Files
homelab/k8s/apps/amnezia/external-secrets.yaml
T

79 lines
2.0 KiB
YAML
Raw Normal View History

2026-06-16 02:27:29 +01:00
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: amneziawg-server
spec:
target:
name: amneziawg-server
deletionPolicy: Delete
template:
type: Opaque
data:
server-public-key: |-
{{ .server_public_key }}
awg0.conf: |-
[Interface]
PrivateKey = {{ .server_private_key }}
2026-06-16 03:48:41 +01:00
Address = 10.8.0.1/16
2026-06-16 02:27:29 +01:00
ListenPort = 5847
MTU = 1376
Jc = 4
Jmin = 64
Jmax = 128
S1 = 15
S2 = 18
S3 = 20
S4 = 23
H1 = 1020325451
H2 = 3288052141
H3 = 1766607858
H4 = 2528465083
2026-06-16 03:48:41 +01:00
PostUp = /scripts/firewall-up.sh 5847 10.8.0.0/16
PostDown = /scripts/firewall-down.sh 5847 10.8.0.0/16
2026-06-16 02:27:29 +01:00
data:
- secretKey: server_private_key
sourceRef:
storeRef:
name: vaultwarden-login
kind: ClusterSecretStore
remoteRef:
key: 3092dc7c-41dd-461a-9f7a-377727f47e93
property: fields[0].value
- secretKey: server_public_key
sourceRef:
storeRef:
name: vaultwarden-login
kind: ClusterSecretStore
remoteRef:
key: 3092dc7c-41dd-461a-9f7a-377727f47e93
property: fields[1].value
2026-07-01 13:43:17 +03:00
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: amnezia-fellow
spec:
target:
name: amnezia-fellow
deletionPolicy: Delete
template:
type: Opaque
data:
database-url: |-
postgresql://amnezia_fellow:{{ .amnezia_fellow }}@psql.psql.svc:5432/amnezia_fellow
postgres-password: |-
{{ .amnezia_fellow }}
data:
- secretKey: amnezia_fellow
sourceRef:
storeRef:
name: vaultwarden-login
kind: ClusterSecretStore
remoteRef:
conversionStrategy: Default
decodingStrategy: None
metadataPolicy: None
key: 2a9deb39-ef22-433e-a1be-df1555625e22
property: fields[19].value