Files
argocd-apps/apps/overlays/au-syd1/externaldns/values.yaml
T
unkinben 9dde582cc2
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/kubeconform Pipeline was successful
fix: remove tlsroute/udproute
https://github.com/kubernetes-sigs/external-dns/issues/6247

these are still using the alpha crd names. the feature has not been
released for externaldns yet. we would need to build our own version of
externaldns from master (or wait)

- disable tlsroute/udproute
2026-05-23 01:14:20 +10:00

57 lines
1.3 KiB
YAML

# Service account configuration
serviceAccount:
create: true
name: externaldns
annotations: {}
# Provider configuration - using new format
provider:
name: rfc2136
# Domain filtering
domainFilters:
- "k8s.syd1.au.unkin.net"
- "200.18.198.in-addr.arpa"
# TXT registry configuration
txtOwnerId: "k8s"
registry: "txt"
# Enable deletion of records for dedicated DNS server
policy: "sync"
# Keep default sources
sources:
- service
- ingress
- gateway-httproute
- gateway-grpcroute
- gateway-tcproute
# Environment variables for TSIG secret and algorithm from Vault
env:
- name: EXTERNAL_DNS_RFC2136_TSIG_SECRET
valueFrom:
secretKeyRef:
name: externaldns-tsig
key: secret
- name: EXTERNAL_DNS_RFC2136_TSIG_ALGORITHM
valueFrom:
secretKeyRef:
name: externaldns-tsig
key: algorithm
# RFC2136 configuration as arguments
extraArgs:
- --rfc2136-host=ausyd1nxvm2127.main.unkin.net
- --rfc2136-port=53
- --rfc2136-zone=k8s.syd1.au.unkin.net
- --rfc2136-zone=200.18.198.in-addr.arpa
- --rfc2136-tsig-keyname=externaldns-key
- --rfc2136-tsig-secret-alg=$(EXTERNAL_DNS_RFC2136_TSIG_ALGORITHM)
- --rfc2136-tsig-axfr
- --rfc2136-tsig-secret=$(EXTERNAL_DNS_RFC2136_TSIG_SECRET)
- --ingress-class=nginx
logLevel: debug