diff --git a/kubernetes/bootstrap/flux/github-deploy-key.sops.yaml b/kubernetes/bootstrap/flux/github-deploy-key.sops.yaml index 3e462462..e14e9304 100644 --- a/kubernetes/bootstrap/flux/github-deploy-key.sops.yaml +++ b/kubernetes/bootstrap/flux/github-deploy-key.sops.yaml @@ -4,8 +4,8 @@ metadata: name: github-deploy-key namespace: flux-system stringData: - identity: ENC[AES256_GCM,data:FghbmHdYNiNPGAsNBWaiOBdYFI3FUmCDIuTPyr/27lwcbf+19l+eYtyMCnSoPUqMt4+TxmjJOwmsFQ7LXJe6xveN7U1D7aKibo4fqvJNF+Oa5jez8l2Ts0kePyXrUMbaM5OJPmwtcfYgh3AGX63vLKzMNkfKBbPYn1T+zOLzOQuOuMEGeKWGoePo6W+LpxUWw1WVSrlHwk9Xa96arOcnsVgD3nOxzAiF/8WMMCwpYUTNIwywGHOKH6wkmCobXb7zGROSnJ6b/56Rug/v2HDjRUKRcUJ/5XtE2jHbQN/MHFgriA1xBrhtkn9XC6DOOVvLzyBHYQPZD2p365J0biENcrVEtoKtib21SXpDi5Ryz7I9paxr2r2uVqdgRfFXJdCrfGD3zNnXZ6xR2/M6thb2dd79A2CMkzW9oKJagGBxQKBbDH6jAhqO/HiMw0FeiWeKjEyLEXvOGSSlOBHw7Lb1ggdyBY/7G4+D5BD3G+Id3iSVnXv4nYfGJj7n3uWScvttV3TDkCIg+CL4gk20NmlCxcsepuYnUZVpb3B3d5djTG0ZhJr2cnTO7m4ISycBSTVp85T0nQ57ATZDEG/EsEqLHAkLOx8+fBCu3S3IFjAnMMSmc0TDV6LEpO0qySIAsDglhrdJzZ2U2xphKJONIHqYAt8Qe6L2BIvGuR4CiAFMpo7bfP4yqF6ev0G8rQ8I4R5VyPFwjyl5PkeE0N00iD1+yGiFLLyahTzBQJerBa9jmdwafIwwMgWBCoKTcEQpr2RIL9d7n8SKFgU5wh0qQDsdkBS/6bPXqYCxiCAWX+Aaz7ZuWSsZ/SKHRFXzuPc0c71Lbn+8/fDgwzQLzUgnmQRdZJ39N7iqsnz2m9Crb3t2HUP8sa9z/FNLraKKkX9a3DyMkQrEg+03rygRnbrTFqpBymU1HVB0OtZiTr1V0zeJALHtxbtA9vsurMyYDPpyMW6Zk+a8PO8K1xlFCQGk6dJD7A==,iv:h18Wpn3qHVE0T5ARI4caqtMIrLXT/wXoOGB3tk24Vg0=,tag:b3llgHu4pz2H1RHCsHwt4Q==,type:str] - known_hosts: ENC[AES256_GCM,data:aEXY+rmhlvOxwzcPYixBhr9bSl7A4O+hIi8UbcTWakOQb4d7zLW3BKkwGtFHqvD4VNrahey97yS6uyrEAqx5GyUz9SOseOvAqFuANFfha+jUrQ6dwAawrjeJpPLP3jNJdwwOuKRKIFSnfWS+agw4YvFxcWFk9Z6WACFjL7u91CyU7ubha2F1HgSDBACeeVozILyLpKNMnLkfc6S74MgGayLTBwY39o1hqMYyBNjYM1v+EsMi0v1mowsuPBcBHLj6dIMi908yWyhkLG9CYhCJRQroYqgwEt5oP7nS8NW1I7SBnsVbM+TRlGs81bdEM4/xRkfPbMb3Jx2IGStYPgP9YtjS6u2jSsoX1Ugipy0rUa5gudgW602OV6Tp3ObRmU6odaPLVOsz+GYt9+E+xp6dV+FGfZBWGZVF3jo8AdvnC4E2VBv+uvaw8QzGpX3V8KRo0UrRJUld6ZkVuTtetufCpa3N1BKALfXOKMRk4uceRUmiBg/pGY1wW4LjXPt6LCfMnbR2gHfzcGXth0QYZyxIDiMKAGkDW21OJuAymvotM4d13zhG4h8MFHniU+RtAferza/9NGMxMI7feiWV8aqfAtMX9wj8YKTWAxZD5/LVQ9Nzz5g5Pye+K+Sbeb/TV60OgWZfBU2co9XVhWDTzv+2cswpETnC42wibaDEGsBNqudM2Bk3N3R3X6lKF6RFi/Phf3Vm5jy1D6ydO3l5J0kyEcO9WN+K721i9qfU2UsQydC9hY40/7LaFHk8D0Y2kFQ7Xge052ZDc0wbK+4TukDJt2NfYrdC+V5oKr1GnzsfKq4JqESKVGi73Nay4lxPHm2lNialP6ANIHrpmkC23tx1CT656d+gwhoHaL9ah0blWxYSuhdT1csne9WU/HsDdB3KOiB/u/gehP43DIiBMfiKPbcDpokFenWYM3SQaN2EhwqIyqb7EEFEdrbMzcIwv2J+FiKqkVKtyuKYNwXshnb780pCV9B84DPFQ6Im+5BO3DroRX8Qv4Gn3uAMqAfjGOFjuMEM8Zgc0Kj9/XtOvf34eZs5XUtkZvVB1j7sFvgGJU94Qbu3MQtThAg+QNYqszAFuu6BEY0jxrPxuiqb,iv:m2o7hCCXaeUWAFuRqI1lhbaqus9ys9z0m6ugHiWspbA=,tag:gMWSQuFMz6Z5wQg88UAy6g==,type:str] + identity: ENC[AES256_GCM,data:GLGyVH7oMcGRaRCCJdrNUSESA/yaqmN5i5jqwgIv2Kwr2dpUlHVDEj3A9lrqQggyh0yW9bS6u0gsHgO+BDFV/E3WAgoQRd/HJ60BtQ3dfI3TAU6jbUS1zkCjSoQTtIMmrZhQPWNqXM1Pbda63vgdzwJJBgY1vcS8KG7N4skREBu6HBZ1T0bUp3LfbH1FHamcdKXHJsT/70thDPpZzkUNJ9DYST8xrYRXNRxFXHM2SH1i0KriEvrFjRl18dhgoOOjxC9Rwh1p2FmZNc+b+yzHGWfHZh4nNEumkqWsg5PGdV2SDtld6B6kDMqWud8C42u3uWnoHUA9wDZ3QGf+Ik0LbpvnPMOsJrqiDNwuWTLf2VU8YvWhXVKYIm2LvtOO81z5s8nd6t5qkwUTckfKppk0CKlwS2xB7hbsQbkPsgEf48Q8QoFPHZTZlfyjSF6HyBWQdA4oqtFNFw5RLy1kGsv7GkSvoC4tuIPEtPsrFq8oCNrX0e/jO9r6BrnrG4YvxZiiwR71un63Qygkm/KY+NiAceCHFxNYSzUFEFeRKsMeRmkaUF6jyRneKBrwzHwN1nUPqV+F2OfqzGCLaW9ZSa2lqj2r5fBEUc5kPz8p3lHhpHANSIQgnr4dIZFIuYg0qUmPYcVXjSA3gi3n+6LlB6pw+E+YBVOHmhNOKgQpLneYKrAioKbyooAvvghiWAZW3xmL5PZ3WxPt0xOd/UtwfXByMtGB0pt0ITk1VU41qmqT/evwvp7PYQOVnDKP7ON4Y0cbO7g0GjqZytFpAOjPB25GdXia1T2UH9WeXE0LIddtTiKQQx54DxnkRNOPKfBZeqKIwFg6ElAgb+63Nx04PpBXqcYNS8QLmZ/NrS1iSrJ3inlWQS6bmibgZjpPz8fDNTGgdOXpekOcTLMeo6T7H+KcEi4qTJ9+xX3mGiqIXhkwfXdE41ytT32r5TCYnT1krDSUngMUhvZlLgDjV4UUfZVmJA==,iv:A5Rkea2gknuoWlwqhcCCBdDVwPGOHxjsRlwz8I5RS6U=,tag:pyY7RjJYWHnVgBSGdtpQmg==,type:str] + known_hosts: ENC[AES256_GCM,data:YvgtNqz9I0YYd5cl3erR5wp+sG9I5BC5jYWfRZm/qmk1JHaby93U0ZIquLU0VSb3oj5d1FMVQFzloBXTZvc0PROM1rS5Tdq4ypUFFTRQE4MYXediFCyJuhYK69gNkqMR6knD6ve1iRmGYqG3KF5O1pTINA74ANvBPSaYHXTz85CVid+yOB7ju5lyxQh8VL+QkTreXzHZpG0JU6O0Ri3EXOzQkS1ulUFcp7rqZdvxJyC8BQj7Di8JdkkrjVnoJPN9a+Qmdq9pWZxQNGRAr6RhFgZ/RMP4jTBStzg4+jUuQeFz0PTpwMZFOd6UgRZPQ5a4e0Jrr/opmd9Jnc99AXOZjhxfSxWZzIM2D118nPV9Ytk6u8tJdGEfuTAZefF/gVzEeDwMZr5eMWh8nZXmNT5F9USNCPGLUrjH2+7FGFRlRRBMB8Dt0hVxvpF/+J0xOUaxWXQzmpzbihZ3w7mv0LdTkDiDzvJOMFZ+wLJdnnKokpQreNDZVnEzbeNl3gevWR4LyR2KvQ+XmpkT0UxW+/KNCdiJLaEj0mpESMLFWs+TvJtOaFPJ6ewgFpPZ6GthIsRebRVsHpGs1ATBnbVfOhPl6SmM/XW13wOf9goyhVJiOjBhr+myAhJ2YYrvNFbmiNEYdI9LOuFpJbH3+qiFyknSQwNrE7oNFy+JJ/YS5AsPbn9qojnSNjXYRHGUHVR2BJ8WvhsYnr607jcgIIn99IWnGuEtodPEw+uluA/0a9lLS6IBrDUJ2m5LZUq8L/9WvRPFV8cNEMlraJAgNAxOTklecbU+Gw5utIJiX7NxHtqvprkIKSN7A91gYkS0mNMUtHBn0YCqBLly/uh6O6egfRFHMOZaL9apM9Q7k96Tue/jrKg1Isoc1SGZMcnFs4thnFgDfLv2cM3LClcqhZRIMz0RzcJmEvEqDrtqm7EEAbj6ERH4tyiZe8MccErzCnifCTtZK0j9kcAMvvEDtY125QsNh/neyN9pIoddgdRn1QskTVWyMMs3Br/Zu++6jEdG5uBeKscqgc66ArP9EFK4Xug73W0zGDG6vBf2osnIpiMNPvzqxiv2wAlxenyTQunupyAplbdi3f1c0t3VpyNh,iv:v171Lg7rzdA2MUqHoBujfGfYHQ4eJQAUhjhqjSs53vk=,tag:JlM/wYn6ioygxOrUBq+jgw==,type:str] sops: kms: [] gcp_kms: [] @@ -15,14 +15,14 @@ sops: - recipient: age148wprsnqjq8jughvywnzmvs8gffhrkendpr7g60q8u4rdsj4jvuqk7ltrs enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSWWhvWDVTSzdxL0h6QzQy - UFErV2xzR3dGM3QvYnMzaUxacFpNc3UybGhZCndYcXVFR3I0MnU3MGI2N0YrUmNs - Nnh1V0lnbEZVZE1PYkdPaHRTOVZkdVkKLS0tIFhoTlJnTkZKcWd3a0RqaXVzWGZ3 - M1kxTWtqV3pSQUdRS3dTRVd6dmhEYTAKvD19fJso4ipe24xIWMc85SeCgc078Hfv - Ob3yg6OnspTUSsZJB3ONyvtahKbgYJy+XGeiUayE7pJMRO2upvyoJA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoTWxEWENuRnlueTZ3d2pa + ak0vKy90WTNFQkE1TjZESHZDS2taa2oyZ1MwCnR3Z05NR3VLN0JkZFlNSllMSGNh + L08yOVhCNldtbGpzNFpqdXloMlNBN2MKLS0tIEp2WEJabFU3bXZoYWJkaTRqOGxX + MHFycG5sNEVpN0pHN2IveTFtZ3o0K2MKOkI47DfE1evTCSP3qBZ7M3caXVhYteQC + /i2sWF0xbiW6ym+q7YgwHQQOSoncpuX540j52ziXS25x+GsoyMkg6g== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-04-26T21:27:46Z" - mac: ENC[AES256_GCM,data:ea4W3zwB4ftPOKvt7RXlKwNf9Fmf3Zoh1MfhbE+QnjGDGaTd22aXVKMYYp5pdz2y7VjLmpxkd6X2Ca0WdE+WXS8Vhk5wv/n7u7aI1e9Id5501WS4yX9izz58idx5qX4x1lB6rT/xelDoVDyqVDav7QXKxgxiqQ93TAftSXh9nEQ=,iv:QIjl2JcBeiyWz+YI79oqynHQvh/VQadi7zemrfuL2eE=,tag:YnBnoGb5C1O7ZQEWm+DIYg==,type:str] + lastmodified: "2024-04-28T06:25:19Z" + mac: ENC[AES256_GCM,data:Uw3w97pYmm+Nypv3rIIwDX+y997Q1SvQgouTyny9M0LG+2C2EHn98AXTX5SsjVcAn/HOiMb5CwgelT0YtapqL4SCVip1Wbf3SEEd5sPOPrGP5ohei7IAy6nhrP/uisehCZqIY5BClWfxHzwwHMeALp+LrJX7hPohr9XqVkQM7lo=,iv:TBySy1Al3KHF+LXLx1DqQTLhYSjp1we8KkXgKLTW4h8=,tag:+/zPkrKOqPJHogn4qMAnYg==,type:str] pgp: [] encrypted_regex: ^(data|stringData)$ version: 3.8.1 diff --git a/kubernetes/flux/apps.yaml b/kubernetes/flux/apps.yaml index 2284be62..43c3a05d 100644 --- a/kubernetes/flux/apps.yaml +++ b/kubernetes/flux/apps.yaml @@ -21,12 +21,6 @@ spec: name: cluster-settings - kind: Secret name: cluster-secrets - - kind: ConfigMap - name: cluster-settings-user - optional: true - - kind: Secret - name: cluster-secrets-user - optional: true patches: - patch: |- apiVersion: kustomize.toolkit.fluxcd.io/v1 @@ -44,12 +38,6 @@ spec: name: cluster-settings - kind: Secret name: cluster-secrets - - kind: ConfigMap - name: cluster-settings-user - optional: true - - kind: Secret - name: cluster-secrets-user - optional: true target: group: kustomize.toolkit.fluxcd.io kind: Kustomization diff --git a/kubernetes/flux/repositories/git/kustomization.yaml b/kubernetes/flux/repositories/git/kustomization.yaml index ccb4b09e..bb78ecf0 100644 --- a/kubernetes/flux/repositories/git/kustomization.yaml +++ b/kubernetes/flux/repositories/git/kustomization.yaml @@ -2,4 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - local-path-provisioner.yaml + - ./local-path-provisioner.yaml diff --git a/kubernetes/flux/repositories/helm/kustomization.yaml b/kubernetes/flux/repositories/helm/kustomization.yaml index 09432552..f805a068 100644 --- a/kubernetes/flux/repositories/helm/kustomization.yaml +++ b/kubernetes/flux/repositories/helm/kustomization.yaml @@ -1,20 +1,19 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - authelia.yaml - - bjw-s.yaml - - brettinternet.yaml - - cilium.yaml - - descheduler.yaml - - external-dns.yaml - - grafana.yaml - - ingress-nginx.yaml - - jetstack.yaml - - k8s-gateway.yaml - - kubereboot.yaml - - kubernetes-dashboard.yaml - - metrics-server.yaml - - node-feature-discovery.yaml - - openebs.yaml - - prometheus-community.yaml - - stakater.yaml + - ./authelia.yaml + - ./bjw-s.yaml + - ./brettinternet.yaml + - ./cilium.yaml + - ./descheduler.yaml + - ./external-dns.yaml + - ./grafana.yaml + - ./ingress-nginx.yaml + - ./jetstack.yaml + - ./k8s-gateway.yaml + - ./kubereboot.yaml + - ./kubernetes-dashboard.yaml + - ./metrics-server.yaml + - ./openebs.yaml + - ./prometheus-community.yaml + - ./stakater.yaml diff --git a/kubernetes/flux/repositories/kustomization.yaml b/kubernetes/flux/repositories/kustomization.yaml index 6376d3e3..d158d426 100644 --- a/kubernetes/flux/repositories/kustomization.yaml +++ b/kubernetes/flux/repositories/kustomization.yaml @@ -2,6 +2,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - git - - helm - - oci + - ./git + - ./helm + - ./oci diff --git a/provision/ansible/inventory/hosts.yaml b/provision/ansible/inventory/hosts.yaml index 0cf8b78b..4aadd01f 100644 --- a/provision/ansible/inventory/hosts.yaml +++ b/provision/ansible/inventory/hosts.yaml @@ -8,11 +8,11 @@ kubernetes: k3s_primary_control_node: true pi-1: ansible_host: 10.1.2.31 + pi-2: + ansible_host: 10.1.2.32 workers: hosts: - pi-2: - ansible_host: 10.1.2.32 pi-3: ansible_host: 10.1.2.33 pi-4: