diff --git a/argo/apps/values.yaml b/argo/apps/values.yaml index 0097b02..2514d46 100644 --- a/argo/apps/values.yaml +++ b/argo/apps/values.yaml @@ -10,6 +10,11 @@ helmApps: repoURL: https://charts.external-secrets.io chart: external-secrets revision: 0.9.1 + - app: pihole + namespace: external-dns + repoURL: https://mojo2600.github.io/pihole-kubernetes/ + chart: pihole + revision: 2.17.0 - app: prometheus namespace: prometheus repoURL: https://prometheus-community.github.io/helm-charts diff --git a/argo/miniflux/values.yaml b/argo/miniflux/values.yaml index 6a0e4a8..193e52b 100644 --- a/argo/miniflux/values.yaml +++ b/argo/miniflux/values.yaml @@ -2,7 +2,7 @@ # internal name: miniflux namespace: miniflux -serviceAccountName: default +serviceAccountName: miniflux externalSecrets: secretStoreRef: miniflux secrets: diff --git a/argo/pihole/values.yaml b/argo/pihole/values.yaml index f94540a..d7e92ba 100644 --- a/argo/pihole/values.yaml +++ b/argo/pihole/values.yaml @@ -2,52 +2,37 @@ # internal name: pihole namespace: external-dns +serviceAccountName: external-dns externalSecrets: - secretStoreRef: miniflux + secretStoreRef: default secrets: - - secretKey: miniflux_admin_pw - key: miniflux - property: miniflux_admin_pw - - secretKey: miniflux_db_url - key: miniflux - property: miniflux_db_url -istio: - commonName: rss.minhas.io - ingressSelector: ingressgateway - issuer: letsencrypt-prod - port: 80 - backendHost: miniflux - sans: - - miniflux.minhas.io + - secretKey: pihole-password + key: external-dns + property: pihole-password -# app config -env: - - name: BASE_URL - value: https://rss.minhas.io - - name: LISTEN_ADDR - value: 0.0.0.0:80 - - name: RUN_MIGRATIONS - value: 1 - - name: CREATE_ADMIN - value: 1 - - name: ADMIN_USERNAME - value: admin - - name: DATABASE_URL - valueFrom: - secretKeyRef: - name: miniflux - key: miniflux_db_url - - name: ADMIN_PASSWORD - valueFrom: - secretKeyRef: - name: miniflux - key: miniflux_admin_pw +# app +serviceDns: + mixedService: true + type: LoadBalancer + loadBalancerIP: 192.168.0.220 + annotations: + metallb.universe.tf/allow-shared-ip: pihole -service: - main: - ports: - http: - port: 80 +serviceWeb: + loadBalancerIP: 192.168.0.220 + annotations: + metallb.universe.tf/allow-shared-ip: pihole + type: LoadBalancer -postgresql: +serviceDhcp: enabled: false + +DNS1: "192.168.0.1" +DNS2: "192.168.0.1" + +podDnsConfig: + enabled: false + +admin: + existingSecret: pihole + passwordKey: pihole-password diff --git a/argo/secrets/templates/external-secrets.yaml b/argo/secrets/templates/external-secrets.yaml index 2a3c6f3..0385741 100644 --- a/argo/secrets/templates/external-secrets.yaml +++ b/argo/secrets/templates/external-secrets.yaml @@ -33,7 +33,10 @@ roleRef: name: system:auth-delegator subjects: - kind: ServiceAccount - name: {{ .Values.name }} + name: {{ .Values.serviceAccountName }} + namespace: {{ .Values.namespace }} +- kind: ServiceAccount + name: default namespace: {{ .Values.namespace }} ... ---