Merge pull request 'tmp/openbao-2' (#5983) from tmp/openbao-2 into main
Reviewed-on: #5983
This commit was merged in pull request #5983.
This commit is contained in:
@@ -106,6 +106,7 @@ blocky:
|
|||||||
audiobookshelf IN CNAME traefik-cl01tl
|
audiobookshelf IN CNAME traefik-cl01tl
|
||||||
authentik IN CNAME traefik-cl01tl
|
authentik IN CNAME traefik-cl01tl
|
||||||
backrest IN CNAME traefik-cl01tl
|
backrest IN CNAME traefik-cl01tl
|
||||||
|
bao IN CNAME traefik-cl01tl
|
||||||
bazarr IN CNAME traefik-cl01tl
|
bazarr IN CNAME traefik-cl01tl
|
||||||
ceph IN CNAME traefik-cl01tl
|
ceph IN CNAME traefik-cl01tl
|
||||||
dawarich IN CNAME traefik-cl01tl
|
dawarich IN CNAME traefik-cl01tl
|
||||||
@@ -141,7 +142,6 @@ blocky:
|
|||||||
objects IN CNAME traefik-cl01tl
|
objects IN CNAME traefik-cl01tl
|
||||||
ollama IN CNAME traefik-cl01tl
|
ollama IN CNAME traefik-cl01tl
|
||||||
omni-tools IN CNAME traefik-cl01tl
|
omni-tools IN CNAME traefik-cl01tl
|
||||||
openbao IN CNAME traefik-cl01tl
|
|
||||||
paperless-ngx IN CNAME traefik-cl01tl
|
paperless-ngx IN CNAME traefik-cl01tl
|
||||||
plex IN CNAME traefik-cl01tl
|
plex IN CNAME traefik-cl01tl
|
||||||
postiz-spotlight IN CNAME traefik-cl01tl
|
postiz-spotlight IN CNAME traefik-cl01tl
|
||||||
|
|||||||
@@ -267,7 +267,7 @@ gatus:
|
|||||||
url: https://vault.alexlebens.net
|
url: https://vault.alexlebens.net
|
||||||
<<: *defaults
|
<<: *defaults
|
||||||
- name: openbao
|
- name: openbao
|
||||||
url: https://openbao.alexlebens.net
|
url: https://bao.alexlebens.net
|
||||||
<<: *defaults
|
<<: *defaults
|
||||||
- name: backrest
|
- name: backrest
|
||||||
url: https://backrest.alexlebens.net
|
url: https://backrest.alexlebens.net
|
||||||
|
|||||||
@@ -640,7 +640,7 @@ homepage:
|
|||||||
- Secrets:
|
- Secrets:
|
||||||
icon: sh-openbao.webp
|
icon: sh-openbao.webp
|
||||||
description: OpenBao
|
description: OpenBao
|
||||||
href: https://openbao.alexlebens.net
|
href: https://bao.alexlebens.net
|
||||||
siteMonitor: http://openbao.openbao:8200
|
siteMonitor: http://openbao.openbao:8200
|
||||||
statusStyle: dot
|
statusStyle: dot
|
||||||
namespace: openbao
|
namespace: openbao
|
||||||
|
|||||||
11
clusters/cl01tl/helm/openbao/templates/namespace.yaml
Normal file
11
clusters/cl01tl/helm/openbao/templates/namespace.yaml
Normal file
@@ -0,0 +1,11 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: openbao
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: openbao
|
||||||
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
|
pod-security.kubernetes.io/audit: privileged
|
||||||
|
pod-security.kubernetes.io/enforce: privileged
|
||||||
|
pod-security.kubernetes.io/warn: privileged
|
||||||
@@ -18,7 +18,7 @@ openbao:
|
|||||||
tlsRoute:
|
tlsRoute:
|
||||||
enabled: true
|
enabled: true
|
||||||
hosts:
|
hosts:
|
||||||
- vault.alexlebens.net
|
- bao.alexlebens.net
|
||||||
apiVersion: gateway.networking.k8s.io/v1
|
apiVersion: gateway.networking.k8s.io/v1
|
||||||
parentRefs:
|
parentRefs:
|
||||||
- group: gateway.networking.k8s.io
|
- group: gateway.networking.k8s.io
|
||||||
@@ -58,13 +58,13 @@ openbao:
|
|||||||
storage "raft" {
|
storage "raft" {
|
||||||
path = "/openbao/data"
|
path = "/openbao/data"
|
||||||
retry_join {
|
retry_join {
|
||||||
leader_api_addr = "http://openbao-0.openbao-internal:8201"
|
leader_api_addr = "http://openbao-0.openbao-internal:8200"
|
||||||
}
|
}
|
||||||
retry_join {
|
retry_join {
|
||||||
leader_api_addr = "http://openbao-1.openbao-internal:8201"
|
leader_api_addr = "http://openbao-1.openbao-internal:8200"
|
||||||
}
|
}
|
||||||
retry_join {
|
retry_join {
|
||||||
leader_api_addr = "http://openbao-2.openbao-internal:8201"
|
leader_api_addr = "http://openbao-2.openbao-internal:8200"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -83,6 +83,7 @@ customDNS:
|
|||||||
audiobookshelf IN CNAME traefik-cl01tl
|
audiobookshelf IN CNAME traefik-cl01tl
|
||||||
authentik IN CNAME traefik-cl01tl
|
authentik IN CNAME traefik-cl01tl
|
||||||
backrest IN CNAME traefik-cl01tl
|
backrest IN CNAME traefik-cl01tl
|
||||||
|
bao IN CNAME traefik-cl01tl
|
||||||
bazarr IN CNAME traefik-cl01tl
|
bazarr IN CNAME traefik-cl01tl
|
||||||
ceph IN CNAME traefik-cl01tl
|
ceph IN CNAME traefik-cl01tl
|
||||||
dawarich IN CNAME traefik-cl01tl
|
dawarich IN CNAME traefik-cl01tl
|
||||||
|
|||||||
@@ -104,6 +104,7 @@ customDNS:
|
|||||||
audiobookshelf IN CNAME traefik-cl01tl
|
audiobookshelf IN CNAME traefik-cl01tl
|
||||||
authentik IN CNAME traefik-cl01tl
|
authentik IN CNAME traefik-cl01tl
|
||||||
backrest IN CNAME traefik-cl01tl
|
backrest IN CNAME traefik-cl01tl
|
||||||
|
bao IN CNAME traefik-cl01tl
|
||||||
bazarr IN CNAME traefik-cl01tl
|
bazarr IN CNAME traefik-cl01tl
|
||||||
ceph IN CNAME traefik-cl01tl
|
ceph IN CNAME traefik-cl01tl
|
||||||
dawarich IN CNAME traefik-cl01tl
|
dawarich IN CNAME traefik-cl01tl
|
||||||
|
|||||||
Reference in New Issue
Block a user