Compare commits

...

18 Commits

Author SHA1 Message Date
Renovate Bot f69a7f9282 feat(helm): update chart app-template to 3.4.0 2024-09-21 07:10:34 +00:00
SeanOMik 54304af6c3
feat: add nextcloud to thin cluster 2024-09-20 23:08:36 -04:00
SeanOMik 18ab6dc168
feat(redis): switch to sentinel redis 2024-09-20 22:29:48 -04:00
SeanOMik cd4a2e4f3b
fix(whoami): use correct hostname for internal service, whoami 2024-09-20 19:02:22 -04:00
SeanOMik 9065539a86
fix(openebs): enable reclaim policy for openebs-single sc 2024-09-20 18:49:06 -04:00
SeanOMik 4929d9a087
fix(database): fix database namespace for thin cluster 2024-09-20 18:37:37 -04:00
SeanOMik dcd65c896b
fix(thin-cluster): use correct ks.yaml paths 2024-09-20 18:19:23 -04:00
SeanOMik 471ba03f49
forgot to remove these 2024-09-20 18:11:46 -04:00
SeanOMik 92fc3a2ce8
feat(openebs): enable volume expansion for openebs-dual sc, set storage classes to retain 2024-09-20 18:08:49 -04:00
SeanOMik 2babcfa451
feat: move common/database to thin cluster, create redis deployment for thin cluster, move exim out to common 2024-09-20 17:53:43 -04:00
SeanOMik c1c9d10bc1
chore: reorganize postgres ks.yaml 2024-09-20 17:14:43 -04:00
SeanOMik a7cbcbba62
feat(thin): add victoria-metrics for monitoring 2024-09-19 23:45:39 -04:00
SeanOMik e1647d2c8a
chore: remove unused line, move victoria-metrics-charts 2024-09-19 22:59:25 -04:00
SeanOMik 04a0b2ed40
fix(cert-manager): temporarily disable cert-manager servicemonitor 2024-09-19 22:40:57 -04:00
SeanOMik 7d95dee950
chore(unpackerr): update helmchart version 2024-09-19 22:33:14 -04:00
SeanOMik 78cb901029
fix(traefik): include wildcard-cert.yaml 2024-09-19 22:23:24 -04:00
SeanOMik c2b6f7942c
fix: use correct issuer for postgres cert 2024-09-19 22:20:44 -04:00
SeanOMik f6d50f58af
fix: shrink ganymede-data size back to original size 2024-09-19 22:09:53 -04:00
93 changed files with 750 additions and 194 deletions

View File

@ -26,8 +26,8 @@ spec:
nameservers:
- "1.1.1.1"
- "9.9.9.9"
# prometheus:
# servicemonitor:
# enabled: false
# labels:
# release: kube-prometheus-stack
prometheus:
servicemonitor:
enabled: false
labels:
release: kube-prometheus-stack

View File

@ -1,62 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: pgsql-secrets
namespace: database
stringData:
adminPassword: ENC[AES256_GCM,data:gJ7rl2V/VlbIIRvRHcwMaZKN87t5n8bVWZCj/tRv8Uw=,iv:b/5eEnOrHzJrtnO+E2IGwJLHy2AdJQwv9WfUR5fUHY4=,tag:nTtaDNHVfYpChQX9UWwdKA==,type:str]
userPassword: ENC[AES256_GCM,data:gR7q508lUaRDRJ/z5lH99JLJSS9zWfg0O+TAm2B9uvo=,iv:9DDQxwd/BGtLQDacAH/crfT+qU4Pn5sGkWuEtmMprUI=,tag:tK3WoUd7729LQDVqU7pckQ==,type:str]
replicationPassword: ENC[AES256_GCM,data:BSA5IfYhhvN445yp2i3BI5zlIXgdj+LejCPzvlTMnVo=,iv:Qku2NAQPLxt+NUnk2dSx1+WAoyx3aEuA3+piU2mubYk=,tag:MnI+atK6VLZUc3eGS1OE1w==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2023-10-22T16:25:15Z"
mac: ENC[AES256_GCM,data:uWVPfKwPpR212js7f2RnCzEsMnxk2JpGPcf2L5i4gJCddJCrRJkdhjWGyVVpp/ociP3JLRTI95+WSEUH0KkPZpY1ptQevCVsUemRytOCtBlR0yR4qsBwEisSu8m4B5dbAYsqlXAndrBNL2WGB7uBv+ILgNxkhlN58unseSWJBDM=,iv:e7QyZSlhpyQ+A8OmV4p1848itIUxyam6CJOI9/N7DDY=,tag:N28mfrAjUTTYkly1hu0OhA==,type:str]
pgp:
- created_at: "2023-06-19T18:35:15Z"
enc: |
-----BEGIN PGP MESSAGE-----
hQIMAzKleRwoSoixAQ//aQdUERyq3G7V29F5rpY6LdDgo8+hqrrZvdI3JnON0VUM
Tj3AAYg+xvYh8aPQywF9fJvn6qNw8fqrb2GiuuNTa9ZPCFsD+WXbuYHmQ9z6tAtV
opXe3QLNBuo9zEtUfGPbaCp8EH7f1TxQsTJoe9iE/1B2S69cHNUdgXZtfQyhpmlG
iyAk/G04kPazweIuFNjOYaN/12J/s2Cf5AZUeROkMxg8/GTPO68LeEBz9v4vl/1z
JlxmZyXR/9IeoBlO63asDrR85fcvSDb31K4qE3WVkag20bXClv1lehLVKO4bxA/F
lW1tXDR3odC9Ozme884Znd05L0NWkzYKYRta198IV6JuSCeMdjTscGGlMM9wqqKz
SZgs81FHXT16YCVupfI22CqMiD0EzQXrGEtJ4NqaBvhZu+MDxszNRzIl73b0HANc
8JQqQqOJh7ltrWnf39Xlv73yVC/pYbaV1LWGnMfqWvOcksa9QjOH9Ysfj/RxdaMw
VQhydU+21+xeuEQBL7OsiJQUzgJjFREnTRPXcorCtWxocCn5zwdct1SFchFzCOTp
H0ubpD+MP4RTWxuYbZRhE5ty6GJU9liRH7dUJtVaQiv8V+G1DungTqq36AbbnHzd
9cy+4cM3wZx2VYElL7DBom8nqqm7Xhffr0UaaY8VFuV5bBry3BmM5rOr8vDYqf7U
aAEJAhC/4yiBMuhEB+fwXIq/dBjMzW+p8SotK2QK03yaTFQchnBDknwVdqcKQxIZ
di3kupnjB+KllWOZhl121tT9L35ymL53BUu1FKCTFdIS2wXxy6UlIS98n0bvWJYN
c5WTfk81xmbT
=UE14
-----END PGP MESSAGE-----
fp: 2CC2B3631D5C3393901335DB68F95C5D753EE1E5
- created_at: "2023-06-19T18:35:15Z"
enc: |
-----BEGIN PGP MESSAGE-----
hQIMAy5t8IMoPu4VAQ/9G2JDsJw6YJMjstWPrv07tnU0ErWZx5WGcNUGhw6T5tOJ
kXCAuaZax8NxoTtZnQ9Cd+WgJr7R0FuVPEPTc4G2RsfntSZq5rBgCpT0fgwyASFX
64b6YTbLcCL+G6sg/FwIi9SRqqCsaljATjoU685vrjaxYYfAdhyUoM3qSNjMMaMl
zVjn0kbWrQn4GqfuRMqcr+zCIQdHNTTJ12+c6UUo/zJp4zzjA68Yur9aiw1iHtR1
rYCPHX2/ZmQjADTHXqwpuMdb5j0VDcd5JcZabdcJkhn/6MRJiN+XryZN/Neq9UbF
5WrMaZz5v0iRnMUCr8HMw29P0ttu5Sma+RyCOZuWlpsXj+C84pJ8CjBbFhzSJzGP
cKI8Syn0CPLN3X6vKs+LJXEHg1jxJ9kuN+RgW+SQRctUX3A0JtFg2tWplkptNtLl
hN5rW+fWxk7BV9dP7wouwVJiKcW3Y/OMCF5H8YHwL/KVHvANBwNM+nmFPrHaqN2s
0RghznmZMVG+9IYedSM6d8ZJLnO/QsNTE0QTGM/3dmBAn9jcndCLTgcgThAtvcmw
lFJYaMN3W455Cccaif93xnb44yn47actgEuM6GOuP15GGJaHD2iBQ2atHcaQhNQR
mxhIIouu+Kaa6g34MA/VGDNoN0eNYI5RZIUSSBl7bgaOXs9/3j1Uvap9yesCaOTU
aAEJAhDDqjX7RUazeEByAiKjv5TxpQzsi8gR4zyrhf6tTx34jHzQNoVjYEtLMEVl
ZlAJ06RoxOj8O6+8RGYd/ZUE+TQPQ4jx+PgWrZPUQx8TSxevuduw5XZ1lKytUSCZ
GFDjOxp0lMGV
=LHSB
-----END PGP MESSAGE-----
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
encrypted_regex: ^(data|stringData)$
version: 3.8.0

View File

@ -1,4 +0,0 @@
apiVersion: v1
kind: Namespace
metadata:
name: database

View File

@ -9,7 +9,7 @@ spec:
chart:
spec:
chart: app-template
version: 3.1.0
version: 3.4.0
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -0,0 +1,26 @@
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: exim
namespace: flux-system
spec:
targetNamespace: default
timeout: 5m
interval: 10m
path: ./kubernetes/common/apps/exim/app
prune: true
sourceRef:
kind: GitRepository
name: home-cluster
decryption:
provider: sops
secretRef:
name: sops-gpg
postBuild:
substitute: {}
substituteFrom:
- kind: ConfigMap
name: cluster-settings
- kind: Secret
name: cluster-secrets

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -10,7 +10,7 @@ spec:
renewBefore: 360h # 15d
issuerRef:
name: cluster-ca-issuer
name: ca-issuer
kind: ClusterIssuer
dnsNames:

View File

@ -9,7 +9,7 @@ spec:
chart:
spec:
chart: app-template
version: 3.1.0
version: 3.4.0
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -9,7 +9,7 @@ spec:
chart:
spec:
chart: app-template
version: 3.1.0
version: 3.4.0
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -9,7 +9,7 @@ spec:
chart:
spec:
chart: app-template
version: 3.1.0
version: 3.4.0
sourceRef:
kind: HelmRepository
name: bjws-charts
@ -176,7 +176,7 @@ spec:
ganymede-data:
type: persistentVolumeClaim
size: 15Gi
size: 5Gi
retain: true
storageClass: mainpool-hostpath
accessMode: ReadWriteOnce

View File

@ -9,7 +9,7 @@ spec:
chart:
spec:
chart: app-template
version: 3.1.0
version: 3.4.0
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -9,7 +9,7 @@ spec:
chart:
spec:
chart: app-template
version: 3.1.0
version: 3.4.0
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -6,7 +6,7 @@ resources:
- ./trilium
- ./mealie
- ./huginn
- ./exim
- ../../../common/apps/exim/ks.yaml
- ./well-known-site
- ./dendrite
- ./ganymede

View File

@ -9,7 +9,7 @@ spec:
chart:
spec:
chart: app-template
version: 3.1.0
version: 3.4.0
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -9,7 +9,7 @@ spec:
chart:
spec:
chart: app-template
version: 3.1.0
version: 3.4.0
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -9,7 +9,7 @@ spec:
chart:
spec:
chart: app-template
version: 3.1.0
version: 3.4.0
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -9,7 +9,7 @@ spec:
chart:
spec:
chart: app-template
version: 3.1.0
version: 3.4.0
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -9,7 +9,7 @@ spec:
chart:
spec:
chart: app-template
version: 3.1.0
version: 3.4.0
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -9,7 +9,7 @@ spec:
chart:
spec:
chart: app-template
version: 3.1.0
version: 3.4.0
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -9,7 +9,7 @@ spec:
chart:
spec:
chart: app-template
version: 3.1.0
version: 3.4.0
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -9,7 +9,7 @@ spec:
chart:
spec:
chart: app-template
version: 3.1.0
version: 3.4.0
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -9,7 +9,7 @@ spec:
chart:
spec:
chart: app-template
version: 3.3.2
version: 3.4.0
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 3.3.2
version: 3.4.0
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -1,8 +0,0 @@
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: victoria-metrics-charts
namespace: flux-system
spec:
interval: 1m
url: https://victoriametrics.github.io/helm-charts

View File

@ -2,6 +2,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./victoria-pv.yaml
- ./helm-repository.yaml
- ./helm-release.yaml
- ./dashboard.yaml

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -10,7 +10,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -8,7 +8,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.3.x
version: 3.4.x
sourceRef:
kind: HelmRepository
name: bjws-charts

View File

@ -14,4 +14,13 @@ metadata:
namespace: flux-system
spec:
interval: 1m
url: https://bjw-s.github.io/helm-charts
url: https://bjw-s.github.io/helm-charts
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: victoria-metrics-charts
namespace: flux-system
spec:
interval: 1m
url: https://victoriametrics.github.io/helm-charts

View File

@ -2,6 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./namespace.yaml
- ./wildcard-cert.yaml
- ./helm-repository.yaml
- ./helm-release.yaml
- ./dashboard-ingress.yaml

View File

@ -0,0 +1,7 @@
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./namespace.yaml
- ./postgresql/ks.yaml
- ./redis/ks.yaml

View File

@ -0,0 +1,6 @@
apiVersion: v1
kind: Namespace
metadata:
name: database
annotations:
kustomize.toolkit.fluxcd.io/prune: disabled

View File

@ -0,0 +1,73 @@
apiVersion: v1
kind: Secret
metadata:
name: pgsql-secrets
namespace: database
stringData:
adminPassword: ENC[AES256_GCM,data:TPHfSeNOPjeBuDUCahKk1MQQ3ryPcHiaTRKtmlHyVrc=,iv:I8moW3RzTB8avCCbFK11NEMru0XeNkncYOxO3yfP5Qw=,tag:8CkbADFhviVFcuXkxKAoAA==,type:str]
userPassword: ENC[AES256_GCM,data:vV5snzyNIsUhelMIlvlPLJbfgdDBO1VzcJYrQspplns=,iv:85ycMhbNxtUW5Tii4lbwKpUX3TzGi3HSv0ZDvmd7jjc=,tag:d0KN8cybXyWTzA7Wky/IbA==,type:str]
replicationPassword: ENC[AES256_GCM,data:6K/fqD4hnOS48JjJdxKsVqe+DL5RaaGtEXtvrkTSaAU=,iv:OwcsrciG4I12Ysw69uSBEF9uebI8Rw3Y90R+UQ+6jZY=,tag:kmwCl/nYo+lIMBDWxhUdfg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2024-09-20T21:13:35Z"
mac: ENC[AES256_GCM,data:DbvO6SPPqQq/eYU5MPR3ZGhqvkbdXU682w+QzzUN3iyN0sr2Wn13X8hKpZzLxLvIvDERNubEMAHE8gCxE/7UL1fjQwwg8DuV+ho//osYDKsHz+8zjC3nBsViU0NPlxoxmgW1tnD2YvjB4412st5cgVak5ue1zjPCNqsE6tZt+J4=,iv:vxm/nFaXXhOgsUzg69EhNRfCbuyzEXlbGXnyCj4rTNY=,tag:U455Vir/gOPIzdtq+S7s+A==,type:str]
pgp:
- created_at: "2024-09-20T21:13:35Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAyqlIeyoxYovAQ//Z1qW9rA53nk8rhdlHQm/YtUrCbjbUh+40JZE1mxl8vhJ
PcPVG3Lsiqxfdvzk5BR15WsnuIHZ4bYsKqWTZTX3h5zzN5t1j1I9nvzIcRLp8ytY
LIZDxc4+J4fJSvcAZ6bw1nhtLZ2Kv5NDSjUlZmayITqYBVifRf95uv7vM4EbSJnD
RaJGkNtbXMoSfLSSG7Rnh3M1QKtFnKkRX440xT8UVGOGmIYABAhTxQv6jF/4mM2T
MZH5i1WOkJS3CfmjRIMiJ0tMfe477ykPW4Diu3dSXzh3ZpdvRmCWipVOReAceMQn
3xzeNCcG6rVjDKeQbKULuNXJ//DEDa/tHHoFbcujeUOF149t2N2ZoNraFthBTT6O
DpZyOPxfjh9PIEOoIM7BASI93R8IC0xUd7qPzbxVKozBqx6YnX3SQVdjvfC/FNlZ
P5wiELiiYmSSOJxFWCXFE83VOBaqRaTFobeDtgY02KdDgHxnXGD5iC1QCyepmt26
vL+VGVYb0811TEqLsGwpD0qpwXKzuOCgSDdFAUbFlJSMaKopwN5nvh4J78CSEhSL
YRPHpfFy4L00AoVizx1RQmBq2+SczFe7g8nsbLWudl2THGC1L5v9tIkHNC3WlUYE
6BVg+tO+/7iRUcKL9e8oIKyTcgFa1UVIjiW94zy9eeTGQntgA0z1sBCSxLOdjeGF
AgwDXjg0p2IN1X8BD/9Bt1qIV/pnz4NjYXee2a6+72bmI4LLh0Tue96zhlOGNrqs
nFqia0cIY6tqab0c+jWqsmpbpfrG5iviRjVkcIHdAbP38e3beX7vlHRhx2x8hNXt
JPqmApGlfk3Y1RMEIpFIZ7ErkpMekLa60ezibMOQPVl6elT9vvp//+T0qWUlPd3h
Va87mSZoW5TXMPPynJctZgbnCAkKzQ5u5QvKL8+uIcAvdCocK53z1BeDADqciWgk
dumk5+o9ctvz0ie+diDBPZPdsaWENpWli3wc1yrejCbDfRSXb26ufpKkI2KAOB+N
KyZilAstdP649/ATOS/WkZHswQOOS44hi6z/Qp7nxiIyKHPvoCCGM23lgjV2bkAl
Mj5FiPtRLjxY6/l8ksu7UQM3P5ON2hz7yctgXRkFxbb8aRuzKYeTAwOG/Fd0s5FZ
HyHzyYytLzA0fR0aopf6XfzWhm0yURd8YebuD9LXcDV5JaF6VQDbKA4xOSodDESs
NB3F3vOQ909CXQL3Vr3GnJJOOUbIL38ox//Xh6zvUV3NVDULR9yCXKXbASevMpQy
If9ZQGxlx1CtnlQslv6KR5FiF5kVlkMBMezzEMDkUJiFIFzHb/d7MrPzT0mLQksl
g1EZnvf0C4aL7go6yNTYbGsvg4KCs3TnescQfW50gtizsrTSIgua1KFoUnQoitRm
AQkCEODmGmTlB+anRvgFhtSfeCll70VVNUFatvzWZRmJz1i+nkQPrjM1DPjEl7Hr
WTUWk/bgpirVE1fBAOlHeSgRraL3Pk4L++nKrOooW3GL369Ld9K3FEpBBJinszOi
J+a7ARqW
=NHeY
-----END PGP MESSAGE-----
fp: BD1AAF9D8170F4BEE437365FF6F0933799CFEBCD
- created_at: "2024-09-20T21:13:35Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAy5t8IMoPu4VAQ/+IISpOpFI9l3dBhiTkFXIOWzF3eQt3ppI5kElJXPSGKev
wfOpXF4cb7fLEI/rAQOOaxvn33Qfnn7ttytzYKhFPtOlOy9/14T0/duMAkHssTQr
Hyr4Qtsa6sZOBV0Ls7znY4EUOuoq4QDUCunZ/8wlVbyZOAQG2KZZfN7FbYr9d2Nv
FzsF6tUNr7zkeEfpwdDdKcRS997EEGYzkp2/D17B+aO0FzIJruy3gJxfLg1j8Z/M
p67lXEdKSbPwPURDpSP8jQdA1R6ktY5SEd8nZ763pJOeReGbBg3VsI5R3NFR5liQ
UI1AmSxCC4nH+3YQKDohicYwatUfGAIaquNV9VaVlHWWkS2cBFwkEcHZuVnRdqDE
Wt/T5UkDKiA4yBcSWhd2P+l3gFKq/0gSHxLd0CgQELYXzHJKAXP2/+hGg9LJyAYl
oE4XWT2Lm2C++yI7vZqnabexUS43hMRHKJ4AmxAmLDmQRj9n5i8Ck3YMGp3Eb9WA
WOqH74Cyl8mPNB7MovMLpEdJUxqJUTVFsTJumWrDu8vXDv+rrLDUmb3OVcOiMB6v
kpyB+PcWLr05t7BpPoh6jFVCRRKZeNk2Vmf69T0c5I7f2P3RR+Uhaz3eHzDs6G/V
yiqhlDgg78/veII9IyipxTLucaYxdcJcGq5Xh45ZEGOV1AZAvXbFhehknQzyIBTU
ZgEJAhDpDhSFoYuHtG4XRhBsilQ4zffNIA/sSEQF8Y4KRFGZAIJEcTnsfq3Es9SF
pxdVmhEezl8ewESwKX47HqlDdSnA7EAaYrZaV1hEFMe8vn7gHzn4l/inc/R1ck+K
LHS6se8PMQ==
=QEN1
-----END PGP MESSAGE-----
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
encrypted_regex: ^(data|stringData)$
version: 3.9.0

View File

@ -5,9 +5,10 @@ metadata:
name: postgresql
namespace: flux-system
spec:
targetNamespace: database
timeout: 5m
interval: 10m
path: ./kubernetes/common/apps/database/dbs/postgresql
path: ./kubernetes/thin/apps/database/postgresql/app
prune: true
sourceRef:
kind: GitRepository
@ -25,4 +26,4 @@ spec:
- kind: ConfigMap
name: cluster-settings
- kind: Secret
name: cluster-secrets
name: cluster-secrets

View File

@ -0,0 +1,61 @@
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: redis
namespace: database
spec:
interval: 5m
chart:
spec:
chart: redis
version: 20.1.0
sourceRef:
kind: HelmRepository
name: bitnami-charts
namespace: flux-system
values:
auth:
existingSecret: "redis-secrets"
existingSecretPasswordKey: "password"
master:
podSecurityContext:
enabled: true
fsGroup: 700
containerSecurityContext:
enabled: true
runAsUser: 700
persistence:
enabled: true
storageClass: openebs-single
size: 16Gi
replica:
podSecurityContext:
enabled: true
fsGroup: 700
containerSecurityContext:
enabled: true
runAsUser: 700
persistence:
enabled: true
storageClass: openebs-single
size: 16Gi
sentinel:
enabled: true
quorum: 2
persistence:
enabled: true
storageClass: openebs-single
size: 8Gi
containerSecurityContext:
enabled: true
runAsUser: 700
runAsGroup: 700

View File

@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./redis.sops.yaml
- ./helm-release.yaml

View File

@ -0,0 +1,60 @@
apiVersion: v1
kind: Secret
metadata:
name: redis-secrets
namespace: database
stringData:
password: ENC[AES256_GCM,data:jjXsxyMKvPsAAr3wMhZWV/E/Qmmz/OYQvu6f8pRXasY=,iv:8K9IzAywC9CHiZ+ASoxhSqN14amL6APbzjpBtxPS50s=,tag:GbgcAhhDp+ob83Neyr/Lzw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2023-04-07T02:27:25Z"
mac: ENC[AES256_GCM,data:7/C0bTMeOXSWeP2ftsCrWRLk84U0RmmNBQgo8oWKKo82ELZq13UNjGyQovdnkSJQohmrf3NeYAqD1BEdkLnV1i8Fc0+UeVw0RIqApVXT0QuL1N9raw71TCZFpdIlB/QVqpnSByGquHtHeDVCU1XeVucq9SXbRQC+KXHIKKYRRWk=,iv:gG2zWKGmhCbz3iqfYUIpTvgx1Pkr3jnCPsopS1sWLWU=,tag:AAg40kPevQR+TsIpvarKRQ==,type:str]
pgp:
- created_at: "2023-06-19T18:35:20Z"
enc: |
-----BEGIN PGP MESSAGE-----
hQIMAzKleRwoSoixAQ/+MPwsw23CEJ7+tNW+wswxHW/HKssn9/9M+GXTVTNiSLhU
hec797R9IuuUOVtW6Q6mRmCnnIxeU0NCTDJ75Fk5S+S7vvY1SEkR6YJ7dOSX6hpg
BohlEJYKMTYgLLUmxNzz+Kvih5HHY4EWhKPF1fRh45q2eosQBNO3bb8NGe4JddV0
kdyBTEOfWMG+gYb+Rygv2NNJy51FiWUeimv1zVbTKgFd+kMJVtDZIgFY+YdC7tpk
5SW1HW1ZzCbnAqy0M+NUQ1DH0diAbqUwrgCz/crzd51GXl75YMKt0AQ90Cfj9qJO
EcB6HRBmSxLla+AGh/s5aGPLEInlhn6IDgj0BLmFFa9VKHw/F9Oq2SUvb7CKgLPr
mkxkeV9JG6rIdnEZ7LijGb+tZEYsbGTjX13AGEMpLY6B+kxJyktK9rW/WdW34i6V
7Oov+FbXNzOOIHi839xhy1zrr+fUuP1Ow6cpJEsBk2+0eEVyYyDMw7BmTfSCOBOs
ErBrbuz3xtHBzFnc5qKAZGCkCpQjWbgOBa9OtgCOpnzBo5vLsgqnB4pJEQTSjgqm
CPiHH6Jgnjcufx+YWGSX4mATOFBCyNaGZQoezvuGpmGDH6XtulmWAVt7lc030AUL
t1Cvf8LlNznzplApm8l5QjnjOFbZy00dfakm3plxHihpai+AJx0ia5Z6vNgofG3U
aAEJAhBk7yj9x2Dmj6kY+gZCaMvOx/RDPHCHJxgy8nrEGL0s8T5tKFeOrqCvPVPc
Ba1z1+zM5U8g8H3ejDcxbgD6M4Pn3h0vK4KV19xFj9MT3yEup5g6JllVMCjR+4b4
6Ws3PAOg+gfn
=KUC9
-----END PGP MESSAGE-----
fp: 2CC2B3631D5C3393901335DB68F95C5D753EE1E5
- created_at: "2023-06-19T18:35:20Z"
enc: |
-----BEGIN PGP MESSAGE-----
hQIMAy5t8IMoPu4VAQ/9Hz/dua2fj9igN4oKMbynFYw9RjNxvR4FTbflze7ta3B/
XwyqNmGqG/Nf14zmCW5vX0J4HQIH/6oqtaOwefDoT1BKS89wZQ//ULiCvP2+ySKI
MFi6dgX5c+Jz2Qu6+AcGLEMUvrBjOcH36Ev6wOsGvtf9neQgWkbWDAr9aPJUSQuD
YmoWgGQfjvpq5yKLMs7fHGzCGzgJ9/eIy6w2Hf2YbaeZ1yQUVbOWLeM/UkFBoKEz
o+5S8bdmfiJxBpNPrqW7nxkRhyuEIBlrqmbqUMzLqgWzE47hPZT6lL8neuLPNB0/
HojCdKdhloTWu2BuIzmlYarJOVKAVZLvwCec+ExZGRtCj+WoZ74Zv7VTJMK3SrDp
sHhcvLNsX0FxgOdzudtVK3zGGuLFJl+PO14FAXqRKbGyrqAG5turyN1UUtPvXnxZ
8rZjqNdIpYXzz+4/1qbdNdDw+DrW/kSd/bjYhSje5J0eKo1e2O6oSyE6fY54yzBk
qk5vv8kgmPGugZOB+Fgxt3wINcd066oRlf66tSDFDrzaqBTem8PpIOM551Xxelry
NX7s6QAzTZTnaN9jCevo0HjqHYJ7s5RfNCBbK/lDyV161TOEl7mEhJEBiAkK5OZQ
JVrtj14BojBn7CeqTEWf+AF8isPsGjkKeK/AB80z5znhz9kryyjjzcAv+w1CUrzU
aAEJAhCzS5DclvrUB4EWfZGQdgW6uvdqATJGEUjylF0s6/OaaGCo3twB/nxdbYbK
l4fRjOZalxm0hDYHNMpfwgntBq6aL4gA77AQCAKEkcuCBGDRPNUf85zUdU9pVbUk
9ihOPpcMmJKt
=wNI4
-----END PGP MESSAGE-----
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
encrypted_regex: ^(data|stringData)$
version: 3.7.3

View File

@ -0,0 +1,29 @@
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: redis
namespace: flux-system
spec:
targetNamespace: database
timeout: 5m
interval: 10m
path: ./kubernetes/thin/apps/database/redis/app
prune: true
sourceRef:
kind: GitRepository
name: home-cluster
decryption:
provider: sops
secretRef:
name: sops-gpg
dependsOn:
- name: openebs-sc
namespace: flux-system
postBuild:
substitute: {}
substituteFrom:
- kind: ConfigMap
name: cluster-settings
- kind: Secret
name: cluster-secrets

View File

@ -2,4 +2,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./whoami/ks.yaml
- ./home-assistant/ks.yaml
- ./home-assistant/ks.yaml
- ./nextcloud/ks.yaml

View File

@ -0,0 +1,80 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: nextcloud
spec:
interval: 5m
chart:
spec:
chart: app-template
version: 3.4.0
sourceRef:
kind: HelmRepository
name: bjws-charts
namespace: flux-system
dependsOn:
- name: openebs
namespace: openebs
values:
controllers:
main:
containers:
nextcloud:
image:
repository: nextcloud
tag: 30.0.0
envFrom:
- secretRef:
name: nextcloud-secrets
env:
POSTGRES_HOST: postgresql.database.svc
POSTGRES_DB: nextcloud
POSTGRES_USER: nextcloud
# REDIS_HOST: redis.database.svc
# REDIS_HOST_PORT: 6379
SMTP_HOST: exim.default.svc
SMTP_PORT: 8025
SMTP_AUTHTYPE: PLAIN
MAIL_FROM_ADDRESS: karasu
MAIL_DOMAIN: ${SECRET_BASE_DOMAIN}
PHP_UPLOAD_LIMIT: 25G
NEXTCLOUD_UPDATE: 0
NEXTCLOUD_TRUSTED_DOMAINS: '*.${SECRET_NEW_DOMAIN}'
service:
app:
controller: main
ports:
http:
port: 80
ingress:
main:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-production
traefik.ingress.kubernetes.io/router.entrypoints: websecure
nginx.ingress.kubernetes.io/proxy-body-size: 25G
className: internal
hosts:
- host: "drive.internal.${SECRET_NEW_DOMAIN}"
paths:
- path: /
service:
identifier: app
port: http
persistence:
config:
existingClaim: nextcloud-data
advancedMounts:
main: # controller name
nextcloud: # container name
- path: /var/www/html

View File

@ -0,0 +1,6 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./secret.sops.yaml
- ./pvc.yaml
- ./helm-release.yaml

View File

@ -0,0 +1,12 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/yannh/kubernetes-json-schema/refs/heads/master/v1.30.4/persistentvolumeclaim-v1.json
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: nextcloud-data
spec:
accessModes:
- ReadWriteOnce
storageClassName: openebs-dual
resources:
requests:
storage: 100Gi

View File

@ -0,0 +1,73 @@
apiVersion: v1
kind: Secret
metadata:
name: nextcloud-secrets
stringData:
POSTGRES_PASSWORD: ENC[AES256_GCM,data:hSEHM8F/2NS3iAdD/ylhrWUC1jv3nuObk41xuhdIbNw=,iv:nUJW4lVuveWztcRTwa7BflAn+JIBZVpR1J0CKB2nzlk=,tag:zl8Bb8lDWVSykZBgMFnDXw==,type:str]
#ENC[AES256_GCM,data:Ke7eG/Ch1Lf/f50JYihAfgvPHCqjfsCqpQ2taZ28Mzoprm/C6RdiTbEurncKPBErEDno2RLG,iv:OXPG9pJnMZ79gs4rR7TRC63Z2NwuYFq4UCtm/lB0gxU=,tag:MW0gxQjv4lrCw/vEsXtJ8g==,type:comment]
NEXTCLOUD_ADMIN_USER: ENC[AES256_GCM,data:qCPT/ik=,iv:9SJi/IcfuTjwjj2tjvjoZ24GJBporPCilgBvh7WGlmo=,tag:CKqPpt8ihxCmDhF7OfgolQ==,type:str]
NEXTCLOUD_ADMIN_PASSWORD: ENC[AES256_GCM,data:F0mmuf7aEXgsqkKR8UHxbA==,iv:XyBIZXB4Vbp5bxb+3BZ69tTykTQVkXPC1mEqBj4GffY=,tag:cIewFwkb6YKIjsxnaL668w==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2024-09-21T03:07:42Z"
mac: ENC[AES256_GCM,data:hlGLaHw1K/gkE063JDPplqg3b3hOqcZeNoFkRMvHNhewTlTIomc9xK0tnDa9Nfw0npkwYgHCZya8+KT1m2pXFm7l4i6z6cvleWTf+nXSIt3RILTEDNOZf2ddZ/Lx7gAiFLLiUJxfFXa7SSiTDxgSje8Nlwmynv5jNUR2rIzJVVM=,iv:PKR+Clspn5/B3G6eUOIIPVv8WCx7tUJYC8F37IIfzzE=,tag:9PyeZ2RYaNlnc4i7dwvk9g==,type:str]
pgp:
- created_at: "2024-09-21T03:07:42Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAyqlIeyoxYovARAAh9YzwXNlYOxHKVx51LP5GAalTaBxaTK/J7ih/PVoY1zn
RCPwWhddsVitaeMScZFaoXy9hqvgn+U4G7o7nwtViDfr00POfJ0Ka9bDHWWQyVws
KF2aTwWeHf4//fRZm3/hyfkAtK3iqgY2p1u3yS4UY8tGtpLgf+6bl1bFNeufVFh3
5i6rQ5XvncewTyO9WHQZfrKydDIjYfj7c6AReJfBr8oQfKP/qcN7FdAbcT4XJ3Az
y054N90zThRIS2KdNvIFOmnGXhMolLyI5/cg+o4/7QnM3Z0KuT/NjME+8bvkYqKm
S4phco5X15TdLyFjS+H4ynDQa+fYxL0y3CQL+wPpQoqIjkiBBqBXHbUPTmzvc0jG
KTZULv/Zg0byCvpCxqhuoJrnIsejzMxbu/JxmpOODcUwzR5RFAecFRurqPGJEReo
hUbwjYYcEYRDdxGaTnSwn2sQSJCLhTPkMo2CEuQRg2d+QG19mNwmMlg5K1+23hpO
WAZxGKRPPHzyhvHMAycTcZidIG32yDORIA3XOE9iqXQ4bK8fEMvc6bg7/SA56eHz
hxkv8xS9KQxFQduE1rT3GRKVcz5NQJxnRopnKUas110wdysp5Oot3EhkKoO2fIRt
Ocapi0S0MbCrsYf9pF9irkDHV1JZHa8FxFCk3ugzzyW62swSXVy8IQA9UZsODd+F
AgwDXjg0p2IN1X8BEADTOyfxeBxMxy4J+Hhq1EMAuBAe4wmUnz0l/0mJA9+ODXpF
i9mk0NgigVIwovl9sUZQbn6MgJnJZkv+4AuYaun2G7cgTu2a1ZYL6IEcpnWLkjbx
YGOUw9VX76Fl41e6lotgqGfaiX7NSbn0HMFi2ALZsUsF0BK0iZNarJwvqlcq4JSR
YNXNSemZi5r+YXfAhzDD1JgRFoSxmg3odKHsd3zDWhPpyBsucMWX8m7CH3VdfcOx
3in9EMoQ3YikU3vfFJ3wfMtm8D/TUDMPt2j62LuSb9tymIYPUCG90I7XJyQg68mI
y2QvV9snaxtUTEv5LDtL3R7SKrliNwZfSPgr5f6toeP9rf64lXzSjZ+4hG2MW7ki
8t+qwv48teBK7ypEWk+eRK1PtKzxJ2WYDMgwBto5bju6YIft/oczdQQZMVM27RI9
bg7sBHsCHB4Jnl8gW7wnB4R179CbQXzbkv5t72YCRHm+9p7kLGjVfJZQq8I6YtOy
CzMuWkBxdpVCm3QIEE5MF7DKpHTfQK2xfRSy3Bvem4Lxs06krGOeA7k3EtX65+vX
+KRV9SsQkBqswfs1FqmUAlhFpKY+h8DCH2rhE++VdAl2y1uNPjOiZzGzz8ju3nY+
mDwHDbTmNDrGOVqgfUyd7qnzsJkdmwEvKaulOourEg0mD6cUxrY2cNvTrffy8dRo
AQkCEGsxKYnSmGXVUV1ZEm/Cvl7OAfFEOyRSg7kfKvYFpghbyEm5/IIfz9zwraAC
lbngLnAvAy+uLMMxSGm5BFQYVRKlVi9gwsDTxqLEhLg9/3MR7+C/JyjdEcM4YsNn
rnMsrM+OIfE=
=aJaL
-----END PGP MESSAGE-----
fp: BD1AAF9D8170F4BEE437365FF6F0933799CFEBCD
- created_at: "2024-09-21T03:07:42Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAy5t8IMoPu4VAQ/+KtGPswz5iC0pk6dPZG4enXdjfJ/wIfz1qKv4Ozb6oqNv
GweoS9IFCZK/WQSCc0Y+Tb/2+Au6uUS0aCJBTT94GpGHKRwIMh9HKmiwYE9Znrcx
Df/jerq4r14+DfwaAk/Oq+LDCfsgvDJ8B8H4JsixCoLUuH1QWQkNqW05XD2aTskd
hnyHsSIeJXjFw68dR+YGHime3aiG6nXpt5bHI2WdL64KAb+mQbRUJf469djb+TEp
MmCPojh9eZxggIKBKC6KWLFP/QppUwDYZ0zY4dRhkaZV8kebkpLPAsnof0NEpjda
kc4eqneGhpQrzDn7SPxponYm/CEyPMs9EyluNCDQbpdSiTvBJwhiRb1llCZki2Ke
MoFdVrKEJL7OwxmPWk6YhBuzg7V87pUd/gkSYpO+Xxbu7BEiEBhJfEY+803OPISo
VavCd5pRfJMkydQI5hveoWxceJ4+oRToOLvTIVDjzwlafE5DRPYdK69VaznRyaxr
YAIsPqi1LELb9mSyxrfkdjFOstTOh/mc4hbtYHtSrY76035WiXXZAh5Wm2K1v/0x
0mlxyh4u6I+vA2kBfxsvtbe3EOIKtudpGQBF9LsAKGU2lMcSvPGSD0uoVDc/F5nA
w04bez4jnFoHUTOCRIp0/7cVD7kxSzHA/Ln43I7Nh+HYcsgmIxEuXspBOaIZyr3U
aAEJAhDkRtIhPkprJKchw9ypBxRGNwEn3UqAzfgPUcyJPqrb6/fJRgbvgMXOHiGB
gnIl9Ne5QshGNSPzNcU9fkvpDFmOcDTVODFOuf5ocQsKYjkpJwPaBpDwz2GF/NS8
6OUCgTUrnMdR
=vDP0
-----END PGP MESSAGE-----
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
encrypted_regex: ^(data|stringData)$
version: 3.9.0

View File

@ -0,0 +1,29 @@
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: nextcloud
namespace: flux-system
spec:
targetNamespace: default
timeout: 5m
interval: 10m
path: ./kubernetes/thin/apps/default/nextcloud/files
prune: true
sourceRef:
kind: GitRepository
name: home-cluster
decryption:
provider: sops
secretRef:
name: sops-gpg
postBuild:
substitute: {}
substituteFrom:
- kind: ConfigMap
name: cluster-settings
- kind: Secret
name: cluster-secrets
dependsOn:
- name: openebs-sc
- name: exim

View File

@ -9,7 +9,7 @@ spec:
chart:
spec:
chart: app-template
version: 3.1.0
version: 3.4.0
sourceRef:
kind: HelmRepository
name: bjws-charts
@ -41,7 +41,7 @@ spec:
className: internal
hosts:
- host: "whoami.${SECRET_NEW_DOMAIN}"
- host: "whoami.internal.${SECRET_NEW_DOMAIN}"
paths:
- path: /
service:

View File

@ -23,4 +23,13 @@ metadata:
namespace: flux-system
spec:
interval: 1m
url: https://kubernetes.github.io/ingress-nginx
url: https://kubernetes.github.io/ingress-nginx
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: victoria-metrics-charts
namespace: flux-system
spec:
interval: 1m
url: https://victoriametrics.github.io/helm-charts

View File

@ -16,5 +16,7 @@ resources:
- ./kubevirt/ks.yaml
- ./kubevirt-cdi/ks.yaml
- ../../common/apps/database
- ./database
- ../../common/apps/exim/ks.yaml
- ./monitoring
- ./default

View File

@ -1,5 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./namespace.yaml
- ./dbs/ks.yaml
- ./victoria-metrics/ks.yaml

View File

@ -0,0 +1,56 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: victoria-metrics-operator
namespace: flux-system
spec:
targetNamespace: monitoring
timeout: 5m
interval: 10m
path: ./kubernetes/thin/apps/monitoring/victoria-metrics/operator
prune: true
sourceRef:
kind: GitRepository
name: home-cluster
decryption:
provider: sops
secretRef:
name: sops-gpg
postBuild:
substitute: {}
substituteFrom:
- kind: ConfigMap
name: cluster-settings
- kind: Secret
name: cluster-secrets
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: victoria-metrics-deploys
namespace: flux-system
spec:
targetNamespace: monitoring
timeout: 5m
interval: 10m
path: ./kubernetes/thin/apps/monitoring/victoria-metrics/vm
prune: true
sourceRef:
kind: GitRepository
name: home-cluster
decryption:
provider: sops
secretRef:
name: sops-gpg
dependsOn:
- name: victoria-metrics-operator
postBuild:
substitute: {}
substituteFrom:
- kind: ConfigMap
name: cluster-settings
- kind: Secret
name: cluster-secrets

View File

@ -0,0 +1,16 @@
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: victoria-metrics-operator
namespace: monitoring
spec:
interval: 5m
chart:
spec:
chart: victoria-metrics-operator
version: 0.34.8
sourceRef:
kind: HelmRepository
name: victoria-metrics-charts
namespace: flux-system
values: {}

View File

@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./helm-release.yaml

View File

@ -0,0 +1,17 @@
apiVersion: operator.victoriametrics.com/v1beta1
kind: VMAgent
metadata:
name: vmagent-select-all
namespace: monitoring
spec:
image:
repository: victoriametrics/vmagent
tag: v1.103.0
pullPolicy: IfNotPresent
selectAllByDefault: true
vmAgentExternalLabelName: vmagent
remoteWrite:
- url: http://vmsingle-vmsingle:8429/api/v1/write
minScrapeInterval: 30s
maxScrapeInterval: 24h

View File

@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./single.yaml
- ./agent.yaml

View File

@ -0,0 +1,28 @@
apiVersion: operator.victoriametrics.com/v1beta1
kind: VMSingle
metadata:
name: vmsingle
namespace: monitoring
spec:
image:
repository: victoriametrics/victoria-metrics
tag: v1.103.0
retentionPeriod: "6" # in months
replicaCount: 1
storage:
storageClassName: openebs-dual
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 32Gi
resources:
requests:
memory: "64Mi"
cpu: "250m"
limits:
memory: "1Gi"
cpu: "500m"

View File

@ -29,6 +29,7 @@ spec:
enabled: true
hostpathClass:
enabled: true
reclaimPolicy: Retain
# Refer to https://github.com/openebs/mayastor-extensions/blob/v2.7.0/chart/values.yaml for complete set of values.
mayastor:
@ -41,7 +42,9 @@ spec:
initContainers:
enabled: true
etcd:
# -- Kubernetes Cluster Domain
localpvScConfig:
enabled: true
reclaimPolicy: Retain
clusterDomain: cluster.local
crds:
enabled: false
@ -50,7 +53,7 @@ spec:
loki-stack:
enabled: false
storageClass:
nameSuffix: single
enabled: false
tolerations:
# tolerate control plane
- key: "node-role.kubernetes.io/control-plane"

View File

@ -1,4 +1,3 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1

View File

@ -5,4 +5,6 @@ metadata:
parameters:
protocol: nvmf
repl: "2"
reclaimPolicy: Retain
allowVolumeExpansion: true
provisioner: io.openebs.csi-mayastor

View File

@ -2,4 +2,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./pool.yaml
- ./single-replica-sc.yaml
- ./dual-replica-sc.yaml

View File

@ -0,0 +1,10 @@
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: openebs-single
parameters:
protocol: nvmf
repl: "1"
reclaimPolicy: Retain
allowVolumeExpansion: true
provisioner: io.openebs.csi-mayastor

View File

@ -5,74 +5,75 @@ metadata:
namespace: flux-system
type: Opaque
stringData:
SECRET_MY_EMAIL: ENC[AES256_GCM,data:rNyzxxuVq/1dII5m8OKexQsH,iv:+i/h+iXhBNM7qxDyK7/3pQqp8l7hXDHhnZOwyuwcC3k=,tag:RM3svsBJXpFafRzoLp2NOg==,type:str]
SECRET_LETSENCRYPT_EMAIL: ENC[AES256_GCM,data:uUinHshJ3aUNzJDRQNVNWwNJ,iv:s8kggffO33/E04aUdZvxmgNhoPVKh+HnjX+k0o0DTNc=,tag:qreqEiN28i26OpsagQP5hQ==,type:str]
SECRET_DOMAIN: ENC[AES256_GCM,data:3zCSigeMzhC4H2SDVjqV6Q==,iv:OtUj2mDzmv9afBf4NcDSwZgGdKLJY3WG8qqSbI/NNog=,tag:buWUYjBMtfAVQADN2EREvQ==,type:str]
SECRET_NEW_DOMAIN: ENC[AES256_GCM,data:BDuzEYN7KOlqDUbJyFwHWCQ=,iv:DHrkALxuuEiZhjdLeFArgaORR8ZlsUuW2BT/joEFQGo=,tag:u1zVa2SA4xpgjNcO9iXtiw==,type:str]
SECRET_AUTHENTIK_SECRET_KEY: ENC[AES256_GCM,data:A2S9VBNLw2m6IEEGunHo8T/4v0tp0RvByYc6FIJdx1Q=,iv:Mu+TbsN2Ci2/7LvKhb8XWm6SPJe5ZxS8Z8YWjLwdT1c=,tag:uoatWIMDRLT4XaP0f0kpiQ==,type:str]
SECRET_DATABASE_PGSQL_USER_PASS: ENC[AES256_GCM,data:A++t+kACJthb9w6yml5KJo9Eqc/wp/BFadLzwOQhkhc=,iv:7mA6zCaC360dyJkC5wybh3PnGWjr12q0R/aGKi2D5Rc=,tag:h3BVuMH8VvnSc8LEM85wlQ==,type:str]
SECRET_DATABASE_PGSQL_ADMIN_PASS: ENC[AES256_GCM,data:UyFKnNw20KiJZj/Y5Jba6uFhDU/N+Dijl1mJlCcBgJk=,iv:Il50aBOHREDCDYeXmZks9DVBkq1+z1ZLo2KfibbiWmk=,tag:y/DBhdWLToD30tqVGD3uRg==,type:str]
SECRET_DATABASE_REDIS_PASS: ENC[AES256_GCM,data:ePEMWYYpXF5lv4+RAScXxArlKXq8U21XUYsSWBf8TG0=,iv:Lr9qq1fVuyzleC3oU7izKP/YHoSrtXADl9efz3iWgEw=,tag:73XjcnTWr1wPYFEROznz+A==,type:str]
SECRET_MY_EMAIL: ENC[AES256_GCM,data:7bM8AP6MpPM1U9HcZyZckGlj,iv:NYcQ4ReyBXCE1gX4Or6eZv0BdaPNmYJ+OITCBTEWhWI=,tag:wbhHCasySeXHrKFQGvFhjw==,type:str]
SECRET_LETSENCRYPT_EMAIL: ENC[AES256_GCM,data:iAc1YMo6/wJvI2gUcwjMAvi4,iv:H2B/aFda6AT8zqen5NLFOEEF5ezGRsb0o+OQY19RcpQ=,tag:WMJIMEzl+FEybiggKYBomQ==,type:str]
SECRET_DOMAIN: ENC[AES256_GCM,data:dCeZd1lDd1YiARZx6CdJtQ==,iv:VfSY3mW5pcoxFGDAByWaNrxfUSaBt0LwlEGqxrWSg1E=,tag:WghwPbDJZesdxUDDT6CorQ==,type:str]
SECRET_NEW_DOMAIN: ENC[AES256_GCM,data:rAwZ6eSRQvwrsMHJWdkbEH4=,iv:aBYlbtP/NlKkVUCQfwDLQ93uqjzRX11ni+dR4OTgJg0=,tag:tHqk/tFObAAM8AUUPHBB2Q==,type:str]
SECRET_BASE_DOMAIN: ENC[AES256_GCM,data:ABzFBg1oOXC7wshp,iv:51KKl/K+eDlEu75Ux9ToALK78/X8RUJqFYJdEwJaUZM=,tag:padZKXJ0+eumYf9SNbguDg==,type:str]
SECRET_AUTHENTIK_SECRET_KEY: ENC[AES256_GCM,data:7ZMqFWrdsyXXlUhRNmXfqbJ30Xog5Ff+X+fsJRFXQNU=,iv:yVWIeIo3jKyzrpZZT5KUXMiWOcEO0BEH2IE6Czu4cno=,tag:DlDGrdDKC3ItYzMlZqi+Cw==,type:str]
SECRET_DATABASE_PGSQL_USER_PASS: ENC[AES256_GCM,data:AXei8pfy4yrwWL71TfGhzDN3uolyKYpMo9bZ4qHPi4A=,iv:JPpUYaakIgCI7ML1zJ3bNuGcl2J03q9UZGl2sGPeFfs=,tag:RQVTdozcLr8OdKp4Cr5OoA==,type:str]
SECRET_DATABASE_PGSQL_ADMIN_PASS: ENC[AES256_GCM,data:okfPZ49NTa+UnaGD+9j2Awr1sp13LLLhMT6tnUGhIYM=,iv:n+3hVO4o1inUDfdczRp2Sm7TpNlkvgUclvkXRKDyfWY=,tag:8TlqTf5ocrwllahyx/mO8w==,type:str]
SECRET_DATABASE_REDIS_PASS: ENC[AES256_GCM,data:Vml1wieA2b8LiP2GS4Db3bdZDmv+F3N52doBO2DPblk=,iv:fJLrDgWkcWdMF8LtQycqOY4mKc8OQKLBfuWqxrRR0Hk=,tag:8T15d5GnQ2vHnRcUgtFtcQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2024-09-07T01:46:20Z"
mac: ENC[AES256_GCM,data:vdG/QHWHQge+m6YCBqtAfRsXdWvMLiZQ6DOnaxgaUNpslPvQuHml1kWBsSKrmNmB79jxqB2M6HwEY7ljOMf6ZlTeMs7mW6i0oj368IS6gQGfOHSJ4d34shyXujO9JHEnmL7O0tnOs1bp4ZHxdd/t4Wmq/ii+W/Kbta3/VLtOj/A=,iv:aB8Y4Y0t4ncViBAvH2WAAGgzbrzUSvL3/RRY+VVUKlk=,tag:0BSFABPxUxgRG1fDrDHXug==,type:str]
lastmodified: "2024-09-21T03:07:38Z"
mac: ENC[AES256_GCM,data:ScZhIhlHH29ktpYZo8+NZUiecq65Im5o5AhMA6DVpp/TJ5NZqkp31ctyaSrTue1TqjRKKvFLKoHYMIiG2j4dWYyQCW7oxif5ArtYLBd6AJSVZ8zdf5fAG+BWJL7IovL+R6ndhMhnEcjERBkc9dAQHqnMa1m4GQ3un2TxuHl+QRo=,iv:AaTKOHuAWH6luQY5zkUhFU6wUm8zRiiA6OitFvEYkZ8=,tag:I+xrbnpICburuVYtPg0IRQ==,type:str]
pgp:
- created_at: "2024-09-07T01:46:20Z"
- created_at: "2024-09-21T03:07:38Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAyqlIeyoxYovAQ//XsBS23tIBniGlJAVG7gBJRclDr4ecXUH3LTkVPSaQ4r6
gLPL19dZaYcs4hkvOOgm0u7tXXPMFHuIWvLLPKwAbZMOGcvhqgSWmVDIFRKOtAKt
mdNeVEWARwf2/3JsVSyh8pyxbdtC1dlY6BB8Cxd95n70ZQdrAbGewAK6sVWWAiRr
uSLiYO/HUdyoP38q77dwG4p8up1qchND92Ie04zowWbiquMq+V/2pgJ3dd51Z5Gn
oD1oNZZZeZaBJ+G3mea5QSzduE7x8R56YyGyBcDOn6gmMxJF8adDBsQfdH2bQCWQ
I2QstgQwXAvvwqexow8x/wEAkUXksB/dZKWOu3QhlFq7vLJ9RXGTaKCg0FCcu8/U
h7x4njNLA2/aidAVL4ufRohiONss2fjcDhpiJ7uyBM/horq2SmABzwoCtmRS/4du
oE/Ygfh+OPa6+SuQmwB+BH255HPsDNeikC/F3XJ/LXKO6460L7yQAdYnKAR3EqVL
KcfrVNIaFAIxLQ7SQ3DaU2ddc18pzPbBDnLwwFoO+mM2u6wwaKZkyjAK/1NlNs/O
WGXjPzBvpjWTQmSL4PhwGmtaolNpE9j3zpLHUs3TcKUKXyzV1f5p2pxXBBo/IYZy
rVkKm2zPR0rgkVjJMWiZ+uazGy3mVbsDj3y/5c+CRYTuNoHk/AuWz3x8KSEz/JCF
AgwDXjg0p2IN1X8BEADFHtP/WpUDejsej2gXlWYJkT6N9IiZqfMKbejk3yAQr9+L
9J1c5UkDT6MeQpIFs04cZMAVmQRg+Q5D9ipgp8t4PMBNCT6xuQYIvfkdoESQG4Rt
6FpQHkeKkooXWJJzCppexkKzXeHjfMFm7KPd0jea46uwh+Qx2MbDaoiGK+YCzb82
mWCpgPfguOdbLaGI2aSYiWTrmMnNZv4cthv4Z/u1ph6NB2X/SbG3ot5O569epLpq
Al9bVUb2ZCEfrRUmqC9eWTr3p+GFRF77u7PVBwOjYItI4Paz+M7EKUmUqvMoj4EF
X+I9Oaac2t9nlIMLKNtq14LkncvdW+xuy83M2dN708ceo0+HxUeHCFyqbogKG8l9
vQa9OFGleLyeoWlVlBqKco2cQe4xI8UkJryxsBC+36OaeqrCFAhbYpCn5QL/Ij/4
8ZPg1RCh9oeFvfripRpQ9G6UNtmvloK8LA/73uHnkztAYx2AFMaI6zQr75F7S8IH
tSGNEUA3MHOU7pIrCp9KnGjjfsChD6J9d0EoOOQfP1nDxVkXrL1afiuFtieJOiru
pyr1LJonGBdBxDDSrfPj6tc1moqIjgiZiDBcImEPv076Wro9EZdTi53CNj9rtEln
hUpFDcNMdwccumMslDl8qNdAKJgFGEORtRqFs+n7nywjAnxqd7gVGKDO4RrjsdRm
AQkCEFhM1Krfrf1RAJz/fnEeg21yvhg47SCgBiNGizLXgyCgK1kGuxB+SpJVMkAg
rdBo5t2UfXkVyJQ00K77you1N17NtPnyKr8xfItd7JRmDpJn40f9MFR2AOyVFC5B
lVleELeG
=bKFu
hQIMAyqlIeyoxYovARAAvJXc53uOOVrZjfpoVmHXUKGDjpLE3hoNJ0cB8dtG4CQC
kqHYrEuyRd9bpE2ca46Y+TMf9Ze5Mn8wcKns5zE5AL48GYgN5R6xrZgOW2TItZyy
b5Z9+nGTfFaGYI7/WQIBOL9tuGs0JdRp17V0XOQJTiR0oSXysjw93WzG4cB+lREj
RqMGLY+VDlErNJRTZlHwBWUEyp0xMVvtuF9YoWvTwOAzRCAitDIDp07buqvyYMxg
vmNJ05qUXA+YG3fwVkT3iWFGniwc7XAHtvCl9E8m0kLW0AqxFWozf/ghDbjMhmaw
SQ1YsQyQ1AfoOtPBWHouJ5HXyG7qSbHSu3jhyNbVvyUGMGYdGWh/bhRKyR30EHSM
bBT7RUm00CLcuNlz7q30SxUKq+HU5esOLZfAip4VcwcRfphEo8Atm+xnPtbWqWYb
mo/R6KmuulvXhWFuO0AVpYvP/mcLMTUBK45Ftnd012w3V0RGdzqJYZUwHwUyWCfM
dNJZ3OSr7reSrRteCiar98qWhSi+nfhGGDzj2gIDnxguHoFZNxJ9CrorDURQ9D51
t/bfNNA4Nr84CqiLwpwX9mGRG9B4JTBdlkviMEgzFhgHXNzgWExMnmqqlvNXIkCk
M5RdGmAcHza4lYJel0cCMlbo+FAqcAT2k13BMzaHPjtoFi+LTXaKJwJ0Wq4CcKuF
AgwDXjg0p2IN1X8BEADC8Cz+dEHBsMfL5/0XszKtwk3QHwDI1elOpF7F7zVWLm0c
9xTGlNkfn967kOeuJGIdJdwOOEiz0uRj6RuU/+TciuJ/VleStdFURzBsk1DAq3hZ
rueLO/PF2EIcbx/fNCXCy+vjqre4hZRqXuUfnblSziPn18mOzn53qhApGQbC8plA
HcLcDg/zttC0C0cKcvTKpFQb8F7O+PAmSYWlVJJSC8E26Q7utalB6yfLK6blxmTB
po5Y8+B+Oz0fqWPLjgZLHgIKyB/fKXJCL8+DhC1l3cbltmV8Ng92SsbYyhUGxS4M
Af5GRoOBF3LQwpiWu0xMCqQr8KCT/fYUutumbHQME+NEshVBo+SHL+9V9jf7NuxS
ztmFoRRQK646EqYXqWXa+CssBerpHcgykLDC8V86zjpkeHVEw80fJrOuGmrTu9zZ
xdd08lBVzUnhriO/JjCzt9iq/MBPCKqYXO+gR7TSNxtSLvggM2BfJyoLm3na3Bku
IuoRnrIq0YFeoajStngYMq7XcF/cOzja1eDVblD1EI76M4LCuJSCWnHm95T63lvZ
jQswjTnVmn89we7YvmdpSqNTDjKmE31LXZWj+xq1VNjjlGzljgs4mNQpROl+nSMo
xS0R7YBO/50Vwdtg9wOdcXHoMDw7SjewIcmPTTxyATe6hKBX9+E0X91dkgDpJNRo
AQkCENO6Y2Jwa7sp0f9DykHr9lDCaW8pw1kbGOf/DB7c/S4kuFTlMTJxeaTWT3h6
R9wLOK3RnxTahHWG5l0X4BwZo7FIm4u4phTmetDhDB2137KO/mAZ8FPj/dNr8nld
tPHZFkgULuo=
=BwOA
-----END PGP MESSAGE-----
fp: BD1AAF9D8170F4BEE437365FF6F0933799CFEBCD
- created_at: "2024-09-07T01:46:20Z"
- created_at: "2024-09-21T03:07:38Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAy5t8IMoPu4VARAAo2y6IQJlsEAswykjpfDzvQw3TCyTiZWe6duhmnDoXKjK
8A66oDpQcfl0ubjIj6/FJICLr2PGPb1bgKUEz+vBsp1bv+txUtLwUXJTqFKnCS1H
CRKfEmDSNaAtNEtpOGnCeMffB0ghLvs42mlTUUi7u240FJ6MgD7AvV4UlM5IYOLx
+yZyjzYzgNibyh7rOun2E/df2VhDX0Ns6n9ZPZ3TFSdqsXGJ4bqn8+0MhJYeOMNc
ap3dMMhUuUoH5krvocNymJ6WH8x4LwUJrlQsTdr0edA6BhNYC35a2JcAkOGblaCP
er845gN/iCRhl6i/XFYcz7mhMheYmiVf5TEuMvFsdjBl0yNi65wJz5EX3U01Y63+
G+UeWCLt9+qDnAG3CN45Hgp46xIXocBvUhqdrg4Srtd+h/12Xlg8vV0jcdezWNm5
pqWVeLDGjDFZNLvG/p+dWF+EDN/Zv9V3Axb1ChYeRCbue0POqr7X6OS5lWZmuUwa
oaiE2vYFkUCcdZtQANDDluh36Bk2pHAOELcttPa4OO4F0mCopAtg6uDp07WQUUwR
TkELlxQvOQYtTJZkTiiOe7ogr3jXWuz6hp80WN/ZVdh6UtO9cNem3d5+hECUA0LY
NuEPYAAyZxfpvRRIrkV768AS+USqA6VDjistIFc/qTG0L3WeDyP6h0plAJr9OKvU
ZgEJAhCQhjQZwIG7xvkuK2EzSePmMMUl+DEbq1GzgCuzh3Y+X/3pryvEjh+002pe
55FSHnIZn+nD8Z1jAcRI+6mEZWfNYUXecF98+JBGIe73J/xjNUSWJZpSiYLIMnR6
6SKCYH9ORA==
=jqMe
hQIMAy5t8IMoPu4VAQ//WzioUV13uyYDIUf0XtwO9khuFX5kq+D2yXToBUeafGZu
xh3Lh5zJkJl/fc52TpFPMLgnfnvfTX6VGjQIfrVwuPzkzML3PDEcvP0gIyn7q2so
8iCBcuzr/w+CQEH0vS+TP5AZ/aF6i0ZdsLv9f2EwJc56JR8sD7OLG8uJkKWM1wUn
0quvtkX4Y6ux78kMZm2WiAFxk+aadpopBBeF96E0OlOxsP1DrxXthASKN5GkY34Y
JitbGTDbGI413cAxYSAFpXav09dIfiGuUXShqzNj5VIbmJqbik1An6spY9X/VDIx
HZOfXSz2q1qQfkPSx+7fT1V1CtklcMMh7fDa5cYMnRWBvMsV07QcPwx1Nyh6tqn3
dMBQW6NPOIIM9l6dg7IsDYuo33nZ4899LBDRDdfBMbKK4gyyyXzIf1gt3sqfbDxm
MTL/xGx40jKcLTlOl31TlmZk672Y5jWy8OOykvd2AIV2kU3392JN+So+xRZ0hWT1
jVlEsagKyHt8QRp52g9LO33htdX6KitMFx0RhbfgjI1lzzXq6UOXO/ixu+vNEpL0
gNkKeh3/zU8EgwQ3zEia/AOVn/RWK1ougqHXzDcRpg06VVvW1hF3FuFpiWB6WAMv
Gji1oW+qE0WKvdgrhN6YT2qClqtICgJ0Nap2qPR7Iw+VDzSN1rif/e5J1g+TSHXU
aAEJAhDDqO/6NuqGNDYdUCv5W5zPjDLoVXZURn8orVxsMutzIfZM1NHvQEBltAcV
LnWcVdXRZc6W0QPrUGZOOZ05Y+qyYRtmr7b8LU508TpdZZkbakVZjK3XcchpMF3I
niU4wzHzY97e
=+ObH
-----END PGP MESSAGE-----
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
encrypted_regex: ^(data|stringData)$