ryanc/fleet-infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: ryanc:main
Branches Tags
ryanc:main
..
compare: ryanc:79a1929c81c2f6e25f9b1e192952fd4abac1e7f0
Branches Tags
ryanc:main

1 Commits
main ... 79a1929c81

Author SHA1 Message Date
Ryan Cavicchioni
79a1929c81 add Kubernaut secrets 2025-05-10 17:37:46 -05:00
15 changed files with 50 additions and 65 deletions
Expand all files Collapse all files

3
apps/kubernaut/kustomization.yaml
View File

@ -4,5 +4,6 @@ kind: Kustomization
namespace: kubernaut
resources:
- secrets.yaml
- https://git.kill0.net/ryanc/kubernaut/kustomize?ref=v0.2.2
- https://git.kill0.net/ryanc/kubernaut/kustomize?ref=v0.2.1
- https://git.kill0.net/ryanc/caas/kustomize?timeout=300
- ingress.yaml

8
apps/kubernaut/secrets.yaml
View File

@ -3,14 +3,14 @@ apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: kubernaut
name: kubernaut-session-secret
namespace: kubernaut
spec:
encryptedData:
jwt_secret: AgBcARUqnBw3V5At/AbhfVoC1E+jgVXOkWHiWXFw+6ZoIljVOP3s2IJ1ORq5Lcynr1trwlre8cQrMCwTr8q05e2jH1MjVkZ33elzB1wpAjrZlrOwSgKURC8OfWOeIUQenq5pg8RLuOWFmvG/VLutus+lYBZ01kJICP0N0iZkIwZHRuJ527fXK9vhSA598Mn9Fki9W6dw0cA0PCUIDmyrIlBtKBnYrO/T899wbQakNoL3SXIgJ5gPug2gJG6O5YhJu5f2SBP0+paKcbRiGDIRVS17S8O49W/cNvYGGhovKWxozexYO/okDDeRToGCpeHcT0thZfpe6PvOVWM+tcW/ZPd8dhJF57wDliBPa3iC+kAzj3t2wLqNC5sEy2P3ZPEnRz3cHsyD51dbfpXZzXczNLai2shrsd872vCISkBGPF3b1r0aVbYcL1wyJRt1OI0CQq1cPomXrjyWZFK+oNyXXIdfdXz9zbLmmOCS7vL7cZu5sRbl33ClUWFPoTdjKe0whZ6oeUMXgI/AmVpLdqVUVs55MYt7qhTa6Eraws5gFBu2JKSn0W/fHOdhvzeU/SrWwpQR/iQmt/lRJS34Z8a22GrG3BqETwt6FWeLdNNpoHuoXtIQnO89y81cxVKUYKIhayLU0NNwegkENZ4WMm2aULqmtNo3F0tQkEfWB23cSOYQIVFVXf0F0WN5E6yPO4qiD926tJJbeMrzj9toEjGEl+FFLAwyfiuvC4TMregz8y2YUSmhkZ9WS0i8BTkCNq5jnZECg3DVBi5uP7exTXPYoc/q8TwvCw7owAK9c6g97fot5JST3mj+BPZyzCkALnyC8Ap4PHNpvWGG+MlGUzLzsieXb/FcamKepC8pR9AX5A+Pfrg=
session_secret: AgB3+WGGt7x9Rn3ZcyP9z7xr1572aR1dLROI3815kj/98kJpvhIAjisWSfVQaaJRnLWaLBeWQgwIVQSFN7zcm7n4pYxVO4BqCwb/k3ZYJsUI5maR/meNnOvXrpp1+yKxmJXSHlh7/2WzzKUK9OwDT4qmoT2oJnjrKJNRoXvIbR42NTiO8CDtzHiJ6MNEY6oH+dra4GamJ/KjNXC7NUdSZSeq1HpOBudrsrYoCZ6MZxZfMsDG7ROHvIakcSN1ibfQwOjjucDJdZWm/L41cxgW3glvTql6cJtqa9yZpije2Wja1HUHGalnwaWyXFp/5jVpPgFGYZ4SHtyQOy5Hy275Gmee8qSQjvW8iLSor4/pXiEBArWRX0iPDqVudO9onMaYtQz+hz/MEXkhMvopfokrAyrSvUogrTq/1XfRABe1nAMXVrYo74w/27RiiBDEcoRzEra1f5UxrXHJ1B1LZ+iqTSRLrBw1iqPpOG7HDSSv80+m5OKai+ppptY3OcERF9HUA/BWeRHo7h2SbMfPRqVXXihtbgArCZoU570FryGfcHjwEffQIvKYKq/KjTcpRP0dTO/99mfY/Uw7VmdmYiQC4kG/kcxQ8yPgypQNl1YSfLnSBNZH1SRgXQAsY3hETZ74jbCyaPTvpoL/IVzTDo1YrBgTVjUcZoqYW+gwwj5bt9kQZFRL4FMsCNQ7V+wAtT9GmRNkf2cxbNawHknKYx4arGpWP0y6jorebaGzSpWPl8hY1jCipU2MZw2g7f9QVw+10Tik9FlzfkK457fR1pjBNRXlAe5e0MNfNNiuJtKfHZfbj32CNEEK7JZUumqkkUl1J+Lsa8vL3HvANxYgvhohNfJSY9D2G+DD8xbD2jk7P52150Y=
KUBERNAUT_JWT_SECRET: AgA1G1EAuAyt3IqtpxO/lwnKEOg4pzMtmSaGdoAbupwdrL0dy94iY7xJ4Pa4MbZVBZsmQcy4HYB1V1CJ4huM5DyXOP5l20WrTSAm2+/BCGcf4KfZ12qgZzprzsOZ3ann2XozWJ0Z75R20C33/a1p87npKH/nAuKEyVbk0hUxgRe9IkKlKrxk8nZWJNg3GvJrvrgZ1HA45noG1hgK9P5BwAqVnIPmoFL7YLABnycxs+50flMNCFw3QL0knix5Hi2bKfmpU8OqjeExcbmNjjMVNMU4RMo0JxqJ2XAxearKdr6y7cso3GYpsNiyywmKXQxmR/KCoqWN/hVh/skRS5EJ0D72edo7rcIbj+XJ7GBm1YSk/FXwDs00dsHLFfcauAmRkEj9mn4L3InHmWalnbJzHJbFhfEethOfSBcM6cKWEX4sg2VRpwc8Nyl/QivMz10YNhuaEg+k4kfl96b0muUZYYd9ZR+vvjqtYBfILhA3Bt2Rr7S1/3uXjR0K0Vm3flu3hy9HZbISc0ep+KujlOa/V7FTUudbTdzFHSRoJw7B0gVs561kLbcbEHx7weODVs1UnRS1v72culAkGfa1qdHq5PvywWulqb5ktsFXN7XjWJxK3vvt1+oZJG3Jh7DsTbTfMVieqkBvv2Lpq/VzIJX4q+eWX0BimPFKeFoiV6kItITs5Zpm8QY1JWx+wnm9pJGVuAW81Wz0wVB4XouIrqMnAUhcEcCenE0EBB835ENMbwl2m0e+Da5wvxlfg3rRYpKhxwf+YAeeYSaz6Fq0olgnL5wAnpeJb/IhUWv7a7LnCAXW1OMQvMnZyLGpVuVnuZHQgJCnXOzDYsKxU4hl1Vu58obLMC3TztWmTnTn/QN0eSiL9O0=
SESSION_SECRET: AgCYULxAS3Ph2y1wR1I/YCO6+LCv90zNcSbFSs+lKnjwTm3+yIrmGYC/53rfAiFfzsVcZf1BL5h+OgvroTH0998sdfSs+p1EXKfrJSsQsrZl2cVSAbou6V4R21B2p6Rs1qe0s9cmfnVFA2i3a9WPtEEcrmpXY6Ljs4NcAv6rpXACImKPHhl3YKOJkONUwbVzRvv2/ekMwbUTcJAyPNGBlqSGUhUdMHn9KD8wpl3ZtxUah0P8HsMuNzUyyFBHt1l9I+Wei2pAZC6Wg+HPfGrdJuwPuyvehaswIKlDYizBKdAoMHrdl9wwcKGmyvjmARGOlI71wnmgxAmw1af6MAYZLm5LKJgaLLhcAcoxerHMXAsE3y/NE3Yc+qKiGLqzhktEhKoQEE6sFhJi8S2fgacZDe1XOGlY/8vJo+FCTVIimVEdWsLZbEhC7T/fAHTc4N6bNTsvK2lsVh4fNH0xPQYsPeurHsmzE0R6yaRj63UQ07sZOj0hsOeJdxEe4NbHjysfT/ITyH87rEQefyC8G/FGfVGiZwPa1txTA0PAODW05UNhPzN65EK4j87ym76qYzB7BCM8lnYCBD0SVEDrjsTGvvkWEryk9OR+FIoaurQQoO1BLIGRuOEKf3sT7lLys3+cWelQY98tDGKUCsOMhCvmP88NMxW8fIUq1slOQjzkGniCev6iCD2TraEFxwnPZ+ZYECqp12nN4nJ1u8wxlTLLYZmAyH0B683wmWuIPdzZXmcEE4Hh6IKoVCuTIhK14iZ8Z6S6j0r4CHS2KosxoNkmGCt+KCauPNFHqw1Z/C4lWyL/dkPBOSJIqZ7LaXJuJvvzZ6Ln9Y7QjV3iQ6SGJAXY1hmkStOwwF5UxybP8wjfS6IB6DE=
template:
metadata:
creationTimestamp: null
name: kubernaut
name: kubernaut-session-secret
namespace: kubernaut

0
clusters/k3s-cluster/apps.yaml → clusters/my-cluster/apps.yaml
View File

0
clusters/k3s-cluster/argo-rollouts/kustomization.yaml → clusters/my-cluster/argo-rollouts/kustomization.yaml
View File

0
clusters/k3s-cluster/argo-rollouts/namespace.yaml → clusters/my-cluster/argo-rollouts/namespace.yaml
View File

0
clusters/k3s-cluster/argocd/kustomization.yaml → clusters/my-cluster/argocd/kustomization.yaml
View File

0
clusters/k3s-cluster/argocd/namespace.yaml → clusters/my-cluster/argocd/namespace.yaml
View File

59
clusters/k3s-cluster/flux-system/gotk-components.yaml → clusters/my-cluster/flux-system/gotk-components.yaml
View File

@ -13,65 +13,6 @@ metadata:
pod-security.kubernetes.io/warn-version: latest
name: flux-system
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
name: allow-egress
namespace: flux-system
spec:
egress:
- {}
ingress:
- from:
- podSelector: {}
podSelector: {}
policyTypes:
- Ingress
- Egress
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
name: allow-scraping
namespace: flux-system
spec:
ingress:
- from:
- namespaceSelector: {}
ports:
- port: 8080
protocol: TCP
podSelector: {}
policyTypes:
- Ingress
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
name: allow-webhooks
namespace: flux-system
spec:
ingress:
- from:
- namespaceSelector: {}
podSelector:
matchLabels:
app: notification-controller
policyTypes:
- Ingress
---
apiVersion: v1
kind: ResourceQuota
metadata:

2
clusters/k3s-cluster/flux-system/gotk-sync.yaml → clusters/my-cluster/flux-system/gotk-sync.yaml
View File

@ -20,7 +20,7 @@ metadata:
namespace: flux-system
spec:
interval: 10m0s
path: ./clusters/k3s-cluster
path: ./clusters/my-cluster
prune: true
sourceRef:
kind: GitRepository

0
clusters/k3s-cluster/flux-system/kustomization.yaml → clusters/my-cluster/flux-system/kustomization.yaml
View File

8
clusters/my-cluster/goldpinger/kustomization.yaml Normal file
View File

@ -0,0 +1,8 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: goldpinger
resources:
- namespace.yaml
- repository.yaml
- release.yaml

5
clusters/my-cluster/goldpinger/namespace.yaml Normal file
View File

@ -0,0 +1,5 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: goldpinger

21
clusters/my-cluster/goldpinger/release.yaml Normal file
View File

@ -0,0 +1,21 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: goldpinger
namespace: goldpinger
spec:
chart:
spec:
chart: goldpinger
sourceRef:
kind: HelmRepository
name: goldpinger
interval: 50m
install:
remediation:
retries: 3
values:
goldpinger:
isArgoRollouts: true
reloadStrategy: annotations

9
clusters/my-cluster/goldpinger/repository.yaml Normal file
View File

@ -0,0 +1,9 @@
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: goldpinger
namespace: goldpinger
spec:
interval: 5m
url: https://bloomberg.github.io/goldpinger

0
clusters/k3s-cluster/infrastructure.yaml → clusters/my-cluster/infrastructure.yaml
View File