From c6f36d62a2a453e4d194bc713f4a34aed2e69ef9 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Sun, 28 Jul 2024 10:55:18 +1000 Subject: [PATCH 1/5] misc --- .../env/k3s-cluster/templates/mongodb.yaml | 25 +++++++++++------ .../env/k3s-cluster/templates/sonarqube.yaml | 27 ++++++++++++------- 2 files changed, 35 insertions(+), 17 deletions(-) diff --git a/resources/app-secrets/env/k3s-cluster/templates/mongodb.yaml b/resources/app-secrets/env/k3s-cluster/templates/mongodb.yaml index b45b3bb..9538793 100644 --- a/resources/app-secrets/env/k3s-cluster/templates/mongodb.yaml +++ b/resources/app-secrets/env/k3s-cluster/templates/mongodb.yaml @@ -1,14 +1,23 @@ -apiVersion: v1 -kind: Secret +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret metadata: annotations: - argocd.argoproj.io/sync-options: Prune=false sealedsecrets.bitnami.com/cluster-wide: "true" - sealedsecrets.bitnami.com/managed: "true" creationTimestamp: null name: mongodb-secrets namespace: mongodb -type: Opaque -stringData: - mongodb-root-password: "ic.e6oeHefy983ZC8YpQDfg8" - mongodb-passwords: "VeQ@NGX*W3qrDBQmbVihHTXh,auDJjPpV_y_9-Dt*!dsMovFb" \ No newline at end of file +spec: + encryptedData: + mongodb-passwords: AgBxZ1MLyQ5Pj1CT7XBU3jHpo4isuqIgvFs/ixGe++popOJMqRmhHKDHcJrdfPGM07f89BCwUPjDvHksEOo1bxb6pVAwVSd6KZvVk+u3l3M0ypJZ3hULeL65s76PU0WIpRwVBVE5X2kE4kTKG7efy/WhkNSGFdzH/IeYUXm49/O8VI4p/KtJUYGETdDjG5k61cGDFOmNS0LKHgWav3G2t3NYmPQbE2VjC8z1LzfIGEprPUU3gfjpQVv6MXdJEBJ77X8/3A9YTyKr40xQdX1RKG5q1ro/9GMYI8XoSDfpC6OhQC/3S2HR7+yLrWKtKQW+jYRbgdCYokhJ57a2qgZSDXgIHXmLXP2Jz+WMkElrJamz+yGXwW9ikx9L3IuGjaPnk181odjKWONz6B00S9cKk+PCE2E+y0QGklm80JLw4NYhmI8DQ1LWhcY/oKxj+tKsIQ5ltWOh7MgTdmn8HkmiHvCmzXyGGsHOoUt0XdcCWf7JlHdqc9mc7QeW/2xrUvlsO4WkoSKkrWJXRhmVCXMHjzRy6eNFWJqfIxfPSL5FwsvTeq7WykZN5euXAuFJJpxSf8eewTIML04S4als4Awey5WCP+MLZunp9j62lV6r2UJcn3j+o3RRVXevGsWQpVHpyTJrlvZyclQFwIg8r5rVSq2/Lj0eYUCLhf+gIbedVfFqdxJ/HIcsufYjxYlFVt9MHarOXZ+WRvFODBrkxoJh/9RjsljYDVitZ4JqiXj4i7ZtjfCN5dZmfJlnX8LNwe4s/oL3 + mongodb-root-password: AgApxPqNJ68V04TYPyDBkEaYq1Gg5ECE7z5+tqQjGzpmhfJDWIvgbATJ/ROBF8VMWJB8ijBDgXeI2a5FsS9YbYXghmdNv8tYJVj7gd5vYPZbSK5BprQpxb0npINWr+5x3kObG3rXX1PvpvBmiBiWVz92KSjTuINTECYTQwgoNXmx/iz+KGLgpC2sZ1EAoWZxYejhoJMpVGrdT9srsUORYssReBtOEqgClHk8nWXLG5+xeCfApFwkQenPMD94/zOe5MvUMhAo0Nnvyryp0aXPMv0RPpgh98WJBI+jVKVu0A3O5LPQEFqdnhQIaNAiCcq+Idmoo8jzt2MVzoTnmYil4uX86FlzPLnD14m3RiCD0cHpShA49tbotrfDyo4Od8rhjpxZH5afs3EmgEVEaskhwEMdtevKsLWTV8TfWghgZ6HPCRTZp/mo4bw73e17fgm8dbcxceubdtxveEZKw2hrOpUXXGVr4Ozwh5i+6CXPmdTi98x+7Eh3JTdYJJGg6SfCEwDxByWHIAYNjnRO/pVWfJuTGUxAxuc76AFsOyRrqe+rZs2K5AJ/Igp6xxuzLjtfiQ7KmQzDnsPi6+ozTVZ/NIa0Ear/mlqZOXFAJ15e4zUe+AQ1WWsRP2FW+ftUDswCsBl/0JALaT9hGo6/FLT/5iLR1WIp8pc2pcDMP5HfKk22NtIykOWcq7RJPHmdgRV/UgMcUKJznB79ACaQSDqYP48xXU6DhiJPl+Q= + template: + metadata: + annotations: + argocd.argoproj.io/sync-options: Prune=false + sealedsecrets.bitnami.com/cluster-wide: "true" + sealedsecrets.bitnami.com/managed: "true" + creationTimestamp: null + name: mongodb-secrets + namespace: mongodb + type: Opaque diff --git a/resources/app-secrets/env/k3s-cluster/templates/sonarqube.yaml b/resources/app-secrets/env/k3s-cluster/templates/sonarqube.yaml index 6b9908a..2346da2 100644 --- a/resources/app-secrets/env/k3s-cluster/templates/sonarqube.yaml +++ b/resources/app-secrets/env/k3s-cluster/templates/sonarqube.yaml @@ -1,15 +1,24 @@ -apiVersion: v1 -kind: Secret +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret metadata: annotations: - argocd.argoproj.io/sync-options: Prune=false sealedsecrets.bitnami.com/cluster-wide: "true" - sealedsecrets.bitnami.com/managed: "true" creationTimestamp: null name: sonarqube-secrets namespace: sonarqube -type: Opaque -stringData: - sonarqube-password: "UCGhDRhvdmVtFB7DNsG2" - smtp-password: "mqy2fmb8adu3nby.PDR" - password: "cAdF2VZVguE6bKK3Kmko" \ No newline at end of file +spec: + encryptedData: + password: AgCcaCPWG9uMaavrq1qu37M3y5zL0bHbarSWX1sf7uTTYjDVXgYcv6qB+OpMFn6tSGlgiiCvMZs9k/rXxrPSVSWZn3nvACF01s0V45LJu7aH4sgCSXdILN9kYMzoRNRE8BZFcvdELf07UfcIl3w/Lg2zNwkNpJqN0BFmcI+sxm1p7bjNdHuKQSqPgmUy5eJANU5gOVx6cGo3/W12LpVy/HeLbdq/BcYyB9cnJjG4JLwxOLuf1qWLqc336zk1KjuphCdhhnES8jaCpVlMdSHm+FNLuF259DbISP+Q8ReEAjb4Oo02kAldfQXvvSqoHPdFdGttdBn5kVMFEY2YNKkZh0xlMaW3sciZgtmazsMC71xwym4tfzRa2/R14hcLuQA5cs7dm/sXA/g616FPJuWpQvJ9IwSKzAKeZ7j9JTxvo530kz7EMs5HV9ebFNORhcrOOpEciBcpZ+4b+EvOmZ8LWZhetzJsmydssr9brgNJp08dSRuxsLr1jJRUzj0DHlu1vguQJz66S4XrdPgboWPXbCtQTb0Y4nb1EBxNkdLgNireTmpSNS7BXfk0pyW4PiQ++I4VF+26eib8rlIFVCnFCQgRsNAkBcAw8P1pNrj1DNLFkMi+iYiJqWK/PyFfTzQXry1W9yFxpMR8Y6w3xNTIfqWFSqGts5T0ua5JymbETKPpsJFYNmPI14LTAvgGLyxzg8zfZncHjcMCAGD+WRyRkNOpIlsRaw== + smtp-password: AgAWupYV/0gwgwnPyUQODkTfnf7nYRP9/GiNLF8ilUeOaHHGZRh7Jw5aZ0Tm93HZ+GKENOZxS+LTpo7ML1hMwia9rzqzgQobmHaPolqLSPa3EcdPaN5jSID7xsAZvylseAWayr6M+M7lOoC+YXqTXxx+i09Xg0OIDwHhzX2TpGPXc+S4CcSEnmQZR5pEhnfETKktRB2WhK2IXg5TyJlCrAUSrOoeAjQ9z1CwiLzwQvsLlIw1MHRk/xRy0pgpDZk0o2iKuWIjxlnPLPWqpia2cMcCfBW4xskONVxpVvIfdQqqpI7/fQ1vNKIQuoc5lSzrS757z+4VHRSYWlS6xlMOkShlEnPlP9b+RU0WioMR/AL8Zldt7tKTrNmZCl0zQSpiIQMFE2aRg1owI89ytoJFv738tVpMzscenI2llLXimiO2UA4kfg+VazFEe/vGFcnBnh1Bmb6sAIUpLvXl+gecqpq7uQqDUC4ZbbykJXUKt3waa+e022Q8qeQ3h/YfLdx4WKePzEBkyZJiu4bOcHLXsz5HWcsEWaJV8LB7z5uztOOmiYvlMisoK8G7HqI8bUTG9M7JL3thDIDkTT+OFwuUuukHIeyKu4wQPjP7/na9Ti/hw46t02C5C5ZqZoErpukMr7vHpF5vKr7ozpLDCMhjGDBlLPjnDWSX00QFsc7ft+AC3+Ap5Njy8kLh1fvodOLz3OlRLtd2955Hie7m/35E0Ru6Pyvb + sonarqube-password: AgDNzH+Syw1PBh8wmZtibfuSeCFHsWmNWF0VTHe/zHxUjhqxTxivGahkg9oqUagTBfWdhBPuFVZtbkAXmt4RYu7Qg0EcOeH+UBfurNSNKDKqeJ4nl+Jq6OJS9i1ELAkk0xos9QLxA9ADG/v8p9F9Nsy38z+M8gEi/nTVPqYWTjuuSDqGC09LzSdVo9YVKP1CRCYn4RKOts4q0oN9eQ5WigT8uHUbFOMryAxQY9qQkX8ouHX2VULxiIYALnhMQRMAPolUz52ekTgwQKq+QV/biG5X6ZErEcpLRbsIKT9rCNunKs3JP6VDZfqatKoyUqe6GLHnmZ0RaV8ed6PHMCKd4wSK4TsVVljOraUlIL6FYii/mKnCZsKvR4o8rHkKVmgtJn8lclGCOxxRrw7slZ/tqHnAJt8q9ux19WZAj1VnMKsa76MvasLCMTsMRpLVMbCgtU+NFytl2kTorR8de6iWoM5vc0aOnX3uL66y5K52cMc9aYGmHT1m0wNeWMfKSTYb8I60Bd1LS57GNXJxEuDFDzmkg7OUS6nA81mrZTRZHDXcCihD6BP3w4GhQFk68LW8dyNmhtARQROASx6jnEln2RoI2ob7BtvHW3KqDfemm8YezqZIRf00VyjpbxNIhoiXeTipp8e4Ib/UqWW+6PdTxVTndESBY3NtEE0XRfodrCcnliH85ETRngjBW7xEkFgPep5IXPQhreuKXzJFEDqky5IZ/cil2Q== + template: + metadata: + annotations: + argocd.argoproj.io/sync-options: Prune=false + sealedsecrets.bitnami.com/cluster-wide: "true" + sealedsecrets.bitnami.com/managed: "true" + creationTimestamp: null + name: sonarqube-secrets + namespace: sonarqube + type: Opaque From 0ca6b0110404089c24033b019109c5ff40225f63 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Sun, 28 Jul 2024 11:01:14 +1000 Subject: [PATCH 2/5] misc --- .../base/clusterissuer-cloudflare.yaml | 1 - .../env/k3s-cluster/templates/clusterissuer.yaml | 12 ++++++------ 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/infrastructures/cert-manager-clusterissuer/base/clusterissuer-cloudflare.yaml b/infrastructures/cert-manager-clusterissuer/base/clusterissuer-cloudflare.yaml index 2e4e443..85d58c7 100644 --- a/infrastructures/cert-manager-clusterissuer/base/clusterissuer-cloudflare.yaml +++ b/infrastructures/cert-manager-clusterissuer/base/clusterissuer-cloudflare.yaml @@ -2,7 +2,6 @@ apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: clusterissuer - namespace: cert-manager spec: acme: email: diff --git a/resources/app-secrets/env/k3s-cluster/templates/clusterissuer.yaml b/resources/app-secrets/env/k3s-cluster/templates/clusterissuer.yaml index ac93164..422f1a4 100644 --- a/resources/app-secrets/env/k3s-cluster/templates/clusterissuer.yaml +++ b/resources/app-secrets/env/k3s-cluster/templates/clusterissuer.yaml @@ -6,18 +6,18 @@ metadata: sealedsecrets.bitnami.com/cluster-wide: "true" creationTimestamp: null name: clusterissuer-secrets - namespace: cert-manager spec: encryptedData: - cloudflare_api_token: AgCbMEVFd5to8bO0YmfO3zF8hRcyZwqvZQl4OLPJSu0GHcCg/t3eGjxgwpQoQGZ+r2qVqElZw48t/IRxfNC4CJDOXkJaMgxs0j/H3UJBqbRMOvOAKOZLx+Y46+ZeYqRSKDGiWlMwQXM5WP9CKT57I94DmHdmD5BYwICLJLR26Rnx0B9PBT/ZHUaolOD+lzt25VxvrnGOiGaSEyLTzjTptjviYtOFBGW/t1bu2odMkBE4V0/9iF2HwI/NtrZZz1qnCLIC2qkPg8jvmb6N5MRxJTGBDILiOZ/AgAk/+NLTp3pKKsY8MyE27lYkpRRCTpX9WEh7etAbNHwuSvd20MHuXXnhzO99uIfN1fFfMKAp1A5/X+Qr0AauVismgtnwtfr7iH2vcXPh+xHbMlOAzEfY0/ngMGygVsYtmRaayRENa+RT8UuPnDbCc9t+bcMhnLgyjy7I7hz4vMhEVRdsQtFf5lrHPMRZlTJj8GkqeAD+PzyWWv27h+1NyqlBtC+oSc1y42eTDHl4+cEMcC3qBRffHT4N4YWebJqJvzwPMsnMAtNbrjxcyPm7ymc6DD+v6v3jmM0qCa02oFSFPUvWA8Gm/pRRS6NLvYmCUP66PeKbt8Qut/zIbbMs8p/0uXqH4ng67momW/G1whjIrssKn9G+zC/hwtsQYaWwDNZEgKtLsuwMBBOV1xJCT1vENRnT2ohGTdN/lGqDqhcuKpSVymzjZVJY5P0uBQHrPNmyPIWi+Z/zhzaJDxauCbEf - cluster_cert_domain: AgDG3hcEILj+UjzGwsG9E9M1BbmFljS2oYQGm0d58/VF4W/SmdtIYIPLfaKfB722AXOM/PVHp3jigfPbcoIo3UD0c70T7voKlJNDdeLnCmrYaVEV7+rV8op3z90iuXn7CYc1BfQV3arvhhAbFmVIpCDso9W0gu4blfT1sQsPbRlSuUPWgNnwEUhFMTuZiZX0cgS1UU+HlrLpN4lkV/4llzsy5tzQhcfOBsQe4jR5Qsyb93eBP3AX7uRWVXHrocZK3/GzOeVRdKKwrWlJNJm1mhJNtlCMbaJogGkY2L+31YeyprmCb/JcTRFKKCTTUZRx3CnQZ0YwWg0WrFKXTOdMx2vxfHLJpOkhvYLVLLiTWdz4bzabYBPlrnkrNg41/e0FQO++ESB6Q3GHCxJFy1YdS/V49fu9MdAGDRFP0POUg1UIahzjDYa7S/Ku+iD0J8NOtUi4Cr2yBfmvr5UlgUnrwH0wcUmLnuOUJEbYCjaqS7j2j6dn9OTvamjVgn/4T/6gwyPBiAQ/y9P8LaUyrUezzDABrWqEu5Qsvmna9B86ilQsUw6IVBfLsNl0ME/SBfSykINSNc14ZOw3iai4WoDepqHEeD2Ymbkhu/OgH+zPSldnx05Oxkukgf4LwpgpIJlFPLhIa9huP6X1uUHa90B7XlC9rKYOmibZXz1ke/ii3yMcAq6A4U0wVeEszmFmuGKuaJ/hJ30rpoqaxLhfeulHEFR2p2QvYfc= - cluster_cert_domain_wildcard: AgCR/eTXHAoG2sZEF6tzXcz1Y8dJwoxKQ4lYFzBXFKn2ChnucPfTciQjeOGkf2PRMInooFHSK9IDxetEWN/6jI0XBN4n7yPKpE3dii/5G7Zsi0vxTraDPyHHPTW5kLrvGXXL2gLYiKe2gyHYB9VG+0jI2/B4UJP57LCj3+2vmQhvyrANBLFMi853bvi4nGGPJ0YFbPpmSxqKVgL3jVkrOaM9sCTRGpfAtF901IY9dOrUgIwguYHAj/YU6LBynCPRDdBMCR32OH+PDNFvgZXmtn65sxsgXZV2AkMchlq+IhmW7tWjUdLs0JhOvDWCYUkdFNifZmc7cRsz9PpyRDn26w29VYreujc3SEu5kA0a5uloOvrUGtInBuieZ0y1IVP3BfWd3SYeHq5yhAwLbpG14Tbbs2KSo2d6JqIbSrVvQNlas5G+WBdauIZ9E/Arpe9iXlTdQhg7RpLLJuojZHTuZORpJC4/aSxx67laNj/C8Oedm7sIsooOzxm7YRxANaX0KLnz0WJLWj8G5qvKJ3ci90foV9a0r21P5TADbshhs77hOuXIiwJfWvsQA/shGcbmekXgxb2mN0+chZYaX5yY1Xi0N1Cmomq40um+ttQzzlTc5KVSXUwUHyIj4q/WUewZoKR51aFTuLQILXUvhe8s5DZSyS1d5KrNNC8g1YEeMYA8qj3xnt7FDvtXcKtgQOc/kFQyoXfDBvEP5Z3IRgohLy9Xms5/Mt9W6g== - email: AgBJpWtgrhqOcRNWNcuopzTN+uDgPOuwVYQEHneheBFNpbnsMYHJi36HKIoLsxl0eWcMISZW92Snr+UpdZQXsNkHINNPi2vpSrKz8SGOXDTJsNs8CgpqynjDF2tSb7R+oyXBs4IW65JnSr3jGpOnDSgvEjdtQushzeEiZMvjEj9PyboeqqbuF0nay559Gk2NBWkVLKnSOTTojr8bQJXkivNA0cunrr0trTrYGK4jEa9A76e3VqYHwCeeSiVe+BsnzIx1PRVcEmPQaDwDnjNzGU3ungSNTpzkllSJQknWFHFeeVIUZXKlWkOq7yv0+UmtiUWO4AO6tbsgmzQ0l0oa0wNa7fljqMM9wqffmWsuyIB7hshpOvAz5bQejjNohzjE4EzHM1idknbi6FD+Reey22//8Iug+BHIxG6NSi+jByBm4iIfac4ZZlpbuE/ha4OfW8FHJkdRvrqnL1mtAYFbN+IMq68VO0mMqjchN2XY3wsMV4XP6uU9G7j2LJxAYx60od+mZGvMde0l/POKiTzJx/dvay+B4b5NPgTi68UV4hSiohHWFBR9hPGLnaaym7WHM1zs+4h9aVrqYrL8H0SubgRu5RbFbO5CbdpHbCtM7ug/Ovj9Nq/aDr7e0QhgiyGSS3FX92FdQ208Nm5fp32lrXk5n5eUCW0H3m1qg0zAxJCjaVHQ+ld3Bp7PFZFucJfeOOJcl27poqiqM4834+6C+cvSR4YU + cloudflare_api_token: AgCAuJhv8wjd5SnjELrGygbgOD7M7T7tW6yEECznaKnGYOLwoDAbl1dzuinLLhEaRTVR4j9PnOn2tdbFouZEIeyYYBjQFienvaJ7n4o6zuNtAh0DgsyKpR62pLLeXnbjf8FU1WIeY2BQVN/g2YECXywgqKD3xrOd6HXGKU3wuHIvjr/AIUcBGHZcQjsv1BHeHR3vo9VClg6vTkpvWYqYpn6QUcu6xbx8hwtSn5a3nKHR/M8sqBjLrW8zKbzSMVdBGGArLQbcq5QkIpBkGw7LqY29FvE4X03ezTpR6llIYemq++AJnU9Ni9IJEV6IcCnPVDnPH2JYvdnhZy6mfS07ucUaXEikBrPrkrisxA44JSJtUwLR9uikqg/CGaDFcEJmGrB4IAHd5mlnvzfUSNQoOS7Mfd2/rEn2sguJ0Y6NKLp5qmnpe+Nrb86Cgkqd/XCzWgobrH2aGImoGDry5Lmig2mkqvyUPbrmpt+wPxAN/MxXEB0n6y4GoNEsFyWAM5qiP0fv2TUnqpOhWaV+g/dbRUO7WyO6FdUKB6pFy9sLBw+9uVxxa5cq2blodYOW4+2nvSB9azKjMLDgumyJoQzlzH+Uw2dGvKBxE2RF4298H/QRMwPu6qQFlSNGEU5kRToMypuadSJS4f2VdLLsQz+hKODoVZPTQ/5mak0eTVWJYqCyaLJfF0PgAQoxCNprR+zodAAhq0ktuDUFQdu6cmiUXDYI9gFLxOjXiOKQoJOH9RickYy4Wh+u4Yro + cluster_cert_domain: AgDcKXh77wcKpAhZgUH0l4LtjxFNeboVti3TumJApfac3sorIe7HmVwZObruYejyd3Ntp7IHUeEC+Bkek0VVDkHvembbwL6UXmohGqmTyFWH0cRPlB3TLFxM8PD5phrWcCLbjJLUaIYQXM1D3z5QFZFYA/hGlHChalnl9N5RddifUY//mHyQuYnlR46hl2zYAYJx4+tjo9Y+DzNwafB8tbOpfkBtFpko28WrPF4kefujxiafCJU6RqC5Xapp3A0Ho1POSYq0ZmaF11E/7ZWyyGlux5T5W7viHYERvBCAi+4BUbBKw1V8XxSomSOcg1L+rpOmnIGHPBcPXHmaDCVBUxVemR9QrKXE9zEngbT8MZQ/WEhyiIixo6O7L5q4v+tB2DDiQJDKfb3hUJkql5FjKF4cgA4JCGpT4KVyo3eo0C9GGbqm9CDkol5sf0pD8x6TweVB54aYe1Ud5fZfiXSPXO1gaKk7/SedCI2nUIltYHHPZDPG7lqk3G7E13DkkGVrXxer9giqKSWBNXco2ovA2Dfc1zY52dZEdOgwIy5YWeDX9kahYcI6WL6m0WMlBT/npkxxXQK9LYz7Y3wJxtfT5nwipELstLLTfElGZujpepBPJP5Ud/o9KtdLw/ffv8F3yKTSygyU8j2zvOw7ghypDaidFQqqdRzMTapdh0fRntIZMtCZ8GzAfEmzCiHu87K1DgK/F0RL8C/4n3FHlNuGUn2ElFJ42zk= + cluster_cert_domain_wildcard: AgCC+IbL1zKQoZs9rQwCMpaPrforRJ1LUq0pw7vRGvetKFHFNQ8sStYtvaAezqE0srKccoNihQcXFFBVqMJVu6wBYhlSiWoicvFRjfpAIcEs1SR4md3wYjzQk365bISRLoLexKVO10wk65W8B+LS//Mct0AVAVNLIeN7FjDeFCD0JFvj2Yi6Sgcmb/zlqSC39tRrdB8ki9wH/wvSqi7LOyISHE4Tn8DUq104fyabVlBGIvAIOvQ/foMQBjVKFkRthwsfMZ1gvy2yok38y94wC/bSLScwynF+ZSLYEprELVwuZeS/QvFDldkVd7lGNWivyiqUAxy4hQhEFBv0CXElQ9Ng3zcKUAfpZzOUmux8HzbQofsGvOyereovYvAN3fz+clCoOSuWi248Qwg+jetVWSPNsbx4Rx7mNoZzmr/m4iaagYcarEwkC00YH6JUMWpYDfWbyMaBcXrGqugBmGZKmMMpN3fDf4A/q10osV4doM0Imv+c0QK3cA8T6W3wAsi/DtYa28O/awHUxZhwsBLGV4QmzL8IAIs9Qp9cR84mzhRS8hbsjb5oRB/13xr8r9wQ7x52yCuGV/M2e5jm3mEZDZ9ogoi1EtL2wcqX46i4JLt+rlmDNqqiXyviHT70xmmQMh6REJTHAEKMRVeqLKnlXu9fR4ge1GhkiiC3jWp+fO5105zRcyYrih5GZ9kVql2yg/ZcGDpVCLGyg/vrUJFn1LjdDYXLwXAioA== + email: AgA3ZT2M6IkHVpDC2UfvCnjfHBcuh35o7zW9vNDeLR9690Ur/7LT7jZQXMyrvAG+j6OnaCPFhVYgAtEw32kvGWM1BZCbOIwHXSswulX00469UnCLnZS5IXFR47A6PC7yxQE7BE90xNQdhq884fBvG/P3Qj7IgyU6MzPMClslt0YDqL2+liYFgnXqReuNyrJPh4+qRH+HpZ9tUVHlSmGWr2kSjarWjv+vd/uew/6NT/DSTZX+8DHEDzbFdvE+BYm9YrF1yQGa5sy8Ocb6vndmj2NdczfIf88jhuyNFaIws2yLQTgEw9xST72eCB1ADRXZ4bPn8vOkR/xtmXfZw45fn12cFqzR8Z54h1/1MarN7B0KhjnJ6siTFt1D8wN8PmpTqe9r3gzFcx7yKlcRdnIpgGHcX6N4+u+xQyrPeXc2QhxBV9zEz0YGMOH6wAsi8xcYxyHpx4DCgxpR/SAuqRDX3x/JdzZUouBaa/vMx15b9OFn+eG7N3XMRTIHcYF56uuZ45l9iOFIm3f0MczqGoeUspqVyl+OIBf2GKQJgMACUMzMVhKwkGDg1Lt39Dcg9IQXS91GXb3PWceFuq1fJjh9DtRnAfhB83FlZbtzHBKGGhXQ0lopLmmed5wge/xjK0NgWGhdSinhBMKLfwD55akAXWCaQGVeIqMaca6QR1YOZXRGyZKGl+w377lAl+4rEW4uKcIUfmEPmc6o15NfZMXbSfrrRC8W template: metadata: annotations: + argocd.argoproj.io/sync-options: Prune=false sealedsecrets.bitnami.com/cluster-wide: "true" + sealedsecrets.bitnami.com/managed: "true" creationTimestamp: null name: clusterissuer-secrets - namespace: cert-manager type: Opaque From ac3d427b482205509cfd2daeb6b2ccf9f3af4ee4 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Sun, 28 Jul 2024 11:02:48 +1000 Subject: [PATCH 3/5] Revert "misc" This reverts commit 0ca6b0110404089c24033b019109c5ff40225f63. --- .../base/clusterissuer-cloudflare.yaml | 1 + .../env/k3s-cluster/templates/clusterissuer.yaml | 12 ++++++------ 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/infrastructures/cert-manager-clusterissuer/base/clusterissuer-cloudflare.yaml b/infrastructures/cert-manager-clusterissuer/base/clusterissuer-cloudflare.yaml index 85d58c7..2e4e443 100644 --- a/infrastructures/cert-manager-clusterissuer/base/clusterissuer-cloudflare.yaml +++ b/infrastructures/cert-manager-clusterissuer/base/clusterissuer-cloudflare.yaml @@ -2,6 +2,7 @@ apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: clusterissuer + namespace: cert-manager spec: acme: email: diff --git a/resources/app-secrets/env/k3s-cluster/templates/clusterissuer.yaml b/resources/app-secrets/env/k3s-cluster/templates/clusterissuer.yaml index 422f1a4..ac93164 100644 --- a/resources/app-secrets/env/k3s-cluster/templates/clusterissuer.yaml +++ b/resources/app-secrets/env/k3s-cluster/templates/clusterissuer.yaml @@ -6,18 +6,18 @@ metadata: sealedsecrets.bitnami.com/cluster-wide: "true" creationTimestamp: null name: clusterissuer-secrets + namespace: cert-manager spec: encryptedData: - cloudflare_api_token: AgCAuJhv8wjd5SnjELrGygbgOD7M7T7tW6yEECznaKnGYOLwoDAbl1dzuinLLhEaRTVR4j9PnOn2tdbFouZEIeyYYBjQFienvaJ7n4o6zuNtAh0DgsyKpR62pLLeXnbjf8FU1WIeY2BQVN/g2YECXywgqKD3xrOd6HXGKU3wuHIvjr/AIUcBGHZcQjsv1BHeHR3vo9VClg6vTkpvWYqYpn6QUcu6xbx8hwtSn5a3nKHR/M8sqBjLrW8zKbzSMVdBGGArLQbcq5QkIpBkGw7LqY29FvE4X03ezTpR6llIYemq++AJnU9Ni9IJEV6IcCnPVDnPH2JYvdnhZy6mfS07ucUaXEikBrPrkrisxA44JSJtUwLR9uikqg/CGaDFcEJmGrB4IAHd5mlnvzfUSNQoOS7Mfd2/rEn2sguJ0Y6NKLp5qmnpe+Nrb86Cgkqd/XCzWgobrH2aGImoGDry5Lmig2mkqvyUPbrmpt+wPxAN/MxXEB0n6y4GoNEsFyWAM5qiP0fv2TUnqpOhWaV+g/dbRUO7WyO6FdUKB6pFy9sLBw+9uVxxa5cq2blodYOW4+2nvSB9azKjMLDgumyJoQzlzH+Uw2dGvKBxE2RF4298H/QRMwPu6qQFlSNGEU5kRToMypuadSJS4f2VdLLsQz+hKODoVZPTQ/5mak0eTVWJYqCyaLJfF0PgAQoxCNprR+zodAAhq0ktuDUFQdu6cmiUXDYI9gFLxOjXiOKQoJOH9RickYy4Wh+u4Yro - cluster_cert_domain: AgDcKXh77wcKpAhZgUH0l4LtjxFNeboVti3TumJApfac3sorIe7HmVwZObruYejyd3Ntp7IHUeEC+Bkek0VVDkHvembbwL6UXmohGqmTyFWH0cRPlB3TLFxM8PD5phrWcCLbjJLUaIYQXM1D3z5QFZFYA/hGlHChalnl9N5RddifUY//mHyQuYnlR46hl2zYAYJx4+tjo9Y+DzNwafB8tbOpfkBtFpko28WrPF4kefujxiafCJU6RqC5Xapp3A0Ho1POSYq0ZmaF11E/7ZWyyGlux5T5W7viHYERvBCAi+4BUbBKw1V8XxSomSOcg1L+rpOmnIGHPBcPXHmaDCVBUxVemR9QrKXE9zEngbT8MZQ/WEhyiIixo6O7L5q4v+tB2DDiQJDKfb3hUJkql5FjKF4cgA4JCGpT4KVyo3eo0C9GGbqm9CDkol5sf0pD8x6TweVB54aYe1Ud5fZfiXSPXO1gaKk7/SedCI2nUIltYHHPZDPG7lqk3G7E13DkkGVrXxer9giqKSWBNXco2ovA2Dfc1zY52dZEdOgwIy5YWeDX9kahYcI6WL6m0WMlBT/npkxxXQK9LYz7Y3wJxtfT5nwipELstLLTfElGZujpepBPJP5Ud/o9KtdLw/ffv8F3yKTSygyU8j2zvOw7ghypDaidFQqqdRzMTapdh0fRntIZMtCZ8GzAfEmzCiHu87K1DgK/F0RL8C/4n3FHlNuGUn2ElFJ42zk= - cluster_cert_domain_wildcard: AgCC+IbL1zKQoZs9rQwCMpaPrforRJ1LUq0pw7vRGvetKFHFNQ8sStYtvaAezqE0srKccoNihQcXFFBVqMJVu6wBYhlSiWoicvFRjfpAIcEs1SR4md3wYjzQk365bISRLoLexKVO10wk65W8B+LS//Mct0AVAVNLIeN7FjDeFCD0JFvj2Yi6Sgcmb/zlqSC39tRrdB8ki9wH/wvSqi7LOyISHE4Tn8DUq104fyabVlBGIvAIOvQ/foMQBjVKFkRthwsfMZ1gvy2yok38y94wC/bSLScwynF+ZSLYEprELVwuZeS/QvFDldkVd7lGNWivyiqUAxy4hQhEFBv0CXElQ9Ng3zcKUAfpZzOUmux8HzbQofsGvOyereovYvAN3fz+clCoOSuWi248Qwg+jetVWSPNsbx4Rx7mNoZzmr/m4iaagYcarEwkC00YH6JUMWpYDfWbyMaBcXrGqugBmGZKmMMpN3fDf4A/q10osV4doM0Imv+c0QK3cA8T6W3wAsi/DtYa28O/awHUxZhwsBLGV4QmzL8IAIs9Qp9cR84mzhRS8hbsjb5oRB/13xr8r9wQ7x52yCuGV/M2e5jm3mEZDZ9ogoi1EtL2wcqX46i4JLt+rlmDNqqiXyviHT70xmmQMh6REJTHAEKMRVeqLKnlXu9fR4ge1GhkiiC3jWp+fO5105zRcyYrih5GZ9kVql2yg/ZcGDpVCLGyg/vrUJFn1LjdDYXLwXAioA== - email: AgA3ZT2M6IkHVpDC2UfvCnjfHBcuh35o7zW9vNDeLR9690Ur/7LT7jZQXMyrvAG+j6OnaCPFhVYgAtEw32kvGWM1BZCbOIwHXSswulX00469UnCLnZS5IXFR47A6PC7yxQE7BE90xNQdhq884fBvG/P3Qj7IgyU6MzPMClslt0YDqL2+liYFgnXqReuNyrJPh4+qRH+HpZ9tUVHlSmGWr2kSjarWjv+vd/uew/6NT/DSTZX+8DHEDzbFdvE+BYm9YrF1yQGa5sy8Ocb6vndmj2NdczfIf88jhuyNFaIws2yLQTgEw9xST72eCB1ADRXZ4bPn8vOkR/xtmXfZw45fn12cFqzR8Z54h1/1MarN7B0KhjnJ6siTFt1D8wN8PmpTqe9r3gzFcx7yKlcRdnIpgGHcX6N4+u+xQyrPeXc2QhxBV9zEz0YGMOH6wAsi8xcYxyHpx4DCgxpR/SAuqRDX3x/JdzZUouBaa/vMx15b9OFn+eG7N3XMRTIHcYF56uuZ45l9iOFIm3f0MczqGoeUspqVyl+OIBf2GKQJgMACUMzMVhKwkGDg1Lt39Dcg9IQXS91GXb3PWceFuq1fJjh9DtRnAfhB83FlZbtzHBKGGhXQ0lopLmmed5wge/xjK0NgWGhdSinhBMKLfwD55akAXWCaQGVeIqMaca6QR1YOZXRGyZKGl+w377lAl+4rEW4uKcIUfmEPmc6o15NfZMXbSfrrRC8W + cloudflare_api_token: AgCbMEVFd5to8bO0YmfO3zF8hRcyZwqvZQl4OLPJSu0GHcCg/t3eGjxgwpQoQGZ+r2qVqElZw48t/IRxfNC4CJDOXkJaMgxs0j/H3UJBqbRMOvOAKOZLx+Y46+ZeYqRSKDGiWlMwQXM5WP9CKT57I94DmHdmD5BYwICLJLR26Rnx0B9PBT/ZHUaolOD+lzt25VxvrnGOiGaSEyLTzjTptjviYtOFBGW/t1bu2odMkBE4V0/9iF2HwI/NtrZZz1qnCLIC2qkPg8jvmb6N5MRxJTGBDILiOZ/AgAk/+NLTp3pKKsY8MyE27lYkpRRCTpX9WEh7etAbNHwuSvd20MHuXXnhzO99uIfN1fFfMKAp1A5/X+Qr0AauVismgtnwtfr7iH2vcXPh+xHbMlOAzEfY0/ngMGygVsYtmRaayRENa+RT8UuPnDbCc9t+bcMhnLgyjy7I7hz4vMhEVRdsQtFf5lrHPMRZlTJj8GkqeAD+PzyWWv27h+1NyqlBtC+oSc1y42eTDHl4+cEMcC3qBRffHT4N4YWebJqJvzwPMsnMAtNbrjxcyPm7ymc6DD+v6v3jmM0qCa02oFSFPUvWA8Gm/pRRS6NLvYmCUP66PeKbt8Qut/zIbbMs8p/0uXqH4ng67momW/G1whjIrssKn9G+zC/hwtsQYaWwDNZEgKtLsuwMBBOV1xJCT1vENRnT2ohGTdN/lGqDqhcuKpSVymzjZVJY5P0uBQHrPNmyPIWi+Z/zhzaJDxauCbEf + cluster_cert_domain: AgDG3hcEILj+UjzGwsG9E9M1BbmFljS2oYQGm0d58/VF4W/SmdtIYIPLfaKfB722AXOM/PVHp3jigfPbcoIo3UD0c70T7voKlJNDdeLnCmrYaVEV7+rV8op3z90iuXn7CYc1BfQV3arvhhAbFmVIpCDso9W0gu4blfT1sQsPbRlSuUPWgNnwEUhFMTuZiZX0cgS1UU+HlrLpN4lkV/4llzsy5tzQhcfOBsQe4jR5Qsyb93eBP3AX7uRWVXHrocZK3/GzOeVRdKKwrWlJNJm1mhJNtlCMbaJogGkY2L+31YeyprmCb/JcTRFKKCTTUZRx3CnQZ0YwWg0WrFKXTOdMx2vxfHLJpOkhvYLVLLiTWdz4bzabYBPlrnkrNg41/e0FQO++ESB6Q3GHCxJFy1YdS/V49fu9MdAGDRFP0POUg1UIahzjDYa7S/Ku+iD0J8NOtUi4Cr2yBfmvr5UlgUnrwH0wcUmLnuOUJEbYCjaqS7j2j6dn9OTvamjVgn/4T/6gwyPBiAQ/y9P8LaUyrUezzDABrWqEu5Qsvmna9B86ilQsUw6IVBfLsNl0ME/SBfSykINSNc14ZOw3iai4WoDepqHEeD2Ymbkhu/OgH+zPSldnx05Oxkukgf4LwpgpIJlFPLhIa9huP6X1uUHa90B7XlC9rKYOmibZXz1ke/ii3yMcAq6A4U0wVeEszmFmuGKuaJ/hJ30rpoqaxLhfeulHEFR2p2QvYfc= + cluster_cert_domain_wildcard: AgCR/eTXHAoG2sZEF6tzXcz1Y8dJwoxKQ4lYFzBXFKn2ChnucPfTciQjeOGkf2PRMInooFHSK9IDxetEWN/6jI0XBN4n7yPKpE3dii/5G7Zsi0vxTraDPyHHPTW5kLrvGXXL2gLYiKe2gyHYB9VG+0jI2/B4UJP57LCj3+2vmQhvyrANBLFMi853bvi4nGGPJ0YFbPpmSxqKVgL3jVkrOaM9sCTRGpfAtF901IY9dOrUgIwguYHAj/YU6LBynCPRDdBMCR32OH+PDNFvgZXmtn65sxsgXZV2AkMchlq+IhmW7tWjUdLs0JhOvDWCYUkdFNifZmc7cRsz9PpyRDn26w29VYreujc3SEu5kA0a5uloOvrUGtInBuieZ0y1IVP3BfWd3SYeHq5yhAwLbpG14Tbbs2KSo2d6JqIbSrVvQNlas5G+WBdauIZ9E/Arpe9iXlTdQhg7RpLLJuojZHTuZORpJC4/aSxx67laNj/C8Oedm7sIsooOzxm7YRxANaX0KLnz0WJLWj8G5qvKJ3ci90foV9a0r21P5TADbshhs77hOuXIiwJfWvsQA/shGcbmekXgxb2mN0+chZYaX5yY1Xi0N1Cmomq40um+ttQzzlTc5KVSXUwUHyIj4q/WUewZoKR51aFTuLQILXUvhe8s5DZSyS1d5KrNNC8g1YEeMYA8qj3xnt7FDvtXcKtgQOc/kFQyoXfDBvEP5Z3IRgohLy9Xms5/Mt9W6g== + email: AgBJpWtgrhqOcRNWNcuopzTN+uDgPOuwVYQEHneheBFNpbnsMYHJi36HKIoLsxl0eWcMISZW92Snr+UpdZQXsNkHINNPi2vpSrKz8SGOXDTJsNs8CgpqynjDF2tSb7R+oyXBs4IW65JnSr3jGpOnDSgvEjdtQushzeEiZMvjEj9PyboeqqbuF0nay559Gk2NBWkVLKnSOTTojr8bQJXkivNA0cunrr0trTrYGK4jEa9A76e3VqYHwCeeSiVe+BsnzIx1PRVcEmPQaDwDnjNzGU3ungSNTpzkllSJQknWFHFeeVIUZXKlWkOq7yv0+UmtiUWO4AO6tbsgmzQ0l0oa0wNa7fljqMM9wqffmWsuyIB7hshpOvAz5bQejjNohzjE4EzHM1idknbi6FD+Reey22//8Iug+BHIxG6NSi+jByBm4iIfac4ZZlpbuE/ha4OfW8FHJkdRvrqnL1mtAYFbN+IMq68VO0mMqjchN2XY3wsMV4XP6uU9G7j2LJxAYx60od+mZGvMde0l/POKiTzJx/dvay+B4b5NPgTi68UV4hSiohHWFBR9hPGLnaaym7WHM1zs+4h9aVrqYrL8H0SubgRu5RbFbO5CbdpHbCtM7ug/Ovj9Nq/aDr7e0QhgiyGSS3FX92FdQ208Nm5fp32lrXk5n5eUCW0H3m1qg0zAxJCjaVHQ+ld3Bp7PFZFucJfeOOJcl27poqiqM4834+6C+cvSR4YU template: metadata: annotations: - argocd.argoproj.io/sync-options: Prune=false sealedsecrets.bitnami.com/cluster-wide: "true" - sealedsecrets.bitnami.com/managed: "true" creationTimestamp: null name: clusterissuer-secrets + namespace: cert-manager type: Opaque From 719c75b91edf9f3b446a008c8777c33c9b5a4a43 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Sun, 28 Jul 2024 11:03:17 +1000 Subject: [PATCH 4/5] misc --- .../base/clusterissuer-cloudflare.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/infrastructures/cert-manager-clusterissuer/base/clusterissuer-cloudflare.yaml b/infrastructures/cert-manager-clusterissuer/base/clusterissuer-cloudflare.yaml index 2e4e443..219fd87 100644 --- a/infrastructures/cert-manager-clusterissuer/base/clusterissuer-cloudflare.yaml +++ b/infrastructures/cert-manager-clusterissuer/base/clusterissuer-cloudflare.yaml @@ -9,6 +9,7 @@ spec: valueFrom: secretKeyRef: name: clusterissuer-secrets + namespace: cert-manager key: email server: https://acme-v02.api.letsencrypt.org/directory privateKeySecretRef: @@ -19,15 +20,19 @@ spec: email: secretKeyRef: name: clusterissuer-secrets + namespace: cert-manager key: email apiTokenSecretRef: name: clusterissuer-secrets + namespace: cert-manager key: cloudflare_api_token selector: dnsNames: - secretKeyRef: name: clusterissuer-secrets + namespace: cert-manager key: cluster_cert_domain - secretKeyRef: name: clusterissuer-secrets + namespace: cert-manager key: cluster_cert_domain_wildcard \ No newline at end of file From b076fb478ec83eb652ba81006c18e8a1c7e9bd3f Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Sun, 28 Jul 2024 11:05:23 +1000 Subject: [PATCH 5/5] misc --- .../base/clusterissuer-cloudflare.yaml | 27 ++++++++++--------- 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/infrastructures/cert-manager-clusterissuer/base/clusterissuer-cloudflare.yaml b/infrastructures/cert-manager-clusterissuer/base/clusterissuer-cloudflare.yaml index 219fd87..ad58e73 100644 --- a/infrastructures/cert-manager-clusterissuer/base/clusterissuer-cloudflare.yaml +++ b/infrastructures/cert-manager-clusterissuer/base/clusterissuer-cloudflare.yaml @@ -18,21 +18,24 @@ spec: - dns01: cloudflare: email: - secretKeyRef: - name: clusterissuer-secrets - namespace: cert-manager - key: email + valueFrom: + secretKeyRef: + name: clusterissuer-secrets + namespace: cert-manager + key: email apiTokenSecretRef: name: clusterissuer-secrets namespace: cert-manager key: cloudflare_api_token selector: dnsNames: - - secretKeyRef: - name: clusterissuer-secrets - namespace: cert-manager - key: cluster_cert_domain - - secretKeyRef: - name: clusterissuer-secrets - namespace: cert-manager - key: cluster_cert_domain_wildcard \ No newline at end of file + - valueFrom: + secretKeyRef: + name: clusterissuer-secrets + namespace: cert-manager + key: cluster_cert_domain + - valueFrom: + secretKeyRef: + name: clusterissuer-secrets + namespace: cert-manager + key: cluster_cert_domain_wildcard \ No newline at end of file