alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 4 Actions Activity

feat: use helper #6104

Merged
alexlebens merged 5 commits from tmp/secrets-3 into main 2026-04-20 20:16:29 +00:00
Conversation 0 Commits 5 Files Changed 30 +93 -93
25 changed files with 93 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit e92246ec8b - Show all commits

6
clusters/cl01tl/helm/argocd/templates/_helpers.tpl
View File

@@ -1,14 +1,14 @@
{{/*
Common labels
*/}}
{{- define "argocd.labels" -}}
{{ include "argocd.selectorLabels" $ }}
{{- define "custom.labels" -}}
{{ include "custom.selectorLabels" $ }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "argocd.selectorLabels" -}}
{{- define "custom.selectorLabels" -}}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
{{- end }}

4
clusters/cl01tl/helm/argocd/templates/external-secret.yaml
View File

@@ -5,7 +5,7 @@ metadata:
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: argocd-oidc-authentik
{{- include "argocd.labels" . | nindent 4 }}
{{- include "custom.labels" . | nindent 4 }}
spec:
secretStoreRef:
kind: ClusterSecretStore
@@ -28,7 +28,7 @@ metadata:
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: argocd-notifications-ntfy
{{- include "argocd.labels" . | nindent 4 }}
{{- include "custom.labels" . | nindent 4 }}
spec:
secretStoreRef:
kind: ClusterSecretStore

12
clusters/cl01tl/helm/audiobookshelf/templates/_helpers.tpl
View File

@@ -1,14 +1,14 @@
{{/*
Common labels
*/}}
{{- define "audiobookshelf.labels" -}}
{{ include "audiobookshelf.selectorLabels" $ }}
{{- define "custom.labels" -}}
{{ include "custom.selectorLabels" $ }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "audiobookshelf.selectorLabels" -}}
{{- define "custom.selectorLabels" -}}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
{{- end }}
@@ -16,12 +16,12 @@ app.kubernetes.io/part-of: {{ .Release.Name }}
{{/*
NFS names
*/}}
{{- define "audiobookshelf.booksNfsName" -}}
{{- define "custom.booksNfsName" -}}
audiobookshelf-books-nfs-storage
{{- end -}}
{{- define "audiobookshelf.audiobooksNfsName" -}}
{{- define "custom.audiobooksNfsName" -}}
audiobookshelf-audiobooks-nfs-storage
{{- end -}}
{{- define "audiobookshelf.podcastsNfsName" -}}
{{- define "custom.podcastsNfsName" -}}
audiobookshelf-podcasts-nfs-storage
{{- end -}}

2
clusters/cl01tl/helm/audiobookshelf/templates/external-secret.yaml
View File

@@ -5,7 +5,7 @@ metadata:
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: audiobookshelf-config-apprise
{{- include "audiobookshelf.labels" . | nindent 4 }}
{{- include "custom.labels" . | nindent 4 }}
spec:
secretStoreRef:
kind: ClusterSecretStore

24
clusters/cl01tl/helm/audiobookshelf/templates/persistent-volume-claim.yaml
View File

@@ -1,13 +1,13 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "audiobookshelf.booksNfsName" . }}
name: {{ include "custom.booksNfsName" . }}
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{ include "audiobookshelf.booksNfsName" . }}
{{ include "audiobookshelf.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "custom.booksNfsName" . }}
{{ include "custom.labels" . | nindent 4 }}
spec:
volumeName: {{ include "audiobookshelf.booksNfsName" . }}
volumeName: {{ include "custom.booksNfsName" . }}
storageClassName: nfs-client
accessModes:
- ReadWriteMany
@@ -19,13 +19,13 @@ spec:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "audiobookshelf.audiobooksNfsName" . }}
name: {{ include "custom.audiobooksNfsName" . }}
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{ include "audiobookshelf.audiobooksNfsName" . }}
{{- include "audiobookshelf.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "custom.audiobooksNfsName" . }}
{{- include "custom.labels" . | nindent 4 }}
spec:
volumeName: {{ include "audiobookshelf.audiobooksNfsName" . }}
volumeName: {{ include "custom.audiobooksNfsName" . }}
storageClassName: nfs-client
accessModes:
- ReadWriteMany
@@ -37,13 +37,13 @@ spec:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "audiobookshelf.podcastsNfsName" . }}
name: {{ include "custom.podcastsNfsName" . }}
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{ include "audiobookshelf.podcastsNfsName" . }}
{{- include "audiobookshelf.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "custom.podcastsNfsName" . }}
{{- include "custom.labels" . | nindent 4 }}
spec:
volumeName: {{ include "audiobookshelf.podcastsNfsName" . }}
volumeName: {{ include "custom.podcastsNfsName" . }}
storageClassName: nfs-client
accessModes:
- ReadWriteMany

18
clusters/cl01tl/helm/audiobookshelf/templates/persistent-volume.yaml
View File

@@ -1,11 +1,11 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: {{ include "audiobookshelf.booksNfsName" . }}
name: {{ include "custom.booksNfsName" . }}
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{ include "audiobookshelf.booksNfsName" . }}
{{- include "audiobookshelf.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "custom.booksNfsName" . }}
{{- include "custom.labels" . | nindent 4 }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
@@ -25,11 +25,11 @@ spec:
apiVersion: v1
kind: PersistentVolume
metadata:
name: {{ include "audiobookshelf.audiobooksNfsName" . }}
name: {{ include "custom.audiobooksNfsName" . }}
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{ include "audiobookshelf.audiobooksNfsName" . }}
{{- include "audiobookshelf.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "custom.audiobooksNfsName" . }}
{{- include "custom.labels" . | nindent 4 }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
@@ -49,11 +49,11 @@ spec:
apiVersion: v1
kind: PersistentVolume
metadata:
name: {{ include "audiobookshelf.podcastsNfsName" . }}
name: {{ include "custom.podcastsNfsName" . }}
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{ include "audiobookshelf.podcastsNfsName" . }}
{{- include "audiobookshelf.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "custom.podcastsNfsName" . }}
{{- include "custom.labels" . | nindent 4 }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client

6
clusters/cl01tl/helm/authentik/templates/_helpers.tpl
View File

@@ -1,14 +1,14 @@
{{/*
Common labels
*/}}
{{- define "authentik.labels" -}}
{{ include "authentik.selectorLabels" $ }}
{{- define "custom.labels" -}}
{{ include "custom.selectorLabels" $ }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "authentik.selectorLabels" -}}
{{- define "custom.selectorLabels" -}}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
{{- end }}

2
clusters/cl01tl/helm/authentik/templates/external-secret.yaml
View File

@@ -5,7 +5,7 @@ metadata:
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: authentik-key
{{- include "authentik.labels" . | nindent 4 }}
{{- include "custom.labels" . | nindent 4 }}
spec:
secretStoreRef:
kind: ClusterSecretStore

2
clusters/cl01tl/helm/authentik/templates/ingress.yaml
View File

@@ -6,7 +6,7 @@ metadata:
labels:
app.kubernetes.io/name: {{ .Release.Name }}-tailscale
tailscale.com/proxy-class: no-metrics
{{- include "authentik.labels" . | nindent 4 }}
{{- include "custom.labels" . | nindent 4 }}
annotations:
tailscale.com/experimental-forward-cluster-traffic-via-ingress: "true"
spec:

2
clusters/cl01tl/helm/authentik/templates/reference-grant.yaml
View File

@@ -5,7 +5,7 @@ metadata:
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: allow-outpost-cross-namespace-access
{{- include "authentik.labels" . | nindent 4 }}
{{- include "custom.labels" . | nindent 4 }}
spec:
from:
- group: gateway.networking.k8s.io

10
clusters/cl01tl/helm/backrest/templates/_helpers.tpl
View File

@@ -1,14 +1,14 @@
{{/*
Common labels
*/}}
{{- define "backrest.labels" -}}
{{ include "backrest.selectorLabels" $ }}
{{- define "custom.labels" -}}
{{ include "custom.selectorLabels" $ }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "backrest.selectorLabels" -}}
{{- define "custom.selectorLabels" -}}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
{{- end }}
@@ -16,9 +16,9 @@ app.kubernetes.io/part-of: {{ .Release.Name }}
{{/*
NFS names
*/}}
{{- define "backrest.storageNfsName" -}}
{{- define "custom.storageNfsName" -}}
backrest-nfs-storage
{{- end -}}
{{- define "backrest.shareNfsName" -}}
{{- define "custom.shareNfsName" -}}
backrest-nfs-share
{{- end -}}

16
clusters/cl01tl/helm/backrest/templates/persistent-volume-claim.yaml
View File

@@ -1,13 +1,13 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{- include "backrest.storageNfsName" . }}
name: {{ include "custom.storageNfsName" . }}
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{- include "backrest.storageNfsName" . }}
{{- include "backrest.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "custom.storageNfsName" . }}
{{- include "custom.labels" . | nindent 4 }}
spec:
volumeName: {{- include "backrest.storageNfsName" . }}
volumeName: {{ include "custom.storageNfsName" . }}
storageClassName: nfs-client
accessModes:
- ReadWriteMany
@@ -19,13 +19,13 @@ spec:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{- include "backrest.shareNfsName" . }}
name: {{ include "custom.shareNfsName" . }}
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{- include "backrest.shareNfsName" . }}
{{- include "backrest.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "custom.shareNfsName" . }}
{{- include "custom.labels" . | nindent 4 }}
spec:
volumeName: {{- include "backrest.shareNfsName" . }}
volumeName: {{ include "custom.shareNfsName" . }}
storageClassName: nfs-client
accessModes:
- ReadWriteMany

12
clusters/cl01tl/helm/backrest/templates/persistent-volume.yaml
View File

@@ -1,11 +1,11 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: {{- include "backrest.storageNfsName" . }}
name: {{ include "custom.storageNfsName" . }}
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{- include "backrest.storageNfsName" . }}
{{- include "backrest.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "custom.storageNfsName" . }}
{{- include "custom.labels" . | nindent 4 }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
@@ -25,11 +25,11 @@ spec:
apiVersion: v1
kind: PersistentVolume
metadata:
name: {{- include "backrest.shareNfsName" . }}
name: {{ include "custom.shareNfsName" . }}
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{- include "backrest.shareNfsName" . }}
{{- include "backrest.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "custom.shareNfsName" . }}
{{- include "custom.labels" . | nindent 4 }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client

8
clusters/cl01tl/helm/bazarr/templates/_helpers.tpl
View File

@@ -1,14 +1,14 @@
{{/*
Common labels
*/}}
{{- define "bazarr.labels" -}}
{{ include "bazarr.selectorLabels" $ }}
{{- define "custom.labels" -}}
{{ include "custom.selectorLabels" $ }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "bazarr.selectorLabels" -}}
{{- define "custom.selectorLabels" -}}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
{{- end }}
@@ -16,6 +16,6 @@ app.kubernetes.io/part-of: {{ .Release.Name }}
{{/*
NFS names
*/}}
{{- define "bazarr.storageNfsName" -}}
{{- define "custom.storageNfsName" -}}
bazarr-nfs-storage
{{- end -}}

2
clusters/cl01tl/helm/bazarr/templates/external-secret.yaml
View File

@@ -5,7 +5,7 @@ metadata:
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: bazarr-key
{{- include "bazarr.labels" . | nindent 4 }}
{{- include "custom.labels" . | nindent 4 }}
spec:
secretStoreRef:
kind: ClusterSecretStore

8
clusters/cl01tl/helm/bazarr/templates/persistent-volume-claim.yaml
View File

@@ -1,13 +1,13 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{- include "bazarr.storageNfsName" . }}
name: {{ include "custom.storageNfsName" . }}
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{- include "bazarr.storageNfsName" . }}
{{- include "bazarr.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "custom.storageNfsName" . }}
{{- include "custom.labels" . | nindent 4 }}
spec:
volumeName: {{ .Template.Name }}
volumeName: {{ include "custom.storageNfsName" . }}
storageClassName: nfs-client
accessModes:
- ReadWriteMany

6
clusters/cl01tl/helm/bazarr/templates/persistent-volume.yaml
View File

@@ -1,11 +1,11 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: {{- include "bazarr.storageNfsName" . }}
name: {{ include "custom.storageNfsName" . }}
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{- include "bazarr.storageNfsName" . }}
{{- include "bazarr.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "custom.storageNfsName" . }}
{{- include "custom.labels" . | nindent 4 }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client

10
clusters/cl01tl/helm/cert-manager/templates/_helpers.tpl
View File

@@ -1,14 +1,14 @@
{{/*
Common labels
*/}}
{{- define "cert-manager.labels" -}}
{{ include "cert-manager.selectorLabels" $ }}
{{- define "custom.labels" -}}
{{ include "custom.selectorLabels" $ }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "cert-manager.selectorLabels" -}}
{{- define "custom.selectorLabels" -}}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
{{- end }}
@@ -16,9 +16,9 @@ app.kubernetes.io/part-of: {{ .Release.Name }}
{{/*
NFS names
*/}}
{{- define "cert-manager.cloudflareSecretName" -}}
{{- define "custom.cloudflareSecretName" -}}
cert-manager-cloudflare-api-token
{{- end -}}
{{- define "cert-manager.cloudflareSecretKey" -}}
{{- define "custom.cloudflareSecretKey" -}}
api-token
{{- end -}}

6
clusters/cl01tl/helm/cert-manager/templates/cluster-issuer.yaml
View File

@@ -5,7 +5,7 @@ metadata:
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: letsencrypt-issuer
{{- include "cert-manager.labels" . | nindent 4 }}
{{- include "custom.labels" . | nindent 4 }}
spec:
acme:
email: alexanderlebens@gmail.com
@@ -21,5 +21,5 @@ spec:
cloudflare:
email: alexanderlebens@gmail.com
apiTokenSecretRef:
name: {{- include "cert-manager.cloudflareSecretName" . }}
key: {{- include "cert-manager.cloudflareSecretKey" . }}
name: {{ include "custom.cloudflareSecretName" . }}
key: {{ include "custom.cloudflareSecretKey" . }}

8
clusters/cl01tl/helm/cert-manager/templates/external-secret.yaml
View File

@@ -1,17 +1,17 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: {{- include "cert-manager.cloudflareSecretName" . }}
name: {{ include "custom.cloudflareSecretName" . }}
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{- include "cert-manager.cloudflareSecretName" . }}
{{- include "cert-manager.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "custom.cloudflareSecretName" . }}
{{- include "custom.labels" . | nindent 4 }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: openbao
data:
- secretKey: {{- include "cert-manager.cloudflareSecretKey" . }}
- secretKey: {{ include "custom.cloudflareSecretKey" . }}
remoteRef:
key: /cloudflare/alexlebens.net/cl01tl-issuer-certificate
property: token

6
clusters/cl01tl/helm/cilium/templates/_helpers.tpl
View File

@@ -1,14 +1,14 @@
{{/*
Common labels
*/}}
{{- define "cilium.labels" -}}
{{ include "cilium.selectorLabels" $ }}
{{- define "custom.labels" -}}
{{ include "custom.selectorLabels" $ }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "cilium.selectorLabels" -}}
{{- define "custom.selectorLabels" -}}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
{{- end }}

4
clusters/cl01tl/helm/cilium/templates/cilium-load-balancer-ip-pool.yaml
View File

@@ -5,7 +5,7 @@ metadata:
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: default-ip-pool
{{- include "cilium.labels" . | nindent 4 }}
{{- include "custom.labels" . | nindent 4 }}
spec:
blocks:
- start: "10.232.1.21"
@@ -19,7 +19,7 @@ metadata:
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: bgp-ip-pool
{{- include "cilium.labels" . | nindent 4 }}
{{- include "custom.labels" . | nindent 4 }}
spec:
blocks:
- start: "10.232.2.100"

2
clusters/cl01tl/helm/cilium/templates/http-route.yaml
View File

@@ -5,7 +5,7 @@ metadata:
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: hubble
{{- include "cilium.labels" . | nindent 4 }}
{{- include "custom.labels" . | nindent 4 }}
spec:
parentRefs:
- group: gateway.networking.k8s.io

6
clusters/cl01tl/helm/dawarich/templates/_helpers.tpl
View File

@@ -1,14 +1,14 @@
{{/*
Common labels
*/}}
{{- define "dawarich.labels" -}}
{{ include "dawarich.selectorLabels" $ }}
{{- define "custom.labels" -}}
{{ include "custom.selectorLabels" $ }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "dawarich.selectorLabels" -}}
{{- define "custom.selectorLabels" -}}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
{{- end }}

4
clusters/cl01tl/helm/dawarich/templates/external-secret.yaml
View File

@@ -5,7 +5,7 @@ metadata:
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: dawarich-key
{{- include "dawarich.labels" . | nindent 4 }}
{{- include "custom.labels" . | nindent 4 }}
spec:
secretStoreRef:
kind: ClusterSecretStore
@@ -24,7 +24,7 @@ metadata:
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: dawarich-oidc-authentik
{{- include "dawarich.labels" . | nindent 4 }}
{{- include "custom.labels" . | nindent 4 }}
spec:
secretStoreRef:
kind: ClusterSecretStore