feat: Add twingate

k8s/apps/kustomization.yaml

@@ -7,3 +7,4 @@ resources:
   - ghost
   - authentik
   - ingressroutes
+  # - twingate

k8s/apps/twingate/kustomization.yaml

@@ -0,0 +1,8 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - repository.yaml
+  - secrets.yaml
+  - release.yaml
+

k8s/apps/twingate/release.yaml

@@ -0,0 +1,32 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: twingate
+  namespace: default
+spec:
+  interval: 10m0s
+  releaseName: twingate-rampant-eagle
+  targetNamespace: default
+  chart:
+    spec:
+      chart: connector
+      reconcileStrategy: ChartVersion
+      sourceRef:
+        kind: HelmRepository
+        name: twingate
+        namespace: flux-system
+  valuesFrom:
+    - kind: Secret
+      name: twingate-creds
+      valuesKey: access-token
+      targetPath: connector.accessToken
+    - kind: Secret
+      name: twingate-creds
+      valuesKey: refresh-token
+      targetPath: connector.refreshToken
+  values:
+    connector:
+      network: mnke
+      # accessToken:
+      # refreshToken:

k8s/apps/twingate/repository.yaml

@@ -0,0 +1,9 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: HelmRepository
+metadata:
+  name: twingate
+  namespace: flux-system
+spec:
+  interval: 10m0s
+  url: https://twingate.github.io/helm-charts

k8s/apps/twingate/secrets.yaml

@@ -0,0 +1,21 @@
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: twingate-creds
+  namespace: default
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: infisical
+
+  target:
+    name: twingate-creds
+
+  data:
+    - secretKey: access-token
+      remoteRef:
+        key: twingate-access-token
+    - secretKey: refresh-token
+      remoteRef:
+        key: twingate-refresh-token