feat: add more
This commit is contained in:
@@ -12,3 +12,10 @@ Selector labels
|
|||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
{{/*
|
||||||
|
NFS names
|
||||||
|
*/}}
|
||||||
|
{{- define "custom.storageNfsName" -}}
|
||||||
|
radarr-4k-nfs-storage
|
||||||
|
{{- end -}}
|
||||||
|
|||||||
@@ -1,13 +1,13 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolumeClaim
|
kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: radarr-4k-nfs-storage
|
name: {{ include "custom.storageNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: radarr-4k-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
volumeName: radarr-4k-nfs-storage
|
volumeName: {{ include "custom.storageNfsName" . }}
|
||||||
storageClassName: nfs-client
|
storageClassName: nfs-client
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
|
|||||||
@@ -1,10 +1,10 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolume
|
kind: PersistentVolume
|
||||||
metadata:
|
metadata:
|
||||||
name: radarr-4k-nfs-storage
|
name: {{ include "custom.storageNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: radarr-4k-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
persistentVolumeReclaimPolicy: Retain
|
persistentVolumeReclaimPolicy: Retain
|
||||||
|
|||||||
@@ -12,3 +12,10 @@ Selector labels
|
|||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
{{/*
|
||||||
|
NFS names
|
||||||
|
*/}}
|
||||||
|
{{- define "custom.storageNfsName" -}}
|
||||||
|
radarr-anime-nfs-storage
|
||||||
|
{{- end -}}
|
||||||
|
|||||||
@@ -1,13 +1,13 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolumeClaim
|
kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: radarr-anime-nfs-storage
|
name: {{ include "custom.storageNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: radarr-anime-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
volumeName: radarr-anime-nfs-storage
|
volumeName: {{ include "custom.storageNfsName" . }}
|
||||||
storageClassName: nfs-client
|
storageClassName: nfs-client
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
|
|||||||
@@ -1,10 +1,10 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolume
|
kind: PersistentVolume
|
||||||
metadata:
|
metadata:
|
||||||
name: radarr-anime-nfs-storage
|
name: {{ include "custom.storageNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: radarr-anime-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
persistentVolumeReclaimPolicy: Retain
|
persistentVolumeReclaimPolicy: Retain
|
||||||
|
|||||||
@@ -12,3 +12,10 @@ Selector labels
|
|||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
{{/*
|
||||||
|
NFS names
|
||||||
|
*/}}
|
||||||
|
{{- define "custom.storageNfsName" -}}
|
||||||
|
radarr-standup-nfs-storage
|
||||||
|
{{- end -}}
|
||||||
|
|||||||
@@ -1,13 +1,13 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolumeClaim
|
kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: radarr-standup-nfs-storage
|
name: {{ include "custom.storageNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: radarr-standup-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
volumeName: radarr-standup-nfs-storage
|
volumeName: {{ include "custom.storageNfsName" . }}
|
||||||
storageClassName: nfs-client
|
storageClassName: nfs-client
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
|
|||||||
@@ -1,10 +1,10 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolume
|
kind: PersistentVolume
|
||||||
metadata:
|
metadata:
|
||||||
name: radarr-standup-nfs-storage
|
name: {{ include "custom.storageNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: radarr-standup-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
persistentVolumeReclaimPolicy: Retain
|
persistentVolumeReclaimPolicy: Retain
|
||||||
|
|||||||
@@ -12,3 +12,10 @@ Selector labels
|
|||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
{{/*
|
||||||
|
NFS names
|
||||||
|
*/}}
|
||||||
|
{{- define "custom.storageNfsName" -}}
|
||||||
|
radarr-nfs-storage
|
||||||
|
{{- end -}}
|
||||||
|
|||||||
@@ -1,13 +1,13 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolumeClaim
|
kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: radarr-nfs-storage
|
name: {{ include "custom.storageNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: radarr-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
volumeName: radarr-nfs-storage
|
volumeName: {{ include "custom.storageNfsName" . }}
|
||||||
storageClassName: nfs-client
|
storageClassName: nfs-client
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
|
|||||||
@@ -1,10 +1,10 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: PersistentVolume
|
kind: PersistentVolume
|
||||||
metadata:
|
metadata:
|
||||||
name: radarr-nfs-storage
|
name: {{ include "custom.storageNfsName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: radarr-nfs-storage
|
app.kubernetes.io/name: {{ include "custom.storageNfsName" . }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
persistentVolumeReclaimPolicy: Retain
|
persistentVolumeReclaimPolicy: Retain
|
||||||
|
|||||||
@@ -9,7 +9,7 @@ metadata:
|
|||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: vault
|
name: openbao
|
||||||
data:
|
data:
|
||||||
- secretKey: ACCESS_KEY_ID
|
- secretKey: ACCESS_KEY_ID
|
||||||
remoteRef:
|
remoteRef:
|
||||||
@@ -25,12 +25,12 @@ spec:
|
|||||||
property: ACCESS_SECRET_KEY
|
property: ACCESS_SECRET_KEY
|
||||||
- secretKey: SRC_ENDPOINT
|
- secretKey: SRC_ENDPOINT
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /garage/config/local
|
key: /garage/config
|
||||||
property: ENDPOINT
|
property: ENDPOINT_LOCAL
|
||||||
- secretKey: DEST_ENDPOINT
|
- secretKey: DEST_ENDPOINT
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /garage/config/remote
|
key: /garage/config
|
||||||
property: ENDPOINT
|
property: ENDPOINT_REMOTE
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
@@ -60,12 +60,12 @@ spec:
|
|||||||
property: ACCESS_SECRET_KEY
|
property: ACCESS_SECRET_KEY
|
||||||
- secretKey: SRC_ENDPOINT
|
- secretKey: SRC_ENDPOINT
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /garage/config/local
|
key: /garage/config
|
||||||
property: ENDPOINT
|
property: ENDPOINT_LOCAL
|
||||||
- secretKey: DEST_ENDPOINT
|
- secretKey: DEST_ENDPOINT
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /garage/config/remote
|
key: /garage/config
|
||||||
property: ENDPOINT
|
property: ENDPOINT_REMOTE
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
@@ -95,12 +95,12 @@ spec:
|
|||||||
property: ACCESS_SECRET_KEY
|
property: ACCESS_SECRET_KEY
|
||||||
- secretKey: SRC_ENDPOINT
|
- secretKey: SRC_ENDPOINT
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /garage/config/local
|
key: /garage/config
|
||||||
property: ENDPOINT
|
property: ENDPOINT_LOCAL
|
||||||
- secretKey: DEST_ENDPOINT
|
- secretKey: DEST_ENDPOINT
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /garage/config/remote
|
key: /garage/config
|
||||||
property: ENDPOINT
|
property: ENDPOINT_REMOTE
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
@@ -130,12 +130,12 @@ spec:
|
|||||||
property: ACCESS_SECRET_KEY
|
property: ACCESS_SECRET_KEY
|
||||||
- secretKey: SRC_ENDPOINT
|
- secretKey: SRC_ENDPOINT
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /garage/config/local
|
key: /garage/config
|
||||||
property: ENDPOINT
|
property: ENDPOINT_LOCAL
|
||||||
- secretKey: DEST_ENDPOINT
|
- secretKey: DEST_ENDPOINT
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /garage/config/remote
|
key: /garage/config
|
||||||
property: ENDPOINT
|
property: ENDPOINT_REMOTE
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
@@ -165,12 +165,12 @@ spec:
|
|||||||
property: ACCESS_SECRET_KEY
|
property: ACCESS_SECRET_KEY
|
||||||
- secretKey: SRC_ENDPOINT
|
- secretKey: SRC_ENDPOINT
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /garage/config/local
|
key: /garage/config
|
||||||
property: ENDPOINT
|
property: ENDPOINT_LOCAL
|
||||||
- secretKey: DEST_ENDPOINT
|
- secretKey: DEST_ENDPOINT
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /garage/config/remote
|
key: /garage/config
|
||||||
property: ENDPOINT
|
property: ENDPOINT_REMOTE
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
@@ -200,12 +200,12 @@ spec:
|
|||||||
property: ACCESS_SECRET_KEY
|
property: ACCESS_SECRET_KEY
|
||||||
- secretKey: SRC_ENDPOINT
|
- secretKey: SRC_ENDPOINT
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /garage/config/local
|
key: /garage/config
|
||||||
property: ENDPOINT
|
property: ENDPOINT_LOCAL
|
||||||
- secretKey: DEST_ENDPOINT
|
- secretKey: DEST_ENDPOINT
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /garage/config/remote
|
key: /garage/config
|
||||||
property: ENDPOINT
|
property: ENDPOINT_REMOTE
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
@@ -235,11 +235,11 @@ spec:
|
|||||||
property: ACCESS_SECRET_KEY
|
property: ACCESS_SECRET_KEY
|
||||||
- secretKey: ENDPOINT_LOCAL
|
- secretKey: ENDPOINT_LOCAL
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /garage/home-infra/openbao-backups
|
key: /garage/config
|
||||||
property: ENDPOINT_LOCAL
|
property: ENDPOINT_LOCAL
|
||||||
- secretKey: ENDPOINT_REMOTE
|
- secretKey: ENDPOINT_REMOTE
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /garage/home-infra/openbao-backups
|
key: /garage/config
|
||||||
property: ENDPOINT_REMOTE
|
property: ENDPOINT_REMOTE
|
||||||
|
|
||||||
---
|
---
|
||||||
@@ -268,7 +268,3 @@ spec:
|
|||||||
remoteRef:
|
remoteRef:
|
||||||
key: /digital-ocean/home-infra/openbao-backups
|
key: /digital-ocean/home-infra/openbao-backups
|
||||||
property: ACCESS_SECRET_KEY
|
property: ACCESS_SECRET_KEY
|
||||||
- secretKey: ENDPOINT
|
|
||||||
remoteRef:
|
|
||||||
key: /digital-ocean/home-infra/openbao-backups
|
|
||||||
property: ENDPOINT
|
|
||||||
|
|||||||
@@ -747,10 +747,7 @@ rclone:
|
|||||||
name: external-openbao-backups-secret
|
name: external-openbao-backups-secret
|
||||||
key: ACCESS_REGION
|
key: ACCESS_REGION
|
||||||
- name: RCLONE_CONFIG_DEST_ENDPOINT
|
- name: RCLONE_CONFIG_DEST_ENDPOINT
|
||||||
valueFrom:
|
value: https://nyc3.digitaloceanspaces.com
|
||||||
secretKeyRef:
|
|
||||||
name: external-openbao-backups-secret
|
|
||||||
key: ENDPOINT
|
|
||||||
- name: RCLONE_CONFIG_DEST_S3_FORCE_PATH_STYLE
|
- name: RCLONE_CONFIG_DEST_S3_FORCE_PATH_STYLE
|
||||||
value: true
|
value: true
|
||||||
prune:
|
prune:
|
||||||
@@ -786,9 +783,6 @@ rclone:
|
|||||||
name: external-openbao-backups-secret
|
name: external-openbao-backups-secret
|
||||||
key: ACCESS_REGION
|
key: ACCESS_REGION
|
||||||
- name: RCLONE_CONFIG_DEST_ENDPOINT
|
- name: RCLONE_CONFIG_DEST_ENDPOINT
|
||||||
valueFrom:
|
value: https://nyc3.digitaloceanspaces.com
|
||||||
secretKeyRef:
|
|
||||||
name: external-openbao-backups-secret
|
|
||||||
key: ENDPOINT
|
|
||||||
- name: RCLONE_CONFIG_DEST_S3_FORCE_PATH_STYLE
|
- name: RCLONE_CONFIG_DEST_S3_FORCE_PATH_STYLE
|
||||||
value: true
|
value: true
|
||||||
|
|||||||
@@ -5,7 +5,7 @@ description: Reloader
|
|||||||
keywords:
|
keywords:
|
||||||
- reloader
|
- reloader
|
||||||
- config-map
|
- config-map
|
||||||
home: https://docs.alexlebens.dev/applications/rclone/
|
home: https://docs.alexlebens.dev/applications/reloader/
|
||||||
sources:
|
sources:
|
||||||
- https://github.com/stakater/Reloader
|
- https://github.com/stakater/Reloader
|
||||||
- https://github.com/stakater/Reloader/tree/master/deployments/kubernetes/chart/reloader
|
- https://github.com/stakater/Reloader/tree/master/deployments/kubernetes/chart/reloader
|
||||||
|
|||||||
@@ -1,9 +1,9 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Namespace
|
kind: Namespace
|
||||||
metadata:
|
metadata:
|
||||||
name: rook-ceph
|
name: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: rook-ceph
|
app.kubernetes.io/name: {{ .Release.Namespace }}
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
pod-security.kubernetes.io/audit: privileged
|
pod-security.kubernetes.io/audit: privileged
|
||||||
pod-security.kubernetes.io/enforce: privileged
|
pod-security.kubernetes.io/enforce: privileged
|
||||||
|
|||||||
@@ -1,17 +1,17 @@
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: roundcube-key-secret
|
name: roundcube-key
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: roundcube-key-secret
|
app.kubernetes.io/name: roundcube-key
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: vault
|
name: openbao
|
||||||
data:
|
data:
|
||||||
- secretKey: DES_KEY
|
- secretKey: DES_KEY
|
||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/roundcube/key
|
key: /cl01tl/roundcube/key
|
||||||
property: DES_KEY
|
property: des-key
|
||||||
|
|||||||
@@ -35,7 +35,7 @@ roundcube:
|
|||||||
- name: ROUNDCUBEMAIL_DES_KEY
|
- name: ROUNDCUBEMAIL_DES_KEY
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: roundcube-key-secret
|
name: roundcube-key
|
||||||
key: DES_KEY
|
key: DES_KEY
|
||||||
- name: ROUNDCUBEMAIL_DEFAULT_HOST
|
- name: ROUNDCUBEMAIL_DEFAULT_HOST
|
||||||
value: stalwart.stalwart
|
value: stalwart.stalwart
|
||||||
|
|||||||
@@ -1,15 +1,38 @@
|
|||||||
apiVersion: external-secrets.io/v1
|
apiVersion: external-secrets.io/v1
|
||||||
kind: ExternalSecret
|
kind: ExternalSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: rybbit-config-secret
|
name: rybbit-config
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: rybbit-config-secret
|
app.kubernetes.io/name: rybbit-config
|
||||||
{{- include "custom.labels" . | nindent 4 }}
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
secretStoreRef:
|
secretStoreRef:
|
||||||
kind: ClusterSecretStore
|
kind: ClusterSecretStore
|
||||||
name: vault
|
name: openbao
|
||||||
|
data:
|
||||||
|
- secretKey: better-auth-secret
|
||||||
|
remoteRef:
|
||||||
|
key: /cl01tl/rybbit/config
|
||||||
|
property: better-auth-secret
|
||||||
|
- secretKey: mapbox-token
|
||||||
|
remoteRef:
|
||||||
|
key: /cl01tl/rybbit/config
|
||||||
|
property: mapbox-token
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: rybbit-clickhouse-config
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: rybbit-clickhouse-config
|
||||||
|
{{- include "custom.labels" . | nindent 4 }}
|
||||||
|
spec:
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: openbao
|
||||||
data:
|
data:
|
||||||
- secretKey: clickhouse-user
|
- secretKey: clickhouse-user
|
||||||
remoteRef:
|
remoteRef:
|
||||||
@@ -19,11 +42,3 @@ spec:
|
|||||||
remoteRef:
|
remoteRef:
|
||||||
key: /cl01tl/rybbit/clickhouse
|
key: /cl01tl/rybbit/clickhouse
|
||||||
property: password
|
property: password
|
||||||
- secretKey: better-auth-secret
|
|
||||||
remoteRef:
|
|
||||||
key: /cl01tl/rybbit/auth
|
|
||||||
property: better-auth-secret
|
|
||||||
- secretKey: mapbox-token
|
|
||||||
remoteRef:
|
|
||||||
key: /cl01tl/rybbit/auth
|
|
||||||
property: mapbox-token
|
|
||||||
|
|||||||
@@ -19,12 +19,12 @@ rybbit:
|
|||||||
- name: CLICKHOUSE_USER
|
- name: CLICKHOUSE_USER
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: rybbit-config-secret
|
name: rybbit-clickhouse-config
|
||||||
key: clickhouse-user
|
key: clickhouse-user
|
||||||
- name: CLICKHOUSE_PASSWORD
|
- name: CLICKHOUSE_PASSWORD
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: rybbit-config-secret
|
name: rybbit-clickhouse-config
|
||||||
key: clickhouse-password
|
key: clickhouse-password
|
||||||
- name: POSTGRES_HOST
|
- name: POSTGRES_HOST
|
||||||
valueFrom:
|
valueFrom:
|
||||||
@@ -54,7 +54,7 @@ rybbit:
|
|||||||
- name: BETTER_AUTH_SECRET
|
- name: BETTER_AUTH_SECRET
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: rybbit-config-secret
|
name: rybbit-config
|
||||||
key: better-auth-secret
|
key: better-auth-secret
|
||||||
- name: BASE_URL
|
- name: BASE_URL
|
||||||
value: https://rybbit.alexlebens.dev
|
value: https://rybbit.alexlebens.dev
|
||||||
@@ -65,7 +65,7 @@ rybbit:
|
|||||||
- name: MAPBOX_TOKEN
|
- name: MAPBOX_TOKEN
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: rybbit-config-secret
|
name: rybbit-config
|
||||||
key: mapbox-token
|
key: mapbox-token
|
||||||
probes:
|
probes:
|
||||||
liveness:
|
liveness:
|
||||||
@@ -119,12 +119,12 @@ rybbit:
|
|||||||
- name: CLICKHOUSE_USER
|
- name: CLICKHOUSE_USER
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: rybbit-config-secret
|
name: rybbit-clickhouse-config
|
||||||
key: clickhouse-user
|
key: clickhouse-user
|
||||||
- name: CLICKHOUSE_PASSWORD
|
- name: CLICKHOUSE_PASSWORD
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: rybbit-config-secret
|
name: rybbit-clickhouse-config
|
||||||
key: clickhouse-password
|
key: clickhouse-password
|
||||||
probes:
|
probes:
|
||||||
liveness:
|
liveness:
|
||||||
|
|||||||
Reference in New Issue
Block a user