diff --git a/clusters/k8s01/nas/kustomization.yaml b/clusters/k8s01/nas/kustomization.yaml new file mode 100644 index 0000000000000000000000000000000000000000..06794365fc3fbcdac873fea8b4fa96b49be58a81 --- /dev/null +++ b/clusters/k8s01/nas/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- namespace.yaml +- s3.yaml diff --git a/clusters/k8s01/nas/namespace.yaml b/clusters/k8s01/nas/namespace.yaml new file mode 100644 index 0000000000000000000000000000000000000000..0a2fde392fb2bce491fac630c4268a8cf99c8685 --- /dev/null +++ b/clusters/k8s01/nas/namespace.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: nas + labels: + name: nas diff --git a/clusters/k8s01/nas/s3.yaml b/clusters/k8s01/nas/s3.yaml new file mode 100644 index 0000000000000000000000000000000000000000..9db1a93b9d6da8acae0049d5a58daa7d049becd3 --- /dev/null +++ b/clusters/k8s01/nas/s3.yaml @@ -0,0 +1,206 @@ +apiVersion: v1 +kind: Service +metadata: + name: s3 + namespace: nas +spec: + type: ExternalName + externalName: ENC[AES256_GCM,data:fwc8cAg/xLWURZq+/k+/eyxWEA==,iv:UAFXpKGbDIkj+ggfiATh/7l8pKXhtYF4R4eFCaNYzgY=,tag:D0FPVpUuBEI8O9OV42HKBg==,type:str] + ports: + - port: 9000 + name: https + protocol: TCP +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2022-09-13T22:05:14Z" + mac: ENC[AES256_GCM,data:nEObyUfkglecL9oAMNC2717K32t0bslt9Oym2AHMg+eW5Qbl5l9RjUvjFkXeStKAUxP6WPz0i14gwp/JpUQ3wd+PTFuH0LYMQusROlyK/2LuBsxG6MAqupNRISZEKkLQr+zs+dJm0arei7AXj6p2meZuFPLlyJegID3ot6Sqeac=,iv:rcXPsc8+Xub/zQxn4eP0u+MlXcqFQ5zbr6XI3r+wMp0=,tag:Qk1jSXIFtyRchxd21MV6iA==,type:str] + pgp: + - created_at: "2022-09-13T20:16:18Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA7kpg2bgzVHcARAAs2wtI2PnfYFdrQMyzW9uwi06Wzi5NPO1PmRp896RrkCr + tqILIJoJayon4IFtoXmG99KZUqDfMWAb7wqAzw8+pwI6Qy+xJjzZ88fYnaP2m8yX + 2ebnaliurX7+VaRwJ0jBW5DJRUkpGqy4dm3kAA3uV8oyOU6QrCfVH5nekS38PKAH + QDQcCA+u3ERe6meAOTXyfJw/y8WMocTNrmFTQDImornspXaakDOBnN8WPOhizlvm + A8SmEZI1Mp4TlNuhRZaX8vu1zGMJ2Ut3QyzCBUy45cs1BVRtLQjj7LZ6zpyMSr7v + wNMxNByOiW4m5Ic6LrUSAoShLmIXqb+uUFno6uG8kyP5cQc3+9fXLhvPpwT2oedY + cnSpTkwqx7l1/lQ0xsnKrNhr+/RU3FK27Q5BgTj4NAQF5pCXkUa0QMeSHfKXtNo6 + +/TE+KIHzbwvPoabWXXWl8odT3Jw6mmOy66otADlxXa6s+g5FhpZfQKQlCr54Lh/ + EdAlQc3cGxPzDCeTVmDFZu53A9cXaeR/DpzILjJkdcw8muG9aJtGhq/taudZZhAv + +rgJHXYKvQu05LTGQLClMrlJidO2+B0qNV3aw40sYGyZ/n73nvnODrXaRzNG1jyR + +j5u4KQpWAUKpljlbAw3lKUll+wBhmmnPJ6UJQ87VmDDcadXFORua+yQsplKRtrS + 5gHPRhnLFveyK1PjYIcasVnKCoS3OiRG187uwx9iPJq95oZETk0VmnpUleiJcml5 + kPy6qaM/qjIx7lo1ShovIfLk25sEge6NkiUwkx/WXI8b++JHZO27AA== + =sOCX + -----END PGP MESSAGE----- + fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601 + - created_at: "2022-09-13T20:16:18Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA4oYbIHZIrAPAQ/+I/VVicoriCwyJ3X3RRUJ2v/hlV7DmUHNBghR6xl5Hqc6 + KzDh/3vFYCD14aqFprgv7sBI+WpwVZh5bgqfWUiZ+ydCQZl++r/t71sGlrC0yYhU + IKgAoc/nCRyAnNrK+7vpcQ4tjyCrHzerSJSmE8X5x1yVi1VfE3NhtuwWhfjieW88 + aSwIPsj4twmOMVTCjwOaCvOw/xdehJEsL4J0nOXTNUrjWO6TuNrhEBVL5avk/Vxc + zGL3KZBaykVH8lai+ZwpPyf5lZgjbeHb82Gl8VdEy0o0oyDWWriJOkxX5w09/ajv + PcpROSGXdjPvt/7jLgSQR50UY6Ekju6DsUYxaXeJ4QryPITDkcf2MbFstEA6e2np + HGbNTN3yMnoFBijLQPWxQotk9xufDaKLVxDFfSZXoDdMu+005DJnVykM8Pv5qck7 + /fC+jy59mGO0eiDfltWGb1q6CRyJeXk0RTnt9X77I4EMLWjeid6zUhjCp4ZDLSK9 + UuKlnwk5/vb0aH2w87y60M9qgaaIzwB0Be7hpSZ+/OPBhakCS3gU1LxNSMLlSw0o + zoNviDkFxEACkqt+YIYJ3phNRn71RUzNUObiz/LWyd2ZasN5IDnezW39t/4uKjYa + Y1YyZ5HvdJEGvtBYycftTY7IwqUK2DVicImSc4Dszk1PbqMDzIUUbmGN7MxR/gTU + aAEJAhALMJFcOgYratPE/GE+mWKliwdylZQU2pKCuX5DZD5c363wYdmLL5zx32g9 + 3O9uQjmXIvIsKLQecFvk7L9W+F5H0Ya822Be5X1eQiIiYDmRLE3IDgrLypSGW870 + XwzIGA4wMFDY + =5l9E + -----END PGP MESSAGE----- + fp: B137EE1549DFAF960DD1E2B15147025FB9F09E07 + encrypted_regex: ^(data|stringData|email|dnsZones?|dnsNames?|.*(H|h)osts?|tang|externalURL|.*-secret|.*-url|.*Secrets?|.*-domain|password|subjects|node|apiURL|.*(S|s)erverNames?|.*SecretKey|externalName)$ + version: 3.7.1 +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: s3-tls + namespace: nas +spec: + dnsNames: + - ENC[AES256_GCM,data:ecegjdQgc88E/W0j+KzhpQ==,iv:ikGx+n+E+KFImkxPORNGU2cIP9/BywwetTgBJ/juVHs=,tag:gcTyQSw0XMORI6NqYNYkNg==,type:str] + - ENC[AES256_GCM,data:TZLnYynHEH/mqu8dZ5wVF2EUcgJm3+XU,iv:LnMGuyCqIlXzshECYkrqYU8anpK4ZyHdM0Xvj1tM30s=,tag:E+W1gUyDOOtiFCpvmiSmyw==,type:str] + issuerRef: + name: letsencrypt + kind: ClusterIssuer + secretName: ingress-s3-tls +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2022-09-13T22:05:14Z" + mac: ENC[AES256_GCM,data:nEObyUfkglecL9oAMNC2717K32t0bslt9Oym2AHMg+eW5Qbl5l9RjUvjFkXeStKAUxP6WPz0i14gwp/JpUQ3wd+PTFuH0LYMQusROlyK/2LuBsxG6MAqupNRISZEKkLQr+zs+dJm0arei7AXj6p2meZuFPLlyJegID3ot6Sqeac=,iv:rcXPsc8+Xub/zQxn4eP0u+MlXcqFQ5zbr6XI3r+wMp0=,tag:Qk1jSXIFtyRchxd21MV6iA==,type:str] + pgp: + - created_at: "2022-09-13T20:16:18Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA7kpg2bgzVHcARAAs2wtI2PnfYFdrQMyzW9uwi06Wzi5NPO1PmRp896RrkCr + tqILIJoJayon4IFtoXmG99KZUqDfMWAb7wqAzw8+pwI6Qy+xJjzZ88fYnaP2m8yX + 2ebnaliurX7+VaRwJ0jBW5DJRUkpGqy4dm3kAA3uV8oyOU6QrCfVH5nekS38PKAH + QDQcCA+u3ERe6meAOTXyfJw/y8WMocTNrmFTQDImornspXaakDOBnN8WPOhizlvm + A8SmEZI1Mp4TlNuhRZaX8vu1zGMJ2Ut3QyzCBUy45cs1BVRtLQjj7LZ6zpyMSr7v + wNMxNByOiW4m5Ic6LrUSAoShLmIXqb+uUFno6uG8kyP5cQc3+9fXLhvPpwT2oedY + cnSpTkwqx7l1/lQ0xsnKrNhr+/RU3FK27Q5BgTj4NAQF5pCXkUa0QMeSHfKXtNo6 + +/TE+KIHzbwvPoabWXXWl8odT3Jw6mmOy66otADlxXa6s+g5FhpZfQKQlCr54Lh/ + EdAlQc3cGxPzDCeTVmDFZu53A9cXaeR/DpzILjJkdcw8muG9aJtGhq/taudZZhAv + +rgJHXYKvQu05LTGQLClMrlJidO2+B0qNV3aw40sYGyZ/n73nvnODrXaRzNG1jyR + +j5u4KQpWAUKpljlbAw3lKUll+wBhmmnPJ6UJQ87VmDDcadXFORua+yQsplKRtrS + 5gHPRhnLFveyK1PjYIcasVnKCoS3OiRG187uwx9iPJq95oZETk0VmnpUleiJcml5 + kPy6qaM/qjIx7lo1ShovIfLk25sEge6NkiUwkx/WXI8b++JHZO27AA== + =sOCX + -----END PGP MESSAGE----- + fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601 + - created_at: "2022-09-13T20:16:18Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA4oYbIHZIrAPAQ/+I/VVicoriCwyJ3X3RRUJ2v/hlV7DmUHNBghR6xl5Hqc6 + KzDh/3vFYCD14aqFprgv7sBI+WpwVZh5bgqfWUiZ+ydCQZl++r/t71sGlrC0yYhU + IKgAoc/nCRyAnNrK+7vpcQ4tjyCrHzerSJSmE8X5x1yVi1VfE3NhtuwWhfjieW88 + aSwIPsj4twmOMVTCjwOaCvOw/xdehJEsL4J0nOXTNUrjWO6TuNrhEBVL5avk/Vxc + zGL3KZBaykVH8lai+ZwpPyf5lZgjbeHb82Gl8VdEy0o0oyDWWriJOkxX5w09/ajv + PcpROSGXdjPvt/7jLgSQR50UY6Ekju6DsUYxaXeJ4QryPITDkcf2MbFstEA6e2np + HGbNTN3yMnoFBijLQPWxQotk9xufDaKLVxDFfSZXoDdMu+005DJnVykM8Pv5qck7 + /fC+jy59mGO0eiDfltWGb1q6CRyJeXk0RTnt9X77I4EMLWjeid6zUhjCp4ZDLSK9 + UuKlnwk5/vb0aH2w87y60M9qgaaIzwB0Be7hpSZ+/OPBhakCS3gU1LxNSMLlSw0o + zoNviDkFxEACkqt+YIYJ3phNRn71RUzNUObiz/LWyd2ZasN5IDnezW39t/4uKjYa + Y1YyZ5HvdJEGvtBYycftTY7IwqUK2DVicImSc4Dszk1PbqMDzIUUbmGN7MxR/gTU + aAEJAhALMJFcOgYratPE/GE+mWKliwdylZQU2pKCuX5DZD5c363wYdmLL5zx32g9 + 3O9uQjmXIvIsKLQecFvk7L9W+F5H0Ya822Be5X1eQiIiYDmRLE3IDgrLypSGW870 + XwzIGA4wMFDY + =5l9E + -----END PGP MESSAGE----- + fp: B137EE1549DFAF960DD1E2B15147025FB9F09E07 + encrypted_regex: ^(data|stringData|email|dnsZones?|dnsNames?|.*(H|h)osts?|tang|externalURL|.*-secret|.*-url|.*Secrets?|.*-domain|password|subjects|node|apiURL|.*(S|s)erverNames?|.*SecretKey|externalName)$ + version: 3.7.1 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: s3-pad + namespace: nas + annotations: + nginx.ingress.kubernetes.io/backend-protocol: HTTPS +spec: + rules: + - host: ENC[AES256_GCM,data:ZjqjbpLbh4cYYG5/Smu/3kAxL3wHcQw/uho=,iv:HWPhwRyicK8U7cXX/L+MvIw0IoZdKXwsnrfth4GRKZE=,tag:AgOqX2HGlrMmhKXvQBqHOA==,type:str] + http: + paths: + - path: /pad + pathType: Prefix + backend: + service: + name: s3 + port: + number: 9000 + tls: + - hosts: + - ENC[AES256_GCM,data:tr1C+6Blue7ffbIub+lBjx9IsUh9biZB,iv:RtEsZsXVay4Cd/AwoFBWV1aA3gurA0yGVx+EUJoEb+M=,tag:zAxqwa6bvIDiL1PChv96nA==,type:str] + secretName: ingress-s3-tls +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2022-09-13T22:05:14Z" + mac: ENC[AES256_GCM,data:nEObyUfkglecL9oAMNC2717K32t0bslt9Oym2AHMg+eW5Qbl5l9RjUvjFkXeStKAUxP6WPz0i14gwp/JpUQ3wd+PTFuH0LYMQusROlyK/2LuBsxG6MAqupNRISZEKkLQr+zs+dJm0arei7AXj6p2meZuFPLlyJegID3ot6Sqeac=,iv:rcXPsc8+Xub/zQxn4eP0u+MlXcqFQ5zbr6XI3r+wMp0=,tag:Qk1jSXIFtyRchxd21MV6iA==,type:str] + pgp: + - created_at: "2022-09-13T20:16:18Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA7kpg2bgzVHcARAAs2wtI2PnfYFdrQMyzW9uwi06Wzi5NPO1PmRp896RrkCr + tqILIJoJayon4IFtoXmG99KZUqDfMWAb7wqAzw8+pwI6Qy+xJjzZ88fYnaP2m8yX + 2ebnaliurX7+VaRwJ0jBW5DJRUkpGqy4dm3kAA3uV8oyOU6QrCfVH5nekS38PKAH + QDQcCA+u3ERe6meAOTXyfJw/y8WMocTNrmFTQDImornspXaakDOBnN8WPOhizlvm + A8SmEZI1Mp4TlNuhRZaX8vu1zGMJ2Ut3QyzCBUy45cs1BVRtLQjj7LZ6zpyMSr7v + wNMxNByOiW4m5Ic6LrUSAoShLmIXqb+uUFno6uG8kyP5cQc3+9fXLhvPpwT2oedY + cnSpTkwqx7l1/lQ0xsnKrNhr+/RU3FK27Q5BgTj4NAQF5pCXkUa0QMeSHfKXtNo6 + +/TE+KIHzbwvPoabWXXWl8odT3Jw6mmOy66otADlxXa6s+g5FhpZfQKQlCr54Lh/ + EdAlQc3cGxPzDCeTVmDFZu53A9cXaeR/DpzILjJkdcw8muG9aJtGhq/taudZZhAv + +rgJHXYKvQu05LTGQLClMrlJidO2+B0qNV3aw40sYGyZ/n73nvnODrXaRzNG1jyR + +j5u4KQpWAUKpljlbAw3lKUll+wBhmmnPJ6UJQ87VmDDcadXFORua+yQsplKRtrS + 5gHPRhnLFveyK1PjYIcasVnKCoS3OiRG187uwx9iPJq95oZETk0VmnpUleiJcml5 + kPy6qaM/qjIx7lo1ShovIfLk25sEge6NkiUwkx/WXI8b++JHZO27AA== + =sOCX + -----END PGP MESSAGE----- + fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601 + - created_at: "2022-09-13T20:16:18Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA4oYbIHZIrAPAQ/+I/VVicoriCwyJ3X3RRUJ2v/hlV7DmUHNBghR6xl5Hqc6 + KzDh/3vFYCD14aqFprgv7sBI+WpwVZh5bgqfWUiZ+ydCQZl++r/t71sGlrC0yYhU + IKgAoc/nCRyAnNrK+7vpcQ4tjyCrHzerSJSmE8X5x1yVi1VfE3NhtuwWhfjieW88 + aSwIPsj4twmOMVTCjwOaCvOw/xdehJEsL4J0nOXTNUrjWO6TuNrhEBVL5avk/Vxc + zGL3KZBaykVH8lai+ZwpPyf5lZgjbeHb82Gl8VdEy0o0oyDWWriJOkxX5w09/ajv + PcpROSGXdjPvt/7jLgSQR50UY6Ekju6DsUYxaXeJ4QryPITDkcf2MbFstEA6e2np + HGbNTN3yMnoFBijLQPWxQotk9xufDaKLVxDFfSZXoDdMu+005DJnVykM8Pv5qck7 + /fC+jy59mGO0eiDfltWGb1q6CRyJeXk0RTnt9X77I4EMLWjeid6zUhjCp4ZDLSK9 + UuKlnwk5/vb0aH2w87y60M9qgaaIzwB0Be7hpSZ+/OPBhakCS3gU1LxNSMLlSw0o + zoNviDkFxEACkqt+YIYJ3phNRn71RUzNUObiz/LWyd2ZasN5IDnezW39t/4uKjYa + Y1YyZ5HvdJEGvtBYycftTY7IwqUK2DVicImSc4Dszk1PbqMDzIUUbmGN7MxR/gTU + aAEJAhALMJFcOgYratPE/GE+mWKliwdylZQU2pKCuX5DZD5c363wYdmLL5zx32g9 + 3O9uQjmXIvIsKLQecFvk7L9W+F5H0Ya822Be5X1eQiIiYDmRLE3IDgrLypSGW870 + XwzIGA4wMFDY + =5l9E + -----END PGP MESSAGE----- + fp: B137EE1549DFAF960DD1E2B15147025FB9F09E07 + encrypted_regex: ^(data|stringData|email|dnsZones?|dnsNames?|.*(H|h)osts?|tang|externalURL|.*-secret|.*-url|.*Secrets?|.*-domain|password|subjects|node|apiURL|.*(S|s)erverNames?|.*SecretKey|externalName)$ + version: 3.7.1