diff --git a/argocd/apps/seaweedfs/seaweedfs.yaml b/argocd/apps/seaweedfs/seaweedfs.yaml index 66605ac..f174f76 100644 --- a/argocd/apps/seaweedfs/seaweedfs.yaml +++ b/argocd/apps/seaweedfs/seaweedfs.yaml @@ -1,83 +1,85 @@ -#apiVersion: argoproj.io/v1alpha1 -#kind: Application -#metadata: -# name: seaweedfs -# finalizers: -# - resources-finalizer.argocd.argoproj.io -#spec: -# project: default -# source: -# repoURL: 'https://seaweedfs.github.io/seaweedfs/helm' -# targetRevision: 4.*.* -# chart: seaweedfs -# helm: -# values: | -# master: -# ingress: -# enabled: true -# className: traefik -# hostname: seaweed.innovation-hub-niedersachsen.de -# tls: -# - hosts: -# - seaweed.innovation-hub-niedersachsen.de -# secretName: seaweed.innovation-hub-niedersachsen.de-tls -# annotations: -# kubernetes.io/ingress.class: traefik -# traefik.ingress.kubernetes.io/router.tls: "true" -# cert-manager.io/cluster-issuer: lets-encrypt -# traefik.ingress.kubernetes.io/router.entrypoints: websecure -# s3: -# ingress: -# enabled: true -# className: traefik -# hostname: sws3.innovation-hub-niedersachsen.de -# tls: -# - hosts: -# - sws3.innovation-hub-niedersachsen.de -# secretName: sws3.innovation-hub-niedersachsen.de-tls -# annotations: -# kubernetes.io/ingress.class: traefik -# traefik.ingress.kubernetes.io/router.tls: "true" -# cert-manager.io/cluster-issuer: lets-encrypt -# traefik.ingress.kubernetes.io/router.entrypoints: websecure -# parameters: -# - name: master.ingress.enabled -# value: 'true' -# - name: master.ingress.className -# value: 'traefik' -# - name: master.ingress.hostname -# value: 'seaweed.innovation-hub-niedersachsen.de' -# # - name: filer.enabled -# # value: 'true' -# # - name: filer.ingress.host -# # value: 'sws3.innovation-hub-niedersachsen.de' -# # - name: filer.s3.enabled -# # value: 'true' -# # - name: filer.s3.enableAuth -# # value: 'true' -# # - name: filer.s3.existingConfigSecret -# # value: 'innohub-s3-secret' -# - name: s3.enabled -# value: 'true' -# - name: s3.enableAuth -# value: 'true' -# - name: s3.existingConfigSecret -# value: 'innohub-s3-secret' -# - name: s3.ingress.enabled -# value: 'true' -# - name: s3.ingress.className -# value: 'traefik' -# - name: s3.ingress.hostname -# value: 'sws3.innovation-hub-niedersachsen.de' -# destination: -# server: 'https://kubernetes.default.svc' -# namespace: seaweedfs -# syncPolicy: -# managedNamespaceMetadata: -# labels: -# pod-security.kubernetes.io/enforce: "privileged" -# automated: -# selfHeal: true -# prune: true -# syncOptions: -# - CreateNamespace=true +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: seaweedfs + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + source: + repoURL: 'registry-1.docker.io/bitnamicharts' + path: 'seaweedfs' + targetRevision: 4.*.* + chart: seaweedfs + helm: + parameters: + - name: master.ingress.enabled + value: 'true' + - name: master.ingress.hostname + value: 'seaweed.innovation-hub-niedersachsen.de' + - name: master.ingress.tls + value: 'true' + - name: master.ingress.annotations.kubernetes\.io\/ingress\.class + value: traefik + - name: master.ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.tls + value: 'true' + forceString: true + - name: master.ingress.annotations.cert-manager\.io\/cluster-issuer + value: 'lets-encrypt' + - name: master.ingress.annotations.ingress\.secrets + value: 'seaweed.innovation-hub-niedersachsen.de-tls' + - name: master.ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.entrypoints + value: websecure + - name: s3.enabled + value: 'true' +# - name: s3.extraArgs[0] +# value: "-s3.signature.version=v4" +# - name: s3.extraEnvVars[0].name +# value: S3_SIGNATURE_VERSION +# - name: s3.extraEnvVars[0].value +# value: "v4" + - name: s3.auth.enabled + value: 'true' + - name: s3.auth.adminAccessKeyId + value: 'wjpKrmaqXra99rX3D61H' + - name: s3.auth.adminSecretAccessKey + value: 'fTPi0u0FR6Lv9Y9IKydWv6WM0EA5XrsK008HCt9u' + - name: s3.ingress.enabled + value: 'true' + - name: s3.ingress.hostname + value: 'sws3.innovation-hub-niedersachsen.de' + - name: s3.ingress.tls + value: 'true' + - name: s3.ingress.annotations.kubernetes\.io\/ingress\.class + value: traefik + - name: s3.ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.tls + value: 'true' + forceString: true + - name: s3.ingress.annotations.cert-manager\.io\/cluster-issuer + value: 'lets-encrypt' + - name: s3.ingress.annotations.ingress\.secrets + value: 'sws3.innovation-hub-niedersachsen.de-tls' + - name: s3.ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.entrypoints + value: websecure +# - name: s3.ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.entrypoints\.web\.forwardedHeaders\.insecure +# value: "true" + - name: s3.ingress.annotations\.traefik\.ingress\.kubernetes\.io\/router\.entrypoints\.websecure\.forwardedHeaders\.insecure + value: 'true' + - name: mariadb.auth.rootPassword + value: 'InnoHubSEAWEEDFS_2024!' + - name: mariadb.auth.username + value: 'bn_seaweedfs' + - name: mariadb.auth.password + value: 'bn_seaweedfsUSER' + destination: + server: 'https://kubernetes.default.svc' + namespace: seaweedfs + syncPolicy: + managedNamespaceMetadata: + labels: + pod-security.kubernetes.io/enforce: "privileged" + automated: + selfHeal: true + prune: true + syncOptions: + - CreateNamespace=true