Files
argocd-apps/apps/overlays/au-syd1/externaldns/values.yaml
T
unkinben f6bc2fcf7a
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/kubeconform Pipeline failed
feat(externaldns): upgrade to 1.21.1, fix sources for installed CRDs
- Bump chart from 1.19.0 to 1.21.1 (app v0.19.0 -> v0.21.0)
- Remove gateway-tcproute source (TCPRoute CRD not installed)
- Add gateway-tlsroute source (TLSRoute CRD is installed)
2026-05-23 01:26:29 +10:00

57 lines
1.3 KiB
YAML

# Service account configuration
serviceAccount:
create: true
name: externaldns
annotations: {}
# Provider configuration - using new format
provider:
name: rfc2136
# Domain filtering
domainFilters:
- "k8s.syd1.au.unkin.net"
- "200.18.198.in-addr.arpa"
# TXT registry configuration
txtOwnerId: "k8s"
registry: "txt"
# Enable deletion of records for dedicated DNS server
policy: "sync"
# Keep default sources
sources:
- service
- ingress
- gateway-httproute
- gateway-tlsroute
- gateway-grpcroute
# Environment variables for TSIG secret and algorithm from Vault
env:
- name: EXTERNAL_DNS_RFC2136_TSIG_SECRET
valueFrom:
secretKeyRef:
name: externaldns-tsig
key: secret
- name: EXTERNAL_DNS_RFC2136_TSIG_ALGORITHM
valueFrom:
secretKeyRef:
name: externaldns-tsig
key: algorithm
# RFC2136 configuration as arguments
extraArgs:
- --rfc2136-host=ausyd1nxvm2127.main.unkin.net
- --rfc2136-port=53
- --rfc2136-zone=k8s.syd1.au.unkin.net
- --rfc2136-zone=200.18.198.in-addr.arpa
- --rfc2136-tsig-keyname=externaldns-key
- --rfc2136-tsig-secret-alg=$(EXTERNAL_DNS_RFC2136_TSIG_ALGORITHM)
- --rfc2136-tsig-axfr
- --rfc2136-tsig-secret=$(EXTERNAL_DNS_RFC2136_TSIG_SECRET)
- --ingress-class=nginx
logLevel: debug