update dyndns

Author: soerenschneider

clusters/svc.dd.soeren.cloud/dyndns/dyndns-client/external-secret-dyndns-client-aws-credentials.yaml

@@ -0,0 +1,22 @@
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: "dyndns-client-aws-credentials"
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    name: "vault"
+    kind: "ClusterSecretStore"
+  target:
+    name: "dyndns-client-aws-credentials"
+    creationPolicy: "Owner"
+  data:
+    - secretKey: "AWS_ACCESS_KEY_ID"
+      remoteRef:
+        key: "secret/soeren.cloud/k8s/svc.dd.soeren.cloud/dyndns/client/aws-credentials"
+        property: "AWS_ACCESS_KEY_ID"
+    - secretKey: "AWS_SECRET_ACCESS_KEY"
+      remoteRef:
+        key: "secret/soeren.cloud/k8s/svc.dd.soeren.cloud/dyndns/client/aws-credentials"
+        property: "AWS_SECRET_ACCESS_KEY"

clusters/svc.dd.soeren.cloud/dyndns/dyndns-client/external-secret-dyndns-client-aws-endpoints.yaml

@@ -0,0 +1,26 @@
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: "dyndns-client-aws-endpoints"
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    name: "vault"
+    kind: "ClusterSecretStore"
+  target:
+    name: "dyndns-client-aws-endpoints"
+    creationPolicy: "Owner"
+  data:
+    - secretKey: "DYNDNS_HTTP_DISPATCHER_CONF"
+      remoteRef:
+        key: "secret/soeren.cloud/env/prod/dyndns-endpoints"
+        property: "DYNDNS_HTTP_DISPATCHER_CONF"
+    - secretKey: "DYNDNS_HTTP_RESOLVER_PREFERRED_URLS"
+      remoteRef:
+        key: "secret/soeren.cloud/env/prod/dyndns-endpoints"
+        property: "DYNDNS_HTTP_RESOLVER_PREFERRED_URLS"
+    - secretKey: "DYNDNS_SQS_QUEUE"
+      remoteRef:
+        key: "secret/soeren.cloud/env/prod/dyndns-endpoints"
+        property: "DYNDNS_SQS_QUEUE"

clusters/svc.dd.soeren.cloud/dyndns/dyndns-client/external-secret-dyndns-client-keypair.yaml

@@ -0,0 +1,18 @@
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: "dyndns-client-keypair"
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    name: "vault"
+    kind: "ClusterSecretStore"
+  target:
+    name: "dyndns-client-keypair"
+    creationPolicy: "Owner"
+  data:
+    - secretKey: "keypair.json"
+      remoteRef:
+        key: "secret/soeren.cloud/k8s/svc.dd.soeren.cloud/dyndns/client/keypair"
+        property: "keypair.json"

clusters/svc.dd.soeren.cloud/dyndns/dyndns-client/kustomization.yaml

@@ -0,0 +1,31 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ../../../../apps/dyndns/client
+  - external-secret-dyndns-client-aws-credentials.yaml
+  - external-secret-dyndns-client-aws-endpoints.yaml
+  - external-secret-dyndns-client-keypair.yaml
+components:
+  - ../../../../apps/dyndns/client/components/aws-credentials
+  - ../../../../apps/dyndns/client/components/aws-endpoints
+  - ../../../../apps/dyndns/client/components/keypair
+patches:
+  - target:
+      kind: Deployment
+      name: dyndns-client
+    patch: |-
+      - op: add
+        path: /spec/template/spec/priorityClassName
+        value: prod-high-prio
+      - op: replace
+        path: /spec/template/spec/volumes
+        value:
+          - name: keypair
+            secret:
+              secretName: dyndns-client-keypair
+configMapGenerator:
+  - name: dyndns-client-config
+    behavior: merge
+    literals:
+      - "DYNDNS_HOST=dd.dc.soeren.cloud"

clusters/svc.dd.soeren.cloud/dyndns/dyndns-server/external-secret-dyndns-client-aws-endpoints.yaml

@@ -0,0 +1,18 @@
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: "dyndns-server-aws-endpoints"
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    name: "vault"
+    kind: "ClusterSecretStore"
+  target:
+    name: "dyndns-server-aws-sqs"
+    creationPolicy: "Owner"
+  data:
+    - secretKey: "DYNDNS_SQS_QUEUE"
+      remoteRef:
+        key: "secret/soeren.cloud/env/prod/dyndns-endpoints"
+        property: "DYNDNS_SQS_QUEUE"

clusters/svc.dd.soeren.cloud/dyndns/dyndns-server/external-secret-dyndns-server-aws-credentials.yaml

@@ -0,0 +1,22 @@
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: "dyndns-server-aws-credentials"
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    name: "vault"
+    kind: "ClusterSecretStore"
+  target:
+    name: "dyndns-server-aws-credentials"
+    creationPolicy: "Owner"
+  data:
+    - secretKey: "AWS_ACCESS_KEY_ID"
+      remoteRef:
+        key: "secret/soeren.cloud/k8s/svc.dd.soeren.cloud/dyndns/server/aws-credentials"
+        property: "AWS_ACCESS_KEY_ID"
+    - secretKey: "AWS_SECRET_ACCESS_KEY"
+      remoteRef:
+        key: "secret/soeren.cloud/k8s/svc.dd.soeren.cloud/dyndns/server/aws-credentials"
+        property: "AWS_SECRET_ACCESS_KEY"

clusters/svc.dd.soeren.cloud/dyndns/dyndns-server/kustomization.yaml

@@ -0,0 +1,18 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ../../../common/dyndns/server
+  - external-secret-dyndns-client-aws-endpoints.yaml
+  - external-secret-dyndns-server-aws-credentials.yaml
+components:
+  - ../../../../apps/dyndns/server/components/aws-sqs
+  - ../../../../apps/dyndns/server/components/aws-credentials
+patches:
+  - target:
+      kind: Deployment
+      name: dyndns-server
+    patch: |-
+      - op: add
+        path: /spec/template/spec/priorityClassName
+        value: prod-default-prio

clusters/svc.dd.soeren.cloud/dyndns/kustomization.yaml

@@ -0,0 +1,8 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: dyndns
+resources:
+  - namespace.yaml
+  - dyndns-client
+  - dyndns-server

clusters/svc.dd.soeren.cloud/dyndns/namespace.yaml

@@ -0,0 +1,7 @@
+---
+kind: Namespace
+apiVersion: v1
+metadata:
+  name: dyndns
+  labels:
+    name: dyndns