alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 12 Actions Activity

Merge pull request 'tmp/secrets-7' (#6159) from tmp/secrets-7 into main
All checks were successful
lint-test-helm / lint-helm (push) Successful in 25s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 2m52s
Details

Browse Source 
Reviewed-on: #6159
This commit was merged in pull request #6159.
This commit is contained in:
Alex Lebens
2026-04-24 00:53:21 +00:00
parent f1d383ed9a 020a3b297d
commit cf3bdbe9a9
7 changed files with 27 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
clusters/cl01tl/helm/external-dns/templates/external-secret.yaml
View File

@@ -13,5 +13,5 @@ spec:
data: data:
- secretKey: api-key - secretKey: api-key
remoteRef: remoteRef:
key: /unifi/auth/cl01tl key: /unifi/users/cl01tl
property: api-key property: api-key

2
clusters/cl01tl/helm/jellystat/templates/external-secret.yaml
View File

@@ -21,5 +21,5 @@ spec:
property: user property: user
- secretKey: password - secretKey: password
remoteRef: remoteRef:
key: /cl01tl/jellystat/cconfig key: /cl01tl/jellystat/config
property: password property: password

2
clusters/cl01tl/helm/kube-prometheus-stack/templates/external-secret.yaml
View File

@@ -13,7 +13,7 @@ spec:
data: data:
- secretKey: ntfy_password - secretKey: ntfy_password
remoteRef: remoteRef:
key: / cl01tl/ntfy/users/cl01tl key: /cl01tl/ntfy/users/cl01tl
property: password property: password
--- ---

2
clusters/cl01tl/helm/ollama/values.yaml
View File

@@ -127,7 +127,7 @@ ollama:
- name: WEBUI_SECRET_KEY - name: WEBUI_SECRET_KEY
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: ollama-key name: open-webui-key
key: key key: key
- name: DATABASE_URL - name: DATABASE_URL
valueFrom: valueFrom:

2
clusters/cl01tl/helm/paperless-ngx/templates/external-secret.yaml
View File

@@ -55,5 +55,5 @@ spec:
data: data:
- secretKey: PAPERLESS_SOCIALACCOUNT_PROVIDERS - secretKey: PAPERLESS_SOCIALACCOUNT_PROVIDERS
remoteRef: remoteRef:
key: /authentik/oidc/paperless-ngx key: /cl01tl/authentik/oidc/paperless-ngx
property: PAPERLESS_SOCIALACCOUNT_PROVIDERS property: PAPERLESS_SOCIALACCOUNT_PROVIDERS

23
clusters/cl01tl/helm/vault/templates/external-secret.yaml
View File

@@ -1,5 +1,24 @@
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret
metadata:
name: vault-token
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: vault-token
{{- include "custom.labels" . | nindent 4 }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: openbao
data:
- secretKey: token
remoteRef:
key: /cl01tl/vault/role/snapshot
property: root
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata: metadata:
name: vault-snapshot-agent-role name: vault-snapshot-agent-role
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
@@ -174,11 +193,11 @@ spec:
data: data:
- secretKey: NTFY_TOKEN - secretKey: NTFY_TOKEN
remoteRef: remoteRef:
key: /ntfy/user/cl01tl key: /cl01tl/ntfy/users/cl01tl
property: token property: token
- secretKey: NTFY_ENDPOINT - secretKey: NTFY_ENDPOINT
remoteRef: remoteRef:
key: /ntfy/user/cl01tl key: /cl01tl/ntfy/users/cl01tl
property: endpoint property: endpoint
- secretKey: NTFY_TOPIC - secretKey: NTFY_TOPIC
remoteRef: remoteRef:

2
clusters/cl01tl/helm/yamtrack/templates/external-secret.yaml
View File

@@ -14,7 +14,7 @@ spec:
- secretKey: SECRET - secretKey: SECRET
remoteRef: remoteRef:
key: /cl01tl/yamtrack/config key: /cl01tl/yamtrack/config
property: SECRET property: secret
--- ---
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1