alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 6 Actions 1 Activity

chore: Update manifests after change

Browse Source
This commit is contained in:
Gitea
2026-04-20 01:11:25 +00:00
parent eff003474f
commit 210b89d43b
41 changed files with 90 additions and 110 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
clusters/cl01tl/manifests/argocd/ClusterRole-argocd-notifications-controller.yaml
View File

@@ -41,7 +41,7 @@ rules:
- apiGroups: - apiGroups:
- "" - ""
resourceNames: resourceNames:
- argocd-notifications-secret - argocd-notifications-ntfy
resources: resources:
- secrets - secrets
verbs: verbs:

4
clusters/cl01tl/manifests/argocd/ConfigMap-argocd-cm.yaml
View File

@@ -20,8 +20,8 @@ data:
connectors: connectors:
- config: - config:
issuer: https://authentik.alexlebens.net/application/o/argocd/ issuer: https://authentik.alexlebens.net/application/o/argocd/
clientID: $argocd-oidc-secret:client clientID: $argocd-oidc-authentik:client
clientSecret: $argocd-oidc-secret:secret clientSecret: $argocd-oidc-authentik:secret
insecureEnableGroups: true insecureEnableGroups: true
scopes: scopes:
- openid - openid

2
clusters/cl01tl/manifests/argocd/Deployment-argocd-dex-server.yaml
View File

@@ -22,7 +22,7 @@ spec:
metadata: metadata:
annotations: annotations:
checksum/cmd-params: 28bda454bf23a1640b602544df6cb8c4bf480761dceb9a9dbb352a0a570f56cf checksum/cmd-params: 28bda454bf23a1640b602544df6cb8c4bf480761dceb9a9dbb352a0a570f56cf
checksum/cm: e8ec80c49fe04086a874935f714e529f8fea42e2cc30f811c41c4bf6946cbe15 checksum/cm: 6373746e5f0032d699666641a31e84a7cdc215b4f7e17f0f675058f66cc2f5ae
labels: labels:
helm.sh/chart: argo-cd-9.5.2 helm.sh/chart: argo-cd-9.5.2
app.kubernetes.io/name: argocd-dex-server app.kubernetes.io/name: argocd-dex-server

2
clusters/cl01tl/manifests/argocd/Deployment-argocd-notifications-controller.yaml
View File

@@ -45,7 +45,7 @@ spec:
- --metrics-port=9001 - --metrics-port=9001
- --namespace=argocd - --namespace=argocd
- --argocd-repo-server=argocd-repo-server:8081 - --argocd-repo-server=argocd-repo-server:8081
- --secret-name=argocd-notifications-secret - --secret-name=argocd-notifications-ntfy
env: env:
- name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL
valueFrom: valueFrom:

2
clusters/cl01tl/manifests/argocd/Deployment-argocd-repo-server.yaml
View File

@@ -22,7 +22,7 @@ spec:
metadata: metadata:
annotations: annotations:
checksum/cmd-params: 28bda454bf23a1640b602544df6cb8c4bf480761dceb9a9dbb352a0a570f56cf checksum/cmd-params: 28bda454bf23a1640b602544df6cb8c4bf480761dceb9a9dbb352a0a570f56cf
checksum/cm: e8ec80c49fe04086a874935f714e529f8fea42e2cc30f811c41c4bf6946cbe15 checksum/cm: 6373746e5f0032d699666641a31e84a7cdc215b4f7e17f0f675058f66cc2f5ae
labels: labels:
helm.sh/chart: argo-cd-9.5.2 helm.sh/chart: argo-cd-9.5.2
app.kubernetes.io/name: argocd-repo-server app.kubernetes.io/name: argocd-repo-server

2
clusters/cl01tl/manifests/argocd/Deployment-argocd-server.yaml
View File

@@ -22,7 +22,7 @@ spec:
metadata: metadata:
annotations: annotations:
checksum/cmd-params: 28bda454bf23a1640b602544df6cb8c4bf480761dceb9a9dbb352a0a570f56cf checksum/cmd-params: 28bda454bf23a1640b602544df6cb8c4bf480761dceb9a9dbb352a0a570f56cf
checksum/cm: e8ec80c49fe04086a874935f714e529f8fea42e2cc30f811c41c4bf6946cbe15 checksum/cm: 6373746e5f0032d699666641a31e84a7cdc215b4f7e17f0f675058f66cc2f5ae
labels: labels:
helm.sh/chart: argo-cd-9.5.2 helm.sh/chart: argo-cd-9.5.2
app.kubernetes.io/name: argocd-server app.kubernetes.io/name: argocd-server

26
clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-gitea-repo-infrastructure-secret.yaml
View File

@@ -1,26 +0,0 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: argocd-gitea-repo-infrastructure-secret
namespace: argocd
labels:
app.kubernetes.io/name: argocd-gitea-repo-infrastructure-secret
app.kubernetes.io/instance: argocd
app.kubernetes.io/part-of: argocd
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: type
remoteRef:
key: /cl01tl/argocd/credentials/repo/infrastructure
property: type
- secretKey: url
remoteRef:
key: /cl01tl/argocd/credentials/repo/infrastructure
property: url
- secretKey: sshPrivateKey
remoteRef:
key: /cl01tl/argocd/credentials/repo/infrastructure
property: sshPrivateKey

8
clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-notifications-secret.yaml → clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-notifications-ntfy.yaml
View File

@@ -1,18 +1,18 @@
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: argocd-notifications-secret name: argocd-notifications-ntfy
namespace: argocd namespace: argocd
labels: labels:
app.kubernetes.io/name: argocd-notifications-secret app.kubernetes.io/name: argocd/templates/external-secret.yaml
app.kubernetes.io/instance: argocd app.kubernetes.io/instance: argocd
app.kubernetes.io/part-of: argocd app.kubernetes.io/part-of: argocd
spec: spec:
secretStoreRef: secretStoreRef:
kind: ClusterSecretStore kind: ClusterSecretStore
name: vault name: openbao
data: data:
- secretKey: ntfy-token - secretKey: ntfy-token
remoteRef: remoteRef:
key: /ntfy/user/cl01tl key: /cl01tl/ntfy/users/cl01tl
property: token property: token

10
clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-oidc-secret.yaml → clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-oidc-authentik.yaml
View File

@@ -1,22 +1,22 @@
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: argocd-oidc-secret name: argocd-oidc-authentik
namespace: argocd namespace: argocd
labels: labels:
app.kubernetes.io/name: argocd-oidc-secret app.kubernetes.io/name: argocd/templates/external-secret.yaml
app.kubernetes.io/instance: argocd app.kubernetes.io/instance: argocd
app.kubernetes.io/part-of: argocd app.kubernetes.io/part-of: argocd
spec: spec:
secretStoreRef: secretStoreRef:
kind: ClusterSecretStore kind: ClusterSecretStore
name: vault name: openbao
data: data:
- secretKey: secret - secretKey: secret
remoteRef: remoteRef:
key: /authentik/oidc/argocd key: /cl01tl/authentik/oidc/argocd
property: secret property: secret
- secretKey: client - secretKey: client
remoteRef: remoteRef:
key: /authentik/oidc/argocd key: /cl01tk/authentik/oidc/argocd
property: client property: client

2
clusters/cl01tl/manifests/argocd/Role-argocd-notifications-controller.yaml
View File

@@ -42,7 +42,7 @@ rules:
- apiGroups: - apiGroups:
- "" - ""
resourceNames: resourceNames:
- argocd-notifications-secret - argocd-notifications-ntfy
resources: resources:
- secrets - secrets
verbs: verbs:

2
clusters/cl01tl/manifests/argocd/StatefulSet-argocd-application-controller.yaml
View File

@@ -23,7 +23,7 @@ spec:
metadata: metadata:
annotations: annotations:
checksum/cmd-params: 28bda454bf23a1640b602544df6cb8c4bf480761dceb9a9dbb352a0a570f56cf checksum/cmd-params: 28bda454bf23a1640b602544df6cb8c4bf480761dceb9a9dbb352a0a570f56cf
checksum/cm: e8ec80c49fe04086a874935f714e529f8fea42e2cc30f811c41c4bf6946cbe15 checksum/cm: 6373746e5f0032d699666641a31e84a7cdc215b4f7e17f0f675058f66cc2f5ae
labels: labels:
helm.sh/chart: argo-cd-9.5.2 helm.sh/chart: argo-cd-9.5.2
app.kubernetes.io/name: argocd-application-controller app.kubernetes.io/name: argocd-application-controller

2
clusters/cl01tl/manifests/audiobookshelf/Deployment-audiobookshelf.yaml
View File

@@ -54,7 +54,7 @@ spec:
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
key: ntfy-url key: ntfy-url
name: audiobookshelf-apprise-config name: audiobookshelf-config-apprise
image: ghcr.io/caronc/apprise:v1.3.3@sha256:4bfeac268ba87b8e08e308c9aa0182fe99e9501ec464027afc333d1634e65977 image: ghcr.io/caronc/apprise:v1.3.3@sha256:4bfeac268ba87b8e08e308c9aa0182fe99e9501ec464027afc333d1634e65977
name: apprise-api name: apprise-api
- env: - env:

18
clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-apprise-config.yaml
View File

@@ -1,18 +0,0 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: audiobookshelf-apprise-config
namespace: audiobookshelf
labels:
app.kubernetes.io/name: audiobookshelf-apprise-config
app.kubernetes.io/instance: audiobookshelf
app.kubernetes.io/part-of: audiobookshelf
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: ntfy-url
remoteRef:
key: /cl01tl/audiobookshelf/apprise
property: ntfy-url

24
clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-config-apprise.yaml Normal file
View File

@@ -0,0 +1,24 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: audiobookshelf-config-apprise
namespace: audiobookshelf
labels:
app.kubernetes.io/name: audiobookshelf/templates/external-secret.yaml
app.kubernetes.io/instance: audiobookshelf
app.kubernetes.io/part-of: audiobookshelf
spec:
secretStoreRef:
kind: ClusterSecretStore
name: openbao
target:
template:
mergePolicy: Merge
engineVersion: v2
data:
ntfy-url: "{{ .internal-endpoint-credential }}/audiobookshelf"
data:
- secretKey: internal-endpoint-credential
remoteRef:
key: /cl01tl/ntfy/users/cl01tl
property: internal-endpoint-credential

2
clusters/cl01tl/manifests/audiobookshelf/PersistentVolume-audiobookshelf-audiobooks-nfs-storage.yaml
View File

@@ -4,7 +4,7 @@ metadata:
name: audiobookshelf-audiobooks-nfs-storage name: audiobookshelf-audiobooks-nfs-storage
namespace: audiobookshelf namespace: audiobookshelf
labels: labels:
app.kubernetes.io/name: audiobookshelf-audiobooks-nfs-storage app.kubernetes.io/name: audiobookshelf/templates/persistent-volume.yaml
app.kubernetes.io/instance: audiobookshelf app.kubernetes.io/instance: audiobookshelf
app.kubernetes.io/part-of: audiobookshelf app.kubernetes.io/part-of: audiobookshelf
spec: spec:

2
clusters/cl01tl/manifests/audiobookshelf/PersistentVolume-audiobookshelf-books-nfs-storage.yaml
View File

@@ -4,7 +4,7 @@ metadata:
name: audiobookshelf-books-nfs-storage name: audiobookshelf-books-nfs-storage
namespace: audiobookshelf namespace: audiobookshelf
labels: labels:
app.kubernetes.io/name: audiobookshelf-books-nfs-storage app.kubernetes.io/name: audiobookshelf/templates/persistent-volume.yaml
app.kubernetes.io/instance: audiobookshelf app.kubernetes.io/instance: audiobookshelf
app.kubernetes.io/part-of: audiobookshelf app.kubernetes.io/part-of: audiobookshelf
spec: spec:

2
clusters/cl01tl/manifests/audiobookshelf/PersistentVolume-audiobookshelf-podcasts-nfs-storage.yaml
View File

@@ -4,7 +4,7 @@ metadata:
name: audiobookshelf-podcasts-nfs-storage name: audiobookshelf-podcasts-nfs-storage
namespace: audiobookshelf namespace: audiobookshelf
labels: labels:
app.kubernetes.io/name: audiobookshelf-podcasts-nfs-storage app.kubernetes.io/name: audiobookshelf/templates/persistent-volume.yaml
app.kubernetes.io/instance: audiobookshelf app.kubernetes.io/instance: audiobookshelf
app.kubernetes.io/part-of: audiobookshelf app.kubernetes.io/part-of: audiobookshelf
spec: spec:

4
clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-audiobooks-nfs-storage.yaml
View File

@@ -4,11 +4,11 @@ metadata:
name: audiobookshelf-audiobooks-nfs-storage name: audiobookshelf-audiobooks-nfs-storage
namespace: audiobookshelf namespace: audiobookshelf
labels: labels:
app.kubernetes.io/name: audiobookshelf-audiobooks-nfs-storage app.kubernetes.io/name: audiobookshelf/templates/persistent-volume-claim.yaml
app.kubernetes.io/instance: audiobookshelf app.kubernetes.io/instance: audiobookshelf
app.kubernetes.io/part-of: audiobookshelf app.kubernetes.io/part-of: audiobookshelf
spec: spec:
volumeName: audiobookshelf-audiobooks-nfs-storage volumeName: audiobookshelf/templates/persistent-volume-claim.yaml
storageClassName: nfs-client storageClassName: nfs-client
accessModes: accessModes:
- ReadWriteMany - ReadWriteMany

4
clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-books-nfs-storage.yaml
View File

@@ -4,11 +4,11 @@ metadata:
name: audiobookshelf-books-nfs-storage name: audiobookshelf-books-nfs-storage
namespace: audiobookshelf namespace: audiobookshelf
labels: labels:
app.kubernetes.io/name: audiobookshelf-books-nfs-storage app.kubernetes.io/name: audiobookshelf/templates/persistent-volume-claim.yaml
app.kubernetes.io/instance: audiobookshelf app.kubernetes.io/instance: audiobookshelf
app.kubernetes.io/part-of: audiobookshelf app.kubernetes.io/part-of: audiobookshelf
spec: spec:
volumeName: audiobookshelf-books-nfs-storage volumeName: audiobookshelf/templates/persistent-volume-claim.yaml
storageClassName: nfs-client storageClassName: nfs-client
accessModes: accessModes:
- ReadWriteMany - ReadWriteMany

4
clusters/cl01tl/manifests/audiobookshelf/PersistentVolumeClaim-audiobookshelf-podcasts-nfs-storage.yaml
View File

@@ -4,11 +4,11 @@ metadata:
name: audiobookshelf-podcasts-nfs-storage name: audiobookshelf-podcasts-nfs-storage
namespace: audiobookshelf namespace: audiobookshelf
labels: labels:
app.kubernetes.io/name: audiobookshelf-podcasts-nfs-storage app.kubernetes.io/name: audiobookshelf/templates/persistent-volume-claim.yaml
app.kubernetes.io/instance: audiobookshelf app.kubernetes.io/instance: audiobookshelf
app.kubernetes.io/part-of: audiobookshelf app.kubernetes.io/part-of: audiobookshelf
spec: spec:
volumeName: audiobookshelf-podcasts-nfs-storage volumeName: audiobookshelf/templates/persistent-volume-claim.yaml
storageClassName: nfs-client storageClassName: nfs-client
accessModes: accessModes:
- ReadWriteMany - ReadWriteMany

2
clusters/cl01tl/manifests/authentik/Deployment-authentik-server.yaml
View File

@@ -44,7 +44,7 @@ spec:
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
key: key key: key
name: authentik-key-secret name: authentik-key
- name: AUTHENTIK_POSTGRESQL__HOST - name: AUTHENTIK_POSTGRESQL__HOST
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:

2
clusters/cl01tl/manifests/authentik/Deployment-authentik-worker.yaml
View File

@@ -45,7 +45,7 @@ spec:
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
key: key key: key
name: authentik-key-secret name: authentik-key
- name: AUTHENTIK_POSTGRESQL__HOST - name: AUTHENTIK_POSTGRESQL__HOST
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:

6
clusters/cl01tl/manifests/authentik/ExternalSecret-authentik-key-secret.yaml → clusters/cl01tl/manifests/authentik/ExternalSecret-authentik-key.yaml
View File

@@ -1,16 +1,16 @@
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: authentik-key-secret name: authentik-key
namespace: authentik namespace: authentik
labels: labels:
app.kubernetes.io/name: authentik-key-secret app.kubernetes.io/name: authentik/templates/external-secret.yaml
app.kubernetes.io/instance: authentik app.kubernetes.io/instance: authentik
app.kubernetes.io/part-of: authentik app.kubernetes.io/part-of: authentik
spec: spec:
secretStoreRef: secretStoreRef:
kind: ClusterSecretStore kind: ClusterSecretStore
name: vault name: openbao
data: data:
- secretKey: key - secretKey: key
remoteRef: remoteRef:

2
clusters/cl01tl/manifests/authentik/Ingress-authentik-tailscale.yaml
View File

@@ -4,7 +4,7 @@ metadata:
name: authentik-tailscale name: authentik-tailscale
namespace: authentik namespace: authentik
labels: labels:
app.kubernetes.io/name: authentik-tailscale app.kubernetes.io/name: authentik/templates/ingress.yaml
app.kubernetes.io/instance: authentik app.kubernetes.io/instance: authentik
app.kubernetes.io/part-of: authentik app.kubernetes.io/part-of: authentik
tailscale.com/proxy-class: no-metrics tailscale.com/proxy-class: no-metrics

2
clusters/cl01tl/manifests/authentik/ReferenceGrant-allow-outpost-cross-namespace-access.yaml
View File

@@ -4,7 +4,7 @@ metadata:
name: allow-outpost-cross-namespace-access name: allow-outpost-cross-namespace-access
namespace: authentik namespace: authentik
labels: labels:
app.kubernetes.io/name: allow-outpost-cross-namespace-access app.kubernetes.io/name: authentik/templates/reference-grant.yaml
app.kubernetes.io/instance: authentik app.kubernetes.io/instance: authentik
app.kubernetes.io/part-of: authentik app.kubernetes.io/part-of: authentik
spec: spec:

2
clusters/cl01tl/manifests/backrest/PersistentVolume-backrest-nfs-share.yaml
View File

@@ -4,7 +4,7 @@ metadata:
name: backrest-nfs-share name: backrest-nfs-share
namespace: backrest namespace: backrest
labels: labels:
app.kubernetes.io/name: backrest-nfs-share app.kubernetes.io/name: backrest/templates/persistent-volume.yaml
app.kubernetes.io/instance: backrest app.kubernetes.io/instance: backrest
app.kubernetes.io/part-of: backrest app.kubernetes.io/part-of: backrest
spec: spec:

2
clusters/cl01tl/manifests/backrest/PersistentVolume-backrest-nfs-storage.yaml
View File

@@ -4,7 +4,7 @@ metadata:
name: backrest-nfs-storage name: backrest-nfs-storage
namespace: backrest namespace: backrest
labels: labels:
app.kubernetes.io/name: backrest-nfs-storage app.kubernetes.io/name: backrest/templates/persistent-volume.yaml
app.kubernetes.io/instance: backrest app.kubernetes.io/instance: backrest
app.kubernetes.io/part-of: backrest app.kubernetes.io/part-of: backrest
spec: spec:

4
clusters/cl01tl/manifests/backrest/PersistentVolumeClaim-backrest-nfs-share.yaml
View File

@@ -4,11 +4,11 @@ metadata:
name: backrest-nfs-share name: backrest-nfs-share
namespace: backrest namespace: backrest
labels: labels:
app.kubernetes.io/name: backrest-nfs-share app.kubernetes.io/name: backrest/templates/persistent-volume-claim.yaml
app.kubernetes.io/instance: backrest app.kubernetes.io/instance: backrest
app.kubernetes.io/part-of: backrest app.kubernetes.io/part-of: backrest
spec: spec:
volumeName: backrest-nfs-share volumeName: backrest/templates/persistent-volume-claim.yaml
storageClassName: nfs-client storageClassName: nfs-client
accessModes: accessModes:
- ReadWriteMany - ReadWriteMany

4
clusters/cl01tl/manifests/backrest/PersistentVolumeClaim-backrest-nfs-storage.yaml
View File

@@ -4,11 +4,11 @@ metadata:
name: backrest-nfs-storage name: backrest-nfs-storage
namespace: backrest namespace: backrest
labels: labels:
app.kubernetes.io/name: backrest-nfs-storage app.kubernetes.io/name: backrest/templates/persistent-volume-claim.yaml
app.kubernetes.io/instance: backrest app.kubernetes.io/instance: backrest
app.kubernetes.io/part-of: backrest app.kubernetes.io/part-of: backrest
spec: spec:
volumeName: backrest-nfs-storage volumeName: backrest/templates/persistent-volume-claim.yaml
storageClassName: nfs-client storageClassName: nfs-client
accessModes: accessModes:
- ReadWriteMany - ReadWriteMany

2
clusters/cl01tl/manifests/bazarr/Deployment-bazarr.yaml
View File

@@ -68,7 +68,7 @@ spec:
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
key: key key: key
name: bazarr-key-secret name: bazarr-key
- name: ENABLE_ADDITIONAL_METRICS - name: ENABLE_ADDITIONAL_METRICS
value: "false" value: "false"
- name: ENABLE_UNKNOWN_QUEUE_ITEMS - name: ENABLE_UNKNOWN_QUEUE_ITEMS

6
clusters/cl01tl/manifests/bazarr/ExternalSecret-bazarr-key-secret.yaml → clusters/cl01tl/manifests/bazarr/ExternalSecret-bazarr-key.yaml
View File

@@ -1,16 +1,16 @@
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: bazarr-key-secret name: bazarr-key
namespace: bazarr namespace: bazarr
labels: labels:
app.kubernetes.io/name: bazarr-key-secret app.kubernetes.io/name: bazarr/templates/external-secret.yaml
app.kubernetes.io/instance: bazarr app.kubernetes.io/instance: bazarr
app.kubernetes.io/part-of: bazarr app.kubernetes.io/part-of: bazarr
spec: spec:
secretStoreRef: secretStoreRef:
kind: ClusterSecretStore kind: ClusterSecretStore
name: vault name: openbao
data: data:
- secretKey: key - secretKey: key
remoteRef: remoteRef:

2
clusters/cl01tl/manifests/bazarr/PersistentVolume-bazarr-nfs-storage.yaml
View File

@@ -4,7 +4,7 @@ metadata:
name: bazarr-nfs-storage name: bazarr-nfs-storage
namespace: bazarr namespace: bazarr
labels: labels:
app.kubernetes.io/name: bazarr-nfs-storage app.kubernetes.io/name: bazarr/templates/persistent-volume.yaml
app.kubernetes.io/instance: bazarr app.kubernetes.io/instance: bazarr
app.kubernetes.io/part-of: bazarr app.kubernetes.io/part-of: bazarr
spec: spec:

4
clusters/cl01tl/manifests/bazarr/PersistentVolumeClaim-bazarr-nfs-storage.yaml
View File

@@ -4,11 +4,11 @@ metadata:
name: bazarr-nfs-storage name: bazarr-nfs-storage
namespace: bazarr namespace: bazarr
labels: labels:
app.kubernetes.io/name: bazarr-nfs-storage app.kubernetes.io/name: bazarr/templates/persistent-volume-claim.yaml
app.kubernetes.io/instance: bazarr app.kubernetes.io/instance: bazarr
app.kubernetes.io/part-of: bazarr app.kubernetes.io/part-of: bazarr
spec: spec:
volumeName: bazarr-nfs-storage volumeName: bazarr/templates/persistent-volume-claim.yaml
storageClassName: nfs-client storageClassName: nfs-client
accessModes: accessModes:
- ReadWriteMany - ReadWriteMany

2
clusters/cl01tl/manifests/cert-manager/ClusterIssuer-letsencrypt-issuer.yaml
View File

@@ -4,7 +4,7 @@ metadata:
name: letsencrypt-issuer name: letsencrypt-issuer
namespace: cert-manager namespace: cert-manager
labels: labels:
app.kubernetes.io/name: letsencrypt-issuer app.kubernetes.io/name: cert-manager/templates/cluster-issuer.yaml
app.kubernetes.io/instance: cert-manager app.kubernetes.io/instance: cert-manager
app.kubernetes.io/part-of: cert-manager app.kubernetes.io/part-of: cert-manager
spec: spec:

6
clusters/cl01tl/manifests/cert-manager/ExternalSecret-cloudflare-api-token.yaml
View File

@@ -4,15 +4,15 @@ metadata:
name: cloudflare-api-token name: cloudflare-api-token
namespace: cert-manager namespace: cert-manager
labels: labels:
app.kubernetes.io/name: cloudflare-api-token app.kubernetes.io/name: cert-manager/templates/external-secret.yaml
app.kubernetes.io/instance: cert-manager app.kubernetes.io/instance: cert-manager
app.kubernetes.io/part-of: cert-manager app.kubernetes.io/part-of: cert-manager
spec: spec:
secretStoreRef: secretStoreRef:
kind: ClusterSecretStore kind: ClusterSecretStore
name: vault name: openbao
data: data:
- secretKey: api-token - secretKey: api-token
remoteRef: remoteRef:
key: /cloudflare/alexlebens.net/clusterissuer key: /cloudflare/alexlebens.net/cl01tl-issuer-certificate
property: token property: token

2
clusters/cl01tl/manifests/cilium/CiliumLoadBalancerIPPool-bgp-ip-pool.yaml
View File

@@ -4,7 +4,7 @@ metadata:
name: bgp-ip-pool name: bgp-ip-pool
namespace: kube-system namespace: kube-system
labels: labels:
app.kubernetes.io/name: bgp-ip-pool app.kubernetes.io/name: cilium/templates/cilium-load-balancer-ip-pool.yaml
app.kubernetes.io/instance: cilium app.kubernetes.io/instance: cilium
app.kubernetes.io/part-of: cilium app.kubernetes.io/part-of: cilium
spec: spec:

2
clusters/cl01tl/manifests/cilium/CiliumLoadBalancerIPPool-default-ip-pool.yaml
View File

@@ -4,7 +4,7 @@ metadata:
name: default-ip-pool name: default-ip-pool
namespace: kube-system namespace: kube-system
labels: labels:
app.kubernetes.io/name: default-ip-pool app.kubernetes.io/name: cilium/templates/cilium-load-balancer-ip-pool.yaml
app.kubernetes.io/instance: cilium app.kubernetes.io/instance: cilium
app.kubernetes.io/part-of: cilium app.kubernetes.io/part-of: cilium
spec: spec:

2
clusters/cl01tl/manifests/cilium/HTTPRoute-hubble.yaml
View File

@@ -4,7 +4,7 @@ metadata:
name: hubble name: hubble
namespace: kube-system namespace: kube-system
labels: labels:
app.kubernetes.io/name: hubble app.kubernetes.io/name: cilium/templates/http-route.yaml
app.kubernetes.io/instance: cilium app.kubernetes.io/instance: cilium
app.kubernetes.io/part-of: cilium app.kubernetes.io/part-of: cilium
spec: spec:

6
clusters/cl01tl/manifests/dawarich/Deployment-dawarich.yaml
View File

@@ -87,12 +87,12 @@ spec:
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
key: client key: client
name: dawarich-oidc-secret name: dawarich-oidc-authentik
- name: OIDC_CLIENT_SECRET - name: OIDC_CLIENT_SECRET
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
key: secret key: secret
name: dawarich-oidc-secret name: dawarich-oidc-authentik
- name: OIDC_PROVIDER_NAME - name: OIDC_PROVIDER_NAME
value: Authentik value: Authentik
- name: OIDC_AUTO_REGISTER - name: OIDC_AUTO_REGISTER
@@ -107,7 +107,7 @@ spec:
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
key: key key: key
name: dawarich-key-secret name: dawarich-key
- name: RAILS_LOG_TO_STDOUT - name: RAILS_LOG_TO_STDOUT
value: "true" value: "true"
- name: SELF_HOSTED - name: SELF_HOSTED

6
clusters/cl01tl/manifests/dawarich/ExternalSecret-dawarich-key-secret.yaml → clusters/cl01tl/manifests/dawarich/ExternalSecret-dawarich-key.yaml
View File

@@ -1,16 +1,16 @@
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: dawarich-key-secret name: dawarich-key
namespace: dawarich namespace: dawarich
labels: labels:
app.kubernetes.io/name: dawarich-key-secret app.kubernetes.io/name: dawarich/templates/external-secret.yaml
app.kubernetes.io/instance: dawarich app.kubernetes.io/instance: dawarich
app.kubernetes.io/part-of: dawarich app.kubernetes.io/part-of: dawarich
spec: spec:
secretStoreRef: secretStoreRef:
kind: ClusterSecretStore kind: ClusterSecretStore
name: vault name: openbao
data: data:
- secretKey: key - secretKey: key
remoteRef: remoteRef:

10
clusters/cl01tl/manifests/dawarich/ExternalSecret-dawarich-oidc-secret.yaml → clusters/cl01tl/manifests/dawarich/ExternalSecret-dawarich-oidc-authentik.yaml
View File

@@ -1,22 +1,22 @@
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: dawarich-oidc-secret name: dawarich-oidc-authentik
namespace: dawarich namespace: dawarich
labels: labels:
app.kubernetes.io/name: dawarich-oidc-secret app.kubernetes.io/name: dawarich/templates/external-secret.yaml
app.kubernetes.io/instance: dawarich app.kubernetes.io/instance: dawarich
app.kubernetes.io/part-of: dawarich app.kubernetes.io/part-of: dawarich
spec: spec:
secretStoreRef: secretStoreRef:
kind: ClusterSecretStore kind: ClusterSecretStore
name: vault name: openbao
data: data:
- secretKey: client - secretKey: client
remoteRef: remoteRef:
key: /authentik/oidc/dawarich key: /cl01tl/authentik/oidc/dawarich
property: client property: client
- secretKey: secret - secretKey: secret
remoteRef: remoteRef:
key: /authentik/oidc/dawarich key: /cl01tl/authentik/oidc/dawarich
property: secret property: secret