alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 5 Actions Activity

Merge pull request 'Automated Manifest Update' (#6077) from auto/update-manifests into manifests

Browse Source 
Reviewed-on: #6077
This commit was merged in pull request #6077.
This commit is contained in:
Alex Lebens
2026-04-19 20:58:24 +00:00
parent a724525e10 d959190abc
commit 8e2b9261b1
5 changed files with 67 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
clusters/cl01tl/manifests/slskd/Deployment-slskd.yaml
View File

@@ -61,29 +61,14 @@ spec:
containers: containers:
- env: - env:
- name: VPN_SERVICE_PROVIDER - name: VPN_SERVICE_PROVIDER
value: airvpn value: protonvpn
- name: VPN_TYPE - name: VPN_TYPE
value: wireguard value: wireguard
- name: WIREGUARD_PRIVATE_KEY - name: WIREGUARD_PRIVATE_KEY
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
key: private-key key: private-key
name: slskd-wireguard-conf name: protonvpn-wireguard-conf
- name: WIREGUARD_PRESHARED_KEY
valueFrom:
secretKeyRef:
key: preshared-key
name: slskd-wireguard-conf
- name: WIREGUARD_ADDRESSES
valueFrom:
secretKeyRef:
key: addresses
name: slskd-wireguard-conf
- name: FIREWALL_VPN_INPUT_PORTS
valueFrom:
secretKeyRef:
key: input-ports
name: slskd-wireguard-conf
- name: FIREWALL_OUTBOUND_SUBNETS - name: FIREWALL_OUTBOUND_SUBNETS
value: 192.168.1.0/24,10.244.0.0/16 value: 192.168.1.0/24,10.244.0.0/16
- name: FIREWALL_INPUT_PORTS - name: FIREWALL_INPUT_PORTS
@@ -153,6 +138,9 @@ spec:
- name: data - name: data
persistentVolumeClaim: persistentVolumeClaim:
claimName: slskd-nfs-storage claimName: slskd-nfs-storage
- name: slskd-config - csi:
secret: driver: secrets-store.csi.k8s.io
secretName: slskd-config-secret readOnly: true
volumeAttributes:
secretProviderClass: slskd-config-secret
name: slskd-config

18
clusters/cl01tl/manifests/slskd/ExternalSecret-slskd-wireguard-conf.yaml → clusters/cl01tl/manifests/slskd/ExternalSecret-airvpn-wireguard-conf.yaml
View File

@@ -1,30 +1,34 @@
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: slskd-wireguard-conf name: airvpn-wireguard-conf
namespace: slskd namespace: slskd
labels: labels:
app.kubernetes.io/name: slskd-wireguard-conf app.kubernetes.io/name: airvpn-wireguard-conf
app.kubernetes.io/instance: slskd app.kubernetes.io/instance: slskd
app.kubernetes.io/part-of: slskd app.kubernetes.io/part-of: slskd
spec: spec:
secretStoreRef: secretStoreRef:
kind: ClusterSecretStore kind: ClusterSecretStore
name: vault name: openbao
data: data:
- secretKey: conf
remoteRef:
key: /airvpn/config
property: conf
- secretKey: private-key - secretKey: private-key
remoteRef: remoteRef:
key: /airvpn/conf/cl01tl key: /airvpn/config
property: private-key property: private-key
- secretKey: preshared-key - secretKey: preshared-key
remoteRef: remoteRef:
key: /airvpn/conf/cl01tl key: /airvpn/config
property: preshared-key property: preshared-key
- secretKey: addresses - secretKey: addresses
remoteRef: remoteRef:
key: /airvpn/conf/cl01tl key: /airvpn/config
property: addresses property: addresses
- secretKey: input-ports - secretKey: input-ports
remoteRef: remoteRef:
key: /airvpn/conf/cl01tl key: /airvpn/config
property: input-ports property: input-ports

30
clusters/cl01tl/manifests/slskd/ExternalSecret-protonvpn-wireguard-conf.yaml Normal file
View File

@@ -0,0 +1,30 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: protonvpn-wireguard-conf
namespace: slskd
labels:
app.kubernetes.io/name: protonvpn-wireguard-conf
app.kubernetes.io/instance: slskd
app.kubernetes.io/part-of: slskd
spec:
secretStoreRef:
kind: ClusterSecretStore
name: openbao
data:
- secretKey: conf
remoteRef:
key: /protonvpn/config
property: conf
- secretKey: email
remoteRef:
key: /protonvpn/config
property: email
- secretKey: password
remoteRef:
key: /protonvpn/config
property: password
- secretKey: private-key
remoteRef:
key: /protonvpn/config
property: private-key

18
clusters/cl01tl/manifests/slskd/ExternalSecret-slskd-config-secret.yaml
View File

@@ -1,18 +0,0 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: slskd-config-secret
namespace: slskd
labels:
app.kubernetes.io/name: slskd-config-secret
app.kubernetes.io/instance: slskd
app.kubernetes.io/part-of: slskd
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: slskd.yml
remoteRef:
key: /cl01tl/slskd/config
property: slskd.yml

18
clusters/cl01tl/manifests/slskd/SecretProviderClass-slskd-config-secret.yaml Normal file
View File

@@ -0,0 +1,18 @@
apiVersion: secrets-store.csi.x-k8s.io/v1alpha1
kind: SecretProviderClass
metadata:
name: slskd-config-secret
namespace: slskd
labels:
app.kubernetes.io/name: slskd-config-secret
app.kubernetes.io/instance: slskd
app.kubernetes.io/part-of: slskd
spec:
provider: openbao
parameters:
roleName: reader
objects: |
- objectName: slskd-config-secret
fileName: slskd.yml
secretPath: cl01tl/slskd/config
secretKey: slskd.yml