feat(forgejo): add amd64 runners
All checks were successful
Renovate / renovate (push) Successful in 15s
All checks were successful
Renovate / renovate (push) Successful in 15s
This commit is contained in:
parent
2ba64629c2
commit
a0e3708202
10 changed files with 220 additions and 52 deletions
94
forgejo/config/runners/config-amd64.yaml
Normal file
94
forgejo/config/runners/config-amd64.yaml
Normal file
|
@ -0,0 +1,94 @@
|
||||||
|
# Example configuration file, it's safe to copy this as the default config file without any modification.
|
||||||
|
|
||||||
|
# You don't have to copy this file to your instance,
|
||||||
|
# just run `./act_runner generate-config > config.yaml` to generate a config file.
|
||||||
|
|
||||||
|
log:
|
||||||
|
# The level of logging, can be trace, debug, info, warn, error, fatal
|
||||||
|
level: info
|
||||||
|
|
||||||
|
runner:
|
||||||
|
# Where to store the registration result.
|
||||||
|
file: .runner
|
||||||
|
# Execute how many tasks concurrently at the same time.
|
||||||
|
capacity: 1
|
||||||
|
# Extra environment variables to run jobs.
|
||||||
|
envs:
|
||||||
|
DOCKER_HOST: tcp://localhost:2376
|
||||||
|
DOCKER_TLS_VERIFY: "1"
|
||||||
|
DOCKER_CERT_PATH : /certs/client
|
||||||
|
# Extra environment variables to run jobs from a file.
|
||||||
|
# It will be ignored if it's empty or the file doesn't exist.
|
||||||
|
env_file: .env
|
||||||
|
# The timeout for a job to be finished.
|
||||||
|
# Please note that the Gitea instance also has a timeout (3h by default) for the job.
|
||||||
|
# So the job could be stopped by the Gitea instance if it's timeout is shorter than this.
|
||||||
|
timeout: 10m
|
||||||
|
# Whether skip verifying the TLS certificate of the Gitea instance.
|
||||||
|
insecure: false
|
||||||
|
# The timeout for fetching the job from the Gitea instance.
|
||||||
|
fetch_timeout: 5s
|
||||||
|
# The interval for fetching the job from the Gitea instance.
|
||||||
|
fetch_interval: 2s
|
||||||
|
# The labels of a runner are used to determine which jobs the runner can run, and how to run them.
|
||||||
|
# Like: ["macos-arm64:host", "ubuntu-latest:docker://node:16-bullseye", "ubuntu-22.04:docker://node:16-bullseye"]
|
||||||
|
# If it's empty when registering, it will ask for inputting labels.
|
||||||
|
# If it's empty when execute `deamon`, will use labels in `.runner` file.
|
||||||
|
labels:
|
||||||
|
- "ubuntu-latest-amd64:docker://code.icb4dc0.de/infrastructure/images/act_runtime:amd64"
|
||||||
|
- "ubuntu-22.04-amd64:docker://code.icb4dc0.de/infrastructure/images/act_runtime:amd64"
|
||||||
|
- "ubuntu-20.04-amd64:docker://code.icb4dc0.de/infrastructure/images/act_runtime:20.04-amd64"
|
||||||
|
|
||||||
|
cache:
|
||||||
|
# Enable cache server to use actions/cache.
|
||||||
|
enabled: true
|
||||||
|
# The directory to store the cache data.
|
||||||
|
# If it's empty, the cache data will be stored in $HOME/.cache/actcache.
|
||||||
|
dir: ""
|
||||||
|
# The host of the cache server.
|
||||||
|
# It's not for the address to listen, but the address to connect from job containers.
|
||||||
|
# So 0.0.0.0 is a bad choice, leave it empty to detect automatically.
|
||||||
|
host: ""
|
||||||
|
# The port of the cache server.
|
||||||
|
# 0 means to use a random available port.
|
||||||
|
port: 0
|
||||||
|
# The external cache server URL. Valid only when enable is true.
|
||||||
|
# If it's specified, act_runner will use this URL as the ACTIONS_CACHE_URL rather than start a server by itself.
|
||||||
|
# The URL should generally end with "/".
|
||||||
|
external_server: "http://act-runner-cache.forgejo.svc:8080/"
|
||||||
|
|
||||||
|
container:
|
||||||
|
# Specifies the network to which the container will connect.
|
||||||
|
# Could be host, bridge or the name of a custom network.
|
||||||
|
# If it's empty, act_runner will create a network automatically.
|
||||||
|
network: "host"
|
||||||
|
# Whether to use privileged mode or not when launching task containers (privileged mode is required for Docker-in-Docker).
|
||||||
|
privileged: true
|
||||||
|
# And other options to be used when the container is started (eg, --add-host=my.gitea.url:host-gateway).
|
||||||
|
options: "--volume=/certs/client/:/certs/client/:ro"
|
||||||
|
# The parent directory of a job's working directory.
|
||||||
|
# If it's empty, /workspace will be used.
|
||||||
|
workdir_parent:
|
||||||
|
# Volumes (including bind mounts) can be mounted to containers. Glob syntax is supported, see https://github.com/gobwas/glob
|
||||||
|
# You can specify multiple volumes. If the sequence is empty, no volumes can be mounted.
|
||||||
|
# For example, if you only allow containers to mount the `data` volume and all the json files in `/src`, you should change the config to:
|
||||||
|
# valid_volumes:
|
||||||
|
# - data
|
||||||
|
# - /src/*.json
|
||||||
|
# If you want to allow any volume, please use the following configuration:
|
||||||
|
# valid_volumes:
|
||||||
|
# - '**'
|
||||||
|
valid_volumes:
|
||||||
|
- /certs/client/
|
||||||
|
# overrides the docker client host with the specified one.
|
||||||
|
# If it's empty, act_runner will find an available docker host automatically.
|
||||||
|
# If it's "-", act_runner will find an available docker host automatically, but the docker host won't be mounted to the job containers and service containers.
|
||||||
|
# If it's not empty or "-", the specified docker host will be used. An error will be returned if it doesn't work.
|
||||||
|
docker_host: ""
|
||||||
|
# Pull docker image(s) even if already present
|
||||||
|
force_pull: true
|
||||||
|
|
||||||
|
host:
|
||||||
|
# The parent directory of a job's working directory.
|
||||||
|
# If it's empty, $HOME/.cache/act/ will be used.
|
||||||
|
workdir_parent:
|
|
@ -35,9 +35,9 @@ runner:
|
||||||
# If it's empty when registering, it will ask for inputting labels.
|
# If it's empty when registering, it will ask for inputting labels.
|
||||||
# If it's empty when execute `deamon`, will use labels in `.runner` file.
|
# If it's empty when execute `deamon`, will use labels in `.runner` file.
|
||||||
labels:
|
labels:
|
||||||
- "ubuntu-latest:docker://code.icb4dc0.de/infrastructure/images/act_runtime:latest"
|
- "ubuntu-latest:docker://code.icb4dc0.de/infrastructure/images/act_runtime:arm64"
|
||||||
- "ubuntu-22.04:docker://code.icb4dc0.de/infrastructure/images/act_runtime:latest"
|
- "ubuntu-22.04:docker://code.icb4dc0.de/infrastructure/images/act_runtime:arm64"
|
||||||
- "ubuntu-20.04:docker://code.icb4dc0.de/infrastructure/images/act_runtime:latest"
|
- "ubuntu-20.04:docker://code.icb4dc0.de/infrastructure/images/act_runtime:20.04-arm64"
|
||||||
|
|
||||||
cache:
|
cache:
|
||||||
# Enable cache server to use actions/cache.
|
# Enable cache server to use actions/cache.
|
|
@ -1,5 +1,6 @@
|
||||||
image:
|
image:
|
||||||
rootless: true
|
rootless: true
|
||||||
|
tag: "1.21.1-0"
|
||||||
|
|
||||||
service:
|
service:
|
||||||
ssh:
|
ssh:
|
||||||
|
|
|
@ -4,31 +4,34 @@ kind: Kustomization
|
||||||
namespace: forgejo
|
namespace: forgejo
|
||||||
|
|
||||||
commonLabels:
|
commonLabels:
|
||||||
app.kubernetes.io/instance: icb4dc0de
|
|
||||||
app.kubernetes.io/managed-by: kustomize
|
app.kubernetes.io/managed-by: kustomize
|
||||||
|
|
||||||
images:
|
images:
|
||||||
- name: act_runner
|
- name: act_runner
|
||||||
newName: docker.io/gitea/act_runner
|
newName: docker.io/gitea/act_runner
|
||||||
newTag: nightly
|
newTag: "nightly"
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
- resources/runners/act-runner.yaml
|
- resources/runners/act-runner-arm64.yaml
|
||||||
|
- resources/runners/act-runner-amd64.yaml
|
||||||
- resources/runners/cache-pvc.yaml
|
- resources/runners/cache-pvc.yaml
|
||||||
- resources/runners/act-cache.yaml
|
- resources/runners/act-cache.yaml
|
||||||
- resources/runners/act-cache-svc.yaml
|
- resources/runners/act-cache-svc.yaml
|
||||||
|
|
||||||
configMapGenerator:
|
configMapGenerator:
|
||||||
- name: act-runner-config
|
- name: act-runner-config-arm64
|
||||||
files:
|
files:
|
||||||
- config/runners/config.yaml
|
- config.yaml=config/runners/config-arm64.yaml
|
||||||
|
- name: act-runner-config-amd64
|
||||||
|
files:
|
||||||
|
- config.yaml=config/runners/config-amd64.yaml
|
||||||
|
|
||||||
helmCharts:
|
helmCharts:
|
||||||
- name: forgejo
|
- name: forgejo
|
||||||
repo: oci://codeberg.org/forgejo-contrib
|
repo: oci://codeberg.org/forgejo-contrib
|
||||||
releaseName: forgejo
|
releaseName: forgejo
|
||||||
namespace: forgejo
|
namespace: forgejo
|
||||||
version: "0.13.0"
|
version: "0.15.0"
|
||||||
valuesFile: config/values.forgejo.yaml
|
valuesFile: config/values.forgejo.yaml
|
||||||
skipTests: true
|
skipTests: true
|
||||||
apiVersions:
|
apiVersions:
|
||||||
|
|
88
forgejo/resources/runners/act-runner-amd64.yaml
Normal file
88
forgejo/resources/runners/act-runner-amd64.yaml
Normal file
|
@ -0,0 +1,88 @@
|
||||||
|
---
|
||||||
|
apiVersion: apps/v1
|
||||||
|
kind: StatefulSet
|
||||||
|
metadata:
|
||||||
|
name: act-runner-amd64
|
||||||
|
spec:
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app.kubernetes.io/name: act-runner
|
||||||
|
app.kubernetes.io/instance: amd64
|
||||||
|
serviceName: act-runner
|
||||||
|
replicas: 1
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: act-runner
|
||||||
|
app.kubernetes.io/instance: amd64
|
||||||
|
spec:
|
||||||
|
restartPolicy: Always
|
||||||
|
initContainers:
|
||||||
|
- name: runner-registration
|
||||||
|
image: docker.io/alpine:3.18
|
||||||
|
command:
|
||||||
|
- /bin/ash
|
||||||
|
- -c
|
||||||
|
- "cp /etc/act/`hostname` /data/.runner"
|
||||||
|
volumeMounts:
|
||||||
|
- name: runner-data
|
||||||
|
mountPath: /data
|
||||||
|
- name: runner-registrations
|
||||||
|
mountPath: /etc/act
|
||||||
|
containers:
|
||||||
|
- name: runner
|
||||||
|
image: act_runner
|
||||||
|
imagePullPolicy: Always
|
||||||
|
command: ["sh", "-c", "while ! nc -z localhost 2376 </dev/null; do echo 'waiting for docker daemon...'; sleep 5; done; /sbin/tini -- /opt/act/run.sh"]
|
||||||
|
env:
|
||||||
|
- name: DOCKER_HOST
|
||||||
|
value: tcp://localhost:2376
|
||||||
|
- name: DOCKER_CERT_PATH
|
||||||
|
value: /certs/client
|
||||||
|
- name: DOCKER_TLS_VERIFY
|
||||||
|
value: "1"
|
||||||
|
- name: CONFIG_FILE
|
||||||
|
value: /etc/act/config.yaml
|
||||||
|
volumeMounts:
|
||||||
|
- name: runner-data
|
||||||
|
mountPath: /data
|
||||||
|
- name: runner-config
|
||||||
|
mountPath: /etc/act
|
||||||
|
- name: docker-certs
|
||||||
|
mountPath: /certs
|
||||||
|
securityContext:
|
||||||
|
privileged: true
|
||||||
|
- name: daemon
|
||||||
|
image: docker:23.0.6-dind
|
||||||
|
env:
|
||||||
|
- name: DOCKER_TLS_CERTDIR
|
||||||
|
value: /certs
|
||||||
|
securityContext:
|
||||||
|
privileged: true
|
||||||
|
volumeMounts:
|
||||||
|
- name: docker-certs
|
||||||
|
mountPath: /certs
|
||||||
|
securityContext:
|
||||||
|
fsGroup: 1000
|
||||||
|
affinity:
|
||||||
|
nodeAffinity:
|
||||||
|
requiredDuringSchedulingIgnoredDuringExecution:
|
||||||
|
nodeSelectorTerms:
|
||||||
|
- matchExpressions:
|
||||||
|
- key: kubernetes.io/arch
|
||||||
|
operator: In
|
||||||
|
values:
|
||||||
|
- amd64
|
||||||
|
volumes:
|
||||||
|
- name: runner-data
|
||||||
|
emptyDir:
|
||||||
|
sizeLimit: 500Mi
|
||||||
|
- name: docker-certs
|
||||||
|
emptyDir:
|
||||||
|
sizeLimit: 5Mi
|
||||||
|
- name: runner-config
|
||||||
|
configMap:
|
||||||
|
name: act-runner-config-amd64
|
||||||
|
- name: runner-registrations
|
||||||
|
secret:
|
||||||
|
secretName: runner-registrations
|
|
@ -7,12 +7,14 @@ spec:
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
app.kubernetes.io/name: act-runner
|
app.kubernetes.io/name: act-runner
|
||||||
|
app.kubernetes.io/instance: arm64
|
||||||
serviceName: act-runner
|
serviceName: act-runner
|
||||||
replicas: 2
|
replicas: 2
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: act-runner
|
app.kubernetes.io/name: act-runner
|
||||||
|
app.kubernetes.io/instance: arm64
|
||||||
spec:
|
spec:
|
||||||
restartPolicy: Always
|
restartPolicy: Always
|
||||||
initContainers:
|
initContainers:
|
||||||
|
@ -80,7 +82,7 @@ spec:
|
||||||
sizeLimit: 5Mi
|
sizeLimit: 5Mi
|
||||||
- name: runner-config
|
- name: runner-config
|
||||||
configMap:
|
configMap:
|
||||||
name: act-runner-config
|
name: act-runner-config-arm64
|
||||||
- name: runner-registrations
|
- name: runner-registrations
|
||||||
secret:
|
secret:
|
||||||
secretName: runner-registrations
|
secretName: runner-registrations
|
|
@ -4,8 +4,9 @@ metadata:
|
||||||
name: runner-registrations
|
name: runner-registrations
|
||||||
type: Opaque
|
type: Opaque
|
||||||
stringData:
|
stringData:
|
||||||
act-runner-arm64-0: ENC[AES256_GCM,data:E3N2nSWKyMcSG8POA4pizGkkxCfNc0hJBivUYoa9F2er5uOktokeOHvAIr5G3a8x7mRVFJRDMKutRVOG268UN9KTmJqzuD6GbEPuLVVpDKjCgb5dvtnNjxtESF7+1ukwo8kEoc+79hGbPyKMJOtgS6EL2FQUwuRNmAgT3GMlxahTL6PsNg33VrP/VB0fuUYy/jKo48nQYvBj4n+JOA5uyNKlxlEf0CspVZrhPtLJHx5VpDsJrnvOlruHZdcQuYHZADTfex4LZS7Y8Pa7D4EJv0If1L0lN0/iOecPqt5pQ438jlUZTgEsKxdWa7Rb52X1bmT9DqV0Bx3bLyLMatAMymNJ3m2W/1kS7CJoB1tPAZUmXHfypjV7PVUz2qnpUokN7DNCrIyrbnXRwM1jQUQam2JNlu+AhV8MEqQEbQFrHSTxXZkEC29qMWvCBvjRc2r9b6PsO0S6BtJcu3PgkNg7F6hxfgZYRBhzUR6j8Plnug35AXg7xuj6+pFs57UXILttw7LRkYnInDVk5qhzbp26VIj8Bhzad7CNwbzHsxRfXXXVPIdO3p6NcsfLtMxU96vwmlK/WdyuqD5nO6hdMZqTi4TpC5mjWy0iCFjj0E+Ugn3F4yI=,iv:2DpznFTRUioIgh1uJH3bwf5j3RT6ijcfhpKHWmHKmN8=,tag:ud1SMMurcYUkhee+ptbECw==,type:str]
|
act-runner-arm64-0: ENC[AES256_GCM,data:SSy6P7ilUc/6w9nszthqGjodzT1FgubxmbdCPC+Tsd/HN1KFZQdEKp2VntgaMpOAk1Z2G0kiIvt9Oku86oImQG1+Ixi4CVmppd4AyXQLLC3uDG32ViVLQn4hV1sbN1BCDZp9dEamgMLm+dzc6jax4jw/mJFAr+rCfA8TVJ9EmV0/DiZULa8ccwxgFFFXvz952z83qPpfGH1jsM+8QVb8yZ7tiMCtehKMRcSJAd4vah+72QNrvEfkbXmDf7N0toYvmiUKHceA4BlKe0b8QEKvASe01vFLn+HDlRmxGyYQP2+AkM1IbyvhlrOjUpMneJGp97P4/HCgl9z/JH8dgFpfzMMBUb0ONTeGNAqGNdKCkXUtskmX9fYLZlgzCSOuq1a09WIvX5vWap5osLJLl6yJfyV2IpWJCCT+pQ6pOHnfZAh8jERpFidpMf3mgPrJb04zhbTIrsha+cK/rr+V4YnuMJoPM1n1hvhwd14dd+x6h2v/pR1tNlzefAUCv482qvcESTjpLyjsaLpuxLVOAj26/dBBHlsAvpkGBQ/GdO93uvd+fzYjUEeWHfbFolMdg6h+xxsr6OhMv0UK5hfPawdp/9ChhvSl6AXnFAnXPpCjUplowDCFwx0=,iv:oPMOg4o0uOwy35adRwQX3ICGPktP6VkAhQFfcEHoGq0=,tag:kOV4081slPgnqqirSmtoxA==,type:str]
|
||||||
act-runner-arm64-1: ENC[AES256_GCM,data:GoE1+phr6ZEpoPWloHijAhoOEsKV9ny+tJX8IMJjY95Cgs78ZWftvYBvAvuoqw1UfEGo5UXaKGFDZAOcMpDSKiv5uJuZMgHbqwCVGkawv9TzmnKwAsNt7NTMSf8WU6DkTKfEvWjgs4E1LMC4yprfBp0TssmZWWZbtnMYki5szT8MvLPc7H1DNrJ/izrNbshWrt2oiNiQL7XPU88iu1az2qy3t9FzTuJPetg9OM4eaSB9TALQ0oW586jpRctyuJZ8f0OvyflmkQ+DFRHgk506R0qZEXlFHkQLmNxEpMRdbx0+EiWNIHNY50QTvrnMMLHJA0hdZm2R3mHLzBUv78NDFB43x7MVj9pVo/0gZs0j0uSWq4i4GTcXKVryWKExXMjou8lx3MEod6t30lJ19i08meppXgjszBDmlcJnyC20OVO4qb20oap6l7ytcXKcNCZiLhgqXR827Or/PPjWk2eHPYHyJUF48Mqz1znPwltwfBbGjatsyjX4526jNPFs2H4pWHRqaCQwYDGbUiT4zeekT29rahrwXSAdvhQhRwKv1R6RUzNuzIJGpfMDZZobaUsh688z1d6nM43zeyZiFPOre9omEaF4NoJS6R6RQt80O2QFm1s=,iv:Y8d+/uV4Se0WLzYtnB/13QNXYRa6+EgMX9qwPCHGeEU=,tag:XS7MTcCIhGYUk/GCiLfJYA==,type:str]
|
act-runner-arm64-1: ENC[AES256_GCM,data:GZBdx/01TyA7VUSyyF8CH1wmdmRn5kljntpemDrHahvSDNiyhHXGS8pvhzCu+MYcSGobJfQmQKEHa5K6nbkHs1KraxSLWIMnL+fvgJm/cv7ZKtRrzEbe5Z0FJ7V5SLz83EAyDIE6or4wpFRixSQToJKlDA5vtTW+0pXAIeXdILoIiK8//Rkt+dejYAsAdc2XRITJJ6MwecwXUuBqwLpqnenHUOFk13nwKissnDv7PKI80DbArthVb1yNkirnamgjt51bixb5zENtOp2+AK6B7Mh2Oslhm3VdNEln0OYFrksxFmY7eDEK1Zf7TC9ijHYbFRbb9W2zOqEayAyozLQ/0DGVjxcYkA7WwUWMSJN4Wn9IbmrOxhEr82C05RypMbu87vd57AP5LQ0D+PClEwDwXNsnBShN8qXwYjrNc4FZCRCTjoladHAL1e1Bqk9a5VAwul9QiOC7n2Xh8urEkWo1ENSQVHOBkvuuDR073vmsP6Xw2BVUvKuxaCW3gLPug/LvIZhgawyugAVk+IdLZ5ICb43qyBMFtZD2U0/FFK3T+uhfGiYPCgY1JSQroy15qHA+lJ/qxoyz+yWUwdHddC2idydg0Qp3TF75nnvP+/C+S76oj1WcTTA=,iv:3scR7GjqjG0fr1GQ/PCzRH7lE5VvaSWy09BJsdeJ1KU=,tag:QzQ34IVVvtBJsrL68I3LcQ==,type:str]
|
||||||
|
act-runner-amd64-0: ENC[AES256_GCM,data:jHBkmLfVh40zOmNFDkisQ82PJbcD9w1TbvD7AOI8Ed+I+E01vVbGSfbXVDrU/+fQc4rSiKEN3ZiGe9tYelFX9H8Aa23Oz3YVww1DAZrhcIjg2NVyqudTF2ISLFcHKqAQGgNCHICXezCodLEEbgNF4Tqg6c5d1CQH9gKzoAtUHxYv2wurpPCLnApM0cm5wBVc+Diy5hqPcBb1F9ZAmSN/y0gieqSPblRGI1Mgw70xaJBY9BNAn38oPUc1CWzFfrb4XintHp+kHnnX/87f1ihOztzxGW4dZp5D5NOwrJhMx0OF63uNi7J/89SudplwOIb18ILWQ9WIWC6DHCEkJchVKhs0+wLnN9juula4kZB+HD9P7CjpAib3kuHsxUkceR1P+ZnHf6hgbIugoCjkSYHumgDtG+LWInvVvvyObhKHXbfv0p4dLJClgV2BFN9oh51M5TKuHDxtk0a0RSy4YynFnEVXZZ2tq1h3Yi8U8c33xKdWhtkXrqd4tDQnVgTtubguHmZbOjj7mTVet8phoxbLuaZlCqBV0XRyyMiUKDUapN5nJa7ccSplwN7GKSz5ASnMZUSj2IlrCE03VyiWLfyUsHgxEBILRmr4FSNmN/apuVbt0Nz1VPyvFQGxnb6pjtQywC3zs9HfV3ll,iv:pxs7KicpMD04P+6KRMeYmyjjQ0isqyNtF0emySWM/JY=,tag:Sg6aShabTHrM6ANZLEiXiQ==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -30,8 +31,8 @@ sops:
|
||||||
VnExSnBIcEVCRVNjeFdDbGZNbURLUEkKTZLpcYtYWKgHWISrxkvVeU+x56QHf0lF
|
VnExSnBIcEVCRVNjeFdDbGZNbURLUEkKTZLpcYtYWKgHWISrxkvVeU+x56QHf0lF
|
||||||
xxG8xPUiesGm/MBidk19TblX14oWy+VYA65KQrHBtgBIJUmohnNLvw==
|
xxG8xPUiesGm/MBidk19TblX14oWy+VYA65KQrHBtgBIJUmohnNLvw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2023-11-16T17:47:39Z"
|
lastmodified: "2023-11-29T18:55:41Z"
|
||||||
mac: ENC[AES256_GCM,data:NlTvNsdqVkXQb19xudf4UaGnIfQzMXES90vfH+TEWbto7dxZmjh8DuTfXBpZaFtrsf9EIkVzUDEfQiNsCYDG0D22pTSVcAFxWbr31Alk/DpFTfwOPELnKE+p/PoaXGh1DjJYeGbSTsP7sG4iWX1QNOZ7BeGVAXup2DRoaui3rOs=,iv:LDnFbyP/Wca1He3iCiaIzfZEdqM5Mc1y+eAgQDoRmEg=,tag:0T9tN30plslcuGAE5337Sw==,type:str]
|
mac: ENC[AES256_GCM,data:EFZSzI0ssLp+m16X9JqtJKh+PdrbdtR50rmHQsWcX4Em6V6qTxwTYa3lyqIzMC/xa+hW7vOGoaXHoWqvxdDZDkh+f+ne2uv9+l3fMM3glE6Ih6ZM9/aFHIm1WJbw/r9iAHft1bo5Yt+R1ZLyGkRjtwaC6+/E0BZDv9kxvPMpq5I=,iv:yRauy1aeP7JT7VjLwrBjIUUiAh0ACXIU76vI3wKE2Ho=,tag:FPfcBLNqvOot4qGcT2pDUA==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
|
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
|
@ -1,36 +0,0 @@
|
||||||
apiVersion: v1
|
|
||||||
kind: Secret
|
|
||||||
metadata:
|
|
||||||
name: act-runner-token
|
|
||||||
type: Opaque
|
|
||||||
stringData:
|
|
||||||
token: ENC[AES256_GCM,data:txVfWXQqYudWB5vf/mls1oyufsWxs6vzAuLyUvOXASEjiQPn6XaTHw==,iv:UR4R9pXkdmcqHOtq/mLUAbaX5s2C1XWreAp0gP61BqY=,tag:RqGydSex2VlrI/dW+kcENw==,type:str]
|
|
||||||
sops:
|
|
||||||
kms: []
|
|
||||||
gcp_kms: []
|
|
||||||
azure_kv: []
|
|
||||||
hc_vault: []
|
|
||||||
age:
|
|
||||||
- recipient: age18e0w4jn03n66qwg8h3rjstz7g5zx2vhvz28aterkfkfetrxtpuysftp6we
|
|
||||||
enc: |
|
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUYjJJaGVqY09DMUxRc2pM
|
|
||||||
MUpyYkdqdGpCUDhQcytVb0dXUmpjWllnQlFzCiswaW5sRWQ2bW5uak1ISW5MVzk0
|
|
||||||
UVkwYnV3OWtyQjdkUVRmNnVLMlFTR2cKLS0tIDBSZlFsZTBBS2RCdDd5aEx2aCs3
|
|
||||||
djJaZXIzR1RZMXZDMENUUGlrODZseHcKGxgdz827T+TTAAjSKOy3qYwtbz4kHqOF
|
|
||||||
Al3ul28B091tuvdaE8qGTaRtQnK0BnumsN+YDcMI1JBLdENbAZ7/1A==
|
|
||||||
-----END AGE ENCRYPTED FILE-----
|
|
||||||
- recipient: age1yssdnqk90tn6zzggmwt70krndw04yfk9hwzdac3wsgfxmttngd7q89qzjr
|
|
||||||
enc: |
|
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMUmt0bG5UenVtem5YYktU
|
|
||||||
Qzc4QkJmK2l1R1A3TnV5ZS8yMlZ3QWdzeGhRCjZZdE5vWmFoMmFEelJSbTViMGZ0
|
|
||||||
THRpS0IydHMzWnRLUWVpNVM5SzVTRmsKLS0tIFFHZVhsUys4V1I1N0JseE4vZVVm
|
|
||||||
S2tKd0NqWWQrWHhUaXBxclJQOHZVWm8KyKDRWNsF87V+U/9ygJ1Vd+LXGl/cvqQy
|
|
||||||
7/C3NQkvbi7QCtuya7xo3zDjNgpl9nIaH3iOEkKee4Ae+Rbay2UqRg==
|
|
||||||
-----END AGE ENCRYPTED FILE-----
|
|
||||||
lastmodified: "2023-11-08T20:48:38Z"
|
|
||||||
mac: ENC[AES256_GCM,data:osWt9+lgJzAjMdRDcAKFlePuWaqCpCYZCg+WoUsBfgPDH4e26JV+hzEh/XkJQumgCS957Fu/xQD3JE+umv+prqXpUNBhPabDee4azwjgLEeePY03ydxN1QHz+2w7apzKB/juAnZ1UwToFZYSP3WdqJeqT7UMkmYh3/DvyvddbuQ=,iv:XwGxZj1dZbgBuF36BTaZk1ltKAXo+Kp0v8JK3QyS0/w=,tag:LSde/unaOkmUHZzWnFQpuQ==,type:str]
|
|
||||||
pgp: []
|
|
||||||
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
|
|
||||||
version: 3.8.1
|
|
|
@ -11,10 +11,19 @@ stringData:
|
||||||
PUSH_INSTALLATION_KEY: ENC[AES256_GCM,data:8vsxMGX9lenepxu/DgnXJGbEXPQ=,iv:btBOZ9fyKkmEoiD9lFQO6kWgftGvjIqTaVaKC0XeRvU=,tag:wnO37fjx6HHP6S0mtEKDeQ==,type:str]
|
PUSH_INSTALLATION_KEY: ENC[AES256_GCM,data:8vsxMGX9lenepxu/DgnXJGbEXPQ=,iv:btBOZ9fyKkmEoiD9lFQO6kWgftGvjIqTaVaKC0XeRvU=,tag:wnO37fjx6HHP6S0mtEKDeQ==,type:str]
|
||||||
#ENC[AES256_GCM,data:9AIq3r4rJttpyUlriHXOKEuML2uiE+SwgWsfPnV7DYbiP/l2,iv:ailvo4Lj8MpH6mlNsTdLI3iKqUpiZyBE1YyLO2UkOQk=,tag:9YmUcHqdsMRCl/vzNUILUA==,type:comment]
|
#ENC[AES256_GCM,data:9AIq3r4rJttpyUlriHXOKEuML2uiE+SwgWsfPnV7DYbiP/l2,iv:ailvo4Lj8MpH6mlNsTdLI3iKqUpiZyBE1YyLO2UkOQk=,tag:9YmUcHqdsMRCl/vzNUILUA==,type:comment]
|
||||||
SIGNUPS_ALLOWED: ENC[AES256_GCM,data:yyzz624=,iv:V4E2bbHA0LnO0gocQnwuOP8QYUBCVpdObxbiI6PA9Bg=,tag:s2Quq64QTPZpUUT6AM/T8A==,type:str]
|
SIGNUPS_ALLOWED: ENC[AES256_GCM,data:yyzz624=,iv:V4E2bbHA0LnO0gocQnwuOP8QYUBCVpdObxbiI6PA9Bg=,tag:s2Quq64QTPZpUUT6AM/T8A==,type:str]
|
||||||
|
DISABLE_ADMIN_TOKEN: ENC[AES256_GCM,data:SQLby4U=,iv:15ricUNOUEJ4HCFayYbGwrjR2s2DBI0k+lqHEiO+WIc=,tag:HBuw/MIZJ88MkQuy7SUzSw==,type:str]
|
||||||
ADMIN_TOKEN: ENC[AES256_GCM,data:McoZbrCruksHQ5N0ZNXTT8QQNt7lsjMZMTDdSk2Pw1qWmnlxvZWcHwIAMbpr+1/EHyMSf54Q4bSPRaMLtDNPREVqSEgCnI5pF4tg/BQWbtsJvH5rGqvZkpj09K0/LnvZDrvLZpYU9jBUBkKSWizjpWLfg6Xopg==,iv:smhUVbqnODyws8ndci5p05quJ/X6/mZOTQYld+aibOE=,tag:pn7tNT+3pGPmvvPFD/a1RA==,type:str]
|
ADMIN_TOKEN: ENC[AES256_GCM,data:McoZbrCruksHQ5N0ZNXTT8QQNt7lsjMZMTDdSk2Pw1qWmnlxvZWcHwIAMbpr+1/EHyMSf54Q4bSPRaMLtDNPREVqSEgCnI5pF4tg/BQWbtsJvH5rGqvZkpj09K0/LnvZDrvLZpYU9jBUBkKSWizjpWLfg6Xopg==,iv:smhUVbqnODyws8ndci5p05quJ/X6/mZOTQYld+aibOE=,tag:pn7tNT+3pGPmvvPFD/a1RA==,type:str]
|
||||||
#ENC[AES256_GCM,data:QlmRWc2mcIcGDeJE3dw1txwmiI6cFfD06ALgdDD1qcNG+c/JhgPO2lGQjTXoctNsTuv2pwPgtTFUKrY1cxjt4GtwuQ==,iv:MeYwD/IONmuUhvNIoBWPyuWUhGCBascIITC4nVbpkyY=,tag:DLL5SgPOyrYeHUnqz9SvEw==,type:comment]
|
#ENC[AES256_GCM,data:QlmRWc2mcIcGDeJE3dw1txwmiI6cFfD06ALgdDD1qcNG+c/JhgPO2lGQjTXoctNsTuv2pwPgtTFUKrY1cxjt4GtwuQ==,iv:MeYwD/IONmuUhvNIoBWPyuWUhGCBascIITC4nVbpkyY=,tag:DLL5SgPOyrYeHUnqz9SvEw==,type:comment]
|
||||||
ROCKET_ADDRESS: ENC[AES256_GCM,data:47ty+hqPew==,iv:13zgUCu73oNu3Vv2MGPVfT0szJkJ/8jQdU0lwqOnGEE=,tag:cZO7grm7BVm35PVTpR3yzA==,type:str]
|
ROCKET_ADDRESS: ENC[AES256_GCM,data:47ty+hqPew==,iv:13zgUCu73oNu3Vv2MGPVfT0szJkJ/8jQdU0lwqOnGEE=,tag:cZO7grm7BVm35PVTpR3yzA==,type:str]
|
||||||
ROCKET_PORT: ENC[AES256_GCM,data:ZrfepA==,iv:fMwLrMvwp61ujQsg4owMCKaH8sxJEod85+RJchh6vLc=,tag:DbmR5uueyzGP4UVeEhWFVg==,type:str]
|
ROCKET_PORT: ENC[AES256_GCM,data:ZrfepA==,iv:fMwLrMvwp61ujQsg4owMCKaH8sxJEod85+RJchh6vLc=,tag:DbmR5uueyzGP4UVeEhWFVg==,type:str]
|
||||||
|
SMTP_HOST: ENC[AES256_GCM,data:42l9+SmrUnnE7r5QI1U=,iv:3xj0z/XbSpvkjL8iYjiHkHXV7n8K5n4+cD1k0h/5UR8=,tag:8OGVwiX119+xLBF6I/xEtg==,type:str]
|
||||||
|
SMTP_FROM: ENC[AES256_GCM,data:FGKsGUCPTL1yckKIdXcySK+4tA==,iv:ub1q//Tu7GxG6sSr5IUFvh99ic1vBH0qQTL/or9QdqA=,tag:oPj9bXZ+E/XpcSSmmF54OA==,type:str]
|
||||||
|
SMTP_FROM_NAME: ENC[AES256_GCM,data:vpQA8hHh7BxEraQ=,iv:V1RUtgTVaHIQqfhAiUE8ixph40l/jkVtAKj+dSt8eZ8=,tag:6EoV0JKRr5FBhL4Pc31X8w==,type:str]
|
||||||
|
SMTP_SECURITY: ENC[AES256_GCM,data:5RtBH4NpEYE=,iv:6mO/WttSDs6J6vPUnspRuN6GGe/3/5Rwp+2vmsolxhQ=,tag:hU+AeGYVz/J7LcTQsbqnNA==,type:str]
|
||||||
|
SMTP_PORT: ENC[AES256_GCM,data:MzW/,iv:w9wxsaNU5YdNkTp/RuzPv2SOiQcq5IWvmA1M2y3ee+U=,tag:0SuQrae4iBJ1tz1/BJjM1A==,type:str]
|
||||||
|
SMTP_USERNAME: ENC[AES256_GCM,data:7Gd52CoVXbMd,iv:EapL5inosI57oTHiKRE+9iBvCqVusaw3GALmyajukYc=,tag:Ta6Ai5qvOAXyz80fmCZh4A==,type:str]
|
||||||
|
SMTP_PASSWORD: ENC[AES256_GCM,data:RaphlW3K/0hCz03Ry2CyGQ==,iv:gfhoICVObvQs1QREZ7L4Td2rs6MoKuTPkDRT80nCpII=,tag:ZwoEYtmd60S512lsopCbxw==,type:str]
|
||||||
|
SMTP_TIMEOUT: ENC[AES256_GCM,data:Nio=,iv:wbNYMpuXPm9e5cevvndEQpIs6QkRt3clFCk8m5pZ414=,tag:uzq+3W3pyceEoAWjToNw8g==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -39,8 +48,8 @@ sops:
|
||||||
U3U0YTU2QldWbzByVmY5WlZmRW04WUUK133O8rZOp3NT5feI8HEhYR5MYMRR/Mda
|
U3U0YTU2QldWbzByVmY5WlZmRW04WUUK133O8rZOp3NT5feI8HEhYR5MYMRR/Mda
|
||||||
OIEPr8qHL/DKcuVY1RNfMieGZM1Vlk+KzKSVJFq9s5DprDn3gbdE1w==
|
OIEPr8qHL/DKcuVY1RNfMieGZM1Vlk+KzKSVJFq9s5DprDn3gbdE1w==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2023-11-21T21:13:40Z"
|
lastmodified: "2023-11-28T22:04:40Z"
|
||||||
mac: ENC[AES256_GCM,data:MkefajFpbFq1FWYScRrabX3eBq10qdcFEWw07cGbPUC8ztOaEYYAfTllHz3Olfl1tFsLJ8sOqSbPgUHWdvEjhuJQcK3zHrjTC2n3JSaXNLaIVaSa4V4qcYInsaDZ7c6P7vFCEZUtcdDJHIyjQH4RVIewm0XXQDkcaHIzczLqle0=,iv:9f7g/PwP1tpo1Z/kmgEowfzxHdHbNagVL3ESYXkcbgc=,tag:M5SswGg0h5qBPvuVaDXz2w==,type:str]
|
mac: ENC[AES256_GCM,data:fuxyLwR9jlixzipL3mqFvwhJODg5xFpO2g7w8t9gAKR4wjLTojx4pPAJ/Btf/bTf4no0Whc3EOKarByOJpG8dYlOyAv+Nn68vbxol3IV/N1jI4NBqJzfza3U5tOTVXiogi+KOAVRzzet2MpwDWhRZgwIJXL89FvvCo4nPmBG5+Y=,iv:wQ3KiSlC6tqIBuFlKvUDoFRfGQ+Sl4sKVPaYMSATf0M=,tag:qovQcrXdhdoR4FKb8fSChA==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
|
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
|
@ -3,6 +3,12 @@ apiVersion: networking.k8s.io/v1
|
||||||
kind: Ingress
|
kind: Ingress
|
||||||
metadata:
|
metadata:
|
||||||
name: vaultwarden
|
name: vaultwarden
|
||||||
|
annotations:
|
||||||
|
gethomepage.dev/description: Safe haven for all your secrets
|
||||||
|
gethomepage.dev/enabled: "true"
|
||||||
|
gethomepage.dev/group: Apps
|
||||||
|
gethomepage.dev/icon: vaultwarden.png
|
||||||
|
gethomepage.dev/name: Vaultwarden
|
||||||
spec:
|
spec:
|
||||||
rules:
|
rules:
|
||||||
- host: pw.icb4dc0.de
|
- host: pw.icb4dc0.de
|
||||||
|
|
Loading…
Reference in a new issue