From 9d56e5bd7403130bdbb42a7faf1bfddfe861aebc Mon Sep 17 00:00:00 2001
From: alexlebens <alexanderlebens@gmail.com>
Date: Mon, 19 Aug 2024 20:29:33 -0500
Subject: [PATCH] switch to cloudflare

---
 .../cl01tl/applications/homepage/values.yaml  |  2 +-
 .../applications/site-profile/Chart.yaml      |  6 ++++-
 .../templates/external-secret.yaml            | 25 +++++++++++++++++++
 .../applications/site-profile/values.yaml     | 22 ++++------------
 4 files changed, 36 insertions(+), 19 deletions(-)

diff --git a/clusters/cl01tl/applications/homepage/values.yaml b/clusters/cl01tl/applications/homepage/values.yaml
index 7099f38ac..d89df4508 100644
--- a/clusters/cl01tl/applications/homepage/values.yaml
+++ b/clusters/cl01tl/applications/homepage/values.yaml
@@ -224,7 +224,7 @@ homepage:
               - Content Management:
                   icon: directus.png
                   description: Directus
-                  href: https://directus-site-profile-cl01tl.boreal-beaufort.ts.net
+                  href: https://directus.alexlebens.dev
                   siteMonitor: http://directus.site-profile:80
                   statusStyle: dot
               - Email:
diff --git a/clusters/cl01tl/applications/site-profile/Chart.yaml b/clusters/cl01tl/applications/site-profile/Chart.yaml
index 80d59589c..698b621a6 100644
--- a/clusters/cl01tl/applications/site-profile/Chart.yaml
+++ b/clusters/cl01tl/applications/site-profile/Chart.yaml
@@ -35,7 +35,11 @@ dependencies:
     version: 0.3.13
     repository: https://charts.bitnami.com/bitnami
   - name: cloudflared
-    alias: cloudflared
+    alias: cloudflared-site
+    repository: http://alexlebens.github.io/helm-charts
+    version: 1.6.0
+  - name: cloudflared
+    alias: cloudflared-directus
     repository: http://alexlebens.github.io/helm-charts
     version: 1.6.0
   - name: postgres-cluster
diff --git a/clusters/cl01tl/applications/site-profile/templates/external-secret.yaml b/clusters/cl01tl/applications/site-profile/templates/external-secret.yaml
index d14a80d48..0615608dc 100644
--- a/clusters/cl01tl/applications/site-profile/templates/external-secret.yaml
+++ b/clusters/cl01tl/applications/site-profile/templates/external-secret.yaml
@@ -132,6 +132,31 @@ spec:
         metadataPolicy: None
         property: token
 
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: directus-cloudflared-api-secret
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: directus-cloudflared-api-secret
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: web
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault
+  data:
+    - secretKey: cf-tunnel-token
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /cloudflare/tunnels/directus
+        metadataPolicy: None
+        property: token
+
 ---
 apiVersion: external-secrets.io/v1beta1
 kind: ExternalSecret
diff --git a/clusters/cl01tl/applications/site-profile/values.yaml b/clusters/cl01tl/applications/site-profile/values.yaml
index 3a11b5378..a5f3b79c7 100644
--- a/clusters/cl01tl/applications/site-profile/values.yaml
+++ b/clusters/cl01tl/applications/site-profile/values.yaml
@@ -158,21 +158,6 @@ directus:
           port: 80
           targetPort: 8055
           protocol: TCP
-  ingress:
-    tailscale:
-      enabled: true
-      className: tailscale
-      hosts:
-        - host: directus-site-profile-cl01tl
-          paths:
-            - path: /
-              pathType: Prefix
-              service:
-                name: directus
-                port: 80
-      tls:
-        - hosts:
-            - directus-site-profile-cl01tl
   persistence:
     data:
       storageClass: ceph-block
@@ -190,9 +175,12 @@ valkey:
     enabled: true
     existingSecret: directus-valkey-config
     existingSecretPasswordKey: password
-cloudflared:
-  name: cloudflared
+cloudflared-site:
+  name: cloudflared-site
   existingSecretName: site-profile-cloudflared-api-secret
+cloudflared-directus:
+  name: cloudflared-directus
+  existingSecretName: directus-cloudflared-api-secret
 postgres-16-cluster:
   nameOverride: directus-postgresql-16
   mode: standalone