gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

ops(dex): add secret

Browse source
This commit is contained in:
Kat Inskip 2024-01-21 12:45:38 -08:00
parent 7d1d5120fc
commit 8881fd75ec
Signed by: kat
GPG key ID: 465E64DECEA8CF0F
4 changed files with 108 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

10
k8s/system/dex/application.yaml
View file

@ -5,12 +5,15 @@ metadata:
namespace: argocd namespace: argocd
spec: spec:
project: system project: system
source: sources:
repoURL: "https://charts.dexidp.io" - repoURL: "https://charts.dexidp.io"
targetRevision: 0.15.* targetRevision: 0.15.*
chart: dex chart: dex
helm: helm:
valuesObject: valuesObject:
configSecret:
name: dex-config
create: false
volumeMounts: volumeMounts:
- mountPath: /etc/ssl/certs - mountPath: /etc/ssl/certs
name: etc-ssl-certs name: etc-ssl-certs
@ -20,6 +23,9 @@ spec:
hostPath: hostPath:
path: /etc/dex-ssl path: /etc/dex-ssl
type: DirectoryOrCreate type: DirectoryOrCreate
- repoURL: "https://github.com/gensokyo-zone/infrastructure"
path: k8s/system/dex/manifests
targetRevision: main
destination: destination:
namespace: dex namespace: dex
name: in-cluster name: in-cluster

4
k8s/system/dex/manifests/kustomization.yaml Normal file
View file

@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- sopssecret.yaml

76
k8s/system/dex/manifests/sopssecret.yaml Normal file
View file

@ -0,0 +1,76 @@
apiVersion: isindir.github.com/v1alpha3
kind: SopsSecret
metadata:
creationTimestamp: null
name: dex-config
namespace: dex
spec:
suspend: false
secretTemplates:
- name: ENC[AES256_GCM,data:pZILaH34uFgX7A==,iv:I46DI6jjiRjG1UknTCNHWjodEqBkEOp/rI8kEkJvY/s=,tag:6mAsRl7LQQRu1QE0FwQbTQ==,type:str]
data:
config.yaml: null
storage:
type: ENC[AES256_GCM,data:aOZOQtIkkNo=,iv:drig6Zy4ktBhuh+g+VGj3zdKQVOEYjWw15G3JNpzMKQ=,tag:hlP8p2UxLBvaXoGiVp1lPg==,type:str]
config:
host: ENC[AES256_GCM,data:SKrsdC88IrqptkgzZHo/Z0iQd0uVitdJ4QiIzaUi,iv:FMJJSxF6O0yNExXKes9gnv2KjQUyFAaVea3rJ3BqO/A=,tag:/VB4K6V5cUO35jQWY8TkgQ==,type:str]
port: ENC[AES256_GCM,data:jXj2GA==,iv:fhH7KIS8wlAXP+ILQUNVirT1CkJy9SBwFRpCvCx0G/Q=,tag:D7NvOPKWWgUjwF1tbWuihw==,type:int]
database: ENC[AES256_GCM,data:9M6k,iv:b7OXT/dIXnS6CrkpA+h/djPZfo0MX8OlitiuTeDB7Fo=,tag:iWTw7IoBcWrOpN5Wr8YOgA==,type:str]
username: ENC[AES256_GCM,data:QdrI,iv:R52SL3rxzf9nqMeJsE9KPUuNLsZX+4tG6TEyucKBlpQ=,tag:QCe/zKNXNIP7dQHuKIMsNg==,type:str]
password: ENC[AES256_GCM,data:NZJ1k4z6qzZkIwDC1DlwA3ysxY4w5Cs/rM4WCiCFcAo=,iv:8PphwCGJn/RvSpAwjSeX0MH55jyDICkg1N3dszF8bHE=,tag:vDT32nN7vMBua3adV+8iYQ==,type:str]
sops:
shamir_threshold: 1
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1nmdv4q8hcyj3s6qevrmc9w2vhd4a8tsj5j5e0cry5utex7vqeprslyjvxz
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDUlJzM3lrTVVwSmdEVHNF
c2FlUlQ1MnJPZG9INmpQL1phZWFaQXFiMDB3Cnlnd2JEaE1yRURzWTZZMiszWnE3
VitRTTF0ZXh4UVplaHRnTnJZRnloWGMKLS0tIEZSYm02eG1xNnhCeDVEY3ZNYnEy
UnVLNEt5N1laMWcrRWF0RHNqY3pyUTAKURvlCLdILf5LgU8dmXTIsmTWOnimznv+
Dd2iOWPfp//ZIxzRmDDLnIw+wQdB/JSClsVE+655G6YCS4y+lRproQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-01-21T20:43:09Z"
mac: ENC[AES256_GCM,data:3iyE+RcNGKCKR+HDK86+GmTudcUfM0Fc3WhW0mMCqhY2q2Da3TRPHlitKcqvsTUczOY462gKq/UI4wHQqwZqiTYP9R9hZSqAqPwWMp48Cc7aC0QSiNr830S73XdwZHkyiip9aZQIDPx/nI+aBPk6Vk3cB2Kj87nlh/kcfC0OvCA=,iv:Yzda0+qOdLkiXtAoy9yzWXTh1sTLxHa0CqN6/Z8EUZM=,tag:xMJwGD+Ef3y+kLIvkThm5g==,type:str]
pgp:
- created_at: "2024-01-21T20:42:04Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA82M54yws73UAQ//RT5SDeyuUm4Q6vu0D8fhgqqKpW2xD47Zq0SWD49HeMPh
EQ4MtKjWzV8u3C3b6US4okln5j04D/BuKXU07NASzsFlR9fyNyjarNIkMHrKDRYp
y6Ho4f8mlWaS28SL5wAhQq0tkaK5J2O2dmI7ExHRaQezeyk6uAj+qbjZSng/sU/T
4frAHT6LlOQrjfdsT62xOq4uRRu991DNkLk4Bk0CcaVYpYfVnVyezGH58yO1uSd3
eoQ0KuNBOTPsI518RZT7YMJIo7abXiyCBJv7gEn6x2w+zXAVm9nDrDoloOAzn4W+
e344pFPAJEeBzPtKtfTVAHgYao/CaWX6j6PJFfamo/Wo2zIafn7z+nbOWQMgiEqr
EuKPV2wT4QntLBaA6ZQA4ifzZNJiDSgCAr6QcUurWNcN1nKwgU2nJXyT4j/SPk1G
No0OYxaslylL7GpQoNBL9z5mXIL7R7XAaAhJAWBaYZgrb9XyQQ1YJa8IEV3ofIRm
CKvtMBcWTAGnRVxP1jZk8y7ROgdyWQo5Tdt88j1sKOCGBlNPGEKKJIqxn9G2NW/O
NqSAbCmIvg1fuYUQvom1eDM/nhvuTGNMF1t6Gf73ovDSYSiBF95vfUripR5jxUw6
JFVAMz/qzpL97KIWMymJy+w3XZDgSYnNAhtbhpVGOg5tiO2olAVt+KWyQzpw6HPS
XgFjluZwOdJGSUbGJpIdfXB81kVuVTTDLJSxkjV1y8iqpQN6t14W2caGZGVmwGBu
CcpRqN1pp3kfLeNWCqbzfXt9yrnqZ32OqdBObbGniGYUPMRO2ssIsw+KKJ6zgyY=
=ieT6
-----END PGP MESSAGE-----
fp: CD8CE78CB0B3BDD4
- created_at: "2024-01-21T20:42:04Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQEMA2W9MER3HLb7AQf9GMt2t0wNFZRDN50QW0dbVnKXZ8ky3b6M4mM5CHZkbgtb
bfOLr8Z4YvyBqNyvfHtE9JnCmCnFHyllM2u8ft0WKdk1RBT8HLKYiVg3Lr4jQ5Vn
oIIn1s5zIBPb9BF+NgT0M2LW9BRkDgXcdJFShNhXl4pqTN/TB2I0BmtvcHNaXk/1
TqbESWsbAymdZ73UYtKp5McZM/0OMcOQ3j3Rh5gzkz9/8UKp19jQDNnU4MA6iUuN
G+m8FjFn8PHvWyDhDlLSQI14fgKEGKx1reyaYEQxecIl/r4B/T2BdWEP56Zdaa3u
70T+1a0NpPrD8cwkHX+IxZOWtRpDdD5+AnzeNDdHvNJeASO8Bwa8yN3hrzXwtWTu
Qbu0+8xTCoGrQjKmE4y9sR3bE99T0uEjrqxF1qfE9MIKK/lNMGf2Z+A8Le/v2Jg5
lVIfySQe9EaLVcuKkfqnGSBLZWoOjqlfRfBL118prw==
=yZNj
-----END PGP MESSAGE-----
fp: 65BD3044771CB6FB
encrypted_suffix: Templates
version: 3.8.1

6
k8s/system/metallb/manifests/kustomization.yaml Normal file
View file

@ -0,0 +1,6 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ipaddresspool.yaml
- l2advertisement.yaml
- namespace.yaml