diff --git a/clusters/cl01tl/manifests/argocd/ClusterRole-argocd-notifications-controller.yaml b/clusters/cl01tl/manifests/argocd/ClusterRole-argocd-notifications-controller.yaml index 5e075a841..94036a9a4 100644 --- a/clusters/cl01tl/manifests/argocd/ClusterRole-argocd-notifications-controller.yaml +++ b/clusters/cl01tl/manifests/argocd/ClusterRole-argocd-notifications-controller.yaml @@ -41,7 +41,7 @@ rules: - apiGroups: - "" resourceNames: - - argocd-notifications-secret + - argocd-notifications-ntfy resources: - secrets verbs: diff --git a/clusters/cl01tl/manifests/argocd/ConfigMap-argocd-cm.yaml b/clusters/cl01tl/manifests/argocd/ConfigMap-argocd-cm.yaml index c02f24507..07482f726 100644 --- a/clusters/cl01tl/manifests/argocd/ConfigMap-argocd-cm.yaml +++ b/clusters/cl01tl/manifests/argocd/ConfigMap-argocd-cm.yaml @@ -20,8 +20,8 @@ data: connectors: - config: issuer: https://authentik.alexlebens.net/application/o/argocd/ - clientID: $argocd-oidc-secret:client - clientSecret: $argocd-oidc-secret:secret + clientID: $argocd-oidc-authentik:client + clientSecret: $argocd-oidc-authentik:secret insecureEnableGroups: true scopes: - openid diff --git a/clusters/cl01tl/manifests/argocd/Deployment-argocd-dex-server.yaml b/clusters/cl01tl/manifests/argocd/Deployment-argocd-dex-server.yaml index 54d08e6f4..ce30e6d7d 100644 --- a/clusters/cl01tl/manifests/argocd/Deployment-argocd-dex-server.yaml +++ b/clusters/cl01tl/manifests/argocd/Deployment-argocd-dex-server.yaml @@ -22,7 +22,7 @@ spec: metadata: annotations: checksum/cmd-params: 28bda454bf23a1640b602544df6cb8c4bf480761dceb9a9dbb352a0a570f56cf - checksum/cm: e8ec80c49fe04086a874935f714e529f8fea42e2cc30f811c41c4bf6946cbe15 + checksum/cm: 6373746e5f0032d699666641a31e84a7cdc215b4f7e17f0f675058f66cc2f5ae labels: helm.sh/chart: argo-cd-9.5.2 app.kubernetes.io/name: argocd-dex-server diff --git a/clusters/cl01tl/manifests/argocd/Deployment-argocd-notifications-controller.yaml b/clusters/cl01tl/manifests/argocd/Deployment-argocd-notifications-controller.yaml index ddaa89451..9f96ca9ae 100644 --- a/clusters/cl01tl/manifests/argocd/Deployment-argocd-notifications-controller.yaml +++ b/clusters/cl01tl/manifests/argocd/Deployment-argocd-notifications-controller.yaml @@ -45,7 +45,7 @@ spec: - --metrics-port=9001 - --namespace=argocd - --argocd-repo-server=argocd-repo-server:8081 - - --secret-name=argocd-notifications-secret + - --secret-name=argocd-notifications-ntfy env: - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL valueFrom: diff --git a/clusters/cl01tl/manifests/argocd/Deployment-argocd-repo-server.yaml b/clusters/cl01tl/manifests/argocd/Deployment-argocd-repo-server.yaml index 6cce7060d..9b533476c 100644 --- a/clusters/cl01tl/manifests/argocd/Deployment-argocd-repo-server.yaml +++ b/clusters/cl01tl/manifests/argocd/Deployment-argocd-repo-server.yaml @@ -22,7 +22,7 @@ spec: metadata: annotations: checksum/cmd-params: 28bda454bf23a1640b602544df6cb8c4bf480761dceb9a9dbb352a0a570f56cf - checksum/cm: e8ec80c49fe04086a874935f714e529f8fea42e2cc30f811c41c4bf6946cbe15 + checksum/cm: 6373746e5f0032d699666641a31e84a7cdc215b4f7e17f0f675058f66cc2f5ae labels: helm.sh/chart: argo-cd-9.5.2 app.kubernetes.io/name: argocd-repo-server diff --git a/clusters/cl01tl/manifests/argocd/Deployment-argocd-server.yaml b/clusters/cl01tl/manifests/argocd/Deployment-argocd-server.yaml index 24d1945d8..c367e72ee 100644 --- a/clusters/cl01tl/manifests/argocd/Deployment-argocd-server.yaml +++ b/clusters/cl01tl/manifests/argocd/Deployment-argocd-server.yaml @@ -22,7 +22,7 @@ spec: metadata: annotations: checksum/cmd-params: 28bda454bf23a1640b602544df6cb8c4bf480761dceb9a9dbb352a0a570f56cf - checksum/cm: e8ec80c49fe04086a874935f714e529f8fea42e2cc30f811c41c4bf6946cbe15 + checksum/cm: 6373746e5f0032d699666641a31e84a7cdc215b4f7e17f0f675058f66cc2f5ae labels: helm.sh/chart: argo-cd-9.5.2 app.kubernetes.io/name: argocd-server diff --git a/clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-gitea-repo-infrastructure-secret.yaml b/clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-gitea-repo-infrastructure-secret.yaml deleted file mode 100644 index 732fc9e4f..000000000 --- a/clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-gitea-repo-infrastructure-secret.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: argocd-gitea-repo-infrastructure-secret - namespace: argocd - labels: - app.kubernetes.io/name: argocd-gitea-repo-infrastructure-secret - app.kubernetes.io/instance: argocd - app.kubernetes.io/part-of: argocd -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: type - remoteRef: - key: /cl01tl/argocd/credentials/repo/infrastructure - property: type - - secretKey: url - remoteRef: - key: /cl01tl/argocd/credentials/repo/infrastructure - property: url - - secretKey: sshPrivateKey - remoteRef: - key: /cl01tl/argocd/credentials/repo/infrastructure - property: sshPrivateKey diff --git a/clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-notifications-secret.yaml b/clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-notifications-ntfy.yaml similarity index 65% rename from clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-notifications-secret.yaml rename to clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-notifications-ntfy.yaml index b6fea328b..1509b81f8 100644 --- a/clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-notifications-secret.yaml +++ b/clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-notifications-ntfy.yaml @@ -1,18 +1,18 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: argocd-notifications-secret + name: argocd-notifications-ntfy namespace: argocd labels: - app.kubernetes.io/name: argocd-notifications-secret + app.kubernetes.io/name: argocd/templates/external-secret.yaml app.kubernetes.io/instance: argocd app.kubernetes.io/part-of: argocd spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: ntfy-token remoteRef: - key: /ntfy/user/cl01tl + key: /cl01tl/ntfy/users/cl01tl property: token diff --git a/clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-oidc-secret.yaml b/clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-oidc-authentik.yaml similarity index 64% rename from clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-oidc-secret.yaml rename to clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-oidc-authentik.yaml index abde54eae..28be2ae9b 100644 --- a/clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-oidc-secret.yaml +++ b/clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-oidc-authentik.yaml @@ -1,22 +1,22 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: argocd-oidc-secret + name: argocd-oidc-authentik namespace: argocd labels: - app.kubernetes.io/name: argocd-oidc-secret + app.kubernetes.io/name: argocd/templates/external-secret.yaml app.kubernetes.io/instance: argocd app.kubernetes.io/part-of: argocd spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: secret remoteRef: - key: /authentik/oidc/argocd + key: /cl01tl/authentik/oidc/argocd property: secret - secretKey: client remoteRef: - key: /authentik/oidc/argocd + key: /cl01tk/authentik/oidc/argocd property: client diff --git a/clusters/cl01tl/manifests/argocd/Role-argocd-notifications-controller.yaml b/clusters/cl01tl/manifests/argocd/Role-argocd-notifications-controller.yaml index efb7d7862..4d4eface6 100644 --- a/clusters/cl01tl/manifests/argocd/Role-argocd-notifications-controller.yaml +++ b/clusters/cl01tl/manifests/argocd/Role-argocd-notifications-controller.yaml @@ -42,7 +42,7 @@ rules: - apiGroups: - "" resourceNames: - - argocd-notifications-secret + - argocd-notifications-ntfy resources: - secrets verbs: diff --git a/clusters/cl01tl/manifests/argocd/StatefulSet-argocd-application-controller.yaml b/clusters/cl01tl/manifests/argocd/StatefulSet-argocd-application-controller.yaml index 37166f17f..133664b10 100644 --- a/clusters/cl01tl/manifests/argocd/StatefulSet-argocd-application-controller.yaml +++ b/clusters/cl01tl/manifests/argocd/StatefulSet-argocd-application-controller.yaml @@ -23,7 +23,7 @@ spec: metadata: annotations: checksum/cmd-params: 28bda454bf23a1640b602544df6cb8c4bf480761dceb9a9dbb352a0a570f56cf - checksum/cm: e8ec80c49fe04086a874935f714e529f8fea42e2cc30f811c41c4bf6946cbe15 + checksum/cm: 6373746e5f0032d699666641a31e84a7cdc215b4f7e17f0f675058f66cc2f5ae labels: helm.sh/chart: argo-cd-9.5.2 app.kubernetes.io/name: argocd-application-controller diff --git a/clusters/cl01tl/manifests/audiobookshelf/Deployment-audiobookshelf.yaml b/clusters/cl01tl/manifests/audiobookshelf/Deployment-audiobookshelf.yaml index cc9bd19d3..97d74da23 100644 --- a/clusters/cl01tl/manifests/audiobookshelf/Deployment-audiobookshelf.yaml +++ b/clusters/cl01tl/manifests/audiobookshelf/Deployment-audiobookshelf.yaml @@ -54,7 +54,7 @@ spec: valueFrom: secretKeyRef: key: ntfy-url - name: audiobookshelf-apprise-config + name: audiobookshelf-config-apprise image: ghcr.io/caronc/apprise:v1.3.3@sha256:4bfeac268ba87b8e08e308c9aa0182fe99e9501ec464027afc333d1634e65977 name: apprise-api - env: diff --git a/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-apprise-config.yaml b/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-apprise-config.yaml deleted file mode 100644 index cbfae4d70..000000000 --- a/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-apprise-config.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: audiobookshelf-apprise-config - namespace: audiobookshelf - labels: - app.kubernetes.io/name: audiobookshelf-apprise-config - app.kubernetes.io/instance: audiobookshelf - app.kubernetes.io/part-of: audiobookshelf -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ntfy-url - remoteRef: - key: /cl01tl/audiobookshelf/apprise - property: ntfy-url diff --git a/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-config-apprise.yaml b/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-config-apprise.yaml new file mode 100644 index 000000000..dde784d74 --- /dev/null +++ b/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-config-apprise.yaml @@ -0,0 +1,24 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: audiobookshelf-config-apprise + namespace: audiobookshelf + labels: + app.kubernetes.io/name: audiobookshelf/templates/external-secret.yaml + app.kubernetes.io/instance: audiobookshelf + app.kubernetes.io/part-of: audiobookshelf +spec: + secretStoreRef: + kind: ClusterSecretStore + name: openbao + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + ntfy-url: "{{ .internal-endpoint-credential }}/audiobookshelf" + data: + - secretKey: internal-endpoint-credential + remoteRef: + key: /cl01tl/ntfy/users/cl01tl + property: internal-endpoint-credential diff --git a/clusters/cl01tl/manifests/audiobookshelf/PersistentVolume-audiobookshelf-audiobooks-nfs-storage.yaml b/clusters/cl01tl/manifests/audiobookshelf/PersistentVolume-audiobookshelf-audiobooks-nfs-storage.yaml index 1558ec6b0..25fa8438b 100644 --- a/clusters/cl01tl/manifests/audiobookshelf/PersistentVolume-audiobookshelf-audiobooks-nfs-storage.yaml +++ b/clusters/cl01tl/manifests/audiobookshelf/PersistentVolume-audiobookshelf-audiobooks-nfs-storage.yaml @@ -4,7 +4,7 @@ metadata: name: audiobookshelf-audiobooks-nfs-storage namespace: audiobookshelf labels: - app.kubernetes.io/name: audiobookshelf-audiobooks-nfs-storage + app.kubernetes.io/name: audiobookshelf/templates/persistent-volume.yaml app.kubernetes.io/instance: audiobookshelf app.kubernetes.io/part-of: audiobookshelf spec: diff --git a/clusters/cl01tl/manifests/audiobookshelf/PersistentVolume-audiobookshelf-books-nfs-storage.yaml b/clusters/cl01tl/manifests/audiobookshelf/PersistentVolume-audiobookshelf-books-nfs-storage.yaml index 27d6d81b2..3b24a9bc8 100644 --- a/clusters/cl01tl/manifests/audiobookshelf/PersistentVolume-audiobookshelf-books-nfs-storage.yaml +++ b/clusters/cl01tl/manifests/audiobookshelf/PersistentVolume-audiobookshelf-books-nfs-storage.yaml @@ -4,7 +4,7 @@ metadata: name: audiobookshelf-books-nfs-storage namespace: audiobookshelf labels: - app.kubernetes.io/name: audiobookshelf-books-nfs-storage + app.kubernetes.io/name: audiobookshelf/templates/persistent-volume.yaml app.kubernetes.io/instance: audiobookshelf app.kubernetes.io/part-of: audiobookshelf spec: diff --git a/clusters/cl01tl/manifests/audiobookshelf/PersistentVolume-audiobookshelf-podcasts-nfs-storage.yaml b/clusters/cl01tl/manifests/audiobookshelf/PersistentVolume-audiobookshelf-podcasts-nfs-storage.yaml index 2126c4d50..0cd128e25 100644 --- a/clusters/cl01tl/manifests/audiobookshelf/PersistentVolume-audiobookshelf-podcasts-nfs-storage.yaml +++ b/clusters/cl01tl/manifests/audiobookshelf/PersistentVolume-audiobookshelf-podcasts-nfs-storage.yaml @@ -4,7 +4,7 @@ metadata: name: audiobookshelf-podcasts-nfs-storage namespace: audiobookshelf labels: - app.kubernetes.io/name: audiobookshelf-podcasts-nfs-storage + app.kubernetes.io/name: audiobookshelf/templates/persistent-volume.yaml app.kubernetes.io/instance: audiobookshelf app.kubernetes.io/part-of: audiobookshelf spec: diff --git a/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-audiobooks-nfs-storage.yaml b/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-audiobooks-nfs-storage.yaml index 4c5b34384..8292ad086 100644 --- a/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-audiobooks-nfs-storage.yaml +++ b/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-audiobooks-nfs-storage.yaml @@ -4,11 +4,11 @@ metadata: name: audiobookshelf-audiobooks-nfs-storage namespace: audiobookshelf labels: - app.kubernetes.io/name: audiobookshelf-audiobooks-nfs-storage + app.kubernetes.io/name: audiobookshelf/templates/persistent-volume-claim.yaml app.kubernetes.io/instance: audiobookshelf app.kubernetes.io/part-of: audiobookshelf spec: - volumeName: audiobookshelf-audiobooks-nfs-storage + volumeName: audiobookshelf/templates/persistent-volume-claim.yaml storageClassName: nfs-client accessModes: - ReadWriteMany diff --git a/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-books-nfs-storage.yaml b/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-books-nfs-storage.yaml index a432e6a59..45ee676d3 100644 --- a/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-books-nfs-storage.yaml +++ b/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-books-nfs-storage.yaml @@ -4,11 +4,11 @@ metadata: name: audiobookshelf-books-nfs-storage namespace: audiobookshelf labels: - app.kubernetes.io/name: audiobookshelf-books-nfs-storage + app.kubernetes.io/name: audiobookshelf/templates/persistent-volume-claim.yaml app.kubernetes.io/instance: audiobookshelf app.kubernetes.io/part-of: audiobookshelf spec: - volumeName: audiobookshelf-books-nfs-storage + volumeName: audiobookshelf/templates/persistent-volume-claim.yaml storageClassName: nfs-client accessModes: - ReadWriteMany diff --git a/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-podcasts-nfs-storage.yaml b/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-podcasts-nfs-storage.yaml index eb525c54c..2830d3b87 100644 --- a/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-podcasts-nfs-storage.yaml +++ b/clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-podcasts-nfs-storage.yaml @@ -4,11 +4,11 @@ metadata: name: audiobookshelf-podcasts-nfs-storage namespace: audiobookshelf labels: - app.kubernetes.io/name: audiobookshelf-podcasts-nfs-storage + app.kubernetes.io/name: audiobookshelf/templates/persistent-volume-claim.yaml app.kubernetes.io/instance: audiobookshelf app.kubernetes.io/part-of: audiobookshelf spec: - volumeName: audiobookshelf-podcasts-nfs-storage + volumeName: audiobookshelf/templates/persistent-volume-claim.yaml storageClassName: nfs-client accessModes: - ReadWriteMany diff --git a/clusters/cl01tl/manifests/authentik/Deployment-authentik-server.yaml b/clusters/cl01tl/manifests/authentik/Deployment-authentik-server.yaml index d215c70be..637597157 100644 --- a/clusters/cl01tl/manifests/authentik/Deployment-authentik-server.yaml +++ b/clusters/cl01tl/manifests/authentik/Deployment-authentik-server.yaml @@ -44,7 +44,7 @@ spec: valueFrom: secretKeyRef: key: key - name: authentik-key-secret + name: authentik-key - name: AUTHENTIK_POSTGRESQL__HOST valueFrom: secretKeyRef: diff --git a/clusters/cl01tl/manifests/authentik/Deployment-authentik-worker.yaml b/clusters/cl01tl/manifests/authentik/Deployment-authentik-worker.yaml index 5f7e2a5e9..4f1b6b65d 100644 --- a/clusters/cl01tl/manifests/authentik/Deployment-authentik-worker.yaml +++ b/clusters/cl01tl/manifests/authentik/Deployment-authentik-worker.yaml @@ -45,7 +45,7 @@ spec: valueFrom: secretKeyRef: key: key - name: authentik-key-secret + name: authentik-key - name: AUTHENTIK_POSTGRESQL__HOST valueFrom: secretKeyRef: diff --git a/clusters/cl01tl/manifests/authentik/ExternalSecret-authentik-key-secret.yaml b/clusters/cl01tl/manifests/authentik/ExternalSecret-authentik-key.yaml similarity index 75% rename from clusters/cl01tl/manifests/authentik/ExternalSecret-authentik-key-secret.yaml rename to clusters/cl01tl/manifests/authentik/ExternalSecret-authentik-key.yaml index b870262c2..f976ef30e 100644 --- a/clusters/cl01tl/manifests/authentik/ExternalSecret-authentik-key-secret.yaml +++ b/clusters/cl01tl/manifests/authentik/ExternalSecret-authentik-key.yaml @@ -1,16 +1,16 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: authentik-key-secret + name: authentik-key namespace: authentik labels: - app.kubernetes.io/name: authentik-key-secret + app.kubernetes.io/name: authentik/templates/external-secret.yaml app.kubernetes.io/instance: authentik app.kubernetes.io/part-of: authentik spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: key remoteRef: diff --git a/clusters/cl01tl/manifests/authentik/Ingress-authentik-tailscale.yaml b/clusters/cl01tl/manifests/authentik/Ingress-authentik-tailscale.yaml index e00c82c68..bbc626525 100644 --- a/clusters/cl01tl/manifests/authentik/Ingress-authentik-tailscale.yaml +++ b/clusters/cl01tl/manifests/authentik/Ingress-authentik-tailscale.yaml @@ -4,7 +4,7 @@ metadata: name: authentik-tailscale namespace: authentik labels: - app.kubernetes.io/name: authentik-tailscale + app.kubernetes.io/name: authentik/templates/ingress.yaml app.kubernetes.io/instance: authentik app.kubernetes.io/part-of: authentik tailscale.com/proxy-class: no-metrics diff --git a/clusters/cl01tl/manifests/authentik/ReferenceGrant-allow-outpost-cross-namespace-access.yaml b/clusters/cl01tl/manifests/authentik/ReferenceGrant-allow-outpost-cross-namespace-access.yaml index d394a4150..efa9e6ea9 100644 --- a/clusters/cl01tl/manifests/authentik/ReferenceGrant-allow-outpost-cross-namespace-access.yaml +++ b/clusters/cl01tl/manifests/authentik/ReferenceGrant-allow-outpost-cross-namespace-access.yaml @@ -4,7 +4,7 @@ metadata: name: allow-outpost-cross-namespace-access namespace: authentik labels: - app.kubernetes.io/name: allow-outpost-cross-namespace-access + app.kubernetes.io/name: authentik/templates/reference-grant.yaml app.kubernetes.io/instance: authentik app.kubernetes.io/part-of: authentik spec: diff --git a/clusters/cl01tl/manifests/backrest/PersistentVolume-backrest-nfs-share.yaml b/clusters/cl01tl/manifests/backrest/PersistentVolume-backrest-nfs-share.yaml index 9cdbd395c..04e465f59 100644 --- a/clusters/cl01tl/manifests/backrest/PersistentVolume-backrest-nfs-share.yaml +++ b/clusters/cl01tl/manifests/backrest/PersistentVolume-backrest-nfs-share.yaml @@ -4,7 +4,7 @@ metadata: name: backrest-nfs-share namespace: backrest labels: - app.kubernetes.io/name: backrest-nfs-share + app.kubernetes.io/name: backrest/templates/persistent-volume.yaml app.kubernetes.io/instance: backrest app.kubernetes.io/part-of: backrest spec: diff --git a/clusters/cl01tl/manifests/backrest/PersistentVolume-backrest-nfs-storage.yaml b/clusters/cl01tl/manifests/backrest/PersistentVolume-backrest-nfs-storage.yaml index 4d1651ed0..1f9be4086 100644 --- a/clusters/cl01tl/manifests/backrest/PersistentVolume-backrest-nfs-storage.yaml +++ b/clusters/cl01tl/manifests/backrest/PersistentVolume-backrest-nfs-storage.yaml @@ -4,7 +4,7 @@ metadata: name: backrest-nfs-storage namespace: backrest labels: - app.kubernetes.io/name: backrest-nfs-storage + app.kubernetes.io/name: backrest/templates/persistent-volume.yaml app.kubernetes.io/instance: backrest app.kubernetes.io/part-of: backrest spec: diff --git a/clusters/cl01tl/manifests/backrest/PersistentVolumeClaim-backrest-nfs-share.yaml b/clusters/cl01tl/manifests/backrest/PersistentVolumeClaim-backrest-nfs-share.yaml index 6b0aef23d..67005c696 100644 --- a/clusters/cl01tl/manifests/backrest/PersistentVolumeClaim-backrest-nfs-share.yaml +++ b/clusters/cl01tl/manifests/backrest/PersistentVolumeClaim-backrest-nfs-share.yaml @@ -4,11 +4,11 @@ metadata: name: backrest-nfs-share namespace: backrest labels: - app.kubernetes.io/name: backrest-nfs-share + app.kubernetes.io/name: backrest/templates/persistent-volume-claim.yaml app.kubernetes.io/instance: backrest app.kubernetes.io/part-of: backrest spec: - volumeName: backrest-nfs-share + volumeName: backrest/templates/persistent-volume-claim.yaml storageClassName: nfs-client accessModes: - ReadWriteMany diff --git a/clusters/cl01tl/manifests/backrest/PersistentVolumeClaim-backrest-nfs-storage.yaml b/clusters/cl01tl/manifests/backrest/PersistentVolumeClaim-backrest-nfs-storage.yaml index cada25f67..9995e70d7 100644 --- a/clusters/cl01tl/manifests/backrest/PersistentVolumeClaim-backrest-nfs-storage.yaml +++ b/clusters/cl01tl/manifests/backrest/PersistentVolumeClaim-backrest-nfs-storage.yaml @@ -4,11 +4,11 @@ metadata: name: backrest-nfs-storage namespace: backrest labels: - app.kubernetes.io/name: backrest-nfs-storage + app.kubernetes.io/name: backrest/templates/persistent-volume-claim.yaml app.kubernetes.io/instance: backrest app.kubernetes.io/part-of: backrest spec: - volumeName: backrest-nfs-storage + volumeName: backrest/templates/persistent-volume-claim.yaml storageClassName: nfs-client accessModes: - ReadWriteMany diff --git a/clusters/cl01tl/manifests/bazarr/Deployment-bazarr.yaml b/clusters/cl01tl/manifests/bazarr/Deployment-bazarr.yaml index 3e9dbdb47..3f2acf736 100644 --- a/clusters/cl01tl/manifests/bazarr/Deployment-bazarr.yaml +++ b/clusters/cl01tl/manifests/bazarr/Deployment-bazarr.yaml @@ -68,7 +68,7 @@ spec: valueFrom: secretKeyRef: key: key - name: bazarr-key-secret + name: bazarr-key - name: ENABLE_ADDITIONAL_METRICS value: "false" - name: ENABLE_UNKNOWN_QUEUE_ITEMS diff --git a/clusters/cl01tl/manifests/bazarr/ExternalSecret-bazarr-key-secret.yaml b/clusters/cl01tl/manifests/bazarr/ExternalSecret-bazarr-key.yaml similarity index 75% rename from clusters/cl01tl/manifests/bazarr/ExternalSecret-bazarr-key-secret.yaml rename to clusters/cl01tl/manifests/bazarr/ExternalSecret-bazarr-key.yaml index 3bef03e3e..aa293d935 100644 --- a/clusters/cl01tl/manifests/bazarr/ExternalSecret-bazarr-key-secret.yaml +++ b/clusters/cl01tl/manifests/bazarr/ExternalSecret-bazarr-key.yaml @@ -1,16 +1,16 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: bazarr-key-secret + name: bazarr-key namespace: bazarr labels: - app.kubernetes.io/name: bazarr-key-secret + app.kubernetes.io/name: bazarr/templates/external-secret.yaml app.kubernetes.io/instance: bazarr app.kubernetes.io/part-of: bazarr spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: key remoteRef: diff --git a/clusters/cl01tl/manifests/bazarr/PersistentVolume-bazarr-nfs-storage.yaml b/clusters/cl01tl/manifests/bazarr/PersistentVolume-bazarr-nfs-storage.yaml index a86ac432b..a1eacf82f 100644 --- a/clusters/cl01tl/manifests/bazarr/PersistentVolume-bazarr-nfs-storage.yaml +++ b/clusters/cl01tl/manifests/bazarr/PersistentVolume-bazarr-nfs-storage.yaml @@ -4,7 +4,7 @@ metadata: name: bazarr-nfs-storage namespace: bazarr labels: - app.kubernetes.io/name: bazarr-nfs-storage + app.kubernetes.io/name: bazarr/templates/persistent-volume.yaml app.kubernetes.io/instance: bazarr app.kubernetes.io/part-of: bazarr spec: diff --git a/clusters/cl01tl/manifests/bazarr/PersistentVolumeClaim-bazarr-nfs-storage.yaml b/clusters/cl01tl/manifests/bazarr/PersistentVolumeClaim-bazarr-nfs-storage.yaml index 696517245..bf3b5bb8a 100644 --- a/clusters/cl01tl/manifests/bazarr/PersistentVolumeClaim-bazarr-nfs-storage.yaml +++ b/clusters/cl01tl/manifests/bazarr/PersistentVolumeClaim-bazarr-nfs-storage.yaml @@ -4,11 +4,11 @@ metadata: name: bazarr-nfs-storage namespace: bazarr labels: - app.kubernetes.io/name: bazarr-nfs-storage + app.kubernetes.io/name: bazarr/templates/persistent-volume-claim.yaml app.kubernetes.io/instance: bazarr app.kubernetes.io/part-of: bazarr spec: - volumeName: bazarr-nfs-storage + volumeName: bazarr/templates/persistent-volume-claim.yaml storageClassName: nfs-client accessModes: - ReadWriteMany diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterIssuer-letsencrypt-issuer.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterIssuer-letsencrypt-issuer.yaml index 91a80286e..6d6bb224a 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterIssuer-letsencrypt-issuer.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterIssuer-letsencrypt-issuer.yaml @@ -4,7 +4,7 @@ metadata: name: letsencrypt-issuer namespace: cert-manager labels: - app.kubernetes.io/name: letsencrypt-issuer + app.kubernetes.io/name: cert-manager/templates/cluster-issuer.yaml app.kubernetes.io/instance: cert-manager app.kubernetes.io/part-of: cert-manager spec: diff --git a/clusters/cl01tl/manifests/cert-manager/ExternalSecret-cloudflare-api-token.yaml b/clusters/cl01tl/manifests/cert-manager/ExternalSecret-cloudflare-api-token.yaml index 91e5d55ab..e34a41795 100644 --- a/clusters/cl01tl/manifests/cert-manager/ExternalSecret-cloudflare-api-token.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ExternalSecret-cloudflare-api-token.yaml @@ -4,15 +4,15 @@ metadata: name: cloudflare-api-token namespace: cert-manager labels: - app.kubernetes.io/name: cloudflare-api-token + app.kubernetes.io/name: cert-manager/templates/external-secret.yaml app.kubernetes.io/instance: cert-manager app.kubernetes.io/part-of: cert-manager spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: api-token remoteRef: - key: /cloudflare/alexlebens.net/clusterissuer + key: /cloudflare/alexlebens.net/cl01tl-issuer-certificate property: token diff --git a/clusters/cl01tl/manifests/cilium/CiliumLoadBalancerIPPool-bgp-ip-pool.yaml b/clusters/cl01tl/manifests/cilium/CiliumLoadBalancerIPPool-bgp-ip-pool.yaml index 03b4c5df8..fbe12d5a7 100644 --- a/clusters/cl01tl/manifests/cilium/CiliumLoadBalancerIPPool-bgp-ip-pool.yaml +++ b/clusters/cl01tl/manifests/cilium/CiliumLoadBalancerIPPool-bgp-ip-pool.yaml @@ -4,7 +4,7 @@ metadata: name: bgp-ip-pool namespace: kube-system labels: - app.kubernetes.io/name: bgp-ip-pool + app.kubernetes.io/name: cilium/templates/cilium-load-balancer-ip-pool.yaml app.kubernetes.io/instance: cilium app.kubernetes.io/part-of: cilium spec: diff --git a/clusters/cl01tl/manifests/cilium/CiliumLoadBalancerIPPool-default-ip-pool.yaml b/clusters/cl01tl/manifests/cilium/CiliumLoadBalancerIPPool-default-ip-pool.yaml index 3aeb22797..79ac554e3 100644 --- a/clusters/cl01tl/manifests/cilium/CiliumLoadBalancerIPPool-default-ip-pool.yaml +++ b/clusters/cl01tl/manifests/cilium/CiliumLoadBalancerIPPool-default-ip-pool.yaml @@ -4,7 +4,7 @@ metadata: name: default-ip-pool namespace: kube-system labels: - app.kubernetes.io/name: default-ip-pool + app.kubernetes.io/name: cilium/templates/cilium-load-balancer-ip-pool.yaml app.kubernetes.io/instance: cilium app.kubernetes.io/part-of: cilium spec: diff --git a/clusters/cl01tl/manifests/cilium/HTTPRoute-hubble.yaml b/clusters/cl01tl/manifests/cilium/HTTPRoute-hubble.yaml index b1f64e09b..143ba349e 100644 --- a/clusters/cl01tl/manifests/cilium/HTTPRoute-hubble.yaml +++ b/clusters/cl01tl/manifests/cilium/HTTPRoute-hubble.yaml @@ -4,7 +4,7 @@ metadata: name: hubble namespace: kube-system labels: - app.kubernetes.io/name: hubble + app.kubernetes.io/name: cilium/templates/http-route.yaml app.kubernetes.io/instance: cilium app.kubernetes.io/part-of: cilium spec: diff --git a/clusters/cl01tl/manifests/dawarich/Deployment-dawarich.yaml b/clusters/cl01tl/manifests/dawarich/Deployment-dawarich.yaml index 4ae3af86d..09490d323 100644 --- a/clusters/cl01tl/manifests/dawarich/Deployment-dawarich.yaml +++ b/clusters/cl01tl/manifests/dawarich/Deployment-dawarich.yaml @@ -87,12 +87,12 @@ spec: valueFrom: secretKeyRef: key: client - name: dawarich-oidc-secret + name: dawarich-oidc-authentik - name: OIDC_CLIENT_SECRET valueFrom: secretKeyRef: key: secret - name: dawarich-oidc-secret + name: dawarich-oidc-authentik - name: OIDC_PROVIDER_NAME value: Authentik - name: OIDC_AUTO_REGISTER @@ -107,7 +107,7 @@ spec: valueFrom: secretKeyRef: key: key - name: dawarich-key-secret + name: dawarich-key - name: RAILS_LOG_TO_STDOUT value: "true" - name: SELF_HOSTED diff --git a/clusters/cl01tl/manifests/dawarich/ExternalSecret-dawarich-key-secret.yaml b/clusters/cl01tl/manifests/dawarich/ExternalSecret-dawarich-key.yaml similarity index 75% rename from clusters/cl01tl/manifests/dawarich/ExternalSecret-dawarich-key-secret.yaml rename to clusters/cl01tl/manifests/dawarich/ExternalSecret-dawarich-key.yaml index 4e2b0dcce..30705d4ae 100644 --- a/clusters/cl01tl/manifests/dawarich/ExternalSecret-dawarich-key-secret.yaml +++ b/clusters/cl01tl/manifests/dawarich/ExternalSecret-dawarich-key.yaml @@ -1,16 +1,16 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: dawarich-key-secret + name: dawarich-key namespace: dawarich labels: - app.kubernetes.io/name: dawarich-key-secret + app.kubernetes.io/name: dawarich/templates/external-secret.yaml app.kubernetes.io/instance: dawarich app.kubernetes.io/part-of: dawarich spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: key remoteRef: diff --git a/clusters/cl01tl/manifests/dawarich/ExternalSecret-dawarich-oidc-secret.yaml b/clusters/cl01tl/manifests/dawarich/ExternalSecret-dawarich-oidc-authentik.yaml similarity index 64% rename from clusters/cl01tl/manifests/dawarich/ExternalSecret-dawarich-oidc-secret.yaml rename to clusters/cl01tl/manifests/dawarich/ExternalSecret-dawarich-oidc-authentik.yaml index fd2fac1dc..fc5c3d7a8 100644 --- a/clusters/cl01tl/manifests/dawarich/ExternalSecret-dawarich-oidc-secret.yaml +++ b/clusters/cl01tl/manifests/dawarich/ExternalSecret-dawarich-oidc-authentik.yaml @@ -1,22 +1,22 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: dawarich-oidc-secret + name: dawarich-oidc-authentik namespace: dawarich labels: - app.kubernetes.io/name: dawarich-oidc-secret + app.kubernetes.io/name: dawarich/templates/external-secret.yaml app.kubernetes.io/instance: dawarich app.kubernetes.io/part-of: dawarich spec: secretStoreRef: kind: ClusterSecretStore - name: vault + name: openbao data: - secretKey: client remoteRef: - key: /authentik/oidc/dawarich + key: /cl01tl/authentik/oidc/dawarich property: client - secretKey: secret remoteRef: - key: /authentik/oidc/dawarich + key: /cl01tl/authentik/oidc/dawarich property: secret