b67d873c66
Reshapes the three DNS tiers from separate ns-* namespaces into a single bind-internal namespace and renames the StatefulSets, and scopes the TSIG keys to their cluster (needs the clusterRef field from operator v0.1.3). - move the 3 clusters + zones + keys into apps/base/bind-internal: BindCluster names bind-authoritative / bind-resolvers / bind-externaldns (= StatefulSet names), LBs kept on .6/.7/.8, external-dns hostnames renamed - add clusterRef to the transfer-key (bind-authoritative) and externaldns-key (bind-externaldns) TSIG keys so they no longer leak across clusters - remove the old ns-auth / ns-resolver / ns-externaldns apps - ApplicationSet + AppProject: replace the three ns-* entries with bind-internal - bump bind-system operator to v0.1.3 (CRD install link + image) so the CRDs understand the new clusterRef field - operator stays in bind-system (unchanged)
64 lines
2.0 KiB
YAML
64 lines
2.0 KiB
YAML
---
|
|
apiVersion: argoproj.io/v1alpha1
|
|
kind: ApplicationSet
|
|
metadata:
|
|
name: platform-apps
|
|
namespace: argocd
|
|
spec:
|
|
generators:
|
|
- git:
|
|
repoURL: https://git.unkin.net/unkin/argocd-apps
|
|
revision: HEAD
|
|
directories:
|
|
- path: apps/overlays/*/authentik
|
|
- path: apps/overlays/*/artifactapi
|
|
- path: apps/overlays/*/bind-system
|
|
- path: apps/overlays/*/bind-internal
|
|
- path: apps/overlays/*/age-api
|
|
- path: apps/overlays/*/cattle-system
|
|
- path: apps/overlays/*/cert-manager
|
|
- path: apps/overlays/*/certificates
|
|
- path: apps/overlays/*/cnpg-system
|
|
- path: apps/overlays/*/consul
|
|
- path: apps/overlays/*/elastic-system
|
|
- path: apps/overlays/*/externaldns
|
|
- path: apps/overlays/*/inteldeviceplugins-system
|
|
- path: apps/overlays/*/jfrog
|
|
- path: apps/overlays/*/kanidm
|
|
- path: apps/overlays/*/node-feature-discovery
|
|
- path: apps/overlays/*/priority-classes
|
|
- path: apps/overlays/*/puppet
|
|
- path: apps/overlays/*/purelb
|
|
- path: apps/overlays/*/reflector-system
|
|
- path: apps/overlays/*/reloader-system
|
|
- path: apps/overlays/*/reposync
|
|
- path: apps/overlays/*/traefik-system
|
|
- path: apps/overlays/*/vm-system
|
|
- path: apps/overlays/*/vault
|
|
- path: apps/overlays/*/vso-system
|
|
- path: apps/overlays/*/woodpecker
|
|
template:
|
|
metadata:
|
|
name: 'platform-{{path[3]}}' # cluster-app format (e.g., platform-reflector-system)
|
|
spec:
|
|
project: platform
|
|
source:
|
|
repoURL: https://git.unkin.net/unkin/argocd-apps
|
|
targetRevision: HEAD
|
|
path: '{{path}}'
|
|
destination:
|
|
server: https://kubernetes.default.svc
|
|
namespace: '{{path[3]}}' # Use directory name as namespace
|
|
ignoreDifferences:
|
|
- group: ""
|
|
kind: ConfigMap
|
|
name: kanidm-repl-certs
|
|
jsonPointers:
|
|
- /data
|
|
syncPolicy:
|
|
automated:
|
|
prune: true
|
|
selfHeal: true
|
|
syncOptions:
|
|
- ServerSideApply=true
|