feat: add more

2026-04-22 19:14:38 -05:00
parent f0bd248799
commit 5d23f3c391
22 changed files with 252 additions and 201 deletions
--- a/clusters/cl01tl/helm/postiz/templates/external-secret.yaml
+++ b/clusters/cl01tl/helm/postiz/templates/external-secret.yaml
@@ -1,71 +1,21 @@
 apiVersion: external-secrets.io/v1
 kind: ExternalSecret
 metadata:
-  name: postiz-config-secret
+  name: postiz-config
  namespace: {{ .Release.Namespace }}
  labels:
-    app.kubernetes.io/name: postiz-config-secret
+    app.kubernetes.io/name: postiz-config
    {{- include "custom.labels" . | nindent 4 }}
 spec:
  secretStoreRef:
    kind: ClusterSecretStore
-    name: vault
+    name: openbao
  data:
    - secretKey: JWT_SECRET
      remoteRef:
        key: /cl01tl/postiz/config
        property: JWT_SECRET

---
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: postiz-oidc-secret
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: postiz-oidc-secret
-    {{- include "custom.labels" . | nindent 4 }}
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault
-  data:
-    - secretKey: client
-      remoteRef:
-        key: /authentik/oidc/postiz
-        property: client
-    - secretKey: secret
-      remoteRef:
-        key: /authentik/oidc/postiz
-        property: secret
-
---
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: postiz-elasticsearch-secret
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: postiz-elasticsearch-secret
-    {{- include "custom.labels" . | nindent 4 }}
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault
-  data:
-    - secretKey: username
-      remoteRef:
-        key: /cl01tl/postiz/elasticsearch
-        property: username
-    - secretKey: password
-      remoteRef:
-        key: /cl01tl/postiz/elasticsearch
-        property: password
-    - secretKey: roles
-      remoteRef:
-        key: /cl01tl/postiz/elasticsearch
-        property: roles
-
 ---
 apiVersion: external-secrets.io/v1
 kind: ExternalSecret
@@ -78,7 +28,7 @@ metadata:
 spec:
  secretStoreRef:
    kind: ClusterSecretStore
-    name: vault
+    name: openbao
  data:
    - secretKey: REDIS_URL
      remoteRef:
@@ -96,3 +46,26 @@ spec:
      remoteRef:
        key: /cl01tl/postiz/valkey
        property: password
+
+---
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: postiz-oidc-authentik
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: postiz-oidc-authentik
+    {{- include "custom.labels" . | nindent 4 }}
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: openbao
+  data:
+    - secretKey: client
+      remoteRef:
+        key: /cl01tl/authentik/oidc/postiz
+        property: client
+    - secretKey: secret
+      remoteRef:
+        key: /cl01tl/authentik/oidc/postiz
+        property: secret