From 9b1f3d6e587161c51fd59eb7b5972670daca147b Mon Sep 17 00:00:00 2001 From: Steffen Illium Date: Wed, 27 Mar 2024 23:39:14 +0100 Subject: [PATCH] sealed secrets --- apps/gitea/base/admin-sealed.yaml | 23 +++++++++++++++++++++++ apps/gitea/base/gitea-ingress.yaml | 15 +++++++++++++++ apps/gitea/base/values.yaml | 2 ++ apps/gitea/kustomization.yaml | 1 + tmp.yaml | 8 ++++++++ 5 files changed, 49 insertions(+) create mode 100644 apps/gitea/base/admin-sealed.yaml create mode 100644 apps/gitea/base/gitea-ingress.yaml create mode 100644 tmp.yaml diff --git a/apps/gitea/base/admin-sealed.yaml b/apps/gitea/base/admin-sealed.yaml new file mode 100644 index 0000000..905b8b5 --- /dev/null +++ b/apps/gitea/base/admin-sealed.yaml @@ -0,0 +1,23 @@ +{ + "kind": "SealedSecret", + "apiVersion": "bitnami.com/v1alpha1", + "metadata": { + "name": "gitea-admin-secret", + "namespace": "default", + "creationTimestamp": null + }, + "spec": { + "template": { + "metadata": { + "name": "gitea-admin-secret", + "namespace": "default", + "creationTimestamp": null + }, + "type": "Opaque" + }, + "encryptedData": { + "password": "AgAeSr97ehy8U/DiBNzS10+4f5YBixOgpR7wRFuv7gumNJOJvgOfsPGEWfRyzMD6VzebddNFhWbnkmZ9RptWs1qOHaXxh+gwpf7+aUOgaOl6QaeXiT5qgov+94bdQKITLmuxDGWaO1TbZQznoqzOjxw0wqU2ZE8pzvoLtips3i0q4ddbWK2WhdijUfTROXLthbdUDmhKUcinzLhU34g7xrYy4FCA0Nlh0MlmDXf33pPWjeVzjXEBAG3AKmG9GHE3yLdBtMCjKX8HGZ6Z/YnhF1AYzhK0UiZQZP+7xYGGm52cXKiDnJbh4A+hm02eQQWseBdHqAxmbPtqEQis9U90TwDoXg14tk+nwNIV4sG798dhxezIPXRHiar2odxAnfWVNdNIu+zNa9s6EvTYG0Bu/ssI1vcsnnvhu4n2DOlLucHCfsgJNqVqyns7PI3/b/qwlPly43UOwkC2B5lP8W5z5ztuLR5Dt2+6JP9CvuYRE8QUYNh5Ge0xx8RaQbM9NMgMWt61BD3n9sknzwA/CxMNc9RhDDxF53dJ5FLqhlSuksaflXSVZ6TAqarHmS5aomu0dDceaFQFhSh/TaUbx3t9g9Dzv0LgKNXQixE3sXDrPfCv184hUO+FjMB2K61NIpnkineC1OWe2Y+ciXtfOOcdaeJi1ey0WMU8LgxpdCHIUae7ZhzrTMraMZKtUKsBN4nJLHlGUSZ2EB5klmNnmUhlaLPD", + "username": "AgBYMhLA7nbCu+dhZl4mXHE7kmK9mJeHBjvlxF25KgJ44SqSo4O0rOBNby62bO0P2H4nhU/YbjiUOoqNjdsPgPbkEBWVpnKAHWCRwARGDu93HhDqSD4E3jWjjyqH0++BwcNbpxXOMltSHMGaPWTtLH27Hx3eKrb9+P8Rzb6KVVD75njXMeIeT/cJDOzNOPH9CaFAgIBviSdXnakcGNSVDnTjAcIfcD0VIuaBQBIqc/dLs1nVrJEuG5b5rMvOi3yahyspE2mjUgKeZkX7Yu1RCscMT+e5VY4ArbSWix0tUiIRAG2TmLAH6bF5H8nF1jkzUemBuPilNbyG67llo8ecCUdTYflr5L/aw8KnC1DnkJQ5gC7CxH1G8qMWLDIAz0s1QS8BLliMCMKMc5+K6tIifmdtQCEddmCQ9tHiTu6cvjNiwnwrZR6l51dxhgjpWqNpENvsls4+n/pezvJ4BOQNSZDsiDAXqkMHKFp2Cb4JOJR7fUj1nSLgd65i11DLU8iOfiz7j7tOIMhnSQju0TJVOMAVD47xDWNTO0pTE5UnxHyzGKwMd/4ZCU9eU67mYA3PrprwExlfRLJdOnJxxXBiQ9MrdGV2FMAd2d12atoyrf70JxRSb0EqV9OFaJGH81GFaIGK+edIaAolDjw4n9tD1Tky4dXEwmqgz/kvTsyZdkMoxencb0SrCdEMtHBeL4hO79zFioFDIv+M" + } + } +} diff --git a/apps/gitea/base/gitea-ingress.yaml b/apps/gitea/base/gitea-ingress.yaml new file mode 100644 index 0000000..3b8cfe7 --- /dev/null +++ b/apps/gitea/base/gitea-ingress.yaml @@ -0,0 +1,15 @@ +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: gitea + namespace: gitea +spec: + entryPoints: + - web + - websecure + routes: + - match: Host(`gitea.steffenillium.de`) + kind: Rule + services: + - name: gitea + port: 3000 diff --git a/apps/gitea/base/values.yaml b/apps/gitea/base/values.yaml index ad7a4c8..961e1fa 100644 --- a/apps/gitea/base/values.yaml +++ b/apps/gitea/base/values.yaml @@ -37,3 +37,5 @@ gitea: SSH_LISTEN_PORT: 22 SSH_PORT: 22 ENABLE_PPROF: false + admin: + existingSecret: gitea-admin-secret diff --git a/apps/gitea/kustomization.yaml b/apps/gitea/kustomization.yaml index 73f2499..9139ef9 100644 --- a/apps/gitea/kustomization.yaml +++ b/apps/gitea/kustomization.yaml @@ -5,6 +5,7 @@ namespace: gitea resources: - base/gitea-ingress.yaml + - base/admin-sealed.yaml helmCharts: - name: gitea diff --git a/tmp.yaml b/tmp.yaml new file mode 100644 index 0000000..42a868e --- /dev/null +++ b/tmp.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Secret +metadata: + name: gitea-admin-secret +type: Opaque +stringData: + username: steffen + password: AZt6fd3pG5BD94jY