Migrate secret to sealedSecret #2

README.md

@@ -171,17 +171,18 @@ kubectl edit service -n kube-system sealed-secrets-controller
 ```shell
 kubectl apply -f services/Adminer/configMap-Adminer.yml
 kubectl apply -f services/Adminer/deploy-Adminer.yml
+kubectl apply -f services/Adminer/sealedSecret-Adminer.yml
 ```
 ##### 4.2) [Vaultwarden](https://github.com/dani-garcia/vaultwarden)    <small>(password manager)</small>
 *Requires [mount.cifs](https://linux.die.net/man/8/mount.cifs)' option `nobrl`*
 ```shell
-kubectl apply -f services/Bitwarden/secret-Bitwarden.yml
 kubectl apply -f services/Bitwarden/deploy-Bitwarden.yml
+kubectl apply -f services/Bitwarden/sealedSecret-Bitwarden.yml
 ```
 ##### 4.3) [DroneCI](https://drone.io/)    <small>(contineous delivery)</small>
 ```shell
-kubectl apply -f services/DroneCI/secret-DroneCI.yml
 kubectl apply -f services/DroneCI/deploy-DroneCI.yml
+kubectl apply -f services/DroneCI/sealedSecret-DroneCI.yml
 ```
 ##### 4.4) [Gitea](https://gitea.io/)    <small>(git repository)</small>
 ```shell

services/Bitwarden/sealedSecret-Bitwarden.yml

@@ -0,0 +1,27 @@
+{
+  "kind": "SealedSecret",
+  "apiVersion": "bitnami.com/v1alpha1",
+  "metadata": {
+    "name": "bitwarden-secret",
+    "namespace": "default",
+    "creationTimestamp": null
+  },
+  "spec": {
+    "template": {
+      "metadata": {
+        "name": "bitwarden-secret",
+        "namespace": "default",
+        "creationTimestamp": null,
+        "labels": {
+          "app": "bitwarden"
+        }
+      },
+      "data": null
+    },
+    "encryptedData": {
+      "admintoken": "AgBOegUE4Q0kKaTcDUrOlexTGqCECq5lV74ScLu4Qc+AsBPjsJDd/L/OADtg3rY7KOt+kaqNH+wop5PY540h8aB1CDSqRLtdqO2GmJT98muPJpOwPC6ynbW2Z1w9p6ptY1U41MqlPh0yiKyoIMwdrRBM0U+I23O8OkhNQNNA+Y98/SCEuCXIHgPZ+wwN6v8GgEh3ISrATdqcahPSr63BNHEw+alAevYJNd+b2K+zW2EjeS6+5cBe5zqtv16CEAt3o62j6kYD2ylox6UOoBXDRHkf3mINX/mBu/WUB9KHa/WvpX1toJ4orb6wWaZFNohw3/grMFnCov5Hmk2WkEUkhy6sjblyz7eUhmL8zXfJjqB4b0ekn/QkKJL5qp0lSHVKgHXPo+pu1l+Kh9RlqkLXwvbbH1HTYUEzvIN6+fwNkFz2g+IEqDhOGAhQHbBg13Q0+Qk/r9qdsrUQCDQLRxTH/qC7EKygFkvd23Tl4a/x7h++mgMCkDkceghtQXmJCxk/AjrjUAKaEGEFJDpPkW6EroJeZfgN2SUcfWymKULQw9TLhpts6EN0eOBK/pwV4pMeA7DD8XdJ7YkPRM4lzhNuHDgxwvPOt+i3RtVbKjpYoodsmZtFUm81Bi5VH+o3xxvlVKTKT4uGgUft1XbrtimR760eTMtabiSkQp9GIC/BhhuBCNZH9L5km+2d6TVHjumg7Pdz4EHQaDp1IHPNAnU1qaQzCPK9906645Jg0EUr8w7sR4wsoEtewKrTDEe0xhTCOIU=",
+      "yubicoclientid": "AgCjzixOtJ3R6p25k+beRevZyRVB6gNVOzNd2nmIdHRqFkgWujZfFOPkwwV7RR2QgtdOAO0x48fF7oCHmbBz5gUIp62okLjZBNoeP5ekT1MyGxtda1Ce7DmceCn9I73sqSVRnave+7h0UjQHZ7da7Qw03GGrjNp9hNk6jPb5Y8KhHemfghqotUys5EflX4XOTsvz1pZOdzCySYvfSnitAWkRwHcBTsufryq6bbu743M0hQ0TVLOvTXFTV6v9HkzmVqBw8NQJlQiAItVzoN9c1wg81419SFYs5QqQZdqu7RjIY0SdsjLwjJCTJM3KoRHtTQNacbXFDT8TR2iFi6qf4E2/GISNbEZg8I3epgMvTtej/kNUMuCT1t93FvxwILOH5qWM4qG+ZogNrti4iIGw1GmTx/4YJapgRPSbSRH+h2HjXKfoiCGHVLOSHs9AOjJCsKj91fBoo+54qP+33muGHy/WFrWDBKI448EPWTUbTK6Mzt8aWcownVapXhCxhv1A/siuRr++bYiuueC1jnW5LK4xSNkGRK0fNB0yjBZJoyvlOfJbMLamk7aqGeygPQ/8MUIQ9tWLGti8VMuFjeuliUsxH+7BlHu74jNQCdQpXegH2eOj9kr1JlIzAVho1h+u/33jtFkwnoF1oX8npT2IfrZSOnkeX0klTjFbkpNBEUN7OehItO5Cxz2WDJ9DQs76E4sc1YsfLA==",
+      "yubicosecretkey": "AgDGnO3bkS2HuzBWvdyirs61iW2uV3qvdiEiEyOFrOvKBlxpJrjSgMUCAOjDeux4l/2QlovNLRxGoj6ti34ZhA4PAWjVWVdKNac3WB0pW3S1kVdLSQSc/rwi6ICHiz4wSuR+oYA4Uz/paewH7Y7KfsN7KF2aKCGADm3mMaw7ptYkMdUqNgJvsAFizjFATd8wV3KmAJAZlIgtULY83/2MC0Qn7wS9ySymks3cae+LtirUcWDMGFvJ/7KlyQyeMHdT+EOalM5uovoW/VI9sDanGHXnbn/ikDWmmmCOs6QkYh0aOb/OghJ5zj6kRG/rdfGN0UqZrgFzYAJ7ozwnqkABFdCs+J531HRg38CEvgXOUXEIJ2e2rsYzVccJUDD8hFCHpaShxAghccSEAptkXzI0mgtWe9sYnPfC5gQ/dlo/vIWbsEMOAIDl6poe+Dc7ZvwqQGIemLTm51lc99ocM9Ej/RChvTGS3iXeJAfD+43kfcAZl67nLEsh2GtE56EipA/uGwkFDvQZ7zPWaic/WzcsE5aEdkWUHSgGxLHsHAMb/zQySEIUyGj0ohMyvFE3cSdwRguzFFyqAbsgpQ4Pz28uSgCNNx7xe7wlO2QwHTpVL3cRiM1dnZIuTISFIF61RUoQbCOxnmbxyzMsk4+1Cv+DH9pgBtSDD4lGhb/2XM6o9/WWWRNrTsHnXJgtinq4jclJQ8RIVihiLWPEPbCvYEjJuMxtd+5jUMp6NKH5CHUq"
+    }
+  }
+}

services/Bitwarden/secret-Bitwarden.yml.template

@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: bitwarden-secret
-  labels:
-    app: bitwarden
-stringData:
-    admintoken: '<removed>'
-    yubicoclientid: '<removed>'
-    yubicosecretkey: '<removed>'

services/DDclient/sealedSecret-DDclient.yml

@@ -0,0 +1,25 @@
+{
+  "kind": "SealedSecret",
+  "apiVersion": "bitnami.com/v1alpha1",
+  "metadata": {
+    "name": "ddclient-secret",
+    "namespace": "default",
+    "creationTimestamp": null
+  },
+  "spec": {
+    "template": {
+      "metadata": {
+        "name": "ddclient-secret",
+        "namespace": "default",
+        "creationTimestamp": null,
+        "labels": {
+          "app": "ddclient"
+        }
+      },
+      "data": null
+    },
+    "encryptedData": {
+      "ddclient.conf": "AgDoUm5e5pbFvH0/KI0gxdxu5JusfT+28XZeuM+a3ZFJ1Agj8i/bs90JT0GcdmlObB4lTdiVu1otqnN2XMMcHki2SSIxOQUXBreSXHZUAwpSAglK9p9IuUQOkLCsnpSc7ONUrsIbDGMQXBxPhlMBhnuvTLuEpFDFD0hm/Mw2mUfWt/smA1hSs5vXCA4kXrM3gHvib2VkneBZHw95prBp8Ksf2AYHeYi5Haz0VHsUfYTtcLb3/JZaNG/j5l8y3thTrfX5su19o1sDbS5CRT5mOuta5ePUqgJktTR5Ejj9FLTwOgBDQqLIgT5luLbuWTNV5DBxfjG9s/5ozXoIvOtJvAnvnIO2CZXnDgKJS65M+KuDbZEoMrtAvEDUoSb1yyo+0qmPtP+5832fzd0q3iAJAwsdqoGlrLm3kgVY5UrZ54gocNM1rJ9CmZxr/auXQ2eS5CSyPFkHoFinalEAsQS6utjJ9aURzSI+5fq7o605HgxNABJKHMLXNC+nWQQjJ+ycsvDxDM/cmwBEEPsOt9dXYq/0zNwfA6jXS/GkJe/tcU6Fol8srb8qX8Fw+zJa44g3A3L/1dbVemnG988HtS0XnzbJeXzUef8eK/oINT8iIHxPahDh3xeKSLGifuSfYlYuvIWVBuh1KVQxRnuoKVpTYAitvkrs2FX2Y1EwuMm1eJh48BH+z3eFVFw+jQH5CEqwSRTJTZtwfAuWrVyKuaa/xuooDnOuW4CJ8IQY67X6xP1fR633VpssHakkExLORLIW51dsby5A5WcIKRIepTjy7kJjI4ej2ejWNgEXE19K0kYAvn8Oquqgn7A6npI0olsb/ccufNrLHVuY+yXVL2wHOsV+N+5g5uj6bmO6aOD2hhRFfxo5PEO1IXf7/myCX0Jiay15pCC8pbKVannhw0Hv5wxn6puO3k8JlSs98OdIYzLFUL8eypIrhnyMA6yeIQuOpl8yjMp7vGUfaLQtWgXLf7zkFuqiTzzCTEMLyD4sd7PrNySJ5rcVJZKpNS/dX5+42tO2/KgOdXiFMxe/LV/Y4LYOriAS1bGAuJhVyFVQoY1v0FxQGnbBhUOf3+vLNTrp+q4kTXdozjReQxz7X3yFFDX72Skd/Iz2wGEyuldHdvwEpm+bnBX+KggpJMjQLPt4tih0t5aaZjj76iFHJAydvYTtCw5mDwNqUJZu2IzSa0fmwnRupHfkjoVnE9A59CZebSOoCbE4HLfaBiVU"
+    }
+  }
+}

services/DDclient/secret-DDclient.yml.template

@@ -1,35 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: ddclient-secret
-  labels:
-    app: ddclient
-stringData:
-  ddclient.conf: |
-    daemon=300
-    syslog=yes
-    protocol=cloudflare
-    use=web
-    web=https://domains.google.com/checkip
-    ssl=yes
-    ttl=1
-    login=cloudflare.com.danny@spamasaurus.com
-    password=<removed>
-
-    zone=bessems.com
-    bessems.com
-
-    zone=bessems.eu
-    bessems.eu,deschakel.bessems.eu
-
-    zone=gabaldon.eu
-    gabaldon.eu
-
-    zone=gabaldon.nl
-    gabaldon.nl
-
-    zone=itch.fyi
-    itch.fyi
-
-    zone=spamasaurus.com
-    spamasaurus.com

services/DroneCI/sealedSecret-DroneCI.yml

@@ -0,0 +1,27 @@
+{
+  "kind": "SealedSecret",
+  "apiVersion": "bitnami.com/v1alpha1",
+  "metadata": {
+    "name": "drone-secret",
+    "namespace": "default",
+    "creationTimestamp": null
+  },
+  "spec": {
+    "template": {
+      "metadata": {
+        "name": "drone-secret",
+        "namespace": "default",
+        "creationTimestamp": null,
+        "labels": {
+          "app": "drone"
+        }
+      },
+      "data": null
+    },
+    "encryptedData": {
+      "DRONE_GITEA_CLIENT_ID": "AgDcQCtyKJYBP4B2j4zMU/OqhWOJXw6r7jpom1ehXzcQH/Q5RtnTIYSkRtkuFu+PiAStLmJCfcdkGlnIBU5D5fThT5E9T9o4BWL7LyuQI+FzVx7jsvQ/mOSIy2ahdRGPIORenKjjVektmZxzIl2PwfYsKWuD8H8gJOm6l0OHi3cfDOdBpV59erUD+GiR4G4X70a0tu1zjfC4DDtfaj8wUnP0XVvrXC7Z5rCwNUEeJiFaJcq8ntQ+vRwfyjuCiNMJILj15X3ZdWH6CcjJceGVZ/qIE7mC4OdfWqpTyOwdIaodJX7H0ehnFXmf35cgTXWOjPGolA5jlN8Fcj5zchjQa9zkytdr90ruJGqs7ioDUQk00hVoQVQDjJPGe74Jfs55ml4sIx0piwk7WuatQZJzdHwLkflLRxKYOxQU3ubPMG+PO/pi5nsIEA3SvcG2s+8G9+hx6vxa7yqKGw6Lkqvged5p7On40Caq9LH3cqXbNGsWxOOcvNFBQLIEbb2Ck6He6BgoclG2+V2BRQqVRlsq1xf7dPP7A9Bt15IkdY+s4f+kkp/90kwwfziwNKkhBlymsPRPDkcpSgoioq0TIYpwOC3kAcoOa64dYBjzooL4/lwArcjZZgpETq4jzR5FIzIxH5U0UYIxduxH4uDGfLPgYS0HupJOw+ipW4PhEmtNVvC3POiH/s7S/Wom6PBncITcXqVx1/hcOkjG+kX/3anEnrUKr+QFdAxUzjocdKYi+TCKAAy9VbE=",
+      "DRONE_GITEA_CLIENT_SECRET": "AgCessVB1KOLF7JoZRPfLx/dW7dlJU1xdOfajiXciuU6VzCgpBv3ZxmZQLfQRKzNLnlHDOYog1mJYX7g2PANNZ61voHANa7K5wFKfqRE3kHbjHZ+FEdJxfoNOjqHzzOJcTsEm12GdKaVhnOE7WSz+hZmu1Z9Y8QOz5FwWTjblFZ14HNnGWGnd5is+ljwjM99H0TPKN9HZxM1XGQGM9bLR8vmohY6Uy+BUI7ih3hQZd21o86HBXHeid2h4C5/iGDnlhS36i6bA7olc7QJoH81LAMRX9q5U06Xp19jhzwHT4HEgIcvM5E+DfEAtNiLKcMgzPZ5Anor09ONjSAVR83PmI5Otw6/9dkPp2UMLSlI3OH/R5lGqdB4P54ltgaTJ/XDSEltOFMnUffitGdQCExW3eQ6QcHHrunRIMrnUwG6qjHT24eD9TON7rU5ccJtu6x5PcoJiigMPly3A4sKaQUK+Kj9WMqsLLu4lxtlLTs1Fud08DWnXVUZESvNZkLXM7CTE0H9VOxrvC0BnpoUwvC45LEyuwCxJkkbEsZutiPrWrbrY/dNIMxH+O5b4ZywsOd9PSKWZcxMKmtlV32r3NcnaZIfg6oeRKlGkdKYwAe5LsteaE58NKmKXTtt+M5aifUSSlg+f7UNI3Cb1Hzr2kyhkI8vswVfZrtaJWB2pM3AlzgXLdh/WoZKdrLPuaG9jC1OEP0IpeOJdacRWBlurHFnNAUDHM2c2f60KWncHVTOpjUigu19xUUoARHTGxKDUg==",
+      "DRONE_RPC_SECRET": "AgDVO1zyW7fGtMn9KcOIw442TrSQqWX/L2Y77AxUQasTrPf6zyNOVC714cnRfyKCZUFF8CacfmcZJw9yJ1YLzvIEDLFC//8yrJgFMEol0X6rako+uOu+yYMt74L/gr9BnAskL3AwGDzdPoeEunc0qBjQ5/x18/LEbKcCTa+FpoZ2eYQWoeGxD4sRtOyaz4d6pzn50ECoQ170Y5HSn0LDm6I7zPGMQYzD1uuuJlAel39PjI4iyIg1if2ppzS1ks4FDupwagettj6jQzcWIxW3zbAnxLFLJoqG6JH4rPIAV1oLyDumh3TJ9g2cw2UPa1hm6RxvwPeCvCTUTEUHuqoIE1vjuFVi2cD56Z7aLOj16yk2X2P23iiuUeEk7uA6k7IhO7c+nsmbkLPHvXnV3bXuyQYovVx29oFkuvbKFtEiJG5k5mzUqdkrb9Z+s/i8DkH50Ks6GrAenKDCHioi/UuYj7TbTyKYQY59w1q1S8FgMS1QyzlA+gLjUeQhZ7D3OaYFl0ZdyogGJie4gt+qGn1+ZSlgNMlFopO1cIz8AlLRPVH56LOJED0Ez8Fjjwg+B2/UN/KtB2bwsYlNzYIVOSa1NrxLe6GDxdqCsCiSdOLu9bBKN3MyQb2jF40Em0MqkUgJ0SmzQY8tSqZ7uu67qbbkwIGGZsql0h8t0vbIt2zX4wft7Rwtjj5OwxLwuV8ZS4SkUIxMVsr6xC9MnMGZ/qTzu4acJUOH9ykbBTdytgA0z2rz0Q=="
+    }
+  }
+}

services/DroneCI/secret-DroneCI.yml.template

@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: drone-secret
-  labels:
-    app: drone
-stringData:
-  DRONE_RPC_SECRET: '<removed>'
-  DRONE_GITEA_CLIENT_ID: '<removed>'
-  DRONE_GITEA_CLIENT_SECRET: '<removed>'