From 963226db8cb8318b684f614818895e1910585faf Mon Sep 17 00:00:00 2001 From: Lennart Jern Date: Fri, 20 Dec 2024 10:39:35 +0200 Subject: [PATCH] Switch pi-hole to external secrets --- pi-hole/overlays/jern.me/externalsecret.yaml | 14 ++++++++++++++ pi-hole/overlays/jern.me/kustomization.yaml | 3 --- .../overlays/jern.me/pi-hole-env-generator.yaml | 7 ------- pi-hole/overlays/jern.me/pi-hole.env | 11 ----------- 4 files changed, 14 insertions(+), 21 deletions(-) create mode 100644 pi-hole/overlays/jern.me/externalsecret.yaml delete mode 100644 pi-hole/overlays/jern.me/pi-hole-env-generator.yaml delete mode 100644 pi-hole/overlays/jern.me/pi-hole.env diff --git a/pi-hole/overlays/jern.me/externalsecret.yaml b/pi-hole/overlays/jern.me/externalsecret.yaml new file mode 100644 index 00000000..7ba11344 --- /dev/null +++ b/pi-hole/overlays/jern.me/externalsecret.yaml @@ -0,0 +1,14 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: pi-hole-env +spec: + refreshInterval: 1h + secretStoreRef: + # This name must match the metadata.name in the `SecretStore` + name: bitwarden-personal-cloud + kind: ClusterSecretStore + data: + - secretKey: WEBPASSWORD + remoteRef: + key: e17b2830-6c61-414e-8a9d-b24c008e0608 diff --git a/pi-hole/overlays/jern.me/kustomization.yaml b/pi-hole/overlays/jern.me/kustomization.yaml index eb414288..d553e632 100644 --- a/pi-hole/overlays/jern.me/kustomization.yaml +++ b/pi-hole/overlays/jern.me/kustomization.yaml @@ -22,6 +22,3 @@ configMapGenerator: - 02-interface.conf - 05-custom-cname.conf name: custom - -generators: -- pi-hole-env-generator.yaml diff --git a/pi-hole/overlays/jern.me/pi-hole-env-generator.yaml b/pi-hole/overlays/jern.me/pi-hole-env-generator.yaml deleted file mode 100644 index 18ed76b0..00000000 --- a/pi-hole/overlays/jern.me/pi-hole-env-generator.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: goabout.com/v1beta1 -kind: SopsSecretGenerator -metadata: - name: pi-hole-env -envs: -- pi-hole.env -type: Opaque diff --git a/pi-hole/overlays/jern.me/pi-hole.env b/pi-hole/overlays/jern.me/pi-hole.env deleted file mode 100644 index 80f6165e..00000000 --- a/pi-hole/overlays/jern.me/pi-hole.env +++ /dev/null @@ -1,11 +0,0 @@ -WEBPASSWORD=ENC[AES256_GCM,data:avwi7z6QuEttZfyoKxn9Qg68UGCold97cEcd,iv:W6GclpE93zi1riZVk5k07O02yWHjhKDG0zyAO5Sl7pM=,tag:HQCp7iCHexDx8paInkBbPA==,type:str] -sops_lastmodified=2024-01-12T19:51:21Z -sops_mac=ENC[AES256_GCM,data:4e74ev2wPEWEV9AP1Jlkexun0GEALb9JSrw3ZciJrPMswPawSu8o0HSB5I0temH15rtgi1T3cm60yNk9K0fqV3TSJSTGuKAPFjGcTnENuJTqndOUcFcdyiMelRq3287JIb2EcYHzcKk63gTBL0NedGOGsfKDxHtrFJmNXFhA31w=,iv:tXapB2qIdc1b08sFY3Kv+jidGi86Wm/RUVZMwEVDRkg=,tag:aTlnQw1x3K73r5xmdZIvxA==,type:str] -sops_pgp__list_0__map_created_at=2024-01-12T19:51:38Z -sops_pgp__list_0__map_enc=-----BEGIN PGP MESSAGE-----\n\nhQIMA+ZxRvS59SVeAQ/+Nd/X4QbP48297XnYwSJyicBWdltMhBMUY8lDs0eKXfLS\nHqneU9zv+C+WsGdSi/EwazZLxI3cV7WnzU3Ffy3MeRivAnpbe5fzTGQ8gRlghU4z\nqccI8hlXiU6MhXF8LvyVppnUkxLCXNHDZJ67hgUIVge/LY2ayssVl8PrOeMN87JW\nylgb9bLRm90ULLpkw3/ZBXSq8ygmcJo0KS1ATxi2J1j+ezJASJybToPfVh/IZuom\nNQJUO2A0lsVtQSOQ/zrE+KjInXGBSiRG6RsvyClD39bZDXY63kVwDdZIxQH7w4Ic\n6v09DSKB8s/kEoODbUdqGIlRFP4OeuDyFQ8lDAV8r8TRatpNbSC4NkTSmbYZe1Is\nT8MhnkrH/BPIXtuQjkTh4HMonQ4y9+ft4s2iwm4nGcNsLudjoIZpQ0CewU8Sk9kq\nY5gK1efsh7UmSwE76aLe+k9WeVGunrZrcF2zR33lMxQPWJkhP6SkK6MtZZO6bVdJ\nl2wgxAMQ2mY+Br0IliCp8wecSWdg+T8H4sRzvmbvvj0PK/k1YTH+pSXHbALALK55\nQJTaQ7CTzSTAYMaIkmew2X/SLw5CXhsc5Fc3U1RsEYks9tulyuwF0kKR/iXiKLm0\n/jGkzpU5Uh2gBmX5bv2gUMIVExhwOi3oYGKq71dZ2la99Q90rBNtRxwTVVJVpYHS\nXgHsyTk11rNUFi5uuGzajbc3HhVnOSpvGVlclXAeHSKerW3kBukk02NPm9kpE2p/\n3krJ3GtYvkXi5iq6OtxkiWG96J2kRws4q9JCFSoajJxwnAR3BuB4DF4F3l8WLrA=\n=mcy3\n-----END PGP MESSAGE----- -sops_pgp__list_0__map_fp=3820F67B590431A8E2ECBBC88CC3ECACCE12D523 -sops_pgp__list_1__map_created_at=2024-01-12T19:51:38Z -sops_pgp__list_1__map_enc=-----BEGIN PGP MESSAGE-----\n\nhQEMA4OK30H8eQIVAQf7By90mlUUI1mrt+IvoPYcBAXzm94u4WZwygBjgvwCBtHg\nvQR+CjFON0qxyEhgESBtt16j/BGDlalifeZsl/LTv76jG0nIWKlKS2WIfxmvf82T\n3RxQSqYr+xghgMk/LU/wDspOssERmVGTpDEIEbFxCUOrEXojlchRx1CxgrHrduUm\n1o9o66dAxMw0v1DfRhKnceKjOZTNyFhig0cVUekYRMybxF/lYHZiXK5hAKsYtttz\nJnQ8yIM6s4hv/LWZE0oy/uvjB940yngLkTJ1uTo4G10lB8ipD566jPQqlolkRlTL\nH6w6D0Trc4v7oE71xB7UZ7qtG7KZIwWWefSwnBCGBtJeAdE2GZHLnywJk6r9zRH9\njxN2vneEuRH5UO5xW1ClPBP38XOXQJi2lfkF3QqE5PoMsNEzD5ZmduGknFs68WQx\n1+hOE6ofv5Es86huJJwpv+DIxL+WJjxSLk9h1DnPxg==\n=zJFy\n-----END PGP MESSAGE----- -sops_pgp__list_1__map_fp=20F52DB0E83A93F7CC6A9B1CD88F6C094FDC0C2B -sops_unencrypted_suffix=_unencrypted -sops_version=3.8.0