74 lines
1.4 KiB
YAML
74 lines
1.4 KiB
YAML
---
|
|
apiVersion: source.toolkit.fluxcd.io/v1
|
|
kind: GitRepository
|
|
metadata:
|
|
name: homelab
|
|
namespace: flux-system
|
|
spec:
|
|
interval: 60m
|
|
url: https://git.mnke.org/tony/homelab.git
|
|
ref:
|
|
branch: master
|
|
|
|
---
|
|
apiVersion: external-secrets.io/v1beta1
|
|
kind: ExternalSecret
|
|
metadata:
|
|
name: gitea-webhook-token
|
|
namespace: flux-system
|
|
spec:
|
|
secretStoreRef:
|
|
kind: ClusterSecretStore
|
|
name: infisical
|
|
|
|
target:
|
|
name: gitea-webhook-token
|
|
|
|
data:
|
|
- secretKey: token
|
|
remoteRef:
|
|
key: gitea-webhook-token
|
|
|
|
---
|
|
apiVersion: notification.toolkit.fluxcd.io/v1
|
|
kind: Receiver
|
|
metadata:
|
|
name: homelab
|
|
namespace: flux-system
|
|
spec:
|
|
type: github # https://fluxcd.io/flux/components/notification/receivers/#type
|
|
events:
|
|
- "ping"
|
|
- "push"
|
|
secretRef:
|
|
name: gitea-webhook-token
|
|
resources:
|
|
- kind: GitRepository
|
|
name: homelab
|
|
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: webhook-receiver
|
|
namespace: flux-system
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: le-cf-issuer
|
|
kubernetes.io/ingress.class: traefik
|
|
spec:
|
|
rules:
|
|
- host: flux-webhook.dolo.mnke.org
|
|
http:
|
|
paths:
|
|
- pathType: Prefix
|
|
path: /
|
|
backend:
|
|
service:
|
|
name: webhook-receiver
|
|
port:
|
|
number: 80
|
|
tls:
|
|
- hosts:
|
|
- flux-webhook.dolo.mnke.org
|
|
secretName: wildcard-mnke-org-tls
|