add external dns

clusters/cl01tl/services/external-dns/Chart.yaml

@@ -0,0 +1,22 @@
+apiVersion: v2
+name: external-dns
+version: 1.0.0
+description: External DNS
+keywords:
+  - external-dns
+  - dns
+  - unifi
+  - kubernetes
+home: ""
+sources:
+  - https://github.com/kubernetes-sigs/external-dns
+  - https://github.com/kubernetes-sigs/external-dns/tree/master/charts/external-dns
+maintainers:
+  - name: alexlebens
+dependencies:
+  - name: external-dns
+    alias: external-dns-unifi
+    version: 1.14.5
+    repository: https://kubernetes-sigs.github.io/external-dns/
+icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/kubernetes.png
+appVersion: 1.14.5

clusters/cl01tl/services/external-dns/templates/external-secret.yaml

@@ -0,0 +1,30 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: external-dns-unifi-secret
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: external-dns-unifi-secret
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: web
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault
+  data:
+    - secretKey: username
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /unifi/auth
+        metadataPolicy: None
+        property: user
+    - secretKey: password
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /unifi/auth
+        metadataPolicy: None
+        property: password

clusters/cl01tl/services/external-dns/values.yaml

@@ -0,0 +1,49 @@
+external-dns-unifi:
+  fullnameOverride: external-dns-unifi
+  serviceMonitor:
+    enabled: true
+  interval: 1m
+  sources:
+    - ingressRoute
+    - ingress
+  policy: sync
+  registry: txt
+  txtOwnerId: default
+  txtPrefix: k8s.
+  domainFilters: ["alexlebens.net"]
+  excludeDomains: []
+  provider:
+    name: webhook
+    webhook:
+      image:
+        repository: ghcr.io/kashalls/external-dns-unifi-webhook
+        tag: v0.2.0
+      env:
+        - name: UNIFI_HOST
+          value: https://192.168.1.1
+        - name: UNIFI_USER
+          valueFrom:
+            secretKeyRef:
+              name: external-dns-unifi-secret
+              key: username
+        - name: UNIFI_PASS
+          valueFrom:
+            secretKeyRef:
+              name: external-dns-unifi-secret
+              key: password
+        - name: LOG_LEVEL
+          value: debug
+      livenessProbe:
+        httpGet:
+          path: /healthz
+          port: http-wh-metrics
+        initialDelaySeconds: 10
+        timeoutSeconds: 5
+      readinessProbe:
+        httpGet:
+          path: /readyz
+          port: http-wh-metrics
+        initialDelaySeconds: 10
+        timeoutSeconds: 5
+  extraArgs:
+    - --ignore-ingress-tls-spec