diff --git a/clusters/cl01tl/services/external-dns/Chart.yaml b/clusters/cl01tl/services/external-dns/Chart.yaml new file mode 100644 index 000000000..aaac31e63 --- /dev/null +++ b/clusters/cl01tl/services/external-dns/Chart.yaml @@ -0,0 +1,22 @@ +apiVersion: v2 +name: external-dns +version: 1.0.0 +description: External DNS +keywords: + - external-dns + - dns + - unifi + - kubernetes +home: https://wiki.alexlebens.dev/doc/external-dns-Zdhuh9NAT1 +sources: + - https://github.com/kubernetes-sigs/external-dns + - https://github.com/kubernetes-sigs/external-dns/tree/master/charts/external-dns +maintainers: + - name: alexlebens +dependencies: + - name: external-dns + alias: external-dns-unifi + version: 1.15.2 + repository: https://kubernetes-sigs.github.io/external-dns/ +icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/kubernetes.png +appVersion: 1.15.0 diff --git a/clusters/cl01tl/services/external-dns/templates/dns-endpoint.yaml b/clusters/cl01tl/services/external-dns/templates/dns-endpoint.yaml new file mode 100644 index 000000000..fceae03f4 --- /dev/null +++ b/clusters/cl01tl/services/external-dns/templates/dns-endpoint.yaml @@ -0,0 +1,160 @@ +apiVersion: externaldns.k8s.io/v1alpha1 +kind: DNSEndpoint +metadata: + name: external-device-names + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: external-device-names + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: networking + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + endpoints: + # Unifi UDM + - dnsName: unifi.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 192.168.1.1 + # Synology Web + - dnsName: synology.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 10.232.1.61 + # Synology Storage + - dnsName: synologybond.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 10.232.1.64 + # HD Homerun + - dnsName: hdhr.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 10.232.1.72 + # Pi KVM + - dnsName: pikvm.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 10.232.1.71 + +--- +apiVersion: externaldns.k8s.io/v1alpha1 +kind: DNSEndpoint +metadata: + name: iot-device-names + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: iot-device-names + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: networking + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + endpoints: + # Airgradient + - dnsName: it01ag.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 10.232.1.83 + # Phillips Hue + - dnsName: it02ph.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 10.232.1.85 + # TubesZB ZigBee + - dnsName: it03tb.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 10.232.1.81 + # TubesZB Z-Wave + - dnsName: it04tb.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 10.232.1.82 + +--- +apiVersion: externaldns.k8s.io/v1alpha1 +kind: DNSEndpoint +metadata: + name: server-host-names + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: server-host-names + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: networking + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + endpoints: + # Unifi Gateway + - dnsName: nw01un.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 192.168.1.1 + # Synology + - dnsName: ps02sn.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 10.232.1.61 + # Synology Storage + - dnsName: ps02sn-bond.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 10.232.1.64 + # Raspberry Pi + - dnsName: ps08rp.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 10.232.1.51 + # Raspberry Pi + - dnsName: ps09rp.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 10.232.1.52 + +--- +apiVersion: externaldns.k8s.io/v1alpha1 +kind: DNSEndpoint +metadata: + name: cluster-service-names + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: cluster-service-names + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: networking + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + endpoints: + # Treafik Proxy + - dnsName: traefik-cl01tl.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 10.232.1.21 + # Treafik Proxy + - dnsName: blocky.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 10.232.1.22 + # Treafik Proxy + - dnsName: plex.alexlebens.net + recordTTL: 180 + recordType: A + targets: + - 10.232.1.23 diff --git a/clusters/cl01tl/services/external-dns/templates/external-secret.yaml b/clusters/cl01tl/services/external-dns/templates/external-secret.yaml new file mode 100644 index 000000000..2972b6460 --- /dev/null +++ b/clusters/cl01tl/services/external-dns/templates/external-secret.yaml @@ -0,0 +1,23 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: external-dns-unifi-secret + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: external-dns-unifi-secret + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: web + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + data: + - secretKey: api-key + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /unifi/auth/cl01tl + metadataPolicy: None + property: api-key diff --git a/clusters/cl01tl/services/external-dns/values.yaml b/clusters/cl01tl/services/external-dns/values.yaml new file mode 100644 index 000000000..1968e59ba --- /dev/null +++ b/clusters/cl01tl/services/external-dns/values.yaml @@ -0,0 +1,46 @@ +external-dns-unifi: + fullnameOverride: external-dns-unifi + serviceMonitor: + enabled: true + interval: 1m + sources: + - ingress + - crd + - gateway-httproute + - gateway-tlsroute + policy: sync + registry: txt + txtOwnerId: default + txtPrefix: k8s. + domainFilters: ["alexlebens.net"] + excludeDomains: [] + provider: + name: webhook + webhook: + image: + repository: ghcr.io/kashalls/external-dns-unifi-webhook + tag: v0.4.2 + env: + - name: UNIFI_HOST + value: https://192.168.1.1 + - name: UNIFI_API_KEY + valueFrom: + secretKeyRef: + name: external-dns-unifi-secret + key: api-key + - name: LOG_LEVEL + value: debug + livenessProbe: + httpGet: + path: /healthz + port: http-webhook + initialDelaySeconds: 10 + timeoutSeconds: 5 + readinessProbe: + httpGet: + path: /readyz + port: http-webhook + initialDelaySeconds: 10 + timeoutSeconds: 5 + extraArgs: + - --ignore-ingress-tls-spec diff --git a/clusters/cl01tl/services/kubernetes-cloudflare-ddns/Chart.yaml b/clusters/cl01tl/services/kubernetes-cloudflare-ddns/Chart.yaml new file mode 100644 index 000000000..075f3d578 --- /dev/null +++ b/clusters/cl01tl/services/kubernetes-cloudflare-ddns/Chart.yaml @@ -0,0 +1,23 @@ +apiVersion: v2 +name: kubernetes-cloudflare-ddns +version: 1.0.0 +description: Kubernetes Cloudflare DDNS +keywords: + - kubernetes-cloudflare-ddns + - cloudflare + - ddns + - kubernetes +home: https://wiki.alexlebens.dev/doc/kubernetes-ddns-STOtBY6W6q +sources: + - c + - https://hub.docker.com/r/kubitodev/kubernetes-cloudflare-ddns + - https://github.com/bjw-s/helm-charts/blob/main/charts/other/app-template/values.yaml +maintainers: + - name: alexlebens +dependencies: + - name: app-template + alias: kubernetes-cloudflare-ddns + repository: https://bjw-s.github.io/helm-charts/ + version: 3.7.1 +icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/cloudflare.png +appVersion: "2.0.0" diff --git a/clusters/cl01tl/services/kubernetes-cloudflare-ddns/templates/external-secret.yaml b/clusters/cl01tl/services/kubernetes-cloudflare-ddns/templates/external-secret.yaml new file mode 100644 index 000000000..c3961e889 --- /dev/null +++ b/clusters/cl01tl/services/kubernetes-cloudflare-ddns/templates/external-secret.yaml @@ -0,0 +1,44 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: kubernetes-cloudflare-ddns-secret + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: kubernetes-cloudflare-ddns-secret + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: web + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + data: + - secretKey: AUTH_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cloudflare/alexlebens.net/ddns + metadataPolicy: None + property: token + - secretKey: NAME + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cloudflare/alexlebens.net/ddns + metadataPolicy: None + property: name + - secretKey: RECORD_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cloudflare/alexlebens.net/ddns + metadataPolicy: None + property: record-id + - secretKey: ZONE_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cloudflare/alexlebens.net/ddns + metadataPolicy: None + property: zone-id diff --git a/clusters/cl01tl/services/kubernetes-cloudflare-ddns/values.yaml b/clusters/cl01tl/services/kubernetes-cloudflare-ddns/values.yaml new file mode 100644 index 000000000..818ea2b50 --- /dev/null +++ b/clusters/cl01tl/services/kubernetes-cloudflare-ddns/values.yaml @@ -0,0 +1,29 @@ +kubernetes-cloudflare-ddns: + controllers: + main: + type: cronjob + cronjob: + suspend: false + concurrencyPolicy: Forbid + timeZone: US/Central + schedule: "0 0 * * *" + startingDeadlineSeconds: 90 + successfulJobsHistory: 3 + failedJobsHistory: 3 + backoffLimit: 3 + parallelism: 1 + containers: + main: + image: + repository: kubitodev/kubernetes-cloudflare-ddns + tag: 2.0.0 + pullPolicy: IfNotPresent + envFrom: + - secretRef: + name: kubernetes-cloudflare-ddns-secret + resources: + requests: + cpu: 10m + memory: 128Mi + serviceAccount: + create: true