shpaq/auricom-home-cluster
1
0
Fork 0
mirror of https://github.com/auricom/home-cluster.git synced 2025-10-02 16:51:52 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: external-dns

Browse Source
This commit is contained in:
auricom
2022-06-25 00:00:22 +02:00
parent 5f41874ae3
commit 7a62df7704
7 changed files with 141 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
cluster/apps/networking/external-dns/helm-release.yaml Normal file
View File

@@ -0,0 +1,60 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: external-dns
namespace: networking
spec:
interval: 15m
chart:
spec:
chart: external-dns
version: 1.9.0
sourceRef:
kind: HelmRepository
name: external-dns-charts
namespace: flux-system
interval: 15m
install:
createNamespace: true
remediation:
retries: 5
upgrade:
remediation:
retries: 5
values:
interval: 15m
logLevel: debug
provider: ovh
env:
- name: OVH_APPLICATION_KEY
valueFrom:
secretKeyRef:
name: ovh-external-dns-creds
key: application-key
- name: OVH_APPLICATION_SECRET
valueFrom:
secretKeyRef:
name: ovh-external-dns-creds
key: application-secret
- name: OVH_CONSUMER_KEY
valueFrom:
secretKeyRef:
name: ovh-external-dns-creds
key: consummer-key
extraArgs:
- --annotation-filter=external-dns/is-public in (true)
policy: sync
sources:
- ingress
txtOwnerId: "default"
domainFilters:
- "${SECRET_CLUSTER_DOMAIN_ROOT}"
serviceMonitor:
enabled: true
resources:
requests:
memory: 100Mi
cpu: 25m
limits:
memory: 250Mi

5
cluster/apps/networking/external-dns/kustomization.yaml Normal file
View File

@@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- secret.sops.yaml
- helm-release.yaml

62
cluster/apps/networking/external-dns/secret.sops.yaml Normal file
View File

@@ -0,0 +1,62 @@
# yamllint disable
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: ovh-external-dns-creds
namespace: networking
stringData:
application-key: ENC[AES256_GCM,data:JosobXOtM8Cc3pDkUMiHHg==,iv:lK5JvNw2Ait2uZq1ocL5qB+Tc5qsh36HwJC4gW7gnjk=,tag:kLMXweVbm8cwarw5SOmlUA==,type:str]
application-secret: ENC[AES256_GCM,data:j+S/IFh+JoaB0QaOUXo8Jb6MUmVwTO4knwdwqFgYb0I=,iv:j7uXYbXomcL/fo7fQimL4ChwFyOxMupOVmvLz+Prp+c=,tag:rWHJF/u/0ezOvHFlxUtp0A==,type:str]
consummer-key: ENC[AES256_GCM,data:4VwQMQBSqVZjfSqcy9Auk64GJ7E56306yEv/0Rpcttk=,iv:LrEBQuTKtfL7lpgAP7Vxk1xrlzUmPiHeGq/0v3S7PZE=,tag:tr5KVDnm94YKgdx4jFAxWA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2022-06-24T23:48:18Z"
mac: ENC[AES256_GCM,data:5nV54X2didfcYS+gVjcSADZwUX7XwD/Dtc03KVSgVvnUQcTsHBofxToGJgezlTjQqWyR750smPI6GuBOj9Kg1hnv+ZxdhRPUngdHxEOV+WMYOX7BbbaNlW8rA2V5vUJ5/YZWf/oBgXMlv2nj1nFGsNmH+h/XBIuSHEhZ+9dq/sE=,iv:PQFZtvEm5T9y56yyxEbC+y5IxYDEvyxtic0xrf2Mnmc=,tag:398zIuXtenHEHUhJm7SuPw==,type:str]
pgp:
- created_at: "2022-06-24T22:12:58Z"
enc: |
-----BEGIN PGP MESSAGE-----
hQIMAwAAAAAAAAAAAQ/9EQOAgnln5dNy2Nkk7WV9V+FUtLXtlRpoqzICZdqFARd9
86/xRseBKzxGIDc9yF2GyFoKhwZ5F8v7mFa7/QZMQwr5SGOgQfdzJSlRxZg1vTpb
r7jds7htsFAUhJJCITsHZVQgTnwPYTQKajBBrwqTzEMc7MPA2jvObznvpz+XJWYq
+XWoQZ9aE0mYYuYpdgUoTr0sk+WloUFZTIyt8P+LHTPpKJ3NeWFywOjMU+Ralu/2
B/MSt3WTdxiKjpon0KZ/HHMlz+gdr8c4RFthUaqg1SPcfQ2FCANUtU8rCbb7W5I+
TDUHgm9mysA7UnNlRfBznwxLJH84xFB/JqRVULlaTktaVvpjfhYjVDlAZ7DN9TsW
1nDWEMOnMh8nfC6srktgsmbOZB+CXpHlyP1+W5hmRlQouzwT0FUSuKdkAw0AG85N
rPlu6iB/Ctpjo8jOFFc/XSX1jqO8ppfzdLua3NWtNlbrAL+Pi5qkRQo5YTXgPkD/
Wwn4HLiGWgDRrk0DGny12xSooQik6q7h+YDE9AHwW+p4QOlMRr6Uk4rhB5G6Jsao
EBHFRpvP4s3HosSLhkdghC5h2XQynaj3P7NYHxRPCHAzowNkwG+K4+AzkOWSLiZf
AP6DW1pBirKAqkhaY79oNXRP1EwAYf8r3Mrzxppiybr7HUwSHm9aC1bZ50L3qYPS
XgHtHl+3f97+g08iQEnzH90EjEjljqbwhY9ng3whaFArr9K3irV2nenlqKFY+kU0
Qw4bQIqRm3WTs37ixgV5sRmHODV/kjF/kn07zBpZ3PvxrMeqedv1Js/aCYs7geE=
=uZvW
-----END PGP MESSAGE-----
fp: 19B850FBA7685A526CF11E5F9BBE834259976EE8
- created_at: "2022-06-24T22:12:58Z"
enc: |
-----BEGIN PGP MESSAGE-----
hQIMAwAAAAAAAAAAAQ//UTom94LvUIj4fnSgLCvxAbqjGVLeOQBiKyjXTVxS8H3v
4MhGsZbnL8WM413udiUTI9SHs3NS6+bl4GBKziAk9Ra1BVEJvHiI3NrHnPoL+Ivh
j9OU2XvZSK0jgDgUtMqsQSABoNr9thdqn9ZlTbjDFhpVz5s4hn34H5w3sZctvzwO
f1ROkNxjUpKifPNdi4PfE8cnDPRRFEebM5u0uwxsD0pLs2FjIvr43OkqMkybb9qO
mMi48DKscUP53s/ytpxDIUDnCuRS/BaSNolKqqwx32bAw9gdwVVM7kbjHinh3wDJ
2hjwTLqDAxA0JCmwckGMdTHDyh0g7OyCI5Pzlgmc7CzIt5/tumB51g4VeD/aFg0j
G0wP0cW00fV6SRiCvMpQRSAw5b4lCRjmpgZNSGgLfKGPvYrUSs6ZfiSBcXCbeDKs
lpzfH+e22Hj0h9exBiYc7EZSZCNEdvMYmN5ntY9DZb/7r8W6VXUeU569zenhOJA1
o7DN4o3ZKTyWbsVyBXixs0PUyqXMVd6+2WhoZPEYjo03S5kx6Z1MDpNww0pnjJn2
46dBi1wmeS3bODibSwECUrmrjBF/amF+NRaA1j+cwk+WW5WArmfaPT3hviw/y5dO
8uyB+H0foJO0F12ns6rkOSDRGq8OLhxyJqaxtUKB4qm8v0Ecte5KO22Pg1paEm3S
XgFQFZqLP3LA9YygKzpbGQK/R2bYUekmC0yWyASvphjjP6XFzLpVZzQYblVv9wWa
s9KeiUxt0CJ4tFZ5Owtkg03+Q1dAKLd8P+tuZjI/8MRt4xFMySj1B13ZCCaPJsQ=
=uxhs
-----END PGP MESSAGE-----
fp: 5749D0AE39445C1CCA6006DF8913091C690BDD69
encrypted_regex: ^(data|stringData)$
version: 3.7.3

1
cluster/apps/networking/kustomization.yaml
View File

@@ -5,6 +5,7 @@ resources:
- namespace.yaml - namespace.yaml
- authelia - authelia
- certificate - certificate
- external-dns
- ingress-nginx - ingress-nginx
- k8s-gateway - k8s-gateway
- unifi - unifi

9
cluster/base-custom/charts/external-dns-charts.yaml Normal file
View File

@@ -0,0 +1,9 @@
---
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
name: external-dns-charts
namespace: flux-system
spec:
interval: 1h
url: https://kubernetes-sigs.github.io/external-dns

1
cluster/base-custom/charts/kustomization.yaml
View File

@@ -9,6 +9,7 @@ resources:
- cert-manager-webhook-ovh.yaml - cert-manager-webhook-ovh.yaml
- drone-charts.yaml - drone-charts.yaml
- emxq-charts.yaml - emxq-charts.yaml
- external-dns-charts.yaml
- gitea-charts.yaml - gitea-charts.yaml
- grafana-loki-charts.yaml - grafana-loki-charts.yaml
- hajimari-charts.yaml - hajimari-charts.yaml

5
cluster/base-custom/secrets/cluster-secrets.yaml
View File

@@ -30,6 +30,7 @@ stringData:
SECRET_CLUSTER_DOMAIN_ROOT: ENC[AES256_GCM,data:ho+ylXKrt7CZiOM=,iv:8873E4Td/82lWVwq/kXkEB8vgxEYha23/nbTkXfle/w=,tag:Yb/VInyUUOPhLUtq+Q+krQ==,type:str] SECRET_CLUSTER_DOMAIN_ROOT: ENC[AES256_GCM,data:ho+ylXKrt7CZiOM=,iv:8873E4Td/82lWVwq/kXkEB8vgxEYha23/nbTkXfle/w=,tag:Yb/VInyUUOPhLUtq+Q+krQ==,type:str]
SECRET_CLUSTER_DOMAIN: ENC[AES256_GCM,data:mVPDuVpAXej8CQ0AO85o,iv:PF739I+LZMZaPpfCMZO62eMUbFqgtMszj2cOuIgfcfI=,tag:zEAjj33h/Ux53ctkCzapyw==,type:str] SECRET_CLUSTER_DOMAIN: ENC[AES256_GCM,data:mVPDuVpAXej8CQ0AO85o,iv:PF739I+LZMZaPpfCMZO62eMUbFqgtMszj2cOuIgfcfI=,tag:zEAjj33h/Ux53ctkCzapyw==,type:str]
SECRET_CLUSTER_OVH_APPLICATION_KEY: ENC[AES256_GCM,data:m7Eio9WPwEaP89uZCl/Kxw==,iv:wqMxUr4Xq37uXqejR5ppchOcvj9JeHAvn5txhaiJPnI=,tag:KT31Dj6AMbFJ6HjecuLRgA==,type:str] SECRET_CLUSTER_OVH_APPLICATION_KEY: ENC[AES256_GCM,data:m7Eio9WPwEaP89uZCl/Kxw==,iv:wqMxUr4Xq37uXqejR5ppchOcvj9JeHAvn5txhaiJPnI=,tag:KT31Dj6AMbFJ6HjecuLRgA==,type:str]
SECRET_CLUSTER_OVH_APPLICATION_SECRET: ENC[AES256_GCM,data:5KsJw6S7Pq66pe+bxozGhnX/g8YqGfMWBhF4z4cfdI0=,iv:g2P2KhfFS/UXbAnzQPfyT1M5OAbNjCTdUU3nKh3SpMY=,tag:j8QHEcsprdngbHnjwFstkg==,type:str]
SECRET_CLUSTER_OVH_CONSUMER_KEY: ENC[AES256_GCM,data:jXzhrXo8cdSokLgNm21Rt2KMF9wHHMXWHDn1vQTZ+Z8=,iv:xK3T4TcwDCAVO9Ac5bkkAssFl2yyukG/jT9SqDpXTlE=,tag:lefwwx3BNW1bxKX6Lpr+mg==,type:str] SECRET_CLUSTER_OVH_CONSUMER_KEY: ENC[AES256_GCM,data:jXzhrXo8cdSokLgNm21Rt2KMF9wHHMXWHDn1vQTZ+Z8=,iv:xK3T4TcwDCAVO9Ac5bkkAssFl2yyukG/jT9SqDpXTlE=,tag:lefwwx3BNW1bxKX6Lpr+mg==,type:str]
SECRET_DRONE_DATABASE_DATASOURCE: ENC[AES256_GCM,data:rMwhON/Pn9KKB7Zm3lLY+fgKyWlkMhq+MfTY1t0HGYuH5KjuXOB9nNRSrloZwELzbhRd/LNrWs8HSessI1aqnmSVuiMLh5lX/SW+YnHJuyuTgVKMCDHpvOZZmAkLo23TtCYcoQ==,iv:/xtHI89xoX3eSf2djUfwOTAxeh7ZhZ3vBRxB8BdJFtY=,tag:NvkUpzYKAk83iEzC8Yh/Cg==,type:str] SECRET_DRONE_DATABASE_DATASOURCE: ENC[AES256_GCM,data:rMwhON/Pn9KKB7Zm3lLY+fgKyWlkMhq+MfTY1t0HGYuH5KjuXOB9nNRSrloZwELzbhRd/LNrWs8HSessI1aqnmSVuiMLh5lX/SW+YnHJuyuTgVKMCDHpvOZZmAkLo23TtCYcoQ==,iv:/xtHI89xoX3eSf2djUfwOTAxeh7ZhZ3vBRxB8BdJFtY=,tag:NvkUpzYKAk83iEzC8Yh/Cg==,type:str]
SECRET_DRONE_DATABASE_SECRET: ENC[AES256_GCM,data:qp8YlciBmug9oyWsANKLc0A4UAUrCV04afoCCM4XHR4=,iv:p9FONbA3uPPm0dbusB0dS6Z6xtsSl0EjXyadCOxUyxg=,tag:LTu7L/f2DOYPmoiZlgLj6w==,type:str] SECRET_DRONE_DATABASE_SECRET: ENC[AES256_GCM,data:qp8YlciBmug9oyWsANKLc0A4UAUrCV04afoCCM4XHR4=,iv:p9FONbA3uPPm0dbusB0dS6Z6xtsSl0EjXyadCOxUyxg=,tag:LTu7L/f2DOYPmoiZlgLj6w==,type:str]
@@ -93,8 +94,8 @@ sops:
azure_kv: [] azure_kv: []
hc_vault: [] hc_vault: []
age: [] age: []
lastmodified: "2022-06-04T17:15:18Z" lastmodified: "2022-06-24T21:52:51Z"
mac: ENC[AES256_GCM,data:uGWMiekmw4uogYC8VAlXMAjKtas++JzXfoVOAYmhNcHbygQ6iLmjEYrsG9w5J9y07oRPReJo7Ti9HTLo2X/I95fijrSWEbVWVUe0BhKGlqvOwpt9ew85wPQteTL2Fr1xiUI9l+Iaw9A6DYw5CYpQe3TUFV7f13+vOBXx0P2pP1c=,iv:5iEVKk0PBcLZbWkUwkfCuEoqqABfa22xxGPv9mQpPFk=,tag:sC0NcfP1T1a2hSF0qto/kg==,type:str] mac: ENC[AES256_GCM,data:1M1nPns0HJRl3w+su98V6qtKHDNHAe0iMV4EvPt1D5MCDd61FkctTfVltRW9LTF97/+v0ctaKS4DHut9OBtaugUnHIK/TOOv6qXeBiMoigiW2chtdRV+bHuQuJZeXNWoFMNB7a+HMFdyM8GCRefy0fuBlx7G8Qa1QEgZcJlqa4Q=,iv:iqkATDKjcnoJkfdeTyBxkiESjPtP0DKWn7DTsYa8tLE=,tag:MnUuzifZpD4P+LeRbWEqXg==,type:str]
pgp: pgp:
- created_at: "2021-07-17T21:14:34Z" - created_at: "2021-07-17T21:14:34Z"
enc: | enc: |