From b44da87ac85e1e8a3efd054328b167ae78ba25fc Mon Sep 17 00:00:00 2001
From: Alex Lebens <alexanderlebens@gmail.com>
Date: Wed, 15 Apr 2026 19:07:39 -0500
Subject: [PATCH] feat: add openbao

---
 src/content/docs/applications/openbao.mdx     | 31 +++++++++++++++++++
 .../applications/secrets-store-csi-driver.mdx | 23 ++++++++++++++
 2 files changed, 54 insertions(+)
 create mode 100644 src/content/docs/applications/openbao.mdx
 create mode 100644 src/content/docs/applications/secrets-store-csi-driver.mdx

diff --git a/src/content/docs/applications/openbao.mdx b/src/content/docs/applications/openbao.mdx
new file mode 100644
index 0000000..dc05e03
--- /dev/null
+++ b/src/content/docs/applications/openbao.mdx
@@ -0,0 +1,31 @@
+---
+title: OpenBao
+description: OpenBao is a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys.
+hero:
+  tagline: OpenBao is a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys.
+  image:
+    file: https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/openbao.webp
+  actions:
+    - text: Source
+      link: https://github.com/openbao/openbao
+      icon: right-arrow
+    - text: Deployment Chart
+      link: https://gitea.alexlebens.dev/alexlebens/infrastructure/src/branch/main/clusters/cl01tl/helm/openbao
+      icon: right-arrow
+---
+
+import { Aside } from '@astrojs/starlight/components';
+
+<Aside type="tip">Has an internal [Grafana Dashboard](https://grafana.alexlebens.net/goto/bfit8f62ducjkd?orgId=1).</Aside>
+
+# Purpose
+
+Secrets manager.
+
+# Notes
+
+Retrieved by [External Secrets](https://docs.alexlebens.dev/applications/external-secrets/) for making them availible in cluster.
+
+Can store other secrets, but primarily used for cluster secrets.
+
+And by 'secrets' this means passwords, keys, etc, that are confidential and non public.
diff --git a/src/content/docs/applications/secrets-store-csi-driver.mdx b/src/content/docs/applications/secrets-store-csi-driver.mdx
new file mode 100644
index 0000000..4890f78
--- /dev/null
+++ b/src/content/docs/applications/secrets-store-csi-driver.mdx
@@ -0,0 +1,23 @@
+---
+title: Secrets Store CSI driver
+description: Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume.
+hero:
+  tagline: Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume.
+  image:
+    file: https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/kubernetes.webp
+  actions:
+    - text: Source
+      link: https://github.com/kubernetes-sigs/secrets-store-csi-driver
+      icon: right-arrow
+    - text: Deployment Chart
+      link: https://gitea.alexlebens.dev/alexlebens/infrastructure/src/branch/main/clusters/cl01tl/helm/secrets-store-csi-driver
+      icon: right-arrow
+---
+
+# Purpose
+
+Provides a way to mount secrets from an external provider into a pod.
+
+# Notes
+
+Used with [OpenBao](https://docs.alexlebens.dev/applications/openbao/) to usually mount file secrets, such as json or yaml files.