mirror of
https://github.com/khuedoan/homelab.git
synced 2025-01-05 13:08:52 +07:00
56 lines
1.4 KiB
YAML
56 lines
1.4 KiB
YAML
apiVersion: external-secrets.io/v1beta1
|
|
kind: ExternalSecret
|
|
metadata:
|
|
name: ansible-secrets
|
|
spec:
|
|
secretStoreRef:
|
|
kind: ClusterSecretStore
|
|
name: vault
|
|
data:
|
|
- secretKey: id_ed25519
|
|
remoteRef:
|
|
key: /metal/ssh
|
|
property: private_key
|
|
---
|
|
apiVersion: external-secrets.io/v1beta1
|
|
kind: ExternalSecret
|
|
metadata:
|
|
name: terraform-secrets
|
|
spec:
|
|
secretStoreRef:
|
|
kind: ClusterSecretStore
|
|
name: vault
|
|
target:
|
|
template:
|
|
engineVersion: v2
|
|
data:
|
|
credentials.tfrc.json: |
|
|
{
|
|
"credentials": {
|
|
"app.terraform.io": {
|
|
"token": "{{ .terraform_cloud_token }}"
|
|
}
|
|
}
|
|
}
|
|
terraform.tfvars: |
|
|
cloudflare_email = "{{ .cloudflare_email }}"
|
|
cloudflare_api_key = "{{ .cloudflare_api_key }}"
|
|
cloudflare_account_id = "{{ .cloudflare_account_id }}"
|
|
data:
|
|
- secretKey: terraform_cloud_token
|
|
remoteRef:
|
|
key: /external/terraform-cloud
|
|
property: token
|
|
- secretKey: cloudflare_email
|
|
remoteRef:
|
|
key: /external/cloudflare
|
|
property: email
|
|
- secretKey: cloudflare_api_key
|
|
remoteRef:
|
|
key: /external/cloudflare
|
|
property: api_key
|
|
- secretKey: cloudflare_account_id
|
|
remoteRef:
|
|
key: /external/cloudflare
|
|
property: account_id
|