From b304c64d3c63239f72bed5b331f7a2aeef0fc70e Mon Sep 17 00:00:00 2001 From: Tyler Witlin Date: Tue, 8 Oct 2024 09:04:15 -0400 Subject: [PATCH] feat(sol): switch to unifi Signed-off-by: Tyler Witlin --- .../external-dns/app/bind/helmrelease.yaml | 55 -------------- .../external-dns/app/kustomization.yaml | 2 +- .../app/{bind => unifi}/externalsecret.yaml | 9 +-- .../external-dns/app/unifi/helmrelease.yaml | 71 +++++++++++++++++++ .../app/{bind => unifi}/kustomization.yaml | 0 5 files changed, 77 insertions(+), 60 deletions(-) delete mode 100644 kubernetes/sol/apps/networking/external-dns/app/bind/helmrelease.yaml rename kubernetes/sol/apps/networking/external-dns/app/{bind => unifi}/externalsecret.yaml (61%) create mode 100644 kubernetes/sol/apps/networking/external-dns/app/unifi/helmrelease.yaml rename kubernetes/sol/apps/networking/external-dns/app/{bind => unifi}/kustomization.yaml (100%) diff --git a/kubernetes/sol/apps/networking/external-dns/app/bind/helmrelease.yaml b/kubernetes/sol/apps/networking/external-dns/app/bind/helmrelease.yaml deleted file mode 100644 index 0183a4d0a6..0000000000 --- a/kubernetes/sol/apps/networking/external-dns/app/bind/helmrelease.yaml +++ /dev/null @@ -1,55 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2.json -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: &app external-dns-bind -spec: - interval: 30m - chart: - spec: - chart: external-dns - version: 1.15.0 - sourceRef: - kind: HelmRepository - name: external-dns - namespace: flux-system - install: - remediation: - retries: 3 - upgrade: - cleanupOnFail: true - remediation: - retries: 3 - uninstall: - keepHistory: false - values: - fullnameOverride: *app - provider: rfc2136 - env: - - name: EXTERNAL_DNS_RFC2136_HOST - value: "10.10.254.8" - - name: EXTERNAL_DNS_RFC2136_PORT - value: "53" - - name: EXTERNAL_DNS_RFC2136_ZONE - value: 286k.co - - name: EXTERNAL_DNS_RFC2136_TSIG_AXFR - value: "true" - - name: EXTERNAL_DNS_RFC2136_TSIG_KEYNAME - value: kubernetes-storage-key - - name: EXTERNAL_DNS_RFC2136_TSIG_SECRET_ALG - value: hmac-sha256 - - name: EXTERNAL_DNS_RFC2136_TSIG_SECRET - valueFrom: - secretKeyRef: - name: external-dns-bind-secret - key: BIND_RNDC_KEY - policy: sync - sources: ["ingress", "service"] - txtOwnerId: sol - txtPrefix: k8s. - domainFilters: ["286k.co"] - serviceMonitor: - enabled: true - podAnnotations: - secret.reloader.stakater.com/reload: external-dns-bind-secret diff --git a/kubernetes/sol/apps/networking/external-dns/app/kustomization.yaml b/kubernetes/sol/apps/networking/external-dns/app/kustomization.yaml index f347119435..5541972967 100644 --- a/kubernetes/sol/apps/networking/external-dns/app/kustomization.yaml +++ b/kubernetes/sol/apps/networking/external-dns/app/kustomization.yaml @@ -4,4 +4,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./dnsendpoint-crd.yaml - - ./bind + - ./unifi diff --git a/kubernetes/sol/apps/networking/external-dns/app/bind/externalsecret.yaml b/kubernetes/sol/apps/networking/external-dns/app/unifi/externalsecret.yaml similarity index 61% rename from kubernetes/sol/apps/networking/external-dns/app/bind/externalsecret.yaml rename to kubernetes/sol/apps/networking/external-dns/app/unifi/externalsecret.yaml index 294a2d5bcf..d099cdd2c8 100644 --- a/kubernetes/sol/apps/networking/external-dns/app/bind/externalsecret.yaml +++ b/kubernetes/sol/apps/networking/external-dns/app/unifi/externalsecret.yaml @@ -3,17 +3,18 @@ apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret metadata: - name: external-dns-bind + name: external-dns-unifi spec: secretStoreRef: kind: ClusterSecretStore name: onepassword-connect target: - name: external-dns-bind-secret + name: external-dns-unifi-secret template: engineVersion: v2 data: - BIND_RNDC_KEY: "{{ .BIND_STORAGE_RNDC_KEY }}" + EXTERNAL_DNS_UNIFI_USER: "{{ .EXTERNAL_DNS_UNIFI_USER }}" + EXTERNAL_DNS_UNIFI_PASS: "{{ .EXTERNAL_DNS_UNIFI_PASS }}" dataFrom: - extract: - key: bind + key: external-dns-unifi diff --git a/kubernetes/sol/apps/networking/external-dns/app/unifi/helmrelease.yaml b/kubernetes/sol/apps/networking/external-dns/app/unifi/helmrelease.yaml new file mode 100644 index 0000000000..e844df1739 --- /dev/null +++ b/kubernetes/sol/apps/networking/external-dns/app/unifi/helmrelease.yaml @@ -0,0 +1,71 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: &app external-dns-unifi +spec: + interval: 30m + chart: + spec: + chart: external-dns + version: 1.15.0 + sourceRef: + kind: HelmRepository + name: external-dns + namespace: flux-system + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + strategy: rollback + retries: 3 + values: + fullnameOverride: *app + # logLevel: debug + provider: + name: webhook + webhook: + image: + repository: ghcr.io/kashalls/external-dns-unifi-webhook + tag: v0.2.4@sha256:b180041b035b44d74062c9308763903aaa8df458f3d9de5c1b78768b9f4fcbbe + env: + - name: UNIFI_HOST + value: https://10.1.0.1 + - name: UNIFI_USER + valueFrom: + secretKeyRef: + name: &secret external-dns-unifi-secret + key: EXTERNAL_DNS_UNIFI_USER + - name: UNIFI_PASS + valueFrom: + secretKeyRef: + name: *secret + key: EXTERNAL_DNS_UNIFI_PASS + # - name: LOG_LEVEL + # value: "debug" + livenessProbe: + httpGet: + path: /healthz + port: http-webhook + initialDelaySeconds: 10 + timeoutSeconds: 5 + readinessProbe: + httpGet: + path: /readyz + port: http-webhook + initialDelaySeconds: 10 + timeoutSeconds: 5 + extraArgs: + - --ignore-ingress-tls-spec + policy: sync + sources: ["ingress", "service"] + txtOwnerId: kyak + txtPrefix: k8s.kyak. + domainFilters: ["${SECRET_PUBLIC_DOMAIN}"] + serviceMonitor: + enabled: true + podAnnotations: + secret.reloader.stakater.com/reload: *secret diff --git a/kubernetes/sol/apps/networking/external-dns/app/bind/kustomization.yaml b/kubernetes/sol/apps/networking/external-dns/app/unifi/kustomization.yaml similarity index 100% rename from kubernetes/sol/apps/networking/external-dns/app/bind/kustomization.yaml rename to kubernetes/sol/apps/networking/external-dns/app/unifi/kustomization.yaml