diff --git a/.github/renovate.json5 b/.github/renovate.json5 index 08cc717dfa..ebc3210574 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -23,10 +23,7 @@ "**/*.sops.*" ], "docker": { - "fileMatch": [ - "ansible/files/ragnar/.+\\.ya?ml$", - "kubernetes/.+\\.ya?ml$" - ] + "fileMatch": ["ansible/files/ragnar/.+\\.ya?ml$", "kubernetes/.+\\.ya?ml$"] }, "flux": { "fileMatch": ["kubernetes/.+\\.ya?ml$"] @@ -35,9 +32,6 @@ "fileMatch": ["kubernetes/.+\\.ya?ml$"] }, "kubernetes": { - "fileMatch": [ - "\\.taskfiles/.+\\.ya?ml(?:\\.j2)?$", - "kubernetes/.+\\.ya?ml$" - ] + "fileMatch": ["\\.taskfiles/.+\\.ya?ml(?:\\.j2)?$", "kubernetes/.+\\.ya?ml$"] } } diff --git a/.github/renovate/autoMerge.json5 b/.github/renovate/autoMerge.json5 index 3f531519ed..2b073a3f93 100644 --- a/.github/renovate/autoMerge.json5 +++ b/.github/renovate/autoMerge.json5 @@ -27,12 +27,7 @@ }, { "description": "Auto merge media releases", - "matchDatasources": [ - "docker", - "github-releases", - "github-tags", - "helm" - ], + "matchDatasources": ["docker", "github-releases", "github-tags", "helm"], "automerge": true, "automergeType": "branch", "requiredStatusChecks": null, @@ -54,7 +49,7 @@ "ghcr.io/onedr0p/sonarr-develop", "ghcr.io/szinn/lidarr-develop", "ghcr.io/szinn/readarr-develop" - ] + ] } ] } diff --git a/.github/renovate/clusters.json5 b/.github/renovate/clusters.json5 index 5fc35f6dc7..3fb9b7294d 100644 --- a/.github/renovate/clusters.json5 +++ b/.github/renovate/clusters.json5 @@ -3,18 +3,12 @@ "packageRules": [ { "description": "Separate PRs for main cluster", - "matchFileNames": [ - "**/kubernetes/main/**", - "**/infrastructure/talos/main/**" - ], + "matchFileNames": ["**/kubernetes/main/**", "**/infrastructure/talos/main/**"], "additionalBranchPrefix": "main-" }, { "description": "Separate PRs for staging cluster", - "matchFileNames": [ - "**/kubernetes/staging/**", - "**/infrastructure/talos/staging/**" - ], + "matchFileNames": ["**/kubernetes/staging/**", "**/infrastructure/talos/staging/**"], "additionalBranchPrefix": "staging-" } ] diff --git a/.github/renovate/grafanaDashboards.json5 b/.github/renovate/grafanaDashboards.json5 index 2163f16157..bb24583b9b 100644 --- a/.github/renovate/grafanaDashboards.json5 +++ b/.github/renovate/grafanaDashboards.json5 @@ -4,18 +4,14 @@ "grafana-dashboards": { "defaultRegistryUrlTemplate": "https://grafana.com/api/dashboards/{{packageName}}", "format": "json", - "transformTemplates": [ - "{\"releases\":[{\"version\": $string(revision)}]}" - ] + "transformTemplates": ["{\"releases\":[{\"version\": $string(revision)}]}"] } }, "customManagers": [ { "customType": "regex", "description": ["Process Grafana dashboards"], - "fileMatch": [ - "(^|/)kubernetes/.+\\.ya?ml(?:\\.j2)?$" - ], + "fileMatch": ["(^|/)kubernetes/.+\\.ya?ml(?:\\.j2)?$"], "matchStrings": [ "# renovate: dashboardName=\"(?.*)\"\\n(?\\s+)gnetId: (?\\d+)\\n.+revision: (?\\d+)" ], diff --git a/.github/renovate/groups.json5 b/.github/renovate/groups.json5 index 8965943919..40b4c67ca8 100644 --- a/.github/renovate/groups.json5 +++ b/.github/renovate/groups.json5 @@ -89,10 +89,7 @@ { "description": "Github Action Runner", "groupName": "gha", - "matchPackagePatterns": [ - "gha-runner-scale-set", - "gha-runner-scale-set-controller" - ], + "matchPackagePatterns": ["gha-runner-scale-set", "gha-runner-scale-set-controller"], "matchDatasources": ["docker", "github-releases"], "matchUpdateTypes": ["minor", "patch"], "group": { @@ -103,10 +100,7 @@ { "description": "Snapshot controller", "groupName": "SnapshotController", - "matchPackagePatterns": [ - "snapshot-validation-webhook", - "snapshot-controller" - ], + "matchPackagePatterns": ["snapshot-validation-webhook", "snapshot-controller"], "matchDatasources": ["docker", "github-releases"], "matchUpdateTypes": ["minor", "patch"], "group": { @@ -117,10 +111,7 @@ { "description": "Dragonfly Operator", "groupName": "DragonflyOperator", - "matchPackagePatterns": [ - "docker.dragonflydb.io/dragonflydb/operator", - "dragonflydb/dragonfly-operator" - ], + "matchPackagePatterns": ["docker.dragonflydb.io/dragonflydb/operator", "dragonflydb/dragonfly-operator"], "group": { "commitMessageTopic": "{{{groupName}}} group" }, @@ -129,9 +120,7 @@ { "description": "Victoria Metrics", "groupName": "VictoriaMetrics", - "matchPackagePatterns": [ - "victoriametrics/" - ], + "matchPackagePatterns": ["victoriametrics/"], "group": { "commitMessageTopic": "{{{groupName}}} group" }, diff --git a/.github/renovate/packageRules.json5 b/.github/renovate/packageRules.json5 index 34cffc6d22..e376cd15f5 100644 --- a/.github/renovate/packageRules.json5 +++ b/.github/renovate/packageRules.json5 @@ -17,15 +17,10 @@ "description": ["Custom versioning for minio"], "matchDatasources": ["docker"], "versioning": "regex:^RELEASE\\.(?\\d+)-(?\\d+)-(?\\d+)T.*Z$", - "matchPackagePatterns": [ - "minio", - "quay.io/minio/minio" - ] + "matchPackagePatterns": ["minio", "quay.io/minio/minio"] }, { - "description": [ - "Don't pin digests for packages that don't have/need a digest" - ], + "description": ["Don't pin digests for packages that don't have/need a digest"], "matchDatasources": ["docker"], "matchDepNames": [ "ghcr.io/bjw-s/helm/app-template", @@ -40,9 +35,7 @@ "pinDigests": false }, { - "description": [ - "Don't pin digests for managers that don't need a digest" - ], + "description": ["Don't pin digests for managers that don't need a digest"], "matchManagers": ["flux", "helmfile"], "pinDigests": false } diff --git a/.prettierrc b/.prettierrc new file mode 100644 index 0000000000..433d162741 --- /dev/null +++ b/.prettierrc @@ -0,0 +1,33 @@ +{ + "useTabs": false, + "singleQuote": true, + "trailingComma": "none", + "printWidth": 120, + "plugins": [], + "overrides": [ + { + "files": ["*.yaml", ".prettierrc"], + "options": { + "quoteProps": "preserve", + "singleQuote": false, + "tabWidth": 2 + } + }, + { + "files": ["*.md"], + "options": { + "quoteProps": "preserve", + "singleQuote": false, + "tabWidth": 2 + } + }, + { + "files": "*.json5", + "options": { + "quoteProps": "preserve", + "singleQuote": false, + "tabWidth": 2 + } + } + ] +} diff --git a/.taskfiles/Bootstrap/Taskfile.yaml b/.taskfiles/Bootstrap/Taskfile.yaml index 2be3fb50d6..6b8356e39c 100644 --- a/.taskfiles/Bootstrap/Taskfile.yaml +++ b/.taskfiles/Bootstrap/Taskfile.yaml @@ -93,7 +93,7 @@ tasks: get-certs: desc: Fetch certificates from cluster cmds: - - for: {var: certs, split: " "} + - for: { var: certs, split: " " } cmd: kubectl --context {{.cluster}} get secrets -n networking {{.ITEM}}-tls -o yaml | grep -v "creationTimestamp:" | grep -v "resourceVersion:" | grep -v " uid:" > kubernetes/{{.cluster}}/apps/{{.ITEM}}-tls.yaml requires: vars: @@ -105,7 +105,7 @@ tasks: put-certs: desc: Upload certificates to cluster cmds: - - for: {var: certs, split: " "} + - for: { var: certs, split: " " } cmd: kubectl --context {{.cluster}} apply -f kubernetes/{{.cluster}}/apps/{{.ITEM}}-tls.yaml requires: vars: diff --git a/.taskfiles/Proxmox/Taskfile.yaml b/.taskfiles/Proxmox/Taskfile.yaml index 73c1f406a5..ce406f7f71 100644 --- a/.taskfiles/Proxmox/Taskfile.yaml +++ b/.taskfiles/Proxmox/Taskfile.yaml @@ -18,37 +18,37 @@ tasks: start-staging: desc: Start staging cluster cmds: - - for: {var: ALL_VMS, split: " "} + - for: { var: ALL_VMS, split: " " } task: start-vm-{{.ITEM}} stop-staging: desc: Stop staging cluster cmds: - - for: {var: ALL_VMS, split: " "} + - for: { var: ALL_VMS, split: " " } task: stop-vm-{{.ITEM}} unmount-staging-cdrom: desc: Unmount staging cluster CD-ROM drives cmds: - - for: {var: ALL_VMS, split: " "} + - for: { var: ALL_VMS, split: " " } task: unmount-cdrom-{{.ITEM}} destroy-staging: desc: Destroy staging cluster cmds: - - for: {var: ALL_VMS, split: " "} + - for: { var: ALL_VMS, split: " " } task: destroy-vm-{{.ITEM}} create-staging: desc: Create staging cluster cmds: - - for: {var: CP_VMS, split: " "} + - for: { var: CP_VMS, split: " " } task: create-cp-vm-{{.ITEM}} wait-for-startup: internal: true cmds: - - for: {var: ALL_VMS, split: " "} + - for: { var: ALL_VMS, split: " " } task: wait-for-startup-{{.ITEM}} start-vm-*-*-*: @@ -84,7 +84,6 @@ tasks: - cmd: ssh ares -- qm destroy {{.VMID_PREFIX}}{{.vmid}} ignore_error: true - create-cp-vm-*-*-*: internal: true vars: diff --git a/.taskfiles/kubernetes/Taskfile.yaml b/.taskfiles/kubernetes/Taskfile.yaml index 06c543914d..04f36421ce 100644 --- a/.taskfiles/kubernetes/Taskfile.yaml +++ b/.taskfiles/kubernetes/Taskfile.yaml @@ -18,7 +18,7 @@ tasks: approve-certs: desc: Approve pending certs on startup cmds: - - for: {var: CERTS} + - for: { var: CERTS } cmd: kubectl --kubeconfig {{.KUBERNETES_DIR}}/{{.cluster}}/kubeconfig --context {{.cluster}} certificate approve {{.ITEM}} vars: CERTS: diff --git a/.taskfiles/postgres/Taskfile.yaml b/.taskfiles/postgres/Taskfile.yaml index cb60395d51..5816d0f940 100644 --- a/.taskfiles/postgres/Taskfile.yaml +++ b/.taskfiles/postgres/Taskfile.yaml @@ -415,13 +415,13 @@ tasks: cmds: - flux suspend helmrelease -n {{.NAMESPACE}} {{.HELMRELEASE}} - flux suspend kustomization {{.KUSTOMIZATION}} - - for: {var: SERVICES} + - for: { var: SERVICES } cmd: kubectl scale --replicas=0 -n {{.NAMESPACE}} {{.ITEM}} _up: desc: Bring a service up cmds: - - for: {var: SERVICES} + - for: { var: SERVICES } cmd: kubectl scale --replicas={{.REPLICAS}} -n {{.NAMESPACE}} {{.ITEM}} - flux resume helmrelease -n {{.NAMESPACE}} {{.HELMRELEASE}} - flux resume kustomization {{.KUSTOMIZATION}} diff --git a/.taskfiles/sops/Taskfile.yaml b/.taskfiles/sops/Taskfile.yaml index b9fcb2cd88..3c1ef8ae06 100644 --- a/.taskfiles/sops/Taskfile.yaml +++ b/.taskfiles/sops/Taskfile.yaml @@ -11,7 +11,7 @@ tasks: SECRET_FILES: sh: find . -type f -name '*.sops.yaml' ! -name ".sops.yaml" cmds: - - for: {var: SECRET_FILES} + - for: { var: SECRET_FILES } cmd: | echo "Re-encrypting {{ .ITEM }}" sops --decrypt --in-place "{{ .ITEM }}" diff --git a/.taskfiles/talos/Taskfile.yaml b/.taskfiles/talos/Taskfile.yaml index 3b7d84e68f..075deadf5c 100644 --- a/.taskfiles/talos/Taskfile.yaml +++ b/.taskfiles/talos/Taskfile.yaml @@ -94,7 +94,7 @@ tasks: sh: ls {{.CLUSTER_CONFIG_ROOT}}/*.yaml TALOSCONFIG: "{{.CLUSTER_DIR}}/talosconfig" cmds: - - for: {var: CONFIG_FILES} + - for: { var: CONFIG_FILES } task: _apply-machineconfig vars: cluster: "{{.cluster}}" @@ -160,11 +160,11 @@ tasks: sh: talosctl --talosconfig "{{.CLUSTER_DIR}}/talosconfig" --context {{.cluster}} config info --output json | jq --raw-output '.endpoints[0]' cmds: - talosctl kubeconfig - --context {{.cluster}} - --nodes {{.TALOS_CONTROLLER}} - --force - --force-context-name {{.cluster}} - "{{.KUBECONFIG}}" + --context {{.cluster}} + --nodes {{.TALOS_CONTROLLER}} + --force + --force-context-name {{.cluster}} + "{{.KUBECONFIG}}" - cmd: kubectl config delete-context "admin@{{.cluster}}" ignore_error: true diff --git a/.vscode/extensions.json b/.vscode/extensions.json index 1756ceca19..314485bd88 100644 --- a/.vscode/extensions.json +++ b/.vscode/extensions.json @@ -1,5 +1,3 @@ { - "recommendations": [ - "signageos.signageos-vscode-sops" - ] + "recommendations": ["signageos.signageos-vscode-sops"] } diff --git a/ansible/files/ragnar/minio.yaml b/ansible/files/ragnar/minio.yaml index 4e172db6be..10acdd9f87 100644 --- a/ansible/files/ragnar/minio.yaml +++ b/ansible/files/ragnar/minio.yaml @@ -8,8 +8,8 @@ services: # renovate: datasource=docker depName=quay.io/minio/minio image: quay.io/minio/minio:RELEASE.2024-12-18T13-15-44Z ports: - - '9000:9000' - - '9001:9001' - user: '473:473' + - "9000:9000" + - "9001:9001" + user: "473:473" volumes: - /mnt/atlas/Apps/minio:/data diff --git a/ansible/files/ragnar/node-exporter.yaml b/ansible/files/ragnar/node-exporter.yaml index 55aab07571..a7bc27636a 100644 --- a/ansible/files/ragnar/node-exporter.yaml +++ b/ansible/files/ragnar/node-exporter.yaml @@ -1,18 +1,18 @@ services: node-exporter: command: - - '--path.rootfs=/host/root' - - '--path.procfs=/host/proc' - - '--path.sysfs=/host/sys' - - '--path.udev.data=/host/root/run/udev/data' - - '--web.listen-address=0.0.0.0:9100' + - "--path.rootfs=/host/root" + - "--path.procfs=/host/proc" + - "--path.sysfs=/host/sys" + - "--path.udev.data=/host/root/run/udev/data" + - "--web.listen-address=0.0.0.0:9100" - >- --collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/) # renovate: datasource=docker depName=quay.io/prometheus/node-exporter image: quay.io/prometheus/node-exporter:v1.8.2 network_mode: host ports: - - '9100:9100' + - "9100:9100" restart: always volumes: - /:/host/root:ro diff --git a/ansible/files/ragnar/smartctl-exporter.yaml b/ansible/files/ragnar/smartctl-exporter.yaml index f8137e92e3..f1491579fe 100644 --- a/ansible/files/ragnar/smartctl-exporter.yaml +++ b/ansible/files/ragnar/smartctl-exporter.yaml @@ -1,11 +1,11 @@ services: smartctl-exporter: command: - - '--smartctl.device-exclude=nvme0' + - "--smartctl.device-exclude=nvme0" # renovate: datasource=docker depName=quay.io/prometheuscommunity/smartctl-exporter image: quay.io/prometheuscommunity/smartctl-exporter:v0.13.0 ports: - - '9633:9633' + - "9633:9633" privileged: True restart: always user: root diff --git a/ansible/inventory/host_vars/octopi.zinn.tech.sops.yaml b/ansible/inventory/host_vars/octopi.zinn.tech.sops.yaml index 61769c4291..7b463dd1c8 100644 --- a/ansible/inventory/host_vars/octopi.zinn.tech.sops.yaml +++ b/ansible/inventory/host_vars/octopi.zinn.tech.sops.yaml @@ -1,21 +1,21 @@ ansible_become_pass: ENC[AES256_GCM,data:n0Mz+s/FtA==,iv:SIx7PATvPhCyQ+UwPXsoCX+AHugeVPdJAb5JB7QbmpQ=,tag:9sQr3PqbgbFI4JDbHU/yzw==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByQmVDbkRkT3lTT3M0ZEVV - ejU5L1AvYUlCdmhjRFl2R2dmaFppSmJMTTFvCndMNUlCd1JhRXRVNThnMEJORTQw - RDh3alhFWkpVWkZlT0xYVVlBSzhHOTQKLS0tIGpianhpR3JEZVVXbkk1cldxTEx3 - VXMvSGMzNDVEemtMU05ZY0NyMmlUbmsK9oW2GJQtRRLASsiHW+wDec6DTEshhYlk - hEOe82ML7BfQUgiltgqtYaAPkpkZtKpnv9uHiuXzWStd11/8H7043w== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-05-05T14:55:49Z" - mac: ENC[AES256_GCM,data:M/HAjlNkB6TIXjTWJa1vqB8xQ56HfX9X+e3faEZxukfj4rsjVAek0friFvCGqlDkXoJeYV2QBWVDGhWq0SDoB+I0gpYHbyiTw/LjPMchJ9sWpa7Hz2c6JP23tQgzXq01PTFfeFftcHpFyHDBpKDqMncCzp/FX7x/JfoDreXCexY=,iv:+CdKamuwYQEWk8vTgvcwY/ycAJW2t15h1RkkDGr8hd0=,tag:c95h16Y9k795djdxWy6p+A==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.8.1 + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByQmVDbkRkT3lTT3M0ZEVV + ejU5L1AvYUlCdmhjRFl2R2dmaFppSmJMTTFvCndMNUlCd1JhRXRVNThnMEJORTQw + RDh3alhFWkpVWkZlT0xYVVlBSzhHOTQKLS0tIGpianhpR3JEZVVXbkk1cldxTEx3 + VXMvSGMzNDVEemtMU05ZY0NyMmlUbmsK9oW2GJQtRRLASsiHW+wDec6DTEshhYlk + hEOe82ML7BfQUgiltgqtYaAPkpkZtKpnv9uHiuXzWStd11/8H7043w== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-05-05T14:55:49Z" + mac: ENC[AES256_GCM,data:M/HAjlNkB6TIXjTWJa1vqB8xQ56HfX9X+e3faEZxukfj4rsjVAek0friFvCGqlDkXoJeYV2QBWVDGhWq0SDoB+I0gpYHbyiTw/LjPMchJ9sWpa7Hz2c6JP23tQgzXq01PTFfeFftcHpFyHDBpKDqMncCzp/FX7x/JfoDreXCexY=,iv:+CdKamuwYQEWk8vTgvcwY/ycAJW2t15h1RkkDGr8hd0=,tag:c95h16Y9k795djdxWy6p+A==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/kubernetes/main/apps/cert-manager/cert-manager/app/cert-manager-dashboard.json b/kubernetes/main/apps/cert-manager/cert-manager/app/cert-manager-dashboard.json index 6ee1b16016..0584192d77 100644 --- a/kubernetes/main/apps/cert-manager/cert-manager/app/cert-manager-dashboard.json +++ b/kubernetes/main/apps/cert-manager/cert-manager/app/cert-manager-dashboard.json @@ -1235,17 +1235,7 @@ "to": "now" }, "timepicker": { - "refresh_intervals": [ - "10s", - "30s", - "1m", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ] + "refresh_intervals": ["10s", "30s", "1m", "5m", "15m", "30m", "1h", "2h", "1d"] }, "timezone": "", "title": "Cert Manager", diff --git a/kubernetes/main/apps/cert-manager/cert-manager/app/prometheus-rules.yaml b/kubernetes/main/apps/cert-manager/cert-manager/app/prometheus-rules.yaml index 70a3aafa35..3c12482118 100644 --- a/kubernetes/main/apps/cert-manager/cert-manager/app/prometheus-rules.yaml +++ b/kubernetes/main/apps/cert-manager/cert-manager/app/prometheus-rules.yaml @@ -15,8 +15,7 @@ spec: labels: severity: critical annotations: - description: - "New certificates will not be able to be minted, and existing + description: "New certificates will not be able to be minted, and existing ones can't be renewed until cert-manager is back." runbook_url: https://gitlab.com/uneeq-oss/cert-manager-mixin/-/blob/master/RUNBOOK.md#certmanagerabsent summary: "Cert Manager has dissapeared from Prometheus service discovery." @@ -31,13 +30,11 @@ spec: labels: severity: warning annotations: - description: - "The domain that this cert covers will be unavailable after + description: "The domain that this cert covers will be unavailable after {{ $value | humanizeDuration }}. Clients using endpoints that this cert protects will start to fail in {{ $value | humanizeDuration }}." runbook_url: https://gitlab.com/uneeq-oss/cert-manager-mixin/-/blob/master/RUNBOOK.md#certmanagercertexpirysoon - summary: - "The cert {{ $labels.name }} is {{ $value | humanizeDuration }} + summary: "The cert {{ $labels.name }} is {{ $value | humanizeDuration }} from expiry, it should have renewed over a week ago." - alert: CertManagerCertNotReady expr: | @@ -47,8 +44,7 @@ spec: labels: severity: critical annotations: - description: - "This certificate has not been ready to serve traffic for at least + description: "This certificate has not been ready to serve traffic for at least 10m. If the cert is being renewed or there is another valid cert, the ingress controller _may_ be able to serve that instead." runbook_url: https://gitlab.com/uneeq-oss/cert-manager-mixin/-/blob/master/RUNBOOK.md#certmanagercertnotready @@ -61,8 +57,7 @@ spec: labels: severity: critical annotations: - description: - "Depending on the rate limit, cert-manager may be unable to generate + description: "Depending on the rate limit, cert-manager may be unable to generate certificates for up to a week." runbook_url: https://gitlab.com/uneeq-oss/cert-manager-mixin/-/blob/master/RUNBOOK.md#certmanagerhittingratelimits summary: "Cert manager hitting LetsEncrypt rate limits." diff --git a/kubernetes/main/apps/dbms/dragonfly-operator/app/helm-release.yaml b/kubernetes/main/apps/dbms/dragonfly-operator/app/helm-release.yaml index 554de5392d..9276d0dd8f 100644 --- a/kubernetes/main/apps/dbms/dragonfly-operator/app/helm-release.yaml +++ b/kubernetes/main/apps/dbms/dragonfly-operator/app/helm-release.yaml @@ -37,7 +37,7 @@ spec: securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - capabilities: {drop: ["ALL"]} + capabilities: { drop: ["ALL"] } probes: liveness: enabled: true diff --git a/kubernetes/main/apps/home/home-assistant/app/helm-release.yaml b/kubernetes/main/apps/home/home-assistant/app/helm-release.yaml index 636ff14dda..6f0d9d2312 100644 --- a/kubernetes/main/apps/home/home-assistant/app/helm-release.yaml +++ b/kubernetes/main/apps/home/home-assistant/app/helm-release.yaml @@ -72,14 +72,20 @@ spec: image: repository: ghcr.io/coder/code-server tag: 4.96.2@sha256:6b8c0e944caec80057e71d2c2f352cee38fe00ae4b7515fc4458eb300844f699 - args: [ - "--auth", "none", - "--disable-telemetry", "--disable-update-check", - "--user-data-dir", "/config/.vscode", - "--extensions-dir", "/config/.vscode", - "--port", "8080", - "/config" - ] + args: + [ + "--auth", + "none", + "--disable-telemetry", + "--disable-update-check", + "--user-data-dir", + "/config/.vscode", + "--extensions-dir", + "/config/.vscode", + "--port", + "8080", + "/config" + ] env: TZ: "${CONFIG_TIMEZONE}" service: diff --git a/kubernetes/main/apps/kube-system/cilium/app/helm-values.yaml b/kubernetes/main/apps/kube-system/cilium/app/helm-values.yaml index 90c80130c7..84d0b4aa1b 100644 --- a/kubernetes/main/apps/kube-system/cilium/app/helm-values.yaml +++ b/kubernetes/main/apps/kube-system/cilium/app/helm-values.yaml @@ -60,17 +60,5 @@ securityContext: privileged: true capabilities: ciliumAgent: - [ - CHOWN, - KILL, - NET_ADMIN, - NET_RAW, - IPC_LOCK, - SYS_ADMIN, - SYS_RESOURCE, - DAC_OVERRIDE, - FOWNER, - SETGID, - SETUID - ] + [CHOWN, KILL, NET_ADMIN, NET_RAW, IPC_LOCK, SYS_ADMIN, SYS_RESOURCE, DAC_OVERRIDE, FOWNER, SETGID, SETUID] cleanCiliumState: [NET_ADMIN, SYS_ADMIN, SYS_RESOURCE] diff --git a/kubernetes/main/apps/media/lidarr/app/helm-release.yaml b/kubernetes/main/apps/media/lidarr/app/helm-release.yaml index 846713b894..6ce850c8e2 100644 --- a/kubernetes/main/apps/media/lidarr/app/helm-release.yaml +++ b/kubernetes/main/apps/media/lidarr/app/helm-release.yaml @@ -34,7 +34,7 @@ spec: runAsGroup: 2000 fsGroup: 2000 fsGroupChangePolicy: OnRootMismatch - seccompProfile: {type: RuntimeDefault} + seccompProfile: { type: RuntimeDefault } controllers: lidarr: annotations: @@ -79,7 +79,7 @@ spec: securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - capabilities: {drop: ["ALL"]} + capabilities: { drop: ["ALL"] } service: app: controller: lidarr diff --git a/kubernetes/main/apps/media/prowlarr/app/helm-release.yaml b/kubernetes/main/apps/media/prowlarr/app/helm-release.yaml index 940d49b51c..9c484b8b95 100644 --- a/kubernetes/main/apps/media/prowlarr/app/helm-release.yaml +++ b/kubernetes/main/apps/media/prowlarr/app/helm-release.yaml @@ -34,7 +34,7 @@ spec: runAsGroup: 2000 fsGroup: 2000 fsGroupChangePolicy: OnRootMismatch - seccompProfile: {type: RuntimeDefault} + seccompProfile: { type: RuntimeDefault } controllers: prowlarr: annotations: @@ -80,7 +80,7 @@ spec: securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - capabilities: {drop: ["ALL"]} + capabilities: { drop: ["ALL"] } service: app: controller: prowlarr diff --git a/kubernetes/main/apps/media/radarr-4k/app/helm-release.yaml b/kubernetes/main/apps/media/radarr-4k/app/helm-release.yaml index b3ebf53d58..d0afd1d184 100644 --- a/kubernetes/main/apps/media/radarr-4k/app/helm-release.yaml +++ b/kubernetes/main/apps/media/radarr-4k/app/helm-release.yaml @@ -92,7 +92,7 @@ spec: securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - capabilities: {drop: ["ALL"]} + capabilities: { drop: ["ALL"] } service: app: controller: radarr-4k diff --git a/kubernetes/main/apps/media/radarr/app/helm-release.yaml b/kubernetes/main/apps/media/radarr/app/helm-release.yaml index 97c69204c1..2f9d823503 100644 --- a/kubernetes/main/apps/media/radarr/app/helm-release.yaml +++ b/kubernetes/main/apps/media/radarr/app/helm-release.yaml @@ -92,7 +92,7 @@ spec: securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - capabilities: {drop: ["ALL"]} + capabilities: { drop: ["ALL"] } service: app: controller: radarr diff --git a/kubernetes/main/apps/media/sonarr/app/helm-release.yaml b/kubernetes/main/apps/media/sonarr/app/helm-release.yaml index 533c38a5d5..5a64fa8c4a 100644 --- a/kubernetes/main/apps/media/sonarr/app/helm-release.yaml +++ b/kubernetes/main/apps/media/sonarr/app/helm-release.yaml @@ -91,7 +91,7 @@ spec: securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - capabilities: {drop: ["ALL"]} + capabilities: { drop: ["ALL"] } service: app: controller: sonarr diff --git a/kubernetes/main/apps/observability/gatus/app/helm-release.yaml b/kubernetes/main/apps/observability/gatus/app/helm-release.yaml index d14dcda10a..4560e39c65 100644 --- a/kubernetes/main/apps/observability/gatus/app/helm-release.yaml +++ b/kubernetes/main/apps/observability/gatus/app/helm-release.yaml @@ -81,12 +81,12 @@ spec: securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - capabilities: {drop: ["ALL"]} + capabilities: { drop: ["ALL"] } resources: *resources pod: dnsConfig: options: - - {name: ndots, value: "1"} + - { name: ndots, value: "1" } securityContext: runAsUser: 2000 runAsGroup: 2000 diff --git a/kubernetes/main/apps/observability/kromgo/app/helm-release.yaml b/kubernetes/main/apps/observability/kromgo/app/helm-release.yaml index 016588ec65..6324c7083b 100644 --- a/kubernetes/main/apps/observability/kromgo/app/helm-release.yaml +++ b/kubernetes/main/apps/observability/kromgo/app/helm-release.yaml @@ -44,7 +44,7 @@ spec: securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - capabilities: {drop: ["ALL"]} + capabilities: { drop: ["ALL"] } resources: limits: &resources memory: 64Mi diff --git a/kubernetes/main/apps/observability/kromgo/app/resources/config.yaml b/kubernetes/main/apps/observability/kromgo/app/resources/config.yaml index 285c1883f0..04b8bb177a 100644 --- a/kubernetes/main/apps/observability/kromgo/app/resources/config.yaml +++ b/kubernetes/main/apps/observability/kromgo/app/resources/config.yaml @@ -18,42 +18,42 @@ metrics: title: CPU suffix: "%" colors: - - {color: "green", min: 0, max: 35} - - {color: "orange", min: 36, max: 75} - - {color: "red", min: 76, max: 9999} + - { color: "green", min: 0, max: 35 } + - { color: "orange", min: 36, max: 75 } + - { color: "red", min: 76, max: 9999 } - name: cluster_memory_usage query: round(sum(node_memory_MemTotal_bytes{kubernetes_node=~"k8s-[0-9]+"} - node_memory_MemAvailable_bytes{kubernetes_node=~"k8s-[0-9]+"}) / sum(node_memory_MemTotal_bytes{kubernetes_node=~"k8s-[0-9]+"}) * 100, 0.1) title: Memory suffix: "%" colors: - - {color: green, min: 0, max: 35} - - {color: orange, min: 36, max: 75} - - {color: red, min: 76, max: 9999} + - { color: green, min: 0, max: 35 } + - { color: orange, min: 36, max: 75 } + - { color: red, min: 76, max: 9999 } - name: cluster_power_usage query: round(unpoller_device_outlet_ac_power_consumption, 0.1) title: Power suffix: "w" colors: - - {color: "green", min: 0, max: 400} - - {color: "orange", min: 401, max: 750} - - {color: "red", min: 751, max: 9999} + - { color: "green", min: 0, max: 400 } + - { color: "orange", min: 401, max: 750 } + - { color: "red", min: 751, max: 9999 } - name: cluster_age_days query: round((time() - min(kube_node_created{node=~"k8s-[0-9]+"}) ) / 86400) title: Age suffix: "d" colors: - - {color: "green", min: 0, max: 180} - - {color: "orange", min: 181, max: 360} - - {color: "red", min: 361, max: 9999} + - { color: "green", min: 0, max: 180 } + - { color: "orange", min: 181, max: 360 } + - { color: "red", min: 361, max: 9999 } - name: cluster_uptime_days query: round(avg(node_time_seconds{kubernetes_node=~"k8s-[0-9]+"} - node_boot_time_seconds{kubernetes_node=~"k8s-[0-9]+"}) / 86400) title: Uptime suffix: "d" colors: - - {color: "green", min: 0, max: 180} - - {color: "orange", min: 181, max: 360} - - {color: "red", min: 361, max: 9999} + - { color: "green", min: 0, max: 180 } + - { color: "orange", min: 181, max: 360 } + - { color: "red", min: 361, max: 9999 } diff --git a/kubernetes/main/apps/observability/kube-prometheus-stack/app/alertmanager-config.yaml b/kubernetes/main/apps/observability/kube-prometheus-stack/app/alertmanager-config.yaml index 2240579733..e77deef271 100644 --- a/kubernetes/main/apps/observability/kube-prometheus-stack/app/alertmanager-config.yaml +++ b/kubernetes/main/apps/observability/kube-prometheus-stack/app/alertmanager-config.yaml @@ -13,16 +13,9 @@ spec: repeatInterval: 5m routes: - receiver: "null" - matchers: - [ - { - name: alertname, - value: InfoInhibitor|Watchdog|CPUThrottlingHigh, - matchType: =~ - } - ] + matchers: [{ name: alertname, value: InfoInhibitor|Watchdog|CPUThrottlingHigh, matchType: =~ }] - receiver: discord - matchers: [{name: severity, value: critical|warning, matchType: =~}] + matchers: [{ name: severity, value: critical|warning, matchType: =~ }] continue: true receivers: - name: "null" @@ -67,13 +60,13 @@ spec: {{- end }} {{- end }} inhibitRules: - - sourceMatch: [{name: severity, value: critical, matchType: =}] - targetMatch: [{name: severity, value: warning|info, matchType: =~}] + - sourceMatch: [{ name: severity, value: critical, matchType: = }] + targetMatch: [{ name: severity, value: warning|info, matchType: =~ }] equal: ["namespace", "alertname"] - - sourceMatch: [{name: severity, value: warning, matchType: =}] - targetMatch: [{name: severity, value: info, matchType: =}] + - sourceMatch: [{ name: severity, value: warning, matchType: = }] + targetMatch: [{ name: severity, value: info, matchType: = }] equal: ["namespace", "alertname"] - - sourceMatch: [{name: alertname, value: InfoInhibitor, matchType: =}] - targetMatch: [{name: severity, value: info, matchType: =}] + - sourceMatch: [{ name: alertname, value: InfoInhibitor, matchType: = }] + targetMatch: [{ name: severity, value: info, matchType: = }] equal: ["namespace"] - - targetMatch: [{name: alertname, value: InfoInhibitor, matchType: =}] + - targetMatch: [{ name: alertname, value: InfoInhibitor, matchType: = }] diff --git a/kubernetes/main/apps/observability/loki/app/service-monitor.yaml b/kubernetes/main/apps/observability/loki/app/service-monitor.yaml index 737ed5daae..b753d199b3 100644 --- a/kubernetes/main/apps/observability/loki/app/service-monitor.yaml +++ b/kubernetes/main/apps/observability/loki/app/service-monitor.yaml @@ -14,10 +14,10 @@ spec: - observability selector: matchExpressions: - - {key: app.kubernetes.io/component, operator: In, values: [read]} - - {key: app.kubernetes.io/instance, operator: In, values: [*app]} - - {key: app.kubernetes.io/name, operator: In, values: [*app]} - - {key: prometheus.io/service-monitor, operator: NotIn, values: ["false"]} + - { key: app.kubernetes.io/component, operator: In, values: [read] } + - { key: app.kubernetes.io/instance, operator: In, values: [*app] } + - { key: app.kubernetes.io/name, operator: In, values: [*app] } + - { key: prometheus.io/service-monitor, operator: NotIn, values: ["false"] } matchLabels: <<: *labels diff --git a/kubernetes/main/apps/observability/unifi-poller/app/helm-release.yaml b/kubernetes/main/apps/observability/unifi-poller/app/helm-release.yaml index 91b96cfd24..83eafdc559 100644 --- a/kubernetes/main/apps/observability/unifi-poller/app/helm-release.yaml +++ b/kubernetes/main/apps/observability/unifi-poller/app/helm-release.yaml @@ -32,7 +32,7 @@ spec: runAsNonRoot: true runAsUser: 65534 runAsGroup: 65534 - seccompProfile: {type: RuntimeDefault} + seccompProfile: { type: RuntimeDefault } controllers: unpoller: annotations: @@ -62,7 +62,7 @@ spec: securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - capabilities: {drop: ["ALL"]} + capabilities: { drop: ["ALL"] } resources: requests: cpu: 10m diff --git a/kubernetes/main/apps/security/onepassword-connect/app/onepassword-secrets.sops.yaml b/kubernetes/main/apps/security/onepassword-connect/app/onepassword-secrets.sops.yaml index d152c75c42..71fc883a29 100644 --- a/kubernetes/main/apps/security/onepassword-connect/app/onepassword-secrets.sops.yaml +++ b/kubernetes/main/apps/security/onepassword-connect/app/onepassword-secrets.sops.yaml @@ -1,37 +1,37 @@ apiVersion: v1 kind: Secret metadata: - name: onepassword-secrets - namespace: security + name: onepassword-secrets + namespace: security stringData: - 1password-credentials.json: ENC[AES256_GCM,data:w/enEBUKf6PMqakWmMFGGBFnnfB2BeKHtSP4ks5hHaYKKBOGjo9hNyWR6wGUnEQE4MBa0uKCXg8a8tFK61t/LEsEn1FDfzoO4VhY4sWlYw+CzZSyQ0INW5XKXQPw8itAC6KfY5d6gYtNvMZy5ufTAsCIiVdRtzkLkSwM4SCIAd+E15n5K2LfwFHdBLMpqMxCbEtPDuSUMYncZYrPWw+5vcoEf98Q/W0zvY1qBKcY+gfAJa3PSwUqkSMb4ipi5F2kaLW8oGoyUs6ErFphnw4zhjkVYhZDulPumscMkpstG1CDo2j+AsjUGO2qKQlAyPLbtTmzv46DbEYoGI0U7YNbC0qLbRoyYhw5iNWRm8Wi0hQ7HeV7zBfXKXBLS3zw/vbLPEJAFmzBkeWu64QheGBdVmiTBpbVog2SNjoFIOtoyfsOEqpUJ933IlkQo7niCe6rr6f986zJL0w5GvExOkM+tGxX4fB9lLSSqwVw/CQGX1txHxrMP7gyhfS0ahVj+RsK1VeJE2vVmca8iihWsOg3Xo/f1GtwN2Vv6ZY/6by+jFnne9tO3jzEqDr+NAl72OiyxjiCiXSSrn/uwebRSLzrBTUggZMF823NQE8qVTeYtMw7A5PDLWiYuBJCZvyYtH6TFCg9BXSIHIYevw35s1gJIDFQE1mD+84x3Po8AmU8ewEIb5eNxTZdjuhp5/Jq7CH4DzI0SkWXdPCRad/OdQy9bJOIjsYW2icvdBw08zICKWlSUyhX9hm/rtbXDYozp02IomGAFlQM9VU+IcIdU3/RlDDFevPd7/I10oPNHUMeu+OWp5TO4ENazePYFpLYkxb0PfBcr4OapvWi3GnsYdMAJnfCjKzAgwJiQaZzHcfmlZJ1k03dMuGU+GTyArBaOw70Ba/S0VyxHOyf/DXIcxXQOeM8z9y+VGdlj4yOBpZP7pQsElRyz8uaB6WYP3JF2B4fzDbqL6guZ/bBUl00rW8fsypdadnLgoHdSWer50vSp3IHM0UsHGqyrG8e6OlKoXyx7cl4V8syaW7eB+xxSf89aQM3NmccyweY31gD5tdm3/1zuWDU8pJpqTBbVwpPsI+qzbebsmRr2d1VEORkNVj7dOwRMVyR66LMZFRnI2Lvv6mMkSK66AbeaZCAorCVQfjjWhXQZLe4bu1zCc8wAXct1Jf9UgbJm0vDjOyQtlxM1axTVhxt9yL6CMaFTpqXWmRDOUSihnTIhSS1zR3h9TEQy/1M+52/OczzQgpc8quGWdOPrrWdTBtUGcD0n8RHD/MQeTVPTJihxsGjNi0CxuIxcZC0NTLZQe/rozM+NcmYFgRXLDAOXiB1DgXr8yCnb8WoK80NuMFMr1S8wdTJ1QqmHM8dF4bTJnuZZCgP0qS2ynuFvJXRE/3BPJHWUUZbx3dQu28gXe6RQzEm/l9skYi2nq9AD6r5DT8v3SRmgGrtuFddAVxB7kHHvM1FoR0rOeg2FzTucYtoaCcP5nVI0OfOuE3Rm+lQuH6j8iHKcNWTTKnSge3+Cl2rLe0194Vp5S7FHCIxAmszTYqErzjqN4wYgI/09o+jt3EYZjA36g6ZQphv3jfbNkC8XV/WjATOu4O+Za+u1QDjtKNFX30sZ3Ubj3o9maoVFstqG7agIseiEe+XGkPT/7oob6kynaAnuegYVRtMHeOnd/MEpiNSImSTZjlIUmT2lBpmaIWyjBrm6r2lhdYKiBQN6858/DVT6KInSmlJtTZdfXLokwivUIny6OtAgz1/LOfve/d+KQs+EZboubuMq+P2m5d1AXLRgNtCFQM3PoqdoSwTrXGCXGX9dO9WXveleaKMAe8VBtJOygGGPZY9lXn83wQ6VtrxMlnpTm1nJzbc/ggOJ4oqKZ1KX2RN8rK1xWJ8q3GClQBzQ1nI4+7zJhPMscB9Lesd7ejZFWCu28Ql7aioIThdvr+wOJ0WsvZAKNFRW+CoKwBvaw==,iv:8x5ilW8uEQtkIBpocDecR4CG90HpqgwS82l7QUE7Kyc=,tag:8IFipzdG0XW81jTN1k/qTw==,type:str] - token: ENC[AES256_GCM,data:PRXMGmcpMK2WsIuU9GkZQp8sSXOzxan8X6j5N1E3bbwKEufl6dhSQARSY49+i/QIZuW1PkoxYhYGryOh2OCiDkiE7OeQ7Mbr0ePJidS2WhRBc4wO2/GQ8+qBSTK8tuYaq+4RxFkZQJssbBVlMnB0B9Hcznkr7oaPxswHKCiAI6hrCnMoPKqgtvdiaTF15upAA5H+C7PsfOP7VrBHqWtjGU7GhxbHlODGrSP8/IWEdS6HmOYvXjdJP8jtgp+gKW5TYtWZ/zQbbgrIzK/l21w7ZcKcsqiamkA48eW3ozyCrjh6mfWECnkTUaYtgyztxbT4yTuCpsqUQYLW7dt8vJQA3FsM3DQdShFWoyVIXms59k9I943EC+gm/cVeMuYMI3P/Gc3pxqO24/vZnZ89SFGFGli3l9tqcB53ZIcH4wUfAeREW+Qz0Zjud85E8vv37WUc3Ysz5JH2EDpAGU+d7di7oRC+wdFGAAEOQHr8jD2YVad5nvBR1v4uE0swpPnfNLJP7F68GNY22XuDfPXByyWq2ieV++hD2vlzNEMntrmcwolCxoB2Rb1GdIfLhyk5iw0BZHDEySH2VJaolxA0qxgw7hRR35wEEje4YaMNPKxWaNe7EXIxEKQapL03kirX9omYtMX8uaX2TAmjTDWY+apqEuU6RaQcSmKhcOs2BSiR5SaTh1HwwVMCnYgRC/hRpe5H/oC5NLXaJEUKTGz1/tBc1aAc3yt/RICmNAf36zRvrYu68QCLM/TR0AvQQv2Dn7euZN5oHUZ2AYeeJHS+K2kru8ZTNeV6nxPxREKyU3nM+ayeycDSypyPDJr8tB3sFP9iWWGSkqZ4kk/4YDBwW44Mz96nIQ==,iv:VPOBZp0b0pXmTp5c2cy3faEpC+XRLxqt3hngoi9dpzg=,tag:um0aguNLypAQIBjjhxg3Vg==,type:str] + 1password-credentials.json: ENC[AES256_GCM,data:w/enEBUKf6PMqakWmMFGGBFnnfB2BeKHtSP4ks5hHaYKKBOGjo9hNyWR6wGUnEQE4MBa0uKCXg8a8tFK61t/LEsEn1FDfzoO4VhY4sWlYw+CzZSyQ0INW5XKXQPw8itAC6KfY5d6gYtNvMZy5ufTAsCIiVdRtzkLkSwM4SCIAd+E15n5K2LfwFHdBLMpqMxCbEtPDuSUMYncZYrPWw+5vcoEf98Q/W0zvY1qBKcY+gfAJa3PSwUqkSMb4ipi5F2kaLW8oGoyUs6ErFphnw4zhjkVYhZDulPumscMkpstG1CDo2j+AsjUGO2qKQlAyPLbtTmzv46DbEYoGI0U7YNbC0qLbRoyYhw5iNWRm8Wi0hQ7HeV7zBfXKXBLS3zw/vbLPEJAFmzBkeWu64QheGBdVmiTBpbVog2SNjoFIOtoyfsOEqpUJ933IlkQo7niCe6rr6f986zJL0w5GvExOkM+tGxX4fB9lLSSqwVw/CQGX1txHxrMP7gyhfS0ahVj+RsK1VeJE2vVmca8iihWsOg3Xo/f1GtwN2Vv6ZY/6by+jFnne9tO3jzEqDr+NAl72OiyxjiCiXSSrn/uwebRSLzrBTUggZMF823NQE8qVTeYtMw7A5PDLWiYuBJCZvyYtH6TFCg9BXSIHIYevw35s1gJIDFQE1mD+84x3Po8AmU8ewEIb5eNxTZdjuhp5/Jq7CH4DzI0SkWXdPCRad/OdQy9bJOIjsYW2icvdBw08zICKWlSUyhX9hm/rtbXDYozp02IomGAFlQM9VU+IcIdU3/RlDDFevPd7/I10oPNHUMeu+OWp5TO4ENazePYFpLYkxb0PfBcr4OapvWi3GnsYdMAJnfCjKzAgwJiQaZzHcfmlZJ1k03dMuGU+GTyArBaOw70Ba/S0VyxHOyf/DXIcxXQOeM8z9y+VGdlj4yOBpZP7pQsElRyz8uaB6WYP3JF2B4fzDbqL6guZ/bBUl00rW8fsypdadnLgoHdSWer50vSp3IHM0UsHGqyrG8e6OlKoXyx7cl4V8syaW7eB+xxSf89aQM3NmccyweY31gD5tdm3/1zuWDU8pJpqTBbVwpPsI+qzbebsmRr2d1VEORkNVj7dOwRMVyR66LMZFRnI2Lvv6mMkSK66AbeaZCAorCVQfjjWhXQZLe4bu1zCc8wAXct1Jf9UgbJm0vDjOyQtlxM1axTVhxt9yL6CMaFTpqXWmRDOUSihnTIhSS1zR3h9TEQy/1M+52/OczzQgpc8quGWdOPrrWdTBtUGcD0n8RHD/MQeTVPTJihxsGjNi0CxuIxcZC0NTLZQe/rozM+NcmYFgRXLDAOXiB1DgXr8yCnb8WoK80NuMFMr1S8wdTJ1QqmHM8dF4bTJnuZZCgP0qS2ynuFvJXRE/3BPJHWUUZbx3dQu28gXe6RQzEm/l9skYi2nq9AD6r5DT8v3SRmgGrtuFddAVxB7kHHvM1FoR0rOeg2FzTucYtoaCcP5nVI0OfOuE3Rm+lQuH6j8iHKcNWTTKnSge3+Cl2rLe0194Vp5S7FHCIxAmszTYqErzjqN4wYgI/09o+jt3EYZjA36g6ZQphv3jfbNkC8XV/WjATOu4O+Za+u1QDjtKNFX30sZ3Ubj3o9maoVFstqG7agIseiEe+XGkPT/7oob6kynaAnuegYVRtMHeOnd/MEpiNSImSTZjlIUmT2lBpmaIWyjBrm6r2lhdYKiBQN6858/DVT6KInSmlJtTZdfXLokwivUIny6OtAgz1/LOfve/d+KQs+EZboubuMq+P2m5d1AXLRgNtCFQM3PoqdoSwTrXGCXGX9dO9WXveleaKMAe8VBtJOygGGPZY9lXn83wQ6VtrxMlnpTm1nJzbc/ggOJ4oqKZ1KX2RN8rK1xWJ8q3GClQBzQ1nI4+7zJhPMscB9Lesd7ejZFWCu28Ql7aioIThdvr+wOJ0WsvZAKNFRW+CoKwBvaw==,iv:8x5ilW8uEQtkIBpocDecR4CG90HpqgwS82l7QUE7Kyc=,tag:8IFipzdG0XW81jTN1k/qTw==,type:str] + token: ENC[AES256_GCM,data:PRXMGmcpMK2WsIuU9GkZQp8sSXOzxan8X6j5N1E3bbwKEufl6dhSQARSY49+i/QIZuW1PkoxYhYGryOh2OCiDkiE7OeQ7Mbr0ePJidS2WhRBc4wO2/GQ8+qBSTK8tuYaq+4RxFkZQJssbBVlMnB0B9Hcznkr7oaPxswHKCiAI6hrCnMoPKqgtvdiaTF15upAA5H+C7PsfOP7VrBHqWtjGU7GhxbHlODGrSP8/IWEdS6HmOYvXjdJP8jtgp+gKW5TYtWZ/zQbbgrIzK/l21w7ZcKcsqiamkA48eW3ozyCrjh6mfWECnkTUaYtgyztxbT4yTuCpsqUQYLW7dt8vJQA3FsM3DQdShFWoyVIXms59k9I943EC+gm/cVeMuYMI3P/Gc3pxqO24/vZnZ89SFGFGli3l9tqcB53ZIcH4wUfAeREW+Qz0Zjud85E8vv37WUc3Ysz5JH2EDpAGU+d7di7oRC+wdFGAAEOQHr8jD2YVad5nvBR1v4uE0swpPnfNLJP7F68GNY22XuDfPXByyWq2ieV++hD2vlzNEMntrmcwolCxoB2Rb1GdIfLhyk5iw0BZHDEySH2VJaolxA0qxgw7hRR35wEEje4YaMNPKxWaNe7EXIxEKQapL03kirX9omYtMX8uaX2TAmjTDWY+apqEuU6RaQcSmKhcOs2BSiR5SaTh1HwwVMCnYgRC/hRpe5H/oC5NLXaJEUKTGz1/tBc1aAc3yt/RICmNAf36zRvrYu68QCLM/TR0AvQQv2Dn7euZN5oHUZ2AYeeJHS+K2kru8ZTNeV6nxPxREKyU3nM+ayeycDSypyPDJr8tB3sFP9iWWGSkqZ4kk/4YDBwW44Mz96nIQ==,iv:VPOBZp0b0pXmTp5c2cy3faEpC+XRLxqt3hngoi9dpzg=,tag:um0aguNLypAQIBjjhxg3Vg==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWcDNmaC9Ha1N1NGJocm4r - a3pBclVRcXhyYzBjaXBkKzczZnFZSko1M1NFCm4ycjRnMUloVEFYdlFhR2dsb1F5 - Slpud2dsRGpDQk5NWGZ4Y2VoZytpcWcKLS0tIFZmOHpEWUZQWUVpWk9JL0ZKcjRl - Y1NWOVY3MTBNa3NQUFE0OWhCdGh2TkUK2eIPguW+UGSL9vkXq5gF83/GA+Z9Z38F - ebSCTQNw2nYLTf9JDStOa4BKWmJqv4eU4VnHXfMz4NlkG6YXyqRj4w== - -----END AGE ENCRYPTED FILE----- - - recipient: age1pwxsukhcw4j3x0q7x74e5suwmn48qs56ewlz9t2ndftg3mh36ftqfwcn8p - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaME1OM2RPR3JoWlpQcElW - Q093L1hPWXhwbU1uTFluRkw0R0NqWFlxZFd3Clhad0tUUkIrc3VRdUdlQTA3N3VH - M1JBWnZYVXRnYzdWRTlyWjd3OUw1WjQKLS0tIExDTC9RdG03eVYxWjhzcENKY05x - bTFmM0RJajludUx2Z1pWZjRuV3ZJeGcKaX39aMsTYxpAiEKiu+4thY8nVBWsCsXN - dPuuH4K382wW8mDcYkNHNONMXy+ZUfTCPlrK/9Uabn/urTWIrJ2gwQ== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-12-20T12:39:06Z" - mac: ENC[AES256_GCM,data:hntitjG99Es0S/6bOzhvSqqJ+Eb1aiY7WDf1Ige+nefjWwOvIg7W45brEj18lZztjGsjwijccg4fssb9QRZgEbRteunNgDMT5+LEWG8G4uonzWzxPQYZ715Pp2uNIREDQvSK+xjqGaO+Y5+zsYDiOV4VOsZVhPQjfxKtKNsyYKw=,iv:zGE4q4HZYdCDhZgxrA714smPNJp3HxrdAIeyOGWxON4=,tag:gUFUJekzBX6eULnjqtCAVA==,type:str] - pgp: [] - encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) - version: 3.9.2 + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWcDNmaC9Ha1N1NGJocm4r + a3pBclVRcXhyYzBjaXBkKzczZnFZSko1M1NFCm4ycjRnMUloVEFYdlFhR2dsb1F5 + Slpud2dsRGpDQk5NWGZ4Y2VoZytpcWcKLS0tIFZmOHpEWUZQWUVpWk9JL0ZKcjRl + Y1NWOVY3MTBNa3NQUFE0OWhCdGh2TkUK2eIPguW+UGSL9vkXq5gF83/GA+Z9Z38F + ebSCTQNw2nYLTf9JDStOa4BKWmJqv4eU4VnHXfMz4NlkG6YXyqRj4w== + -----END AGE ENCRYPTED FILE----- + - recipient: age1pwxsukhcw4j3x0q7x74e5suwmn48qs56ewlz9t2ndftg3mh36ftqfwcn8p + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaME1OM2RPR3JoWlpQcElW + Q093L1hPWXhwbU1uTFluRkw0R0NqWFlxZFd3Clhad0tUUkIrc3VRdUdlQTA3N3VH + M1JBWnZYVXRnYzdWRTlyWjd3OUw1WjQKLS0tIExDTC9RdG03eVYxWjhzcENKY05x + bTFmM0RJajludUx2Z1pWZjRuV3ZJeGcKaX39aMsTYxpAiEKiu+4thY8nVBWsCsXN + dPuuH4K382wW8mDcYkNHNONMXy+ZUfTCPlrK/9Uabn/urTWIrJ2gwQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-12-20T12:39:06Z" + mac: ENC[AES256_GCM,data:hntitjG99Es0S/6bOzhvSqqJ+Eb1aiY7WDf1Ige+nefjWwOvIg7W45brEj18lZztjGsjwijccg4fssb9QRZgEbRteunNgDMT5+LEWG8G4uonzWzxPQYZ715Pp2uNIREDQvSK+xjqGaO+Y5+zsYDiOV4VOsZVhPQjfxKtKNsyYKw=,iv:zGE4q4HZYdCDhZgxrA714smPNJp3HxrdAIeyOGWxON4=,tag:gUFUJekzBX6eULnjqtCAVA==,type:str] + pgp: [] + encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) + version: 3.9.2 diff --git a/kubernetes/main/apps/self-hosted/changedetection/app/helm-release.yaml b/kubernetes/main/apps/self-hosted/changedetection/app/helm-release.yaml index 15b9f98f84..0682b3b6bd 100644 --- a/kubernetes/main/apps/self-hosted/changedetection/app/helm-release.yaml +++ b/kubernetes/main/apps/self-hosted/changedetection/app/helm-release.yaml @@ -44,16 +44,16 @@ spec: tag: latest@sha256:57d19e414d9fe4ae9d2ab12ba768c97f38d51246c5b31af55a009205c136012f pullPolicy: IfNotPresent env: - - {name: SCREEN_WIDTH, value: "1920"} - - {name: SCREEN_HEIGHT, value: "1024"} - - {name: SCREEN_DEPTH, value: "16"} - - {name: ENABLE_DEBUGGER, value: "false"} - - {name: PREBOOT_CHROME, value: "true"} - - {name: CONNECTION_TIMEOUT, value: "300000"} - - {name: MAX_CONCURRENT_SESSIONS, value: "10"} - - {name: CHROME_REFRESH_TIME, value: "600000"} - - {name: DEFAULT_BLOCK_ADS, value: "true"} - - {name: DEFAULT_STEALTH, value: "true"} + - { name: SCREEN_WIDTH, value: "1920" } + - { name: SCREEN_HEIGHT, value: "1024" } + - { name: SCREEN_DEPTH, value: "16" } + - { name: ENABLE_DEBUGGER, value: "false" } + - { name: PREBOOT_CHROME, value: "true" } + - { name: CONNECTION_TIMEOUT, value: "300000" } + - { name: MAX_CONCURRENT_SESSIONS, value: "10" } + - { name: CHROME_REFRESH_TIME, value: "600000" } + - { name: DEFAULT_BLOCK_ADS, value: "true" } + - { name: DEFAULT_STEALTH, value: "true" } service: main: controller: main diff --git a/kubernetes/main/apps/self-hosted/dashy/app/helm-release.yaml b/kubernetes/main/apps/self-hosted/dashy/app/helm-release.yaml index fcb1b2d0fd..d7f4a7cdd1 100644 --- a/kubernetes/main/apps/self-hosted/dashy/app/helm-release.yaml +++ b/kubernetes/main/apps/self-hosted/dashy/app/helm-release.yaml @@ -46,14 +46,20 @@ spec: tag: 4.96.2@sha256:6b8c0e944caec80057e71d2c2f352cee38fe00ae4b7515fc4458eb300844f699 securityContext: runAsUser: 0 - args: [ - "--auth", "none", - "--disable-telemetry", "--disable-update-check", - "--user-data-dir", "/tmp/.vscode", - "--extensions-dir", "/tmp/.vs1ode", - "--port", "8081", - "/config" - ] + args: + [ + "--auth", + "none", + "--disable-telemetry", + "--disable-update-check", + "--user-data-dir", + "/tmp/.vscode", + "--extensions-dir", + "/tmp/.vs1ode", + "--port", + "8081", + "/config" + ] service: main: controller: main diff --git a/kubernetes/main/apps/system/node-feature-discovery/rules/google-coral-device.yaml b/kubernetes/main/apps/system/node-feature-discovery/rules/google-coral-device.yaml index 31599e0aec..b968368b85 100644 --- a/kubernetes/main/apps/system/node-feature-discovery/rules/google-coral-device.yaml +++ b/kubernetes/main/apps/system/node-feature-discovery/rules/google-coral-device.yaml @@ -13,4 +13,4 @@ spec: matchFeatures: - feature: usb.device matchExpressions: - vendor: {op: In, value: ["1a6e", "18d1"]} + vendor: { op: In, value: ["1a6e", "18d1"] } diff --git a/kubernetes/main/apps/system/node-feature-discovery/rules/intel-gpu-plugin.yaml b/kubernetes/main/apps/system/node-feature-discovery/rules/intel-gpu-plugin.yaml index 31921d2d86..40d7a8e378 100644 --- a/kubernetes/main/apps/system/node-feature-discovery/rules/intel-gpu-plugin.yaml +++ b/kubernetes/main/apps/system/node-feature-discovery/rules/intel-gpu-plugin.yaml @@ -12,5 +12,5 @@ spec: matchFeatures: - feature: pci.device matchExpressions: - class: {op: In, value: ["0300", "0380"]} - vendor: {op: In, value: ["8086"]} + class: { op: In, value: ["0300", "0380"] } + vendor: { op: In, value: ["8086"] } diff --git a/kubernetes/main/bootstrap/age-key.sops.yaml b/kubernetes/main/bootstrap/age-key.sops.yaml index 6f8ad1ecdc..8dca5829d3 100644 --- a/kubernetes/main/bootstrap/age-key.sops.yaml +++ b/kubernetes/main/bootstrap/age-key.sops.yaml @@ -1,36 +1,36 @@ apiVersion: v1 data: - age.agekey: ENC[AES256_GCM,data:I3Ti6exnqjkbTDXLpPMIBZuB1GxMWOx9v5dbgMd1r+FIXMf9Xkr8ldG+IYp0+Kbaje7RuhakvLx5H2B6fKuLEXjDDqYqePXQit6fihxOEsDsYQPrImDJ4QfxLfMlWByW5NEc4vhFhToMOb6WnRBi+FfGdBlvylC9rBfu6kxy4BSqdUGZ1lfJ3WIfCyX2OwF6UUwBZaOrAxlMjClU9F4kwElbNbc88p72W6VgAXbjQZQGSbQxx1rF5ODk6zzUvNILZtE5iXPGZFIwGfnCdnC085SwDdeuBNmtiXK7VvKIq4832JUy3AzeN/cC4BSdD7BKZLkhJQG3Gm8eTVHe,iv:ZMPf8ZgrqobRusZA8aKyatOogWv5hiyOdB026kdxja0=,tag:SsgDaU3NSl0qDj9hudjzug==,type:str] + age.agekey: ENC[AES256_GCM,data:I3Ti6exnqjkbTDXLpPMIBZuB1GxMWOx9v5dbgMd1r+FIXMf9Xkr8ldG+IYp0+Kbaje7RuhakvLx5H2B6fKuLEXjDDqYqePXQit6fihxOEsDsYQPrImDJ4QfxLfMlWByW5NEc4vhFhToMOb6WnRBi+FfGdBlvylC9rBfu6kxy4BSqdUGZ1lfJ3WIfCyX2OwF6UUwBZaOrAxlMjClU9F4kwElbNbc88p72W6VgAXbjQZQGSbQxx1rF5ODk6zzUvNILZtE5iXPGZFIwGfnCdnC085SwDdeuBNmtiXK7VvKIq4832JUy3AzeN/cC4BSdD7BKZLkhJQG3Gm8eTVHe,iv:ZMPf8ZgrqobRusZA8aKyatOogWv5hiyOdB026kdxja0=,tag:SsgDaU3NSl0qDj9hudjzug==,type:str] kind: Secret metadata: - name: sops-age - namespace: flux-system + name: sops-age + namespace: flux-system sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0aUJYaVBBU1dybU04N3JQ - VnM1Nk5VMWZaVVd0NjFLeHRwczI1SzNqRVFBCmNrRThaVW1saENSUEFKTHlIS2Nq - WlNMNGxOUEJ4WVNWRUxmemFiQVBUSDgKLS0tIGo0S3R4c1U4d0lPNmRoL3pjKzdj - M0xDZXR5OXAyeS9aUEtOWFVHdlhoMTQKVWfTRl/sGIwuKJGPz6xni2ajUA+LbotZ - uWexuhP0fcVb65QgvjvV3TCiBdw1gpPtSxfzz/UzqjiEX71XTu75SA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1pwxsukhcw4j3x0q7x74e5suwmn48qs56ewlz9t2ndftg3mh36ftqfwcn8p - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlQkx4cDBnWE9INk8yemhK - dUQ5MmhLUGJNTmpoelh0bGEvVkxkQkR4Ym5VCnA1dmtCajF0Nll6N3I2TE1Xc0xl - cE10MXZ3TnE0MXpmbklWMHBIanNtSmsKLS0tIFhxK2NjUWEvcklOLzM3T0V4WmJG - WEMrVEZNMWhaYUhHQWdvR1FhZTYrYlkK450EBhNvkesfZqY7HRXWZbA3/KRmxcqA - j6wkeG5W/rjCb5ytG9tWJTtnfffioBoW4iopHKLLICaZG7sIeIWbyg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-12-27T14:55:29Z" - mac: ENC[AES256_GCM,data:G4+APZg5zElpq6pzMwoOlN+jNn2/szE4g3zc1QBD8e13ICOSd+0I0cIytSe/RNnMAVC8n9ch5NsbCSUGrw4frMNV9BB8VmdTRDWRCzv8LhhA5fjSUlZsAMoyPR8Hfvo0y8VqCWOMH5Cv+vBX+R4RHFeW7C0KmLq5ZIwze8pyj4U=,iv:xoocCz01pbgm2tDp7HzKLfto6rxPTJA+e4HUJOmJ8pA=,tag:PAISeb1ajqitXwpi3EayyQ==,type:str] - pgp: [] - encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) - version: 3.8.1 + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0aUJYaVBBU1dybU04N3JQ + VnM1Nk5VMWZaVVd0NjFLeHRwczI1SzNqRVFBCmNrRThaVW1saENSUEFKTHlIS2Nq + WlNMNGxOUEJ4WVNWRUxmemFiQVBUSDgKLS0tIGo0S3R4c1U4d0lPNmRoL3pjKzdj + M0xDZXR5OXAyeS9aUEtOWFVHdlhoMTQKVWfTRl/sGIwuKJGPz6xni2ajUA+LbotZ + uWexuhP0fcVb65QgvjvV3TCiBdw1gpPtSxfzz/UzqjiEX71XTu75SA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1pwxsukhcw4j3x0q7x74e5suwmn48qs56ewlz9t2ndftg3mh36ftqfwcn8p + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlQkx4cDBnWE9INk8yemhK + dUQ5MmhLUGJNTmpoelh0bGEvVkxkQkR4Ym5VCnA1dmtCajF0Nll6N3I2TE1Xc0xl + cE10MXZ3TnE0MXpmbklWMHBIanNtSmsKLS0tIFhxK2NjUWEvcklOLzM3T0V4WmJG + WEMrVEZNMWhaYUhHQWdvR1FhZTYrYlkK450EBhNvkesfZqY7HRXWZbA3/KRmxcqA + j6wkeG5W/rjCb5ytG9tWJTtnfffioBoW4iopHKLLICaZG7sIeIWbyg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2023-12-27T14:55:29Z" + mac: ENC[AES256_GCM,data:G4+APZg5zElpq6pzMwoOlN+jNn2/szE4g3zc1QBD8e13ICOSd+0I0cIytSe/RNnMAVC8n9ch5NsbCSUGrw4frMNV9BB8VmdTRDWRCzv8LhhA5fjSUlZsAMoyPR8Hfvo0y8VqCWOMH5Cv+vBX+R4RHFeW7C0KmLq5ZIwze8pyj4U=,iv:xoocCz01pbgm2tDp7HzKLfto6rxPTJA+e4HUJOmJ8pA=,tag:PAISeb1ajqitXwpi3EayyQ==,type:str] + pgp: [] + encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) + version: 3.8.1 diff --git a/kubernetes/main/bootstrap/talos/apps/helmfile.yaml b/kubernetes/main/bootstrap/talos/apps/helmfile.yaml index 2b0555571e..8e17d89b9a 100644 --- a/kubernetes/main/bootstrap/talos/apps/helmfile.yaml +++ b/kubernetes/main/bootstrap/talos/apps/helmfile.yaml @@ -33,8 +33,7 @@ releases: namespace: kube-system chart: postfinance/kubelet-csr-approver version: 1.2.5 - values: - ["../../../apps/kube-system/kubelet-csr-approver/app/helm-values.yaml"] + values: ["../../../apps/kube-system/kubelet-csr-approver/app/helm-values.yaml"] needs: - observability/prometheus-operator-crds - kube-system/cilium diff --git a/kubernetes/main/bootstrap/talos/talenv.sops.yaml b/kubernetes/main/bootstrap/talos/talenv.sops.yaml index 575e4e6d34..7dafe842bb 100644 --- a/kubernetes/main/bootstrap/talos/talenv.sops.yaml +++ b/kubernetes/main/bootstrap/talos/talenv.sops.yaml @@ -4,31 +4,31 @@ clusterServiceNets: 10.200.0.0/16 clusterPodNets: 10.201.0.0/16 vectorAggregatorIP: 10.11.1.4 sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxRnJVMTc5dUM0S2o4TE5r - NExIL0Q1SlBJWmtBN3NtU0NCOGlDODUxL0g4CmN0S1ViOGUxZWUrRnNsZFpkZXFY - dXRjaUMwckxLMlNySlFyRkVrN3Vsd00KLS0tIHNHRUZSQjRPR3VtSVpVVWtSekNQ - Uk5ESVR6UFRDeVp4MW9SbXFvTUQ0dGMKU3XsA+jMDGVLz+OSR8WU/zXwBE+t28oV - zMsalXPJQuu8CGzSK/Xa0YaPn8JKiB6ggLZE+JLPlqAiVK65H52EqQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1pwxsukhcw4j3x0q7x74e5suwmn48qs56ewlz9t2ndftg3mh36ftqfwcn8p - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5L0Z1ZzhDNkFKS0RsUWdV - MGxKRE4wQzBUUlBEYzJtbEluNDJrMzcxM2xFCktiWmpGbnhaQWkyclpjTzgybm5C - Tjl5WWRaQ2NBbzlZbXBPOStmZTZHRGMKLS0tIHMyMWM5b01ic1RoOGFhVnVpMWFu - UTF5S3ZMQ2k5QnhqdWxMOElwRG8yUXMKLn1vqmpISgomgwzYd/QeDYuecTdftxGl - OBqbD8l1tysKhr27tBVvww+tDXB6dnvi8vJnM+T/FF/4/2UJ74f1Ew== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-04-27T12:25:26Z" - mac: ENC[AES256_GCM,data:ezuHGTkRFjNfvUw1CpwE47J1Nin3FiwKfaqcsN/KML7VvKbqdxcYuBDGxg3JQCsNr+6kc9H6lvzLPEmoA9hpNRt0cB6kZv3/dpYy5RPJFuoQLXB8mFSHrh/lwkkSoqVKUvza79gKBItb+WdvKvtY2ovCSW9EZPog1VZIl82C50U=,iv:hfxvZxx0rIRf/Ig6xGqSX5s1lKjU0hCX9aRhLXh+nu0=,tag:4TjlSzNBuRsG3wa/FLNWpg==,type:str] - pgp: [] - encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) - version: 3.8.1 + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxRnJVMTc5dUM0S2o4TE5r + NExIL0Q1SlBJWmtBN3NtU0NCOGlDODUxL0g4CmN0S1ViOGUxZWUrRnNsZFpkZXFY + dXRjaUMwckxLMlNySlFyRkVrN3Vsd00KLS0tIHNHRUZSQjRPR3VtSVpVVWtSekNQ + Uk5ESVR6UFRDeVp4MW9SbXFvTUQ0dGMKU3XsA+jMDGVLz+OSR8WU/zXwBE+t28oV + zMsalXPJQuu8CGzSK/Xa0YaPn8JKiB6ggLZE+JLPlqAiVK65H52EqQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1pwxsukhcw4j3x0q7x74e5suwmn48qs56ewlz9t2ndftg3mh36ftqfwcn8p + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5L0Z1ZzhDNkFKS0RsUWdV + MGxKRE4wQzBUUlBEYzJtbEluNDJrMzcxM2xFCktiWmpGbnhaQWkyclpjTzgybm5C + Tjl5WWRaQ2NBbzlZbXBPOStmZTZHRGMKLS0tIHMyMWM5b01ic1RoOGFhVnVpMWFu + UTF5S3ZMQ2k5QnhqdWxMOElwRG8yUXMKLn1vqmpISgomgwzYd/QeDYuecTdftxGl + OBqbD8l1tysKhr27tBVvww+tDXB6dnvi8vJnM+T/FF/4/2UJ74f1Ew== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-04-27T12:25:26Z" + mac: ENC[AES256_GCM,data:ezuHGTkRFjNfvUw1CpwE47J1Nin3FiwKfaqcsN/KML7VvKbqdxcYuBDGxg3JQCsNr+6kc9H6lvzLPEmoA9hpNRt0cB6kZv3/dpYy5RPJFuoQLXB8mFSHrh/lwkkSoqVKUvza79gKBItb+WdvKvtY2ovCSW9EZPog1VZIl82C50U=,iv:hfxvZxx0rIRf/Ig6xGqSX5s1lKjU0hCX9aRhLXh+nu0=,tag:4TjlSzNBuRsG3wa/FLNWpg==,type:str] + pgp: [] + encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) + version: 3.8.1 diff --git a/kubernetes/main/bootstrap/talos/talsecret.sops.yaml b/kubernetes/main/bootstrap/talos/talsecret.sops.yaml index f51588b90c..516df997b5 100644 --- a/kubernetes/main/bootstrap/talos/talsecret.sops.yaml +++ b/kubernetes/main/bootstrap/talos/talsecret.sops.yaml @@ -1,52 +1,52 @@ cluster: - id: WsBCcOBdUMtqC3-WCpSh8YnhcxyTnCpwP-LKEnSrJeE= - secret: ENC[AES256_GCM,data:9Ldko0w4jmam04nRpjnxFGnvnmY2YRblzJzNn3hPfLOsqaxAgez3TesumNU=,iv:zvcFGnbuII7Wp61BKF1IPRmO0l3SJiOCIwcKX7ZcMMA=,tag:xbxvEpABJ9FUycgA38zjkw==,type:str] + id: WsBCcOBdUMtqC3-WCpSh8YnhcxyTnCpwP-LKEnSrJeE= + secret: ENC[AES256_GCM,data:9Ldko0w4jmam04nRpjnxFGnvnmY2YRblzJzNn3hPfLOsqaxAgez3TesumNU=,iv:zvcFGnbuII7Wp61BKF1IPRmO0l3SJiOCIwcKX7ZcMMA=,tag:xbxvEpABJ9FUycgA38zjkw==,type:str] secrets: - bootstraptoken: ENC[AES256_GCM,data:GI9JGs2SXnODxYMdTnE5gkT25gfUj58=,iv:RZj9O8J9s/zRbGybX7TnTwJ2Kf67lWJMOiweS7D0NIo=,tag:jC5hJv4CnK18GH1rWmydVw==,type:str] - secretboxencryptionsecret: ENC[AES256_GCM,data:zKbILE0wjU0Unab5pKDZBeORO778Apa0aKUNdAB3XFKWa8zaoD1M7YVMps0=,iv:SNVMeDshiPdlw+JilBILVdp+MxL4gyw0AtAKTFXMPdg=,tag:U/EP68Ogxnw2n8lbYp5GWg==,type:str] + bootstraptoken: ENC[AES256_GCM,data:GI9JGs2SXnODxYMdTnE5gkT25gfUj58=,iv:RZj9O8J9s/zRbGybX7TnTwJ2Kf67lWJMOiweS7D0NIo=,tag:jC5hJv4CnK18GH1rWmydVw==,type:str] + secretboxencryptionsecret: ENC[AES256_GCM,data:zKbILE0wjU0Unab5pKDZBeORO778Apa0aKUNdAB3XFKWa8zaoD1M7YVMps0=,iv:SNVMeDshiPdlw+JilBILVdp+MxL4gyw0AtAKTFXMPdg=,tag:U/EP68Ogxnw2n8lbYp5GWg==,type:str] trustdinfo: - token: ENC[AES256_GCM,data:8rnW8+TM0YZilRhEG7xCFpgQDkk0CEc=,iv:avVWdAjh2NIXNNLNWfPGYhGBepRjUBgT0yonWF198qg=,tag:s62sP0xsY7lCY30EqyjKXQ==,type:str] + token: ENC[AES256_GCM,data:8rnW8+TM0YZilRhEG7xCFpgQDkk0CEc=,iv:avVWdAjh2NIXNNLNWfPGYhGBepRjUBgT0yonWF198qg=,tag:s62sP0xsY7lCY30EqyjKXQ==,type:str] certs: - etcd: - crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJmakNDQVNPZ0F3SUJBZ0lRZWNjUG16TG9NaTlRTWtCMmI3bjdZVEFLQmdncWhrak9QUVFEQWpBUE1RMHcKQ3dZRFZRUUtFd1JsZEdOa01CNFhEVEkwTURVeE1ERTBORFl4TmxvWERUTTBNRFV3T0RFME5EWXhObG93RHpFTgpNQXNHQTFVRUNoTUVaWFJqWkRCWk1CTUdCeXFHU000OUFnRUdDQ3FHU000OUF3RUhBMElBQk5vWXpvZVpwUmNQClNMaCtqU3JPVERYcUNyZ2cza0c3RVlhcTR6SDFOZms3VHVmL2NyRFZSYVc3SXBtZ1haUUZGU3lWV1UyRmtVdFAKTmJEQnpoWjJIeEtqWVRCZk1BNEdBMVVkRHdFQi93UUVBd0lDaERBZEJnTlZIU1VFRmpBVUJnZ3JCZ0VGQlFjRApBUVlJS3dZQkJRVUhBd0l3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFkQmdOVkhRNEVGZ1FVTWVRKzZlc3JDMlQ5CjV5NGY2ZjVXYlFwaFV6OHdDZ1lJS29aSXpqMEVBd0lEU1FBd1JnSWhBTUFzMm1iTzBXWHdkbm1NbjJhM3NEMTcKczBIcUN5SjdVUkNiSkh2R3oyWFZBaUVBdWRxc25ycGlYWktlakdaZkNTdk1ONTgrMVhlUVBHUmtyZUNsYkJRRwo4V009Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K - key: ENC[AES256_GCM,data:Kzhdys7DkjI1v84vtviJgnr+6USd2UcLYAEfHKzg1oCwftq+lMZmzDOmpgDiXZ15vFu3M0fis++0D79Rvjv/fe4dqav5vO1rbwT+D2JW3bKgb7tW/kWggRf4bWoi6nnmMvIyMY6eH7VQIEV8hxXioHrU+GZQqY9DnyKkccIJGhs1mVbFEdIGTHv3asCYd3GAc4/8yx6GVSwKFC0VMUiukEsFLSyTBRWUDsIqy8AWKrKS5GLyTE5/y2tt0ajs5PqV7M/XQpElFGB/GW3b4Rjm7tDEjnfSgdT2QNBRXjfvkyLiWP0D0S+xB4YT1x18wzXEJNzQcJcBrJTgqeTZ9Xm7hhknKH+LQWJDfKUwbErWgixhAaGLwGO6G/NnLPHvOVJY/309AoeSe02lFmcz1QZEng==,iv:dreMVMd8eVKlDK3FCph16YI2I+3K4YUqqDmalQZ3UZA=,tag:Q2C0kPMR5Rk+nnPCpUO1bw==,type:str] - k8s: - crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJpVENDQVMrZ0F3SUJBZ0lRRDB6QzNWdVlnNTZrZzdDT3VibnZjekFLQmdncWhrak9QUVFEQWpBVk1STXcKRVFZRFZRUUtFd3ByZFdKbGNtNWxkR1Z6TUI0WERUSTBNRFV4TURFME5EWXhObG9YRFRNME1EVXdPREUwTkRZeApObG93RlRFVE1CRUdBMVVFQ2hNS2EzVmlaWEp1WlhSbGN6QlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VICkEwSUFCRGxWb1VKRVFVeC9uMmlkYTEzY1Q5YVpUZ0NuZ0RGczc5ZXhrV1ZBOEZpOXdFMXF5eHVmMnpRRnJXMmcKQmpiZXltQlVwc0VpT3UrUGlaOGhFYThHTEhLallUQmZNQTRHQTFVZER3RUIvd1FFQXdJQ2hEQWRCZ05WSFNVRQpGakFVQmdnckJnRUZCUWNEQVFZSUt3WUJCUVVIQXdJd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFCkZnUVUwMUdEbkNWVjdMek1kK3R4cjBpZEdUWUl5c293Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUlnTEZKNFdYRDIKWGZDL1FGOFlZUWhUOWdQdUE1d3FFM0UrS3V6NUkyemN2bW9DSVFDbkFOdHJnVGgwQ0JXVHF5d251ZzdLYTh0dgo0eUFPU1VUdzdqcDFsaWd4VkE9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== - key: ENC[AES256_GCM,data:ZBxNQUhYYwlsc5VMhwnw2nmjpdowjzfI6/h+Tx2PO2/UUTMAFfjCoxVd1s8ICTzC994vVNZOyLyZM6rU9XmXZ7VlRfgPmjCMuDoD1mwFL1Uy81Mxqx61mFSQqZGjItaLBE6ecQAV3k5n3rR14aHrcvHkGjabWqsqtdhKLNCsHCtof8JrXjOoEVbwueFpnvmi4XHh7FYFP1DwivoOhrjhNOtOojRW6saS2XmqZkgph/DF4UQDTreLMBWYpIW525kXDG+43qyjp71swi5z+ZzEI1JM/nI900OSjV01z6UhspeqmRmYyD6r+tvrRx3i395Mx79D1gKP8flJGOV1QCVz1zjEhyPcE6tY24t6Isx2P/5Vy59ovnQNrJRhDlvRAQ3V5jL4w7mO4DL5QBbxvXYukw==,iv:XKdu1VV8+J+GldaIx+G+Cs4CxKMFIXK//TAJ8hg53qA=,tag:KH2Zjws51pTO/+dkExcNTQ==,type:str] - k8saggregator: - crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJYekNDQVFXZ0F3SUJBZ0lRS0h6U25NeXNuZXRwNktIYzVNT2svREFLQmdncWhrak9QUVFEQWpBQU1CNFgKRFRJME1EVXhNREUwTkRZeE5sb1hEVE0wTURVd09ERTBORFl4Tmxvd0FEQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxRwpTTTQ5QXdFSEEwSUFCQXZOOHRMTFQvcTJKbDN5SDh2VEVoVHRTUHBzaFhuVU4vc3h1NW5qK0JIcmNjcmpOcHVxCjg0QWcrd3QwWWZWVlZ3MUFXK3lsNkR6NjJDRGVkL2U2dnlHallUQmZNQTRHQTFVZER3RUIvd1FFQXdJQ2hEQWQKQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQVFZSUt3WUJCUVVIQXdJd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZApCZ05WSFE0RUZnUVVDckdFblQ3VjlxOG4xekFET1JjdWp2WVpDell3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUlnCkN5R2gwd2pVckcxckJ1MFhyaUdna2FsT0lPbjgxSUE3b1Zpdk9FUDNEWE1DSVFDenZmdno5RUtVMFFqM1ZYMmQKVUJZdy9pN1ltMDNqU05ZczBLbk5WaXdNUnc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== - key: ENC[AES256_GCM,data:+gHHmVWfvKFK9g5xy7HbkM/13P1ZuAhcEvvvpJwXWWof4KSRrEeQnE300TBdZImzWn9hxqdWn0mDkThhARrcaJ/QuLYGcZ1NONUDKPyeN9NWSLQLIO1iIkEjDmEXafAGcjk0IdgFyxj2NORheMxgWVbfpv8REtYW5U82YhBopLrvsGcewz/ipdq9yzgHkc7zzi3xyDIgm9OWsgJdHq1/KCbxvRXb1bDzsiOnNqN0Bobl4L4J5YXZ72BpcfYNgw2KqJNyzUsfzFVx4PVrLsDY6v9idVQ4oxEAdyXeZuv6oqE6qxZ3bejK/Rh0BcNeFfmkVwV9EIpf9ZDR/g92Uxq8SfJG8CAAgdvgF5XuHc1ZDUXPUJWWfrCRVmTXXNHkEoZ9nHBZLXCDtj6Sj49vqKkPUg==,iv:Aa2UDcWFUTOQPTkYEU+kMZB0PKe+PdugQJmVakL/Bvs=,tag:jHgESkQcgQVs8gjjUwIZng==,type:str] - k8sserviceaccount: - key: ENC[AES256_GCM,data:ge0IclGoMht+wbr4GkvBpsTBc2SKu9i5HKVB32BWhOpa0j6zp+UcitzSAM8KxrTVVYGnzIboQja3/ZH/l3+GAf15QVlwu+ilnjnHPoVoZqQa5YREC/d9m3UTWlo1d2DMtyq1EwLMdbqty77YCZ7+WqMJH2L3FoXjfvW+ovIfDXccJiJQnf4+ZNv5MvqxmpWdcrlTkhyj3zaQhZho2WMRQb58kAYPQHd/r6LOSZ3MlApnVXJPQUyfyVWbAcTiADdK2SB0zLbIcem8et/qRchv5Mn0XgAQ9gzUkcnCriOio+dOKzxi4RN+ZNXk5RcN+GAEidEpmm7v86EUJs5GhQ/81ilf7E+z74tLtPflb6wcnSP3u7mwX+f7OfN8EH7zy62OPBnnd9Wc5nCXm2n0vwrHlGA9nfx+CfKHKp7ftJcpJsTA8O+LUr1yk/vKAoFqGGb8ZHqPOIiH1aFoPORGqNTTd0fa4vKjnergg3rNPloYxBZNNQB3Is+yrFZUAZKv4WcH401QNQfola4XFbdXjnL2ZdKbn97DZB9tWIaF04jp8JoeDNZGYx3V/zvq1CdEwxOuO3DlIWrA+d1TBDv7HYv/nEkEba53rAIJCzKDwvUZDaMQoBmUdNoiIRZsZkaJbPQECOH6uIv75CQ3jv+XJWNto7IeznkYHb7hcB579SDv03YzVffKaNmWzoKkiqrhriBk+EFciEb8+TrivbS3iU7hUh9KE5BQLj3ZS+9SiMjmfxHBf4BafHnwQGhBQifaTBLMvxy5d634kZVZD6mua1v56A97sAMPkBZZNt0vjuM9UFXTzK84j5hsKlFOoINIO9d77VyEsZGKVoQuW39DEpIJux6vFBaqcpmBExyn4TR0figcGy3KMPIDISeqsdIGM8fezV0etyCw/IeVh4qJv620NoIgGe+tHC3o3XCu7IKK/xe9GCaBRP/0YhU3/Uxak6y3gEqMysZN8BCFvlVzfaBsxyXGyFU9wYCsE4ro8s1UV4WRS7kU2mIoil0UNHa1k/K5v/Ac9BE45CsrXzKps0AJ36D4dTSEiTu/dozLAMJ290ZGMz6iDEB5bwlPDLHr907yLcQToqtUOAjsCB8RBNcjReiA9Fbt87osEpT8cNIy2k6FTlAsoVioTQJwrwFwjeI7kk9SnjF7aao5RC6PkayY8FU0OInQgyoz8s1XcRSaqacCXnDa2OPqmvHGjMLk4C40HwW4yjLVpJuIw+ooE+jl8GqId+PFun6v4Jf2w2w23HcKGxr8ozfl5okW2HXN+yrEHUcqe2oc4Y2LoHzl2yoACwD6/krcAbS4THAlCjArRlFebj6HckEK4pZTA/pMKW50zgslp+XRbWU1mYpf352AHdS0NNnYz4NQba0b6n2Xey6NCdVZhq8o3A3ixUytm8Mpdw03vYhkhvYaRf/N49YtMTHa0jY6+xkA6k8eLdLF4HMK83kGulGcW5FmFFQuV+gYT3S1glR0Dba27EnvNvlWZ6KO4jJuBn14NXyltZhey3MXNKG4gKEla11j+OiW6P7zVQYh2PyTn20uICgeyF5tKE3j8+LRhyxxER/3r3mOcZUoUgi9AUgd+4/IlrOCIWVbzEU0+/D9EgBkHFoaGCwjk5pusRb6x9o4iCL4wCbYWVPpf5Yd3raiymMsDcwMWMq4aElGnWXwyS55bUXndC/pM5adU3SOxrNvl3MHtSP3saaxmyVu95/YSm/i8kpOFwba30pyqp3Mo22SzSRe0VZeKaawCrV1h9ZnLTUxNG5xUtXSKcJW6KlDVEcGaZd+NIhCe/ySrITrdP0rZ5iruKT0PMQR5Q41fo7rdP5FWVmRt+0TDLevp8/vG7uncfIjzV2wut5ozeOwVjmqWg4ZgfiLqp3Tt43kEGd0JOiin4qejXtG8eKi032FO2hv+Gu34WBFYfc3fvBYlhfG39u+00uq4HR8Nto8NcxxOR+9cv15qWK3Xwww8BX9DyisMrN+T/zUDocBb/NM7jEB1NzcCclOOy3mxuVNLUgxAn9oXfw3faWHLCCaQ+5WqmAvWAXYFnQXha50z6UOJQXnWh6RGuPfnLaDQ/UjlTLN8P0zghp5N5V9gHZDKKAlVqzJZYBbZ2Ol9axnOvd6neIM0gSQRxzNHpQCcvlHEQnd1TJSD37D1l05FvFI24nzKs+/twvYtYXFSH46U2GbRih7UYLryz4g8SXd3Vuwrl/ORLSfsoQzFATWC5fURqPJZ4I0hKPaqnUCZXtvxGYwloJCR0/6rECJtAhj5nyi+9jdlcBrPKZESnMFTD1N6174u+pL/ZUk45+5ZA46bXR2elhcl1muzB8+cLYE5GqUca980ooZ/0ja8DKJ5QZdF/OjVi6+DEEhWC5BLCgnDrxCovekRbSxsPnI9px4pV/jDxgEtPNhILM1xJz0ZttzIB0S7syUusxaXMT1Nz5Hdglm/RcFjheOQR+TdS7vDZ3ksY0fEp/u2VSU66oZDkBEZKI+6aXCGgG/mWwrCxef22d7INA8m5hSEGo4JfE/C24qgY8ZMeAMV5iZH96+WX1/2iFHQoQmz5JwfW3WcY7lWczl+b4bvEOXlASEIxQMOLh4U2tH599n7zlgN6z3Np6M5LN/9W0c8N3O1TwJMcpA+ctWI2hMguAkbgZt49crI9K7T+gqPWfnc3/imUGfIxubOAz1zqhOlyowPqIel8w7EHLDWVA78WAZn0EygmUjc0g6c1rUJt6xOyWquM4cPpPUpjeUmHCwyN4nF1m02UAUwfY1KobwPQ2QGxqBGkUcYGgiPG8JDFSLzNOFWTaWrdt1aPV0xIYC0BPDRk4MPaX0zIyyNUHAky06Emefiu/h3BkBtUdOya/OaaDYoRsz1tdVDQx3hOcOEkNCjR4PblOHrE+hxt9xfbnkf3OKdtLf0PRcjH/buyR8SPGIQC0fOxMiklMAWzKyVdWEPYpAWzQSMES4idLbpuRrBz8McBuliOIWZ2yqmBhvKIk7k5vAs8D5+0fWPnb+cxuh5V5rdT7lWEkoBt7pxAV8IbIRQAcMydk9hIX5eYqdabwxYKTNzE+1+G41nYT0NOvXNwOFU83JKIvi9B6wDi7D2eYOYjWEI3k7++hjpGJRNgFoU8xz419rEFhOFINStisqn58RLFxrsk315OWImkmKGS08o4Unq7LR0q+MuMnQAdgF7z9dnFAHFkmSzaLPnsKaDGJEtpRJBChW9V/tSrheV7t3+RkM0G8uC4oHQ7zL09Zqk4ojkmnxKUnu/9KYD/NJqWBdCffxJZdjrQL/3TeQM0AnsPYYUNNgJ2NRxIwqHRAPkirGPlNxQtc/ukxJbn5HH26Sj3483gT/tvirv7K3naeb9VuYjiUxVKnqGv+rdipSB1zGROsSGZEgO2fDt4aal9mGYNEqI2o6L5MybpDERB04Or6tnlTIfd0WGWGqXwh1BRR+15fxiAd52ZfjUI+9XxbWiFGzhEWum2uNrAqAT4rdULe/uLj4m1FPFG/8XYBgGLlPPnxuGdcYAIfgrOF4J5ADNu24Zmb6NX2DW8ULemHPrSmVAk6pgniozCgAlGyRclW3Fj0IO/MKe7mqI9nSSIBmmCV03YWXWtlYHiMK1U/6k2xZ2HrfzlCULWnSDBdeTJcBeaDw8/HrZlUuIAK4/A0HiRVgyh0OVAoTtiqkCp38SSmctXQxWhPoXmApxyvmXn/sBHCKoZaFcIejAl3vlr+iU0jhYaKX8u3RfdwfKLBcrpv+kKtTu0GV0U+Hy1VGJWKI/V5BIlN4tZaX0TUKKrJuEiz512TxflHhbPR+lRyJoERNoWmh6r6/wkJZ330hdz25UBTr2YWpiqSvWJkhPq2xqDH/JvHX4BpDPyzDsFbaORNuJO33ogdgAcOKc9E/7Y9qV3Tg3BjdCICMy/hE87PdZbctkrIbDKCPOD1Wxcj3UL4+7kmqdkYEZtEdRRNs6LEZpH9BD2UMt7wUpZ39aVqf8MFrOeG960STDqZ5Z0AXRlzDBHTjKbfe1Bh23347e0RuLnrAYk+bReGZGGzo1azdLeFs1X5Es78ZCu8ubRV7VGdKzUWuy5Qv4Hx4pQO+hJf/d4JH6QGU/2fqC9xyMPjzuD5mVTROYApqJ51n4BZRMHvyvK9RW2Z7l5VLdsAh8A4DC41b9uRuLpLri1Vx9MKUHGgaF0vQcZGwFqSm79sCjF0YDYUomAiDm+FeFs31wZZcDUWDkxB9NvwNfiNTNFfvSQnYx80lSipY4sxxSzjoZ4Yw0rR6o0QlBHLfxEROgCkfbF33lMjB1C+W7At7OaujijgYKmFvt5/vuYMBdpio0sy/Vj9XLF3Nnxf31ID/qEUTRi8WXHKZ7y8e0RuOujuWlxW9hPzENz5/kGEwbkumqCET0HaI7aceSj4F8QqDwDcWg91xcUB2uTF6J49WwDqOkXMQZH1BZvFtJMbh26M7F86jmkVfY7pcP30sEEWI61KiZsAkX+K8nFIq+SEe48aU9aSNIyAMzwrYNO4hI24x827CWwFqxsVriMR74jdQACJk6HNtApGwUF4X+va9y4zOCxx9xxpxX1jXuqi4fuezNLq/h2F7+10wVb7Kg5FRB9g/1MuHSkWgLd3R+FxtlJeCbZWdhWoV59PjS1+0/dyEqKiKUhr6Cp/L5AaSDDda06UhOAPF/uqFq2p4TurV7rdOsMSi2qBSOrdWdAGLuVLfWpRiUEeL81irxB81A6uYkUWtLGQyO7MLUXnm5c2Xf85RK2l9LH8xZKRrWB18VS8M6ZUqlTJr+LnTBhyUhDQ3zksg09zIgaB/1YClEPy2qO4Y08itaZGuNlR3S0Zw/SWk/C/AIgpp+9NB4LBZffTQaZTTGgGwA7aRXzvQpV39qPoo+T1MKsq8k5LdzTIcGLAVD1uihx66fZ2Zf4GEU2A56Zy0ntgQB9oOI5MozCalwMi+exBqMThKDdEJ0kVsWkeG1/lhOCMauX+fICNKGuITNkkYs9t0UjCkIlP2uu6LuR4q7dbaZIYaCZzTYLujnDjwteRujtkHKxYkqC8bCrja2zUcjVXZEoXVt2YYhhsh0dmvw7IjjCNIOAZNF2YozL3dvVU4ecitI2qkIgyDyd1bc30jWXTQl/f2sSbYQ8CPDH93B4siiQMPtLsuIjhooT+zREVmaHVRBZUcCgls4L2QroIepKZdJofRQP3vcuT10JJOMg1lJgC+B+94n5lFXBpFbI0WfE+M7qYKJG73HUUtze9FqyVM4rJCjoHIauTHdoqMyqN/cZUxPH+IOpwPkcMh9/rdA+eiLgWcbYvcGCOK+0eH4WVa7sRov8D3L8+IfBCp7cgLmRQNX+02M0cFPbI1zn5RgPJVEJBBYkgQBJfnLzW9jPCKXHhCJ637DhT4TDX+fmprR32vcGljnOAOZHCvbccU5yI+CGUBcxHCyGIhC/C8mSNHAxlyLCmT9rVM2j2MFTrVMJKP5qLUxfC541F10y/OiZa9CQaKtWRlGWKfNFWq0+zdhpkGCzkeWtfUDbo9lBcfJSF2lOWKQeAxmC7k2nuk2x9lcOHAAqFMs5rgqFjh+mP9KtsrKLukJICrWJ6tK97efTNgSUdrjmp0iptaw/DGzup/NbAlbF43tVqQ3EtCvXeyBxf5onV5Y7sVRUcOoAUe3J1giT1l59DFBTEvV6GvNyjqPauB72cFIx03n6YH+jVFVgEJC372f9iHliTFYmK77MBf/hmGKASxyZMpiN5Lqtbm6/y/kMC7kp/CxNzHabiZzgsFPi5f7b5eXAoNWtCvEQ==,iv:MC2fUhRrKu7uuDd7gCze6HMtxiQhedf76ZP/UDkLRgc=,tag:gEl5G/u1iSxvcRWEw6z5lw==,type:str] - os: - crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJQakNCOGFBREFnRUNBaEJNTytKWHpPM2IvL0ZwSGkwak5JNE9NQVVHQXl0bGNEQVFNUTR3REFZRFZRUUsKRXdWMFlXeHZjekFlRncweU5EQTFNVEF4TkRRMk1UbGFGdzB6TkRBMU1EZ3hORFEyTVRsYU1CQXhEakFNQmdOVgpCQW9UQlhSaGJHOXpNQ293QlFZREsyVndBeUVBQUc4Z3k0MkFIZXg2UVh5dVNSY0hvZ1l5TTQwWm5DWXF3ajJECktjbVNER1dqWVRCZk1BNEdBMVVkRHdFQi93UUVBd0lDaERBZEJnTlZIU1VFRmpBVUJnZ3JCZ0VGQlFjREFRWUkKS3dZQkJRVUhBd0l3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFkQmdOVkhRNEVGZ1FVaEc2MGtMSEpPR29VWWRMegpZdVVRUlA1MTExWXdCUVlESzJWd0EwRUFqSVM2QmJaNFlsRlJ3YWNIN2RnNHlKTXBac3RIWWpKWno3bkNWZTBNCmFUL1d1TkxLNTdtWnFHT1J5Zy9rYXBXb21hL2JieGZwbHRpRUM0cWsvMmk4REE9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== - key: ENC[AES256_GCM,data:HkjsFY3yit/UijubHGPwepD7l1a9WzKuxprn+NJ9PY0YSvObv5XgL/7JdKkySDj9+d90fdA2w2qv66wuI8rajt6ncEQc4iVSn+rRHoHrt2pst/8W25GRpajezSDFOBIY47v4CG00nnCQ5fk8a/p3m5RL/nxpM52v9N8F39MwAo+3aDV43648C3q8QPui1g56ch37QV1gI1FDVyH+fJprOQJi6fIsodp2qAPn7aSQX4W/Loa9,iv:ZoTUeP+oo8/gbU4Y1Ifg6vRRAJQQTqpWdLURJ/vLOmY=,tag:jzem9//5R1pT1B/UP91HMA==,type:str] + etcd: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJmakNDQVNPZ0F3SUJBZ0lRZWNjUG16TG9NaTlRTWtCMmI3bjdZVEFLQmdncWhrak9QUVFEQWpBUE1RMHcKQ3dZRFZRUUtFd1JsZEdOa01CNFhEVEkwTURVeE1ERTBORFl4TmxvWERUTTBNRFV3T0RFME5EWXhObG93RHpFTgpNQXNHQTFVRUNoTUVaWFJqWkRCWk1CTUdCeXFHU000OUFnRUdDQ3FHU000OUF3RUhBMElBQk5vWXpvZVpwUmNQClNMaCtqU3JPVERYcUNyZ2cza0c3RVlhcTR6SDFOZms3VHVmL2NyRFZSYVc3SXBtZ1haUUZGU3lWV1UyRmtVdFAKTmJEQnpoWjJIeEtqWVRCZk1BNEdBMVVkRHdFQi93UUVBd0lDaERBZEJnTlZIU1VFRmpBVUJnZ3JCZ0VGQlFjRApBUVlJS3dZQkJRVUhBd0l3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFkQmdOVkhRNEVGZ1FVTWVRKzZlc3JDMlQ5CjV5NGY2ZjVXYlFwaFV6OHdDZ1lJS29aSXpqMEVBd0lEU1FBd1JnSWhBTUFzMm1iTzBXWHdkbm1NbjJhM3NEMTcKczBIcUN5SjdVUkNiSkh2R3oyWFZBaUVBdWRxc25ycGlYWktlakdaZkNTdk1ONTgrMVhlUVBHUmtyZUNsYkJRRwo4V009Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + key: ENC[AES256_GCM,data:Kzhdys7DkjI1v84vtviJgnr+6USd2UcLYAEfHKzg1oCwftq+lMZmzDOmpgDiXZ15vFu3M0fis++0D79Rvjv/fe4dqav5vO1rbwT+D2JW3bKgb7tW/kWggRf4bWoi6nnmMvIyMY6eH7VQIEV8hxXioHrU+GZQqY9DnyKkccIJGhs1mVbFEdIGTHv3asCYd3GAc4/8yx6GVSwKFC0VMUiukEsFLSyTBRWUDsIqy8AWKrKS5GLyTE5/y2tt0ajs5PqV7M/XQpElFGB/GW3b4Rjm7tDEjnfSgdT2QNBRXjfvkyLiWP0D0S+xB4YT1x18wzXEJNzQcJcBrJTgqeTZ9Xm7hhknKH+LQWJDfKUwbErWgixhAaGLwGO6G/NnLPHvOVJY/309AoeSe02lFmcz1QZEng==,iv:dreMVMd8eVKlDK3FCph16YI2I+3K4YUqqDmalQZ3UZA=,tag:Q2C0kPMR5Rk+nnPCpUO1bw==,type:str] + k8s: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJpVENDQVMrZ0F3SUJBZ0lRRDB6QzNWdVlnNTZrZzdDT3VibnZjekFLQmdncWhrak9QUVFEQWpBVk1STXcKRVFZRFZRUUtFd3ByZFdKbGNtNWxkR1Z6TUI0WERUSTBNRFV4TURFME5EWXhObG9YRFRNME1EVXdPREUwTkRZeApObG93RlRFVE1CRUdBMVVFQ2hNS2EzVmlaWEp1WlhSbGN6QlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VICkEwSUFCRGxWb1VKRVFVeC9uMmlkYTEzY1Q5YVpUZ0NuZ0RGczc5ZXhrV1ZBOEZpOXdFMXF5eHVmMnpRRnJXMmcKQmpiZXltQlVwc0VpT3UrUGlaOGhFYThHTEhLallUQmZNQTRHQTFVZER3RUIvd1FFQXdJQ2hEQWRCZ05WSFNVRQpGakFVQmdnckJnRUZCUWNEQVFZSUt3WUJCUVVIQXdJd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFCkZnUVUwMUdEbkNWVjdMek1kK3R4cjBpZEdUWUl5c293Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUlnTEZKNFdYRDIKWGZDL1FGOFlZUWhUOWdQdUE1d3FFM0UrS3V6NUkyemN2bW9DSVFDbkFOdHJnVGgwQ0JXVHF5d251ZzdLYTh0dgo0eUFPU1VUdzdqcDFsaWd4VkE9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + key: ENC[AES256_GCM,data:ZBxNQUhYYwlsc5VMhwnw2nmjpdowjzfI6/h+Tx2PO2/UUTMAFfjCoxVd1s8ICTzC994vVNZOyLyZM6rU9XmXZ7VlRfgPmjCMuDoD1mwFL1Uy81Mxqx61mFSQqZGjItaLBE6ecQAV3k5n3rR14aHrcvHkGjabWqsqtdhKLNCsHCtof8JrXjOoEVbwueFpnvmi4XHh7FYFP1DwivoOhrjhNOtOojRW6saS2XmqZkgph/DF4UQDTreLMBWYpIW525kXDG+43qyjp71swi5z+ZzEI1JM/nI900OSjV01z6UhspeqmRmYyD6r+tvrRx3i395Mx79D1gKP8flJGOV1QCVz1zjEhyPcE6tY24t6Isx2P/5Vy59ovnQNrJRhDlvRAQ3V5jL4w7mO4DL5QBbxvXYukw==,iv:XKdu1VV8+J+GldaIx+G+Cs4CxKMFIXK//TAJ8hg53qA=,tag:KH2Zjws51pTO/+dkExcNTQ==,type:str] + k8saggregator: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJYekNDQVFXZ0F3SUJBZ0lRS0h6U25NeXNuZXRwNktIYzVNT2svREFLQmdncWhrak9QUVFEQWpBQU1CNFgKRFRJME1EVXhNREUwTkRZeE5sb1hEVE0wTURVd09ERTBORFl4Tmxvd0FEQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxRwpTTTQ5QXdFSEEwSUFCQXZOOHRMTFQvcTJKbDN5SDh2VEVoVHRTUHBzaFhuVU4vc3h1NW5qK0JIcmNjcmpOcHVxCjg0QWcrd3QwWWZWVlZ3MUFXK3lsNkR6NjJDRGVkL2U2dnlHallUQmZNQTRHQTFVZER3RUIvd1FFQXdJQ2hEQWQKQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQVFZSUt3WUJCUVVIQXdJd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZApCZ05WSFE0RUZnUVVDckdFblQ3VjlxOG4xekFET1JjdWp2WVpDell3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUlnCkN5R2gwd2pVckcxckJ1MFhyaUdna2FsT0lPbjgxSUE3b1Zpdk9FUDNEWE1DSVFDenZmdno5RUtVMFFqM1ZYMmQKVUJZdy9pN1ltMDNqU05ZczBLbk5WaXdNUnc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + key: ENC[AES256_GCM,data:+gHHmVWfvKFK9g5xy7HbkM/13P1ZuAhcEvvvpJwXWWof4KSRrEeQnE300TBdZImzWn9hxqdWn0mDkThhARrcaJ/QuLYGcZ1NONUDKPyeN9NWSLQLIO1iIkEjDmEXafAGcjk0IdgFyxj2NORheMxgWVbfpv8REtYW5U82YhBopLrvsGcewz/ipdq9yzgHkc7zzi3xyDIgm9OWsgJdHq1/KCbxvRXb1bDzsiOnNqN0Bobl4L4J5YXZ72BpcfYNgw2KqJNyzUsfzFVx4PVrLsDY6v9idVQ4oxEAdyXeZuv6oqE6qxZ3bejK/Rh0BcNeFfmkVwV9EIpf9ZDR/g92Uxq8SfJG8CAAgdvgF5XuHc1ZDUXPUJWWfrCRVmTXXNHkEoZ9nHBZLXCDtj6Sj49vqKkPUg==,iv:Aa2UDcWFUTOQPTkYEU+kMZB0PKe+PdugQJmVakL/Bvs=,tag:jHgESkQcgQVs8gjjUwIZng==,type:str] + k8sserviceaccount: + key: ENC[AES256_GCM,data:ge0IclGoMht+wbr4GkvBpsTBc2SKu9i5HKVB32BWhOpa0j6zp+UcitzSAM8KxrTVVYGnzIboQja3/ZH/l3+GAf15QVlwu+ilnjnHPoVoZqQa5YREC/d9m3UTWlo1d2DMtyq1EwLMdbqty77YCZ7+WqMJH2L3FoXjfvW+ovIfDXccJiJQnf4+ZNv5MvqxmpWdcrlTkhyj3zaQhZho2WMRQb58kAYPQHd/r6LOSZ3MlApnVXJPQUyfyVWbAcTiADdK2SB0zLbIcem8et/qRchv5Mn0XgAQ9gzUkcnCriOio+dOKzxi4RN+ZNXk5RcN+GAEidEpmm7v86EUJs5GhQ/81ilf7E+z74tLtPflb6wcnSP3u7mwX+f7OfN8EH7zy62OPBnnd9Wc5nCXm2n0vwrHlGA9nfx+CfKHKp7ftJcpJsTA8O+LUr1yk/vKAoFqGGb8ZHqPOIiH1aFoPORGqNTTd0fa4vKjnergg3rNPloYxBZNNQB3Is+yrFZUAZKv4WcH401QNQfola4XFbdXjnL2ZdKbn97DZB9tWIaF04jp8JoeDNZGYx3V/zvq1CdEwxOuO3DlIWrA+d1TBDv7HYv/nEkEba53rAIJCzKDwvUZDaMQoBmUdNoiIRZsZkaJbPQECOH6uIv75CQ3jv+XJWNto7IeznkYHb7hcB579SDv03YzVffKaNmWzoKkiqrhriBk+EFciEb8+TrivbS3iU7hUh9KE5BQLj3ZS+9SiMjmfxHBf4BafHnwQGhBQifaTBLMvxy5d634kZVZD6mua1v56A97sAMPkBZZNt0vjuM9UFXTzK84j5hsKlFOoINIO9d77VyEsZGKVoQuW39DEpIJux6vFBaqcpmBExyn4TR0figcGy3KMPIDISeqsdIGM8fezV0etyCw/IeVh4qJv620NoIgGe+tHC3o3XCu7IKK/xe9GCaBRP/0YhU3/Uxak6y3gEqMysZN8BCFvlVzfaBsxyXGyFU9wYCsE4ro8s1UV4WRS7kU2mIoil0UNHa1k/K5v/Ac9BE45CsrXzKps0AJ36D4dTSEiTu/dozLAMJ290ZGMz6iDEB5bwlPDLHr907yLcQToqtUOAjsCB8RBNcjReiA9Fbt87osEpT8cNIy2k6FTlAsoVioTQJwrwFwjeI7kk9SnjF7aao5RC6PkayY8FU0OInQgyoz8s1XcRSaqacCXnDa2OPqmvHGjMLk4C40HwW4yjLVpJuIw+ooE+jl8GqId+PFun6v4Jf2w2w23HcKGxr8ozfl5okW2HXN+yrEHUcqe2oc4Y2LoHzl2yoACwD6/krcAbS4THAlCjArRlFebj6HckEK4pZTA/pMKW50zgslp+XRbWU1mYpf352AHdS0NNnYz4NQba0b6n2Xey6NCdVZhq8o3A3ixUytm8Mpdw03vYhkhvYaRf/N49YtMTHa0jY6+xkA6k8eLdLF4HMK83kGulGcW5FmFFQuV+gYT3S1glR0Dba27EnvNvlWZ6KO4jJuBn14NXyltZhey3MXNKG4gKEla11j+OiW6P7zVQYh2PyTn20uICgeyF5tKE3j8+LRhyxxER/3r3mOcZUoUgi9AUgd+4/IlrOCIWVbzEU0+/D9EgBkHFoaGCwjk5pusRb6x9o4iCL4wCbYWVPpf5Yd3raiymMsDcwMWMq4aElGnWXwyS55bUXndC/pM5adU3SOxrNvl3MHtSP3saaxmyVu95/YSm/i8kpOFwba30pyqp3Mo22SzSRe0VZeKaawCrV1h9ZnLTUxNG5xUtXSKcJW6KlDVEcGaZd+NIhCe/ySrITrdP0rZ5iruKT0PMQR5Q41fo7rdP5FWVmRt+0TDLevp8/vG7uncfIjzV2wut5ozeOwVjmqWg4ZgfiLqp3Tt43kEGd0JOiin4qejXtG8eKi032FO2hv+Gu34WBFYfc3fvBYlhfG39u+00uq4HR8Nto8NcxxOR+9cv15qWK3Xwww8BX9DyisMrN+T/zUDocBb/NM7jEB1NzcCclOOy3mxuVNLUgxAn9oXfw3faWHLCCaQ+5WqmAvWAXYFnQXha50z6UOJQXnWh6RGuPfnLaDQ/UjlTLN8P0zghp5N5V9gHZDKKAlVqzJZYBbZ2Ol9axnOvd6neIM0gSQRxzNHpQCcvlHEQnd1TJSD37D1l05FvFI24nzKs+/twvYtYXFSH46U2GbRih7UYLryz4g8SXd3Vuwrl/ORLSfsoQzFATWC5fURqPJZ4I0hKPaqnUCZXtvxGYwloJCR0/6rECJtAhj5nyi+9jdlcBrPKZESnMFTD1N6174u+pL/ZUk45+5ZA46bXR2elhcl1muzB8+cLYE5GqUca980ooZ/0ja8DKJ5QZdF/OjVi6+DEEhWC5BLCgnDrxCovekRbSxsPnI9px4pV/jDxgEtPNhILM1xJz0ZttzIB0S7syUusxaXMT1Nz5Hdglm/RcFjheOQR+TdS7vDZ3ksY0fEp/u2VSU66oZDkBEZKI+6aXCGgG/mWwrCxef22d7INA8m5hSEGo4JfE/C24qgY8ZMeAMV5iZH96+WX1/2iFHQoQmz5JwfW3WcY7lWczl+b4bvEOXlASEIxQMOLh4U2tH599n7zlgN6z3Np6M5LN/9W0c8N3O1TwJMcpA+ctWI2hMguAkbgZt49crI9K7T+gqPWfnc3/imUGfIxubOAz1zqhOlyowPqIel8w7EHLDWVA78WAZn0EygmUjc0g6c1rUJt6xOyWquM4cPpPUpjeUmHCwyN4nF1m02UAUwfY1KobwPQ2QGxqBGkUcYGgiPG8JDFSLzNOFWTaWrdt1aPV0xIYC0BPDRk4MPaX0zIyyNUHAky06Emefiu/h3BkBtUdOya/OaaDYoRsz1tdVDQx3hOcOEkNCjR4PblOHrE+hxt9xfbnkf3OKdtLf0PRcjH/buyR8SPGIQC0fOxMiklMAWzKyVdWEPYpAWzQSMES4idLbpuRrBz8McBuliOIWZ2yqmBhvKIk7k5vAs8D5+0fWPnb+cxuh5V5rdT7lWEkoBt7pxAV8IbIRQAcMydk9hIX5eYqdabwxYKTNzE+1+G41nYT0NOvXNwOFU83JKIvi9B6wDi7D2eYOYjWEI3k7++hjpGJRNgFoU8xz419rEFhOFINStisqn58RLFxrsk315OWImkmKGS08o4Unq7LR0q+MuMnQAdgF7z9dnFAHFkmSzaLPnsKaDGJEtpRJBChW9V/tSrheV7t3+RkM0G8uC4oHQ7zL09Zqk4ojkmnxKUnu/9KYD/NJqWBdCffxJZdjrQL/3TeQM0AnsPYYUNNgJ2NRxIwqHRAPkirGPlNxQtc/ukxJbn5HH26Sj3483gT/tvirv7K3naeb9VuYjiUxVKnqGv+rdipSB1zGROsSGZEgO2fDt4aal9mGYNEqI2o6L5MybpDERB04Or6tnlTIfd0WGWGqXwh1BRR+15fxiAd52ZfjUI+9XxbWiFGzhEWum2uNrAqAT4rdULe/uLj4m1FPFG/8XYBgGLlPPnxuGdcYAIfgrOF4J5ADNu24Zmb6NX2DW8ULemHPrSmVAk6pgniozCgAlGyRclW3Fj0IO/MKe7mqI9nSSIBmmCV03YWXWtlYHiMK1U/6k2xZ2HrfzlCULWnSDBdeTJcBeaDw8/HrZlUuIAK4/A0HiRVgyh0OVAoTtiqkCp38SSmctXQxWhPoXmApxyvmXn/sBHCKoZaFcIejAl3vlr+iU0jhYaKX8u3RfdwfKLBcrpv+kKtTu0GV0U+Hy1VGJWKI/V5BIlN4tZaX0TUKKrJuEiz512TxflHhbPR+lRyJoERNoWmh6r6/wkJZ330hdz25UBTr2YWpiqSvWJkhPq2xqDH/JvHX4BpDPyzDsFbaORNuJO33ogdgAcOKc9E/7Y9qV3Tg3BjdCICMy/hE87PdZbctkrIbDKCPOD1Wxcj3UL4+7kmqdkYEZtEdRRNs6LEZpH9BD2UMt7wUpZ39aVqf8MFrOeG960STDqZ5Z0AXRlzDBHTjKbfe1Bh23347e0RuLnrAYk+bReGZGGzo1azdLeFs1X5Es78ZCu8ubRV7VGdKzUWuy5Qv4Hx4pQO+hJf/d4JH6QGU/2fqC9xyMPjzuD5mVTROYApqJ51n4BZRMHvyvK9RW2Z7l5VLdsAh8A4DC41b9uRuLpLri1Vx9MKUHGgaF0vQcZGwFqSm79sCjF0YDYUomAiDm+FeFs31wZZcDUWDkxB9NvwNfiNTNFfvSQnYx80lSipY4sxxSzjoZ4Yw0rR6o0QlBHLfxEROgCkfbF33lMjB1C+W7At7OaujijgYKmFvt5/vuYMBdpio0sy/Vj9XLF3Nnxf31ID/qEUTRi8WXHKZ7y8e0RuOujuWlxW9hPzENz5/kGEwbkumqCET0HaI7aceSj4F8QqDwDcWg91xcUB2uTF6J49WwDqOkXMQZH1BZvFtJMbh26M7F86jmkVfY7pcP30sEEWI61KiZsAkX+K8nFIq+SEe48aU9aSNIyAMzwrYNO4hI24x827CWwFqxsVriMR74jdQACJk6HNtApGwUF4X+va9y4zOCxx9xxpxX1jXuqi4fuezNLq/h2F7+10wVb7Kg5FRB9g/1MuHSkWgLd3R+FxtlJeCbZWdhWoV59PjS1+0/dyEqKiKUhr6Cp/L5AaSDDda06UhOAPF/uqFq2p4TurV7rdOsMSi2qBSOrdWdAGLuVLfWpRiUEeL81irxB81A6uYkUWtLGQyO7MLUXnm5c2Xf85RK2l9LH8xZKRrWB18VS8M6ZUqlTJr+LnTBhyUhDQ3zksg09zIgaB/1YClEPy2qO4Y08itaZGuNlR3S0Zw/SWk/C/AIgpp+9NB4LBZffTQaZTTGgGwA7aRXzvQpV39qPoo+T1MKsq8k5LdzTIcGLAVD1uihx66fZ2Zf4GEU2A56Zy0ntgQB9oOI5MozCalwMi+exBqMThKDdEJ0kVsWkeG1/lhOCMauX+fICNKGuITNkkYs9t0UjCkIlP2uu6LuR4q7dbaZIYaCZzTYLujnDjwteRujtkHKxYkqC8bCrja2zUcjVXZEoXVt2YYhhsh0dmvw7IjjCNIOAZNF2YozL3dvVU4ecitI2qkIgyDyd1bc30jWXTQl/f2sSbYQ8CPDH93B4siiQMPtLsuIjhooT+zREVmaHVRBZUcCgls4L2QroIepKZdJofRQP3vcuT10JJOMg1lJgC+B+94n5lFXBpFbI0WfE+M7qYKJG73HUUtze9FqyVM4rJCjoHIauTHdoqMyqN/cZUxPH+IOpwPkcMh9/rdA+eiLgWcbYvcGCOK+0eH4WVa7sRov8D3L8+IfBCp7cgLmRQNX+02M0cFPbI1zn5RgPJVEJBBYkgQBJfnLzW9jPCKXHhCJ637DhT4TDX+fmprR32vcGljnOAOZHCvbccU5yI+CGUBcxHCyGIhC/C8mSNHAxlyLCmT9rVM2j2MFTrVMJKP5qLUxfC541F10y/OiZa9CQaKtWRlGWKfNFWq0+zdhpkGCzkeWtfUDbo9lBcfJSF2lOWKQeAxmC7k2nuk2x9lcOHAAqFMs5rgqFjh+mP9KtsrKLukJICrWJ6tK97efTNgSUdrjmp0iptaw/DGzup/NbAlbF43tVqQ3EtCvXeyBxf5onV5Y7sVRUcOoAUe3J1giT1l59DFBTEvV6GvNyjqPauB72cFIx03n6YH+jVFVgEJC372f9iHliTFYmK77MBf/hmGKASxyZMpiN5Lqtbm6/y/kMC7kp/CxNzHabiZzgsFPi5f7b5eXAoNWtCvEQ==,iv:MC2fUhRrKu7uuDd7gCze6HMtxiQhedf76ZP/UDkLRgc=,tag:gEl5G/u1iSxvcRWEw6z5lw==,type:str] + os: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJQakNCOGFBREFnRUNBaEJNTytKWHpPM2IvL0ZwSGkwak5JNE9NQVVHQXl0bGNEQVFNUTR3REFZRFZRUUsKRXdWMFlXeHZjekFlRncweU5EQTFNVEF4TkRRMk1UbGFGdzB6TkRBMU1EZ3hORFEyTVRsYU1CQXhEakFNQmdOVgpCQW9UQlhSaGJHOXpNQ293QlFZREsyVndBeUVBQUc4Z3k0MkFIZXg2UVh5dVNSY0hvZ1l5TTQwWm5DWXF3ajJECktjbVNER1dqWVRCZk1BNEdBMVVkRHdFQi93UUVBd0lDaERBZEJnTlZIU1VFRmpBVUJnZ3JCZ0VGQlFjREFRWUkKS3dZQkJRVUhBd0l3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFkQmdOVkhRNEVGZ1FVaEc2MGtMSEpPR29VWWRMegpZdVVRUlA1MTExWXdCUVlESzJWd0EwRUFqSVM2QmJaNFlsRlJ3YWNIN2RnNHlKTXBac3RIWWpKWno3bkNWZTBNCmFUL1d1TkxLNTdtWnFHT1J5Zy9rYXBXb21hL2JieGZwbHRpRUM0cWsvMmk4REE9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + key: ENC[AES256_GCM,data:HkjsFY3yit/UijubHGPwepD7l1a9WzKuxprn+NJ9PY0YSvObv5XgL/7JdKkySDj9+d90fdA2w2qv66wuI8rajt6ncEQc4iVSn+rRHoHrt2pst/8W25GRpajezSDFOBIY47v4CG00nnCQ5fk8a/p3m5RL/nxpM52v9N8F39MwAo+3aDV43648C3q8QPui1g56ch37QV1gI1FDVyH+fJprOQJi6fIsodp2qAPn7aSQX4W/Loa9,iv:ZoTUeP+oo8/gbU4Y1Ifg6vRRAJQQTqpWdLURJ/vLOmY=,tag:jzem9//5R1pT1B/UP91HMA==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4Tmk2SGtPb1Arb0lKUTZo - cTFtQjdHRkFMYzZHenVneDVBQWdSWGZWdURJCmI1VWdNYjVJK0gvWWx5RWVzMndq - Q0JSZ2RPajZidThXai9yMGtLcERVNjQKLS0tIGRUSW5YaStGT1VCU21MNmVxQm96 - UUs4ajZqOGJJNGNOR1EvRHR5RDd0UVEKRR+VqyvEM5IOLgOAU01JfxDc2T9fhBdr - LWGVel7FKjxre9KNjDYUchvo3X1O661hQ5LppAH9SwnK749Jpceddg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1pwxsukhcw4j3x0q7x74e5suwmn48qs56ewlz9t2ndftg3mh36ftqfwcn8p - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVNmJaWHl5TmxJM2JaYnlm - VkV6R2hNWXN2K2dCcVljajFBRDA5d0licENvCk1aNVZRcUcxYkN4S2VYd09zYzBE - Y0wzZ1UvN0ZyN1oyMjFuZngvbWFHWlUKLS0tIFZnN0NuaTdqU3dvMHNWZG5OOHhX - R2oxUUQ3TWorelNmR29mU3U4QnpVOHMKhjRMy/wNkv2lPTFjkEgfU4e5CucVjVxO - l8QqfPsSTK2ybOFJXc9gRh364IXWmwyWd6qnEGA9SeiizRSJXQXNgg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-05-10T14:46:19Z" - mac: ENC[AES256_GCM,data:5qhScfLjUeleYmkgceLaRG//Q5forBKLoLouSv2UGzjH2aL8XcHQAsd34CD2PxCxFfUjKzMul8jykOO8U9HzJnriwACtmjjR/uDynaNRJIbVkX46daxbTy8wPxlufFhTB6IUpew5tQw51FrMJlVt8Gk2vUe1YqrwERxBkG6TMTg=,iv:BateqXKKtDilv0OGjCP0R/i/uQDsTQ/HBLWovW0jtTY=,tag:Ezc6Ry/arvktzbHDW/vyqg==,type:str] - pgp: [] - encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) - version: 3.8.1 + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4Tmk2SGtPb1Arb0lKUTZo + cTFtQjdHRkFMYzZHenVneDVBQWdSWGZWdURJCmI1VWdNYjVJK0gvWWx5RWVzMndq + Q0JSZ2RPajZidThXai9yMGtLcERVNjQKLS0tIGRUSW5YaStGT1VCU21MNmVxQm96 + UUs4ajZqOGJJNGNOR1EvRHR5RDd0UVEKRR+VqyvEM5IOLgOAU01JfxDc2T9fhBdr + LWGVel7FKjxre9KNjDYUchvo3X1O661hQ5LppAH9SwnK749Jpceddg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1pwxsukhcw4j3x0q7x74e5suwmn48qs56ewlz9t2ndftg3mh36ftqfwcn8p + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVNmJaWHl5TmxJM2JaYnlm + VkV6R2hNWXN2K2dCcVljajFBRDA5d0licENvCk1aNVZRcUcxYkN4S2VYd09zYzBE + Y0wzZ1UvN0ZyN1oyMjFuZngvbWFHWlUKLS0tIFZnN0NuaTdqU3dvMHNWZG5OOHhX + R2oxUUQ3TWorelNmR29mU3U4QnpVOHMKhjRMy/wNkv2lPTFjkEgfU4e5CucVjVxO + l8QqfPsSTK2ybOFJXc9gRh364IXWmwyWd6qnEGA9SeiizRSJXQXNgg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-05-10T14:46:19Z" + mac: ENC[AES256_GCM,data:5qhScfLjUeleYmkgceLaRG//Q5forBKLoLouSv2UGzjH2aL8XcHQAsd34CD2PxCxFfUjKzMul8jykOO8U9HzJnriwACtmjjR/uDynaNRJIbVkX46daxbTy8wPxlufFhTB6IUpew5tQw51FrMJlVt8Gk2vUe1YqrwERxBkG6TMTg=,iv:BateqXKKtDilv0OGjCP0R/i/uQDsTQ/HBLWovW0jtTY=,tag:Ezc6Ry/arvktzbHDW/vyqg==,type:str] + pgp: [] + encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) + version: 3.8.1 diff --git a/kubernetes/main/cluster/vars/cluster-secrets.sops.yaml b/kubernetes/main/cluster/vars/cluster-secrets.sops.yaml index 184ab0eecf..d2630c7ea5 100644 --- a/kubernetes/main/cluster/vars/cluster-secrets.sops.yaml +++ b/kubernetes/main/cluster/vars/cluster-secrets.sops.yaml @@ -1,42 +1,42 @@ apiVersion: v1 kind: Secret metadata: - name: cluster-secrets - namespace: flux-system + name: cluster-secrets + namespace: flux-system stringData: - SECRET_ADMIN_EMAIL: ENC[AES256_GCM,data:/y3a3topA8nW7a9v4Ac=,iv:qpprlszCxFS/ef3fb8uGPmiSAKcbFzYjWIlUol+5SRc=,tag:dD2kfUBW6mNgAGkvllR+lQ==,type:str] - SECRET_DOMAIN_NAME: ENC[AES256_GCM,data:of+OfHtQKA==,iv:OxQy1OWedfgehDMaGCa1+/3h0UmgXCvxwSs27NRCDrk=,tag:2D4DKqDd/rQndy3YvL7dQQ==,type:str] - SECRET_MAIN_DOMAIN_NAME: ENC[AES256_GCM,data:egHoQQuZfw==,iv:Psqr4YjVghZ6tMVgqOJ8lCF8NDdwRD6dWKQCwE/R1hA=,tag:a2yqxu40Jxm6JADxHJwHUQ==,type:str] - SECRET_TECH_DOMAIN_NAME: ENC[AES256_GCM,data:r3bwILUQK3W3,iv:8BycnOwrunM6We6ktUU20xR6h5SzU7IJC5bmH0Nmy0Y=,tag:STBoNACKZd6vdAlec+q8FA==,type:str] - SECRET_CLOUDFLARED_TUNNEL_ID: ENC[AES256_GCM,data:mPasG02Ie91/oy80x2OdSioVOqfFV9mMZ25XTDrRv6l9sMv/,iv:WVVDshCJug8DhEKTTgZQUHt/dNS2yhanP7QRL8rD91A=,tag:uTfcq+rhMfJzXt/4tDLqOA==,type:str] - SECRET_ATLAS_NFS_SERVER: ENC[AES256_GCM,data:BC8O/PVhZRV+19/DM6K79Q==,iv:NU9QKE9j0v0ixTMymUgOreUX/mYek2tmplsOe5g9KPQ=,tag:++aR3l9okrLnBGlmlGU+XQ==,type:str] - SECRET_ATLAS_NFS_ROOTDIR: ENC[AES256_GCM,data:qjTuxXWzr5f8P/5unOCgMRAmuw==,iv:hp27uih1IOasRu7mHKYjbohz+3NTpSL+fnwZhGCAZjk=,tag:+qdz/D0B8aSEO5jdJGychA==,type:str] + SECRET_ADMIN_EMAIL: ENC[AES256_GCM,data:/y3a3topA8nW7a9v4Ac=,iv:qpprlszCxFS/ef3fb8uGPmiSAKcbFzYjWIlUol+5SRc=,tag:dD2kfUBW6mNgAGkvllR+lQ==,type:str] + SECRET_DOMAIN_NAME: ENC[AES256_GCM,data:of+OfHtQKA==,iv:OxQy1OWedfgehDMaGCa1+/3h0UmgXCvxwSs27NRCDrk=,tag:2D4DKqDd/rQndy3YvL7dQQ==,type:str] + SECRET_MAIN_DOMAIN_NAME: ENC[AES256_GCM,data:egHoQQuZfw==,iv:Psqr4YjVghZ6tMVgqOJ8lCF8NDdwRD6dWKQCwE/R1hA=,tag:a2yqxu40Jxm6JADxHJwHUQ==,type:str] + SECRET_TECH_DOMAIN_NAME: ENC[AES256_GCM,data:r3bwILUQK3W3,iv:8BycnOwrunM6We6ktUU20xR6h5SzU7IJC5bmH0Nmy0Y=,tag:STBoNACKZd6vdAlec+q8FA==,type:str] + SECRET_CLOUDFLARED_TUNNEL_ID: ENC[AES256_GCM,data:mPasG02Ie91/oy80x2OdSioVOqfFV9mMZ25XTDrRv6l9sMv/,iv:WVVDshCJug8DhEKTTgZQUHt/dNS2yhanP7QRL8rD91A=,tag:uTfcq+rhMfJzXt/4tDLqOA==,type:str] + SECRET_ATLAS_NFS_SERVER: ENC[AES256_GCM,data:BC8O/PVhZRV+19/DM6K79Q==,iv:NU9QKE9j0v0ixTMymUgOreUX/mYek2tmplsOe5g9KPQ=,tag:++aR3l9okrLnBGlmlGU+XQ==,type:str] + SECRET_ATLAS_NFS_ROOTDIR: ENC[AES256_GCM,data:qjTuxXWzr5f8P/5unOCgMRAmuw==,iv:hp27uih1IOasRu7mHKYjbohz+3NTpSL+fnwZhGCAZjk=,tag:+qdz/D0B8aSEO5jdJGychA==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4UGlQUXRwV3dOcllqeTNN - dHlxVWdydC9tYkx5cGd4ZElXRjVSN25JVnlFClVzVy9PSEtHeHUvRWF2SkQzek9Y - WnJ5ZzlLT1RtVklXUDRGVFFkcGJEWm8KLS0tIDJpN2dyMGpuVTc2TVpjNVBIc2RM - aFNtRE10UkV1UzV0cVBhemkzM0JHWkEKYf0ZqAIWm53dvMAnn0b4A7PRcPeGQJpx - JuP5r5yQhtbqb5KAmDZgv5WMiaa0kDJJLT/F60nLJFSpUQO4WI7/mA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1pwxsukhcw4j3x0q7x74e5suwmn48qs56ewlz9t2ndftg3mh36ftqfwcn8p - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjK3Eva2h4aDZaR2JreUwz - RVQxNVduUzdKVSt6dHNiNnpsSHYybEFVQlgwCkpBOUNNaXRwSTVVV2ZjWW8yNFYy - WHJRNmNFK29HZnBZa3h0SmZNeFNFWUUKLS0tIEc4c1BFeElGZnhsMlUvZGVzei9u - dW9zOGVlNnpmL3NSamVDbi9vT3liNmsKJJR9jx6yHSEsBmcusYnUO/yqn0wRnrlk - mOipiBSla/v9LC34LX/yo9IP5WWVNcCT0yRXhJhluz0o/n7p+nLadg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-05-04T17:15:50Z" - mac: ENC[AES256_GCM,data:KlB7jnowGFD/zglgOtuL1B0W/YF/dahtFweCldhVSt6pRw1/tY8kJv0fYRIsBIFId2eltYM/ttd1/2/9FNqvTiTfmydnO5Jb7JhPHTEh/w8R1uFjh3WpH28ZCHuT+1LvHBl13t8Bo9lmHy+DB5unlrSHYabDOai2cymdAxjF9GA=,iv:32ZNjdKD53YwQKaNrA1eKh/Y9XGYMOphfNwCOqK9ajQ=,tag:H0QZj/2N7wwvxjHcHU0ILg==,type:str] - pgp: [] - encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) - version: 3.8.1 + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4UGlQUXRwV3dOcllqeTNN + dHlxVWdydC9tYkx5cGd4ZElXRjVSN25JVnlFClVzVy9PSEtHeHUvRWF2SkQzek9Y + WnJ5ZzlLT1RtVklXUDRGVFFkcGJEWm8KLS0tIDJpN2dyMGpuVTc2TVpjNVBIc2RM + aFNtRE10UkV1UzV0cVBhemkzM0JHWkEKYf0ZqAIWm53dvMAnn0b4A7PRcPeGQJpx + JuP5r5yQhtbqb5KAmDZgv5WMiaa0kDJJLT/F60nLJFSpUQO4WI7/mA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1pwxsukhcw4j3x0q7x74e5suwmn48qs56ewlz9t2ndftg3mh36ftqfwcn8p + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjK3Eva2h4aDZaR2JreUwz + RVQxNVduUzdKVSt6dHNiNnpsSHYybEFVQlgwCkpBOUNNaXRwSTVVV2ZjWW8yNFYy + WHJRNmNFK29HZnBZa3h0SmZNeFNFWUUKLS0tIEc4c1BFeElGZnhsMlUvZGVzei9u + dW9zOGVlNnpmL3NSamVDbi9vT3liNmsKJJR9jx6yHSEsBmcusYnUO/yqn0wRnrlk + mOipiBSla/v9LC34LX/yo9IP5WWVNcCT0yRXhJhluz0o/n7p+nLadg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-05-04T17:15:50Z" + mac: ENC[AES256_GCM,data:KlB7jnowGFD/zglgOtuL1B0W/YF/dahtFweCldhVSt6pRw1/tY8kJv0fYRIsBIFId2eltYM/ttd1/2/9FNqvTiTfmydnO5Jb7JhPHTEh/w8R1uFjh3WpH28ZCHuT+1LvHBl13t8Bo9lmHy+DB5unlrSHYabDOai2cymdAxjF9GA=,iv:32ZNjdKD53YwQKaNrA1eKh/Y9XGYMOphfNwCOqK9ajQ=,tag:H0QZj/2N7wwvxjHcHU0ILg==,type:str] + pgp: [] + encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) + version: 3.8.1 diff --git a/kubernetes/staging.old/apps/kube-system/cilium/app/helm-values.yaml b/kubernetes/staging.old/apps/kube-system/cilium/app/helm-values.yaml index 20b6ea7ec2..dd97f8bc00 100644 --- a/kubernetes/staging.old/apps/kube-system/cilium/app/helm-values.yaml +++ b/kubernetes/staging.old/apps/kube-system/cilium/app/helm-values.yaml @@ -60,17 +60,5 @@ securityContext: privileged: true capabilities: ciliumAgent: - [ - CHOWN, - KILL, - NET_ADMIN, - NET_RAW, - IPC_LOCK, - SYS_ADMIN, - SYS_RESOURCE, - DAC_OVERRIDE, - FOWNER, - SETGID, - SETUID - ] + [CHOWN, KILL, NET_ADMIN, NET_RAW, IPC_LOCK, SYS_ADMIN, SYS_RESOURCE, DAC_OVERRIDE, FOWNER, SETGID, SETUID] cleanCiliumState: [NET_ADMIN, SYS_ADMIN, SYS_RESOURCE] diff --git a/kubernetes/staging.old/apps/security/onepassword-connect/app/onepassword-secrets.sops.yaml b/kubernetes/staging.old/apps/security/onepassword-connect/app/onepassword-secrets.sops.yaml index 140dd9dc10..71a101ab99 100644 --- a/kubernetes/staging.old/apps/security/onepassword-connect/app/onepassword-secrets.sops.yaml +++ b/kubernetes/staging.old/apps/security/onepassword-connect/app/onepassword-secrets.sops.yaml @@ -1,37 +1,37 @@ apiVersion: v1 kind: Secret metadata: - name: onepassword-secrets - namespace: security + name: onepassword-secrets + namespace: security stringData: - 1password-credentials.json: ENC[AES256_GCM,data:1Shxxz/z55O78MCx/avC9EVg0L75664A6Wbe92hmEacLiua7UV8iKLSk6G8lENOzu4pFx6sb3p9oos0e2C+fmVRvKW1lNCpqZIbugpcHtva2X1WMv+RgMc8y7j+ff+9vz3NHZdKSSY6N4wx6JOfd72kR5DQVPQJZs/2Fs9PNJT456ol5pMM28dZVDI6qeDoxiG+Lg0p63qxOJBS1RSCOh/8cSiGNs2n6PNogYcdTeJyPZkc4jCfF8STyet/guqtCo7phQGP+z5BW8PKbYJYa6kT0OR9KvQq2beDuXpRZp1sTnI8TIZYg1u/CR5jmlnejQklchPQJlOj74RdyEmwSMBAz388XhobLNBvDWdkLvAnN+Uqro3BRl4KJvDCNg8JMscBTr0XUeG60D7DWHbqp817J/z6Z5MVy6BHxr5shy34gZqpaHMW/UrtikTH4U7b6u9TTkheOCB5veKCktlZyHzjeNQ5lSwee6SanLzO1Emv0P5/TrfBBNtdkBf4A/vOQOaq5iRm4XbTZkx/RxhLA10ELd8up+KOFL0o8rlm4i4XGNeHCWepBlhVIpRZ5SWBMPVgl4SxU6MmzZmbqi+Ay/g3k/iXHuL80Hh6d4xL3UBlkRp+VAW8ScnJXPHQ9OgIDUA6LayMmyjug7R5S4/fGq4q3iRJZSZkNqWg/4YJz32nwv5zWCBb8EO0IkmD+yMsqiO0YpaIYIKCbZM8uBTZGVaRldzAz/DNqc6oy0rvLdWKC1ziA5Med8eoUHjGxeOoiYXHrWQrIH7y8pww3DEwZoRjPoRaoB/xxrbVC4cEwoS3wRmtuZMFpfS22KXfgob3bVlG2KFeEIF3QoCLwK+yZW1MGfxji7yD5pkWgO0P355841SFvmuxlP8f0u07EOfgTABmgtzBGojKxPgrKjLEoWkDtNzRddEp7w58pYg84xQoIs+TeEMccjsVzxFod4a+xYKBp39HxMG9N+X3z8tuEu64fbrrpZ5YrKYoIP8TITB3vXx+jK5IbUz3N+JJwxyblmq2QjjEcqKwsVJnF2miFZDrCH8M+T++lhAjpDn9HiL+hB89+ukqE+MpH1DoL44C3RRUTjINhGmKopg+atd2JtLtQxiT1cvl7lZE0PBo1eSAdhnDARchGVizT7cexHzAQTQ6D6E50w4s0SbIIzC5U+8gzPVJSHoBXOuCmIqM/ZBYPfVnE0ezF4EkHr0OKXZiPGjl9eJoNWl6XlEvIzzJcUHwCiqMbQjw0LANw21KrqKBK3KdVZeq8DodskIsMoGANzKQbZ7hFRN5uimKabq4yZz/F7jnjK9VjRbszCQHk4fZn+HZ/7V+fk3Rdrys+ZeRWgiLWlFKUICf3V+2RIJzSm1bgI43hoFmql+nKcefVw47BdqzdjK7Qar0t0BQZspalRm0Gdf41iUlxPgZ4OqGXBHuZzuCvpk9WrnIo8zeB/rPF16NYFVeICMXX+V1zj+WLdLbEi7K/2eTtl4T5R3hBBKc/A0XH/DNsvB6WwNCRoDgXlQVx5Pk3ywE7THjO0XBWmGadGuOfF6P9m5l8PITgDRML76fju29clj6s1u5mu8oxiXPIvWBzdx2lAcpFRDtRQ+agJGZVB4Ux8ZKCR0m53nrUcph6dLsoTOA63vjGIOO+LzB7ej+MJDmymEMUkJAc+9j9kX9WOOGLe6963BzuCK9YZQHiQFKm5tvgxj2bULeZCCYmneri9FQ/RKcYQpKqE6HdB41ThOPNC+S5a5uTFs5rlxFfx0yG8jbIzhBq5k6PHNQ8ID9sKynVco1wZMqHSREFdiy12H+GCZb74skbXPyRSYe+JmHce1MMLtRK/ZxrMJPNPOJSWmMOFgzsA7+nvDSB+eEQZWSdar+ffWgjJa7oHXzA9c5yvh7fzoOmKNv3qyhvfIMcHWgmFwasI7Bgf6GdZs4G6gLnQWN2gqgzcH1byGHp45/0e2qXaUyPTw==,iv:PMar2BawoWwTvHvTGF4bgCv/5iAe2eP9eSeYt2b4yMw=,tag:jRJbVoUCIG6FCX+6LbYa6g==,type:str] - token: ENC[AES256_GCM,data:d92Z3vD85KIaXJ6vSlmEWsG8Flci0O4ElXOaY3zqTaohIMsI8z29fUI5rLItG+HyepuVQdfdzQoPqMYhPBi3BaAaWdmxEeMStWQdnac582EytoEE/69gViDkBlZmixOxAQIth8PsUvwd4X7RCGgT4WcMgun+xdwh1pDUz5sHKrQxrjB8eQhprYDgRYK5WHdKUy+IBOmSEkko0CYt5M73QwXjkBdFc0el5gSlZe5oQSpulTj7yjfTIzqdzT29zIufXkoLTWF6rvD96km28IkKRoRb0GEVW4Gq6qjLDRfcGXtZnrnaqJD720HFRtqCZhzb6ZvsQ6Xsp78uG89/BdpaA2bwPdwH67gkWdRCArEiG3JSj5s3BnvzH8yIBLvwgbojO6Ot2TnOYgIzMmg0KCy3c0NWAPAl/YmRMdTUIW38dgkRpYkpHL1xOjgf6Qg8h/2su3FEsDyBPzTD/uPPyoiUFDWoExPMMxEjjNxBqV0LDu4DcQ2CzmRos+CNiK79ynwtu9BR9Rw7fzQdZajUgRwe3imFszAIZyFNDMsT9sC6LLQ5+lcW+Ray2XVdsolXmo5fh1u00km7rRXUyWoFGu9eGtprpwKpDHCCaKITpQYXHc7CJ1hnaZO4zIVijuSOwZL/4yH9CsWIraVa08n91rYHP5LDQ4J1BYoZb9TfiD8Ntqeg457D/yis5q1+hmKWBc9XKJ8ewScv9HG5hvnWKi3pdtxagcSN4Jx/+IN+zfkCHOf/PEeHYWVpwjuQvyX1NkniPQP72/bD5mlgNsnmycHTzVs+rjm1VWuM7s1RuE59N7DapLIpXelbrFi5lBqcxwSry9jtjSvoU31GNGBtQ7eOXTyw2g==,iv:KmklYNCkWlJ1zMw3WI1nLlmzJ0W9B5UGCWLlKaP49v0=,tag:lLUSBUP9upqUfJYrNYSrMw==,type:str] + 1password-credentials.json: ENC[AES256_GCM,data:1Shxxz/z55O78MCx/avC9EVg0L75664A6Wbe92hmEacLiua7UV8iKLSk6G8lENOzu4pFx6sb3p9oos0e2C+fmVRvKW1lNCpqZIbugpcHtva2X1WMv+RgMc8y7j+ff+9vz3NHZdKSSY6N4wx6JOfd72kR5DQVPQJZs/2Fs9PNJT456ol5pMM28dZVDI6qeDoxiG+Lg0p63qxOJBS1RSCOh/8cSiGNs2n6PNogYcdTeJyPZkc4jCfF8STyet/guqtCo7phQGP+z5BW8PKbYJYa6kT0OR9KvQq2beDuXpRZp1sTnI8TIZYg1u/CR5jmlnejQklchPQJlOj74RdyEmwSMBAz388XhobLNBvDWdkLvAnN+Uqro3BRl4KJvDCNg8JMscBTr0XUeG60D7DWHbqp817J/z6Z5MVy6BHxr5shy34gZqpaHMW/UrtikTH4U7b6u9TTkheOCB5veKCktlZyHzjeNQ5lSwee6SanLzO1Emv0P5/TrfBBNtdkBf4A/vOQOaq5iRm4XbTZkx/RxhLA10ELd8up+KOFL0o8rlm4i4XGNeHCWepBlhVIpRZ5SWBMPVgl4SxU6MmzZmbqi+Ay/g3k/iXHuL80Hh6d4xL3UBlkRp+VAW8ScnJXPHQ9OgIDUA6LayMmyjug7R5S4/fGq4q3iRJZSZkNqWg/4YJz32nwv5zWCBb8EO0IkmD+yMsqiO0YpaIYIKCbZM8uBTZGVaRldzAz/DNqc6oy0rvLdWKC1ziA5Med8eoUHjGxeOoiYXHrWQrIH7y8pww3DEwZoRjPoRaoB/xxrbVC4cEwoS3wRmtuZMFpfS22KXfgob3bVlG2KFeEIF3QoCLwK+yZW1MGfxji7yD5pkWgO0P355841SFvmuxlP8f0u07EOfgTABmgtzBGojKxPgrKjLEoWkDtNzRddEp7w58pYg84xQoIs+TeEMccjsVzxFod4a+xYKBp39HxMG9N+X3z8tuEu64fbrrpZ5YrKYoIP8TITB3vXx+jK5IbUz3N+JJwxyblmq2QjjEcqKwsVJnF2miFZDrCH8M+T++lhAjpDn9HiL+hB89+ukqE+MpH1DoL44C3RRUTjINhGmKopg+atd2JtLtQxiT1cvl7lZE0PBo1eSAdhnDARchGVizT7cexHzAQTQ6D6E50w4s0SbIIzC5U+8gzPVJSHoBXOuCmIqM/ZBYPfVnE0ezF4EkHr0OKXZiPGjl9eJoNWl6XlEvIzzJcUHwCiqMbQjw0LANw21KrqKBK3KdVZeq8DodskIsMoGANzKQbZ7hFRN5uimKabq4yZz/F7jnjK9VjRbszCQHk4fZn+HZ/7V+fk3Rdrys+ZeRWgiLWlFKUICf3V+2RIJzSm1bgI43hoFmql+nKcefVw47BdqzdjK7Qar0t0BQZspalRm0Gdf41iUlxPgZ4OqGXBHuZzuCvpk9WrnIo8zeB/rPF16NYFVeICMXX+V1zj+WLdLbEi7K/2eTtl4T5R3hBBKc/A0XH/DNsvB6WwNCRoDgXlQVx5Pk3ywE7THjO0XBWmGadGuOfF6P9m5l8PITgDRML76fju29clj6s1u5mu8oxiXPIvWBzdx2lAcpFRDtRQ+agJGZVB4Ux8ZKCR0m53nrUcph6dLsoTOA63vjGIOO+LzB7ej+MJDmymEMUkJAc+9j9kX9WOOGLe6963BzuCK9YZQHiQFKm5tvgxj2bULeZCCYmneri9FQ/RKcYQpKqE6HdB41ThOPNC+S5a5uTFs5rlxFfx0yG8jbIzhBq5k6PHNQ8ID9sKynVco1wZMqHSREFdiy12H+GCZb74skbXPyRSYe+JmHce1MMLtRK/ZxrMJPNPOJSWmMOFgzsA7+nvDSB+eEQZWSdar+ffWgjJa7oHXzA9c5yvh7fzoOmKNv3qyhvfIMcHWgmFwasI7Bgf6GdZs4G6gLnQWN2gqgzcH1byGHp45/0e2qXaUyPTw==,iv:PMar2BawoWwTvHvTGF4bgCv/5iAe2eP9eSeYt2b4yMw=,tag:jRJbVoUCIG6FCX+6LbYa6g==,type:str] + token: ENC[AES256_GCM,data:d92Z3vD85KIaXJ6vSlmEWsG8Flci0O4ElXOaY3zqTaohIMsI8z29fUI5rLItG+HyepuVQdfdzQoPqMYhPBi3BaAaWdmxEeMStWQdnac582EytoEE/69gViDkBlZmixOxAQIth8PsUvwd4X7RCGgT4WcMgun+xdwh1pDUz5sHKrQxrjB8eQhprYDgRYK5WHdKUy+IBOmSEkko0CYt5M73QwXjkBdFc0el5gSlZe5oQSpulTj7yjfTIzqdzT29zIufXkoLTWF6rvD96km28IkKRoRb0GEVW4Gq6qjLDRfcGXtZnrnaqJD720HFRtqCZhzb6ZvsQ6Xsp78uG89/BdpaA2bwPdwH67gkWdRCArEiG3JSj5s3BnvzH8yIBLvwgbojO6Ot2TnOYgIzMmg0KCy3c0NWAPAl/YmRMdTUIW38dgkRpYkpHL1xOjgf6Qg8h/2su3FEsDyBPzTD/uPPyoiUFDWoExPMMxEjjNxBqV0LDu4DcQ2CzmRos+CNiK79ynwtu9BR9Rw7fzQdZajUgRwe3imFszAIZyFNDMsT9sC6LLQ5+lcW+Ray2XVdsolXmo5fh1u00km7rRXUyWoFGu9eGtprpwKpDHCCaKITpQYXHc7CJ1hnaZO4zIVijuSOwZL/4yH9CsWIraVa08n91rYHP5LDQ4J1BYoZb9TfiD8Ntqeg457D/yis5q1+hmKWBc9XKJ8ewScv9HG5hvnWKi3pdtxagcSN4Jx/+IN+zfkCHOf/PEeHYWVpwjuQvyX1NkniPQP72/bD5mlgNsnmycHTzVs+rjm1VWuM7s1RuE59N7DapLIpXelbrFi5lBqcxwSry9jtjSvoU31GNGBtQ7eOXTyw2g==,iv:KmklYNCkWlJ1zMw3WI1nLlmzJ0W9B5UGCWLlKaP49v0=,tag:lLUSBUP9upqUfJYrNYSrMw==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxZG9ZSlMvWnFFQnRubzBE - SWFGSjlpTjdjU0RDbk1BcllsVGdUMHR3RVFNClRUVzBjVVM2YmVtYTFYazVZdUVF - MTNjb2lYSXkwUHI0WDhEdFZPUm9MMWcKLS0tIFRpcnBtUCtYaFZSUmZGWGM4RHFZ - bTVkQ2FHYVZGa0M5MDArTVBoTWg3UkEKOZvUhbDr16xkh/hqu7ORmjLU1qFA2fRY - RsB3zZKe/B7YGoQrDUBFa1mw3xCCfceV8DTo/77BjqnaXWh5AXy4yw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1cyqpra4hj22emvvsjyygd3mstyrf8vy0hktmvmv85kxgggqxzfns4pkdhy - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1VHRWQ3FUcXljUXh1bk9r - bWR6UVU5aWZyV2I2WjdSdzdraVpqeEc1Q0V3CnZXWmJjMUpxK3dtbURDUGNzc2wv - b1pYUG1PNlVzZ3pzNVhNN1crRXk3cG8KLS0tIFdYYzQ4WC9wcWswNytscXljWjJq - UVlpQ3NDVUdIVVo1Y1B6aW9BMzhOQzgKDVxudqp8m8wHFoxmoVQr4qrzcEj7ZJyb - yJV82jSmpLMlEXeM8oily7dQMVVE6fabK5XHByRb1VZclyRDXn97Mg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-12-20T11:43:16Z" - mac: ENC[AES256_GCM,data:eR3qO5ugFvLeBbMyH1MFrO319lH+hVSAs+evYuwrba7sHz7PSfVdmjz9y59Q6kqFhg6cc7xI72/8LGxmtKhw1yJzGeF5s2tTjBTmBa4vZWG23TgiqxEuv20ALSAnlAM2glnEcZ/+/7EM5i9is3XKCKPTGGWO5PsgXvZcfKl4ss4=,iv:HnKrXQAQ88djOjPCKrQ1Z3SgFr2laLFIr47ArW6bPIQ=,tag:k3vAY4vTP7AO7MZpghlN8A==,type:str] - pgp: [] - encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) - version: 3.9.2 + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxZG9ZSlMvWnFFQnRubzBE + SWFGSjlpTjdjU0RDbk1BcllsVGdUMHR3RVFNClRUVzBjVVM2YmVtYTFYazVZdUVF + MTNjb2lYSXkwUHI0WDhEdFZPUm9MMWcKLS0tIFRpcnBtUCtYaFZSUmZGWGM4RHFZ + bTVkQ2FHYVZGa0M5MDArTVBoTWg3UkEKOZvUhbDr16xkh/hqu7ORmjLU1qFA2fRY + RsB3zZKe/B7YGoQrDUBFa1mw3xCCfceV8DTo/77BjqnaXWh5AXy4yw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1cyqpra4hj22emvvsjyygd3mstyrf8vy0hktmvmv85kxgggqxzfns4pkdhy + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1VHRWQ3FUcXljUXh1bk9r + bWR6UVU5aWZyV2I2WjdSdzdraVpqeEc1Q0V3CnZXWmJjMUpxK3dtbURDUGNzc2wv + b1pYUG1PNlVzZ3pzNVhNN1crRXk3cG8KLS0tIFdYYzQ4WC9wcWswNytscXljWjJq + UVlpQ3NDVUdIVVo1Y1B6aW9BMzhOQzgKDVxudqp8m8wHFoxmoVQr4qrzcEj7ZJyb + yJV82jSmpLMlEXeM8oily7dQMVVE6fabK5XHByRb1VZclyRDXn97Mg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-12-20T11:43:16Z" + mac: ENC[AES256_GCM,data:eR3qO5ugFvLeBbMyH1MFrO319lH+hVSAs+evYuwrba7sHz7PSfVdmjz9y59Q6kqFhg6cc7xI72/8LGxmtKhw1yJzGeF5s2tTjBTmBa4vZWG23TgiqxEuv20ALSAnlAM2glnEcZ/+/7EM5i9is3XKCKPTGGWO5PsgXvZcfKl4ss4=,iv:HnKrXQAQ88djOjPCKrQ1Z3SgFr2laLFIr47ArW6bPIQ=,tag:k3vAY4vTP7AO7MZpghlN8A==,type:str] + pgp: [] + encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) + version: 3.9.2 diff --git a/kubernetes/staging.old/apps/system/node-feature-discovery/rules/google-coral-device.yaml b/kubernetes/staging.old/apps/system/node-feature-discovery/rules/google-coral-device.yaml index 31599e0aec..b968368b85 100644 --- a/kubernetes/staging.old/apps/system/node-feature-discovery/rules/google-coral-device.yaml +++ b/kubernetes/staging.old/apps/system/node-feature-discovery/rules/google-coral-device.yaml @@ -13,4 +13,4 @@ spec: matchFeatures: - feature: usb.device matchExpressions: - vendor: {op: In, value: ["1a6e", "18d1"]} + vendor: { op: In, value: ["1a6e", "18d1"] } diff --git a/kubernetes/staging.old/apps/system/node-feature-discovery/rules/intel-gpu-plugin.yaml b/kubernetes/staging.old/apps/system/node-feature-discovery/rules/intel-gpu-plugin.yaml index 31921d2d86..40d7a8e378 100644 --- a/kubernetes/staging.old/apps/system/node-feature-discovery/rules/intel-gpu-plugin.yaml +++ b/kubernetes/staging.old/apps/system/node-feature-discovery/rules/intel-gpu-plugin.yaml @@ -12,5 +12,5 @@ spec: matchFeatures: - feature: pci.device matchExpressions: - class: {op: In, value: ["0300", "0380"]} - vendor: {op: In, value: ["8086"]} + class: { op: In, value: ["0300", "0380"] } + vendor: { op: In, value: ["8086"] } diff --git a/kubernetes/staging.old/bootstrap/talos/apps/helmfile.yaml b/kubernetes/staging.old/bootstrap/talos/apps/helmfile.yaml index 020c4de341..f337ef963a 100644 --- a/kubernetes/staging.old/bootstrap/talos/apps/helmfile.yaml +++ b/kubernetes/staging.old/bootstrap/talos/apps/helmfile.yaml @@ -33,8 +33,7 @@ releases: namespace: kube-system chart: postfinance/kubelet-csr-approver version: 1.2.5 - values: - ["../../../apps/kube-system/kubelet-csr-approver/app/helm-values.yaml"] + values: ["../../../apps/kube-system/kubelet-csr-approver/app/helm-values.yaml"] needs: - monitoring/prometheus-operator-crds - kube-system/cilium diff --git a/kubernetes/staging.old/bootstrap/talos/talenv.sops.yaml b/kubernetes/staging.old/bootstrap/talos/talenv.sops.yaml index 30db544b17..6269ac95f4 100644 --- a/kubernetes/staging.old/bootstrap/talos/talenv.sops.yaml +++ b/kubernetes/staging.old/bootstrap/talos/talenv.sops.yaml @@ -4,31 +4,31 @@ clusterServiceNets: 10.210.0.0/16 clusterPodNets: 10.211.0.0/16 vectorAggregatorIP: 10.12.1.4 sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIUE9INDZrNzczSU9iS1FK - WEVxbEY3eVAxM2hXQUl4S3R4TVREd2IvMVNzCjdUK2FKOGZuckpwRjRyeUUvYjNa - M2MvL2FkY0VabDVTMUtqSFFuaEVlRUkKLS0tIElyMThpQkNDVHhnMjRGS0kwRUpj - ODNCZHhaSGRhYi9kVEd0bnBQdmFNYmcKcyy8KYpcQ+WP6Y7/oUCQzmH4GKpa7M+x - pNvu89nJhMoB3I8MLtVgYRgtZlemND+AsgqCHdmfEjTCW2cNHAysjw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1cyqpra4hj22emvvsjyygd3mstyrf8vy0hktmvmv85kxgggqxzfns4pkdhy - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKb3ZWb3hKYkVPY0NFWmZU - Uk1kUkhvRjg4Mm1SL2NBREQrQzJMUEhQbG4wClM5aFdLM3dqNW5mTTFYZkNUcXQ0 - R0N3eUc2aXFxbFB3VDhHTUgwQUtJWHMKLS0tIHNjeVJ5cDMvV1FaOHl6QjVkRDhE - LzRDVnNsMmFidnNUY0J6b3BicnJObjQKKuPUGgPhglihHl8BmtY4dXsb7Svztkoy - thw7vWbxMpKyD8HuHuOcAFRtwMoF2oW+p6SCKq6S4iyVnPfICXch7Q== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-04-27T00:26:08Z" - mac: ENC[AES256_GCM,data:tUIPBXz7zYRzvb/ER39765FNiKZgiLy5g/TkjAyDPuShDMH2LanbS29Pxh1JrjZdO0rP5KncTlZ6dq+9VJ5XIAulSn6EXmH2UWo3638npHWKeu7Cyac1c76eBkiy+Np+7S8acs9h2cKZOKgZuNBCXaCOwe4bXTozUkNPwuHAV/c=,iv:X55CJU2Cslq/zXRsGbKetW2kEIZNDAie9UsqnKipR98=,tag:tcH8rkVBqE1opGz7CIrghw==,type:str] - pgp: [] - encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) - version: 3.8.1 + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIUE9INDZrNzczSU9iS1FK + WEVxbEY3eVAxM2hXQUl4S3R4TVREd2IvMVNzCjdUK2FKOGZuckpwRjRyeUUvYjNa + M2MvL2FkY0VabDVTMUtqSFFuaEVlRUkKLS0tIElyMThpQkNDVHhnMjRGS0kwRUpj + ODNCZHhaSGRhYi9kVEd0bnBQdmFNYmcKcyy8KYpcQ+WP6Y7/oUCQzmH4GKpa7M+x + pNvu89nJhMoB3I8MLtVgYRgtZlemND+AsgqCHdmfEjTCW2cNHAysjw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1cyqpra4hj22emvvsjyygd3mstyrf8vy0hktmvmv85kxgggqxzfns4pkdhy + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKb3ZWb3hKYkVPY0NFWmZU + Uk1kUkhvRjg4Mm1SL2NBREQrQzJMUEhQbG4wClM5aFdLM3dqNW5mTTFYZkNUcXQ0 + R0N3eUc2aXFxbFB3VDhHTUgwQUtJWHMKLS0tIHNjeVJ5cDMvV1FaOHl6QjVkRDhE + LzRDVnNsMmFidnNUY0J6b3BicnJObjQKKuPUGgPhglihHl8BmtY4dXsb7Svztkoy + thw7vWbxMpKyD8HuHuOcAFRtwMoF2oW+p6SCKq6S4iyVnPfICXch7Q== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-04-27T00:26:08Z" + mac: ENC[AES256_GCM,data:tUIPBXz7zYRzvb/ER39765FNiKZgiLy5g/TkjAyDPuShDMH2LanbS29Pxh1JrjZdO0rP5KncTlZ6dq+9VJ5XIAulSn6EXmH2UWo3638npHWKeu7Cyac1c76eBkiy+Np+7S8acs9h2cKZOKgZuNBCXaCOwe4bXTozUkNPwuHAV/c=,iv:X55CJU2Cslq/zXRsGbKetW2kEIZNDAie9UsqnKipR98=,tag:tcH8rkVBqE1opGz7CIrghw==,type:str] + pgp: [] + encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) + version: 3.8.1 diff --git a/kubernetes/staging.old/bootstrap/talos/talsecret.sops.yaml b/kubernetes/staging.old/bootstrap/talos/talsecret.sops.yaml index 99ec558be4..e2bdbac166 100644 --- a/kubernetes/staging.old/bootstrap/talos/talsecret.sops.yaml +++ b/kubernetes/staging.old/bootstrap/talos/talsecret.sops.yaml @@ -1,52 +1,52 @@ cluster: - id: dplvuNWXujYQVOoP1ELN114VuS2pgWUdaYF5HKZYsrk= - secret: ENC[AES256_GCM,data:x+BrWNKi4RtBxJh9fzUuyhqg5S4rmvubUoV+k4Qsa2oZ4QfM2uQbDC0FLXc=,iv:DDKJYIrisLtNW8yQZrXWPSka1jsqsUY6/ckjB2g8nxA=,tag:H4FyWA1eNneHX56fdo4zxA==,type:str] + id: dplvuNWXujYQVOoP1ELN114VuS2pgWUdaYF5HKZYsrk= + secret: ENC[AES256_GCM,data:x+BrWNKi4RtBxJh9fzUuyhqg5S4rmvubUoV+k4Qsa2oZ4QfM2uQbDC0FLXc=,iv:DDKJYIrisLtNW8yQZrXWPSka1jsqsUY6/ckjB2g8nxA=,tag:H4FyWA1eNneHX56fdo4zxA==,type:str] secrets: - bootstraptoken: ENC[AES256_GCM,data:v+JfpBiYr1KD5jN2hJVdK1GIG3rKa2k=,iv:4v/1ipgGBrd4RLZ1ndwZcRipuwYaamp2F2722faq1uM=,tag:QjzhoeO9hfq0+Rp9LQz0Xg==,type:str] - secretboxencryptionsecret: ENC[AES256_GCM,data:ePY0HKcnM/lTbi21Q+eqTTALjzekvHK2zU5YyXHStXg5xAfrnzsXdnpc0n8=,iv:Blka/+AQrotFFiw3rO2GqQLLXMNtCebQr/E72FnZKNc=,tag:H7pLmLCjXc3Fq3v137Nzeg==,type:str] + bootstraptoken: ENC[AES256_GCM,data:v+JfpBiYr1KD5jN2hJVdK1GIG3rKa2k=,iv:4v/1ipgGBrd4RLZ1ndwZcRipuwYaamp2F2722faq1uM=,tag:QjzhoeO9hfq0+Rp9LQz0Xg==,type:str] + secretboxencryptionsecret: ENC[AES256_GCM,data:ePY0HKcnM/lTbi21Q+eqTTALjzekvHK2zU5YyXHStXg5xAfrnzsXdnpc0n8=,iv:Blka/+AQrotFFiw3rO2GqQLLXMNtCebQr/E72FnZKNc=,tag:H7pLmLCjXc3Fq3v137Nzeg==,type:str] trustdinfo: - token: ENC[AES256_GCM,data:tSWk+R30gcmweSF5Z1MEplYF6Ckbg9A=,iv:TDzcV7ujTeQt46puMRG/8TxNUm2reCq0g+o5Fl8YSVY=,tag:KyU5thYT1b4FiqBcY98/rQ==,type:str] + token: ENC[AES256_GCM,data:tSWk+R30gcmweSF5Z1MEplYF6Ckbg9A=,iv:TDzcV7ujTeQt46puMRG/8TxNUm2reCq0g+o5Fl8YSVY=,tag:KyU5thYT1b4FiqBcY98/rQ==,type:str] certs: - etcd: - crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJmakNDQVNTZ0F3SUJBZ0lSQUs1eEdhSnBwZ3dXL09Ed2dVV2M5eWt3Q2dZSUtvWkl6ajBFQXdJd0R6RU4KTUFzR0ExVUVDaE1FWlhSalpEQWVGdzB5TWpFeU1UY3hPRFV6TVRGYUZ3MHpNakV5TVRReE9EVXpNVEZhTUE4eApEVEFMQmdOVkJBb1RCR1YwWTJRd1dUQVRCZ2NxaGtqT1BRSUJCZ2dxaGtqT1BRTUJCd05DQUFTbHdJRkJSd0R3Clo2TUNNc1A4cXZXOXQ4RWRuNmlwa3BMZG5OUkoyTks5OWRZcUJjdHFEL2xXaUdPb2l6cVMrc0I3aHNFUU1MZlQKbXN0eEM2VGxFMzRKbzJFd1h6QU9CZ05WSFE4QkFmOEVCQU1DQW9Rd0hRWURWUjBsQkJZd0ZBWUlLd1lCQlFVSApBd0VHQ0NzR0FRVUZCd01DTUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3SFFZRFZSME9CQllFRkI5czVDNmprd21ICmFDYzlaZDFQaU03SlcvS1ZNQW9HQ0NxR1NNNDlCQU1DQTBnQU1FVUNJUUNUQVpIMUhjcVRuQmhBY2tRQW1oekIKdjIvRnFJaDRMZFZleGdJb0wvdEY3Z0lnVlI1VU9GUnkxSkJYOCtrTHdkbjcwbTRGY00zazRzUGxpNzk4S0RGRgpUdXc9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K - key: ENC[AES256_GCM,data:3qlp6TyoMQ68Pewz9GOlp2bIh3pRNRGxPzN0ItoBdZlSqNPgqd8JFoX6dd0b61lTxuvV1vGd20zmdAyqhZSUBiHQiqjRZMbD7OTy89AX4wrdRsmRas3kTKoCqbZSbhPwH43btzBV9e3p4tt49D4CaEZH0XI3VAbDqKnLJRAUDIoO6S+9oeL9Wq/jX1QGoJPj81G/24cUQTaYYuEYF1Ko031FH0p9FVVmekHpke58/OeujeMopJHoCmrsgHvSX4mTZPCyDI7H5iKDbVsmRmDwrg6X8MWv7jlerK9j2KgyaGb5wTje43adtPqiSTYCFQpL0npfAYHOhoR28D3fYiZ5uANE45aIgSBLIJKoZDnxibVzhDGEUIT09dgT8w5W2ON5ZIiY2Yf0+nS6gfX6SRobeQ==,iv:btXi5SPu9aHBZOiQtyQW265cgw42DBEzzzVWfz5dox8=,tag:CBLMiZlkowCSHIEfqegTzQ==,type:str] - k8s: - crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJpekNDQVRDZ0F3SUJBZ0lSQUtlUSt2Q3p2dEJlaVJPMDNnbjNpSkl3Q2dZSUtvWkl6ajBFQXdJd0ZURVQKTUJFR0ExVUVDaE1LYTNWaVpYSnVaWFJsY3pBZUZ3MHlNakV5TVRjeE9EVXpNVEZhRncwek1qRXlNVFF4T0RVegpNVEZhTUJVeEV6QVJCZ05WQkFvVENtdDFZbVZ5Ym1WMFpYTXdXVEFUQmdjcWhrak9QUUlCQmdncWhrak9QUU1CCkJ3TkNBQVNobjlLTExGNVcwdzQyQU5Rd1p0Wll6WnhNVWwwTWUwRiswU0IrMXVtSzFKSzd3cTJLSlBDbmVxNUYKWE03cFF0akVJK2lCYk1acWUzck5ROCtZWU1sNW8yRXdYekFPQmdOVkhROEJBZjhFQkFNQ0FvUXdIUVlEVlIwbApCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUZNQU1CQWY4d0hRWURWUjBPCkJCWUVGSHprZHZEbXRTb2Q3bkRSb0ZVZXN4aVNWR2JMTUFvR0NDcUdTTTQ5QkFNQ0Ewa0FNRVlDSVFDMzRuMjMKbHZBUmNiODd5R212SDkydm9JTmNiNTNpekZtVVFqSU50WStvREFJaEFPcnJpUWZuOVdQVW9HRVQ0MGZDV3hHaApRTG5tT2lqZGpyTU9BdFlTWkQ0ZgotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== - key: ENC[AES256_GCM,data:cnLdXGVWBlTzkS2j3o4DgRlgeDFze4s6KKknXJLcZrDc/kCRfL3oDaWKs9bjx7ONcbVfn9PBVIKhpCmMVdPb2R07DJ5uoOisq4p18p+A64cXcyljklDu6rgZasDFzstgc0W4gXMjNu1Kdu286ioNoWZYRPVH7+fKWM+i0UZXPp1Xpn3r3lKIDsW3uCFNaI50O0DOyKVqrrTD7EHywjeAAPvL9bKTEKvmJwDUKuaETdtVVTcIjFnSXdsS7hTC0X4uwPCFNYfq9hZjKYzaa5ZyY9AY2CTNvu8BHQImzc3JTkXCBIDopYoVWWbAtu2xvXXtXShLP2ZBq9d8079KbV/jQv0P/K7A7U+RZgodu/n5cUdwK0L+ZyUdQyGnIb6hzA6olHsUKMnMygwkimuyglZtUA==,iv:KIbscXe2xgI3Iehub3rrX3LxquZlPEtuMzmx4/zoZek=,tag:2mMSThFQIfMqOn7Vqf5oag==,type:str] - k8saggregator: - crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJYekNDQVFhZ0F3SUJBZ0lSQUllVDJoamtVZk5ZdEFkeTdhbzUvZEF3Q2dZSUtvWkl6ajBFQXdJd0FEQWUKRncweU1qRXlNVGN4T0RVek1URmFGdzB6TWpFeU1UUXhPRFV6TVRGYU1BQXdXVEFUQmdjcWhrak9QUUlCQmdncQpoa2pPUFFNQkJ3TkNBQVRXSUpnQ3JtWFJ3cHhFYVpKMDhGMUNSUWh1SGhhRTVZdlFXZ3hPR1BEMXhwY2ZLMWhRCnRCWDY1dXc3WFNYdWlrVXFFckxodjdHSitOalAzbHRoTFZnZW8yRXdYekFPQmdOVkhROEJBZjhFQkFNQ0FvUXcKSFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUZNQU1CQWY4dwpIUVlEVlIwT0JCWUVGSW9xa252VlBMVGtQTkdGRG92dG8wa2UrZ01LTUFvR0NDcUdTTTQ5QkFNQ0EwY0FNRVFDCklCcmsrOFNVOTlpYTc2aHBBVGhHaVd5Q1VLS2x3YzRxTjRrLzhnTnN2V2gyQWlCejRMeGtvSFQrVHRiUCtKZkgKM253WHBBN2RDMFhJTDRCN1g4UTJVQzdwQWc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== - key: ENC[AES256_GCM,data:FZVRfZkCxdpPuoniHg+LaWiYJDY97esZ3EmYEx5Mkbfe6O7yhHKecQeISGqV4t7oENF6bEUr/JtIK4LW70LNZ1jfdrZ93klF7MsUGoj2uaEA73q5pLX8D6Yw3c5yCBvDxD2nUUUN6J57zD9TGhwlmUbwEI1MRcVEKb+k+22bBja+BMOLT5dwlyC67a89OBgBNGzOeLlCHPArCoXQbVTZi5a9I/MGCrKH7AylSsKKIxcFtOmzyw5JCK44Hn/DGc0mCfZRF7qIxCTMkYkOza/RdOo6kozzNZMGecgIUoRAEHxoPGF4pTMUUkQycYpYcYltm/wJEmlr22b07zR6+g4F/18/3wzG6IStZHB5xTlh5Pk12rlN2mGYV+X6WHHDPXLUCFT8gDq5icDD1+80GpGv/g==,iv:hPt8rZV30VaAn+m0gfqZ5GCn7r/9d5EyBUkp6e48I1Q=,tag:pO316HbMirtGH6aFpBGNpQ==,type:str] - k8sserviceaccount: - key: ENC[AES256_GCM,data:q4rqlFBi4hQWgJywvVKs336PY8j2d+5UIq/z3PSpOSQcUKEccl2botdP5oFLs3LoWsnEOGfmmDPM/i02IuQEtlFNyz0cAHBCXPUMLqmWWbqfVa+jrmD6+9a4aVbIMzl5PUcO7QM3vaBoe7261d5o46IgBIPw71t7IIILrLAOKygIL6mYfH69zTTkowGrrGI2G6UHX+PlE7nt3aXqSbddfne0DsKAjyDqh75pvOTLy34bi2HXzes7YE+iSy4YcYURJLzmctIT+7ziADCck0dum3p+5xTgokW/reqkux1ErMTJyC811AAHMXQfG4JtcoWdxICFPDtf0mh5l6NvlHi7+S+nOwwb2G7MMp120lux/QxkTSCrbpyDU07Pn6yylkdGIvIKSjRzQ/vGwQJqgZ6ZQA==,iv:JLvhmtJ6PgHwPnfbC+MXsmZ+JjZO+xEMpkKej+J1vH0=,tag:OofQefpgFmrNO6EgiyCoBA==,type:str] - os: - crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJQekNCOHFBREFnRUNBaEVBdVcrNC95N05kWUJwM25BWFZqSFkyREFGQmdNclpYQXdFREVPTUF3R0ExVUUKQ2hNRmRHRnNiM013SGhjTk1qSXhNakUzTVRnMU16RXhXaGNOTXpJeE1qRTBNVGcxTXpFeFdqQVFNUTR3REFZRApWUVFLRXdWMFlXeHZjekFxTUFVR0F5dGxjQU1oQU5MdzNPRFR5eitxTm1hNitONjcxL3VZTU40U0tSWjR6c1J5CmFGUEJYTmU3bzJFd1h6QU9CZ05WSFE4QkFmOEVCQU1DQW9Rd0hRWURWUjBsQkJZd0ZBWUlLd1lCQlFVSEF3RUcKQ0NzR0FRVUZCd01DTUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3SFFZRFZSME9CQllFRkhzZFIxWEMwQ0o5MnNyWQoxVVNXbERwMkpKckNNQVVHQXl0bGNBTkJBTmEwSkczM1lRaEdwUWpYYnJYV0VVZk03UDdodnhBcnkrZ2tHTkN0CjlKYk9SYks3ZTc3TUxUZW1PODBhQ05ic1hwMzlpRERlM2ZKRkphc3lVNE1oN1FZPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== - key: ENC[AES256_GCM,data:nI3aTDBx4dX6Kk0bIRqyW985HBRzYiKxaj8n/bfpBfdex6X12LG8QZYWk7lMOBZ/GEZqY0cHSlvG/36mcLHOLU0DZJnL6ox6yWZnw8t9hzCyOdF3T/QOeLKdw0t8GGWvBgj/YAQMsYl5tptLM1dLSUHZSvJqwSS/fFplDhd0t4eS0jc/PcUUpwEf51BR4/c8p1XveiAVZ6cAj7QXW5h8borUN0yJchnf8xrRW0gBZ2Z0Ldkm,iv:/g5N8XUO0lT62gZN+wIbqAqVM0hw4FguA5zwUwWV0co=,tag:RxhOAiAIPutZQQuVc244LA==,type:str] + etcd: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJmakNDQVNTZ0F3SUJBZ0lSQUs1eEdhSnBwZ3dXL09Ed2dVV2M5eWt3Q2dZSUtvWkl6ajBFQXdJd0R6RU4KTUFzR0ExVUVDaE1FWlhSalpEQWVGdzB5TWpFeU1UY3hPRFV6TVRGYUZ3MHpNakV5TVRReE9EVXpNVEZhTUE4eApEVEFMQmdOVkJBb1RCR1YwWTJRd1dUQVRCZ2NxaGtqT1BRSUJCZ2dxaGtqT1BRTUJCd05DQUFTbHdJRkJSd0R3Clo2TUNNc1A4cXZXOXQ4RWRuNmlwa3BMZG5OUkoyTks5OWRZcUJjdHFEL2xXaUdPb2l6cVMrc0I3aHNFUU1MZlQKbXN0eEM2VGxFMzRKbzJFd1h6QU9CZ05WSFE4QkFmOEVCQU1DQW9Rd0hRWURWUjBsQkJZd0ZBWUlLd1lCQlFVSApBd0VHQ0NzR0FRVUZCd01DTUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3SFFZRFZSME9CQllFRkI5czVDNmprd21ICmFDYzlaZDFQaU03SlcvS1ZNQW9HQ0NxR1NNNDlCQU1DQTBnQU1FVUNJUUNUQVpIMUhjcVRuQmhBY2tRQW1oekIKdjIvRnFJaDRMZFZleGdJb0wvdEY3Z0lnVlI1VU9GUnkxSkJYOCtrTHdkbjcwbTRGY00zazRzUGxpNzk4S0RGRgpUdXc9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + key: ENC[AES256_GCM,data:3qlp6TyoMQ68Pewz9GOlp2bIh3pRNRGxPzN0ItoBdZlSqNPgqd8JFoX6dd0b61lTxuvV1vGd20zmdAyqhZSUBiHQiqjRZMbD7OTy89AX4wrdRsmRas3kTKoCqbZSbhPwH43btzBV9e3p4tt49D4CaEZH0XI3VAbDqKnLJRAUDIoO6S+9oeL9Wq/jX1QGoJPj81G/24cUQTaYYuEYF1Ko031FH0p9FVVmekHpke58/OeujeMopJHoCmrsgHvSX4mTZPCyDI7H5iKDbVsmRmDwrg6X8MWv7jlerK9j2KgyaGb5wTje43adtPqiSTYCFQpL0npfAYHOhoR28D3fYiZ5uANE45aIgSBLIJKoZDnxibVzhDGEUIT09dgT8w5W2ON5ZIiY2Yf0+nS6gfX6SRobeQ==,iv:btXi5SPu9aHBZOiQtyQW265cgw42DBEzzzVWfz5dox8=,tag:CBLMiZlkowCSHIEfqegTzQ==,type:str] + k8s: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJpekNDQVRDZ0F3SUJBZ0lSQUtlUSt2Q3p2dEJlaVJPMDNnbjNpSkl3Q2dZSUtvWkl6ajBFQXdJd0ZURVQKTUJFR0ExVUVDaE1LYTNWaVpYSnVaWFJsY3pBZUZ3MHlNakV5TVRjeE9EVXpNVEZhRncwek1qRXlNVFF4T0RVegpNVEZhTUJVeEV6QVJCZ05WQkFvVENtdDFZbVZ5Ym1WMFpYTXdXVEFUQmdjcWhrak9QUUlCQmdncWhrak9QUU1CCkJ3TkNBQVNobjlLTExGNVcwdzQyQU5Rd1p0Wll6WnhNVWwwTWUwRiswU0IrMXVtSzFKSzd3cTJLSlBDbmVxNUYKWE03cFF0akVJK2lCYk1acWUzck5ROCtZWU1sNW8yRXdYekFPQmdOVkhROEJBZjhFQkFNQ0FvUXdIUVlEVlIwbApCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUZNQU1CQWY4d0hRWURWUjBPCkJCWUVGSHprZHZEbXRTb2Q3bkRSb0ZVZXN4aVNWR2JMTUFvR0NDcUdTTTQ5QkFNQ0Ewa0FNRVlDSVFDMzRuMjMKbHZBUmNiODd5R212SDkydm9JTmNiNTNpekZtVVFqSU50WStvREFJaEFPcnJpUWZuOVdQVW9HRVQ0MGZDV3hHaApRTG5tT2lqZGpyTU9BdFlTWkQ0ZgotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + key: ENC[AES256_GCM,data:cnLdXGVWBlTzkS2j3o4DgRlgeDFze4s6KKknXJLcZrDc/kCRfL3oDaWKs9bjx7ONcbVfn9PBVIKhpCmMVdPb2R07DJ5uoOisq4p18p+A64cXcyljklDu6rgZasDFzstgc0W4gXMjNu1Kdu286ioNoWZYRPVH7+fKWM+i0UZXPp1Xpn3r3lKIDsW3uCFNaI50O0DOyKVqrrTD7EHywjeAAPvL9bKTEKvmJwDUKuaETdtVVTcIjFnSXdsS7hTC0X4uwPCFNYfq9hZjKYzaa5ZyY9AY2CTNvu8BHQImzc3JTkXCBIDopYoVWWbAtu2xvXXtXShLP2ZBq9d8079KbV/jQv0P/K7A7U+RZgodu/n5cUdwK0L+ZyUdQyGnIb6hzA6olHsUKMnMygwkimuyglZtUA==,iv:KIbscXe2xgI3Iehub3rrX3LxquZlPEtuMzmx4/zoZek=,tag:2mMSThFQIfMqOn7Vqf5oag==,type:str] + k8saggregator: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJYekNDQVFhZ0F3SUJBZ0lSQUllVDJoamtVZk5ZdEFkeTdhbzUvZEF3Q2dZSUtvWkl6ajBFQXdJd0FEQWUKRncweU1qRXlNVGN4T0RVek1URmFGdzB6TWpFeU1UUXhPRFV6TVRGYU1BQXdXVEFUQmdjcWhrak9QUUlCQmdncQpoa2pPUFFNQkJ3TkNBQVRXSUpnQ3JtWFJ3cHhFYVpKMDhGMUNSUWh1SGhhRTVZdlFXZ3hPR1BEMXhwY2ZLMWhRCnRCWDY1dXc3WFNYdWlrVXFFckxodjdHSitOalAzbHRoTFZnZW8yRXdYekFPQmdOVkhROEJBZjhFQkFNQ0FvUXcKSFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUZNQU1CQWY4dwpIUVlEVlIwT0JCWUVGSW9xa252VlBMVGtQTkdGRG92dG8wa2UrZ01LTUFvR0NDcUdTTTQ5QkFNQ0EwY0FNRVFDCklCcmsrOFNVOTlpYTc2aHBBVGhHaVd5Q1VLS2x3YzRxTjRrLzhnTnN2V2gyQWlCejRMeGtvSFQrVHRiUCtKZkgKM253WHBBN2RDMFhJTDRCN1g4UTJVQzdwQWc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + key: ENC[AES256_GCM,data:FZVRfZkCxdpPuoniHg+LaWiYJDY97esZ3EmYEx5Mkbfe6O7yhHKecQeISGqV4t7oENF6bEUr/JtIK4LW70LNZ1jfdrZ93klF7MsUGoj2uaEA73q5pLX8D6Yw3c5yCBvDxD2nUUUN6J57zD9TGhwlmUbwEI1MRcVEKb+k+22bBja+BMOLT5dwlyC67a89OBgBNGzOeLlCHPArCoXQbVTZi5a9I/MGCrKH7AylSsKKIxcFtOmzyw5JCK44Hn/DGc0mCfZRF7qIxCTMkYkOza/RdOo6kozzNZMGecgIUoRAEHxoPGF4pTMUUkQycYpYcYltm/wJEmlr22b07zR6+g4F/18/3wzG6IStZHB5xTlh5Pk12rlN2mGYV+X6WHHDPXLUCFT8gDq5icDD1+80GpGv/g==,iv:hPt8rZV30VaAn+m0gfqZ5GCn7r/9d5EyBUkp6e48I1Q=,tag:pO316HbMirtGH6aFpBGNpQ==,type:str] + k8sserviceaccount: + key: ENC[AES256_GCM,data:q4rqlFBi4hQWgJywvVKs336PY8j2d+5UIq/z3PSpOSQcUKEccl2botdP5oFLs3LoWsnEOGfmmDPM/i02IuQEtlFNyz0cAHBCXPUMLqmWWbqfVa+jrmD6+9a4aVbIMzl5PUcO7QM3vaBoe7261d5o46IgBIPw71t7IIILrLAOKygIL6mYfH69zTTkowGrrGI2G6UHX+PlE7nt3aXqSbddfne0DsKAjyDqh75pvOTLy34bi2HXzes7YE+iSy4YcYURJLzmctIT+7ziADCck0dum3p+5xTgokW/reqkux1ErMTJyC811AAHMXQfG4JtcoWdxICFPDtf0mh5l6NvlHi7+S+nOwwb2G7MMp120lux/QxkTSCrbpyDU07Pn6yylkdGIvIKSjRzQ/vGwQJqgZ6ZQA==,iv:JLvhmtJ6PgHwPnfbC+MXsmZ+JjZO+xEMpkKej+J1vH0=,tag:OofQefpgFmrNO6EgiyCoBA==,type:str] + os: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJQekNCOHFBREFnRUNBaEVBdVcrNC95N05kWUJwM25BWFZqSFkyREFGQmdNclpYQXdFREVPTUF3R0ExVUUKQ2hNRmRHRnNiM013SGhjTk1qSXhNakUzTVRnMU16RXhXaGNOTXpJeE1qRTBNVGcxTXpFeFdqQVFNUTR3REFZRApWUVFLRXdWMFlXeHZjekFxTUFVR0F5dGxjQU1oQU5MdzNPRFR5eitxTm1hNitONjcxL3VZTU40U0tSWjR6c1J5CmFGUEJYTmU3bzJFd1h6QU9CZ05WSFE4QkFmOEVCQU1DQW9Rd0hRWURWUjBsQkJZd0ZBWUlLd1lCQlFVSEF3RUcKQ0NzR0FRVUZCd01DTUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3SFFZRFZSME9CQllFRkhzZFIxWEMwQ0o5MnNyWQoxVVNXbERwMkpKckNNQVVHQXl0bGNBTkJBTmEwSkczM1lRaEdwUWpYYnJYV0VVZk03UDdodnhBcnkrZ2tHTkN0CjlKYk9SYks3ZTc3TUxUZW1PODBhQ05ic1hwMzlpRERlM2ZKRkphc3lVNE1oN1FZPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + key: ENC[AES256_GCM,data:nI3aTDBx4dX6Kk0bIRqyW985HBRzYiKxaj8n/bfpBfdex6X12LG8QZYWk7lMOBZ/GEZqY0cHSlvG/36mcLHOLU0DZJnL6ox6yWZnw8t9hzCyOdF3T/QOeLKdw0t8GGWvBgj/YAQMsYl5tptLM1dLSUHZSvJqwSS/fFplDhd0t4eS0jc/PcUUpwEf51BR4/c8p1XveiAVZ6cAj7QXW5h8borUN0yJchnf8xrRW0gBZ2Z0Ldkm,iv:/g5N8XUO0lT62gZN+wIbqAqVM0hw4FguA5zwUwWV0co=,tag:RxhOAiAIPutZQQuVc244LA==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxU3NkWUg2dVowNEsyMmg3 - QURFNGxDei9yRVgxY0VhL1lRcGVXdVNFM3dZCldKWjF1akNBTDZSZngzVW1ySFdN - dmF2SG80T1UvcG9ySGJxQkZXUGVNbmMKLS0tIHpjbElLRVZrL0tia211OGExWEhV - L0lDa0hkVHVoWGNncXdlVExXZXVuancKV/CEheC65kYa9+H6kFbzHrQ5ZD1tXP8r - 5JFgwtTYM8CzgUPM8pvPwEJioBs63LIZSrkfo7dzQpnDPxTqkTq6oQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1cyqpra4hj22emvvsjyygd3mstyrf8vy0hktmvmv85kxgggqxzfns4pkdhy - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkOXArOEROc2dDU2tRcDRq - T0xsUnZTSVkwNXRueWNlNjBRWnNOajcrOWw4Ck9DeTRxc0VIY0RyNHAvanZIRDVi - UThMTmFjcHNTUEo3V2R6aTdrTnhhWTgKLS0tIDRoVVRPbmhuTVR4ZWR3aXFOSlJO - ZHhRMmRoMnFKZFhlMU12OWhXRHZ2U0UKx2M3UCjP8ROkVeTRy300MbjjGdqEdYj8 - X6/49GxmXYU6Gt2wDvJ5Q3wnM2m+u0vWpPZtI0Fcb+3gI42POznq3w== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-12-27T14:55:29Z" - mac: ENC[AES256_GCM,data:xvsbjIyTad9+EbGHvJ2LwEITYQBgy2nziHDVlTy9oRCVSmLIr1ewjmj+EQK8bDs2Fq2pwxNU7TYzvgravSGot/yXGNSzYWcCHrEX+ztzpHHRKOvLFXP609YAn77YvioqC8/uuJ7uxrC18z47zQNHGHDRLfzk2bVXU75e/Ig9Z+4=,iv:d/vXLeEWhT2WtKzMfsGNoeurUFI5e5ULjOkZqLOws2A=,tag:ExDp3BAYrgwWz/Rypu1NTQ==,type:str] - pgp: [] - encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) - version: 3.8.1 + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxU3NkWUg2dVowNEsyMmg3 + QURFNGxDei9yRVgxY0VhL1lRcGVXdVNFM3dZCldKWjF1akNBTDZSZngzVW1ySFdN + dmF2SG80T1UvcG9ySGJxQkZXUGVNbmMKLS0tIHpjbElLRVZrL0tia211OGExWEhV + L0lDa0hkVHVoWGNncXdlVExXZXVuancKV/CEheC65kYa9+H6kFbzHrQ5ZD1tXP8r + 5JFgwtTYM8CzgUPM8pvPwEJioBs63LIZSrkfo7dzQpnDPxTqkTq6oQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1cyqpra4hj22emvvsjyygd3mstyrf8vy0hktmvmv85kxgggqxzfns4pkdhy + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkOXArOEROc2dDU2tRcDRq + T0xsUnZTSVkwNXRueWNlNjBRWnNOajcrOWw4Ck9DeTRxc0VIY0RyNHAvanZIRDVi + UThMTmFjcHNTUEo3V2R6aTdrTnhhWTgKLS0tIDRoVVRPbmhuTVR4ZWR3aXFOSlJO + ZHhRMmRoMnFKZFhlMU12OWhXRHZ2U0UKx2M3UCjP8ROkVeTRy300MbjjGdqEdYj8 + X6/49GxmXYU6Gt2wDvJ5Q3wnM2m+u0vWpPZtI0Fcb+3gI42POznq3w== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2023-12-27T14:55:29Z" + mac: ENC[AES256_GCM,data:xvsbjIyTad9+EbGHvJ2LwEITYQBgy2nziHDVlTy9oRCVSmLIr1ewjmj+EQK8bDs2Fq2pwxNU7TYzvgravSGot/yXGNSzYWcCHrEX+ztzpHHRKOvLFXP609YAn77YvioqC8/uuJ7uxrC18z47zQNHGHDRLfzk2bVXU75e/Ig9Z+4=,iv:d/vXLeEWhT2WtKzMfsGNoeurUFI5e5ULjOkZqLOws2A=,tag:ExDp3BAYrgwWz/Rypu1NTQ==,type:str] + pgp: [] + encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) + version: 3.8.1 diff --git a/kubernetes/staging.old/cluster/vars/cluster-secrets.sops.yaml b/kubernetes/staging.old/cluster/vars/cluster-secrets.sops.yaml index b09f0e7abc..5fde340a56 100644 --- a/kubernetes/staging.old/cluster/vars/cluster-secrets.sops.yaml +++ b/kubernetes/staging.old/cluster/vars/cluster-secrets.sops.yaml @@ -1,41 +1,41 @@ apiVersion: v1 kind: Secret metadata: - name: cluster-secrets - namespace: flux-system + name: cluster-secrets + namespace: flux-system stringData: - SECRET_ADMIN_EMAIL: ENC[AES256_GCM,data:dX9l9WLnIZu2FmLh/H8=,iv:OyvwFjkFll14hnJuweReo3+qpGWmMl2DFKfjLANeD78=,tag:gq57UwVMdl4Y017OlWtMAg==,type:str] - SECRET_DOMAIN_NAME: ENC[AES256_GCM,data:DZtyWyDe/y3uHDrm,iv:gju+/X9proqWH7fqfcexhc9JHuaZ30NUnAdaRZ1LVQY=,tag:mHbXMNEnnnLIy2kxM696fw==,type:str] - SECRET_MAIN_DOMAIN_NAME: ENC[AES256_GCM,data:bMnnjDXiug==,iv:8lPUwpae/ZV0UAeI6TT+ZNjCfUVU6mD07iOAjRy3/1I=,tag:j8sULNDzXl1qeBbpUeZnbQ==,type:str] - SECRET_TECH_DOMAIN_NAME: ENC[AES256_GCM,data:FA51wcwb6pat,iv:1VuAxY5l7vK2Sd/cRvPjG85pMW2YEuimIeWBOcnfea8=,tag:WRDwHEYBiOh7QGqTXqRhnA==,type:str] - SECRET_ATLAS_NFS_SERVER: ENC[AES256_GCM,data:ua8SA98+Dxry7zC18pmFiA==,iv:cOjctOapkZtpYFcu2sSFAPLh65Ywerb5EvTSeKjRePA=,tag:nXkOu7qtvx8cobfzW/k/bA==,type:str] - SECRET_ATLAS_NFS_ROOTDIR: ENC[AES256_GCM,data:HoVR2sQcMt3VqNPc3ianNXtu/uks3g==,iv:nTCybJk0EBxPEzLp6xx+0OqPhmsCCLbi4rruAKiKmD4=,tag:FtXlJeMfMetw/W+elYfclw==,type:str] + SECRET_ADMIN_EMAIL: ENC[AES256_GCM,data:dX9l9WLnIZu2FmLh/H8=,iv:OyvwFjkFll14hnJuweReo3+qpGWmMl2DFKfjLANeD78=,tag:gq57UwVMdl4Y017OlWtMAg==,type:str] + SECRET_DOMAIN_NAME: ENC[AES256_GCM,data:DZtyWyDe/y3uHDrm,iv:gju+/X9proqWH7fqfcexhc9JHuaZ30NUnAdaRZ1LVQY=,tag:mHbXMNEnnnLIy2kxM696fw==,type:str] + SECRET_MAIN_DOMAIN_NAME: ENC[AES256_GCM,data:bMnnjDXiug==,iv:8lPUwpae/ZV0UAeI6TT+ZNjCfUVU6mD07iOAjRy3/1I=,tag:j8sULNDzXl1qeBbpUeZnbQ==,type:str] + SECRET_TECH_DOMAIN_NAME: ENC[AES256_GCM,data:FA51wcwb6pat,iv:1VuAxY5l7vK2Sd/cRvPjG85pMW2YEuimIeWBOcnfea8=,tag:WRDwHEYBiOh7QGqTXqRhnA==,type:str] + SECRET_ATLAS_NFS_SERVER: ENC[AES256_GCM,data:ua8SA98+Dxry7zC18pmFiA==,iv:cOjctOapkZtpYFcu2sSFAPLh65Ywerb5EvTSeKjRePA=,tag:nXkOu7qtvx8cobfzW/k/bA==,type:str] + SECRET_ATLAS_NFS_ROOTDIR: ENC[AES256_GCM,data:HoVR2sQcMt3VqNPc3ianNXtu/uks3g==,iv:nTCybJk0EBxPEzLp6xx+0OqPhmsCCLbi4rruAKiKmD4=,tag:FtXlJeMfMetw/W+elYfclw==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvSlJMMWc2MzlOQUw1K2p6 - UnJkZXJhTWxrTG1UY1U4blpUOE5CTHB6amtZCmx6ajlWMmlwZVNxYW9sN3ZrSUd0 - d2szRXNTc0tYaGNwNm9ha2J2R0pBQ2cKLS0tIHRGQ1QxRDJjOTQ0RHN6VGRNSzNw - OXJrRW96aFZzSnNxK2kxcjVvbldEaTQKhUY7EYojAYbFSsMUSzCpTTKNU1dd2ON9 - Lu8pj39dyl1W2R6X9HZC7YOjwOR+j6oweYI62LXxcNxNNu1R6jrkBA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1cyqpra4hj22emvvsjyygd3mstyrf8vy0hktmvmv85kxgggqxzfns4pkdhy - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLZDVFS3k3TGZsMVdqYkdG - Q0wzTGdYY0pvRlduUzVDMTM2NGFZOERZajJvCjhWSEdtRVBIZCtVNWVTTTlWV2FN - d1BvdVhtclR4YTlzUHZkY08rUzJMa3cKLS0tIHg4S1pGSEIzeGZzOUsra2dJanJs - R3dSN2FWS0E0all3RGRaMVBhZFVNU3MKUHttLIR+BOkq+uhkS44WXtkt/BuK7tg2 - Dywk5ccgctJUf6Nv2Axz2IY4/mzHAOknzhN4PtVNIbeh107hiHEkyA== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-05-04T17:16:37Z" - mac: ENC[AES256_GCM,data:HLn9+TQ8AmfnZFeHIaw8R17uwshV4Jz0YDaLpFG6zklUNL4Xx1sBEp7L0rui4EpbBXObyrFrviJ/FwC3ARfZxhTQQiaX0wyJkSqn/X/s6HS7i2WSNeSD+oQC9GRGzI00ISCJurXqQyiC3NanLJnrIDfdosajqXP/x4Dfm+4rHcs=,iv:UTAsOHp/BC8XU/xxUGWg+L5csfrDd37Y0Ft8haEKtqY=,tag:wh0J5cpJW06kPOc/cEhmTg==,type:str] - pgp: [] - encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) - version: 3.8.1 + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvSlJMMWc2MzlOQUw1K2p6 + UnJkZXJhTWxrTG1UY1U4blpUOE5CTHB6amtZCmx6ajlWMmlwZVNxYW9sN3ZrSUd0 + d2szRXNTc0tYaGNwNm9ha2J2R0pBQ2cKLS0tIHRGQ1QxRDJjOTQ0RHN6VGRNSzNw + OXJrRW96aFZzSnNxK2kxcjVvbldEaTQKhUY7EYojAYbFSsMUSzCpTTKNU1dd2ON9 + Lu8pj39dyl1W2R6X9HZC7YOjwOR+j6oweYI62LXxcNxNNu1R6jrkBA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1cyqpra4hj22emvvsjyygd3mstyrf8vy0hktmvmv85kxgggqxzfns4pkdhy + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLZDVFS3k3TGZsMVdqYkdG + Q0wzTGdYY0pvRlduUzVDMTM2NGFZOERZajJvCjhWSEdtRVBIZCtVNWVTTTlWV2FN + d1BvdVhtclR4YTlzUHZkY08rUzJMa3cKLS0tIHg4S1pGSEIzeGZzOUsra2dJanJs + R3dSN2FWS0E0all3RGRaMVBhZFVNU3MKUHttLIR+BOkq+uhkS44WXtkt/BuK7tg2 + Dywk5ccgctJUf6Nv2Axz2IY4/mzHAOknzhN4PtVNIbeh107hiHEkyA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-05-04T17:16:37Z" + mac: ENC[AES256_GCM,data:HLn9+TQ8AmfnZFeHIaw8R17uwshV4Jz0YDaLpFG6zklUNL4Xx1sBEp7L0rui4EpbBXObyrFrviJ/FwC3ARfZxhTQQiaX0wyJkSqn/X/s6HS7i2WSNeSD+oQC9GRGzI00ISCJurXqQyiC3NanLJnrIDfdosajqXP/x4Dfm+4rHcs=,iv:UTAsOHp/BC8XU/xxUGWg+L5csfrDd37Y0Ft8haEKtqY=,tag:wh0J5cpJW06kPOc/cEhmTg==,type:str] + pgp: [] + encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) + version: 3.8.1 diff --git a/kubernetes/staging/apps/flux-system/flux-operator/install.yaml b/kubernetes/staging/apps/flux-system/flux-operator/install.yaml index 1f52a655e0..cbeb43ddc2 100644 --- a/kubernetes/staging/apps/flux-system/flux-operator/install.yaml +++ b/kubernetes/staging/apps/flux-system/flux-operator/install.yaml @@ -14,7 +14,7 @@ spec: sourceRef: kind: GitRepository name: flux-system - prune: false # never should be deleted + prune: false # never should be deleted wait: true interval: 30m timeout: 5m @@ -36,7 +36,7 @@ spec: name: flux-system dependsOn: - name: flux-operator - prune: false # never should be deleted + prune: false # never should be deleted wait: false interval: 30m timeout: 5m diff --git a/kubernetes/staging/apps/kube-system/cilium/app/helm-values.yaml b/kubernetes/staging/apps/kube-system/cilium/app/helm-values.yaml index 20b6ea7ec2..dd97f8bc00 100644 --- a/kubernetes/staging/apps/kube-system/cilium/app/helm-values.yaml +++ b/kubernetes/staging/apps/kube-system/cilium/app/helm-values.yaml @@ -60,17 +60,5 @@ securityContext: privileged: true capabilities: ciliumAgent: - [ - CHOWN, - KILL, - NET_ADMIN, - NET_RAW, - IPC_LOCK, - SYS_ADMIN, - SYS_RESOURCE, - DAC_OVERRIDE, - FOWNER, - SETGID, - SETUID - ] + [CHOWN, KILL, NET_ADMIN, NET_RAW, IPC_LOCK, SYS_ADMIN, SYS_RESOURCE, DAC_OVERRIDE, FOWNER, SETGID, SETUID] cleanCiliumState: [NET_ADMIN, SYS_ADMIN, SYS_RESOURCE] diff --git a/kubernetes/staging/bootstrap/helmfile.yaml b/kubernetes/staging/bootstrap/helmfile.yaml index 8d681909cc..131fd19639 100644 --- a/kubernetes/staging/bootstrap/helmfile.yaml +++ b/kubernetes/staging/bootstrap/helmfile.yaml @@ -43,8 +43,7 @@ releases: namespace: system chart: postfinance/kubelet-csr-approver version: 1.2.5 - values: - ["../apps/system/kubelet-csr-approver/app/helm-values.yaml"] + values: ["../apps/system/kubelet-csr-approver/app/helm-values.yaml"] needs: - kube-system/cilium diff --git a/kubernetes/staging/bootstrap/talos/talsecret.sops.yaml b/kubernetes/staging/bootstrap/talos/talsecret.sops.yaml index a669ee1d66..030833c3e6 100644 --- a/kubernetes/staging/bootstrap/talos/talsecret.sops.yaml +++ b/kubernetes/staging/bootstrap/talos/talsecret.sops.yaml @@ -1,52 +1,52 @@ cluster: - id: bS1mqRyAW3u7fDixALyOleEF25sC6uVzV8qloKJOZ5o= - secret: ENC[AES256_GCM,data:nvUjVB2hk34tlnzSw9kLyaUsRvtJqs/2Uu+F77cX7k8c2aNf6SwyFeoKc2s=,iv:2j9bJWk9B8/gAcVfqDIQhvkjLEAdZsCth6qSHFdKXSs=,tag:n/MgrFmcchUO/YsV/E0xFw==,type:str] + id: bS1mqRyAW3u7fDixALyOleEF25sC6uVzV8qloKJOZ5o= + secret: ENC[AES256_GCM,data:nvUjVB2hk34tlnzSw9kLyaUsRvtJqs/2Uu+F77cX7k8c2aNf6SwyFeoKc2s=,iv:2j9bJWk9B8/gAcVfqDIQhvkjLEAdZsCth6qSHFdKXSs=,tag:n/MgrFmcchUO/YsV/E0xFw==,type:str] secrets: - bootstraptoken: ENC[AES256_GCM,data:FY4k5Y7XzK6/lYjA27EKbpjKjBm46/8=,iv:oHu+i7Dd+S5nysiW3qbaHmOKZQOU1YWTWj1TvI/uFpM=,tag:XZ7Zip47ly8JPLP/EaJxtw==,type:str] - secretboxencryptionsecret: ENC[AES256_GCM,data:Kme6myupjwp+bIl5E5XRvY/0HJdpQtvf5CSe6R+3/8B64SOe7mPQtOk79WY=,iv:VhStS7ZZwQ2MsmqV0ZlIU4af+RGX28MQfYqEuXcRoTE=,tag:D0d5HdvpPWLNJEchaczv6A==,type:str] + bootstraptoken: ENC[AES256_GCM,data:FY4k5Y7XzK6/lYjA27EKbpjKjBm46/8=,iv:oHu+i7Dd+S5nysiW3qbaHmOKZQOU1YWTWj1TvI/uFpM=,tag:XZ7Zip47ly8JPLP/EaJxtw==,type:str] + secretboxencryptionsecret: ENC[AES256_GCM,data:Kme6myupjwp+bIl5E5XRvY/0HJdpQtvf5CSe6R+3/8B64SOe7mPQtOk79WY=,iv:VhStS7ZZwQ2MsmqV0ZlIU4af+RGX28MQfYqEuXcRoTE=,tag:D0d5HdvpPWLNJEchaczv6A==,type:str] trustdinfo: - token: ENC[AES256_GCM,data:dvZAIyaFV5emdMqtIppyWTXvbsoJ9Ko=,iv:K6ude+MFgSI2hCz91z/PqPlNLiOe8Y9KYUlpdtJY+ws=,tag:QsUzqMEnEluYliVkYqtI3Q==,type:str] + token: ENC[AES256_GCM,data:dvZAIyaFV5emdMqtIppyWTXvbsoJ9Ko=,iv:K6ude+MFgSI2hCz91z/PqPlNLiOe8Y9KYUlpdtJY+ws=,tag:QsUzqMEnEluYliVkYqtI3Q==,type:str] certs: - etcd: - crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJmakNDQVNTZ0F3SUJBZ0lSQUtmTFZIL1BCM0pNQjkxMVh2N3ZwVkl3Q2dZSUtvWkl6ajBFQXdJd0R6RU4KTUFzR0ExVUVDaE1FWlhSalpEQWVGdzB5TlRBeE1UQXhNREEyTURWYUZ3MHpOVEF4TURneE1EQTJNRFZhTUE4eApEVEFMQmdOVkJBb1RCR1YwWTJRd1dUQVRCZ2NxaGtqT1BRSUJCZ2dxaGtqT1BRTUJCd05DQUFUWmljSExNVFpWClVpYWJlS2FVZ3pUNVZGM2hvSmhlYnNPMEdUczlYbU5RL1U1YUgzTXkrUFVaMEUwSm1ObFlhWGRxTm40SzdLYXAKNXJrRGozeStmb1hubzJFd1h6QU9CZ05WSFE4QkFmOEVCQU1DQW9Rd0hRWURWUjBsQkJZd0ZBWUlLd1lCQlFVSApBd0VHQ0NzR0FRVUZCd01DTUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3SFFZRFZSME9CQllFRkczTElVREtkWDYzCjJPdTZZWm5TL3lMdjdGRWJNQW9HQ0NxR1NNNDlCQU1DQTBnQU1FVUNJQzNIaGNBOTB0NjlHRVdSMkpHeStUNm0KcUdETkpSNmJqUmszUVo1a2duRnRBaUVBZzNIazFXR2RONmV4eVVFdGdxcGJHTXZ6TjRWWXJ2VTA3QW5lckJsOApOYk09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K - key: ENC[AES256_GCM,data:M+pd3Ah23Adaxz0GHH8qzEfRmKR38fYzLekgTYVW64RRwoGb5RvUj2i0gqOde2HC7JNh/P8hAqzd6Clat3aFLOdZYSmeozIy36s5w9iwUh2YMK7J1ArwjxDGf+mp5UObyAM2UqinJRDSYI/gaQo6//VpVGd5Y0IfM+HgEqAMY7by9cgGZHabzi7hUw2q91Q23oh3EAeSWj4HEySaGA3vFhKIDQE5qQ5hiyMI8xkLjmnHnqJ+h5RiS9qfvH55mgbvHwNUF0iYs+/qs5qjfe/fNYgjih+JwpeHGuk1xqjV2loCVbL6U/V8eomZhsUOokud1qjnXFem0nORl9XQwUtqQpYS1fJW2EJBCVx5xr4T4uVBmKLyhEkkaZQUtTu0OXlnPn42xFjfdWEuGhbMn4e1Mg==,iv:hdhdwlRJZPRT9730wj2KSwY6KxqlvWtvP0svIKfKVy8=,tag:2tMF84SRQxmURn2lpptr6Q==,type:str] - k8s: - crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJpRENDQVMrZ0F3SUJBZ0lRTlQyRUp6RlFudVBpR24vTGxpSVBzakFLQmdncWhrak9QUVFEQWpBVk1STXcKRVFZRFZRUUtFd3ByZFdKbGNtNWxkR1Z6TUI0WERUSTFNREV4TURFd01EWXdOVm9YRFRNMU1ERXdPREV3TURZdwpOVm93RlRFVE1CRUdBMVVFQ2hNS2EzVmlaWEp1WlhSbGN6QlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VICkEwSUFCTVF5VVBPdFl6TW5vUjlCUkRNUGI4ZDd6bE5JaTl4d0pNMVptUmE0NTdLaUczWGxLQndqWUJ0bE50VlYKZEVUVTNIMUxMdHd1WjFhVnowTkt2eFhQSGJhallUQmZNQTRHQTFVZER3RUIvd1FFQXdJQ2hEQWRCZ05WSFNVRQpGakFVQmdnckJnRUZCUWNEQVFZSUt3WUJCUVVIQXdJd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFCkZnUVVPMnp5SmdMWjVFMXRvUmYwY2lrYzl3cnVPbDR3Q2dZSUtvWkl6ajBFQXdJRFJ3QXdSQUlnUjA1TmhxcmEKNk1IYm5mbFJqNXdDdEpSbTllaGh2enNqZDdlSko2TzJJZTRDSUZZbG9XTGs0NjVsZ1o0Y1VneUZmRUJLMUtZWQpCOXl6Z1d0bVl3MG90UnpWCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K - key: ENC[AES256_GCM,data:CgMTgtpwfvXgLEyOc7EruKy3IwBC8ook6cT3F0Xy/n3nYWBuB1HFzCAMD4r8w5HOfIUdpuD5SBTUCl28B2R1xKK4kdC5BGb3rKPCQHsQMaTDzkZ5ve7COP7sR78ZUmUr/egkW6x5No/FoX51vvK52Wc7SY2h2V2KYHUk/Hf+drbZDigexGJhJMldcOowPilYKGhHeHWo1zhBM7lVUc+vhhHdyY9otCrKDfi1fthTTzVuGpR3PuWtvsFhvOpP4Jznlk+fRIn5otSeTHiou7/DifyQfwkFfyPy7JekKC3XbWT8cJ7egqRzhygVGF9FlY/f2OEbfSYgutyfgd71lIkI0DKD5dZSx2Up2dmoLvCmbeSb78SdJT5VMCU2AZl/aJ4XAUdv/HhHkyHvm5MOiX0wHw==,iv:14oWRzzO2o8dxOU1iBzBLYXkW9SrLBwZOak29DAtUhE=,tag:uyuH5iuqKOkp98/+IN6cwQ==,type:str] - k8saggregator: - crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJYakNDQVFXZ0F3SUJBZ0lRUzRwcGQ2UHBxVVRtMHphSEg4NjZkekFLQmdncWhrak9QUVFEQWpBQU1CNFgKRFRJMU1ERXhNREV3TURZd05Wb1hEVE0xTURFd09ERXdNRFl3TlZvd0FEQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxRwpTTTQ5QXdFSEEwSUFCS2lkM0ZaTjMzZWk0aC9NMlNESlNtT0F3WitDZHJyZnBsQW9ITmt2NHhJM1ZLbTZjcEdWCnpyYkZjV3M5dnVvTzJtZVNhdmt0OW03N0ZPRUtrWTIzTUdPallUQmZNQTRHQTFVZER3RUIvd1FFQXdJQ2hEQWQKQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQVFZSUt3WUJCUVVIQXdJd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZApCZ05WSFE0RUZnUVU1NE1kSDUyQ2tISmxuUXBzd3RIVStGMGZsZXN3Q2dZSUtvWkl6ajBFQXdJRFJ3QXdSQUlnCkEyaTI1UUtXalRMa3g5eWpsUVZwQk9yTjk4ZFV5bXFSR3pPVW5rbXdPdTRDSUNpbzZ0MjU4aVdJV2p0TlZ5OVoKdjFYSzFOUjd5c0dSZEMvdUl3d0xKTnlMCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K - key: ENC[AES256_GCM,data:nzkZ+SNxVgvUr9iSM+O4nsnO90DTXKciVKyDzTY2Zh1fsbM6xKYqrxWM8oZcN1jYylDsBPylFBW3UsBiH9feMh5I8N0HrbUpPOoPGPL7yezZcPBzxOQpkG6ZecpXucvtJE0XBzd1/ZBBZv9ZMLMV0q18qyDX9Eu2t3wwhLP7lQLaQNP+hJsdajbTVEub+pqxiMR9lf0OXChZa72F/tBbEIhBYRZwKKQDhU0dt4ABSZYLcj6OlxuNbVzYicnNWIjxSch5Z8rTpvWJNhIT2n3pyS18auduPMGZJSHxcI6Vb5qckiUS721cx0RUdRuY8NEVJLCFWa+ZH86n+UnH5RrK5Q7d2AtEbOpWg7o7kMj4mFPIaR7fRnZgE9mtRm9CnkVy2xWDCGZOssVJbfsARYNq/Q==,iv:NHroO5Czcnxp+1yOODxZAk49XWIlhFqkXF2PCGHcLlk=,tag:aIpa+ckIsg3nzB3XsAPpMw==,type:str] - k8sserviceaccount: - key: ENC[AES256_GCM,data:FB7DP3e0IGPrbY8cTIEzgmLqTufRmnNlvQ2b0G4php9w34OFxbv4xcQOTp415oyD+pIG+T6FLzZpNLMOQypWg7r7ktC2tJB55mn7OfhHjfjgiCOYI/ACXqBWp8bbrSHyAnvGSHbMR6cS5yQIJBOt75xvk0L82OeFPUn2IBNCnL264uIkUBU+y4bff7JogovZg6eiXTuwLIwE3OXdwiwPCqf8GV6Hl1W7inyV3Lyj4YXEo8dJFG1MIONQYBQQtbikKJOvMWc3bloBfc5Q7kLqwkYo3UPrnysZD1B48KlBJ5A7ZU4MOH1EPrtQSWeoCfroOQJ1PXUE5jZZ1jLzBgK0eHiRjWuaSCYMDcOxQS4a97wAEvvnsX1ab7WOz+7YC2FVuQqDkbUGQg5jWEWZUR9H7mm9fIM/zgJZqyO1pJf1DfgAfg8/HA+PhR9Qoaea3pmLCGA1Plsup4f3B3LksoWtBs0rvLsII8wThwSovVTmvbZx6PowwoihBCtu+EtEy8uZACtaMiM5ka8cw6mxAb40vZPlnxR6u1FBcY8gMKeduvXBOMHTDvBXxnuramRoqGeAc9c7wEwKVgTQfuna52aGmzeHjiAkKeKcVLa1+QQ2prcHcVcVhqT/IyHJirplEWqARGccuX5yiA7duec1VTa/3EyakE+j76NW2JJfjS/u+KJn3yRrMxsnn5ng2EbPLGffrSoJSH/aKu1cFS+AQJ7MGOf47dRWpJMeuLsThH8nwb+/JwZMba/jYRaQAPLse8ybhiYbq6uokcUlr+KfnJNvuEhY+WGALLUqipb8EMcgWXWRDcT3pejwSJ/H4Uf2xWWAmIGMtTKeKlbJlmO06Z+iMChD+gLNChYl8iiz0ZW29D11hD0MTOLe1NSkR2pgplV5fnJ80y/VIVP1ahMO71pzZEkcksVbfBpUBLz5upsXqpp8cpdfSu5y80JxzL9dQV0Myc5I1gxasfKsfEdug+NXw+3nvhdtToegi05hPhiiYL9aiTHrzpOI1FiEqfcphLqxFyk2Mlzso21Hg6HNeNWzZ8rnltofYAdJ1BhcETVMQOchcwErjd2UONALTpaY4SkXVbYT7AVsPDbDbexYVogKljqDsp7US00Y1uIeBHpa2rqEhU90izNaH105j6xfMhbTAwka0IUnzgbJCRi9Cr1cEzieogXNdgGjBSO+SWbub4vIxv6iAZGQofpssOXToVDd18rDGi6v80TeifV90e91xPWS90S8VbkaF1/b3cbEpPMKy7X8P5XDv/BuAhz57KZpKymvcKw68w5spHLIczgsJA46DcOAJm9XuQKvQGHSQGzugcWdO6bcaJUnhwiY4yhWUp9BHVZV8rIj+gnDz4sQlZgmXq7aKCbXpmSq7AIYY4RQ5ZTsnmT2WAn/j6ndmotFYtmNWvMV7QFwmrKfvEpwqr4c4ZY87wx+TCZBsk13153EzJAsssg5drb8iX3p5J4s3WGos3LOJxVh8bEAISjrONNwH772MM9+1L2hSp2bUn0FSpTkD4wGOrCiGSLv2hSfadGNM4YhG7Xo9ou6YfLZd+Bk7Gie6DNdPr3Lbv0cZXg+BliznyPCsbsH3JEVx13R32YNezmHfnHkpk4+63n0F2fQBps6CHkI8kpS+KstJGV0NfBM25xANk9MEU/lXYnTkKR7trCwrBMSZeM7ewCYnrLFZh7SyVPKutjb3jBwsru/H7JrBr8zbEiE/bnB48gOIaNG+OlfynFcMipy+Mrn5sLQRZnVETOzrWbdCUF4w93f9kH3Y7OOJOBNg7ls9FLK1RIfBd4ZgtKYE1UMdXN3vRXY1EoCnurrSW21w3QYqrAny+mlUu+KMKoHXdi+2l4tNYnXiR0MUMBh/nVsMllEUWrBM/PMZscaYrJZNaXDgFFpZo76cfHQ3NElyoPkGdygKIpVvqkt6VJo8qnsuxigNcid4bV07OP9//cjE1rls/fuSyD2AKGWrskXyUfldXHYNrhodCEoAzE7eW4ONzMSy4gIzsolr5z2K7m+ui4tTDRusO5jpF4YYtZm35Sza/tVtoL+hGOw0ihked8a6LQYb3ZDSmhZrBahCDMKReFUzAsJNdpjnJfReJ3LFZ31Wkx/Z0sZsMycjLARfgmljiqc2mkIC5jGbVZLCNd2hl3Qfzm+lcIO0uBn4VmAgvvIkdXb6wXPyNU8C5esJ6LHstafMxDJxSospmgUHp8SBiZevnXedNs9pWw7A6k0Xo1FnIEDllypmQhBxvYEhEEnr5OBr0oLkwIYCEZL3vyFgT+obcvOFGyYTIAGxAql508UdZOOGWvcqrHsC8u85BpnfvkIkn8v2CuF90IufaUOcQjhLI/YYgYbu61w5GDdnHwpStA49DYZthTfrU/c+ykkg9RB68jwRnJfQoP+1GMvAzTZL2wSp5OWDh3Zm7UMaZAmUj8P4HFlo5VfIfesCNQfkW6OAN5T/nvMDGPE5eFDvUpy3K6ju6U4uLS9iCnbI+KGfkwWtlfs+R8Ou0zxmIHQ4ERM8KcV2D3WlBJrc+DU8a2JIKhddmgz7kwFwIyawr3DbHVj58aGQGZ1V/8BRA18zaB65um5hTxpZZN3FTK39eO4QAYCe0pZBL9winK4jwvo31w/kvGltCvv4Z+38dL8HLsBP9L6E+St1+Cts858Yf4nxyjiQmwslf7YDiNFoHx9r/q2hc7m650msIzmZrwesLlh/qvEKc3SxEKY6G41joLZX1G/jLBVClKXUwrVzOIrBwutFLS0x0PiU/+uGC8wgMDzoIMipiVeZT5CsY2pjP/3X5Fh/1CllozAHFq5Os3t0+E79jxIIQWcvRSS48CcpzxQBvy3fu3C2wDJjdHX/uVXuifnFuDHtrH8JrQBNlHycWXgr7yjm9zq9Dh6SzrImkhMpUwONzu7V0f1Bzq3eslBYM5EemE0MXDB9gJDbCHDKQzHqCae5ec5r/zlDAeQs0vQ+bNIpQYKVl2+prq4wb2ug5gxvSypK88Ea+ZvY/yY2xwzlWIrQBqaBl6NLjAwZHAl9b4onmC0mqcXwOEoiaqjaJhfopRhAVCynVG00kVnTSxp20QIPgh3A7TKuQH86Lit+ZDoPhp75wWljBnRjcikKHWlw8veseLvVdfK/tBibzCVBUqkiHggVpfS21ecgX39IifkCE3blWlnTPa8NARs2ySz2lw/5RQdRVhmsUKShuSKYAreZJRMZNgOIjGz603CTHlGctaw5xbele05PjZZvPqWyvVfVTVMwlykckXwcr7c2toO2CvwtA5Dlx21UzZCArUxdxcdXjcl4Tx4a90OW2oRPFZKYh2bBPXxk9SHCtsKSJm4pwOnNwjSCIBE8qNiDcSvu7A632LRV+vyqMB1tFQTciFNiZZn6XUgtVbyYbo1g6pwldTy4noo24S3ywNxDKlwWz2rWY4XLNx99BSDiwzsF+hKlKI4d+gH3itbQsL7ecivYC4YzrFz8rKw0YFijizfKEJcw9uIsOvHGnmn+ynysV9WpdUn2FWy41eFXRhZO0dD0IKV4kJVilSD9M5wRsOLH8lR3juQ6bvC4cpxfGTIV3n582D+HjrGULUTBV6QA2/iZkzXyCdvA0iu3n/WvWu809PODEjewVR+oZrhze3Eo/L3UtyOZDN7ya0sNwp2MaCnfwK1OyziDQq9CvekC36QLRweM13pVJMxW4m+MrTdfAAa8kA9pW/vt6P3aQb5zilyror0e4gWy0RMFI6WG7+ZARdFSfFyNam4qdK9Kx2YIPea1hwA10FjJPYj0kkP/NEVd6nEJ+4SH7yKqSE4hlZdNa8CvRaV/HKM54dokJV/tR4EpmZm5eh9BqiiP+WXsHvtoPzjujWWF6nIAD7jtLSUW5wucr8dNlBelEQlBL6tGxxFBV3HqPLUeIOOXuRUMJ+NAhOXLrYHz5FGzBpJVE0ApI7FHONTYbO+tnl2Wv4w0mj6TMwPXsplwfcVEm4C94YUC5az6VnEg2GEZyvfWD/SpDXRKCzhHkCPMvgYn06KGkFNAY1VOe9V49XnPvsadD5GZ3NMEKBhljVXTBZ9djw5LzvsBRnmNEuScbqVBt94jt06Fv2Zn1G/cuQ6BENxBSVX1djayNUTKDR7AHlDswgZvmrsUcdGfkteYlsFUmBnxqYZYQDETf00WEvRPx7i8RwwXAL1K3etR5wzPnEAKXxVPilFxbGGWvYBRIbkUR9rro2U7zSTRG98OIbb1t/va/LlIiJ0EX2AIfTtMbK89ldW9Z1w3fejjZ4zxyE9Pix5RpZlndvU0n18mZ3HRd22lPxPgAcamgpYp7ECGyKSdE8S6zB0+h2iLKQpdoySFRp4vphmoSg+Wssd58UfLJs89fMfzzBaXSUaCSyNz/K7vQZOSfB3vJBS203IDYCybr+tN58w35pmbWwkdU6h4N+YhPqttLlfDQAKwPETrHYMkXHLlZ+fGKJiqM4abuGsxd8zN5bnj7MtRhha1LyD45C/9iwQvlRIfEYQV2fKF5tXyUhxHdJR+q7bwhoKRFDCzoXVCHuHJsPAUvmI5ThawBnxOzs0Rj9owEdl5UaSmG8Gfo526kFpps5hT9d/ulDRcyz8BJLbUis1gRIJCOtQ/aQtnSr+tNQUw8OA8RMF2mIqtwHzXAaCkwNFRHhcCHZZEI680Hre2ws08jM4N1y1DIZgUFxGgRddIN7hb5AaKIdEPiJurDHHt35uUM8yh+ndU/q9UM4K56ZX1CTZV7Udki2HAAid/ewy8Hy67RPwEVBgSH3HD3u7gAVX8kj4GxhBGbJ9JjblpncXN09xQQmYhHhw4xijTvWd0nFof5p3JbJ94eF4RMNeWYLXFpx/XjJ6cH1AdbLkRgYfZj8C7uClgI9aUDrSOFirQiOMIPEnrkoykv5XKNqMXkJ/6f4n0XJWiojJfymLOGDJOR/w2Tvm9iAUaDP5G2+3/JJF/Fc2B/FZPdm0Mf+piVqMIlfjSS0Dv9j0B0y2tNHS/WNhh3iS7xxOwZ7Y0+eYHdWfVNwiWGS3bQctEiRRtjQubMRsWcpJJwEJDCEQ4lPZ05viSR19ZFaG1JGYgaj0ay0miHylV1ZS7uSNK0V+K9qDS3Gi18jqqREKHUfWkuwMmlydi9zb8r8BQQLj9h54o1e99mQ8dh8gr59IKAhgTxrAsFEofJRRuh1qnEgeglt03GQj5FrGfZkXWs1kJTgCpv+AzIOyCIMHwn2hVlDrG+Kxyw5LMk/Bl46GzaT3n1oL0SmQ0TvjgDLdRWa8BeoCukGHxRwYxrz8sM3D8g/q88QxMIF+s3tTUhGJ9somBtI9NJepHeuoXP0b3dPBd5NKIjx34fKc21+0dt2rSzEmv/blKCJshIEq+1o4+TA5BvyEOY21EIAstoivwctw+8uYxxC1xJfPjfWA/yJRgMf16QfmIi3fXBSprCXBoj7YcAE3iwILylRBvdTcf3DzUSDdQYAcE/o+RYRoX7NnhqlPMevGZEXpfUZTKoEuTI1nyNDwPsA96nWxW+gdUnkZPTE6jWMb0VEqe0mK/RtqlKV7Fvl73d9jBcncQuHIOv4vfkesZHKZeaUUctlfB2xkXXDqdrZGA/rN8BEZOKKjyJjEdhzFVGKIL4hcn1NPa8SECeUlhfpl1Q//gSTMRpV5rVm7CfTw6DpsVtpJSc9gf/H5xSZKRP0CnrGZSPOwN4tg2tazEF6Yb/Qyg+uZYa+HyWUaKqxcHP3Qy07D1GPKBiNSeIxuwYnuW1JfCRGhqJc0EyQy6fNZ+Jg/6CgHcfd1nA==,iv:yv4cLw5a0IxSHi/JdEbkfZaryN2LMZVrR1u8DQL0dBc=,tag:MNgaqBW9tYl73vX4MpUxsw==,type:str] - os: - crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJQakNCOGFBREFnRUNBaEJPa2tHWHl3TUZQOUpnTlBEYndaM1VNQVVHQXl0bGNEQVFNUTR3REFZRFZRUUsKRXdWMFlXeHZjekFlRncweU5UQXhNVEF4TURBMk1EZGFGdzB6TlRBeE1EZ3hNREEyTURkYU1CQXhEakFNQmdOVgpCQW9UQlhSaGJHOXpNQ293QlFZREsyVndBeUVBRUJ0SnFUNUNUWTJrQnZKOUl2WHEyUEE5ZDR2Y3o2Zk05QngwCnhnNFNRbkdqWVRCZk1BNEdBMVVkRHdFQi93UUVBd0lDaERBZEJnTlZIU1VFRmpBVUJnZ3JCZ0VGQlFjREFRWUkKS3dZQkJRVUhBd0l3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFkQmdOVkhRNEVGZ1FVYVNQWFFmUFlhSmZXQnVXOAo5T20vQkwrc0Zzb3dCUVlESzJWd0EwRUFZOTRXWHJ3VUpxTWtqS0tRQjFqdElEbGpabC9UUlVWOUc2dDlYOFA4ClE5UjZwL3VkUkJrdFYzTHRobVQwMjBmS3BObmMzY2ZFUUhId0tBa0lzRjVQREE9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== - key: ENC[AES256_GCM,data:kEg/9D2108FmClbfmdDjreMl58yy2gpycdpuewOZx2F8kgZzFruxafagr08ECQOtTB0KN6+QO9ae5z8D+OVNUokdpri6RoZN+TJkEReJomT0I4lLZtqGjIodAz5FXGuOnRrij/2FAeTtTVbci1vvEIMrHomhtjVNX9PN0bHUNzuzUkwp1glKGDswXG8MyCS+oi32ANAkKieBrVAcEtlxNDv4aAZqPCsA0CNJdwJp99OaBS8R,iv:3PX8chKQtTGCLtigcLHaCPhFSSHCtBQkzrb/V2dpdpo=,tag:ivzRBoGYWR9nxIyEHALcEw==,type:str] + etcd: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJmakNDQVNTZ0F3SUJBZ0lSQUtmTFZIL1BCM0pNQjkxMVh2N3ZwVkl3Q2dZSUtvWkl6ajBFQXdJd0R6RU4KTUFzR0ExVUVDaE1FWlhSalpEQWVGdzB5TlRBeE1UQXhNREEyTURWYUZ3MHpOVEF4TURneE1EQTJNRFZhTUE4eApEVEFMQmdOVkJBb1RCR1YwWTJRd1dUQVRCZ2NxaGtqT1BRSUJCZ2dxaGtqT1BRTUJCd05DQUFUWmljSExNVFpWClVpYWJlS2FVZ3pUNVZGM2hvSmhlYnNPMEdUczlYbU5RL1U1YUgzTXkrUFVaMEUwSm1ObFlhWGRxTm40SzdLYXAKNXJrRGozeStmb1hubzJFd1h6QU9CZ05WSFE4QkFmOEVCQU1DQW9Rd0hRWURWUjBsQkJZd0ZBWUlLd1lCQlFVSApBd0VHQ0NzR0FRVUZCd01DTUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3SFFZRFZSME9CQllFRkczTElVREtkWDYzCjJPdTZZWm5TL3lMdjdGRWJNQW9HQ0NxR1NNNDlCQU1DQTBnQU1FVUNJQzNIaGNBOTB0NjlHRVdSMkpHeStUNm0KcUdETkpSNmJqUmszUVo1a2duRnRBaUVBZzNIazFXR2RONmV4eVVFdGdxcGJHTXZ6TjRWWXJ2VTA3QW5lckJsOApOYk09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + key: ENC[AES256_GCM,data:M+pd3Ah23Adaxz0GHH8qzEfRmKR38fYzLekgTYVW64RRwoGb5RvUj2i0gqOde2HC7JNh/P8hAqzd6Clat3aFLOdZYSmeozIy36s5w9iwUh2YMK7J1ArwjxDGf+mp5UObyAM2UqinJRDSYI/gaQo6//VpVGd5Y0IfM+HgEqAMY7by9cgGZHabzi7hUw2q91Q23oh3EAeSWj4HEySaGA3vFhKIDQE5qQ5hiyMI8xkLjmnHnqJ+h5RiS9qfvH55mgbvHwNUF0iYs+/qs5qjfe/fNYgjih+JwpeHGuk1xqjV2loCVbL6U/V8eomZhsUOokud1qjnXFem0nORl9XQwUtqQpYS1fJW2EJBCVx5xr4T4uVBmKLyhEkkaZQUtTu0OXlnPn42xFjfdWEuGhbMn4e1Mg==,iv:hdhdwlRJZPRT9730wj2KSwY6KxqlvWtvP0svIKfKVy8=,tag:2tMF84SRQxmURn2lpptr6Q==,type:str] + k8s: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJpRENDQVMrZ0F3SUJBZ0lRTlQyRUp6RlFudVBpR24vTGxpSVBzakFLQmdncWhrak9QUVFEQWpBVk1STXcKRVFZRFZRUUtFd3ByZFdKbGNtNWxkR1Z6TUI0WERUSTFNREV4TURFd01EWXdOVm9YRFRNMU1ERXdPREV3TURZdwpOVm93RlRFVE1CRUdBMVVFQ2hNS2EzVmlaWEp1WlhSbGN6QlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VICkEwSUFCTVF5VVBPdFl6TW5vUjlCUkRNUGI4ZDd6bE5JaTl4d0pNMVptUmE0NTdLaUczWGxLQndqWUJ0bE50VlYKZEVUVTNIMUxMdHd1WjFhVnowTkt2eFhQSGJhallUQmZNQTRHQTFVZER3RUIvd1FFQXdJQ2hEQWRCZ05WSFNVRQpGakFVQmdnckJnRUZCUWNEQVFZSUt3WUJCUVVIQXdJd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFCkZnUVVPMnp5SmdMWjVFMXRvUmYwY2lrYzl3cnVPbDR3Q2dZSUtvWkl6ajBFQXdJRFJ3QXdSQUlnUjA1TmhxcmEKNk1IYm5mbFJqNXdDdEpSbTllaGh2enNqZDdlSko2TzJJZTRDSUZZbG9XTGs0NjVsZ1o0Y1VneUZmRUJLMUtZWQpCOXl6Z1d0bVl3MG90UnpWCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + key: ENC[AES256_GCM,data:CgMTgtpwfvXgLEyOc7EruKy3IwBC8ook6cT3F0Xy/n3nYWBuB1HFzCAMD4r8w5HOfIUdpuD5SBTUCl28B2R1xKK4kdC5BGb3rKPCQHsQMaTDzkZ5ve7COP7sR78ZUmUr/egkW6x5No/FoX51vvK52Wc7SY2h2V2KYHUk/Hf+drbZDigexGJhJMldcOowPilYKGhHeHWo1zhBM7lVUc+vhhHdyY9otCrKDfi1fthTTzVuGpR3PuWtvsFhvOpP4Jznlk+fRIn5otSeTHiou7/DifyQfwkFfyPy7JekKC3XbWT8cJ7egqRzhygVGF9FlY/f2OEbfSYgutyfgd71lIkI0DKD5dZSx2Up2dmoLvCmbeSb78SdJT5VMCU2AZl/aJ4XAUdv/HhHkyHvm5MOiX0wHw==,iv:14oWRzzO2o8dxOU1iBzBLYXkW9SrLBwZOak29DAtUhE=,tag:uyuH5iuqKOkp98/+IN6cwQ==,type:str] + k8saggregator: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJYakNDQVFXZ0F3SUJBZ0lRUzRwcGQ2UHBxVVRtMHphSEg4NjZkekFLQmdncWhrak9QUVFEQWpBQU1CNFgKRFRJMU1ERXhNREV3TURZd05Wb1hEVE0xTURFd09ERXdNRFl3TlZvd0FEQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxRwpTTTQ5QXdFSEEwSUFCS2lkM0ZaTjMzZWk0aC9NMlNESlNtT0F3WitDZHJyZnBsQW9ITmt2NHhJM1ZLbTZjcEdWCnpyYkZjV3M5dnVvTzJtZVNhdmt0OW03N0ZPRUtrWTIzTUdPallUQmZNQTRHQTFVZER3RUIvd1FFQXdJQ2hEQWQKQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQVFZSUt3WUJCUVVIQXdJd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZApCZ05WSFE0RUZnUVU1NE1kSDUyQ2tISmxuUXBzd3RIVStGMGZsZXN3Q2dZSUtvWkl6ajBFQXdJRFJ3QXdSQUlnCkEyaTI1UUtXalRMa3g5eWpsUVZwQk9yTjk4ZFV5bXFSR3pPVW5rbXdPdTRDSUNpbzZ0MjU4aVdJV2p0TlZ5OVoKdjFYSzFOUjd5c0dSZEMvdUl3d0xKTnlMCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + key: ENC[AES256_GCM,data:nzkZ+SNxVgvUr9iSM+O4nsnO90DTXKciVKyDzTY2Zh1fsbM6xKYqrxWM8oZcN1jYylDsBPylFBW3UsBiH9feMh5I8N0HrbUpPOoPGPL7yezZcPBzxOQpkG6ZecpXucvtJE0XBzd1/ZBBZv9ZMLMV0q18qyDX9Eu2t3wwhLP7lQLaQNP+hJsdajbTVEub+pqxiMR9lf0OXChZa72F/tBbEIhBYRZwKKQDhU0dt4ABSZYLcj6OlxuNbVzYicnNWIjxSch5Z8rTpvWJNhIT2n3pyS18auduPMGZJSHxcI6Vb5qckiUS721cx0RUdRuY8NEVJLCFWa+ZH86n+UnH5RrK5Q7d2AtEbOpWg7o7kMj4mFPIaR7fRnZgE9mtRm9CnkVy2xWDCGZOssVJbfsARYNq/Q==,iv:NHroO5Czcnxp+1yOODxZAk49XWIlhFqkXF2PCGHcLlk=,tag:aIpa+ckIsg3nzB3XsAPpMw==,type:str] + k8sserviceaccount: + key: ENC[AES256_GCM,data:FB7DP3e0IGPrbY8cTIEzgmLqTufRmnNlvQ2b0G4php9w34OFxbv4xcQOTp415oyD+pIG+T6FLzZpNLMOQypWg7r7ktC2tJB55mn7OfhHjfjgiCOYI/ACXqBWp8bbrSHyAnvGSHbMR6cS5yQIJBOt75xvk0L82OeFPUn2IBNCnL264uIkUBU+y4bff7JogovZg6eiXTuwLIwE3OXdwiwPCqf8GV6Hl1W7inyV3Lyj4YXEo8dJFG1MIONQYBQQtbikKJOvMWc3bloBfc5Q7kLqwkYo3UPrnysZD1B48KlBJ5A7ZU4MOH1EPrtQSWeoCfroOQJ1PXUE5jZZ1jLzBgK0eHiRjWuaSCYMDcOxQS4a97wAEvvnsX1ab7WOz+7YC2FVuQqDkbUGQg5jWEWZUR9H7mm9fIM/zgJZqyO1pJf1DfgAfg8/HA+PhR9Qoaea3pmLCGA1Plsup4f3B3LksoWtBs0rvLsII8wThwSovVTmvbZx6PowwoihBCtu+EtEy8uZACtaMiM5ka8cw6mxAb40vZPlnxR6u1FBcY8gMKeduvXBOMHTDvBXxnuramRoqGeAc9c7wEwKVgTQfuna52aGmzeHjiAkKeKcVLa1+QQ2prcHcVcVhqT/IyHJirplEWqARGccuX5yiA7duec1VTa/3EyakE+j76NW2JJfjS/u+KJn3yRrMxsnn5ng2EbPLGffrSoJSH/aKu1cFS+AQJ7MGOf47dRWpJMeuLsThH8nwb+/JwZMba/jYRaQAPLse8ybhiYbq6uokcUlr+KfnJNvuEhY+WGALLUqipb8EMcgWXWRDcT3pejwSJ/H4Uf2xWWAmIGMtTKeKlbJlmO06Z+iMChD+gLNChYl8iiz0ZW29D11hD0MTOLe1NSkR2pgplV5fnJ80y/VIVP1ahMO71pzZEkcksVbfBpUBLz5upsXqpp8cpdfSu5y80JxzL9dQV0Myc5I1gxasfKsfEdug+NXw+3nvhdtToegi05hPhiiYL9aiTHrzpOI1FiEqfcphLqxFyk2Mlzso21Hg6HNeNWzZ8rnltofYAdJ1BhcETVMQOchcwErjd2UONALTpaY4SkXVbYT7AVsPDbDbexYVogKljqDsp7US00Y1uIeBHpa2rqEhU90izNaH105j6xfMhbTAwka0IUnzgbJCRi9Cr1cEzieogXNdgGjBSO+SWbub4vIxv6iAZGQofpssOXToVDd18rDGi6v80TeifV90e91xPWS90S8VbkaF1/b3cbEpPMKy7X8P5XDv/BuAhz57KZpKymvcKw68w5spHLIczgsJA46DcOAJm9XuQKvQGHSQGzugcWdO6bcaJUnhwiY4yhWUp9BHVZV8rIj+gnDz4sQlZgmXq7aKCbXpmSq7AIYY4RQ5ZTsnmT2WAn/j6ndmotFYtmNWvMV7QFwmrKfvEpwqr4c4ZY87wx+TCZBsk13153EzJAsssg5drb8iX3p5J4s3WGos3LOJxVh8bEAISjrONNwH772MM9+1L2hSp2bUn0FSpTkD4wGOrCiGSLv2hSfadGNM4YhG7Xo9ou6YfLZd+Bk7Gie6DNdPr3Lbv0cZXg+BliznyPCsbsH3JEVx13R32YNezmHfnHkpk4+63n0F2fQBps6CHkI8kpS+KstJGV0NfBM25xANk9MEU/lXYnTkKR7trCwrBMSZeM7ewCYnrLFZh7SyVPKutjb3jBwsru/H7JrBr8zbEiE/bnB48gOIaNG+OlfynFcMipy+Mrn5sLQRZnVETOzrWbdCUF4w93f9kH3Y7OOJOBNg7ls9FLK1RIfBd4ZgtKYE1UMdXN3vRXY1EoCnurrSW21w3QYqrAny+mlUu+KMKoHXdi+2l4tNYnXiR0MUMBh/nVsMllEUWrBM/PMZscaYrJZNaXDgFFpZo76cfHQ3NElyoPkGdygKIpVvqkt6VJo8qnsuxigNcid4bV07OP9//cjE1rls/fuSyD2AKGWrskXyUfldXHYNrhodCEoAzE7eW4ONzMSy4gIzsolr5z2K7m+ui4tTDRusO5jpF4YYtZm35Sza/tVtoL+hGOw0ihked8a6LQYb3ZDSmhZrBahCDMKReFUzAsJNdpjnJfReJ3LFZ31Wkx/Z0sZsMycjLARfgmljiqc2mkIC5jGbVZLCNd2hl3Qfzm+lcIO0uBn4VmAgvvIkdXb6wXPyNU8C5esJ6LHstafMxDJxSospmgUHp8SBiZevnXedNs9pWw7A6k0Xo1FnIEDllypmQhBxvYEhEEnr5OBr0oLkwIYCEZL3vyFgT+obcvOFGyYTIAGxAql508UdZOOGWvcqrHsC8u85BpnfvkIkn8v2CuF90IufaUOcQjhLI/YYgYbu61w5GDdnHwpStA49DYZthTfrU/c+ykkg9RB68jwRnJfQoP+1GMvAzTZL2wSp5OWDh3Zm7UMaZAmUj8P4HFlo5VfIfesCNQfkW6OAN5T/nvMDGPE5eFDvUpy3K6ju6U4uLS9iCnbI+KGfkwWtlfs+R8Ou0zxmIHQ4ERM8KcV2D3WlBJrc+DU8a2JIKhddmgz7kwFwIyawr3DbHVj58aGQGZ1V/8BRA18zaB65um5hTxpZZN3FTK39eO4QAYCe0pZBL9winK4jwvo31w/kvGltCvv4Z+38dL8HLsBP9L6E+St1+Cts858Yf4nxyjiQmwslf7YDiNFoHx9r/q2hc7m650msIzmZrwesLlh/qvEKc3SxEKY6G41joLZX1G/jLBVClKXUwrVzOIrBwutFLS0x0PiU/+uGC8wgMDzoIMipiVeZT5CsY2pjP/3X5Fh/1CllozAHFq5Os3t0+E79jxIIQWcvRSS48CcpzxQBvy3fu3C2wDJjdHX/uVXuifnFuDHtrH8JrQBNlHycWXgr7yjm9zq9Dh6SzrImkhMpUwONzu7V0f1Bzq3eslBYM5EemE0MXDB9gJDbCHDKQzHqCae5ec5r/zlDAeQs0vQ+bNIpQYKVl2+prq4wb2ug5gxvSypK88Ea+ZvY/yY2xwzlWIrQBqaBl6NLjAwZHAl9b4onmC0mqcXwOEoiaqjaJhfopRhAVCynVG00kVnTSxp20QIPgh3A7TKuQH86Lit+ZDoPhp75wWljBnRjcikKHWlw8veseLvVdfK/tBibzCVBUqkiHggVpfS21ecgX39IifkCE3blWlnTPa8NARs2ySz2lw/5RQdRVhmsUKShuSKYAreZJRMZNgOIjGz603CTHlGctaw5xbele05PjZZvPqWyvVfVTVMwlykckXwcr7c2toO2CvwtA5Dlx21UzZCArUxdxcdXjcl4Tx4a90OW2oRPFZKYh2bBPXxk9SHCtsKSJm4pwOnNwjSCIBE8qNiDcSvu7A632LRV+vyqMB1tFQTciFNiZZn6XUgtVbyYbo1g6pwldTy4noo24S3ywNxDKlwWz2rWY4XLNx99BSDiwzsF+hKlKI4d+gH3itbQsL7ecivYC4YzrFz8rKw0YFijizfKEJcw9uIsOvHGnmn+ynysV9WpdUn2FWy41eFXRhZO0dD0IKV4kJVilSD9M5wRsOLH8lR3juQ6bvC4cpxfGTIV3n582D+HjrGULUTBV6QA2/iZkzXyCdvA0iu3n/WvWu809PODEjewVR+oZrhze3Eo/L3UtyOZDN7ya0sNwp2MaCnfwK1OyziDQq9CvekC36QLRweM13pVJMxW4m+MrTdfAAa8kA9pW/vt6P3aQb5zilyror0e4gWy0RMFI6WG7+ZARdFSfFyNam4qdK9Kx2YIPea1hwA10FjJPYj0kkP/NEVd6nEJ+4SH7yKqSE4hlZdNa8CvRaV/HKM54dokJV/tR4EpmZm5eh9BqiiP+WXsHvtoPzjujWWF6nIAD7jtLSUW5wucr8dNlBelEQlBL6tGxxFBV3HqPLUeIOOXuRUMJ+NAhOXLrYHz5FGzBpJVE0ApI7FHONTYbO+tnl2Wv4w0mj6TMwPXsplwfcVEm4C94YUC5az6VnEg2GEZyvfWD/SpDXRKCzhHkCPMvgYn06KGkFNAY1VOe9V49XnPvsadD5GZ3NMEKBhljVXTBZ9djw5LzvsBRnmNEuScbqVBt94jt06Fv2Zn1G/cuQ6BENxBSVX1djayNUTKDR7AHlDswgZvmrsUcdGfkteYlsFUmBnxqYZYQDETf00WEvRPx7i8RwwXAL1K3etR5wzPnEAKXxVPilFxbGGWvYBRIbkUR9rro2U7zSTRG98OIbb1t/va/LlIiJ0EX2AIfTtMbK89ldW9Z1w3fejjZ4zxyE9Pix5RpZlndvU0n18mZ3HRd22lPxPgAcamgpYp7ECGyKSdE8S6zB0+h2iLKQpdoySFRp4vphmoSg+Wssd58UfLJs89fMfzzBaXSUaCSyNz/K7vQZOSfB3vJBS203IDYCybr+tN58w35pmbWwkdU6h4N+YhPqttLlfDQAKwPETrHYMkXHLlZ+fGKJiqM4abuGsxd8zN5bnj7MtRhha1LyD45C/9iwQvlRIfEYQV2fKF5tXyUhxHdJR+q7bwhoKRFDCzoXVCHuHJsPAUvmI5ThawBnxOzs0Rj9owEdl5UaSmG8Gfo526kFpps5hT9d/ulDRcyz8BJLbUis1gRIJCOtQ/aQtnSr+tNQUw8OA8RMF2mIqtwHzXAaCkwNFRHhcCHZZEI680Hre2ws08jM4N1y1DIZgUFxGgRddIN7hb5AaKIdEPiJurDHHt35uUM8yh+ndU/q9UM4K56ZX1CTZV7Udki2HAAid/ewy8Hy67RPwEVBgSH3HD3u7gAVX8kj4GxhBGbJ9JjblpncXN09xQQmYhHhw4xijTvWd0nFof5p3JbJ94eF4RMNeWYLXFpx/XjJ6cH1AdbLkRgYfZj8C7uClgI9aUDrSOFirQiOMIPEnrkoykv5XKNqMXkJ/6f4n0XJWiojJfymLOGDJOR/w2Tvm9iAUaDP5G2+3/JJF/Fc2B/FZPdm0Mf+piVqMIlfjSS0Dv9j0B0y2tNHS/WNhh3iS7xxOwZ7Y0+eYHdWfVNwiWGS3bQctEiRRtjQubMRsWcpJJwEJDCEQ4lPZ05viSR19ZFaG1JGYgaj0ay0miHylV1ZS7uSNK0V+K9qDS3Gi18jqqREKHUfWkuwMmlydi9zb8r8BQQLj9h54o1e99mQ8dh8gr59IKAhgTxrAsFEofJRRuh1qnEgeglt03GQj5FrGfZkXWs1kJTgCpv+AzIOyCIMHwn2hVlDrG+Kxyw5LMk/Bl46GzaT3n1oL0SmQ0TvjgDLdRWa8BeoCukGHxRwYxrz8sM3D8g/q88QxMIF+s3tTUhGJ9somBtI9NJepHeuoXP0b3dPBd5NKIjx34fKc21+0dt2rSzEmv/blKCJshIEq+1o4+TA5BvyEOY21EIAstoivwctw+8uYxxC1xJfPjfWA/yJRgMf16QfmIi3fXBSprCXBoj7YcAE3iwILylRBvdTcf3DzUSDdQYAcE/o+RYRoX7NnhqlPMevGZEXpfUZTKoEuTI1nyNDwPsA96nWxW+gdUnkZPTE6jWMb0VEqe0mK/RtqlKV7Fvl73d9jBcncQuHIOv4vfkesZHKZeaUUctlfB2xkXXDqdrZGA/rN8BEZOKKjyJjEdhzFVGKIL4hcn1NPa8SECeUlhfpl1Q//gSTMRpV5rVm7CfTw6DpsVtpJSc9gf/H5xSZKRP0CnrGZSPOwN4tg2tazEF6Yb/Qyg+uZYa+HyWUaKqxcHP3Qy07D1GPKBiNSeIxuwYnuW1JfCRGhqJc0EyQy6fNZ+Jg/6CgHcfd1nA==,iv:yv4cLw5a0IxSHi/JdEbkfZaryN2LMZVrR1u8DQL0dBc=,tag:MNgaqBW9tYl73vX4MpUxsw==,type:str] + os: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJQakNCOGFBREFnRUNBaEJPa2tHWHl3TUZQOUpnTlBEYndaM1VNQVVHQXl0bGNEQVFNUTR3REFZRFZRUUsKRXdWMFlXeHZjekFlRncweU5UQXhNVEF4TURBMk1EZGFGdzB6TlRBeE1EZ3hNREEyTURkYU1CQXhEakFNQmdOVgpCQW9UQlhSaGJHOXpNQ293QlFZREsyVndBeUVBRUJ0SnFUNUNUWTJrQnZKOUl2WHEyUEE5ZDR2Y3o2Zk05QngwCnhnNFNRbkdqWVRCZk1BNEdBMVVkRHdFQi93UUVBd0lDaERBZEJnTlZIU1VFRmpBVUJnZ3JCZ0VGQlFjREFRWUkKS3dZQkJRVUhBd0l3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFkQmdOVkhRNEVGZ1FVYVNQWFFmUFlhSmZXQnVXOAo5T20vQkwrc0Zzb3dCUVlESzJWd0EwRUFZOTRXWHJ3VUpxTWtqS0tRQjFqdElEbGpabC9UUlVWOUc2dDlYOFA4ClE5UjZwL3VkUkJrdFYzTHRobVQwMjBmS3BObmMzY2ZFUUhId0tBa0lzRjVQREE9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + key: ENC[AES256_GCM,data:kEg/9D2108FmClbfmdDjreMl58yy2gpycdpuewOZx2F8kgZzFruxafagr08ECQOtTB0KN6+QO9ae5z8D+OVNUokdpri6RoZN+TJkEReJomT0I4lLZtqGjIodAz5FXGuOnRrij/2FAeTtTVbci1vvEIMrHomhtjVNX9PN0bHUNzuzUkwp1glKGDswXG8MyCS+oi32ANAkKieBrVAcEtlxNDv4aAZqPCsA0CNJdwJp99OaBS8R,iv:3PX8chKQtTGCLtigcLHaCPhFSSHCtBQkzrb/V2dpdpo=,tag:ivzRBoGYWR9nxIyEHALcEw==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxYkNIczB5bjV4T2cvQlla - ZmZEeDh0NXdPbkpGY3ZHWGNFYWU4TUlnc0dVCkxCWDZlUEpUellneXVNY2tpQWp4 - THpnaElZeW1QWjVEMUVlY3d2d2NlMnMKLS0tIHI2czd4L1p5UXVNaG8yaXdvdlBE - MVdpNVpnSElkT0FTdjhUaXAvNTI0RzQK9H5iA8TxnBKFB6V91YeQ99Upi44wW3/G - aFMvhjpzxkJmzMte1FI/U18kVcXPl2iR8zY6C610DT+T0e5JoSHWFQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1cyqpra4hj22emvvsjyygd3mstyrf8vy0hktmvmv85kxgggqxzfns4pkdhy - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBibUN5TWNTNEZ4L29lQXBV - MHdFQmQzUFhuVXhRSE1sZlJTKzE5REhTWGhNClRSOWY4Q0VZbWwxRzVWWUN4VVk4 - cVZsdDkxZkhJTEt3SER6ME1wSWFLN3MKLS0tIDBkYWVFUGR2VGh2cGV6QWlsK3RG - UlEwbU43WjVXbFZ0Z3RJbWZMbGdObVkKX+CimLdsMH45pCiyNVUJVrLiNQZO9Lhw - yEew1PehSTFuW2nkuj/dsLZft9iPOCRS8vzS/ZFUnthOsh5oYWX+Zg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-01-10T10:06:07Z" - mac: ENC[AES256_GCM,data:dxKtA96im0A1GVBU4vyahJcNEJqcoAjAqMEiDuc6W8IVoRCLeVrXk2MEZrn5KMN99bnKeuFBwCsU1xZVeXhaqbIBIkolt0jnUa7E7oZKpOWh4LnzCzLu6rgQ9fm08DK3bX19MMjpEr716GsZpqaP5iA6gtwTe6Q3ZTeAu4JCm2k=,iv:aafqXxBEK36HOVJeMxvgb/w+mYVEj0SSydyJ+0yJlN0=,tag:hyLiiTWZIcJ50XtCWgM23A==,type:str] - pgp: [] - encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) - version: 3.9.3 + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxYkNIczB5bjV4T2cvQlla + ZmZEeDh0NXdPbkpGY3ZHWGNFYWU4TUlnc0dVCkxCWDZlUEpUellneXVNY2tpQWp4 + THpnaElZeW1QWjVEMUVlY3d2d2NlMnMKLS0tIHI2czd4L1p5UXVNaG8yaXdvdlBE + MVdpNVpnSElkT0FTdjhUaXAvNTI0RzQK9H5iA8TxnBKFB6V91YeQ99Upi44wW3/G + aFMvhjpzxkJmzMte1FI/U18kVcXPl2iR8zY6C610DT+T0e5JoSHWFQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1cyqpra4hj22emvvsjyygd3mstyrf8vy0hktmvmv85kxgggqxzfns4pkdhy + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBibUN5TWNTNEZ4L29lQXBV + MHdFQmQzUFhuVXhRSE1sZlJTKzE5REhTWGhNClRSOWY4Q0VZbWwxRzVWWUN4VVk4 + cVZsdDkxZkhJTEt3SER6ME1wSWFLN3MKLS0tIDBkYWVFUGR2VGh2cGV6QWlsK3RG + UlEwbU43WjVXbFZ0Z3RJbWZMbGdObVkKX+CimLdsMH45pCiyNVUJVrLiNQZO9Lhw + yEew1PehSTFuW2nkuj/dsLZft9iPOCRS8vzS/ZFUnthOsh5oYWX+Zg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-01-10T10:06:07Z" + mac: ENC[AES256_GCM,data:dxKtA96im0A1GVBU4vyahJcNEJqcoAjAqMEiDuc6W8IVoRCLeVrXk2MEZrn5KMN99bnKeuFBwCsU1xZVeXhaqbIBIkolt0jnUa7E7oZKpOWh4LnzCzLu6rgQ9fm08DK3bX19MMjpEr716GsZpqaP5iA6gtwTe6Q3ZTeAu4JCm2k=,iv:aafqXxBEK36HOVJeMxvgb/w+mYVEj0SSydyJ+0yJlN0=,tag:hyLiiTWZIcJ50XtCWgM23A==,type:str] + pgp: [] + encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) + version: 3.9.3 diff --git a/kubernetes/staging/flux/settings/cluster-secrets.sops.yaml b/kubernetes/staging/flux/settings/cluster-secrets.sops.yaml index b09f0e7abc..5fde340a56 100644 --- a/kubernetes/staging/flux/settings/cluster-secrets.sops.yaml +++ b/kubernetes/staging/flux/settings/cluster-secrets.sops.yaml @@ -1,41 +1,41 @@ apiVersion: v1 kind: Secret metadata: - name: cluster-secrets - namespace: flux-system + name: cluster-secrets + namespace: flux-system stringData: - SECRET_ADMIN_EMAIL: ENC[AES256_GCM,data:dX9l9WLnIZu2FmLh/H8=,iv:OyvwFjkFll14hnJuweReo3+qpGWmMl2DFKfjLANeD78=,tag:gq57UwVMdl4Y017OlWtMAg==,type:str] - SECRET_DOMAIN_NAME: ENC[AES256_GCM,data:DZtyWyDe/y3uHDrm,iv:gju+/X9proqWH7fqfcexhc9JHuaZ30NUnAdaRZ1LVQY=,tag:mHbXMNEnnnLIy2kxM696fw==,type:str] - SECRET_MAIN_DOMAIN_NAME: ENC[AES256_GCM,data:bMnnjDXiug==,iv:8lPUwpae/ZV0UAeI6TT+ZNjCfUVU6mD07iOAjRy3/1I=,tag:j8sULNDzXl1qeBbpUeZnbQ==,type:str] - SECRET_TECH_DOMAIN_NAME: ENC[AES256_GCM,data:FA51wcwb6pat,iv:1VuAxY5l7vK2Sd/cRvPjG85pMW2YEuimIeWBOcnfea8=,tag:WRDwHEYBiOh7QGqTXqRhnA==,type:str] - SECRET_ATLAS_NFS_SERVER: ENC[AES256_GCM,data:ua8SA98+Dxry7zC18pmFiA==,iv:cOjctOapkZtpYFcu2sSFAPLh65Ywerb5EvTSeKjRePA=,tag:nXkOu7qtvx8cobfzW/k/bA==,type:str] - SECRET_ATLAS_NFS_ROOTDIR: ENC[AES256_GCM,data:HoVR2sQcMt3VqNPc3ianNXtu/uks3g==,iv:nTCybJk0EBxPEzLp6xx+0OqPhmsCCLbi4rruAKiKmD4=,tag:FtXlJeMfMetw/W+elYfclw==,type:str] + SECRET_ADMIN_EMAIL: ENC[AES256_GCM,data:dX9l9WLnIZu2FmLh/H8=,iv:OyvwFjkFll14hnJuweReo3+qpGWmMl2DFKfjLANeD78=,tag:gq57UwVMdl4Y017OlWtMAg==,type:str] + SECRET_DOMAIN_NAME: ENC[AES256_GCM,data:DZtyWyDe/y3uHDrm,iv:gju+/X9proqWH7fqfcexhc9JHuaZ30NUnAdaRZ1LVQY=,tag:mHbXMNEnnnLIy2kxM696fw==,type:str] + SECRET_MAIN_DOMAIN_NAME: ENC[AES256_GCM,data:bMnnjDXiug==,iv:8lPUwpae/ZV0UAeI6TT+ZNjCfUVU6mD07iOAjRy3/1I=,tag:j8sULNDzXl1qeBbpUeZnbQ==,type:str] + SECRET_TECH_DOMAIN_NAME: ENC[AES256_GCM,data:FA51wcwb6pat,iv:1VuAxY5l7vK2Sd/cRvPjG85pMW2YEuimIeWBOcnfea8=,tag:WRDwHEYBiOh7QGqTXqRhnA==,type:str] + SECRET_ATLAS_NFS_SERVER: ENC[AES256_GCM,data:ua8SA98+Dxry7zC18pmFiA==,iv:cOjctOapkZtpYFcu2sSFAPLh65Ywerb5EvTSeKjRePA=,tag:nXkOu7qtvx8cobfzW/k/bA==,type:str] + SECRET_ATLAS_NFS_ROOTDIR: ENC[AES256_GCM,data:HoVR2sQcMt3VqNPc3ianNXtu/uks3g==,iv:nTCybJk0EBxPEzLp6xx+0OqPhmsCCLbi4rruAKiKmD4=,tag:FtXlJeMfMetw/W+elYfclw==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvSlJMMWc2MzlOQUw1K2p6 - UnJkZXJhTWxrTG1UY1U4blpUOE5CTHB6amtZCmx6ajlWMmlwZVNxYW9sN3ZrSUd0 - d2szRXNTc0tYaGNwNm9ha2J2R0pBQ2cKLS0tIHRGQ1QxRDJjOTQ0RHN6VGRNSzNw - OXJrRW96aFZzSnNxK2kxcjVvbldEaTQKhUY7EYojAYbFSsMUSzCpTTKNU1dd2ON9 - Lu8pj39dyl1W2R6X9HZC7YOjwOR+j6oweYI62LXxcNxNNu1R6jrkBA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1cyqpra4hj22emvvsjyygd3mstyrf8vy0hktmvmv85kxgggqxzfns4pkdhy - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLZDVFS3k3TGZsMVdqYkdG - Q0wzTGdYY0pvRlduUzVDMTM2NGFZOERZajJvCjhWSEdtRVBIZCtVNWVTTTlWV2FN - d1BvdVhtclR4YTlzUHZkY08rUzJMa3cKLS0tIHg4S1pGSEIzeGZzOUsra2dJanJs - R3dSN2FWS0E0all3RGRaMVBhZFVNU3MKUHttLIR+BOkq+uhkS44WXtkt/BuK7tg2 - Dywk5ccgctJUf6Nv2Axz2IY4/mzHAOknzhN4PtVNIbeh107hiHEkyA== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-05-04T17:16:37Z" - mac: ENC[AES256_GCM,data:HLn9+TQ8AmfnZFeHIaw8R17uwshV4Jz0YDaLpFG6zklUNL4Xx1sBEp7L0rui4EpbBXObyrFrviJ/FwC3ARfZxhTQQiaX0wyJkSqn/X/s6HS7i2WSNeSD+oQC9GRGzI00ISCJurXqQyiC3NanLJnrIDfdosajqXP/x4Dfm+4rHcs=,iv:UTAsOHp/BC8XU/xxUGWg+L5csfrDd37Y0Ft8haEKtqY=,tag:wh0J5cpJW06kPOc/cEhmTg==,type:str] - pgp: [] - encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) - version: 3.8.1 + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1p28u8xjm5sf7jdavc8xsqtw7lxgscefxs7a5dtqszr2885xeputsh9y64y + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvSlJMMWc2MzlOQUw1K2p6 + UnJkZXJhTWxrTG1UY1U4blpUOE5CTHB6amtZCmx6ajlWMmlwZVNxYW9sN3ZrSUd0 + d2szRXNTc0tYaGNwNm9ha2J2R0pBQ2cKLS0tIHRGQ1QxRDJjOTQ0RHN6VGRNSzNw + OXJrRW96aFZzSnNxK2kxcjVvbldEaTQKhUY7EYojAYbFSsMUSzCpTTKNU1dd2ON9 + Lu8pj39dyl1W2R6X9HZC7YOjwOR+j6oweYI62LXxcNxNNu1R6jrkBA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1cyqpra4hj22emvvsjyygd3mstyrf8vy0hktmvmv85kxgggqxzfns4pkdhy + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLZDVFS3k3TGZsMVdqYkdG + Q0wzTGdYY0pvRlduUzVDMTM2NGFZOERZajJvCjhWSEdtRVBIZCtVNWVTTTlWV2FN + d1BvdVhtclR4YTlzUHZkY08rUzJMa3cKLS0tIHg4S1pGSEIzeGZzOUsra2dJanJs + R3dSN2FWS0E0all3RGRaMVBhZFVNU3MKUHttLIR+BOkq+uhkS44WXtkt/BuK7tg2 + Dywk5ccgctJUf6Nv2Axz2IY4/mzHAOknzhN4PtVNIbeh107hiHEkyA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-05-04T17:16:37Z" + mac: ENC[AES256_GCM,data:HLn9+TQ8AmfnZFeHIaw8R17uwshV4Jz0YDaLpFG6zklUNL4Xx1sBEp7L0rui4EpbBXObyrFrviJ/FwC3ARfZxhTQQiaX0wyJkSqn/X/s6HS7i2WSNeSD+oQC9GRGzI00ISCJurXqQyiC3NanLJnrIDfdosajqXP/x4Dfm+4rHcs=,iv:UTAsOHp/BC8XU/xxUGWg+L5csfrDd37Y0Ft8haEKtqY=,tag:wh0J5cpJW06kPOc/cEhmTg==,type:str] + pgp: [] + encrypted_regex: ((?i)(displayname|email|pass|secret($|[^N])|key|token|^data$|^stringData)) + version: 3.8.1