feat(bridges): Add signal and messenger (meta)
This commit is contained in:
parent
24995c3a05
commit
5312a0eb0a
6
manifests/bridges/kustomization.yaml
Normal file
6
manifests/bridges/kustomization.yaml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- ./signal
|
||||||
|
- ./messenger
|
14
manifests/bridges/messenger/create_db.sh
Normal file
14
manifests/bridges/messenger/create_db.sh
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
echo "Checking if $MESSENGER_DB database exists..."
|
||||||
|
|
||||||
|
if psql -lqt | cut -d \| -f 1 | grep -qw $MESSENGER_DB; then
|
||||||
|
echo "Database exists, skipping creation"
|
||||||
|
else
|
||||||
|
echo "Database does not exist, creating..."
|
||||||
|
createdb $MESSENGER_DB
|
||||||
|
createuser $MESSENGER_USER
|
||||||
|
psql -c "ALTER USER $MESSENGER_USER WITH ENCRYPTED PASSWORD '$MESSENGER_PASSWORD';"
|
||||||
|
psql -c "GRANT ALL PRIVILEGES ON DATABASE $MESSENGER_DB TO $MESSENGER_USER;"
|
||||||
|
psql -c "ALTER DATABASE $MESSENGER_DB OWNER TO $MESSENGER_USER;"
|
||||||
|
fi
|
46
manifests/bridges/messenger/job.yaml
Normal file
46
manifests/bridges/messenger/job.yaml
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
apiVersion: batch/v1
|
||||||
|
kind: Job
|
||||||
|
metadata:
|
||||||
|
name: messenger-db-init
|
||||||
|
namespace: synapse
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- name: messenger-db-init
|
||||||
|
image: postgres:15.10
|
||||||
|
command: ["/bin/bash", "/data/create_db.sh"]
|
||||||
|
env:
|
||||||
|
- name: PGHOST
|
||||||
|
value: synapse-db-rw.synapse.svc.cluster.local
|
||||||
|
- name: PGUSER
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: synapse-db-superuser
|
||||||
|
key: username
|
||||||
|
- name: PGPASSWORD
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: synapse-db-superuser
|
||||||
|
key: password
|
||||||
|
- name: messenger_USER
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: mautrix-messenger-db
|
||||||
|
key: username
|
||||||
|
- name: messenger_PASSWORD
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: mautrix-messenger-db
|
||||||
|
key: password
|
||||||
|
- name: messenger_DB
|
||||||
|
value: messenger
|
||||||
|
volumeMounts:
|
||||||
|
- name: create-db
|
||||||
|
mountPath: /data
|
||||||
|
volumes:
|
||||||
|
- name: create-db
|
||||||
|
configMap:
|
||||||
|
name: messenger-db-creation
|
||||||
|
restartPolicy: Never
|
||||||
|
backoffLimit: 4
|
19
manifests/bridges/messenger/kustomization.yaml
Normal file
19
manifests/bridges/messenger/kustomization.yaml
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
namespace: synapse
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- service.yaml
|
||||||
|
- statefulset.yaml
|
||||||
|
- secrets.yaml
|
||||||
|
- job.yaml
|
||||||
|
|
||||||
|
generatorOptions:
|
||||||
|
labels:
|
||||||
|
app: messenger
|
||||||
|
|
||||||
|
configMapGenerator:
|
||||||
|
- name: messenger-db-creation
|
||||||
|
behavior: create
|
||||||
|
files:
|
||||||
|
- create_db.sh
|
24
manifests/bridges/messenger/secrets.yaml
Normal file
24
manifests/bridges/messenger/secrets.yaml
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
apiVersion: argoproj.io/v1alpha1
|
||||||
|
kind: Application
|
||||||
|
metadata:
|
||||||
|
name: synapse-messenger-secrets
|
||||||
|
namespace: argocd
|
||||||
|
finalizers:
|
||||||
|
- resources-finalizer.argocd.argoproj.io
|
||||||
|
spec:
|
||||||
|
project: default
|
||||||
|
source:
|
||||||
|
repoURL: https://git.halis.io/athens-school/k3s-secrets
|
||||||
|
targetRevision: prod-migration
|
||||||
|
path: synapse/bridges/messenger
|
||||||
|
syncPolicy:
|
||||||
|
automated:
|
||||||
|
prune: true
|
||||||
|
selfHeal: true
|
||||||
|
syncOptions:
|
||||||
|
- CreateNamespace=false
|
||||||
|
- ApplyOutOfSyncOnly=true
|
||||||
|
- PruneLast=true
|
||||||
|
destination:
|
||||||
|
server: https://kubernetes.default.svc
|
||||||
|
namespace: synapse
|
16
manifests/bridges/messenger/service.yaml
Normal file
16
manifests/bridges/messenger/service.yaml
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: messenger
|
||||||
|
namespace: synapse
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: messenger
|
||||||
|
spec:
|
||||||
|
ports:
|
||||||
|
- name: http
|
||||||
|
port: 29319
|
||||||
|
protocol: TCP
|
||||||
|
targetPort: 29319
|
||||||
|
selector:
|
||||||
|
app: messenger
|
||||||
|
publishNotReadyAddresses: true
|
36
manifests/bridges/messenger/statefulset.yaml
Normal file
36
manifests/bridges/messenger/statefulset.yaml
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
apiVersion: apps/v1
|
||||||
|
kind: StatefulSet
|
||||||
|
metadata:
|
||||||
|
name: messenger
|
||||||
|
namespace: synapse
|
||||||
|
spec:
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app: messenger
|
||||||
|
serviceName: messenger
|
||||||
|
replicas: 1
|
||||||
|
minReadySeconds: 10
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: messenger
|
||||||
|
spec:
|
||||||
|
terminationGracePeriodSeconds: 10
|
||||||
|
containers:
|
||||||
|
- name: messenger
|
||||||
|
image: dock.mau.dev/mautrix/meta:v0.4.2
|
||||||
|
command: [
|
||||||
|
"/usr/bin/mautrix-meta",
|
||||||
|
"--config", "/data/config.yaml",
|
||||||
|
"--no-update",
|
||||||
|
]
|
||||||
|
ports:
|
||||||
|
- containerPort: 29328
|
||||||
|
volumeMounts:
|
||||||
|
- mountPath: "/data/config.yaml"
|
||||||
|
name: messenger-config-file
|
||||||
|
subPath: config.yaml
|
||||||
|
volumes:
|
||||||
|
- name: messenger-config-file
|
||||||
|
secret:
|
||||||
|
secretName: messenger-secret-config
|
14
manifests/bridges/signal/create_db.sh
Normal file
14
manifests/bridges/signal/create_db.sh
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
echo "Checking if $SIGNAL_DB database exists..."
|
||||||
|
|
||||||
|
if psql -lqt | cut -d \| -f 1 | grep -qw $SIGNAL_DB; then
|
||||||
|
echo "Database exists, skipping creation"
|
||||||
|
else
|
||||||
|
echo "Database does not exist, creating..."
|
||||||
|
createdb $SIGNAL_DB
|
||||||
|
createuser $SIGNAL_USER
|
||||||
|
psql -c "ALTER USER $SIGNAL_USER WITH ENCRYPTED PASSWORD '$SIGNAL_PASSWORD';"
|
||||||
|
psql -c "GRANT ALL PRIVILEGES ON DATABASE $SIGNAL_DB TO $SIGNAL_USER;"
|
||||||
|
psql -c "ALTER DATABASE $SIGNAL_DB OWNER TO $SIGNAL_USER;"
|
||||||
|
fi
|
46
manifests/bridges/signal/job.yaml
Normal file
46
manifests/bridges/signal/job.yaml
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
apiVersion: batch/v1
|
||||||
|
kind: Job
|
||||||
|
metadata:
|
||||||
|
name: signal-db-init
|
||||||
|
namespace: synapse
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- name: signal-db-init
|
||||||
|
image: postgres:15.10
|
||||||
|
command: ["/bin/bash", "/data/create_db.sh"]
|
||||||
|
env:
|
||||||
|
- name: PGHOST
|
||||||
|
value: synapse-db-rw.synapse.svc.cluster.local
|
||||||
|
- name: PGUSER
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: synapse-db-superuser
|
||||||
|
key: username
|
||||||
|
- name: PGPASSWORD
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: synapse-db-superuser
|
||||||
|
key: password
|
||||||
|
- name: SIGNAL_USER
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: mautrix-signal-db
|
||||||
|
key: username
|
||||||
|
- name: SIGNAL_PASSWORD
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: mautrix-signal-db
|
||||||
|
key: password
|
||||||
|
- name: SIGNAL_DB
|
||||||
|
value: signal
|
||||||
|
volumeMounts:
|
||||||
|
- name: create-db
|
||||||
|
mountPath: /data
|
||||||
|
volumes:
|
||||||
|
- name: create-db
|
||||||
|
configMap:
|
||||||
|
name: signal-db-creation
|
||||||
|
restartPolicy: Never
|
||||||
|
backoffLimit: 4
|
19
manifests/bridges/signal/kustomization.yaml
Normal file
19
manifests/bridges/signal/kustomization.yaml
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
namespace: synapse
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- service.yaml
|
||||||
|
- statefulset.yaml
|
||||||
|
- secrets.yaml
|
||||||
|
- job.yaml
|
||||||
|
|
||||||
|
generatorOptions:
|
||||||
|
labels:
|
||||||
|
app: signal
|
||||||
|
|
||||||
|
configMapGenerator:
|
||||||
|
- name: signal-db-creation
|
||||||
|
behavior: create
|
||||||
|
files:
|
||||||
|
- create_db.sh
|
24
manifests/bridges/signal/secrets.yaml
Normal file
24
manifests/bridges/signal/secrets.yaml
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
apiVersion: argoproj.io/v1alpha1
|
||||||
|
kind: Application
|
||||||
|
metadata:
|
||||||
|
name: synapse-signal-secrets
|
||||||
|
namespace: argocd
|
||||||
|
finalizers:
|
||||||
|
- resources-finalizer.argocd.argoproj.io
|
||||||
|
spec:
|
||||||
|
project: default
|
||||||
|
source:
|
||||||
|
repoURL: https://git.halis.io/athens-school/k3s-secrets
|
||||||
|
targetRevision: prod-migration
|
||||||
|
path: synapse/bridges/signal
|
||||||
|
syncPolicy:
|
||||||
|
automated:
|
||||||
|
prune: true
|
||||||
|
selfHeal: true
|
||||||
|
syncOptions:
|
||||||
|
- CreateNamespace=false
|
||||||
|
- ApplyOutOfSyncOnly=true
|
||||||
|
- PruneLast=true
|
||||||
|
destination:
|
||||||
|
server: https://kubernetes.default.svc
|
||||||
|
namespace: synapse
|
16
manifests/bridges/signal/service.yaml
Normal file
16
manifests/bridges/signal/service.yaml
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: signal
|
||||||
|
namespace: synapse
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: signal
|
||||||
|
spec:
|
||||||
|
ports:
|
||||||
|
- name: http
|
||||||
|
port: 29328
|
||||||
|
protocol: TCP
|
||||||
|
targetPort: 29328
|
||||||
|
selector:
|
||||||
|
app: signal
|
||||||
|
publishNotReadyAddresses: true
|
36
manifests/bridges/signal/statefulset.yaml
Normal file
36
manifests/bridges/signal/statefulset.yaml
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
apiVersion: apps/v1
|
||||||
|
kind: StatefulSet
|
||||||
|
metadata:
|
||||||
|
name: signal
|
||||||
|
namespace: synapse
|
||||||
|
spec:
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app: signal
|
||||||
|
serviceName: signal
|
||||||
|
replicas: 1
|
||||||
|
minReadySeconds: 10
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: signal
|
||||||
|
spec:
|
||||||
|
terminationGracePeriodSeconds: 10
|
||||||
|
containers:
|
||||||
|
- name: signal
|
||||||
|
image: dock.mau.dev/mautrix/signal:v0.7.3
|
||||||
|
command: [
|
||||||
|
"/usr/bin/mautrix-signal",
|
||||||
|
"--config", "/data/config.yaml",
|
||||||
|
"--no-update",
|
||||||
|
]
|
||||||
|
ports:
|
||||||
|
- containerPort: 29328
|
||||||
|
volumeMounts:
|
||||||
|
- mountPath: "/data/config.yaml"
|
||||||
|
name: signal-config-file
|
||||||
|
subPath: config.yaml
|
||||||
|
volumes:
|
||||||
|
- name: signal-config-file
|
||||||
|
secret:
|
||||||
|
secretName: signal-secret-config
|
@ -4,7 +4,7 @@ metadata:
|
|||||||
name: synapse-config
|
name: synapse-config
|
||||||
namespace: synapse
|
namespace: synapse
|
||||||
data:
|
data:
|
||||||
matrix.beta.halia.dev.log.config: |
|
matrix.halis.io.log.config: |
|
||||||
version: 1
|
version: 1
|
||||||
formatters:
|
formatters:
|
||||||
precise:
|
precise:
|
||||||
|
10
manifests/database-backup.yaml
Normal file
10
manifests/database-backup.yaml
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
apiVersion: postgresql.cnpg.io/v1
|
||||||
|
kind: ScheduledBackup
|
||||||
|
metadata:
|
||||||
|
name: synapse-db-backup
|
||||||
|
namespace: synapse
|
||||||
|
spec:
|
||||||
|
schedule: "0 0 0 * * *"
|
||||||
|
backupOwnerReference: self
|
||||||
|
cluster:
|
||||||
|
name: synapse-db
|
@ -9,7 +9,7 @@ spec:
|
|||||||
|
|
||||||
storage:
|
storage:
|
||||||
size: 5Gi
|
size: 5Gi
|
||||||
storageClass: redundant-storage-class
|
storageClass: local-path
|
||||||
|
|
||||||
bootstrap:
|
bootstrap:
|
||||||
initdb:
|
initdb:
|
||||||
@ -22,6 +22,24 @@ spec:
|
|||||||
pg_hba:
|
pg_hba:
|
||||||
- host all all all md5
|
- host all all all md5
|
||||||
|
|
||||||
|
backup:
|
||||||
|
barmanObjectStore:
|
||||||
|
destinationPath: "s3://halis/cloudnativepg"
|
||||||
|
endpointURL: https://s3.halia.dev
|
||||||
|
s3Credentials:
|
||||||
|
accessKeyId:
|
||||||
|
name: s3-secret
|
||||||
|
key: AWS_ACCESS_KEY_ID
|
||||||
|
secretAccessKey:
|
||||||
|
name: s3-secret
|
||||||
|
key: AWS_SECRET_ACCESS_KEY
|
||||||
|
region:
|
||||||
|
name: s3-secret
|
||||||
|
key: AWS_REGION
|
||||||
|
wal:
|
||||||
|
compression: gzip
|
||||||
|
maxParallel: 8
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
cpu: 100m
|
cpu: 100m
|
||||||
|
@ -4,7 +4,7 @@ metadata:
|
|||||||
name: synapse
|
name: synapse
|
||||||
namespace: synapse
|
namespace: synapse
|
||||||
spec:
|
spec:
|
||||||
replicas: 2
|
replicas: 1
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
app: synapse
|
app: synapse
|
||||||
@ -13,18 +13,11 @@ spec:
|
|||||||
labels:
|
labels:
|
||||||
app: synapse
|
app: synapse
|
||||||
spec:
|
spec:
|
||||||
topologySpreadConstraints:
|
|
||||||
- maxSkrew: 1
|
|
||||||
topologyKey: kubernetes.io/hostname
|
|
||||||
whenUnsatisfiable: DoNotSchedule
|
|
||||||
labelSelector:
|
|
||||||
matchLabels:
|
|
||||||
app: synapse
|
|
||||||
securityContext:
|
securityContext:
|
||||||
fsGroup: 991
|
fsGroup: 991
|
||||||
containers:
|
containers:
|
||||||
- name: synapse
|
- name: synapse
|
||||||
image: matrixdotorg/synapse:latest
|
image: ghcr.io/element-hq/synapse:v1.119.0
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 8008
|
- containerPort: 8008
|
||||||
- containerPort: 9009
|
- containerPort: 9009
|
||||||
@ -34,9 +27,15 @@ spec:
|
|||||||
- mountPath: "/data/homeserver.yaml"
|
- mountPath: "/data/homeserver.yaml"
|
||||||
name: synapse-config-file
|
name: synapse-config-file
|
||||||
subPath: homeserver.yaml
|
subPath: homeserver.yaml
|
||||||
- mountPath: "/data/matrix.beta.halia.dev.log.config"
|
- mountPath: "/data/matrix.halis.io.log.config"
|
||||||
name: synapse-log-config-file
|
name: synapse-log-config-file
|
||||||
subPath: matrix.beta.halia.dev.log.config
|
subPath: matrix.halis.io.log.config
|
||||||
|
- mountPath: "/data/double-puppeting.yaml"
|
||||||
|
name: synapse-secret-doublepuppeting
|
||||||
|
subPath: double-puppeting.yaml
|
||||||
|
- mountPath: "/data/signal.yaml"
|
||||||
|
name: signal-secret-registration
|
||||||
|
subPath: signal.yaml
|
||||||
volumes:
|
volumes:
|
||||||
- name: synapse-data
|
- name: synapse-data
|
||||||
persistentVolumeClaim:
|
persistentVolumeClaim:
|
||||||
@ -47,3 +46,9 @@ spec:
|
|||||||
- name: synapse-log-config-file
|
- name: synapse-log-config-file
|
||||||
configMap:
|
configMap:
|
||||||
name: synapse-config
|
name: synapse-config
|
||||||
|
- name: synapse-secret-doublepuppeting
|
||||||
|
secret:
|
||||||
|
secretName: synapse-secret-doublepuppeting
|
||||||
|
- name: signal-secret-registration
|
||||||
|
secret:
|
||||||
|
secretName: signal-secret-registration
|
||||||
|
@ -1,23 +1,26 @@
|
|||||||
apiVersion: networking.k8s.io/v1
|
apiVersion: networking.k8s.io/v1
|
||||||
kind: Ingress
|
kind: Ingress
|
||||||
metadata:
|
metadata:
|
||||||
name: synapse-ingress
|
name: synapse-ingress
|
||||||
namespace: synapse
|
namespace: synapse
|
||||||
annotations:
|
annotations:
|
||||||
kubernetes.io/ingress.class: "traefik"
|
cert-manager.io/cluster-issuer: letsencrypt-production
|
||||||
|
kubernetes.io/ingress.class: nginx-external
|
||||||
|
acme.cert-manager.io/http01-edit-in-place: "true"
|
||||||
spec:
|
spec:
|
||||||
tls:
|
tls:
|
||||||
- secretName: synapse-beta-tls
|
- hosts:
|
||||||
hosts:
|
- matrix.halis.io
|
||||||
- matrix.beta.halia.dev
|
secretName: matrix-halis-io-tls
|
||||||
rules:
|
ingressClassName: nginx-external
|
||||||
- host: matrix.beta.halia.dev
|
rules:
|
||||||
http:
|
- host: matrix.halis.io
|
||||||
paths:
|
http:
|
||||||
- path: /
|
paths:
|
||||||
pathType: Prefix
|
- path: /
|
||||||
backend:
|
pathType: Prefix
|
||||||
service:
|
backend:
|
||||||
name: synapse-svc
|
service:
|
||||||
port:
|
name: synapse-svc
|
||||||
number: 80
|
port:
|
||||||
|
number: 80
|
||||||
|
@ -5,9 +5,11 @@ resources:
|
|||||||
- namespace.yaml
|
- namespace.yaml
|
||||||
- pvc.yaml
|
- pvc.yaml
|
||||||
- database.yaml
|
- database.yaml
|
||||||
|
- database-backup.yaml
|
||||||
- service.yaml
|
- service.yaml
|
||||||
- servicemonitor.yaml
|
- servicemonitor.yaml
|
||||||
- ingress.yaml
|
- ingress.yaml
|
||||||
- configmap.yaml
|
- configmap.yaml
|
||||||
|
- secrets.yaml
|
||||||
- deployment.yaml
|
- deployment.yaml
|
||||||
|
- ./bridges
|
||||||
|
@ -3,10 +3,13 @@ kind: PersistentVolumeClaim
|
|||||||
metadata:
|
metadata:
|
||||||
name: synapse-pvc
|
name: synapse-pvc
|
||||||
namespace: synapse
|
namespace: synapse
|
||||||
|
labels:
|
||||||
|
recurring-job.longhorn.io/source: enabled
|
||||||
|
recurring-job-group.longhorn.io/standard-pvc: enabled
|
||||||
spec:
|
spec:
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
storageClassName: redundant-storage-class
|
storageClassName: redundant-storage-class
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
storage: 1Gi
|
storage: 50Gi
|
||||||
|
24
manifests/secrets.yaml
Normal file
24
manifests/secrets.yaml
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
apiVersion: argoproj.io/v1alpha1
|
||||||
|
kind: Application
|
||||||
|
metadata:
|
||||||
|
name: synapse-secrets
|
||||||
|
namespace: argocd
|
||||||
|
finalizers:
|
||||||
|
- resources-finalizer.argocd.argoproj.io
|
||||||
|
spec:
|
||||||
|
project: default
|
||||||
|
source:
|
||||||
|
repoURL: https://git.halis.io/athens-school/k3s-secrets
|
||||||
|
targetRevision: prod-migration
|
||||||
|
path: synapse
|
||||||
|
syncPolicy:
|
||||||
|
automated:
|
||||||
|
prune: true
|
||||||
|
selfHeal: true
|
||||||
|
syncOptions:
|
||||||
|
- CreateNamespace=false
|
||||||
|
- ApplyOutOfSyncOnly=true
|
||||||
|
- PruneLast=true
|
||||||
|
destination:
|
||||||
|
server: https://kubernetes.default.svc
|
||||||
|
namespace: synapse
|
Loading…
Reference in New Issue
Block a user