From bea3d3822fe0a1b2057428a1d0a6cf80421009bd Mon Sep 17 00:00:00 2001 From: Danny Bessems Date: Wed, 9 Jul 2025 12:22:35 +1000 Subject: [PATCH] Rebase LdapWrapper smb volume --- services/Gitea/application-gitea.yaml | 4 +++ ...istentvolume-csismb-ldapwrapper-cache.yaml | 31 +++++++++++++++++++ ...ntvolume-flexvolsmb-ldapwrapper-cache.yaml | 19 ------------ ...volumeclaim-csismb-ldapwrapper-cache.yaml} | 4 +-- .../sealedsecret-flexvolsmb-credentials.yaml | 17 ---------- .../sealedsecret-smb-credentials.yaml | 16 ++++++++++ 6 files changed, 53 insertions(+), 38 deletions(-) create mode 100644 services/LdapWrapper/persistentvolume-csismb-ldapwrapper-cache.yaml delete mode 100644 services/LdapWrapper/persistentvolume-flexvolsmb-ldapwrapper-cache.yaml rename services/LdapWrapper/{persistentvolumeclaim-flexvolsmb-ldapwrapper-cache.yaml => persistentvolumeclaim-csismb-ldapwrapper-cache.yaml} (65%) delete mode 100644 services/LdapWrapper/sealedsecret-flexvolsmb-credentials.yaml create mode 100644 services/LdapWrapper/sealedsecret-smb-credentials.yaml diff --git a/services/Gitea/application-gitea.yaml b/services/Gitea/application-gitea.yaml index 95284c7..e7856d8 100644 --- a/services/Gitea/application-gitea.yaml +++ b/services/Gitea/application-gitea.yaml @@ -8,6 +8,10 @@ spec: server: https://kubernetes.default.svc namespace: gitea project: default + syncPolicy: + automated: {} + syncOptions: + - CreateNamespace=true sources: # - repoURL: https://code.spamasaurus.com/djpbessems/Kubernetes.K3s.installLog # path: services/Gitea/manifests diff --git a/services/LdapWrapper/persistentvolume-csismb-ldapwrapper-cache.yaml b/services/LdapWrapper/persistentvolume-csismb-ldapwrapper-cache.yaml new file mode 100644 index 0000000..1297123 --- /dev/null +++ b/services/LdapWrapper/persistentvolume-csismb-ldapwrapper-cache.yaml @@ -0,0 +1,31 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + annotations: + pv.kubernetes.io/provisioned-by: smb.csi.k8s.io + name: csismb-ldapwrapper-cache +spec: + capacity: + storage: 1Gi + accessModes: + - ReadWriteMany + persistentVolumeReclaimPolicy: Retain + storageClassName: csismb-ldapwrapper-cache + mountOptions: + - dir_mode=0777 + - file_mode=0777 + - nobrl + - cache=none + - mfsymlinks + - noserverino # required to prevent data corruption + csi: + driver: smb.csi.k8s.io + # volumeHandle format: {smb-server-address}#{sub-dir-name}#{share-name} + # make sure this value is unique for every share in the cluster + volumeHandle: 192.168.154.195#ldapwrapper#cache + volumeAttributes: + source: //192.168.154.195/K3s.Volumes + subDir: ldapwrapper/cache + nodeStageSecretRef: + name: smb-credentials + namespace: ldapwrapper diff --git a/services/LdapWrapper/persistentvolume-flexvolsmb-ldapwrapper-cache.yaml b/services/LdapWrapper/persistentvolume-flexvolsmb-ldapwrapper-cache.yaml deleted file mode 100644 index 8179f84..0000000 --- a/services/LdapWrapper/persistentvolume-flexvolsmb-ldapwrapper-cache.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: flexvolsmb-ldapwrapper-cache - namespace: ldapwrapper -spec: - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - storageClassName: flexvolsmb-ldapwrapper-cache - flexVolume: - driver: mount/smb - secretRef: - name: flexvolsmb-credentials - options: - opts: file_mode=0777,dir_mode=0777,iocharset=utf8,cache=none,nobrl - server: 192.168.154.195 - share: /K3s.Volumes/ldapwrapper/cache diff --git a/services/LdapWrapper/persistentvolumeclaim-flexvolsmb-ldapwrapper-cache.yaml b/services/LdapWrapper/persistentvolumeclaim-csismb-ldapwrapper-cache.yaml similarity index 65% rename from services/LdapWrapper/persistentvolumeclaim-flexvolsmb-ldapwrapper-cache.yaml rename to services/LdapWrapper/persistentvolumeclaim-csismb-ldapwrapper-cache.yaml index 62f87fa..ab4d8cb 100644 --- a/services/LdapWrapper/persistentvolumeclaim-flexvolsmb-ldapwrapper-cache.yaml +++ b/services/LdapWrapper/persistentvolumeclaim-csismb-ldapwrapper-cache.yaml @@ -1,12 +1,12 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: flexvolsmb-ldapwrapper-cache + name: csismb-ldapwrapper-cache namespace: ldapwrapper spec: accessModes: - ReadWriteMany - storageClassName: flexvolsmb-ldapwrapper-cache + storageClassName: csismb-ldapwrapper-cache resources: requests: storage: 1Gi diff --git a/services/LdapWrapper/sealedsecret-flexvolsmb-credentials.yaml b/services/LdapWrapper/sealedsecret-flexvolsmb-credentials.yaml deleted file mode 100644 index 63db8e1..0000000 --- a/services/LdapWrapper/sealedsecret-flexvolsmb-credentials.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: flexvolsmb-credentials - namespace: ldapwrapper -spec: - encryptedData: - password: AgAd6z2kg+6+B2dgmywZ3iJ/jqM36I4utd7CUE3w5QSJ19DrbkruppftsYczGycOT9TQju9dM1knWAxA/3Axu9WvX9RjcfdJgWJFtP07PuEKcuhh23QhE7hD+SruixrLWTKeDGa+w4XmDvmjXlUA5rVUwyvx8zIWWn2SC2sbK43Gm0lCgGaFzCINNK3Z3OfKeOiehIKtWdIAfaNgeLMK2HWkwNhQ3DVtgtLqz1O/Y/rJRNase9o3yObVGN1HhzxwdC7fp/B2HLYujCQy9b0JuZhWLXczJJEw/oX8kPvtxLAKUi4TaOp1TefE92X28lBCAqXGYfA0dEWeF9qRmyPH/yOdBN3MFI82G8Ac5rRcmG/RkwEY9aUDlSYiyU+fiiSzKAzhufZSk/disH71sO2l4DohqWa1IvFKmh4qa1caQ/GuthU3eP0pPmru9sqFdUagECd6Uh+18pv5FVFSWyaXQjXAXG/rBvygcEjA1pniIIvmAZGQwgpRZcuFVjQkx6bHbU2112ExfgbCTYKbDD1ocJ6ukQuObeSBv1Q5h9ARiRRjWJSNzQKWrtOBk5wzErZnHrY7u7/R0Bdg1zvT6luTW4goJGFvXkSQT8JUcp14cBfLu6PmaFYON3+Uw9vT99Tal7bco3aqgLEB03VVN0uXpT8vua9vbU9W302nwKTl+f4v7S5ZMqA3PmrKSnIaLmn1cwOaFUuax/KyGFLuB4o5WkAV - username: AgAet+Fs6g0L/TC46Rz7L8vh0LuYWug+nz4McOQXlEDn/F+1PdwYDXLwd/9j+G2xBTybQde6ENPNS1Gpav7AoqY8CFIpb0sCkCeQD/gPzZmSWotUl+d8KJkfgqvKATbFVgH/CVHCgsWn8nU9A7q6vpoLioX1Pg/4p4s39Dja7fwHij0l1//cSumfnu2dIkBaIr0uOVTAZoMZhwYjnYnVXSlA9INDtaw/B0jkr80F2/d/VY9lheQKV6EpypCvevKp+ZJHp/XliFXlas8o4KVA4pQcDr9iQVQAt5ywrdJcTDVVFOSZkFuZDHSorEWzPQYgnqqrAqYVmQQUyAme3fwLZ/u5dDpPSY7YDrO80fzwnr2KF5XU3V2JMnR4Gka7hc08Psq5ayveqQpH1CbHg8peS/d27Ks21N4AXPIDsH11ejpJdvIUifYX0WoytUnukyT4ChOqfGOOEw2e/oF3LzIC4jco2df3uipuYXxEFgj9j8zpfyGkCbqmLIqh1imVNLmAIzhZX9rnf9jaU+wi8DpANPzrcWMtrpLuWKoCSNRMW2yViMfoVpLzPQcHyn36U4GmYToq1NHRl4tkcPMsPARErmtdTTqrSHyViyoPKY7/1MW8/fA5pJuMeXAic9MZiM1r7LbsNpJwGfaXDBhurXEgMna23C8fVjbTUL16y2R1FQEjQ+/qaFNhwcyPxDoPL/ir7EVJXo3ezF0= - template: - data: null - metadata: - creationTimestamp: null - name: flexvolsmb-credentials - namespace: ldapwrapper - type: mount/smb diff --git a/services/LdapWrapper/sealedsecret-smb-credentials.yaml b/services/LdapWrapper/sealedsecret-smb-credentials.yaml new file mode 100644 index 0000000..9be5438 --- /dev/null +++ b/services/LdapWrapper/sealedsecret-smb-credentials.yaml @@ -0,0 +1,16 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: smb-credentials + namespace: ldapwrapper +spec: + encryptedData: + password: AgBc2k0pHG/YT8gHBugDzpAreGsVlDLQJeQnGEn6lzk97Gv1F2RSBy5pASx6WgMX1P/OU4+MPD1QkAIHRQowUTXH2/YDsEKUO/8n93kXnWRr3LOc0hjKGeHCUWdyzre8fU07g4+6dcKopNRGY53nCBNTSQG0DOQOiyCzkEgGDQYLFLk6cnN0B2n2sYRgkNJQCRXUbjKIWaNc8xbmzMrWb+qCBarP75J0c42249K0cpVS/u8txpmWOOtPfngIRh6wV+r5/3W7CwXuNBSUHa+Sm18j/guvIIloN2m5nHY/jXFopekIr02lHv4ANO24EZ1N4V4Uo9TvVV/agNGAU9nK0a0ebZ8W4wjvhiKwMiBOHWp55E3+oA8mP4C9ZC1hkhgbyBi9rK/9ZhVvoB+Q1rl+FD8bdbMcuTYDU9lt799MOThpbR1ti9gj3hO4Yz/GACN7rCJhpb+MIQywrdpRlO2eME1ssVKSmedEAVp/efLfNgfNhlLDl0rZ/I4vwwiQ5JBNsrNwKIoIhneC98ouRJdrZUWFWU0p95dbActr3qmAZQNJbfJ+UktPWSWxd+HW7LqvmYB1A0BT628GLBM5SvXWx0+ye7MLS/t8hJM/cqtOtdwdzoTZZfZv2dCnDQ0WtsZfXAdnigitA7UES3TzapIgdim3d6ujvnOY0OfJcKKSsKh7GQw451dKWUzTWafkciWoaWRBZnTmEgt6zz0Be0hQCfJm + username: AgAMIlu1M5O+fL3DJvdgSHkLpp8QDYXada4cFGTOGREY/1VonKhnmCDvgchsDzZY4DFiXn/nRxljlc8PalZsDmZ+6CZCmnJpMVSehrDw0gUigLgf0fFccJ8Sqk/kb3RTfZUYu906xUVHCQg7XeVaNyOaVZVfxB/SpPV33Y41nt4rjlwwIs+haQA1HoJLekANsR8YTDJABa/PFj/+oX2WS3OHXJvRtCeSSmPR3WJWJXQYQQewakMNqOuGTRjXSvHw95XJPnyYJiwHL8b+fdZRKxPpJwhRvKNmj+reosJkKeaq/M6cERLixJo8RpFATNAnv8BcKMbslMRQB+cn5HlfX5afMS8E1k/nPHa/3uSjNCuFoc1w4t9FjNMjfQrvDMxTIaJ78py0eZHznBO9uGdr1gDwZHzgcLJSFKL2aH8AdGTivRk7qKegCcWvFxtujGUWyXNnCV/6S1n9V4gvk62tnxNMbC5alCo8cAehJfJMyQrozyWH3mtnn7a61brPh+LVMeSne6dl6RRctQY7ZG0ypH7r1UxQczvkwuafVFvY+EfuKRM95SV41wo8Nyunb1MpXte77QLFpBnDxs/td14/i8QDJMjHIw0dItmtEbvPOaLMiyIk6kIGYRksyVwAQOHdEJISUJPnF8wcCeC3gpbXukSpgmQFQeyGsMgiRPlKYGFRq1nk8gIDMtUn5k1cZsMPX9G43vBGU4M= + template: + metadata: + creationTimestamp: null + name: smb-credentials + namespace: ldapwrapper + type: Opaque