feat: move common/database to thin cluster, create redis deployment for thin cluster, move exim out to common
This commit is contained in:
parent
c1c9d10bc1
commit
2babcfa451
|
@ -27,3 +27,33 @@ spec:
|
|||
name: cluster-settings
|
||||
- kind: Secret
|
||||
name: cluster-secrets
|
||||
---
|
||||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: redis
|
||||
namespace: flux-system
|
||||
spec:
|
||||
targetNamespace: database
|
||||
timeout: 5m
|
||||
interval: 10m
|
||||
path: ./kubernetes/common/apps/database/redis
|
||||
prune: true
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
name: home-cluster
|
||||
decryption:
|
||||
provider: sops
|
||||
secretRef:
|
||||
name: sops-gpg
|
||||
dependsOn:
|
||||
- name: openebs-sc
|
||||
namespace: flux-system
|
||||
postBuild:
|
||||
substitute: {}
|
||||
substituteFrom:
|
||||
- kind: ConfigMap
|
||||
name: cluster-settings
|
||||
- kind: Secret
|
||||
name: cluster-secrets
|
||||
|
|
|
@ -0,0 +1,47 @@
|
|||
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: redis
|
||||
namespace: database
|
||||
spec:
|
||||
interval: 5m
|
||||
chart:
|
||||
spec:
|
||||
chart: redis
|
||||
version: 20.1.0
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: bitnami-charts
|
||||
namespace: flux-system
|
||||
values:
|
||||
auth:
|
||||
existingSecret: "redis-secrets"
|
||||
existingSecretPasswordKey: "password"
|
||||
|
||||
master:
|
||||
podSecurityContext:
|
||||
enabled: true
|
||||
fsGroup: 700
|
||||
|
||||
containerSecurityContext:
|
||||
enabled: true
|
||||
runAsUser: 700
|
||||
|
||||
persistence:
|
||||
enabled: true
|
||||
storageClass: openebs-single
|
||||
size: 16Gi
|
||||
|
||||
replica:
|
||||
podSecurityContext:
|
||||
enabled: true
|
||||
fsGroup: 700
|
||||
|
||||
containerSecurityContext:
|
||||
enabled: true
|
||||
runAsUser: 700
|
||||
|
||||
persistence:
|
||||
enabled: true
|
||||
storageClass: openebs-single
|
||||
size: 16Gi
|
|
@ -0,0 +1,5 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ./redis.sops.yaml
|
||||
- ./helm-release.yaml
|
|
@ -0,0 +1,60 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: redis-secrets
|
||||
namespace: database
|
||||
stringData:
|
||||
password: ENC[AES256_GCM,data:jjXsxyMKvPsAAr3wMhZWV/E/Qmmz/OYQvu6f8pRXasY=,iv:8K9IzAywC9CHiZ+ASoxhSqN14amL6APbzjpBtxPS50s=,tag:GbgcAhhDp+ob83Neyr/Lzw==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2023-04-07T02:27:25Z"
|
||||
mac: ENC[AES256_GCM,data:7/C0bTMeOXSWeP2ftsCrWRLk84U0RmmNBQgo8oWKKo82ELZq13UNjGyQovdnkSJQohmrf3NeYAqD1BEdkLnV1i8Fc0+UeVw0RIqApVXT0QuL1N9raw71TCZFpdIlB/QVqpnSByGquHtHeDVCU1XeVucq9SXbRQC+KXHIKKYRRWk=,iv:gG2zWKGmhCbz3iqfYUIpTvgx1Pkr3jnCPsopS1sWLWU=,tag:AAg40kPevQR+TsIpvarKRQ==,type:str]
|
||||
pgp:
|
||||
- created_at: "2023-06-19T18:35:20Z"
|
||||
enc: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAzKleRwoSoixAQ/+MPwsw23CEJ7+tNW+wswxHW/HKssn9/9M+GXTVTNiSLhU
|
||||
hec797R9IuuUOVtW6Q6mRmCnnIxeU0NCTDJ75Fk5S+S7vvY1SEkR6YJ7dOSX6hpg
|
||||
BohlEJYKMTYgLLUmxNzz+Kvih5HHY4EWhKPF1fRh45q2eosQBNO3bb8NGe4JddV0
|
||||
kdyBTEOfWMG+gYb+Rygv2NNJy51FiWUeimv1zVbTKgFd+kMJVtDZIgFY+YdC7tpk
|
||||
5SW1HW1ZzCbnAqy0M+NUQ1DH0diAbqUwrgCz/crzd51GXl75YMKt0AQ90Cfj9qJO
|
||||
EcB6HRBmSxLla+AGh/s5aGPLEInlhn6IDgj0BLmFFa9VKHw/F9Oq2SUvb7CKgLPr
|
||||
mkxkeV9JG6rIdnEZ7LijGb+tZEYsbGTjX13AGEMpLY6B+kxJyktK9rW/WdW34i6V
|
||||
7Oov+FbXNzOOIHi839xhy1zrr+fUuP1Ow6cpJEsBk2+0eEVyYyDMw7BmTfSCOBOs
|
||||
ErBrbuz3xtHBzFnc5qKAZGCkCpQjWbgOBa9OtgCOpnzBo5vLsgqnB4pJEQTSjgqm
|
||||
CPiHH6Jgnjcufx+YWGSX4mATOFBCyNaGZQoezvuGpmGDH6XtulmWAVt7lc030AUL
|
||||
t1Cvf8LlNznzplApm8l5QjnjOFbZy00dfakm3plxHihpai+AJx0ia5Z6vNgofG3U
|
||||
aAEJAhBk7yj9x2Dmj6kY+gZCaMvOx/RDPHCHJxgy8nrEGL0s8T5tKFeOrqCvPVPc
|
||||
Ba1z1+zM5U8g8H3ejDcxbgD6M4Pn3h0vK4KV19xFj9MT3yEup5g6JllVMCjR+4b4
|
||||
6Ws3PAOg+gfn
|
||||
=KUC9
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 2CC2B3631D5C3393901335DB68F95C5D753EE1E5
|
||||
- created_at: "2023-06-19T18:35:20Z"
|
||||
enc: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAy5t8IMoPu4VAQ/9Hz/dua2fj9igN4oKMbynFYw9RjNxvR4FTbflze7ta3B/
|
||||
XwyqNmGqG/Nf14zmCW5vX0J4HQIH/6oqtaOwefDoT1BKS89wZQ//ULiCvP2+ySKI
|
||||
MFi6dgX5c+Jz2Qu6+AcGLEMUvrBjOcH36Ev6wOsGvtf9neQgWkbWDAr9aPJUSQuD
|
||||
YmoWgGQfjvpq5yKLMs7fHGzCGzgJ9/eIy6w2Hf2YbaeZ1yQUVbOWLeM/UkFBoKEz
|
||||
o+5S8bdmfiJxBpNPrqW7nxkRhyuEIBlrqmbqUMzLqgWzE47hPZT6lL8neuLPNB0/
|
||||
HojCdKdhloTWu2BuIzmlYarJOVKAVZLvwCec+ExZGRtCj+WoZ74Zv7VTJMK3SrDp
|
||||
sHhcvLNsX0FxgOdzudtVK3zGGuLFJl+PO14FAXqRKbGyrqAG5turyN1UUtPvXnxZ
|
||||
8rZjqNdIpYXzz+4/1qbdNdDw+DrW/kSd/bjYhSje5J0eKo1e2O6oSyE6fY54yzBk
|
||||
qk5vv8kgmPGugZOB+Fgxt3wINcd066oRlf66tSDFDrzaqBTem8PpIOM551Xxelry
|
||||
NX7s6QAzTZTnaN9jCevo0HjqHYJ7s5RfNCBbK/lDyV161TOEl7mEhJEBiAkK5OZQ
|
||||
JVrtj14BojBn7CeqTEWf+AF8isPsGjkKeK/AB80z5znhz9kryyjjzcAv+w1CUrzU
|
||||
aAEJAhCzS5DclvrUB4EWfZGQdgW6uvdqATJGEUjylF0s6/OaaGCo3twB/nxdbYbK
|
||||
l4fRjOZalxm0hDYHNMpfwgntBq6aL4gA77AQCAKEkcuCBGDRPNUf85zUdU9pVbUk
|
||||
9ihOPpcMmJKt
|
||||
=wNI4
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
|
||||
encrypted_regex: ^(data|stringData)$
|
||||
version: 3.7.3
|
|
@ -0,0 +1,26 @@
|
|||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: exim
|
||||
namespace: flux-system
|
||||
spec:
|
||||
targetNamespace: default
|
||||
timeout: 5m
|
||||
interval: 10m
|
||||
path: ./kubernetes/common/apps/exim/app
|
||||
prune: true
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
name: home-cluster
|
||||
decryption:
|
||||
provider: sops
|
||||
secretRef:
|
||||
name: sops-gpg
|
||||
postBuild:
|
||||
substitute: {}
|
||||
substituteFrom:
|
||||
- kind: ConfigMap
|
||||
name: cluster-settings
|
||||
- kind: Secret
|
||||
name: cluster-secrets
|
|
@ -6,7 +6,7 @@ resources:
|
|||
- ./trilium
|
||||
- ./mealie
|
||||
- ./huginn
|
||||
- ./exim
|
||||
- ../../../common/apps/exim/ks.yaml
|
||||
- ./well-known-site
|
||||
- ./dendrite
|
||||
- ./ganymede
|
||||
|
|
|
@ -0,0 +1,59 @@
|
|||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: postgresql
|
||||
namespace: flux-system
|
||||
spec:
|
||||
targetNamespace: database
|
||||
timeout: 5m
|
||||
interval: 10m
|
||||
path: ./kubernetes/common/apps/database/postgresql
|
||||
prune: true
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
name: home-cluster
|
||||
decryption:
|
||||
provider: sops
|
||||
secretRef:
|
||||
name: sops-gpg
|
||||
dependsOn:
|
||||
- name: openebs-sc
|
||||
namespace: flux-system
|
||||
postBuild:
|
||||
substitute: {}
|
||||
substituteFrom:
|
||||
- kind: ConfigMap
|
||||
name: cluster-settings
|
||||
- kind: Secret
|
||||
name: cluster-secrets
|
||||
---
|
||||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: redis
|
||||
namespace: flux-system
|
||||
spec:
|
||||
targetNamespace: database
|
||||
timeout: 5m
|
||||
interval: 10m
|
||||
path: ./kubernetes/common/apps/database/redis
|
||||
prune: true
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
name: home-cluster
|
||||
decryption:
|
||||
provider: sops
|
||||
secretRef:
|
||||
name: sops-gpg
|
||||
dependsOn:
|
||||
- name: openebs-sc
|
||||
namespace: flux-system
|
||||
postBuild:
|
||||
substitute: {}
|
||||
substituteFrom:
|
||||
- kind: ConfigMap
|
||||
name: cluster-settings
|
||||
- kind: Secret
|
||||
name: cluster-secrets
|
|
@ -0,0 +1,42 @@
|
|||
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: postgresql
|
||||
namespace: database
|
||||
spec:
|
||||
interval: 5m
|
||||
chart:
|
||||
spec:
|
||||
chart: postgresql
|
||||
version: 14.3.x
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: bitnami-charts
|
||||
namespace: flux-system
|
||||
values:
|
||||
auth:
|
||||
existingSecret: "pgsql-secrets"
|
||||
secretKeys:
|
||||
adminPasswordKey: "adminPassword"
|
||||
replicationPasswordKey: "replicationPassword"
|
||||
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
labels:
|
||||
release: kube-prometheus-stack
|
||||
|
||||
volumePermissions:
|
||||
enabled: true
|
||||
|
||||
primary:
|
||||
persistence:
|
||||
existingClaim: "postgresql-pvc"
|
||||
|
||||
containerSecurityContext:
|
||||
enabled: true
|
||||
runAsUser: 655
|
||||
|
||||
readReplicas:
|
||||
containerSecurityContext:
|
||||
enabled: true
|
||||
runAsUser: 655
|
|
@ -0,0 +1,7 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ./pgsql-pv.yaml
|
||||
- ./pgsql.sops.yaml
|
||||
- ./helm-release.yaml
|
||||
#- ./pgadmin4
|
|
@ -0,0 +1,47 @@
|
|||
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: pgadmin4
|
||||
namespace: database
|
||||
spec:
|
||||
interval: 5m
|
||||
chart:
|
||||
spec:
|
||||
chart: pgadmin4
|
||||
version: "1.28.0"
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: runix-charts
|
||||
namespace: flux-system
|
||||
values:
|
||||
ingress:
|
||||
enabled: true
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-production
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
hosts:
|
||||
- host: &host pgadm.${SECRET_NEW_DOMAIN}
|
||||
paths:
|
||||
- path: "/"
|
||||
pathType: Prefix
|
||||
tls:
|
||||
- hosts:
|
||||
- *host
|
||||
|
||||
# securityContext:
|
||||
# runAsUser: 10000
|
||||
# runAsGroup: 10000
|
||||
# fsGroup: 10000
|
||||
#
|
||||
# containerSecurityContext:
|
||||
# enabled: true
|
||||
# allowPrivilegeEscalation: false
|
||||
|
||||
# envVarsFromConfigMaps:
|
||||
# - pgadmin4-secret
|
||||
|
||||
persistentVolume:
|
||||
enabled: false
|
||||
|
||||
volumePermissions:
|
||||
enabled: true
|
|
@ -0,0 +1,8 @@
|
|||
apiVersion: source.toolkit.fluxcd.io/v1
|
||||
kind: HelmRepository
|
||||
metadata:
|
||||
name: runix-charts
|
||||
namespace: flux-system
|
||||
spec:
|
||||
interval: 1m
|
||||
url: https://helm.runix.net
|
|
@ -0,0 +1,6 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ./pgadmin4.sops.yaml
|
||||
- ./helm-repository.yaml
|
||||
- ./helm-release.yaml
|
|
@ -0,0 +1,12 @@
|
|||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: postgresql-pvc
|
||||
namespace: database
|
||||
spec:
|
||||
storageClassName: openebs-dual
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Gi
|
|
@ -0,0 +1,73 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: pgsql-secrets
|
||||
namespace: database
|
||||
stringData:
|
||||
adminPassword: ENC[AES256_GCM,data:TPHfSeNOPjeBuDUCahKk1MQQ3ryPcHiaTRKtmlHyVrc=,iv:I8moW3RzTB8avCCbFK11NEMru0XeNkncYOxO3yfP5Qw=,tag:8CkbADFhviVFcuXkxKAoAA==,type:str]
|
||||
userPassword: ENC[AES256_GCM,data:vV5snzyNIsUhelMIlvlPLJbfgdDBO1VzcJYrQspplns=,iv:85ycMhbNxtUW5Tii4lbwKpUX3TzGi3HSv0ZDvmd7jjc=,tag:d0KN8cybXyWTzA7Wky/IbA==,type:str]
|
||||
replicationPassword: ENC[AES256_GCM,data:6K/fqD4hnOS48JjJdxKsVqe+DL5RaaGtEXtvrkTSaAU=,iv:OwcsrciG4I12Ysw69uSBEF9uebI8Rw3Y90R+UQ+6jZY=,tag:kmwCl/nYo+lIMBDWxhUdfg==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2024-09-20T21:13:35Z"
|
||||
mac: ENC[AES256_GCM,data:DbvO6SPPqQq/eYU5MPR3ZGhqvkbdXU682w+QzzUN3iyN0sr2Wn13X8hKpZzLxLvIvDERNubEMAHE8gCxE/7UL1fjQwwg8DuV+ho//osYDKsHz+8zjC3nBsViU0NPlxoxmgW1tnD2YvjB4412st5cgVak5ue1zjPCNqsE6tZt+J4=,iv:vxm/nFaXXhOgsUzg69EhNRfCbuyzEXlbGXnyCj4rTNY=,tag:U455Vir/gOPIzdtq+S7s+A==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-09-20T21:13:35Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAyqlIeyoxYovAQ//Z1qW9rA53nk8rhdlHQm/YtUrCbjbUh+40JZE1mxl8vhJ
|
||||
PcPVG3Lsiqxfdvzk5BR15WsnuIHZ4bYsKqWTZTX3h5zzN5t1j1I9nvzIcRLp8ytY
|
||||
LIZDxc4+J4fJSvcAZ6bw1nhtLZ2Kv5NDSjUlZmayITqYBVifRf95uv7vM4EbSJnD
|
||||
RaJGkNtbXMoSfLSSG7Rnh3M1QKtFnKkRX440xT8UVGOGmIYABAhTxQv6jF/4mM2T
|
||||
MZH5i1WOkJS3CfmjRIMiJ0tMfe477ykPW4Diu3dSXzh3ZpdvRmCWipVOReAceMQn
|
||||
3xzeNCcG6rVjDKeQbKULuNXJ//DEDa/tHHoFbcujeUOF149t2N2ZoNraFthBTT6O
|
||||
DpZyOPxfjh9PIEOoIM7BASI93R8IC0xUd7qPzbxVKozBqx6YnX3SQVdjvfC/FNlZ
|
||||
P5wiELiiYmSSOJxFWCXFE83VOBaqRaTFobeDtgY02KdDgHxnXGD5iC1QCyepmt26
|
||||
vL+VGVYb0811TEqLsGwpD0qpwXKzuOCgSDdFAUbFlJSMaKopwN5nvh4J78CSEhSL
|
||||
YRPHpfFy4L00AoVizx1RQmBq2+SczFe7g8nsbLWudl2THGC1L5v9tIkHNC3WlUYE
|
||||
6BVg+tO+/7iRUcKL9e8oIKyTcgFa1UVIjiW94zy9eeTGQntgA0z1sBCSxLOdjeGF
|
||||
AgwDXjg0p2IN1X8BD/9Bt1qIV/pnz4NjYXee2a6+72bmI4LLh0Tue96zhlOGNrqs
|
||||
nFqia0cIY6tqab0c+jWqsmpbpfrG5iviRjVkcIHdAbP38e3beX7vlHRhx2x8hNXt
|
||||
JPqmApGlfk3Y1RMEIpFIZ7ErkpMekLa60ezibMOQPVl6elT9vvp//+T0qWUlPd3h
|
||||
Va87mSZoW5TXMPPynJctZgbnCAkKzQ5u5QvKL8+uIcAvdCocK53z1BeDADqciWgk
|
||||
dumk5+o9ctvz0ie+diDBPZPdsaWENpWli3wc1yrejCbDfRSXb26ufpKkI2KAOB+N
|
||||
KyZilAstdP649/ATOS/WkZHswQOOS44hi6z/Qp7nxiIyKHPvoCCGM23lgjV2bkAl
|
||||
Mj5FiPtRLjxY6/l8ksu7UQM3P5ON2hz7yctgXRkFxbb8aRuzKYeTAwOG/Fd0s5FZ
|
||||
HyHzyYytLzA0fR0aopf6XfzWhm0yURd8YebuD9LXcDV5JaF6VQDbKA4xOSodDESs
|
||||
NB3F3vOQ909CXQL3Vr3GnJJOOUbIL38ox//Xh6zvUV3NVDULR9yCXKXbASevMpQy
|
||||
If9ZQGxlx1CtnlQslv6KR5FiF5kVlkMBMezzEMDkUJiFIFzHb/d7MrPzT0mLQksl
|
||||
g1EZnvf0C4aL7go6yNTYbGsvg4KCs3TnescQfW50gtizsrTSIgua1KFoUnQoitRm
|
||||
AQkCEODmGmTlB+anRvgFhtSfeCll70VVNUFatvzWZRmJz1i+nkQPrjM1DPjEl7Hr
|
||||
WTUWk/bgpirVE1fBAOlHeSgRraL3Pk4L++nKrOooW3GL369Ld9K3FEpBBJinszOi
|
||||
J+a7ARqW
|
||||
=NHeY
|
||||
-----END PGP MESSAGE-----
|
||||
fp: BD1AAF9D8170F4BEE437365FF6F0933799CFEBCD
|
||||
- created_at: "2024-09-20T21:13:35Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAy5t8IMoPu4VAQ/+IISpOpFI9l3dBhiTkFXIOWzF3eQt3ppI5kElJXPSGKev
|
||||
wfOpXF4cb7fLEI/rAQOOaxvn33Qfnn7ttytzYKhFPtOlOy9/14T0/duMAkHssTQr
|
||||
Hyr4Qtsa6sZOBV0Ls7znY4EUOuoq4QDUCunZ/8wlVbyZOAQG2KZZfN7FbYr9d2Nv
|
||||
FzsF6tUNr7zkeEfpwdDdKcRS997EEGYzkp2/D17B+aO0FzIJruy3gJxfLg1j8Z/M
|
||||
p67lXEdKSbPwPURDpSP8jQdA1R6ktY5SEd8nZ763pJOeReGbBg3VsI5R3NFR5liQ
|
||||
UI1AmSxCC4nH+3YQKDohicYwatUfGAIaquNV9VaVlHWWkS2cBFwkEcHZuVnRdqDE
|
||||
Wt/T5UkDKiA4yBcSWhd2P+l3gFKq/0gSHxLd0CgQELYXzHJKAXP2/+hGg9LJyAYl
|
||||
oE4XWT2Lm2C++yI7vZqnabexUS43hMRHKJ4AmxAmLDmQRj9n5i8Ck3YMGp3Eb9WA
|
||||
WOqH74Cyl8mPNB7MovMLpEdJUxqJUTVFsTJumWrDu8vXDv+rrLDUmb3OVcOiMB6v
|
||||
kpyB+PcWLr05t7BpPoh6jFVCRRKZeNk2Vmf69T0c5I7f2P3RR+Uhaz3eHzDs6G/V
|
||||
yiqhlDgg78/veII9IyipxTLucaYxdcJcGq5Xh45ZEGOV1AZAvXbFhehknQzyIBTU
|
||||
ZgEJAhDpDhSFoYuHtG4XRhBsilQ4zffNIA/sSEQF8Y4KRFGZAIJEcTnsfq3Es9SF
|
||||
pxdVmhEezl8ewESwKX47HqlDdSnA7EAaYrZaV1hEFMe8vn7gHzn4l/inc/R1ck+K
|
||||
LHS6se8PMQ==
|
||||
=QEN1
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
|
||||
encrypted_regex: ^(data|stringData)$
|
||||
version: 3.9.0
|
|
@ -0,0 +1,47 @@
|
|||
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: redis
|
||||
namespace: database
|
||||
spec:
|
||||
interval: 5m
|
||||
chart:
|
||||
spec:
|
||||
chart: redis
|
||||
version: 20.1.0
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: bitnami-charts
|
||||
namespace: flux-system
|
||||
values:
|
||||
auth:
|
||||
existingSecret: "redis-secrets"
|
||||
existingSecretPasswordKey: "password"
|
||||
|
||||
master:
|
||||
podSecurityContext:
|
||||
enabled: true
|
||||
fsGroup: 700
|
||||
|
||||
containerSecurityContext:
|
||||
enabled: true
|
||||
runAsUser: 700
|
||||
|
||||
persistence:
|
||||
enabled: true
|
||||
storageClass: openebs-single
|
||||
size: 16Gi
|
||||
|
||||
replica:
|
||||
podSecurityContext:
|
||||
enabled: true
|
||||
fsGroup: 700
|
||||
|
||||
containerSecurityContext:
|
||||
enabled: true
|
||||
runAsUser: 700
|
||||
|
||||
persistence:
|
||||
enabled: true
|
||||
storageClass: openebs-single
|
||||
size: 16Gi
|
|
@ -0,0 +1,5 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ./redis.sops.yaml
|
||||
- ./helm-release.yaml
|
|
@ -0,0 +1,60 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: redis-secrets
|
||||
namespace: database
|
||||
stringData:
|
||||
password: ENC[AES256_GCM,data:jjXsxyMKvPsAAr3wMhZWV/E/Qmmz/OYQvu6f8pRXasY=,iv:8K9IzAywC9CHiZ+ASoxhSqN14amL6APbzjpBtxPS50s=,tag:GbgcAhhDp+ob83Neyr/Lzw==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2023-04-07T02:27:25Z"
|
||||
mac: ENC[AES256_GCM,data:7/C0bTMeOXSWeP2ftsCrWRLk84U0RmmNBQgo8oWKKo82ELZq13UNjGyQovdnkSJQohmrf3NeYAqD1BEdkLnV1i8Fc0+UeVw0RIqApVXT0QuL1N9raw71TCZFpdIlB/QVqpnSByGquHtHeDVCU1XeVucq9SXbRQC+KXHIKKYRRWk=,iv:gG2zWKGmhCbz3iqfYUIpTvgx1Pkr3jnCPsopS1sWLWU=,tag:AAg40kPevQR+TsIpvarKRQ==,type:str]
|
||||
pgp:
|
||||
- created_at: "2023-06-19T18:35:20Z"
|
||||
enc: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAzKleRwoSoixAQ/+MPwsw23CEJ7+tNW+wswxHW/HKssn9/9M+GXTVTNiSLhU
|
||||
hec797R9IuuUOVtW6Q6mRmCnnIxeU0NCTDJ75Fk5S+S7vvY1SEkR6YJ7dOSX6hpg
|
||||
BohlEJYKMTYgLLUmxNzz+Kvih5HHY4EWhKPF1fRh45q2eosQBNO3bb8NGe4JddV0
|
||||
kdyBTEOfWMG+gYb+Rygv2NNJy51FiWUeimv1zVbTKgFd+kMJVtDZIgFY+YdC7tpk
|
||||
5SW1HW1ZzCbnAqy0M+NUQ1DH0diAbqUwrgCz/crzd51GXl75YMKt0AQ90Cfj9qJO
|
||||
EcB6HRBmSxLla+AGh/s5aGPLEInlhn6IDgj0BLmFFa9VKHw/F9Oq2SUvb7CKgLPr
|
||||
mkxkeV9JG6rIdnEZ7LijGb+tZEYsbGTjX13AGEMpLY6B+kxJyktK9rW/WdW34i6V
|
||||
7Oov+FbXNzOOIHi839xhy1zrr+fUuP1Ow6cpJEsBk2+0eEVyYyDMw7BmTfSCOBOs
|
||||
ErBrbuz3xtHBzFnc5qKAZGCkCpQjWbgOBa9OtgCOpnzBo5vLsgqnB4pJEQTSjgqm
|
||||
CPiHH6Jgnjcufx+YWGSX4mATOFBCyNaGZQoezvuGpmGDH6XtulmWAVt7lc030AUL
|
||||
t1Cvf8LlNznzplApm8l5QjnjOFbZy00dfakm3plxHihpai+AJx0ia5Z6vNgofG3U
|
||||
aAEJAhBk7yj9x2Dmj6kY+gZCaMvOx/RDPHCHJxgy8nrEGL0s8T5tKFeOrqCvPVPc
|
||||
Ba1z1+zM5U8g8H3ejDcxbgD6M4Pn3h0vK4KV19xFj9MT3yEup5g6JllVMCjR+4b4
|
||||
6Ws3PAOg+gfn
|
||||
=KUC9
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 2CC2B3631D5C3393901335DB68F95C5D753EE1E5
|
||||
- created_at: "2023-06-19T18:35:20Z"
|
||||
enc: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAy5t8IMoPu4VAQ/9Hz/dua2fj9igN4oKMbynFYw9RjNxvR4FTbflze7ta3B/
|
||||
XwyqNmGqG/Nf14zmCW5vX0J4HQIH/6oqtaOwefDoT1BKS89wZQ//ULiCvP2+ySKI
|
||||
MFi6dgX5c+Jz2Qu6+AcGLEMUvrBjOcH36Ev6wOsGvtf9neQgWkbWDAr9aPJUSQuD
|
||||
YmoWgGQfjvpq5yKLMs7fHGzCGzgJ9/eIy6w2Hf2YbaeZ1yQUVbOWLeM/UkFBoKEz
|
||||
o+5S8bdmfiJxBpNPrqW7nxkRhyuEIBlrqmbqUMzLqgWzE47hPZT6lL8neuLPNB0/
|
||||
HojCdKdhloTWu2BuIzmlYarJOVKAVZLvwCec+ExZGRtCj+WoZ74Zv7VTJMK3SrDp
|
||||
sHhcvLNsX0FxgOdzudtVK3zGGuLFJl+PO14FAXqRKbGyrqAG5turyN1UUtPvXnxZ
|
||||
8rZjqNdIpYXzz+4/1qbdNdDw+DrW/kSd/bjYhSje5J0eKo1e2O6oSyE6fY54yzBk
|
||||
qk5vv8kgmPGugZOB+Fgxt3wINcd066oRlf66tSDFDrzaqBTem8PpIOM551Xxelry
|
||||
NX7s6QAzTZTnaN9jCevo0HjqHYJ7s5RfNCBbK/lDyV161TOEl7mEhJEBiAkK5OZQ
|
||||
JVrtj14BojBn7CeqTEWf+AF8isPsGjkKeK/AB80z5znhz9kryyjjzcAv+w1CUrzU
|
||||
aAEJAhCzS5DclvrUB4EWfZGQdgW6uvdqATJGEUjylF0s6/OaaGCo3twB/nxdbYbK
|
||||
l4fRjOZalxm0hDYHNMpfwgntBq6aL4gA77AQCAKEkcuCBGDRPNUf85zUdU9pVbUk
|
||||
9ihOPpcMmJKt
|
||||
=wNI4
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
|
||||
encrypted_regex: ^(data|stringData)$
|
||||
version: 3.7.3
|
|
@ -16,6 +16,7 @@ resources:
|
|||
- ./kubevirt/ks.yaml
|
||||
- ./kubevirt-cdi/ks.yaml
|
||||
|
||||
- ../../common/apps/database/ks.yaml
|
||||
- ./database/ks.yaml
|
||||
- ../../common/apps/exim/ks.yml
|
||||
- ./monitoring
|
||||
- ./default
|
Loading…
Reference in New Issue