master
Robert Burgess 2024-08-11 23:42:27 -04:00
parent e8e6034449
commit fd10fdb676
11 changed files with 141 additions and 1 deletions

3
.sops.yaml Normal file
View File

@ -0,0 +1,3 @@
creation_rules:
- encrypted_regex: "^(token)$"
age: age1t4epxq5lzcnyj4xjav9jgnvnyaucyk243y4np9h78fx3k8lc55lqv6uu4z

View File

@ -0,0 +1,19 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: kx3dex-radio
spec:
selector:
matchLabels:
app: KX3DEX_Radio
replicas: 2
template:
metadata:
labels:
app: KX3DEX_Radio
spec:
containers:
- name: kx3dex-radio-site
image: gitea.simplysyncedllc.com/dex/kx3dex_radio:1.3.0
ports:
- containerPort: 3000

View File

@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: kx3dex-radio
resources:
- deployment.yaml

View File

@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: kx3dex-radio

View File

@ -0,0 +1,13 @@
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: cloudflare
namespace: flux-system
spec:
interval: 60s
sourceRef:
kind: GitRepository
name: flux-system
path: ./infrastructure/cloudflare
prune: true
wait: true

View File

@ -1,5 +1,4 @@
# This manifest was generated by flux. DO NOT EDIT.
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository
metadata:
@ -19,6 +18,10 @@ metadata:
name: flux-system
namespace: flux-system
spec:
decryption:
provider: sops
secretRef:
name: sops-age
interval: 10m0s
path: ./clusters/pi_cluster
prune: true

View File

@ -0,0 +1,13 @@
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: kx3dex-radio
namespace: flux-system
spec:
interval: 60s
sourceRef:
kind: GitRepository
name: flux-system
path: ./apps/kx3dex-radio
prune: true
wait: true

View File

@ -0,0 +1,43 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: cloudflared-deployment
namespace: cloudflare
labels:
app: cloudflared
spec:
selector:
matchLabels:
pod: cloudflared
replicas: 1
template:
metadata:
creationTimestamp: null
labels:
pod: cloudflared
spec:
containers:
- name: cloudflared
image: cloudflare/cloudflared:latest
args:
- --token
- $(TUNNEL_TOKEN)
command:
- cloudflared
- tunnel
- --metrics
- 0.0.0.0:2000
- run
env:
- name: TUNNEL_TOKEN
valueFrom:
secretKeyRef:
key: token
name: cloudflare-secret
livenessProbe:
httpGet:
path: /ready
port: 2000
failureThreshold: 1
initialDelaySeconds: 10
periodSeconds: 10

View File

@ -0,0 +1,6 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: cloudflare
resources:
- secrets.yaml
- deployment.yaml

View File

@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: cloudflare

View File

@ -0,0 +1,27 @@
apiVersion: v1
kind: Secret
metadata:
name: cloudflare-secrets
namespace: cloudflare
data:
token: ENC[AES256_GCM,data:MeAb854uwBi7ELRZwwJCbuuOAr1HD+JhfdEALu+twexHO+y7935+ZSVGOuhRDnSnihZ2dnI9GayPRqzvfecLUvu5Av7aPDlwMePCJJxhCBbdp0Igj3cZKotC67rH5/qOgtEYpkbqbcb6P0yCytgfaAthqyVcnm/3m6dVDi5H/fveN0Js/5ZmvgyZs0KWsKYXpybGhzr5mdwqza8cbdTVgNpcHbX6B1c9sCun079AWY7zpu2nnv+wbQ==,iv:XGfXGLOUdDPAuEavfs4R+WzRRuL8x4DI0qh44FN2rNQ=,tag:Ugrtirdj6Tdw/DaRZ4nq2A==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1t4epxq5lzcnyj4xjav9jgnvnyaucyk243y4np9h78fx3k8lc55lqv6uu4z
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4bHhOQmg0Qy9EMWhUUGwx
dExua2xUcldqaG93R3pxQnNaQ1J3OHFFV2xJCkJHWWc5amtEL2tqY3ZBZzZPdWdB
bkszNkZmWStZVUpHOUJZZERSMVBoOVEKLS0tIDNWSHJ1blFHVUt1RjZCQXRzRllr
Z0xjdWp6Vlh0dGI0NjhzN1laQis5eTgKwC8SVX+zcbZSKEnYI2HXROghqLcy9e0n
ndGw43qhaqJBra2RBfPHk6zRfOaVDpiZI07Hw3yIrDQXVjKNV+dHuQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-08-12T02:31:32Z"
mac: ENC[AES256_GCM,data:4gwFi+a8LWh/qXE7OChZs00E6Banq+5AYV+qyp8V1zKD7wpvEnsnVTkqCvH1KisO/xWlTuAo1fVkdGdhyQwnIKrHgxiWQ7EV+fkw+60Z1HpCOI+axLnlVV78XZW0J+jth8uGkvjE6aR0vGMvelET4Vd1BWx0rr7wUP0cOrswuqU=,iv:xjQvKl9O91y0sH9tkBovVyK6G+GfJYBe8o1lFtH+LM0=,tag:EdzeuE8RZH5lynT/oqWiww==,type:str]
pgp: []
encrypted_regex: ^(token)$
version: 3.9.0