a/kubernetes/quay/base/config.yaml +++ b/kubernetes/quay/base/config.yaml @@ -12,7 +12,7 @@ SUPER_USERS: - arthurvardevanyan TEAM_RESYNC_STALE_TIME: 60m TESTING: false -SERVER_HOSTNAME: registry. +SERVER_HOSTNAME: registry.arthurvardevanyan.com DB_URI: DB_CONNECTION_ARGS: sslmode: prefer @@ -51,7 +51,7 @@ ZITADEL_LOGIN_CONFIG: LOGIN_SCOPES: - profile - openid - OIDC_SERVER: https://zitadel.apps.okd./ + OIDC_SERVER: https://zitadel.apps.okd.arthurvardevanyan.com/ PREFERRED_USERNAME_CLAIM_NAME: preferred_username SERVICE_NAME: Zitadel VERIFIED_EMAIL_CLAIM_NAME: email diff --git a/kubernetes/quay/base/installplan-approver.yaml b/kubernetes/quay/base/installplan-approver.yaml index 608ab1184..f5fb619b8 100644 --- a/kubernetes/quay/base/installplan-approver.yaml +++ b/kubernetes/quay/base/installplan-approver.yaml @@ -60,7 +60,7 @@ spec: containers: - name: installplan-approver imagePullPolicy: IfNotPresent - image: registry./homelab/toolbox:not_latest + image: registry.arthurvardevanyan.com/homelab/toolbox:not_latest env: - name: SUBSCRIPTION value: project-quay diff --git a/kubernetes/smoke-tests/base/application.yaml b/kubernetes/smoke-tests/base/application.yaml index 954add81f..aabe29d26 100644 --- a/kubernetes/smoke-tests/base/application.yaml +++ b/kubernetes/smoke-tests/base/application.yaml @@ -15,3 +15,5 @@ spec: path: kubernetes/smoke-tests/overlays/okd repoURL: https://git.arthurvardevanyan.com/ArthurVardevanyan/HomeLab targetRevision: HEAD + plugin: + name: argocd-vault-plugin-kustomize diff --git a/kubernetes/stackrox-central/base/certificate.yaml b/kubernetes/stackrox-central/base/certificate.yaml index 5efe94e86..94e1075af 100644 --- a/kubernetes/stackrox-central/base/certificate.yaml +++ b/kubernetes/stackrox-central/base/certificate.yaml @@ -8,7 +8,7 @@ metadata: spec: secretName: central-default-tls-cert dnsNames: - - "central-stackrox.apps.okd." + - "central-stackrox.apps.okd.arthurvardevanyan.com" issuerRef: kind: ClusterIssuer name: letsencrypt diff --git a/kubernetes/stackrox-secure/overlays/k3s/cluster-name.yaml b/kubernetes/stackrox-secure/overlays/k3s/cluster-name.yaml index c8a55e71c..c09c00cd9 100644 --- a/kubernetes/stackrox-secure/overlays/k3s/cluster-name.yaml +++ b/kubernetes/stackrox-secure/overlays/k3s/cluster-name.yaml @@ -26,7 +26,7 @@ stringData: type: KUBERNETES_CLUSTER mainImage: quay.io/stackrox-io/main collectorImage: quay.io/stackrox-io/collector-slim - centralApiEndpoint: central-stackrox.apps.okd.:443 + centralApiEndpoint: central-stackrox.apps.okd.arthurvardevanyan.com:443 collectionMethod: CORE_BPF admissionController: false admissionControllerUpdates: false diff --git a/kubernetes/stackrox-secure/overlays/k3s/kustomization.yaml b/kubernetes/stackrox-secure/overlays/k3s/kustomization.yaml index 2e87828ea..df0910fb7 100644 --- a/kubernetes/stackrox-secure/overlays/k3s/kustomization.yaml +++ b/kubernetes/stackrox-secure/overlays/k3s/kustomization.yaml @@ -11,7 +11,7 @@ patches: patch: |- - op: replace path: /spec/template/spec/containers/0/env/5 - value: { "name": "ROX_CENTRAL_ENDPOINT", "value": "central-stackrox.apps.okd.:443" } + value: { "name": "ROX_CENTRAL_ENDPOINT", "value": "central-stackrox.apps.okd.arthurvardevanyan.com:443" } - op: replace path: /spec/template/spec/containers/0/env/8 value: { "name": "ROX_HELM_CLUSTER_CONFIG_FP", "value": "" } diff --git a/kubernetes/stackrox-secure/overlays/sandbox/cluster-name.yaml b/kubernetes/stackrox-secure/overlays/sandbox/cluster-name.yaml index 4d37bead1..45e580322 100644 --- a/kubernetes/stackrox-secure/overlays/sandbox/cluster-name.yaml +++ b/kubernetes/stackrox-secure/overlays/sandbox/cluster-name.yaml @@ -28,7 +28,7 @@ stringData: type: OPENSHIFT4_CLUSTER mainImage: quay.io/stackrox-io/main collectorImage: quay.io/stackrox-io/collector-slim - centralApiEndpoint: central-stackrox.apps.okd.:443 + centralApiEndpoint: central-stackrox.apps.okd.arthurvardevanyan.com:443 collectionMethod: CORE_BPF admissionController: false admissionControllerUpdates: false diff --git a/kubernetes/stackrox-secure/overlays/sandbox/kustomization.yaml b/kubernetes/stackrox-secure/overlays/sandbox/kustomization.yaml index 3822baf37..a39f274ea 100644 --- a/kubernetes/stackrox-secure/overlays/sandbox/kustomization.yaml +++ b/kubernetes/stackrox-secure/overlays/sandbox/kustomization.yaml @@ -12,7 +12,7 @@ patches: patch: |- - op: replace path: /spec/template/spec/containers/0/env/5 - value: { "name": "ROX_CENTRAL_ENDPOINT", "value": "central-stackrox.apps.okd.:443" } + value: { "name": "ROX_CENTRAL_ENDPOINT", "value": "central-stackrox.apps.okd.arthurvardevanyan.com:443" } - op: replace path: /spec/template/spec/containers/0/env/8 value: { "name": "ROX_HELM_CLUSTER_CONFIG_FP", "value": "" } diff --git a/kubernetes/traefik/overlays/k3s/dashboard.yaml b/kubernetes/traefik/overlays/k3s/dashboard.yaml index d35067d1e..245592ba9 100644 --- a/kubernetes/traefik/overlays/k3s/dashboard.yaml +++ b/kubernetes/traefik/overlays/k3s/dashboard.yaml @@ -21,7 +21,7 @@ spec: entryPoints: - web routes: - - match: Host(`traefik.k3s.`) + - match: Host(`traefik.k3s.arthurvardevanyan.com`) kind: Rule services: - name: traefik-frontend @@ -40,11 +40,11 @@ spec: entryPoints: - websecure routes: - - match: "Host(`traefik.k3s.`)" + - match: "Host(`traefik.k3s.arthurvardevanyan.com`)" kind: Rule services: - name: traefik-dashboard port: 9000 tls: domains: - - main: traefik.k3s. + - main: traefik.k3s.arthurvardevanyan.com diff --git a/kubernetes/traefik/overlays/k3s/wildcard-certificate.yaml b/kubernetes/traefik/overlays/k3s/wildcard-certificate.yaml index 6cbc72d4e..dc96942c2 100644 --- a/kubernetes/traefik/overlays/k3s/wildcard-certificate.yaml +++ b/kubernetes/traefik/overlays/k3s/wildcard-certificate.yaml @@ -8,8 +8,8 @@ metadata: spec: secretName: wildcard-secret dnsNames: - - "*." - - "*.k3s." + - "*.arthurvardevanyan.com" + - "*.k3s.arthurvardevanyan.com" issuerRef: kind: ClusterIssuer name: letsencrypt diff --git a/kubernetes/uptime-kuma/overlays/k3s/traefik.yaml b/kubernetes/uptime-kuma/overlays/k3s/traefik.yaml index e7e6ba062..8ae97c2d8 100644 --- a/kubernetes/uptime-kuma/overlays/k3s/traefik.yaml +++ b/kubernetes/uptime-kuma/overlays/k3s/traefik.yaml @@ -10,7 +10,7 @@ spec: - web - websecure routes: - - match: Host(`uptime.`) + - match: Host(`uptime.arthurvardevanyan.com`) kind: Rule services: - name: uptime-kuma-service diff --git a/kubernetes/vault/base/certificate.yaml b/kubernetes/vault/base/certificate.yaml index ce7f713b0..0f798e57c 100644 --- a/kubernetes/vault/base/certificate.yaml +++ b/kubernetes/vault/base/certificate.yaml @@ -8,7 +8,7 @@ metadata: spec: secretName: vault-cert dnsNames: - - "vault." + - "vault.arthurvardevanyan.com" issuerRef: kind: ClusterIssuer name: letsencrypt diff --git a/kubernetes/vault/overlays/k3s/kustomization.yaml b/kubernetes/vault/overlays/k3s/kustomization.yaml index 50bd0c616..d88ad15aa 100644 --- a/kubernetes/vault/overlays/k3s/kustomization.yaml +++ b/kubernetes/vault/overlays/k3s/kustomization.yaml @@ -18,7 +18,7 @@ patches: patch: |- - op: add path: /spec/dnsNames - value: [vault.k3s.] + value: [vault.k3s.arthurvardevanyan.com] - target: kind: Volume name: vault diff --git a/kubernetes/vault/overlays/k3s/traefik.yaml b/kubernetes/vault/overlays/k3s/traefik.yaml index 5c690c23a..511522336 100644 --- a/kubernetes/vault/overlays/k3s/traefik.yaml +++ b/kubernetes/vault/overlays/k3s/traefik.yaml @@ -21,14 +21,14 @@ spec: entryPoints: - websecure routes: - - match: HostSNI(`vault.k3s.`) + - match: HostSNI(`vault.k3s.arthurvardevanyan.com`) services: - name: vault port: 443 tls: passthrough: true domains: - - main: vault.k3s. + - main: vault.k3s.arthurvardevanyan.com --- apiVersion: traefik.io/v1alpha1 kind: IngressRoute @@ -41,7 +41,7 @@ spec: entryPoints: - web routes: - - match: Host(`vault.k3s.`) + - match: Host(`vault.k3s.arthurvardevanyan.com`) kind: Rule services: - name: vault diff --git a/kubernetes/zitadel/README.md b/kubernetes/zitadel/README.md index f48a848f8..bbf08428a 100644 --- a/kubernetes/zitadel/README.md +++ b/kubernetes/zitadel/README.md @@ -4,7 +4,7 @@ helm template zitadel zitadel/zitadel \ --set zitadel.masterkey="" \ --set zitadel.configmapConfig.ExternalSecure=true \ - --set zitadel.configmapConfig.ExternalDomain="zitadel.apps.okd." \ + --set zitadel.configmapConfig.ExternalDomain="zitadel.apps.okd.arthurvardevanyan.com" \ --set zitadel.configmapConfig.ExternalPort="443" \ --set zitadel.configmapConfig.TLS.Enabled=false \ --set zitadel.configmapConfig.Database.cockroach.User.SSL.Mode="verify-full" \ @@ -42,14 +42,14 @@ kubectl kustomize kubernetes/zitadel/overlays/okd | argocd-vault-plugin generate Initial User ```bash -zitadel-admin@zitadel.zitadel.apps.okd. +zitadel-admin@zitadel.zitadel.apps.okd.arthurvardevanyan.com ``` Call Back URLs ```bash -https://oauth-openshift.apps.okd./oauth2callback/zitadel -https://oauth-openshift.apps.okd.sandbox./oauth2callback/zitadel +https://oauth-openshift.apps.okd.arthurvardevanyan.com/oauth2callback/zitadel +https://oauth-openshift.apps.okd.sandbox.arthurvardevanyan.com/oauth2callback/zitadel ``` TODO: PassThrough Termination diff --git a/kubernetes/zitadel/base/configmap.yaml b/kubernetes/zitadel/base/configmap.yaml index db4716a76..27b66899b 100644 --- a/kubernetes/zitadel/base/configmap.yaml +++ b/kubernetes/zitadel/base/configmap.yaml @@ -21,7 +21,7 @@ data: User: SSL: Mode: verify-full - ExternalDomain: zitadel.apps.okd. + ExternalDomain: zitadel.apps.okd.arthurvardevanyan.com ExternalPort: 443 ExternalSecure: true FirstInstance: diff --git a/kubernetes/zitadel/base/deployment.yaml b/kubernetes/zitadel/base/deployment.yaml index 1a5fae9e2..caff3e776 100644 --- a/kubernetes/zitadel/base/deployment.yaml +++ b/kubernetes/zitadel/base/deployment.yaml @@ -102,7 +102,7 @@ spec: port: http2-server httpHeaders: - name: Host - value: zitadel.apps.okd. + value: zitadel.apps.okd.arthurvardevanyan.com initialDelaySeconds: 0 periodSeconds: 5 failureThreshold: 3 @@ -112,7 +112,7 @@ spec: port: http2-server httpHeaders: - name: Host - value: zitadel.apps.okd. + value: zitadel.apps.okd.arthurvardevanyan.com initialDelaySeconds: 0 periodSeconds: 5 failureThreshold: 3 @@ -122,7 +122,7 @@ spec: port: http2-server httpHeaders: - name: Host - value: zitadel.apps.okd. + value: zitadel.apps.okd.arthurvardevanyan.com periodSeconds: 1 failureThreshold: 30 volumeMounts: diff --git a/kubernetes/zitadel/base/secret.yaml b/kubernetes/zitadel/base/secret.yaml index faa20dfe6..fe89fedc0 100644 --- a/kubernetes/zitadel/base/secret.yaml +++ b/kubernetes/zitadel/base/secret.yaml @@ -14,24 +14,62 @@ metadata: stringData: masterkey: --- -# Source: zitadel/templates/secret_zitadel-secrets.yaml -apiVersion: v1 -kind: Secret -type: Opaque +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret metadata: - name: zitadel-secrets-yaml + name: zitadel-masterkey namespace: zitadel - labels: - helm.sh/chart: zitadel-6.2.0 - app.kubernetes.io/name: zitadel - app.kubernetes.io/instance: zitadel - app.kubernetes.io/version: "v2.43.5" - app.kubernetes.io/managed-by: Helm -stringData: - zitadel-secrets-yaml: |- +spec: + refreshInterval: "1h" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: zitadel-masterkey + #creationPolicy: "Merge" + data: + - secretKey: masterkey + remoteRef: + key: homelab/zitadel/config + property: masterkey +#--- +# # Source: zitadel/templates/secret_zitadel-secrets.yaml +# apiVersion: v1 +# kind: Secret +# type: Opaque +# metadata: +# name: zitadel-secrets-yaml +# namespace: zitadel +# labels: +# helm.sh/chart: zitadel-6.2.0 +# app.kubernetes.io/name: zitadel +# app.kubernetes.io/instance: zitadel +# app.kubernetes.io/version: "v2.43.5" +# app.kubernetes.io/managed-by: Helm +# stringData: +# zitadel-secrets-yaml: |- - Database: - cockroach: - Host: crdb-public - User: - Password: +# Database: +# cockroach: +# Host: crdb-public +# User: +# Password: +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: zitadel-secrets-yaml + namespace: zitadel +spec: + refreshInterval: "1h" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: zitadel-secrets-yaml + #creationPolicy: "Merge" + data: + - secretKey: zitadel-secrets-yaml + remoteRef: + key: homelab/zitadel/config + property: db-password-yaml diff --git a/okd/okd-configuration/base/auth/oauth.yaml b/okd/okd-configuration/base/auth/oauth.yaml index 47961d0e2..f71536c45 100644 --- a/okd/okd-configuration/base/auth/oauth.yaml +++ b/okd/okd-configuration/base/auth/oauth.yaml @@ -27,5 +27,5 @@ spec: extraScopes: - profile issuer: >- - https://zitadel.apps.okd. + https://zitadel.apps.okd.arthurvardevanyan.com type: OpenID diff --git a/okd/okd-configuration/base/certificates/api-certificate.yaml b/okd/okd-configuration/base/certificates/api-certificate.yaml index e3e187bba..bce79fbbf 100644 --- a/okd/okd-configuration/base/certificates/api-certificate.yaml +++ b/okd/okd-configuration/base/certificates/api-certificate.yaml @@ -7,7 +7,7 @@ metadata: app.kubernetes.io/instance: okd-configuration spec: dnsNames: - - api.okd. + - api.okd.arthurvardevanyan.com issuerRef: kind: ClusterIssuer name: letsencrypt diff --git a/okd/okd-configuration/base/certificates/api-server.yaml b/okd/okd-configuration/base/certificates/api-server.yaml index 597c5a24a..23db130ae 100644 --- a/okd/okd-configuration/base/certificates/api-server.yaml +++ b/okd/okd-configuration/base/certificates/api-server.yaml @@ -16,6 +16,6 @@ spec: servingCerts: namedCertificates: - names: - - api.okd. + - api.okd.arthurvardevanyan.com servingCertificate: name: api-certificate diff --git a/okd/okd-configuration/base/certificates/ingress-certificate.yaml b/okd/okd-configuration/base/certificates/ingress-certificate.yaml index e56324ea7..39adfa760 100644 --- a/okd/okd-configuration/base/certificates/ingress-certificate.yaml +++ b/okd/okd-configuration/base/certificates/ingress-certificate.yaml @@ -7,8 +7,8 @@ metadata: app.kubernetes.io/instance: okd-configuration spec: dnsNames: - - "*.apps.okd." - - "*." + - "*.apps.okd.arthurvardevanyan.com" + - "*.arthurvardevanyan.com" issuerRef: kind: ClusterIssuer name: letsencrypt diff --git a/okd/okd-configuration/overlays/okd/ingress-controller.yaml b/okd/okd-configuration/overlays/okd/ingress-controller.yaml index 6756c0676..3668577ec 100644 --- a/okd/okd-configuration/overlays/okd/ingress-controller.yaml +++ b/okd/okd-configuration/overlays/okd/ingress-controller.yaml @@ -9,6 +9,10 @@ metadata: app.kubernetes.io/instance: okd-configuration spec: replicas: 2 + logging: + access: + destination: + type: Container defaultCertificate: name: ingress-certificate # Kube Vip diff --git a/okd/okd-configuration/overlays/sandbox/ingress-controller.yaml b/okd/okd-configuration/overlays/sandbox/ingress-controller.yaml index 22406d7b9..0724629a9 100644 --- a/okd/okd-configuration/overlays/sandbox/ingress-controller.yaml +++ b/okd/okd-configuration/overlays/sandbox/ingress-controller.yaml @@ -8,6 +8,10 @@ metadata: labels: app.kubernetes.io/instance: okd-configuration spec: + logging: + access: + destination: + type: Container endpointPublishingStrategy: hostNetwork: protocol: PROXY diff --git a/okd/okd-configuration/overlays/sandbox/kustomization.yaml b/okd/okd-configuration/overlays/sandbox/kustomization.yaml index e8986fff8..368e50f57 100644 --- a/okd/okd-configuration/overlays/sandbox/kustomization.yaml +++ b/okd/okd-configuration/overlays/sandbox/kustomization.yaml @@ -11,24 +11,24 @@ patches: - op: replace path: /spec/servingCerts/namedCertificates/0/names value: - - api.okd.sandbox. + - api.okd.sandbox.arthurvardevanyan.com - target: kind: Certificate name: api-certificate patch: |- - op: replace path: /spec/dnsNames/0 - value: api.okd.sandbox. + value: api.okd.sandbox.arthurvardevanyan.com - target: kind: Certificate name: ingress-certificate patch: |- - op: replace path: /spec/dnsNames/0 - value: "*.apps.okd.sandbox." + value: "*.apps.okd.sandbox.arthurvardevanyan.com" - op: replace path: /spec/dnsNames/1 - value: "*.sandbox." + value: "*.sandbox.arthurvardevanyan.com" - target: kind: MachineConfig name: 71-mount-storage-worker diff --git a/okd/openshift-monitoring/base/openshift-monitoring-cr-controller/deployment.yaml b/okd/openshift-monitoring/base/openshift-monitoring-cr-controller/deployment.yaml index 0dea6e055..53aa067a7 100644 --- a/okd/openshift-monitoring/base/openshift-monitoring-cr-controller/deployment.yaml +++ b/okd/openshift-monitoring/base/openshift-monitoring-cr-controller/deployment.yaml @@ -33,7 +33,7 @@ spec: containers: - args: - --leader-elect - image: registry./homelab/openshift-monitoring-cr-controller@sha256:8cb69665f2f1531ce2c1d98a2979e55557ab683a9f4531b2c3347a96e1a1b193 + image: registry.arthurvardevanyan.com/homelab/openshift-monitoring-cr-controller@sha256:8cb69665f2f1531ce2c1d98a2979e55557ab683a9f4531b2c3347a96e1a1b193 livenessProbe: httpGet: path: /healthz diff --git a/tekton/base/certificate.yaml b/tekton/base/certificate.yaml index 4d70d683c..2d8269c1a 100644 --- a/tekton/base/certificate.yaml +++ b/tekton/base/certificate.yaml @@ -8,10 +8,10 @@ metadata: spec: secretName: cockpit-cert dnsNames: - - "kvm-1." - - "kvm-2." - - "kvm-3." - - "k3s-server." + - "kvm-1.arthurvardevanyan.com" + - "kvm-2.arthurvardevanyan.com" + - "kvm-3.arthurvardevanyan.com" + - "k3s-server.arthurvardevanyan.com" issuerRef: kind: ClusterIssuer name: letsencrypt diff --git a/tekton/base/toolbox.yaml b/tekton/base/toolbox.yaml index 7d49eb31c..83f54eb87 100644 --- a/tekton/base/toolbox.yaml +++ b/tekton/base/toolbox.yaml @@ -10,7 +10,7 @@ metadata: argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true spec: steps: - - image: registry./homelab/toolbox:not_latest + - image: registry.arthurvardevanyan.com/homelab/toolbox:not_latest command: - /bin/bash - "-c"