From d31657561a776e0c53b0db1d637ecf2863f1bb50 Mon Sep 17 00:00:00 2001 From: Nikolai Emil Damm Date: Sun, 25 Aug 2024 18:10:44 +0200 Subject: [PATCH] chore: Update GitHub client ID and client secret in variables.yaml files --- .../variables/variables-sensitive.sops.yaml | 22 ++++++------- .../homelab-local/variables/variables.yaml | 2 +- .../variables/variables-sensitive.sops.yaml | 32 +++++++++---------- .../homelab-prod/variables/variables.yaml | 2 +- k8s/infrastructure/dex/release.yaml | 4 +-- 5 files changed, 30 insertions(+), 32 deletions(-) diff --git a/k8s/clusters/homelab-local/variables/variables-sensitive.sops.yaml b/k8s/clusters/homelab-local/variables/variables-sensitive.sops.yaml index 49c73648b..020db3b1f 100644 --- a/k8s/clusters/homelab-local/variables/variables-sensitive.sops.yaml +++ b/k8s/clusters/homelab-local/variables/variables-sensitive.sops.yaml @@ -6,10 +6,10 @@ metadata: name: variables-sensitive namespace: flux-system stringData: - cloudflared_tunnel_token: ENC[AES256_GCM,data:NQivEr0bWD+WJdCtJA7PdP7awjRNoy+JPBWptGKlXScZ1KVV0METb7NpqYTA1SrDCJzXtJmFQUp5dbl0HDobCTDUwRihIkf9yau7aDNAdAj1CmHZKGKTGkefCK+uZAESQC/HofYGMHm7c87FLb3Ka1/I2iF3nKEyFyJ8jsGVdVl4fGE9YSdWDI3E7ICBbWzI9P3vRZnKJQCcDwI4Mkdti1USJS9Rs56qzHyUeMawGp6l4JZtvqEz+Q==,iv:0tu5dsYXIr4UsOUUN7+T+wS9X6aSGgFODKQqvx4olEQ=,tag:YCWj723wIQkU8Cx+PEylvQ==,type:str] - github_client_secret: ENC[AES256_GCM,data:T8xxoIDHoQ3aAhzB+gAv/EwnwbFC7dV0Rzr/OSBR6JpQhIAzG6ruAA==,iv:W/aSkVDiIi0C7iepVHgitI56mL5Dpjdd0YMha+gMzlQ=,tag:+FZBIxU3Caa43RZfntKUeg==,type:str] - oauth2_proxy_cookie_secret: ENC[AES256_GCM,data:eaHp2H3g0WBtaMeQe9g8Oei+P0fxgQGbp5CNDveHMve3EANYczKdafbpcEA=,iv:PAHOa3jQOxrm/e3LtwnxlFgn+HcbAE0hIeX9p2DxXRI=,tag:TfeGK/Bvqv0IQsAFkv49Mw==,type:str] - traefik_basic_auth_user: ENC[AES256_GCM,data:zXzcXlhnZ8b8CrfgM5CSMRl4cXp2fje939keWOkqCzf7Hg2169TKyzvot9Q2qWbhQEWc8A+F5Y2RGUAc,iv:TQQf23pmbuJrIniIf92Vup/n0GtjbWfpoFILgyxeMxg=,tag:5OOvn6NgjPQZR4Zwj/NQOg==,type:str] + cloudflared_tunnel_token: ENC[AES256_GCM,data:k8sF36zyLHBdZhddMbxq1XlGKeT7BSsd7EPhrzq1R+qSUbyt8lQpUNW2iDrTDv6lEmDd8VJr5nsMOO0zhPuR3RSdhp/W/wb4PjkvtrT+V7f6Pd0CbfNyL5bEaOMMOn1+FgdvbGKEdZviQh1/6LzCD/1CrRYQhRMNwZuNcZzCF8lyDKy7LMw4byPtLIOqTXXqlG/CC61jHRixGrFhgobarL2xEkJQbCmQ7XnUoT01mKnbNoRnxcclMw==,iv:uCednYaKR0kHKEQqKvxZAniBEJWcAyePyyj6CXE4JcY=,tag:B7ty9a5roKmlH8sCFRCqcA==,type:str] + github_client_secret: ENC[AES256_GCM,data:+iu2M8LW8NzsgkOgIylmia2dxIbJDtoK0SqhWR3eouvq8wisvPdwDw==,iv:NbayM3mDsXwB7Pj6GyCesZtYZlXZdmPdeeCY5j1IUbY=,tag:iUxxfuHaFmldkK4PjLPvAw==,type:str] + oauth2_proxy_cookie_secret: ENC[AES256_GCM,data:DnqT5lbmYP5kW3cEdJ54OCD5lghA1vUSvMPqPcoOolSmu0B7Wof1xMuroT8=,iv:iqsQ6EypORUoMkl4gH/r3+S/Qw6sJoT+eyxoUkapkgA=,tag:MR+wybRuomlf812BTpUpWQ==,type:str] + traefik_basic_auth_user: ENC[AES256_GCM,data:ZoRYF16qmrbv3Alua4jShi7rFfan8k1Zft/EEVKp8l5kJFif+6fPj+tNLIOOgYaS0LWJ8kQd615b2RzH,iv:x8krwUgR7vGtRpxcdjjNN02r+iuwUd4P7c0GGe9uMtU=,tag:aKBFhCJB9OrQyQvR1Sk6WA==,type:str] sops: kms: [] gcp_kms: [] @@ -19,14 +19,14 @@ sops: - recipient: age1yvy77dtah0s6qwtsswzghq4q8fp6hl7hr4yr640zz8ymsuuhlpfqnzw90u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKckRmV1JtcUZieXBKL0dP - ZGFhVHlUeDZGVEVCalgwb1RhTnhRTjhDMTN3Cmx2YXdVZWQ1RG5ha2lwVm96d1RR - Z3BKZHI4TCthdG16clM2NWxlRWh5UzAKLS0tIGEzc2VnR3NORjdSRXdFa250VXJu - UHZpMXV2VkMyY3lpOERSREh6cWRVUjAKA/TKW2kFS1n8FQtAQ4GfJxDB/L+9m799 - wJTk0eXwH2GEr/JjJc/LrPIjCgQdOWNXXmXf9KtZlZi3oiOOEBoW9A== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaNGZ1WVRVdExUZUVjbWV5 + bjBabjJHcDhiUFQ1cUxzM3lvR01ueVFyVTJrCkJ1VGk2ODFBNGhGS25zY3IrUHBh + b0FwODkwdGtEN2J1Y1QxUGVYaWhkcTAKLS0tIDNjQzJpemlCMFc4eXIrbVF3Qy9B + UHc4ejlvcGN2M21oN0Nuc3Y1aDBPSXcKuebNxgfe3XCXtOC6DNDEy6+jnwqTBXpc + Z1rSJnqqp7una+8y0Vc0U/3UK66RAAlZVxcCeri6OLpgPQa0QHYVnA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-08-25T16:02:13Z" - mac: ENC[AES256_GCM,data:9k60rKEdMNkiZbvmiU5G+tSUaREAXBq41tpB31KQbLrbKH7iJ6Y1GuLsBipwJoZGfRntSv8YypufHAdskYdYkN8yUbh7Ry0pkxZH5NMXgbSMBRRKxG1PhRsdxFJq2EVsX8SqkCQ9yLPiPcTOig5N+Ef5rVaPwRBDDXpqzkfZ+iQ=,iv:sl7zypSUqPH+DjzWZn1O03KijuSAlEkM00elYorjC9w=,tag:a+pAkIUzVQBkvjc0XwNtBw==,type:str] + lastmodified: "2024-08-25T16:09:53Z" + mac: ENC[AES256_GCM,data:o+17LZLOf6uxyHPzsD0oHkjX0QAr9NLzldaeAYN+J5BdRw5Z0HOOKkBzpifg+/mNlwR+STiC1ol/newWRbnnbzPCEhad7aXedd8EtqsYxzJE+z99WWi5IrNSuaAY2yp2PsrzyjWtKEB3SjF+GYUbTJ2bg7kRuRTmBBx3tFXQq10=,iv:wNIzxfFR4f6scxAzZqXRI1m3LQW+A3WZSpgrw3vSi4o=,tag:cu7Rz5l24iZC4OF1rOMX0g==,type:str] pgp: [] encrypted_regex: ^(data|stringData)$ version: 3.8.1 diff --git a/k8s/clusters/homelab-local/variables/variables.yaml b/k8s/clusters/homelab-local/variables/variables.yaml index 4a2b9847d..5c824f761 100644 --- a/k8s/clusters/homelab-local/variables/variables.yaml +++ b/k8s/clusters/homelab-local/variables/variables.yaml @@ -5,6 +5,6 @@ metadata: namespace: flux-system data: cluster_domain: devantler.k8s.local - github_client_id: Ov23liZIEJ2YLmtdcZTG + github_client_id: Ov23liTxrJtJ081Hiq35 traefik_forward_auth_address: https://oauth2-proxy.devantler.k8s.local/ traefik_forward_auth_ssl_host: devantler.k8s.local diff --git a/k8s/clusters/homelab-prod/variables/variables-sensitive.sops.yaml b/k8s/clusters/homelab-prod/variables/variables-sensitive.sops.yaml index e769ab1ec..173edb7fe 100644 --- a/k8s/clusters/homelab-prod/variables/variables-sensitive.sops.yaml +++ b/k8s/clusters/homelab-prod/variables/variables-sensitive.sops.yaml @@ -4,15 +4,15 @@ metadata: name: variables-sensitive namespace: flux-system stringData: - argocd_admin_password: ENC[AES256_GCM,data:3Q70BeI1DIf3o3xH+P53wvt60rJ31V4yWbN8Mf6JQlDCbpUSi4xHVvt4StbgdqzvE0rlLqivNEaoGXhtaA==,iv:losPBv8FhoSqHhUVL7BiSReKrz4W4BB66tIioDgGYx4=,tag:BC8Hjspk9gP9xCNXZ9d5bQ==,type:str] - cloudflared_tunnel_api_token: ENC[AES256_GCM,data:IzNPeGf5YIPjVhDTSy7gsHBJG4d2+GgOi8Xm5kPULkjbe7jUUObAgg==,iv:yFse4nG/uE48A6lF7Lmg5jIzXihSn+u3rcd53ZLGC0M=,tag:cttGU6CSQf95Hr2j86leVQ==,type:str] - cloudflared_tunnel_token: ENC[AES256_GCM,data:qIV1SPilDY4UE/CtxgEsnHYYHKLF1au4nXHHqo/SFD83eREnkQ+Jcp9Y53KjYLTqSwd1xkf4RbyyaQl+xDpQzFOJZ2tOr1/R4WN+UYzSuonXayc6093W6oW/pHsM5kZ+gQIzgBPVfu8YpIWjoawzjE2F/QLR0P2o2Fv9k5JOuin/KQROlNQn25KNHhiXuYiXQkSqsq8muiVh/RO+rxyFHkEq23i6VflrhsMt3TEfz42h0jjASBrovw==,iv:cb7ku5fm13nh5IvVnfqhALYjuP3hxNfrNds8oZqux5E=,tag:knU1PKU7AjsLVU1BvSTFFQ==,type:str] - gha_runner_scale_set_github_token: ENC[AES256_GCM,data:5vcEHxf6aGuQqPVitNyHvrcjnpgS3Qr0H12Gtz40xemPJ+FGWBS29g==,iv:XNlUYFqrQh7x3Av6/0OzoLcMQwzjF40GWzXbf/TObqM=,tag:3aVqDzfxcPrd0I3HeyvEiQ==,type:str] - github_client_secret: ENC[AES256_GCM,data:77t4FMYe6UGTLFVPBQjeXmdgcmXdEXHdzWHAULXTZ2hJkbuAhaI3iQ==,iv:14ds7Wwdzitjn5i1gIVjcezdBtUFBItfAm7XjFEuaaI=,tag:JmFULTS1L5aw/JvQu4r2dg==,type:str] - harbor_admin_password: ENC[AES256_GCM,data:sx1Cns6kug4s9fYbkKiS3cinF7A=,iv:bIvUN6IMUG5R8ieBIXNOwI2YCIQ/ULbuluTTOJUx0cA=,tag:W/t7EczW9a0i88ucseeRXQ==,type:str] - oauth2_proxy_cookie_secret: ENC[AES256_GCM,data:gyx60IjWbZyrqER3lbdPO6praVEZtFyimT8hl671BQ1u6xqj/TC4+LcI100=,iv:jwf68ViRx1S8Gwk3Ub5h66/YJBVXSxcyt7a+eX7KZ7A=,tag:G1dqqW5gYy8pS7LM6j0rYw==,type:str] - open_webui_pipelines_api_key: ENC[AES256_GCM,data:Kgy71E+ib5e7xLDImJSyQTYq5WlTqvgIPj3uhF6ECGC6WFNyE2iAfpQ=,iv:AL95fDUMJ0XN++JCwpmlx9Z8ZNbn5PEpsz2AxIgW/Xw=,tag:DjECivnd8EcFAtEhPLBLog==,type:str] - traefik_basic_auth_user: ENC[AES256_GCM,data:MLnltHVEyKRJgL6VwcfIaBLad7P2RnyWrWY/9yET5NMxVmHHyrtIHBUK0XAhaG3FXQuji1YBUlTFPE/GzXr1558oDKI=,iv:iuVcwrQSFg6LMuU8EYYz5enIQFI1WXhZG/A7UDOamYM=,tag:ANABOCWhOThMQ0tiW9IZWg==,type:str] + argocd_admin_password: ENC[AES256_GCM,data:tfrK7veC0V2EQcRIN3zK1nqM7hlr2h+PnfM/ymsDFVVeREh/yyODOWkL8qelZnp50joUqVBRH4R7POJ7Ng==,iv:eLw51MuSwvhnxY/Oo+elnYNZeKnRyIbff8bzy7ncwV0=,tag:7yYplH4YMzSFZCm3kLNSkA==,type:str] + cloudflared_tunnel_api_token: ENC[AES256_GCM,data:ioJebAAmPTlS7XZhQeiGgCxv4zTa7sDpj+iaiPanaRcg1dzGgwhdiA==,iv:ZbMgjiLahGXgaxBO56wz620HBu2/pC6Xodc4tYvlAlo=,tag:kKrDqEiJ4EeNgpTAdgl0ew==,type:str] + cloudflared_tunnel_token: ENC[AES256_GCM,data:310KZc8Lpq2u7zzWaJjLwYkUTlLjw/79D4TuFgSm4huAxbVi3GLIdi3v8khKjAQ9dy02iqVFzEHRpOgcW37GxWIVM05QiKnOYGZfzK058MJ+citgYDmivNxV//zLJyamlsy9cIEn+ShnKqJmA0chJzZ8nyZ7g4hWKvizbvF2eFDvtwZVDis/aqToj2zV0ENWxDhxUbc7PqK9/9ZkBY9ovJfO0Qjd7MW3FvtG2l2X1vpBJhnn8bwzUA==,iv:Ps8Vn+rbDz00wGkCdz+DprPU5pelBGnpqkpaFsJEguE=,tag:Fo3D7UUjMXHciCQdo9TA8g==,type:str] + gha_runner_scale_set_github_token: ENC[AES256_GCM,data:froP1eZ3drFCPEtn5ewykopUo+Y4JUGS3q9LS1lSqc4gnaEewCt7LQ==,iv:XyrIKroE4iviNf+eEB7Gpd3QE8Zf9l/fFy4YFMAI5M0=,tag:w2sFE4ygrGyXcDzOQXkVsg==,type:str] + github_client_secret: ENC[AES256_GCM,data:hkU3qPEP4nZis+KCewRTABNh6NuNP5YkvT0bZcrsRLdbNgs/o7h6oQ==,iv:2oQCgdin3zIYduTpew4a+YU/tkoDTBDRAMQkgb3On0A=,tag:dvGMHSwsyZDJ6iir3q9F+A==,type:str] + harbor_admin_password: ENC[AES256_GCM,data:62QN9Al1egqLhq5MbNzHRkwV4g0=,iv:Yhip8V3AY4f8BYCJChbQLhwOIp+I3MymXZ68v0+q5zw=,tag:TOdpjW5ucaGUVWZ96rqzdg==,type:str] + oauth2_proxy_cookie_secret: ENC[AES256_GCM,data:+raJyCY00g+8iwrNDfvREDsSnwSs/fmvUtXBemvXY22km3b2Jr9IAzOWNgY=,iv:z9Lup+ZGoMmvbW37ZXH0C2X0YyQHj1PsrFWW5eKhfz4=,tag:1+X3eiMF6M95FZAVGpwbBA==,type:str] + open_webui_pipelines_api_key: ENC[AES256_GCM,data:dc6YaGLckkGVhkVimtfPqCGUrspPipX58MJnN45VYYUZN4bynTdxegg=,iv:GR+TbeJ0kqO2HaOnMNq88gxncv1fZJex3GWsAMVy2iE=,tag:8Zd4usGNF69SrCqB1bn0ww==,type:str] + traefik_basic_auth_user: ENC[AES256_GCM,data:7lHStfi8kwrcnm/MlmkDFZJc3FYKUOjRJALJeeqAA9P0NEWh+PfBRXVlmgieBppiC0DfkIlf79jLEbTL8sTsUh53Pw8=,iv:HU33PFbHQJyokwX/fjea7diXkezEfADD55PMU2JQMzI=,tag:b0BgQOyvQCbgRYyyoNXftg==,type:str] sops: kms: [] gcp_kms: [] @@ -22,14 +22,14 @@ sops: - recipient: age1jvewgaxxqxm8fzchyklzfhs05n07xe8rns6s9mcv9xu7y6lsvpfqmrctkg enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjc1dHanp0bXRlV2syNVdZ - bFNpNVpZTTZKOURLMnZBb1BZVnBjSUVoTndrCnFFdFhRQXlWRDVEYUZxTDRCSVk0 - NmFaOFdxbXdCVmszb1pLM252VHlHRXMKLS0tIEZUdmRodVV3dDJ5UWd5Tk9xWGdZ - NUdwSkdGM1N1WXVBd1NVNWh4aDRBUmcKBTDZL0tPDJxYApTC78xV6FJ10me68CaN - oyOYzGEWXQNbqoEeDStPqnRmVlk9DLmvrkYiRDFi1dF4tXM2TyDvyw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAybFJSQWpXRTVNbk1ERCtX + NHZ3eFVYK3ZyUDFPUldreGtjcndtSmFjUEdBCk5GMjcrNHVSTGE5TVpueEduaXVK + ZFNuRzk2eTRXQlVPcmliZGhXV3dlWjgKLS0tIDFlMGtyM3pQck5OVlI4eEd4ZUlu + SDNEQXorV2FQZ0g2QzBOVzQvUEhsWUUKoYyR7GJ6sAYwj9+d0XWBqdfbFNdgrtCw + +AgaRdiPVu3ma0knxJOrFIloUYtXZewTB41mup/uATInAewFGUdw9g== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-08-25T16:01:49Z" - mac: ENC[AES256_GCM,data:otdx8PD/dzldPvSGwPv3C+ewr1NWWpRlRjIUDG6WxFCgKTqqv7SfXm0nMyNszgSRigV6YMswiMxjguZimDngOd4H5WgKBxkqq0PwbY52OLVg4qEOjtPLNZg7pKOACSksRozcbTnYwlo2mYuD/oeTl2jTInNSyKSFRzm/Hl+t1pY=,iv:ET79h/gSmD0UMKh+N7lILF2aXrdxSkK8GgIbBHw995s=,tag:I2va7T21NPM+y2nJPfFm7A==,type:str] + lastmodified: "2024-08-25T16:08:26Z" + mac: ENC[AES256_GCM,data:0aET+FPq5iegcoBxW4HphPEzsha72Gm+d6kLlj2SCH0+uJd17F2GbzZGMvEJDnbLJMtEMvZrubhub+CDs3t9eJjZMzO6e3M/ASu2Dvp3NG3+aXhmEvgWDogANHJfvudp8yKLtjKaUF1Nz43eP/PbICjxxxdc2upNn6BkBMgsoJ4=,iv:df9XV/dUao5XKyhS6TJAajPuae7nAKpef23EWcNU3Vs=,tag:LPBUDKp0oNhqYDudvdD89g==,type:str] pgp: [] encrypted_regex: ^(data|stringData)$ version: 3.8.1 diff --git a/k8s/clusters/homelab-prod/variables/variables.yaml b/k8s/clusters/homelab-prod/variables/variables.yaml index 7dd8594cc..484c0af5e 100644 --- a/k8s/clusters/homelab-prod/variables/variables.yaml +++ b/k8s/clusters/homelab-prod/variables/variables.yaml @@ -5,7 +5,7 @@ metadata: namespace: flux-system data: cluster_domain: devantler.com - github_client_id: Ov23liZIEJ2YLmtdcZTG + github_client_id: Ov23liQ4UtmGpfwiYpSZ ollama_cpu_limit: "6" ollama_cpu_request: "6" ollama_memory_limit: 16Gi diff --git a/k8s/infrastructure/dex/release.yaml b/k8s/infrastructure/dex/release.yaml index 5d31cdc6e..4dfe57b50 100644 --- a/k8s/infrastructure/dex/release.yaml +++ b/k8s/infrastructure/dex/release.yaml @@ -38,10 +38,8 @@ spec: config: clientID: ${github_client_id} clientSecret: ${github_client_secret} - redirectURI: https://dex.${cluster_domain}/callback loadAllGroups: false + redirectURI: https://dex.${cluster_domain}/callback useLoginAsID: false - orgs: - - name: devantlerware