vlad/k8s-lab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7b8ac8ac1d
k8s-lab/k3s/rpi/my-stuff/digital-garden/digital-garden.yaml
Vlad 7b8ac8ac1d Moved nginx data folder (tied to PVC)
2025-06-21 21:52:40 +01:00

226 lines
14 KiB
YAML
Raw Blame History

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
namespace: my-stuff
name: digital-garden-data-pvc
spec:
storageClassName: ENC[AES256_GCM,data:p9G+aUeBRLFJCQ==,iv:wdFBeRxvTjCrpMyNwnWUcAzbGOoimqtiylGdsMvsKB0=,tag:xRcdCyS7xrgM4XXt1hEmnQ==,type:str]
accessModes:
- ENC[AES256_GCM,data:I2YpI2SCvVv/dcFcRw==,iv:VeXEVbcpqJ4+l50lKb1nRYfz6FZy3M56eKum6WDra38=,tag:tC7xYE6kK6mvvmdJUrmV5A==,type:str]
resources:
requests:
storage: ENC[AES256_GCM,data:e6K5uA==,iv:QUcWCmpufA8jjLk/iVmqdGCtaHc9l61+12SO4vmQOao=,tag:UOarBXlh17loQ/0r97TdPQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1u0mt3kmhsr9tz2jaw8n0ztu7s9hnlffkd2acxf85cvk6tysj4gsqqulfdq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDUC8vMXpZMk5oZ0xjMFZo
VWptcGxOMmRzV3NCaU9HUmNVN2hJQWJRdFZZCnB3Wnc2YVZQRmlkVXFUd3I2NEcr
QWRtOTFnZS9lQTE2Q0x6RkFOZDRrZUUKLS0tIGlETXdiVUlMc3oyREpaTldJZWlT
b1lPeGpXTkxMSmEwbkxsQUNxbjNkQTgKDcYSPWLC4rvfnMSY+FmC6gu2Uafy1/lp
dCvkGOAJ4IEAW/7ZuIf2JTLw5jth9048FT7GozowwpuuFsY/LJltwg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-06-21T20:51:54Z"
mac: ENC[AES256_GCM,data:akQnRuMqsnwX4dLlmDX0r7tk0TNH6R1pIPAaa1JwILOPjUowFGl2rmMWZkg/dI99gIXcEd6NpBSoKKU0uU1SYi3Zqcf5IEPoUmQK/10VkgmvOtGhRrER9lsyAW6UYCfajU33V8IG/sSnd8b5cw6he5sIiKNNmFmt5d742vXpoCY=,iv:GO6/8bjvdmncnNJ02vQO9A2q08I1z8C2CpCVRAv7mTc=,tag:ooo0dbXcXyTqkWPzcXrBLw==,type:str]
pgp: []
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
version: 3.9.1
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: digital-garden-prod-tls
namespace: my-stuff
spec:
secretName: ENC[AES256_GCM,data:HMqibdEe3hDlkPZCLhNN4Nt5XN4sTMc=,iv:z7lVnhZ57a8kM9VuaHdPIhrz5u4FTjV2sUj3cIBl/rU=,tag:hQomDTauSBeaoeqZblsI/w==,type:str]
#ENC[AES256_GCM,data:EJBEWw==,iv:MruhR0TkldLSO4nSLWZ3ZtyD0/6wOa8p8IWaaiNlHUw=,tag:vtes3aEWbeUQWK2zH5VI+g==,type:comment]
duration: ENC[AES256_GCM,data:2zCfdU8=,iv:W6i9q29vJT6I1Q+WYAYkv4NY8u8dNWamW8yONFSX8I8=,tag:djsHQedLLbpxn6onmTsFCg==,type:str]
#ENC[AES256_GCM,data:2uJQDA==,iv:qSn73IGz1jgyMCRdX11c3T6dCpyydqFhmBBf9qUfkbA=,tag:Z3VraHaJYUO+NEyEVTsIKA==,type:comment]
renewBefore: ENC[AES256_GCM,data:ebksGA==,iv:5aCwCPjxvaPhJtND+EKSRK/ItPq0pPTbY6fHKa5VP2I=,tag:hLo4dmoBQCmfU1Btokp/CQ==,type:str]
subject:
organizations:
- ENC[AES256_GCM,data:V1JB,iv:f182yfKZy5OPoWBxZV6yXzxA/miBZ0iDIqznWJaYS4g=,tag:D553UNT9MV+fcR+iPkkwCg==,type:str]
commonName: ENC[AES256_GCM,data:UplSjtfZAc+rXB5kZOwJXdeQ48/Fw1HGMAyM,iv:5KzBp/wIi6uBnNrtD/0NrCXwXqQgZeKgCF+6uMWPp3s=,tag:txR185llV9/0fmo3i9JG/w==,type:str]
isCA: ENC[AES256_GCM,data:RCxFgNY=,iv:mhonx6KfQM/t645vzQ8I3bQWkBfMKihzzb4MPmEwm/0=,tag:4UEMDl5CPrQqP/g1YvHCPw==,type:bool]
privateKey:
algorithm: ENC[AES256_GCM,data:ViqK,iv:4+8QOumehqLV6RXsR1tTt9IXMOqSdCQ1CZ7k7uzfkhc=,tag:8Wj0gyHU3oRmYDrncwFRxg==,type:str]
encoding: ENC[AES256_GCM,data:MJaXBJY=,iv:HgofdklE7RjnREo3LbLLa7usQZg0n8KOK3IN9Yhe35k=,tag:BjgJma1lOLjbZl044amC9Q==,type:str]
size: ENC[AES256_GCM,data:J0+dCg==,iv:MakhiWwgOmn4XQtMdXW/LiEkdhtica62A/BoH8X+78Y=,tag:LZA+OfHuGmQLucGtSrFh9g==,type:int]
usages:
- ENC[AES256_GCM,data:Dk5TlXI73X7zDKo=,iv:a8y9Fg/ciH5Je0/OeniyKAIYbf+EGSU002RDdsKsUok=,tag:rST5C/5WqixSWuN+pPDYTQ==,type:str]
- ENC[AES256_GCM,data:Oso4CBZQKBcvcVc=,iv:4QOoY2Zfr1NZCDKr//WWMZKztuKnvH+jYHKF3AZ1cYE=,tag:ggiqvwP0Gg8Sl2axtHpjdA==,type:str]
dnsNames:
- ENC[AES256_GCM,data:p7Si8UPvz0RQvqx5892Xo9O5GrQTkwpnm7mC,iv:PcMamAUs6MsHb7AQB40k6qPwIbGLU8IaY8b+xpROVKY=,tag:7tZUwisqtSxgJ3vcL/5EnA==,type:str]
issuerRef:
name: ENC[AES256_GCM,data:TYFnDm/TDR2TF3/An6VVLw==,iv:/eO/6y0/lkmw2SRLKIOApF90HD5a/xCWvtOA2MpXWTY=,tag:rrCulaILrLaQ3AT2fe7b+w==,type:str]
kind: ClusterIssuer
group: ENC[AES256_GCM,data:AuA8LhNYttMcFDkJ/sHc,iv:q9fLHDtLvwBQF3J7++AC7sQlNjD8H4TDhNZGmjzhGjk=,tag:Z5Jhky/eHPceUv99srEexA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1u0mt3kmhsr9tz2jaw8n0ztu7s9hnlffkd2acxf85cvk6tysj4gsqqulfdq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDUC8vMXpZMk5oZ0xjMFZo
VWptcGxOMmRzV3NCaU9HUmNVN2hJQWJRdFZZCnB3Wnc2YVZQRmlkVXFUd3I2NEcr
QWRtOTFnZS9lQTE2Q0x6RkFOZDRrZUUKLS0tIGlETXdiVUlMc3oyREpaTldJZWlT
b1lPeGpXTkxMSmEwbkxsQUNxbjNkQTgKDcYSPWLC4rvfnMSY+FmC6gu2Uafy1/lp
dCvkGOAJ4IEAW/7ZuIf2JTLw5jth9048FT7GozowwpuuFsY/LJltwg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-06-21T20:51:54Z"
mac: ENC[AES256_GCM,data:akQnRuMqsnwX4dLlmDX0r7tk0TNH6R1pIPAaa1JwILOPjUowFGl2rmMWZkg/dI99gIXcEd6NpBSoKKU0uU1SYi3Zqcf5IEPoUmQK/10VkgmvOtGhRrER9lsyAW6UYCfajU33V8IG/sSnd8b5cw6he5sIiKNNmFmt5d742vXpoCY=,iv:GO6/8bjvdmncnNJ02vQO9A2q08I1z8C2CpCVRAv7mTc=,tag:ooo0dbXcXyTqkWPzcXrBLw==,type:str]
pgp: []
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
version: 3.9.1
---
apiVersion: v1
kind: Service
metadata:
labels:
app: digital-garden
name: digital-garden-svc
namespace: my-stuff
spec:
type: ClusterIP
ports:
- port: ENC[AES256_GCM,data:naMg,iv:0WpCifqxnFv0z8/OODy12P7DTNrw2KdsxcLGu6a/b3k=,tag:3nkRuF+RkkPUmLJWZKV3Dg==,type:int]
protocol: ENC[AES256_GCM,data:MSVj,iv:h9pa/9IwCYoA9zulXLu3jKcWs5B7mypT9Vsu/+mjZeM=,tag:pKsJiA83tCxXumc6BCc+hA==,type:str]
targetPort: ENC[AES256_GCM,data:ZBg=,iv:Oygh96YRSxDn8Zxynhf8CqN6FK7QyjLG33GJprlh1a8=,tag:bcwQmY8+8ZtDPXRff0ukoQ==,type:int]
selector:
app: ENC[AES256_GCM,data:fY6PNZIENnQmz3Pjqdc=,iv:oCzWl1fJe4xu+yQKLAnufFXWAhfec+OJtDreQdNXFjk=,tag:42JksDvCJSFZM0DJgVoQnQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1u0mt3kmhsr9tz2jaw8n0ztu7s9hnlffkd2acxf85cvk6tysj4gsqqulfdq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDUC8vMXpZMk5oZ0xjMFZo
VWptcGxOMmRzV3NCaU9HUmNVN2hJQWJRdFZZCnB3Wnc2YVZQRmlkVXFUd3I2NEcr
QWRtOTFnZS9lQTE2Q0x6RkFOZDRrZUUKLS0tIGlETXdiVUlMc3oyREpaTldJZWlT
b1lPeGpXTkxMSmEwbkxsQUNxbjNkQTgKDcYSPWLC4rvfnMSY+FmC6gu2Uafy1/lp
dCvkGOAJ4IEAW/7ZuIf2JTLw5jth9048FT7GozowwpuuFsY/LJltwg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-06-21T20:51:54Z"
mac: ENC[AES256_GCM,data:akQnRuMqsnwX4dLlmDX0r7tk0TNH6R1pIPAaa1JwILOPjUowFGl2rmMWZkg/dI99gIXcEd6NpBSoKKU0uU1SYi3Zqcf5IEPoUmQK/10VkgmvOtGhRrER9lsyAW6UYCfajU33V8IG/sSnd8b5cw6he5sIiKNNmFmt5d742vXpoCY=,iv:GO6/8bjvdmncnNJ02vQO9A2q08I1z8C2CpCVRAv7mTc=,tag:ooo0dbXcXyTqkWPzcXrBLw==,type:str]
pgp: []
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
version: 3.9.1
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
# Same namespace as the deployment
namespace: my-stuff
# Name of the ingress (see kubectl get ingress -A)
name: digital-garden-ingress
annotations:
# < use letsencrypt-prod application in kubernetes to generate ssl certificate
cert-manager.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/proxy-body-size: 512m
spec:
ingressClassName: ENC[AES256_GCM,data:p4/SpGc=,iv:RHf7GR8RWRv8Bo4nFm8pUNmj8307/XJBl8xJYkPqfA8=,tag:DX1CTUG3teyQptTBDpIsNA==,type:str]
tls:
- hosts:
- ENC[AES256_GCM,data:524hG1/+EGwtk+HoTuvwuYU0Mabnx2+m0A==,iv:uSbfliTvtxnMDT5KHCUcu2g1JZ2cyIL+xMXoEVeeITY=,tag:waK+EgTElDPxT8cLdqSSug==,type:comment]
- ENC[AES256_GCM,data:XtkFXu1t35OzQHs1Xo4hT2TxVWjyG6KtVt+M,iv:32iTq0DV3pi1SE3LWq3MMadJ/vA3Zf1eb/haCBItMWk=,tag:7hEKzAvBg1DUeRYLyloQpg==,type:str]
#ENC[AES256_GCM,data:87MfDFnTxQND1piWJ8XFnG2jFr9jsjHW2ZPcV+thEg02cIqvcU/1ZDx6KoCNKZ9CaCqxw5fmjM7V,iv:U5Tw4Na9o0HGVNirPOA3v7EKRSw+fhoN5kOnP+InPHk=,tag:rnrZM0jD7A++4wnZCq7g9A==,type:comment]
secretName: ENC[AES256_GCM,data:9n4jT1g2Zu4wmyJX7vWFFiL/EE2ZeUU=,iv:sOZK1xhRa0oxxPds0Zu9VYCnAT+NWwUM0ccLxIgyDzc=,tag:7bd0N4Md1m5xqnA9pq+q3A==,type:str]
rules:
- ENC[AES256_GCM,data:NCMrFbaXkhPUTNIDqjLi8K5mX7CttY+f/Q==,iv:Vbl8scoPd7WHIpjYiP/2Ls7VYv9Z2KfU74yx5fw5Cok=,tag:+AzXxD2c9IqU9kFHJMXmKA==,type:comment]
- host: ENC[AES256_GCM,data:Mi+S33O4sMK1KrpZtruhdcVSuAgX/o1l5I3o,iv:7QZ5nQTr3LHxD/gIMFf1B/iyKNMaRi28OGdI1W0YoV4=,tag:fer3I1PBU7+BfDx5ByP2LQ==,type:str]
http:
paths:
- ENC[AES256_GCM,data:PJiJDTEHihhFKWzbuMBXkRzZAM7/zXrmI68pK7b0PKv0qeyCnWUOi2qgUUAHg/ECgojZo5XCHu4whQg/0EN/9F49nZiK,iv:l/X63uOfuyl7Z0TydbYAO+Egobesd6jyaiEKVK+Py4g=,tag:7Id5hOtF1H8jwU+/YjNCxA==,type:comment]
- path: ENC[AES256_GCM,data:NA==,iv:4Im67atYgUri1denc7tct4Lzl8artwO67sTcQgDPpxc=,tag:JbWmhu5v6ZFe42ZEWhD7tQ==,type:str]
pathType: ENC[AES256_GCM,data:AwtMrZgp,iv:czK6zl29vX0BQecc5+PCzO6qft7VOYGH/mqz5+Ly9mo=,tag:7tjaYJI2Kn7H/E/+YKciVQ==,type:str]
backend:
service:
#ENC[AES256_GCM,data:YSqYcMuC1k/dU7y1Cay+Q4NEg4dQhbdsGjIOQ+mQYi5rle40hFIhZjagWrb75uJ7DxtVW/6is+AEG671pbg5,iv:UZlOnAA9/HJDGUmwNYAxtbUs+Xin8wArNfW4TaASN7U=,tag:E+zm0W6rwu6dkmSAfMCLYQ==,type:comment]
name: ENC[AES256_GCM,data:5cvEQvEDNZ0fG6YwvyKWpME9,iv:fv8XuEUsv+UejCtoFXQUveEDv8ylOd0FjiHAsMnDeZI=,tag:6il2nHyLKRYABdX1Y5B4lg==,type:str]
port:
number: ENC[AES256_GCM,data:fHZC,iv:ORoB5kxyy8zeic5Jc1ST6hseL6e65/19zFyU1YXIYnM=,tag:Ccrd8pmTO17dngrsCTlgew==,type:int]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1u0mt3kmhsr9tz2jaw8n0ztu7s9hnlffkd2acxf85cvk6tysj4gsqqulfdq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDUC8vMXpZMk5oZ0xjMFZo
VWptcGxOMmRzV3NCaU9HUmNVN2hJQWJRdFZZCnB3Wnc2YVZQRmlkVXFUd3I2NEcr
QWRtOTFnZS9lQTE2Q0x6RkFOZDRrZUUKLS0tIGlETXdiVUlMc3oyREpaTldJZWlT
b1lPeGpXTkxMSmEwbkxsQUNxbjNkQTgKDcYSPWLC4rvfnMSY+FmC6gu2Uafy1/lp
dCvkGOAJ4IEAW/7ZuIf2JTLw5jth9048FT7GozowwpuuFsY/LJltwg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-06-21T20:51:54Z"
mac: ENC[AES256_GCM,data:akQnRuMqsnwX4dLlmDX0r7tk0TNH6R1pIPAaa1JwILOPjUowFGl2rmMWZkg/dI99gIXcEd6NpBSoKKU0uU1SYi3Zqcf5IEPoUmQK/10VkgmvOtGhRrER9lsyAW6UYCfajU33V8IG/sSnd8b5cw6he5sIiKNNmFmt5d742vXpoCY=,iv:GO6/8bjvdmncnNJ02vQO9A2q08I1z8C2CpCVRAv7mTc=,tag:ooo0dbXcXyTqkWPzcXrBLw==,type:str]
pgp: []
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
version: 3.9.1
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: digital-garden
namespace: my-stuff
labels:
app: digital-garden
spec:
replicas: ENC[AES256_GCM,data:6Q==,iv:FbpWg5vhzzjk3EE8gKSW6Av/w/XwW8FY7iVPoSkRap0=,tag:kjhrktQ15FqXBO/JJmecUw==,type:int]
selector:
matchLabels:
app: ENC[AES256_GCM,data:/VIC4/dxueJOnXuYFu8=,iv:shUH5TA2wbV8XE2fZjkuePlGwNhFu1hNhIvcgDT4uSc=,tag:f9OCGLYkZP2fCDBe/kTCOA==,type:str]
template:
metadata:
labels:
app: digital-garden
name: digital-garden
spec:
containers:
- name: ENC[AES256_GCM,data:yjjJQDedW3Q1DAEE0q4=,iv:lFqs9+0lPzYHzyfRz+0Ij3+th1vWPGHk/jF/Eubvh0k=,tag:2rCOY6X+F/KrYPH6UnlJoA==,type:str]
image: ENC[AES256_GCM,data:KPmtoiV9eNjeQcOp,iv:Q65u8scFbUyj91E/VfCfaHwb0Wtx8TuEWOb9/I6LtnI=,tag:5kE8gnnRHfpa+HR6Kd/Xlw==,type:str]
imagePullPolicy: ENC[AES256_GCM,data:4YqmKSoLDFBYRK3O,iv:T0WVJIFBpbiHw4a0Z1yxd5SOWNIA3ZcGvWQHTLIeaVw=,tag:u8j1+UqScPMZs57x/MlN+Q==,type:str]
ports:
- containerPort: ENC[AES256_GCM,data:/mU=,iv:7WJMNAZq+dFkzvYhNUz1bgU4n6AW8eHUHrS2WJ4qj/M=,tag:TV5flZWUKkSHTMNJhlXlMw==,type:int]
volumeMounts:
- name: ENC[AES256_GCM,data:o7EgmtG37Y6zgehZvym7ICXp/0cD,iv:SpWEbQ3ZydR5ERqZIcrW3lbYVdeG8yW+DUsBVwiJUyM=,tag:Sp0w9UO/W+WYF+iqtFBE5w==,type:str]
mountPath: ENC[AES256_GCM,data:KZAwasIOYdnb,iv:B1c1Ta2tlPlRea5CPH9L4IEgPjIImq8dFsq0tzSIXNU=,tag:yhk/2IVlLFHaPlzYVwgv+g==,type:str]
resources: {}
volumes:
- name: ENC[AES256_GCM,data:NUG0/TDYue2msQteb88cLW/i24Ix,iv:20KAFZDcYhyppjFqSthtjPMHEvTwcR0y+yoN0JDsmt4=,tag:VteXeHaIRpzs4yoBoeIXzA==,type:str]
persistentVolumeClaim:
claimName: ENC[AES256_GCM,data:K94xo/xPny/Cakr4KuAi/o0VKOUeJEE=,iv:QNT29sasYvaswoDZhTnMYsGTV2oy1dfRps2WFaC7wtM=,tag:KTMU9VrBMisLZ/6+8hj+uw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1u0mt3kmhsr9tz2jaw8n0ztu7s9hnlffkd2acxf85cvk6tysj4gsqqulfdq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDUC8vMXpZMk5oZ0xjMFZo
VWptcGxOMmRzV3NCaU9HUmNVN2hJQWJRdFZZCnB3Wnc2YVZQRmlkVXFUd3I2NEcr
QWRtOTFnZS9lQTE2Q0x6RkFOZDRrZUUKLS0tIGlETXdiVUlMc3oyREpaTldJZWlT
b1lPeGpXTkxMSmEwbkxsQUNxbjNkQTgKDcYSPWLC4rvfnMSY+FmC6gu2Uafy1/lp
dCvkGOAJ4IEAW/7ZuIf2JTLw5jth9048FT7GozowwpuuFsY/LJltwg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-06-21T20:51:54Z"
mac: ENC[AES256_GCM,data:akQnRuMqsnwX4dLlmDX0r7tk0TNH6R1pIPAaa1JwILOPjUowFGl2rmMWZkg/dI99gIXcEd6NpBSoKKU0uU1SYi3Zqcf5IEPoUmQK/10VkgmvOtGhRrER9lsyAW6UYCfajU33V8IG/sSnd8b5cw6he5sIiKNNmFmt5d742vXpoCY=,iv:GO6/8bjvdmncnNJ02vQO9A2q08I1z8C2CpCVRAv7mTc=,tag:ooo0dbXcXyTqkWPzcXrBLw==,type:str]
pgp: []
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
version: 3.9.1
Reference in New Issue View Git Blame Copy Permalink