diff --git a/argocd/apps/gitea-secrets.yaml b/argocd/apps/gitea-secrets.yaml new file mode 100644 index 0000000..c10dd17 --- /dev/null +++ b/argocd/apps/gitea-secrets.yaml @@ -0,0 +1,22 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: gitea-secrets + namespace: argocd + annotations: + argocd.argoproj.io/sync-wave: "-1" +spec: + project: default + source: + repoURL: https://gitea.nik4nao.com/nik/homelab.git + targetRevision: main + path: manifests/gitea + destination: + server: https://kubernetes.default.svc + namespace: gitea + syncPolicy: + automated: + prune: false + selfHeal: true + syncOptions: + - CreateNamespace=true \ No newline at end of file diff --git a/argocd/apps/gitea.yaml b/argocd/apps/gitea.yaml new file mode 100644 index 0000000..2bc3bb8 --- /dev/null +++ b/argocd/apps/gitea.yaml @@ -0,0 +1,28 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: gitea + namespace: argocd + annotations: + argocd.argoproj.io/sync-wave: "0" +spec: + project: default + sources: + - repoURL: https://dl.gitea.com/charts/ + chart: gitea + targetRevision: 12.5.0 + helm: + valueFiles: + - $values/values/gitea.yaml + - repoURL: https://gitea.nik4nao.com/nik/homelab.git + targetRevision: main + ref: values + destination: + server: https://kubernetes.default.svc + namespace: gitea + syncPolicy: + automated: + prune: false + selfHeal: true + syncOptions: + - CreateNamespace=true \ No newline at end of file diff --git a/argocd/apps/loki.yaml b/argocd/apps/loki.yaml new file mode 100644 index 0000000..d612422 --- /dev/null +++ b/argocd/apps/loki.yaml @@ -0,0 +1,29 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/argoproj.io/application_v1alpha1.json +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: loki + namespace: argocd + annotations: + argocd.argoproj.io/sync-wave: "0" +spec: + project: default + sources: + - repoURL: https://grafana.github.io/helm-charts + chart: loki-stack + targetRevision: 2.10.3 + helm: + valueFiles: + - $values/values/loki-stack.yaml + - repoURL: https://gitea.nik4nao.com/nik/homelab.git + targetRevision: main + ref: values + destination: + server: https://kubernetes.default.svc + namespace: monitoring + syncPolicy: + automated: + prune: false + selfHeal: true + syncOptions: + - CreateNamespace=true \ No newline at end of file diff --git a/argocd/apps/monitoring-secrets.yaml b/argocd/apps/monitoring-secrets.yaml new file mode 100644 index 0000000..e1fa857 --- /dev/null +++ b/argocd/apps/monitoring-secrets.yaml @@ -0,0 +1,22 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: monitoring-secrets + namespace: argocd + annotations: + argocd.argoproj.io/sync-wave: "-1" +spec: + project: default + source: + repoURL: https://gitea.nik4nao.com/nik/homelab.git + targetRevision: main + path: manifests/monitoring + destination: + server: https://kubernetes.default.svc + namespace: monitoring + syncPolicy: + automated: + prune: false + selfHeal: true + syncOptions: + - CreateNamespace=true \ No newline at end of file diff --git a/argocd/apps/monitoring.yaml b/argocd/apps/monitoring.yaml new file mode 100644 index 0000000..a2b84a6 --- /dev/null +++ b/argocd/apps/monitoring.yaml @@ -0,0 +1,28 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: monitoring + namespace: argocd + annotations: + argocd.argoproj.io/sync-wave: "0" +spec: + project: default + sources: + - repoURL: https://prometheus-community.github.io/helm-charts + chart: kube-prometheus-stack + targetRevision: 82.10.3 + helm: + valueFiles: + - $values/values/kube-prometheus-stack.yaml + - repoURL: https://gitea.nik4nao.com/nik/homelab.git + targetRevision: main + ref: values + destination: + server: https://kubernetes.default.svc + namespace: monitoring + syncPolicy: + automated: + prune: false + selfHeal: true + syncOptions: + - CreateNamespace=true \ No newline at end of file diff --git a/argocd/apps/network-secrets.yaml b/argocd/apps/network-secrets.yaml new file mode 100644 index 0000000..4cfc4b7 --- /dev/null +++ b/argocd/apps/network-secrets.yaml @@ -0,0 +1,24 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: network-secrets + namespace: argocd + annotations: + argocd.argoproj.io/sync-wave: "-1" +spec: + project: default + source: + repoURL: https://gitea.nik4nao.com/nik/homelab.git + targetRevision: main + path: manifests/network + directory: + include: '*-sealed.yaml' + destination: + server: https://kubernetes.default.svc + namespace: pihole + syncPolicy: + automated: + prune: false + selfHeal: true + syncOptions: + - CreateNamespace=true \ No newline at end of file diff --git a/manifests/gitea/authentik-gitea-oauth-sealed.yaml b/manifests/gitea/authentik-gitea-oauth-sealed.yaml new file mode 100644 index 0000000..ca01f2a --- /dev/null +++ b/manifests/gitea/authentik-gitea-oauth-sealed.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: authentik-gitea-oauth + namespace: gitea +spec: + encryptedData: + client-id: AgB2kMnUoJcpZcGTCxDpSdLsT1ojCnJF2MsLg9P/scwIg+frOOHd7wwPSCIk0z360kNNVvI2sGvJWvUAmPOS2N62QaX49XUxWaW1AVM1P18xiARj3KUDkSYWUt5EZjuvpnqOjXkgzustcPIYE94UtKjqbZzug8V0hdilE+YSoPjvvgXClYdxXeo3LldypV6u+m1Rq97xA9XNyAYDNLrGO2UlbnmQndT4ZnY/exDzoSXIm5n4Xa9tibDp8cq03VE6fQiGtIJmSB4Tczb4UXhq+jrSG+zqwgfOJ7yNLstuae7GTfTjGSE9r55ml5DLH2Pxq6uvH6U8auCFyV+Ki93T1UgLwf+CyTJw1GpXtVbivxp2kQe43WS1f48LxHwlOMrkTlgVhoZN4WtcVuZ1Or7bYfJAmaVZBo3y5zc3mnchDE9jrBtAaV+0fQ90a/GucVPKtZroAqf3fT/A9iCo6oZUQ0wiEWt9lWOfmlnOnqM06u3sDWXBucG5ZqBY4dNuuHFq4VcCo3bk5V/7mjEP9l2grekVKlEMYdfQnUCwDxYAO3kEqfAebZ0DkFfJe85HiZyb5a0Pk6Em7v8naqGXGOM8H5tAqQJGI7Kl+MKpbPqd5xPGi9svsgTfVdjoN+x2weuHRxtg9a7TbBYa7N8y9HJGcWwjtz4rCdPOLzavvazcDtwxxx7DEBYDEjal+GiqlKZ1DFYYLC+b8SWoKTgeaCzwgjmheYLlkpFxDbL1jjr1Q7/4RxBc2u/0S/fT + client-secret: AgCp3OdtaF/WuA9BZ6dYeJTuhTO+NdIF66eCRGdeKdOUB8hP6E9IO6kcjoh20Ip5am6iytVVBpUFdewo08wUEzTft1pnB0mVXq8EdbY8B/iZzfCLdW3P9cBgrn6qdDqJZurpH3ZQzqRKSOshxvpTyo8KFYFg9tiE9CLCVJoWPg/5q6sSN/iAew6fQKm2qJOZw+eYKcg9PfwjfJL9ly817HdtQy2R1FZi9jK6dhcBJpoe3tFqLw9gn9sHUs/7z5J48wJZNxrzYKzqTgxfqm5ZpZVqnhWj8GSV2J2vSZk7lGnjFyxdLiNbc9FCbd5J1pN4kPMmYnpjCa2v5roQ00uxWZmvBqYfYq/6ft82tAQVo4SGQOL7I1q8vH9XnPJhh3STHmxljX6B2LMVAxm6DZD6tw0xC1g2/2xg2NRFExnCEUexDT2OZJ6ZEsXrcz8oQ3MpExcFAgpTo410tScEoMK+PyL/3Ai0WDnetbpfLg5B8hzgOAG62TPZGoi38Na9gTzhTDAkD3K6ujVsxLLHw9NnVHa8uxm8SVnqC0O6Kg1Jp5HPepZF9PhtxslufCOhx38HCZlio9YVgiG22FodwEE12MLopAJXBMGlgrgOfDSqXlTTJ4qSpq761Iccmz+osM/hLXkxnKOjeQBWWVbea6JKVZse7xRIPeJLdP4mhYus+Tj6U63vlrAVgKsffyeredAygfeHeR5w69utJcXL5eWpEawMLXXjj6BvN/AoQPqJw3LzYZBP2VjMcsN/gn4TVDY5EFgIXHp+6MpZNSgSKg4LO9ZNN1O7qm/CrHTbJ8s9OV8f3F45wsXUQFdr6VfRxboeNcV0WgQj5JM44/H31mBLImg8kXYXHAQxKayvqXAxLwlWbA== + template: + metadata: + name: authentik-gitea-oauth + namespace: gitea + type: Opaque diff --git a/manifests/gitea/gitea-admin-sealed.yaml b/manifests/gitea/gitea-admin-sealed.yaml new file mode 100644 index 0000000..807134c --- /dev/null +++ b/manifests/gitea/gitea-admin-sealed.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: gitea-admin-secret + namespace: gitea +spec: + encryptedData: + password: AgCyZlHTEITLer+Rcsuuq+2Se1MCk/Rjj0jmPNrNmAgjw8fElFMIhI0vY9HWo6NzYu1I1RLJ3f1Hd7BcE5FWWK/9CVi9GqsC1dQIccGzRuF2ZExLWI5fJAWp22+iQWDe2iqsQc+K9ct3V9+BjzgX2C0dGtyuZIUg/1ZFNBjdJxvWpGjJTBjpCPgtKXk1GAji/U4FpM6/GjMUUNcS9yklo7zkaEu7rKCOeBqL9C2atvIwguGw7YR70zNb5fQnHLHcGipYB7dUf2HMCMJ87o+YiPpmoMPwJ9q4L1aMZ/o3NO7IOPQo0t2yC6xCaWic79q9r+ObMjgKkiemw9/t7RP0yosTDvU9qJrsTtJPkLLhzzgCnxlrl9y1IllYuYp881iprM0Jx9vl9IxatTGQ2wjowyxBNUTYhgdN+sHju7gQJethJyF0MiBBVyn4b5N+NqpjxCBrVi25tSG/UMOnc4hkqJ90+78FpBRY0T5CZG9z9d91lHye0uN8tkZpITz69YOY13ZkJVy5iq5Jz2p41fxYGrgqjctLr6PCN+7lpEG9oheXhur9T8Jk72kzhKvB6fS3/er/wJQq3ollDwzZCC1ZCNoyTHOFBhbCy+EXDjITOSHXnQwM3GTSwj1iEBtnZPxf6xqj8Md4q/gm1v8UQjaK+0UND7oWhl6vmqDpHI7+Q7csQwmyLKC23PXbFzhcc858ZAJqScFfPKvcRX9Pow== + username: AgCSVCljYaXSx1Vs/qjoW3FS7lx8uweLzwnElEHfQV/DxqkM50gKGOaYLQIx+lxXar4cLupeMoc2C1heOuu7qvNphpEwKoAtCfMj3eoa2Xwpv5DhPNxbqdM9j4GrgW469v7nbxo5AFfKsQBDRSyzYk2svFAjRXZTTwdzhlWJecIZbgY0ibXuYcEeoQqDNtnIIP/LAdlMiIHsyvLpgovJBCjSfZtQg2YtbbUqAVAh3LAdMD4kPdrBosGA3FKGH9lakMQnxeIgWYSjehLIoOoWU/huTmdtH9yIcFNLyzeTB+BXqim1g7i9L4iNOr/ZNjUTrjrnlnfMyLngF2BLZxGgTWyvEqGRBnRVZ0N7cJI7BxLuRobS3r1VG5oN62qc6Uy1O17WWLN+JE+t82RF4/nvzU32p6GJR2V8SQfMAWc0dQojaNdnOkqqsmpA0Hgnw/ACVceOEzZGb3SB69s1TXtfPOwEK+hVrkMkR3n2Uf0APbhDUAJ2GSBlwphv1n+RDJ/R1RteJ/HlfRJG5ZImVTzUTGDorN18lOfXgVUrB7ne2/pAHjOUPQ5bXpK6+lOClMRGSM3Z5xwkZtby2evF8yDu1PPR6Vn6uc20zpB7Dvdv9IjFMsv1DhxLpQG0u/CbBcmzxCn65hciR0APIWF80WG7RZw847cVqfcul6wGAXpJPw3AlNUIKTaIGpLshewJKowD3dOWDRk= + template: + metadata: + name: gitea-admin-secret + namespace: gitea diff --git a/manifests/gitea/gitea-postgresql-sealed.yaml b/manifests/gitea/gitea-postgresql-sealed.yaml new file mode 100644 index 0000000..6357f17 --- /dev/null +++ b/manifests/gitea/gitea-postgresql-sealed.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: gitea-postgresql + namespace: gitea +spec: + encryptedData: + password: AgDYFHerX2we/axqxAYGa9C/mB/qZg+5WYib1IYI32zlqUOjRgvCv6AbozZSheU7btx28bHJVs/wjadTrRwVg0ueOS7XXVSw/HY1jBRbs3wZpt/TtIUUWXgqmTJc2toPJatAcOgXAPZS+nWTnAbisRW4J46ivlRK8QBZAioM1vn9U/bk3CauBSOlfP+xRBP0Tnv3naNe/DHGd3EMaHhlAa+g1WHR22wp6KSsmm1kh7YN4a0erupdyK9HNnCvtFIT3dV6n0dBnEovqL58x+ivSY7gf+MnwoDZTKvfiMFYwcqjV40c3skDJLijQBVX+rI+O1fwX/xA4hJMtv1dV0VOr43JFbEpYrHRBT2UXuPLibfcXHew6cZF6Z3kDJImSnGDvViEi/amiid/tv+JW/XfrNYPBA71q/633N1OXMhHCaYywjBz0MTwK5f3GuCQbCFaj3jGWeLc/IXFP439QyglzKSqL2ETZ6Zo9I0lSXWcbDsV3CnbTQ+8iuo8JazWPiUsVZgRLhTRyCQB+BwpOaINMNAaKc/BwRFcPI6Ab1BVLzWg90rTOPNk2yPREw8RgphbQBA9RLiCdH2+eOT5A8apl7k4lRCQf7MoFsvBT6yZrYUsMWTjowfIyEiSOmu4SJwqCBuUB1HYwQbz76TV1kgp8gOyisagybK9yoo1vNVhmN+96XZjSFQu+pQe+80G7ccDSD5cW25nrFASAC/OnyF//enzSQ== + postgres-password: AgCKFfUJ/CkX8aHBsW1eyAyYHjIMPDy1N8Z+Zf6zclrG6IVGQ6d76WCp4y7uhlg+Nv/lnIs7aHSrAsY6xAdcfrFEhTU3hilkkbCMLCW7fE02u2iZwh/xUUJFfB28NcyiQKpF348W97uu8TYgKHdKCOgXgxWY7Nn8Srhjnn1hAkNYQ8viKQILhfV/uQt7DIqk3tN00zk7yBPeHzDHj77Ql3mh2pyCAHc+raakHg0OIyDcFEp/Rx57TZczxbyWFrb7UqAlkqMCBM7OUp/iT4otZztSFuTtulJpEhsb/6xUCZ7OVjAd1KwboQ449tgQIQC9THytbGy2vUwdIwLmzVY2AYTFQEtBTW25G/5BknQBGOqbJtX/EEPtUbBi9bcTpsubwfWR2hXwJMctNwBfPE0c3/2OZ71B0GjW4aBEALnaPLW7gt670S2C5b9feyjia3qW27QR6HFvtdDKJfSeHqz9/E3hVC6QGX7iq379tDhF50Mheq72HofzVciKHUNYPI48iPhxq+JVnRBlcQOm6illCEpZJ7mYcF8mAlIDoT8pGe1+eseWofVmUz2TAu7B+k5uwbU0JwRWQWzEZLremlVxdSQzQ6LW2uIUbrvnsZ+UIvaU4ubBG7zO6nDEUfxoaHyVC+2T1uzFTOMSRwO1gG91+tInFnErXZMfv/iXyYMdPDh7ePdPJCrXigFKBDdiUpwbfskpZOdFjgeK78kf + template: + metadata: + annotations: + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + labels: + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.6.0 + helm.sh/chart: postgresql-16.7.27 + name: gitea-postgresql + namespace: gitea + type: Opaque diff --git a/manifests/monitoring/authentik-grafana-oauth-sealed.yaml b/manifests/monitoring/authentik-grafana-oauth-sealed.yaml new file mode 100644 index 0000000..0ad5ee2 --- /dev/null +++ b/manifests/monitoring/authentik-grafana-oauth-sealed.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: authentik-grafana-oauth + namespace: monitoring +spec: + encryptedData: + client-id: AgDADYaAgUEstdTBK59zjlbc+Um6k4Hzh8Mxnh1t2Z39oLc6PMkAjpJRlm2MDidJuoae8D+R559VNeyEwmv+kkwsLe6PGQ0jn0SfvSxNZqqDYUCWR1ity9IjrWvsgXHVLRQDO9iuYv4I0xqrPb8zOBQ/009grwUgTPZ+GNzTn050ukKS1UJaZZjTkp8A6zd47esAy8TjvUjqc2WYeqGzLZJ0MnIlWM/FcNft5ZPh6Jta1XFGsLktDOoA78Tv0fZHGy7GbdANZP67aN79G9ouikdvNSZgdluBSw1mm8eIBTEVT6SHMKloxR/X6zhi7etGQuUMkdmaKBWEzmb1cDpnLRk2gYcw4z7X1gphVZoauLktRKCXzhia2YMMUruhL2w0c50zA2+C3+ziXw+GJj75x9dlPKHu8s7qdApWzikjidIDf+XF4M7d6DVZ8smk+EFxc0UOnyxICYFyRQ4tX8JvnywIIACpOrLG2dU7FXfBbmR58SG4X+aJCCOB8xjPvk2gWAeMdI0c9TiK24BtqQm8A4+uh9UDtQSZAkTfhyUNlUuuKfcmzXjJmLNfYWjPt7SxKSifCIWhXJ/8Rw0pFxtsy2bSGhqCdp6kV164vUl58xGRDIWzvPf4kT/y+SD/Z1RPKHZiUHZ6CA8B8yL3zqKW+LMCOx1ujDo20zcve4UtP32P2lkUoefyRmh+ovSDjZeS6tRdJRtWbpSDzuJaJcH0o1oAju7Q61PmvaVbHSeYXAr4jWvV95HHFvn+ + client-secret: AgBmOunjxIt9k4pDxAJ1eOjhU0VVqKvL+nXrli4xjaLXgSD+uk8YcZHy4AGU848yvhRKj2huYEXIMn7S3YTiknHRAmDb5IMpzNkFnmtmjdmEUGuI2RMmVVyQI5PX45Oa3ddMq+5E0PLZ5qEu4facHsxpLrPK111gz/PLp/JH3RYPwJ/BhQJKVdSnU5DmGKYm6XyTzWi9pr6uYNXQryRDw/h2TSj1L6DMJ8aNcXGT34yDxodZjAFilFuagzMb4r2CFlMjqxR///X31QW2Au/1lxmoSid30SUaaUHup7Lr/VxarZjpQt3UQE5c7EUTOncuuOfb7mnHt/fpWpUVX7SUkV3i7FiZ6/JWf84nGA9XVz64KLPBhu4REammfs+gFULf8bP0eiOKMy5uupqeBb/AQk9P8egOXpn1YZJE6KwR0idoX96sKYfI1t45l+e4qifkCAHbxfnOUOI1ioxoHI9ZYmHrZMFOEsQidSUAmf//gq3+LNYOyZ5Tj78O33ffLst3cw8scrfuKNpExfwA2rhnV3wteNik63VmasTQRu/Lj8U7WeSkunxL5RfzI8/ASevgb8m8eUOG3nc21d001aGgYMY1kQk/yIX+Axafd5SYl1bgbI3L7yd4DkIWdyMFKAGEIbGtnmz1osLyJcwRQexui1kwnyJ9GiIxkZjz9usxMChkMtvECzU/PvdQTA8CKg6tTQXTEPKUmylClG5dBCfaJH1nYcxDe22QV29TchlpcPY8kEoHrBxgmmf4Eb28MSe8MnON3bP9laxw1qoEHTNF3TNpKz2/2PysFJ/p3cJGDQnmDYzigQHAlKklpMzfFZGZ2Tjw8aq/Bzph8NyRt0zC3QFoMUZhsMztYeQN4/Y+u3UEDQ== + template: + metadata: + name: authentik-grafana-oauth + namespace: monitoring + type: Opaque diff --git a/manifests/monitoring/grafana-admin-secret-sealed.yaml b/manifests/monitoring/grafana-admin-secret-sealed.yaml new file mode 100644 index 0000000..a97f07c --- /dev/null +++ b/manifests/monitoring/grafana-admin-secret-sealed.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: grafana-admin-secret + namespace: monitoring +spec: + encryptedData: + admin-password: AgAFIAX323s2TYXCSe+uqBOtg1/fJ4cT2TXTh5BrwMZ/zy2uAHQoJlgTMKEtY0m1nY2uUmzWSQALyES06QT0Jpz/p9nFfquzXeMfStOnj/TtjKk3tmoUiiuWHlTBUviK5Vpt9cACNrOTvdyAkbuDPdsjxNEuTawI69VSh/T2jbqf+hRtJAxQvZpqdSFKX8IyudzMQj8kZWWH9dN8RlMe3tSetar09m9H269W5aVC+OQ4ZmX5wjSHJvOjsKHgdD52xgzGlMN/mivhAyQLTtp1UaZHB63uSpsEf7UBYCJGcnJNWKVHK5KbE6IrSoidQza002skKLZct2xh+id6OnqUTQz4/OzyHLNx0C3TLcuD/Kx/UoX3JAlm5E7qnotAONO/w4tNdF0w5QEEGKgbDHOU5JdZbTW8He4rChVh4TmRKJc0DhdnDqXw1gKgo5girdfpe4no+h5dYzWAcvf4gPeq94lRkwPY2bSmIxcMupSPr3QbKcAApST5qpwQJVLUOk7ydQsVOkHVnWUFRM8q6stNGby7vX4xqvBpggZ/YWYDNemoJRdhSNZSoy8mwZ+33B/C2Zk0GOokPxdQ91kQFfp0ANchfXvDnKn5GG5tcFIu8+aKYy4dEjbmtNbNKn/c5KmaRuWMtrzqSEk/kYWMn0hiMVBzNPtVArmKEXm391Iz5CyCraSQSR7LLg/96ysAJWRdMD1uHrafnB33SQ== + admin-user: AgB0hlzFarM9tMN+uyTI8WgeJT+AiDya2/SND9lhOvY6OFzjezXMzXjbJmCXrhZds+fd61isBXusE/cBMw1dub7KUoOt+DvEknhDH7D0hi+eZwfolxGFhE/YVOb4jO9PW7eSy3L7KyFc9sCl6TqTOOhj3DePav/0d0n8fnmPHA/VEPczMzgKwvRnkm4qjqd4Afn++M+dWiZpcnMmk8ves0wikBFux7GhYKBVjAok6j6GfkfwHqLuMYW0sfoYSOEA5cw7o9ULMpJbG0PaFcERSIPBUg8StKXhh5yOjQdpPeFEJsZy3hmEeXibUYOaS7E8WIqnM7zv2ZLcY/bgx+0WLCZtxny4MPKEOgMejwZX92mz/5tlJgBmVrAu11Eo10ysg2wGVMGO/y7t5VorTxRd95L3tiU/6EaFtd5iS98aUmmfGwL28aRHSwwE1cuIptvZ8kIOp6vn032VpswqPEkdA2R6+pTgEadKeYXuWv+hSCzS3HoRbvwN5yPWF8UB3MlrEzGKl+KcWX1+1kiPVbQt85ZWasuR0DXSzbCc3LJEXWuB8xTiezebuDj5J6qdwH6VyQELSes3IeTMTpp7UGn8hAmaaTtxGwjGJTZ7KWSw3Gu5BV/jikCSdHwrGJpmhvWRY1djiSvth2lvWooKGiTpzcQP7CtNC2e0DDqnI/hGrElITLAsOm0aLFaDeRbAZd1fQaFTvofXHg== + template: + metadata: + name: grafana-admin-secret + namespace: monitoring + type: Opaque diff --git a/manifests/network/pihole-admin-sealed.yaml b/manifests/network/pihole-admin-sealed.yaml new file mode 100644 index 0000000..ecf1e89 --- /dev/null +++ b/manifests/network/pihole-admin-sealed.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: pihole-admin-secret + namespace: pihole +spec: + encryptedData: + password: AgCi/NyqeThTtL2In9vz59Lv8geAssTaDDCYm2qw8wsGkvEzIC09a7qoxzaf7FTfOxVtUpkt9xIyTtdv0Ver4oDFA3SQpgnb0UdWAQFidfaOFZoH6EL96etZRWnu+Mt8Fr+lJqZorRBrMKAv86StqbRs/WBdZY9EfPal5zgIi0VG5PTha/KJZxT5Uzs7kMYzFaJQZwGDLV1nufC1W3hY0o2/RWHFkcYWmllE4mdlaODqyOJqq/CZyX9O+khTgTPz7NWX2gbFhFR7MIkR4y81nuKV0pN4MFjZ25SdPZqhY2qGjAVTb/K6JDZQczK+mzqts+1hKg855T+mmPdiKFVRGk9xuwggsONcyw+HWPaHememA8rigLNyFCnnaMOFYONUP0OSymyIYlmttM9BnJxz1TZbz8eBCbaHpj5X7Lx4WMZykLbDMF3cgqfsINflMPBZqBoMweWotbWj6xN8EY8UkOoo6LaECCevgiPt+okNzAbl98dEVWOWsID/BFk0clndtu0nDpY4ZC0tU3P2mJy8oqEZZq+y9kH/y2IQVJX4vCuhbS1KZHHrIp2SAzACp/mIYREDrPfemuY91tZERhI47WkQTXVCQxJymwM1frfUGJCBJT3LvvupGxoHL6qpcEiB0emUR3rS5joZSjzgBU+D5lbG15B02xlfDJg+T+TZY/WuU6PM/u+ADX6FMu5JPV0DbsZ27fqbP3JZHg== + template: + metadata: + name: pihole-admin-secret + namespace: pihole diff --git a/manifests/network/pihole-debian-admin-sealed.yaml b/manifests/network/pihole-debian-admin-sealed.yaml new file mode 100644 index 0000000..59efb94 --- /dev/null +++ b/manifests/network/pihole-debian-admin-sealed.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: pihole-debian-admin-secret + namespace: pihole +spec: + encryptedData: + password: AgB0cf2FuzpJuRWB6MlKiX4pc3+cxwebNm2Y7DJ140B8hVYiDXU0P+5ceLJk5sf1vhUWnqnenn4kRyA1pwo4xURWCL0N7W/HloczCVRsVcgU2EKKgX7ifJVnnhF8N1YDYgVfuS4l11Gp81FL3K0TQn2aC5CMKwiKvRqCpA17HmtKNFcODJz/jeooEO4pUgEtVClDbTEQN0Z0PHPg5JOsmUoBm9BMpSrbXqg4aLkNgZ0c+oYicVWT/LyZjGFtXYS/Ey20t7JYR4MG1UbnxHcryOejPgxJbHVpQPQPDQT820UPpmNb/lFY1SpUmSgJJ/BpXb9dOJbzaGV7SXdlCm6dL1D8k2L17kLlULbl+0sfhRwRCnwVbSCJ8TN52zusqmd2YWHW953A3jrXas2sWbX3CJuRRWiihiVFelilxqpTRPerB1IFeoKgAMFut7i2aEMOqCKhKSnYskQOGwkR69FHbBvWASI69Wnite3tc+ZomP9VcSJ04mHEPsc29iocgAeWrmvYD0MLLLBAunnuZ/9ocebsllbjwZ1OeJiJDfPP3/WRUcV/esgI8W/qH2xD7Ts9FDdBnltxLcGsfiGuYalLNODm5s5YSY+VSwOrE4SN486pQRrWfAya3BbS1wb834KucXT2EsnCm/mf9Gkjk+S6MeN8++foTzRbaEl0pX1HTPPPQX6ShZQuJ/SaD7+7BIhbVc7PH3fph1730w== + template: + metadata: + name: pihole-debian-admin-secret + namespace: pihole diff --git a/values/gitea.yaml b/values/gitea.yaml index 9a9f0fb..d461d7f 100644 --- a/values/gitea.yaml +++ b/values/gitea.yaml @@ -8,8 +8,7 @@ image: gitea: admin: - username: nik - password: changeme123 + existingSecret: gitea-admin-secret email: nik.afiq98@ymail.com config: @@ -46,7 +45,7 @@ postgresql: global: postgresql: auth: - password: gitea-db-password + existingSecret: gitea-postgresql username: gitea database: gitea diff --git a/values/pihole-debian.yaml b/values/pihole-debian.yaml index cba82b2..5274f77 100644 --- a/values/pihole-debian.yaml +++ b/values/pihole-debian.yaml @@ -24,7 +24,9 @@ probes: readiness: enabled: false -adminPassword: "changeme" +admin: + existingSecret: pihole-debian-admin-secret + passwordKey: password extraEnvVars: PIHOLE_DNS_1: "1.1.1.1" diff --git a/values/pihole.yaml b/values/pihole.yaml index 6c329b5..1ee0984 100644 --- a/values/pihole.yaml +++ b/values/pihole.yaml @@ -31,7 +31,9 @@ ingress: hosts: - pihole.home.arpa -adminPassword: password +admin: + existingSecret: pihole-admin-secret + passwordKey: password probes: liveness: