argo1/argo1/values.yaml

bootstrap:
  source:
    repoURL: "https://git.strudelline.net/infra/argo1"
    targetRevision: "prod"

cert-manager:
  enabled: true
  values: |
    extraArgs:
    - --dns01-recursive-nameservers-only
    - --dns01-recursive-nameservers=8.8.8.8:53,1.1.1.1:53
    ingressShim.defaultIssuerKind: ClusterIssuer
    ingressShim.defaultIssuerName: zerossl
    installCRDs: "true"

haproxy-ingress:
  enabled: true
  values: |-
    controller:
      config:
        fronting-proxy-port: "81"
      extraArgs:
        watch-ingress-without-class: ""
      ingressClass: haproxy
      ingressClassResource:
        default: true
        enabled: true
        parameters: {}
      logs:
        enabled: true
      metrics:
        enabled: true
      service:
        annotations:
          metallb.universe.tf/allow-shared-ip: 172.16.17.80
          metallb.universe.tf/loadBalancerIPs: 172.16.17.80
        type: LoadBalancer
      stats:
        enabled: true
      tcp:
        "81": ""
    serviceAccount:
      create: true

argo-cd:
  crds:
    install: false

  configs:
    params:
      "server.insecure": "true"

  controller:
    replicas: 1

  server:
    ingress:
      enabled: true
      hosts: &hhosts
      - argocd.strudelline.net
      tls:
      - hosts: *hhosts
        secretName: wildcard-tls
    ingressGrpc:
      enabled: true
      hosts: &ghosts
      - grpc-argocd.strudelline.net
      tls:
      - hosts: *ghosts
        secretName: wildcard-tls

cluster-resources:
  enabled: true
  repoURL: 'https://git.strudelline.net/infra/kube-cascade'

vault-agent-injector:
  enabled: true
  values: |
    global:
      enabled: false
      externalVaultAddr: https://vault.strudelline.net
    injector:
      affinity: ""
      agentImage:
        repository: jamesandariese/vault-with-ca
      enabled: true
      failurePolicy: Fail

nfs:
  enabled: true
  values: |
    nfs:
      path: /volume1/k8s-volumes
      server: 172.16.18.1
    storageClass:
      name: nfs

openebs:
  enabled: true
  values: |
    jiva:
      enabled: false
    legacy:
      enabled: false
    localprovisioner:
      enabled: false
    localpv-provisioner:
      enabled: true
    lvm-localpv:
      enabled: true
    ndm:
      enabled: false

external-secrets:
  enabled: true
  values: |
    extraContainers:
      - name: bitwarden-cli
        image: jamesandariese/bitwarden-docker:latest
        imagePullPolicy: IfNotPresent
        env:
          - name: BW_HOST
            valueFrom:
              secretKeyRef:
                name: bitwarden-user
                key: BW_HOST
          - name: BW_USERNAME
            valueFrom:
              secretKeyRef:
                name: bitwarden-user
                key: BW_USERNAME
          - name: BW_PASSWORD
            valueFrom:
              secretKeyRef:
                name: bitwarden-user
                key: BW_PASSWORD
        ports:
          - name: http
            containerPort: 8087
            protocol: TCP
        livenessProbe:
          exec:
            command:
              - wget
              - -q
              - http://127.0.0.1:8087/sync
              - --post-data=''
          initialDelaySeconds: 20
          failureThreshold: 3
          timeoutSeconds: 1
          periodSeconds: 120
        readinessProbe:
          tcpSocket:
            port: 8087
          initialDelaySeconds: 20
          failureThreshold: 3
          timeoutSeconds: 1
          periodSeconds: 10
        startupProbe:
          tcpSocket:
            port: 8087
          initialDelaySeconds: 10
          failureThreshold: 30
          timeoutSeconds: 1
          periodSeconds: 5

metallb: {enabled: true}
pgo: {enabled: true}
secrets: {enabled: true}
sealed-secrets: {enabled: true}
template-operator: {enabled: true}
trust-manager: {enabled: true}
initial import 2023-04-24 02:05:13 +00:00			`bootstrap:`
			`source:`
adapt for cascade 2023-04-24 03:02:35 +00:00			`repoURL: "https://git.strudelline.net/infra/argo1"`
			`targetRevision: "prod"`
initial import 2023-04-24 02:05:13 +00:00
add cert-manager 2023-04-27 01:07:30 +00:00			`cert-manager:`
			`enabled: true`
			`values: \|`
configure cert-manager for cascade 2023-04-27 01:09:32 +00:00			`extraArgs:`
			`- --dns01-recursive-nameservers-only`
			`- --dns01-recursive-nameservers=8.8.8.8:53,1.1.1.1:53`
			`ingressShim.defaultIssuerKind: ClusterIssuer`
			`ingressShim.defaultIssuerName: zerossl`
add cert-manager 2023-04-27 01:07:30 +00:00			`installCRDs: "true"`

configure haproxy-ingress 2023-04-24 03:32:52 +00:00			`haproxy-ingress:`
			`enabled: true`
			`values: \|-`
			`controller:`
			`config:`
			`fronting-proxy-port: "81"`
			`extraArgs:`
			`watch-ingress-without-class: ""`
			`ingressClass: haproxy`
			`ingressClassResource:`
			`default: true`
			`enabled: true`
			`parameters: {}`
			`logs:`
			`enabled: true`
			`metrics:`
			`enabled: true`
			`service:`
			`annotations:`
			`metallb.universe.tf/allow-shared-ip: 172.16.17.80`
			`metallb.universe.tf/loadBalancerIPs: 172.16.17.80`
			`type: LoadBalancer`
			`stats:`
			`enabled: true`
			`tcp:`
			`"81": ""`
			`serviceAccount:`
			`create: true`

initial import 2023-04-24 02:05:13 +00:00			`argo-cd:`
			`crds:`
			`install: false`

			`configs:`
			`params:`
			`"server.insecure": "true"`
adds vault-agent-injector 2023-04-26 13:20:20 +00:00
add ingress to argo-cd, configure vault agent injector 2023-04-24 03:47:04 +00:00			`controller:`
			`replicas: 1`

			`server:`
			`ingress:`
			`enabled: true`
			`hosts: &hhosts`
			`- argocd.strudelline.net`
			`tls:`
			`- hosts: *hhosts`
			`secretName: wildcard-tls`
			`ingressGrpc:`
			`enabled: true`
			`hosts: &ghosts`
			`- grpc-argocd.strudelline.net`
			`tls:`
			`- hosts: *ghosts`
			`secretName: wildcard-tls`

add cluster resources 2023-04-28 00:11:01 +00:00			`cluster-resources:`
Merge branch 'main' into prod Configure for cascade while fixing merge conflict 2023-04-28 00:12:04 +00:00			`enabled: true`
			`repoURL: 'https://git.strudelline.net/infra/kube-cascade'`
add cluster resources 2023-04-28 00:11:01 +00:00
adds vault-agent-injector 2023-04-26 13:20:20 +00:00			`vault-agent-injector:`
re-enable vault provisioner after disabling on main branch 2023-04-27 00:13:37 +00:00			`enabled: true`
adds vault-agent-injector 2023-04-26 13:20:20 +00:00			`values: \|`
			`global:`
			`enabled: false`
add ingress to argo-cd, configure vault agent injector 2023-04-24 03:47:04 +00:00			`externalVaultAddr: https://vault.strudelline.net`
			`injector:`
			`affinity: ""`
			`agentImage:`
			`repository: jamesandariese/vault-with-ca`
			`enabled: true`
			`failurePolicy: Fail`
add nfs subdir provisioner 2023-04-26 23:56:49 +00:00
			`nfs:`
add nfs provisioner config for cascade 2023-04-27 00:12:35 +00:00			`enabled: true`
			`values: \|`
			`nfs:`
			`path: /volume1/k8s-volumes`
			`server: 172.16.18.1`
			`storageClass:`
			`name: nfs`
add openebs helm chart 2023-04-27 00:27:56 +00:00
			`openebs:`
configure openebs for cascade 2023-04-27 00:42:37 +00:00			`enabled: true`
add openebs helm chart 2023-04-27 00:27:56 +00:00			`values: \|`
configure openebs for cascade 2023-04-27 00:42:37 +00:00			`jiva:`
			`enabled: false`
			`legacy:`
			`enabled: false`
			`localprovisioner:`
			`enabled: false`
			`localpv-provisioner:`
			`enabled: true`
			`lvm-localpv:`
			`enabled: true`
			`ndm:`
			`enabled: false`
move unconfigurable template configs to the end unconfigurable templates configurations (to enable or disable them on a single line) moved to the end to help git rebase 2023-04-27 00:31:08 +00:00
add localhost bitwarden rest api to external secrets 2023-07-12 16:34:17 +00:00			`external-secrets:`
			`enabled: true`
			`values: \|`
			`extraContainers:`
			`- name: bitwarden-cli`
			`image: jamesandariese/bitwarden-docker:latest`
			`imagePullPolicy: IfNotPresent`
			`env:`
			`- name: BW_HOST`
			`valueFrom:`
			`secretKeyRef:`
			`name: bitwarden-user`
			`key: BW_HOST`
			`- name: BW_USERNAME`
			`valueFrom:`
			`secretKeyRef:`
			`name: bitwarden-user`
			`key: BW_USERNAME`
			`- name: BW_PASSWORD`
			`valueFrom:`
			`secretKeyRef:`
			`name: bitwarden-user`
			`key: BW_PASSWORD`
			`ports:`
			`- name: http`
			`containerPort: 8087`
			`protocol: TCP`
			`livenessProbe:`
			`exec:`
			`command:`
			`- wget`
			`- -q`
			`- http://127.0.0.1:8087/sync`
			`- --post-data=''`
			`initialDelaySeconds: 20`
			`failureThreshold: 3`
			`timeoutSeconds: 1`
			`periodSeconds: 120`
			`readinessProbe:`
			`tcpSocket:`
			`port: 8087`
			`initialDelaySeconds: 20`
			`failureThreshold: 3`
			`timeoutSeconds: 1`
			`periodSeconds: 10`
			`startupProbe:`
			`tcpSocket:`
			`port: 8087`
			`initialDelaySeconds: 10`
			`failureThreshold: 30`
			`timeoutSeconds: 1`
			`periodSeconds: 5`

add metallb 2023-04-28 01:45:29 +00:00			`metallb: {enabled: true}`
add pgo 2023-04-28 01:09:43 +00:00			`pgo: {enabled: true}`
move unconfigurable template configs to the end unconfigurable templates configurations (to enable or disable them on a single line) moved to the end to help git rebase 2023-04-27 00:31:08 +00:00			`secrets: {enabled: true}`
			`sealed-secrets: {enabled: true}`
add template-operator 2023-04-28 02:01:59 +00:00			`template-operator: {enabled: true}`
add trust-manager and enabled config 2023-04-27 00:46:53 +00:00			`trust-manager: {enabled: true}`