From 10f0570013e239ecbefe0d16cdcccdef7050e10d Mon Sep 17 00:00:00 2001 From: Danny Bessems Date: Thu, 6 Feb 2025 09:47:40 +1100 Subject: [PATCH] Headlamp++ --- services/HeadLamp/application-headlamp.yaml | 23 ++++++++++++ .../sealedsecret-headlamp-kubeconfig.yaml | 15 ++++++++ services/HeadLamp/sealedsecret-oidc.yaml | 18 ++++++++++ services/HeadLamp/values.yml | 35 +++++++++++++++++++ 4 files changed, 91 insertions(+) create mode 100644 services/HeadLamp/application-headlamp.yaml create mode 100644 services/HeadLamp/sealedsecret-headlamp-kubeconfig.yaml create mode 100644 services/HeadLamp/sealedsecret-oidc.yaml create mode 100644 services/HeadLamp/values.yml diff --git a/services/HeadLamp/application-headlamp.yaml b/services/HeadLamp/application-headlamp.yaml new file mode 100644 index 0000000..03bc384 --- /dev/null +++ b/services/HeadLamp/application-headlamp.yaml @@ -0,0 +1,23 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: headlamp + namespace: argo-cd +spec: + destination: + server: https://kubernetes.default.svc + namespace: headlamp + project: default + sources: + - repoURL: https://headlamp-k8s.github.io/headlamp/ + chart: headlamp + targetRevision: 0.28.0 + helm: + valueFiles: + - $values/services/Headlamp/values.yaml + - repoURL: https://code.spamasaurus.com/djpbessems/Kubernetes.K3s.installLog + targetRevision: master + ref: values +# - repoURL: https://github.com/djpbessems/Kubernetes.K3s.installLog +# targetRevision: master +# ref: values diff --git a/services/HeadLamp/sealedsecret-headlamp-kubeconfig.yaml b/services/HeadLamp/sealedsecret-headlamp-kubeconfig.yaml new file mode 100644 index 0000000..82287d1 --- /dev/null +++ b/services/HeadLamp/sealedsecret-headlamp-kubeconfig.yaml @@ -0,0 +1,15 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: headlamp-kubeconfig + namespace: headlamp +spec: + encryptedData: + kubeconfig: AgBeAP7vtPNm+FBdLPRDkV/k7Uy3mR/eC3Repuvyw5uEKZdBGqzLwInaBcySSiLFUTRfc/csDFxHgviFh9jyGJPCBlEZpHBStz3BrTc33ehwTYTDPf7P1bvPZlWLomnFdEkh16Wn6In4YZnMcpMDxswY/LHQheHeEIAp2YnkZRvd9aJJbQbLYK1Dl90xRjHq0gqTl4QZX9BMzGZE3iUr08suTOY84b8V8Y+mrzy9DvbU7S7SusPpiX7HZ0Ty1IQEDHXPDAyIX6VnPqPCxx2p+/Dce1Io8Ql1CB5So/g/3+VcMlQEKUKt2bReFKslrv9veuvg5N4ZGlTlOu7uU/Q44AgbjB9jYvJrmHclt9dnYSIICP3x3MuNVsQ4CxOtIRG2KDJdzCnYFv16tBHc4zL3WABonmLzzuQoBFYqx/JxWfIr2U+nvbqKMm3yfFi4fvsp7Wcgu76Vak0ndBo+HwkzDWHxYNQOZO/LwEfQcoetHzlzpzzoS1Qw9JKjIlTt4Yc/7OOE6luKv18ZI/MXx4bfZ31HwkJ1P/4hnmsBwNVWLFtfGi1bmpc7Ahv0EnZuLjmxH2APnDKVvpZOMWxQ0M4zHAQLonh5/pyhEWpqJzdpfroOa+yACKr8PiBKXDlaFYD35NgHNt0LDyQTlDXRCxUnGed9pTVx4pTMDYRlzZoc5j/Q8QmhshJGePcoO0m2WXb+1O0p/k/gkU9mTz64swexDD/40gyl+YZwD4K2LOAIMHvEitv2J+3ou2QQMHcxNILJVGT1mor4bqw9W1stwzv68c05eJC0LP0f545f06AmlaFxfKLHSeds78Yxbg75lgTpknuBcnyMGtqAyhDA5h3acXhZdRFqpuxBswfmQ9S5BU8svtC79FOd86m/oOyKM5fqf1kKoG7eqgB0AYyEe9vAwZTPKuIE7dL6q9UZP0fUhu9a9g5vp7JPJStNdAqLeIDNFJpGiupb1W6pk4k1KQi6XUS8xfNVBQtFLvdty85fkDP2pnY89tznGGbimcblNsFFUx58wuu2gY9zIFk4N1gk2j5ZAym6PdeBToqQB9R/IyPwUP5o3IEn8afqZL9wTkZZjuwo5l1PsvPm5U6d2CQ9IFgnvc4v6NMWGOsri0TSnw23PAJJw6bhaU5ClK908HZDEUT2vQ86tFoNbU28451XKTgDa027PELRirlL+NpVYPwoRNDhTn+/kMMYNkYLlhUVIl2AGhoJYakvDClstmZuuMpDNeTwgqK5POlEltC9/enWvD77YdvnNZXQqkvDHcZcCRVur4cZNhtrvsdimfLj9I3DS6UdMvwxx9rCP4IoykwtTw2kMlvMwalESegtJQ2Vw6E6GqJDszUGNbLxFIwB27BTqOv4msxzJeVTNQgzdgcidg0pvipW88YYTScTD9G2Uec1Qe2FCKYLUlLVjEYCveQxx40RS2fOEwASKs0btFLb83TKBqw5GOImLHTDpLBnaetyHTI6Qa88+c0eRd2Z5Lqjr0ZVCMUtX5/0v4+zr5V5BRSRJNPpIM3gm8w/FcAV1QDRL4wlBtlKBuUyGnOI24nJbs9WlnE1HscrvzsWklOnhEtlzfWHlWLF7pgM3WmEy0lIFrQf+Ef7yubYOfg6w8eoD+NAEcM3dQUafe8Yo8V0j+GWzr9+utCxVDPzuOY1yGuA513x0+bc5yk39XSqLwetqkYxUyBmMWFuZYs8Llw+qIPRA34+m6ZzqPHD93rYpPOBRyo33djB7PV7QkxZz3DPYi1a/+Xu+ZNocFRtxw5YvNh/b4BW07A1mDzjqvH2QKjetGRjTj+8Kzb7GLKo7ZPz2oESJwAiV6ftDldt3a9R4zUh/RE05nKUgpOwanrkUyNUary3nAFXUjU7AtDKMRPU8I9y1UZiiYNod+Lvkj/ihYjgGDbhRHqSugrbKZ0jOALSx6YiZ7isKSSwFRJzZD821AB/3hWa1QlWuCpNkyc5bq/6IxeKOLFJnHhq706HwEChzpGc3swOa4clkS05OFgNvQjhnL5Rbny9oAEeXBvtLJtO0VBt5pN5zC3ZHs+w9cKLSsE4/OBTsDhaxJ2LDRmg2EGs4sPjNnJ2RABUnseELAR6tL2X5OkltzkvnJSEvansTkzi5WqWvkRf5orUATik9NR86e8k+O196ajv7GJvdueLQ9V/tMRbCEST7ry4OXssLQhZQEBU6OJsceGPd0ICtY4Bc9f2P2JFhov7ybLgMI/8aULYlyOseoGUn7ySidT9zosjEPo6ioBZYZomJSW9FPgSSZ6W+j/gCZLWxLW5mzywbl1vb4Q5dt9cDfxG3S+2TfVrUJWDOGc7cxYFdGaeHYLkGndUVLyNnlH7dQ/U3A/6iikX9TbhV+cY6qq16in5jZNDyprm13k85L+5ScyD4U3y1kniHFPKQDJt56pOaLz5cfQseeCV9qau4zbjZT1QGLWSYs58tp7ViABMqufbyv4civOm4pRRPu5RVjdY/rY7iM8ZypXnnPcSDrPZH7UcnniRPqGS7G83WyAquiyVJVahueUScmtxMQy62vkDUoisj1aOxC97WTUcBiJQKqWoTRT7HFcVl9XxZc8O8WtIIcS7/KzIaGzM25s3+vM7fRiguv0cEMV0ikE18/Zt+UT9J86AoGhnlcD8R92d3wuisM5pkNd6fv9jwQnNaULRwjhQCbRo4JGc2CxluWoKhkwpfyCxBzm8bNq2e1XhWl9WfiWsmKZyWCH3JIE7G2MnO8C6gqRJfd4idXLe9vv9F/duzm2uy6xvivP61NR7dCyn988lwtFrdOKx2dvX3PlOV852/XO1hv32W2FIh6Z32sIN8JjDqJvy/9Wu5JHng2Le79P2Zcf6db5I2hQejOtZkx1914bHO6Aro9Csj6s2VJ1YuhI4GalZYTjo5l9r6Da5J7uDpWl9uKBToFW/e3x6nMFpzARsEQc3jYixtX6gPSh4Q8VueUJAaZmpW3i8DdkkvBOHtzVAHzN+8xXTYMK8RTo6qGDiUkA6XE4apY8POp3F35mbiCKdHGZakVnHYJAyK4LUl+2oRW9JzcJNzWkggNi+DLwEjzdg1dpKGMtDSVaXl4IfPgU4QAhja7FVNyKfdXsXGV3uqxuWfju07hol5I2DFHgFHRQEPIlnlyWabYAMBUca6VVZDEDhR8aeVSLbeFw2ERXhlq2QMOpgOrPPDsT0x9YP3X6YuBzgl+dvgbO8GGLJhLEBPq9BKshTP1sKaykS4cxlO+uC59+pO/fhXe6+SKMYbAlvGMBILLv/l82gQ4P6YwAsPEEnh+pEEJ09sRwDyl8/evcORvqdYYKO/ROCtdCBxp8u9TzdhY4uUUdKbscWhnTjwSUD4sEC8H+BKpJstWwSdeYGCdCNF79F/2VgPzq+L39INqS5TUSo6d4ZH8oPxX3kfU/HUYAtPp7ign0hIvVXkqaqYJRHeEEEk+SqUHaYY5wZLBwbAcxk+AvsrDThCEYlFVQhONJ1Miodhi3bHeSK6lehlLsMgxj+j3MaM9iohhxk45GuwsqRzu+EfyaemiEEFVxI2q5IEnfjR1xfc5Lg4SmYQQpeuUaxZ463xBxNhiBKlNA2JFQwTbaCa2HLsp060ysVZGiOq6yKFBrVRMAuRNxp1/A/Ies5nvGhD7lCA0mSDpy8j+TTCFUn2T0U1ChkYn/y+X1t4pPPtKIcy2aGkFdY/reOSBU0yfaM0iFrj0D1Rf1JDIBtCnYM12uOi2h+7GAJQLWbAbnTz6aHCF9vGlXB6krC0BF8fp/Snn1BQqKjChjqW3IXBazMK8zT5ouds+mxxIidN8smDoOqytT941TgGV9RGPQuCNePTX86fhh981PS2gKUBSGBPfaKMFpVSGDxypAdQi/irsjEbQn0ugKWvzxNVopS/ImcXGYVu5w3PZocs/mpv2k2h/vka2N/SF39E9DS6fMTX0SwATBuAdwsQpWeQd2Hd1eZeVSDNUn5Jqud4jmJH/Mp21sfEEzoGgmZl5+T1JaK4EsG+yldVIPpEcsde/ecc6xPvluVfxd5cKWKg1vTxuTRVzX8I3f6dTq0c+/VRnQn+QEhEpLXutR+4XT/wh1obdBHJ0/h+9Fo2QlUz6Hni6iI3DrAqJjCsz8xBfZXCF2LSekQTO/ZiIrHe4CAnGOueWV8Vg2ASiqhEUs0g7UP/aInxkvmY4byfwSgF3OhBzt69xIzyY1NjQxPRo3Gn+Ma5NiZEawjdtCNLw9oHTHIFil9d2K9CiZ/pBMfZslJ+86xLDIOKikMRb84ANwcOSbgEu+Bpgf2MfMS2Fqt8K37uhFJQ0eTQeCLY6u6J6AKhX+9oKg7uMsnDudZsd5mKe7+JcaXyuz77NiJDtWcA1VHfb3h33vlZiUCb9cO7+8Bmtgm4eXbsafaINWFgUVEXpy9gqpopBUOO32mG07trMG8SwNZItCtqSD8J6tp4zNHZHo8IDq4dqGBlSHafnlCA3MLZrXtfOW18zwEnmC+uncQhByIOW260sLkSL1AsA/vz9083P1LVyZVt1v/SWHKDkWHOir9cAVsGBpYu+u4EUmg+DAdv+gnb25yf2f4a+OaDHWV42N/oqn4tmNhF3SlrocKawLd1qnMSCUCXgbTC1A7A/2ifZUTUF3Cxg2RCOULmp5fScNjfPoTqHsf0Y9IMltn9gDOAlofXY8= + template: + metadata: + creationTimestamp: null + name: headlamp-kubeconfig + namespace: headlamp + type: Opaque diff --git a/services/HeadLamp/sealedsecret-oidc.yaml b/services/HeadLamp/sealedsecret-oidc.yaml new file mode 100644 index 0000000..85d4483 --- /dev/null +++ b/services/HeadLamp/sealedsecret-oidc.yaml @@ -0,0 +1,18 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: oidc + namespace: headlamp +spec: + encryptedData: + OIDC_CLIENT_ID: AgBXJgPrEI44ACJJ3S0+/Atic7ckP0tfVAfPtl5iNcgj+6PL8h1Xh/hzjZbYEiebG1FzSH50K977ijMdEHDFmagYSR5Ju1VpAHJyjtRZbysm8IbFV2g/8aBV88HwdXD8fZhY+PmXKNkSNFGqb6+E31NgetEjsZNjMgS0cM/YfCXwrVPMaR8QawjszyfOLUh4Z+D0QqH2Mb6d6vBaBgNgikUUgixFn+f1S4A66qUxGGzZKVIIa+f6Eo3gQDuo+4bi6/criaMoB8foSkXgWqRIiiVGzp7NcXT1mmWTwjosVexhKGSBiNDJFiWMgtc3Sti7Jp44fvYGdDHddiBsIBFB1uv19rGYLhq/4qpGQiT06Dq28n0+ehBfxsZZQ2nLDRjXciTgG354enMJO58ol6Dqk6zKjTWx6YwHAIdh0kuQ9atT4TsdAL8BR4qkdYuIRUmlhCUj9Ywh76GIdbnPWQfWHap4bjP7KVxFRw0Ke467TFoU4iO9TmVhF0LvS4g45fTXKV/j1R8yU7cA+TFEDGvQLixOdeJrICmn+WRJTHuCtvI5E1W5yJAstSEdkZTt7PSUAq76o6uUT18OJYZdGzaG3j118xVcFAM/GsEgQ0M4CyExTraJcl2NegrhcjXokJHyz7Nm8Fm9+x/++jDMYq0rWaPYRaPcYKYDsvF0t9vzY3JyigtoiPIR9KIjNSiLWQKKGyGgLOwCI2gTXA== + OIDC_CLIENT_SECRET: AgBrX+mUYkAAyyP1T4iLYDZkx0aIyWUSf5781/ZYQsh0gOtoTuZZ/l6q61wDxxYY5xJqtzYTSa0QOmIORyhusODDokVkCGlx06GyTP6As46m6GqmwGp57vanF6YiSL9he97E8Sarr+v4EOrhGtUejLH2TCFJsXV3CzQvQiAWXxHMZxRIOBkzpbqFJ9dez2n22N49j6qd5sTNskv13HNJruKEsYJM/m/vWuVVe1Rf3cIFdChUNt0Wv9Xir1waXe4QTAYKkzYrPjeDB+xIe8xGms7tqEQxKVP/SmYaQG3rPSIAu55zLdLMcbIFSVBensVr1Fcx9Jb00OB5JPZuKEftQMRR3NTIBcJNAIvlxFbv6uM7xbXOOrRZ3YG68I4/e8mxRx6o56z/IeNd83FH8aiEIfMdKhZAAmKlrMnv0F2wSQk4JxAL31uzcNtZR9HhfDpZRxzFNe6P8Msjv4kEri9jOE6qAwyXsigT5D9dI/7Kzni3NfGf411z4hkqedE9EF2RTRS4LtUFCPHqJ+HcuLYDeU91a2XhAjWUYXML0okjFu/W1ZR3xvyngZJLbdRuturCyLvql9cfQwwvabYc6miV7LBAgIJASqNx4GpN2aFH5s9sAor3Jh7Gva3DVZxklhORl0Ajt+5/Kk2LmofvmiTWL9Jx1gEgV4ND/VXg73uDX2boqwZ1dpf4pJhVitkoh1AOGoRtzznfPF3JAfzCPvp1tmJNBx77MAOs1taBfbR6OGk58w== + OIDC_ISSUER_URL: AgAuwDryEOuf4o/Pj88FaRyCeX1MW3sJK7V9U0Tpm6K1k1y88n6jurzwU0oXP/l+6Wt5e/Us8vjc8FpKiUa5RHo+EeZUsXDFBdmLoiJ9PdUiemj7CTJbs/Vd6a0f5yTTa7+dBbB3/h17f8QhFyMoVxZkU9VsDea3rvouf8dK9vbv7JcvSCnMdqeo5ShN+ZJz9S2JN1ATB3Rlp9FPjwwg9lPHjXN/OBVO16KE1Mws0ecxICfgOUwueis2qqWA3qJRUjjUMFV4Gg3y2JaLVcNWh3HvxZgKDd1YpoDklx3e3V/Ja+XODM9mPKrYypRKLrR8zF2bYJvPGaH0+oavQzFBsYKso0cQ1xbnnQX4xtJRKaw99IxWh4gjT0e7cJWIxcpF1W6inW88igRzHluJVWnpmrtmLKrFtFtJ8ALs1XX762OoPFN+SnylGjScHYUEL9P40zpAYrH0r2/b7K2P2LbAtvMBDU8EJwQkzbkUBuO470I9b2KEgY+gIL+hKbDtPZuxC4nQMx7eHMMWZVvxjzPmpIX7knBPLrDZG9bWZzJBNyA9We4pwJDh6qxHR/15OpcCQRoPM2ZPSOgaDTFZ08ISvNLdQGy1gCDAEXq3Cu9rK4Lo8Ixmor+cYQJM5yplrSHX8S70FmSwGvTSizabJM4suX8s0Q/gfS6IkQpCxOy0EHpTysCYrIGnHKJXuiFo5PZKz4fJ+AryNfPQeQgT+iUTSA9aDKE9RY2QRAcYRLFF + OIDC_SCOPES: AgCKdxns6u+wOUE1uwbSc9JzvYZBc2H+Rljeu83xVMuNN2XaaFlkc6GxKnOs9S+ikm7TFRo0DtPMdHOCEQjgOHrAUzsR+quC6KJ9LeCVEiEjsZec8hYAZLoeL/k8dZu+9W2K/cmsinqi8wspIb0mj/zZ+3AsYhoxYOkTFUtFvYC6cgkqwDfNZK7xzJBmUor5DVDVer3VoHdvqCph9RvFT4tHbNSm0B90rz1OBU62aFI3IGcTgMpEwpqu9KQ3M6Ie2zIZyIeBeWuJTcFzvLl4KWxK7XtEGQfuIKbJqHKArtA90W2vvwuJlDoa4lB1uASUHqe9cIfWxzSPApjwZ5a1PoSmJDpbzblt8W7akrz9WJzXXDnKG3R2OZGM/eDkwCa8LWa8xGSpe7JVHfcZS3bWE4noDXneBb0wAdHgs2vGy5b6L8IeKcI79sohWcz53pJBlIZ/uaK8T2QXeG/Woe0SO7Q+2C7Rnc62Cq5H/I+Rij5s61qbfb4r1vU8mtXtimoku5PYGUPJC+3DwHAOda/BssTqT/C68o4Rsj0RmdMiEy4kvPknTAJck+RwsJkNE/47mn+RYLpbK5mp2+wqMeNDD/STxmgf9yLOcvLkKQTEgaW0TnpbAEed1tC8dUHtTtIimKJ51Z53f/+FcxIFYYvweDXLOe3/n+cRCmVO0LU44//flA9d/iQ4dzMj40awEIqBJhhGOtoU1n6RNZITJb127Pqx68LXLg== + template: + metadata: + creationTimestamp: null + name: oidc + namespace: headlamp + type: Opaque diff --git a/services/HeadLamp/values.yml b/services/HeadLamp/values.yml new file mode 100644 index 0000000..5a747d1 --- /dev/null +++ b/services/HeadLamp/values.yml @@ -0,0 +1,35 @@ +config: +# baseURL: dashboard.spamasaurus.com + extraArgs: + - -enable-dynamic-clusters + - -kubeconfig=/home/headlamp/kubeconfig + oidc: + secret: + create: false + externalSecret: + enabled: true + name: oidc + +volumeMounts: + - mountPath: /home/headlamp + name: headlamp-kubeconfig + +volumes: + - name: headlamp-kubeconfig + secret: + secretName: headlamp-kubeconfig + +#persistentVolumeClaim: +# enabled: true +# size: 1Gi +# storageClass: smb-csi + +ingress: + enabled: true + annotations: + traefik.ingress.kubernetes.io/router.middlewares: 2fa-authentication@file + hosts: + - host: dashboard.spamasaurus.com + paths: + - path: / + type: Prefix