martyn/infra4talos
1
0
Fork 0
Code Issues Pull requests 10 Projects Releases Packages Wiki Activity

yq formatting

Browse source 
Signed-off-by: Martyn Ranyard <m@rtyn.berlin>
This commit is contained in:
Martyn 2025-06-30 19:24:17 +00:00
parent efba9dadbc
commit 5eb98cf34a
21 changed files with 305 additions and 349 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
everything-app/app-cilium.yaml
View file

@ -17,28 +17,23 @@ spec:
- name: ipam.mode
value: kubernetes
- name: kubeProxyReplacement
value: "true"
value: 'true'
- name: securityContext.capabilities.ciliumAgent
value: "{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}"
value: '{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}'
- name: securityContext.capabilities.cleanCiliumState
value: "{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}"
value: '{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}'
- name: cgroup.autoMount.enabled
value: "false"
value: 'false'
- name: cgroup.hostRoot
value: /sys/fs/cgroup
- name: k8sServiceHost
value: localhost
- name: k8sServicePort
value: "7445"
value: '7445'
- name: k8sClientRateLimit.qps
value: "50"
value: '50'
- name: k8sClientRateLimit.burst
value: "100"
value: '100'
syncPolicy:
automated:
selfHeal: true

64
everything-app/app-ingress-nginx.yaml
View file

@ -14,34 +14,42 @@ spec:
targetRevision: 4.12.1
helm:
parameters:
- name: controller.ingressClassResource.default
value: "true"
- name: controller.config.annotations-risk-level
value: "Critical"
- name: controller.service.type
value: LoadBalancer
- name: controller.allowSnippetAnnotations
value: "true"
- name: controller.resources.requests.cpu
value: "35m"
- name: controller.resources.requests.memory
value: "351198544"
- name: controller.extraArgs.default-ssl-certificate
value: "cluster-ingress/cluster-ingress-wildcard"
- name: controller.config.http-snippet
value: |-
more_set_headers -a "X-Robots-Tag: noai";
more_set_headers -a "X-Robots-Tag: Google-Extended: none";
more_set_headers -a "X-Robots-Tag: GPTBot: none";
more_set_headers -a "X-Robots-Tag: ChatGPT-User: none";
more_set_headers -a "X-Robots-Tag: anthropic-ai: none";
more_set_headers -a "X-Robots-Tag: CCBot: none";
more_set_headers -a "X-Robots-Tag: semrushbot: none";
more_set_headers -a "X-Robots-Tag: Amazonbot: none";
more_set_headers -a "X-Robots-Tag: dotbot: none";
more_set_headers -a "X-Robots-Tag: AhrefsBot: none";
- name: controller.config.block-user-agents
value: "~*Amazonbot,~*SemrushBot,~*DotBot,~*Ahrefsbot,~*GPT"
- name: controller.ingressClassResource.default
value: 'true'
- name: controller.config.annotations-risk-level
value: Critical
- name: controller.service.type
value: LoadBalancer
- name: controller.allowSnippetAnnotations
value: 'true'
- name: controller.resources.requests.cpu
value: 35m
- name: controller.resources.requests.memory
value: '351198544'
- name: controller.extraArgs.default-ssl-certificate
value: cluster-ingress/cluster-ingress-wildcard
- name: controller.config.http-snippet
value: 'more_set_headers -a "X-Robots-Tag: noai";
more_set_headers -a "X-Robots-Tag: Google-Extended: none";
more_set_headers -a "X-Robots-Tag: GPTBot: none";
more_set_headers -a "X-Robots-Tag: ChatGPT-User: none";
more_set_headers -a "X-Robots-Tag: anthropic-ai: none";
more_set_headers -a "X-Robots-Tag: CCBot: none";
more_set_headers -a "X-Robots-Tag: semrushbot: none";
more_set_headers -a "X-Robots-Tag: Amazonbot: none";
more_set_headers -a "X-Robots-Tag: dotbot: none";
more_set_headers -a "X-Robots-Tag: AhrefsBot: none";'
- name: controller.config.block-user-agents
value: ~*Amazonbot,~*SemrushBot,~*DotBot,~*Ahrefsbot,~*GPT
syncPolicy:
automated:
selfHeal: true

4
everything-app/app-letsencrypt.yaml
View file

@ -14,8 +14,8 @@ spec:
targetRevision: v1.17.1
helm:
parameters:
- name: installCRDs
value: "true"
- name: installCRDs
value: 'true'
syncPolicy:
automated:
selfHeal: true

12
everything-app/app-secrets-store-csi-driver-provider-1password.yaml
View file

@ -11,12 +11,12 @@ spec:
source:
helm:
parameters:
- name: connect.server
value: http://onepassword-connect.1password.svc.cluster.local:8080/
- name: image.pullPolicy
value: Always
- name: image.repository
value: quay.io/meisterlabs/secrets-store-csi-driver-provider-1password
- name: connect.server
value: http://onepassword-connect.1password.svc.cluster.local:8080/
- name: image.pullPolicy
value: Always
- name: image.repository
value: quay.io/meisterlabs/secrets-store-csi-driver-provider-1password
path: charts/secrets-store-csi-driver-provider-1password
repoURL: https://github.com/MeisterLabs/secrets-store-csi-driver-provider-1password
targetRevision: HEAD

8
everything-app/app-sshtunnel.yaml
View file

@ -11,10 +11,10 @@ spec:
source:
helm:
parameters:
- name: connect.server
value: http://onepassword-connect.1password.svc.cluster.local:8080/
- name: image.pullPolicy
value: Always
- name: connect.server
value: http://onepassword-connect.1password.svc.cluster.local:8080/
- name: image.pullPolicy
value: Always
path: apps-helm/sshtunnel
repoURL: https://git.martyn.berlin/martyn/infra4talos
targetRevision: HEAD

16
everything-app/code-server.yaml
View file

@ -11,14 +11,14 @@ spec:
source:
helm:
parameters:
- name: persistence.storageClass
value: longhorn-fast
- name: image.pullPolicy
value: Always
- name: service.type
value: LoadBalancer
- name: service.port
value: "80"
- name: persistence.storageClass
value: longhorn-fast
- name: image.pullPolicy
value: Always
- name: service.type
value: LoadBalancer
- name: service.port
value: '80'
path: apps-helm/code-server
repoURL: https://git.martyn.berlin/martyn/infra4talos
targetRevision: HEAD

2
everything-app/cryptpad.yaml
View file

@ -14,4 +14,4 @@ spec:
targetRevision: HEAD
syncPolicy:
automated:
selfHeal: true
selfHeal: true

24
everything-app/dnsimple-cert-manager-webhook.yaml
View file

@ -12,18 +12,18 @@ spec:
chart: cert-manager-webhook-dnsimple
helm:
parameters:
- name: clusterIssuer.production.enabled
value: "true"
- name: clusterIssuer.staging.enabled
value: "true"
- name: clusterIssuer.email
value: "ranuardm@gmail.com"
- name: dnsimple.existingTokenSecret
value: "true"
- name: dnsimple.tokenSecretName
value: "dnsimple-webhook-secret"
- name: dnsimple.accountID
value: "106218"
- name: clusterIssuer.production.enabled
value: 'true'
- name: clusterIssuer.staging.enabled
value: 'true'
- name: clusterIssuer.email
value: ranuardm@gmail.com
- name: dnsimple.existingTokenSecret
value: 'true'
- name: dnsimple.tokenSecretName
value: dnsimple-webhook-secret
- name: dnsimple.accountID
value: '106218'
repoURL: https://puzzle.github.io/cert-manager-webhook-dnsimple
targetRevision: 0.1.6
syncPolicy:

8
everything-app/hyperion.yaml
View file

@ -11,10 +11,10 @@ spec:
source:
helm:
parameters:
- name: hyperion.hyperion.image.tag
value: 2.0.15
- name: pvc.claim.storageClass
value: longhorn-fast
- name: hyperion.hyperion.image.tag
value: 2.0.15
- name: pvc.claim.storageClass
value: longhorn-fast
path: apps-helm/hyperion
repoURL: https://git.martyn.berlin/martyn/infra4talos.git
targetRevision: HEAD

24
everything-app/longhorn.yaml
View file

@ -5,24 +5,24 @@ metadata:
namespace: argocd
spec:
ignoreDifferences:
- kind: Service
jqPathExpressions:
- .spec.ports[].nodePort
- kind: Service
jqPathExpressions:
- .spec.ports[].nodePort
destination:
namespace: longhorn-system
server: https://kubernetes.default.svc
project: infra
source:
helm:
helm:
parameters:
- name: preUpgradeChecker.jobEnabled
value: "false"
- name: service.ui.type
value: LoadBalancer
- name: service.nodePort
value: ""
- name: persistence.defaultClass
value: "false"
- name: preUpgradeChecker.jobEnabled
value: 'false'
- name: service.ui.type
value: LoadBalancer
- name: service.nodePort
value: ''
- name: persistence.defaultClass
value: 'false'
chart: longhorn
repoURL: https://charts.longhorn.io
targetRevision: 1.6.4

20
everything-app/mysql4bikerwitch.yaml
View file

@ -12,16 +12,16 @@ spec:
chart: mariadb
helm:
parameters:
- name: auth.database
value: drupal
- name: auth.forcePassword
value: "true"
- name: auth.username
value: drupal
- name: auth.existingSecret
value: db-creds
- name: primary.service.type
value: ClusterIP
- name: auth.database
value: drupal
- name: auth.forcePassword
value: 'true'
- name: auth.username
value: drupal
- name: auth.existingSecret
value: db-creds
- name: primary.service.type
value: ClusterIP
repoURL: https://charts.bitnami.com/bitnami
targetRevision: 14.1.4
syncPolicy:

20
everything-app/mysql4blog.yaml
View file

@ -12,16 +12,16 @@ spec:
chart: mariadb
helm:
parameters:
- name: auth.database
value: writefreely
- name: auth.forcePassword
value: "true"
- name: auth.username
value: writefreely
- name: auth.existingSecret
value: db-creds
- name: primary.service.type
value: ClusterIP
- name: auth.database
value: writefreely
- name: auth.forcePassword
value: 'true'
- name: auth.username
value: writefreely
- name: auth.existingSecret
value: db-creds
- name: primary.service.type
value: ClusterIP
repoURL: https://charts.bitnami.com/bitnami
targetRevision: 14.1.4
syncPolicy:

20
everything-app/mysql4nextcloud.yaml
View file

@ -12,16 +12,16 @@ spec:
chart: mariadb
helm:
parameters:
- name: auth.database
value: nextcloud
- name: auth.forcePassword
value: "true"
- name: auth.username
value: nextcloud
- name: auth.existingSecret
value: db-creds
- name: primary.service.type
value: ClusterIP
- name: auth.database
value: nextcloud
- name: auth.forcePassword
value: 'true'
- name: auth.username
value: nextcloud
- name: auth.existingSecret
value: db-creds
- name: primary.service.type
value: ClusterIP
repoURL: https://charts.bitnami.com/bitnami
targetRevision: 14.1.4
syncPolicy:

27
everything-app/nodered.yaml
View file

@ -12,24 +12,15 @@ spec:
chart: node-red
helm:
parameters:
- name: service.type
value: LoadBalancer
- name: persistence.data.enabled
value: "true"
- name: image.tag
value: 3.1.0-18
values: |-
persistence:
data:
accessMode: ReadWriteOnce
size: 1Gi
storageClass: longhorn-fast
service:
port:
port: 80
targetPort: 1880
annotations:
external-dns.alpha.kubernetes.io/hostname: nodered.martyn.berlin
- name: service.type
value: LoadBalancer
- name: persistence.data.enabled
value: 'true'
- name: image.tag
value: 3.1.0-18
values: "persistence:\n data:\n accessMode: ReadWriteOnce\n size: 1Gi\n\
\ storageClass: longhorn-fast\nservice:\n port:\n port: 80\n targetPort:\
\ 1880\n annotations:\n external-dns.alpha.kubernetes.io/hostname: nodered.martyn.berlin"
repoURL: https://k8s-at-home.com/charts/
targetRevision: 5.4.0
syncPolicy:

68
everything-app/ntfy.yaml
View file

@ -11,51 +11,29 @@ spec:
source:
helm:
parameters:
- name: service.type
value: LoadBalancer
- name: persistence.cache.enabled
value: "true"
- name: persistence.cache.storageClass
value: "longhorn-fast"
- name: persistence.data.enabled
value: "true"
- name: persistence.data.storageClass
value: "longhorn-fast"
values: |2-
ingress:
enabled: true
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: nginx
external-dns.alpha.kubernetes.io/target: armnleg.martyn.berlin
nginx.ingress.kubernetes.io/server-snippets: |
location / {
proxy_set_header Upgrade $http_upgrade;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_set_header Connection "upgrade";
proxy_cache_bypass $http_upgrade;
}
hosts:
- host: ntfy.martyn.berlin
paths:
- path: /
pathType: Prefix
tls:
- hosts:
- ntfy.martyn.berlin
ntfy:
config:
base-url: "https://ntfy.martyn.berlin"
cache-file: "/var/cache/ntfy/cache.db"
attachment-cache-dir: "/var/cache/ntfy/attachments"
auth-file: "/var/lib/ntfy/user.db"
auth-default-access: "deny-all"
- name: service.type
value: LoadBalancer
- name: persistence.cache.enabled
value: 'true'
- name: persistence.cache.storageClass
value: longhorn-fast
- name: persistence.data.enabled
value: 'true'
- name: persistence.data.storageClass
value: longhorn-fast
values: "\ningress:\n enabled: true\n annotations:\n cert-manager.io/cluster-issuer:\
\ letsencrypt\n kubernetes.io/ingress.class: nginx\n external-dns.alpha.kubernetes.io/target:\
\ armnleg.martyn.berlin\n nginx.ingress.kubernetes.io/server-snippets:\
\ |\n location / {\n proxy_set_header Upgrade $http_upgrade;\n\
\ proxy_http_version 1.1;\n proxy_set_header X-Forwarded-Host\
\ $http_host;\n proxy_set_header X-Forwarded-Proto $scheme;\n \
\ proxy_set_header X-Forwarded-For $remote_addr;\n proxy_set_header\
\ Host $host;\n proxy_set_header Connection \"upgrade\";\n proxy_cache_bypass\
\ $http_upgrade;\n }\n hosts:\n - host: ntfy.martyn.berlin\n paths:\n\
\ - path: /\n pathType: Prefix\n tls:\n - hosts:\n - ntfy.martyn.berlin\n\
\nntfy:\n config:\n base-url: \"https://ntfy.martyn.berlin\"\n cache-file:\
\ \"/var/cache/ntfy/cache.db\"\n attachment-cache-dir: \"/var/cache/ntfy/attachments\"\
\n auth-file: \"/var/lib/ntfy/user.db\"\n auth-default-access: \"deny-all\""
path: apps-helm/ntfy
repoURL: https://git.martyn.berlin/martyn/infra4talos.git
targetRevision: HEAD

16
everything-app/samba-fast.yaml
View file

@ -11,14 +11,14 @@ spec:
source:
helm:
parameters:
- name: image.tag
value: v1.0.2
- name: service.type
value: LoadBalancer
- name: persistence.pvc.storageClass
value: local-path-fast
- name: persistance.pvc.size
value: 3Ti
- name: image.tag
value: v1.0.2
- name: service.type
value: LoadBalancer
- name: persistence.pvc.storageClass
value: local-path-fast
- name: persistance.pvc.size
value: 3Ti
values: "samba:\n users: \n - username: martyn\n password: \"564628\""
path: apps-helm/samba4
repoURL: https://git.martyn.berlin/martyn/infra4talos.git

76
everything-app/samba-longhorn-ssd.yaml
View file

@ -11,52 +11,52 @@ spec:
source:
helm:
parameters:
- name: image.tag
value: v1.0.2
- name: service.type
value: LoadBalancer
- name: persistence.pvc.storageClass
value: longhorn-fast
- name: persistence.pvc.size
value: 100Mi #low because we're gonna loop in lots of PVCs here below...
- name: image.tag
value: v1.0.2
- name: service.type
value: LoadBalancer
- name: persistence.pvc.storageClass
value: longhorn-fast
- name: persistence.pvc.size
value: 100Mi
valuesObject:
samba:
users:
- username: martyn
password: "564628"
- username: martyn
password: '564628'
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
preference:
matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- talos-llu-kx3
- weight: 1
preference:
matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- talos-llu-kx3
persistence:
extraPVCShares:
- name: oldspace
size: 300Gi
storageClass: longhorn-fast
- name: flacstore
size: 600Gi
storageClass: longhorn-fast
- name: backups
size: 2Ti
storageClass: longhorn-fast
- name: backups-overflow
size: 1Ti
storageClass: longhorn-fast
- name: usenet
size: 100Gi
storageClass: longhorn-fast
- name: scans
size: 1Gi
storageClass: longhorn-fast
- name: s3
size: 20Gi
storageClass: longhorn-fast
- name: oldspace
size: 300Gi
storageClass: longhorn-fast
- name: flacstore
size: 600Gi
storageClass: longhorn-fast
- name: backups
size: 2Ti
storageClass: longhorn-fast
- name: backups-overflow
size: 1Ti
storageClass: longhorn-fast
- name: usenet
size: 100Gi
storageClass: longhorn-fast
- name: scans
size: 1Gi
storageClass: longhorn-fast
- name: s3
size: 20Gi
storageClass: longhorn-fast
path: apps-helm/samba4
repoURL: https://git.martyn.berlin/martyn/infra4talos.git
targetRevision: HEAD

148
everything-app/samba-slow-big.yaml
View file

@ -11,90 +11,90 @@ spec:
source:
helm:
parameters:
- name: image.tag
value: v1.0.2
- name: service.type
value: LoadBalancer
- name: persistence.pvc.storageClass
value: longhorn-spinny
- name: persistence.pvc.size
value: "1Ti"
- name: image.tag
value: v1.0.2
- name: service.type
value: LoadBalancer
- name: persistence.pvc.storageClass
value: longhorn-spinny
- name: persistence.pvc.size
value: 1Ti
valuesObject:
samba:
users:
- username: martyn
password: "564628"
- username: martyn
password: '564628'
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
preference:
matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- talos-llu-kx3
- weight: 1
preference:
matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- talos-llu-kx3
persistence:
combineShares: true
sharesToCombine:
- destName: films
shares:
- films1
- films2
- films3
- destName: series
shares:
- oldseries-a
- moreoldseries
- evenmoreoldseries
- runningseries-b
- runningseries
- justmoreseries
- justmoreseries-2
- destName: roms
shares:
- roms-a
- roms-b
- destName: films
shares:
- films1
- films2
- films3
- destName: series
shares:
- oldseries-a
- moreoldseries
- evenmoreoldseries
- runningseries-b
- runningseries
- justmoreseries
- justmoreseries-2
- destName: roms
shares:
- roms-a
- roms-b
extraPVCShares:
- name: films1
size: 1Ti
storageClass: longhorn-spinny
- name: films2
size: 1Ti
storageClass: longhorn-spinny
- name: films3
size: 1Ti
storageClass: longhorn-spinny
- name: oldseries-a
size: 2Ti
storageClass: longhorn-spinny
- name: runningseries
size: 2Ti
storageClass: longhorn-spinny
- name: runningseries-b
size: 1Ti
storageClass: longhorn-spinny
- name: moreoldseries
size: 1Ti
storageClass: longhorn-spinny
- name: youtube
size: 1Ti
storageClass: longhorn-spinny
- name: evenmoreoldseries
size: 1Ti
storageClass: longhorn-spinny
- name: justmoreseries
size: 1Ti
storageClass: longhorn-spinny
- name: justmoreseries-2
size: 1Ti
storageClass: longhorn-spinny
- name: roms-a
size: 1Ti
storageClass: longhorn-spinny
- name: roms-b
size: 1Ti
storageClass: longhorn-spinny
- name: films1
size: 1Ti
storageClass: longhorn-spinny
- name: films2
size: 1Ti
storageClass: longhorn-spinny
- name: films3
size: 1Ti
storageClass: longhorn-spinny
- name: oldseries-a
size: 2Ti
storageClass: longhorn-spinny
- name: runningseries
size: 2Ti
storageClass: longhorn-spinny
- name: runningseries-b
size: 1Ti
storageClass: longhorn-spinny
- name: moreoldseries
size: 1Ti
storageClass: longhorn-spinny
- name: youtube
size: 1Ti
storageClass: longhorn-spinny
- name: evenmoreoldseries
size: 1Ti
storageClass: longhorn-spinny
- name: justmoreseries
size: 1Ti
storageClass: longhorn-spinny
- name: justmoreseries-2
size: 1Ti
storageClass: longhorn-spinny
- name: roms-a
size: 1Ti
storageClass: longhorn-spinny
- name: roms-b
size: 1Ti
storageClass: longhorn-spinny
path: apps-helm/samba4
repoURL: https://git.martyn.berlin/martyn/infra4talos.git
targetRevision: HEAD

47
everything-app/syncthing.yaml
View file

@ -12,35 +12,24 @@ spec:
chart: syncthing
helm:
parameters:
- name: image.tag
value: "1.26"
- name: service.listen.enabled
value: "true"
- name: service.listen.ports.listen.enabled
value: "true"
- name: service.listen.type
value: LoadBalancer
- name: service.discovery.enabled
value: "false"
- name: service.discovery.ports.discovery.enabled
value: "false"
values: |-
persistence:
data:
enabled: true
type: pvc
accessMode: ReadWriteOnce
size: 50Gi
storageClass: longhorn-fast
service:
main:
annotations:
external-dns.alpha.kubernetes.io/hostname: syncthing.martyn.berlin
type: LoadBalancer
listen:
annotations:
external-dns.alpha.kubernetes.io/hostname: syncthing-listen.martyn.berlin
type: LoadBalancer
- name: image.tag
value: '1.26'
- name: service.listen.enabled
value: 'true'
- name: service.listen.ports.listen.enabled
value: 'true'
- name: service.listen.type
value: LoadBalancer
- name: service.discovery.enabled
value: 'false'
- name: service.discovery.ports.discovery.enabled
value: 'false'
values: "persistence:\n data:\n enabled: true\n type: pvc\n accessMode:\
\ ReadWriteOnce\n size: 50Gi\n storageClass: longhorn-fast\nservice:\n\
\ main:\n annotations:\n external-dns.alpha.kubernetes.io/hostname:\
\ syncthing.martyn.berlin\n type: LoadBalancer\n listen:\n annotations:\n\
\ external-dns.alpha.kubernetes.io/hostname: syncthing-listen.martyn.berlin\n\
\ type: LoadBalancer"
repoURL: https://k8s-at-home.com/charts/
targetRevision: 3.5.2
syncPolicy:

12
everything-app/uptime-kuma.yaml
View file

@ -11,12 +11,12 @@ spec:
source:
helm:
parameters:
- name: service.type
value: LoadBalancer
- name: persistence.enabled
value: "true"
- name: persistence.storageClass
value: longhorn-fast
- name: service.type
value: LoadBalancer
- name: persistence.enabled
value: 'true'
- name: persistence.storageClass
value: longhorn-fast
path: apps-helm/uptime-kuma
repoURL: https://git.martyn.berlin/martyn/infra4talos.git
targetRevision: HEAD

19
everything-app/wg-access-server.yaml
View file

@ -11,18 +11,13 @@ spec:
source:
helm:
parameters:
- name: web.service.type
value: LoadBalancer
- name: wireguard.service.type
value: LoadBalancer
values: |-
config:
csiSecretsStore:
providerName: 1password
resourceName: vaults/3oh5jxmxvqvpuimu2lbuajtizi/allitems/idkjj6oyua2fq6df4fkjzmh4ne/config.yaml
persistence:
enabled: true
storageClass: longhorn-fast
- name: web.service.type
value: LoadBalancer
- name: wireguard.service.type
value: LoadBalancer
values: "config:\n csiSecretsStore:\n providerName: 1password\n resourceName:\
\ vaults/3oh5jxmxvqvpuimu2lbuajtizi/allitems/idkjj6oyua2fq6df4fkjzmh4ne/config.yaml\n\
persistence:\n enabled: true\n storageClass: longhorn-fast"
path: apps-helm/wg-access-server
repoURL: https://git.martyn.berlin/martyn/infra4talos
targetRevision: HEAD