feat: add new cluster, create common directory
This commit is contained in:
parent
5917341e26
commit
14216829c9
|
@ -3,17 +3,17 @@
|
||||||
version: "3"
|
version: "3"
|
||||||
|
|
||||||
vars:
|
vars:
|
||||||
CLUSTER_SECRET_SOPS_FILE: "{{.CLUSTER_DIR}}/bootstrap/flux/sops-key.sops.yaml"
|
CLUSTER_SECRET_SOPS_FILE: "{{.CLUSTERS_DIR}}/common/bootstrap/flux/sops-key.sops.yaml"
|
||||||
GITHUB_DEPLOY_KEY_FILE: "{{.CLUSTER_DIR}}/bootstrap/flux/forgejo-deploy-key.sops.yaml"
|
GITHUB_DEPLOY_KEY_FILE: "{{.CLUSTERS_DIR}}/common/bootstrap/flux/forgejo-deploy-key.sops.yaml"
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
bootstrap:
|
bootstrap:
|
||||||
desc: Bootstrap Flux into a Kubernetes cluster
|
desc: Bootstrap Flux into a Kubernetes cluster
|
||||||
cmds:
|
cmds:
|
||||||
- kubectl apply --server-side --kustomize {{.CLUSTER_DIR}}/bootstrap/flux
|
- kubectl apply --server-side --kustomize {{.CLUSTERS_DIR}}/common/bootstrap/flux
|
||||||
- sops --decrypt {{.CLUSTER_SECRET_SOPS_FILE}} | kubectl apply --server-side --filename -
|
- sops --decrypt {{.CLUSTER_SECRET_SOPS_FILE}} | kubectl apply --server-side --filename -
|
||||||
- sops --decrypt {{.GITHUB_DEPLOY_KEY_FILE}} | kubectl apply --server-side --filename -
|
- sops --decrypt {{.GITHUB_DEPLOY_KEY_FILE}} | kubectl apply --server-side --filename -
|
||||||
- kubectl apply --server-side --kustomize {{.CLUSTER_DIR}}/flux/config
|
- kubectl apply --server-side --kustomize {{.CLUSTERS_DIR}}/{{.CLUSTER}}/flux/config
|
||||||
preconditions:
|
preconditions:
|
||||||
- { msg: "Missing cluster sops key", sh: "gpg -K 687802D4DFD8AA82EA55666CF7DADAC782D7663D" }
|
- { msg: "Missing cluster sops key", sh: "gpg -K 687802D4DFD8AA82EA55666CF7DADAC782D7663D" }
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
version: "3"
|
version: "3"
|
||||||
|
|
||||||
vars:
|
vars:
|
||||||
CLUSTER_DIR: "{{.ROOT_DIR}}/cluster"
|
CLUSTERS_DIR: "{{.ROOT_DIR}}/kubernetes"
|
||||||
|
|
||||||
includes:
|
includes:
|
||||||
flux: .taskfiles/Flux/Taskfile.yaml
|
flux: .taskfiles/Flux/Taskfile.yaml
|
||||||
|
|
|
@ -4,5 +4,4 @@ resources:
|
||||||
- ./namespace.yaml
|
- ./namespace.yaml
|
||||||
- ./helm-repository.yaml
|
- ./helm-repository.yaml
|
||||||
- ./helm-release.yaml
|
- ./helm-release.yaml
|
||||||
- ./mainpool-sc.yaml
|
|
||||||
- ./monitoring-helm-release.yaml
|
- ./monitoring-helm-release.yaml
|
|
@ -4,8 +4,13 @@ resources:
|
||||||
- ./kube-system
|
- ./kube-system
|
||||||
- ./helm-repositories.yaml
|
- ./helm-repositories.yaml
|
||||||
- ./cert-manager
|
- ./cert-manager
|
||||||
- ./networking
|
- ../../common/apps/metallb
|
||||||
- ./storage
|
- ../../common/apps/traefik
|
||||||
|
# storage
|
||||||
|
- ./longhorn
|
||||||
|
- ./openebs
|
||||||
|
|
||||||
- ./kube-replicator
|
- ./kube-replicator
|
||||||
- ./nfd/ks.yaml
|
|
||||||
- ./intel-gpu/ks.yaml
|
- ../../common/apps/nfd/ks.yaml
|
||||||
|
- ../../common/apps/intel-gpu/ks.yaml
|
|
@ -1,6 +1,5 @@
|
||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
- ./longhorn
|
- ../../../common/apps/openebs
|
||||||
- ./openebs
|
- ./mainpool-sc.yaml
|
||||||
#- ./local-path-provisioner
|
|
|
@ -1,82 +0,0 @@
|
||||||
apiVersion: source.toolkit.fluxcd.io/v1
|
|
||||||
kind: GitRepository
|
|
||||||
metadata:
|
|
||||||
name: local-path-provisioner
|
|
||||||
namespace: flux-system
|
|
||||||
spec:
|
|
||||||
interval: 1m
|
|
||||||
url: https://github.com/rancher/local-path-provisioner.git
|
|
||||||
ref:
|
|
||||||
tag: v0.0.29
|
|
||||||
---
|
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
||||||
kind: HelmRelease
|
|
||||||
metadata:
|
|
||||||
name: local-path-provisioner
|
|
||||||
namespace: kube-system
|
|
||||||
spec:
|
|
||||||
interval: 15m
|
|
||||||
chart:
|
|
||||||
spec:
|
|
||||||
chart: ./deploy/chart/local-path-provisioner
|
|
||||||
sourceRef:
|
|
||||||
kind: GitRepository
|
|
||||||
name: local-path-provisioner
|
|
||||||
namespace: flux-system
|
|
||||||
maxHistory: 3
|
|
||||||
install:
|
|
||||||
createNamespace: true
|
|
||||||
remediation:
|
|
||||||
retries: 3
|
|
||||||
upgrade:
|
|
||||||
cleanupOnFail: true
|
|
||||||
remediation:
|
|
||||||
retries: 3
|
|
||||||
uninstall:
|
|
||||||
keepHistory: false
|
|
||||||
values:
|
|
||||||
helperImage:
|
|
||||||
repository: public.ecr.aws/docker/library/busybox
|
|
||||||
tag: latest
|
|
||||||
storageClass:
|
|
||||||
defaultClass: false
|
|
||||||
nodePathMap:
|
|
||||||
- node: DEFAULT_PATH_FOR_NON_LISTED_NODES
|
|
||||||
paths: ["/var/lib/rancher/k3s/storage"]
|
|
||||||
# Note: Do not enable Flux variable substitution on this HelmRelease
|
|
||||||
configmap:
|
|
||||||
setup: |-
|
|
||||||
#!/bin/sh
|
|
||||||
while getopts "m:s:p:" opt
|
|
||||||
do
|
|
||||||
case $opt in
|
|
||||||
p)
|
|
||||||
absolutePath=$OPTARG
|
|
||||||
;;
|
|
||||||
s)
|
|
||||||
sizeInBytes=$OPTARG
|
|
||||||
;;
|
|
||||||
m)
|
|
||||||
volMode=$OPTARG
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
mkdir -m 0777 -p ${absolutePath}
|
|
||||||
chmod 701 ${absolutePath}/..
|
|
||||||
teardown: |-
|
|
||||||
#!/bin/sh
|
|
||||||
while getopts "m:s:p:" opt
|
|
||||||
do
|
|
||||||
case $opt in
|
|
||||||
p)
|
|
||||||
absolutePath=$OPTARG
|
|
||||||
;;
|
|
||||||
s)
|
|
||||||
sizeInBytes=$OPTARG
|
|
||||||
;;
|
|
||||||
m)
|
|
||||||
volMode=$OPTARG
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
rm -rf ${absolutePath}
|
|
|
@ -2,5 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
- ./cluster-secrets.sops.yaml
|
- ./cluster-secrets.sops.yaml
|
||||||
- ./orca-registry-puller.sops.yaml
|
|
||||||
- ./cluster-settings.yaml
|
- ./cluster-settings.yaml
|
|
@ -1,62 +0,0 @@
|
||||||
apiVersion: v1
|
|
||||||
kind: Secret
|
|
||||||
metadata:
|
|
||||||
name: orca-puller
|
|
||||||
namespace: default
|
|
||||||
annotations:
|
|
||||||
replicator.v1.mittwald.de/replication-allowed: "true"
|
|
||||||
replicator.v1.mittwald.de/replication-allowed-namespaces: '*'
|
|
||||||
data:
|
|
||||||
.dockerconfigjson: ENC[AES256_GCM,data:g58h5rYAEZu2W3CYnYHgajsp7wvnFdhyRCt1qWPHbVDC+nwD1TVqTGDga1b2/RTR5tdobqZ9FdP41/1dzZeNBe2lfXOsWhQYd87EhpchFYRgsb9u7ZL32sxERhAxSg+0/AaoIYSHbuBLgRwxqnHOojS7Hcg956L+6Kgh/uiaOGsUrKRjlMAI0aN4agx+n/nU,iv:ichMs+o/3ld90VVq/UatXpAtpD6qjrEIdt0ZRwyh0Gg=,tag:lxvZy9U6sGsndz3sAy3DTQ==,type:str]
|
|
||||||
type: kubernetes.io/dockerconfigjson
|
|
||||||
sops:
|
|
||||||
kms: []
|
|
||||||
gcp_kms: []
|
|
||||||
azure_kv: []
|
|
||||||
hc_vault: []
|
|
||||||
age: []
|
|
||||||
lastmodified: "2023-07-22T02:12:00Z"
|
|
||||||
mac: ENC[AES256_GCM,data:yFHVGwFdi2n4Ju6SqqxXDxqxZaHKROIsQZtF+AtJY52f0XJif9jP2fi05dnxULnQ+wWOq4FPwVXc/9GiCiYMItecEApS0+6C7sWxKCWzYYAiFyxSajECzNtr4/XN5yoZBJCgsgFAf42jy9Nr5xLHOAVomnNfmDheS/Pe+Uq9v9E=,iv:oFKca0hHR7ERNgJqDp3pOxzQDBlTCF9Fx1yIl3HCj2o=,tag:107vU6pOFE6Na4BO5C5tiA==,type:str]
|
|
||||||
pgp:
|
|
||||||
- created_at: "2023-07-22T02:12:00Z"
|
|
||||||
enc: |
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
hQIMAzKleRwoSoixAQ//QEVgmHtcIVC1afYtQMgD3Kwb+n0nZid3d/enKN64D+fJ
|
|
||||||
bw0xXX9tjO4sy3To49k0EDETLW5paxcNApFYL+zajxNfa+EAZfdYxQqKWraQcxvL
|
|
||||||
/p8bNDyzYDrecWcIdcq4RqrVEA4Ga0K6MmPM0t5l+J/PgguDJWmAxEzlmTb/CdqI
|
|
||||||
MpUmO0RoLHb6m0vfAkEI0LT5E/37pTdqjAq4eMT9n7zxeHr3NmJBIetahENxTKDk
|
|
||||||
Ymw7DhBCLZBPvHyxw/kU7hS/yhJMxmLw9mjHuzWkYVYmZQDB/TwqWsL4cVLFNAVu
|
|
||||||
LqZBHtl2HmaeGefhDij4SfxCj3qTi1e3z1T5wch97XmFanabNizb2oezHYou4h5k
|
|
||||||
AVqWuxUd13am9YhmRMQ32TPPxyAWpV4W87C/XnIrMrfePH2xy54S2ISyL5lQ1I3K
|
|
||||||
5/a4ZMU8hBdCw7FxX6OSAXUd5cCfelJEaRopvwgXF5ZfQjARjQ7iGCedqBQbOsZM
|
|
||||||
vsf5WQvYxp8uivj7gKxhn+KkqJoM225OQKlSwCQ2bj20WsZ3SrjBuK41iO88urej
|
|
||||||
SJLAqG42e+nUjHXn/ql794kCHHG59uRES1wWLvgQ6Siu8TxJK6B+fjOrHBMOeSiD
|
|
||||||
oMKyqWIvziXN5KczkIpOWFCJzHb+AGTUn/a/jCLAqAxAqkWHwwbLdMiUv1053vHS
|
|
||||||
XgHkdbFnWqSekHCdLXu6q1lJhY+VAyzI55Ex2HvdxzBxWQKZAD4c1fFN/88j/Fb4
|
|
||||||
6/IVZvSU45coCyUR3O+py0s6XvBjrJL6W4haNXMl6nVcTxHgby1JTX5vickv400=
|
|
||||||
=cqEc
|
|
||||||
-----END PGP MESSAGE-----
|
|
||||||
fp: 2CC2B3631D5C3393901335DB68F95C5D753EE1E5
|
|
||||||
- created_at: "2023-07-22T02:12:00Z"
|
|
||||||
enc: |
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
hQIMAy5t8IMoPu4VAQ//RAyoi7oTNza3klhojjvUXum9iH3pOl1eqNu3qdJc9L4A
|
|
||||||
rGeo7Q9NTgywAaHQA4N0WPjJfFNkKSFLBxbtRpzlVCNrfontoGoFr5fGFWDh2Kfe
|
|
||||||
LydY3Zz9yUfcQYuGm8onVM6B6ImYUtM9ZPix808jxfiuz7rvqNmxqTdCa9o5oMHK
|
|
||||||
TqQ5u26MBR9cFf+W7bxKdDsqm4vEhxxWpEf5wgX+iZboA4O/J8LCVwrp6pb2pJ1q
|
|
||||||
nMA5ElKk/WZbsB6C20DYNXJRsdHjC1Huye6NDt1Em2XY9qcfWkQskVtohlYCdDCp
|
|
||||||
TciHgOF32rmN7h1i4j5Ae58AaSQmNRpKZFc192z8+dHdiSlzQEno6XXV11pezz/i
|
|
||||||
0ALvy2Q+r7xFA8xXyrOf7xOU/j9T8XCEAeidtQoZzEcINtg93tKItakzqacxRa2C
|
|
||||||
4Yj3Wic3LGSX13dZ5cpQNT6P3F6UMVAlVEEu1lHdsAjShbmuFWSFNXVo473O3Nwu
|
|
||||||
1imHmfb1xnqbiWS0tKdUX9jMQg+xYPrsAXQESq/9PmPJxl4tsGPzzCu+rMKf9pmF
|
|
||||||
XqGBASdcf9WaB4Hojm6+4UKb7pPDKAC2vLnOV9ilGv/0z+DwxU0x9swPkAYBm9M9
|
|
||||||
KkcaEh8petqyU2J8f91ESU3OafMo2h5OsJvzB2Zte2XIZIZV0h0y8mo6LKOJ1hzS
|
|
||||||
XgFiMVicO02DFcMkSJXA7ZVnV+1qfJl5vPW6Sa0vDikz/k8jYoRSv2skwZcpFIYf
|
|
||||||
Kr6LbZskq2QVBDS50HdpbOfyF+N8/mYuSfjKkuVH8oOq0KrZ38eJROiygPgpUYk=
|
|
||||||
=i9P2
|
|
||||||
-----END PGP MESSAGE-----
|
|
||||||
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
|
|
||||||
encrypted_regex: ^(data|stringData)$
|
|
||||||
version: 3.7.3
|
|
|
@ -0,0 +1,17 @@
|
||||||
|
apiVersion: source.toolkit.fluxcd.io/v1
|
||||||
|
kind: HelmRepository
|
||||||
|
metadata:
|
||||||
|
name: bitnami-charts
|
||||||
|
namespace: flux-system
|
||||||
|
spec:
|
||||||
|
interval: 1m
|
||||||
|
url: https://charts.bitnami.com/bitnami
|
||||||
|
---
|
||||||
|
apiVersion: source.toolkit.fluxcd.io/v1
|
||||||
|
kind: HelmRepository
|
||||||
|
metadata:
|
||||||
|
name: bjws-charts
|
||||||
|
namespace: flux-system
|
||||||
|
spec:
|
||||||
|
interval: 1m
|
||||||
|
url: https://bjw-s.github.io/helm-charts
|
|
@ -0,0 +1,14 @@
|
||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
resources:
|
||||||
|
- ./helm-repositories.yaml
|
||||||
|
- ../../common/apps/metallb
|
||||||
|
- ../../common/apps/traefik
|
||||||
|
# storage
|
||||||
|
#- ./longhorn
|
||||||
|
#- ../../common/apps/openebs
|
||||||
|
|
||||||
|
#- ./kube-replicator
|
||||||
|
|
||||||
|
- ../../common/apps/nfd/ks.yaml
|
||||||
|
- ../../common/apps/intel-gpu/ks.yaml
|
|
@ -0,0 +1,62 @@
|
||||||
|
---
|
||||||
|
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/source.toolkit.fluxcd.io/gitrepository_v1.json
|
||||||
|
apiVersion: source.toolkit.fluxcd.io/v1
|
||||||
|
kind: GitRepository
|
||||||
|
metadata:
|
||||||
|
name: home-cluster
|
||||||
|
namespace: flux-system
|
||||||
|
spec:
|
||||||
|
interval: 1m0s
|
||||||
|
ref:
|
||||||
|
branch: feat/thin-cluster
|
||||||
|
secretRef:
|
||||||
|
name: forgejo-deploy-key
|
||||||
|
url: ssh://git@git.seanomik.net/seanomik/k3s-cluster
|
||||||
|
---
|
||||||
|
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||||
|
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||||
|
kind: Kustomization
|
||||||
|
metadata:
|
||||||
|
name: cluster-secrets
|
||||||
|
namespace: flux-system
|
||||||
|
spec:
|
||||||
|
timeout: 5m
|
||||||
|
interval: 10m
|
||||||
|
path: ./kubernetes/thin/secrets
|
||||||
|
prune: true
|
||||||
|
sourceRef:
|
||||||
|
kind: GitRepository
|
||||||
|
name: home-cluster
|
||||||
|
decryption:
|
||||||
|
provider: sops
|
||||||
|
secretRef:
|
||||||
|
name: sops-gpg
|
||||||
|
---
|
||||||
|
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||||
|
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||||
|
kind: Kustomization
|
||||||
|
metadata:
|
||||||
|
name: apps
|
||||||
|
namespace: flux-system
|
||||||
|
spec:
|
||||||
|
timeout: 5m
|
||||||
|
interval: 10m
|
||||||
|
dependsOn:
|
||||||
|
- name: cluster-secrets
|
||||||
|
- name: core
|
||||||
|
path: ./kubernetes/thin/apps
|
||||||
|
prune: true
|
||||||
|
sourceRef:
|
||||||
|
kind: GitRepository
|
||||||
|
name: home-cluster
|
||||||
|
decryption:
|
||||||
|
provider: sops
|
||||||
|
secretRef:
|
||||||
|
name: sops-gpg
|
||||||
|
postBuild:
|
||||||
|
substitute: {}
|
||||||
|
substituteFrom:
|
||||||
|
- kind: ConfigMap
|
||||||
|
name: cluster-settings
|
||||||
|
- kind: Secret
|
||||||
|
name: cluster-secrets
|
|
@ -1,5 +1,4 @@
|
||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
- ./traefik
|
- ./cluster.yaml
|
||||||
- ./metallb
|
|
|
@ -0,0 +1,79 @@
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: cluster-secrets
|
||||||
|
namespace: flux-system
|
||||||
|
type: Opaque
|
||||||
|
stringData:
|
||||||
|
SECRET_MY_EMAIL: ENC[AES256_GCM,data:rNyzxxuVq/1dII5m8OKexQsH,iv:+i/h+iXhBNM7qxDyK7/3pQqp8l7hXDHhnZOwyuwcC3k=,tag:RM3svsBJXpFafRzoLp2NOg==,type:str]
|
||||||
|
SECRET_LETSENCRYPT_EMAIL: ENC[AES256_GCM,data:uUinHshJ3aUNzJDRQNVNWwNJ,iv:s8kggffO33/E04aUdZvxmgNhoPVKh+HnjX+k0o0DTNc=,tag:qreqEiN28i26OpsagQP5hQ==,type:str]
|
||||||
|
SECRET_DOMAIN: ENC[AES256_GCM,data:3zCSigeMzhC4H2SDVjqV6Q==,iv:OtUj2mDzmv9afBf4NcDSwZgGdKLJY3WG8qqSbI/NNog=,tag:buWUYjBMtfAVQADN2EREvQ==,type:str]
|
||||||
|
SECRET_NEW_DOMAIN: ENC[AES256_GCM,data:BDuzEYN7KOlqDUbJyFwHWCQ=,iv:DHrkALxuuEiZhjdLeFArgaORR8ZlsUuW2BT/joEFQGo=,tag:u1zVa2SA4xpgjNcO9iXtiw==,type:str]
|
||||||
|
SECRET_AUTHENTIK_SECRET_KEY: ENC[AES256_GCM,data:A2S9VBNLw2m6IEEGunHo8T/4v0tp0RvByYc6FIJdx1Q=,iv:Mu+TbsN2Ci2/7LvKhb8XWm6SPJe5ZxS8Z8YWjLwdT1c=,tag:uoatWIMDRLT4XaP0f0kpiQ==,type:str]
|
||||||
|
SECRET_DATABASE_PGSQL_USER_PASS: ENC[AES256_GCM,data:A++t+kACJthb9w6yml5KJo9Eqc/wp/BFadLzwOQhkhc=,iv:7mA6zCaC360dyJkC5wybh3PnGWjr12q0R/aGKi2D5Rc=,tag:h3BVuMH8VvnSc8LEM85wlQ==,type:str]
|
||||||
|
SECRET_DATABASE_PGSQL_ADMIN_PASS: ENC[AES256_GCM,data:UyFKnNw20KiJZj/Y5Jba6uFhDU/N+Dijl1mJlCcBgJk=,iv:Il50aBOHREDCDYeXmZks9DVBkq1+z1ZLo2KfibbiWmk=,tag:y/DBhdWLToD30tqVGD3uRg==,type:str]
|
||||||
|
SECRET_DATABASE_REDIS_PASS: ENC[AES256_GCM,data:ePEMWYYpXF5lv4+RAScXxArlKXq8U21XUYsSWBf8TG0=,iv:Lr9qq1fVuyzleC3oU7izKP/YHoSrtXADl9efz3iWgEw=,tag:73XjcnTWr1wPYFEROznz+A==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age: []
|
||||||
|
lastmodified: "2024-09-07T01:46:20Z"
|
||||||
|
mac: ENC[AES256_GCM,data:vdG/QHWHQge+m6YCBqtAfRsXdWvMLiZQ6DOnaxgaUNpslPvQuHml1kWBsSKrmNmB79jxqB2M6HwEY7ljOMf6ZlTeMs7mW6i0oj368IS6gQGfOHSJ4d34shyXujO9JHEnmL7O0tnOs1bp4ZHxdd/t4Wmq/ii+W/Kbta3/VLtOj/A=,iv:aB8Y4Y0t4ncViBAvH2WAAGgzbrzUSvL3/RRY+VVUKlk=,tag:0BSFABPxUxgRG1fDrDHXug==,type:str]
|
||||||
|
pgp:
|
||||||
|
- created_at: "2024-09-07T01:46:20Z"
|
||||||
|
enc: |-
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hQIMAyqlIeyoxYovAQ//XsBS23tIBniGlJAVG7gBJRclDr4ecXUH3LTkVPSaQ4r6
|
||||||
|
gLPL19dZaYcs4hkvOOgm0u7tXXPMFHuIWvLLPKwAbZMOGcvhqgSWmVDIFRKOtAKt
|
||||||
|
mdNeVEWARwf2/3JsVSyh8pyxbdtC1dlY6BB8Cxd95n70ZQdrAbGewAK6sVWWAiRr
|
||||||
|
uSLiYO/HUdyoP38q77dwG4p8up1qchND92Ie04zowWbiquMq+V/2pgJ3dd51Z5Gn
|
||||||
|
oD1oNZZZeZaBJ+G3mea5QSzduE7x8R56YyGyBcDOn6gmMxJF8adDBsQfdH2bQCWQ
|
||||||
|
I2QstgQwXAvvwqexow8x/wEAkUXksB/dZKWOu3QhlFq7vLJ9RXGTaKCg0FCcu8/U
|
||||||
|
h7x4njNLA2/aidAVL4ufRohiONss2fjcDhpiJ7uyBM/horq2SmABzwoCtmRS/4du
|
||||||
|
oE/Ygfh+OPa6+SuQmwB+BH255HPsDNeikC/F3XJ/LXKO6460L7yQAdYnKAR3EqVL
|
||||||
|
KcfrVNIaFAIxLQ7SQ3DaU2ddc18pzPbBDnLwwFoO+mM2u6wwaKZkyjAK/1NlNs/O
|
||||||
|
WGXjPzBvpjWTQmSL4PhwGmtaolNpE9j3zpLHUs3TcKUKXyzV1f5p2pxXBBo/IYZy
|
||||||
|
rVkKm2zPR0rgkVjJMWiZ+uazGy3mVbsDj3y/5c+CRYTuNoHk/AuWz3x8KSEz/JCF
|
||||||
|
AgwDXjg0p2IN1X8BEADFHtP/WpUDejsej2gXlWYJkT6N9IiZqfMKbejk3yAQr9+L
|
||||||
|
9J1c5UkDT6MeQpIFs04cZMAVmQRg+Q5D9ipgp8t4PMBNCT6xuQYIvfkdoESQG4Rt
|
||||||
|
6FpQHkeKkooXWJJzCppexkKzXeHjfMFm7KPd0jea46uwh+Qx2MbDaoiGK+YCzb82
|
||||||
|
mWCpgPfguOdbLaGI2aSYiWTrmMnNZv4cthv4Z/u1ph6NB2X/SbG3ot5O569epLpq
|
||||||
|
Al9bVUb2ZCEfrRUmqC9eWTr3p+GFRF77u7PVBwOjYItI4Paz+M7EKUmUqvMoj4EF
|
||||||
|
X+I9Oaac2t9nlIMLKNtq14LkncvdW+xuy83M2dN708ceo0+HxUeHCFyqbogKG8l9
|
||||||
|
vQa9OFGleLyeoWlVlBqKco2cQe4xI8UkJryxsBC+36OaeqrCFAhbYpCn5QL/Ij/4
|
||||||
|
8ZPg1RCh9oeFvfripRpQ9G6UNtmvloK8LA/73uHnkztAYx2AFMaI6zQr75F7S8IH
|
||||||
|
tSGNEUA3MHOU7pIrCp9KnGjjfsChD6J9d0EoOOQfP1nDxVkXrL1afiuFtieJOiru
|
||||||
|
pyr1LJonGBdBxDDSrfPj6tc1moqIjgiZiDBcImEPv076Wro9EZdTi53CNj9rtEln
|
||||||
|
hUpFDcNMdwccumMslDl8qNdAKJgFGEORtRqFs+n7nywjAnxqd7gVGKDO4RrjsdRm
|
||||||
|
AQkCEFhM1Krfrf1RAJz/fnEeg21yvhg47SCgBiNGizLXgyCgK1kGuxB+SpJVMkAg
|
||||||
|
rdBo5t2UfXkVyJQ00K77you1N17NtPnyKr8xfItd7JRmDpJn40f9MFR2AOyVFC5B
|
||||||
|
lVleELeG
|
||||||
|
=bKFu
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
|
fp: BD1AAF9D8170F4BEE437365FF6F0933799CFEBCD
|
||||||
|
- created_at: "2024-09-07T01:46:20Z"
|
||||||
|
enc: |-
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hQIMAy5t8IMoPu4VARAAo2y6IQJlsEAswykjpfDzvQw3TCyTiZWe6duhmnDoXKjK
|
||||||
|
8A66oDpQcfl0ubjIj6/FJICLr2PGPb1bgKUEz+vBsp1bv+txUtLwUXJTqFKnCS1H
|
||||||
|
CRKfEmDSNaAtNEtpOGnCeMffB0ghLvs42mlTUUi7u240FJ6MgD7AvV4UlM5IYOLx
|
||||||
|
+yZyjzYzgNibyh7rOun2E/df2VhDX0Ns6n9ZPZ3TFSdqsXGJ4bqn8+0MhJYeOMNc
|
||||||
|
ap3dMMhUuUoH5krvocNymJ6WH8x4LwUJrlQsTdr0edA6BhNYC35a2JcAkOGblaCP
|
||||||
|
er845gN/iCRhl6i/XFYcz7mhMheYmiVf5TEuMvFsdjBl0yNi65wJz5EX3U01Y63+
|
||||||
|
G+UeWCLt9+qDnAG3CN45Hgp46xIXocBvUhqdrg4Srtd+h/12Xlg8vV0jcdezWNm5
|
||||||
|
pqWVeLDGjDFZNLvG/p+dWF+EDN/Zv9V3Axb1ChYeRCbue0POqr7X6OS5lWZmuUwa
|
||||||
|
oaiE2vYFkUCcdZtQANDDluh36Bk2pHAOELcttPa4OO4F0mCopAtg6uDp07WQUUwR
|
||||||
|
TkELlxQvOQYtTJZkTiiOe7ogr3jXWuz6hp80WN/ZVdh6UtO9cNem3d5+hECUA0LY
|
||||||
|
NuEPYAAyZxfpvRRIrkV768AS+USqA6VDjistIFc/qTG0L3WeDyP6h0plAJr9OKvU
|
||||||
|
ZgEJAhCQhjQZwIG7xvkuK2EzSePmMMUl+DEbq1GzgCuzh3Y+X/3pryvEjh+002pe
|
||||||
|
55FSHnIZn+nD8Z1jAcRI+6mEZWfNYUXecF98+JBGIe73J/xjNUSWJZpSiYLIMnR6
|
||||||
|
6SKCYH9ORA==
|
||||||
|
=jqMe
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
|
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
|
||||||
|
encrypted_regex: ^(data|stringData)$
|
||||||
|
version: 3.9.0
|
|
@ -0,0 +1,10 @@
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
name: cluster-settings
|
||||||
|
namespace: flux-system
|
||||||
|
data:
|
||||||
|
# MetalLB
|
||||||
|
METALLB_LB_RANGE: 192.168.1.60-192.168.1.70
|
||||||
|
SERVER_TIMEZONE: America/New_York
|
|
@ -0,0 +1,5 @@
|
||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
resources:
|
||||||
|
- ./cluster-secrets.sops.yaml
|
||||||
|
- ./cluster-settings.yaml
|
Loading…
Reference in New Issue