add automatic dns updates
This commit is contained in:
19
infrastructure/ddns/cloudflare-keys.sealedsecret.yaml
Normal file
19
infrastructure/ddns/cloudflare-keys.sealedsecret.yaml
Normal file
@@ -0,0 +1,19 @@
|
|||||||
|
---
|
||||||
|
apiVersion: bitnami.com/v1alpha1
|
||||||
|
kind: SealedSecret
|
||||||
|
metadata:
|
||||||
|
creationTimestamp: null
|
||||||
|
name: cloudflare-keys
|
||||||
|
namespace: ddns
|
||||||
|
spec:
|
||||||
|
encryptedData:
|
||||||
|
CLOUDFLARE_API_KEY: AgCSEPeO4QRhQLLi/PPBxKOu7boxEbk1wb23WT3ZMw8nMgw3kCST2lvyKSacVWX7czv+JYXU6z2eNvZ001xr/0EXsHtsM/AbAf6KmPzzZUzLwWkDJ0iIyw4yDVKqPqP4N2T+KOJpIh6o9kmit/kFyZ8cRlPsuBsFYOKljI6IxLBvoaiMQiYeymL50b0bmWhxK7VNkISxDyVGLkCWl9cMCvietoawSq64LDuAvwYnOFoXOmnxa523vYsLp/L9lNK5Yfk3ywlyjHeJgr8Bz80QRmBs8Fbo3dv2yZVZxHFDUY8+BNHk1N8qgjeaW1g02+puTntxlQu82Ea1gyhQ+Ft/DKQ9EPk7asDHaMtNybckHh7Hb/8QJDsk9cIAK3btE99IANzVUIddO7g8nPv/NybSpWq3kw40ErUjZVraOkAMEX7YIwJKD2n8RKps0Z3xDSYWkWygKQePoonh9xaQhV2R4Enc8nkzf/+eX7yg9SzZeAgR6w+RY+fi+BPC/PW/GgH4cRr8jgMBzEIDrw0OShdjYKlij8Xwe5vq/GdXmI2A9ZJnn2MhG7EKlxBlWD1FF219shqtro6ppVBJZNQAfWlg6jM4SFWP3DwL0RoO5dz+GMXofVBXG0sp6Ay0ILOxnXe/DHlgZN9AS4EcM1lWp6Rs31TkVMI/PUXL7uDwgBOZIwUdGJG+OlHNxXQZ/nuUIDIhZgBfBHuFnOpNN8KmJN33P1e2Wm5daru3bIKyr85LGfHhetRw/1jW6t4b
|
||||||
|
CLOUDFLARE_DNS_RECORD_ID: AgBx3Fu7qkgbrxJw0JtNYQyAop0yY7vCZ271GgTvUSZKQhdTY4mlo/xWL/3+sB4SnKRpyZ4/HcmJUEMrW6yb7aHKrQtzwvZRBeYQ52LMAQKBLzPqzKjce1VomqpMFwtferORR4drBYXFFuBJ7xEkRcJSaQ4dJTAWNQF/TKXJtMLswPGA259S6xfjuXaDcPA8faV63L0MPDqNU22Zzr99fOoEFRrYvyFVe1verXzJ2NnfgY6Em87cDRZHEUn0VZ03BURvZW4ElIODyRmSkUsptjvjjOVhSDixBkRljA/Ybp641Wa3Y2ZjKj3ta5g/CvPU50sHjlhQnV1v8viyqlxt79O2ysH+keeIxwQJOCzQYv44aXCWLvmswMTGsiOaKWCsCG8iSkXQe0VO44V7GOb9tZ+vbpi0o6x6+rh5N/L93dZdQydEG0omOkN5YmyZLN/wlepBSXPQPqFYVljaW6a/oGNNYwULPkmvqa5tUgSFuQDgrIHSJKFR8oBnBLYEKlglkLCOZKxqI+SkoeIK1TLP1eJ1hea3e6ULJopZFK6XLr1DJOl2pefPczeummLuoxtyJwmGWM9uGcVuDwi0V6N4ixWAnWWiimFVIFKjY6Fj7QJLge3B0K1gNtpeIIBlZ6whns/4YYv5DSojgCKS1OkmCohYQXN4/t+AG90OoR79+oJiVdzwrMCHRpLddfSGGfSzm2DkKw4x1kxptyQRJg3y89Kd2acM7kDvbaajMFNCy3yl3A==
|
||||||
|
CLOUDFLARE_ZONE_ID: AgCn20qDEs/2F3RtrSIyiBXD5IwPYB/yTkUhG3aA7puH8UlkVILzTXJfVGTeSp7hkDgBjcoX3o/KtMR44sS6oGl3cYYtvbni2/iplarqqZflRzvW7MSyE3TuSi8cVk+aTab0+mI4BkwiQ/RI1jolCIfcblh10kvJBSrH67R4JygKqb0OyM0DWtCXzMyUFunGKkEIpjnMQN/OfMhk+G9iB57iL9EL2ROl2ZgpYPwsDc+XFb8R1FGKJfpTux0b50NYS95VBb8uOZJ7kgBabfPn3hTlN4bL7uzDWlCEotGOTJ1tYhBfgQN7O5SxU4/Lks11mqv6TRenZPXb7pe39/k6BOoh7dY6odqfT9MWD/OjTJ78RAKcfwA/z2zEXmCxrKdZwC8aQ9I35rLYo6rzktcguWn9nThza5bN3uQF9Gy16R0Dq5JO37I61gFkH8UHmCax+8/a8YlcUkeHSii7AUFv8z8VaFI2qzz4OtyeRO0yatP87D8ID98kFeymzU1AVacCqLsm08qaPHj7yOV1B6mxufHaYsuXckDcGEh1e03Op+hYDqff0pz7oQ2izHFvx+w0X2AbMXx+8j+Grpw14PO8bWal2DQBVu8/+4bfAFWoCVMuE4Tf/jGnbzlUHvU8N9wnpQ9OgV9EOO7m2A5vbGOsjIGV8kZrWNKhzHs6BroJl2GIyiteTJC+/EbNGK8y4hZrmjIhjhlel0X2GgT/3iQ5svH2yrIGvUmONk8ZBE2xjI+V4A==
|
||||||
|
KLUSTER_DOMAIN: AgBVbvgJHtG6jnZK8vU+Hf+6U948uwd5yMBCOoIqvlEIN+uLQqorLNLvUuvStZjsga4B+2biufuYcIbc41yyRJc8Z0MKmGjvZI7l4oCZ3uu09qlFLV1xMjrQC5HtXNJd/x9nbFToj9wEdM/IZY2medJ59MaIolmeck14ZIiwCJiMTXG4UZt1eoS9J6NEIweqPWA/x9uq1IATVTPtL80sH6OtjMDzmmjx6lDgQfw8saoxg8zmHBAAi+MT6GCUhAzjRl/bCA8oUfuW69exXl0FMBlxWyi/+vXNDCOwVJDiVTDfodThr0ocGAaEkZHx7w5jaPdfh1+Wj2dsHTxyp1LIIYSQy7m9elRV8Wz74//5ejsDbETKM69qirsOhQbPNJpEj4Tnjr5re1o49hH8ej0KcFOpHjMcupwJW4sqNJqEyqUnP4C/BE5bySauuYT0pShAc24yQyJHQokdei0oBKzRtUDiM4+2NQVZXxURv2oSIfgB0CKfHPjsYpQxRJ4B83qBUGUmLZYyFnwl3FWwbHhrgmHBE2qik9XgcssvMWMhobkxiWd46KsaXVnjU7KqlTHWuEoI6AaC1s2r0WTJGf0zY1Mn93Na1uLgypwwgkUx/cV2l+ThzMETPXjNKm4INn6WeGmE6HomRXqBcJxgg4+RimXKtaitXxr7ujZZEZhIiVGgDJT36pwAjZBg3kD6NeJ10LjivwB9VuYHWjqgGyicuEZ5TA==
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
creationTimestamp: null
|
||||||
|
name: cloudflare-keys
|
||||||
|
namespace: ddns
|
||||||
|
type: Opaque
|
||||||
54
infrastructure/ddns/cronjob.yaml
Normal file
54
infrastructure/ddns/cronjob.yaml
Normal file
@@ -0,0 +1,54 @@
|
|||||||
|
apiVersion: batch/v1
|
||||||
|
kind: CronJob
|
||||||
|
metadata:
|
||||||
|
name: ddns-cronjob
|
||||||
|
spec:
|
||||||
|
schedule: "0 6,18 * * *"
|
||||||
|
jobTemplate:
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- name: hello
|
||||||
|
image: curl
|
||||||
|
command:
|
||||||
|
- /bin/sh
|
||||||
|
- -c
|
||||||
|
args:
|
||||||
|
- >-
|
||||||
|
CURRENT_IP = $(curl -4 ifconfig.me)
|
||||||
|
&&
|
||||||
|
echo "Current IP: $CURRENT_IP"
|
||||||
|
&&
|
||||||
|
curl
|
||||||
|
--request PUT
|
||||||
|
--url https://api.cloudflare.com/client/v4/zones/$(CLOUDFLARE_ZONE_ID)/dns_records/$(CLOUDFLARE_DNS_RECORD_ID)
|
||||||
|
--header "Authorization: Bearer $(CLOUDFLARE_API_KEY)"
|
||||||
|
--header "Content-Type: application/json"
|
||||||
|
--data '{"content": "$(CURRENT_IP)", "name": "$(KLUSTER_DOMAIN)", "proxied": false, "type": "A"}'
|
||||||
|
|
||||||
|
env:
|
||||||
|
- name: CLOUDFLARE_ZONE_ID
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: cloudflare-keys
|
||||||
|
key: CLOUDFLARE_ZONE_ID
|
||||||
|
- name: CLOUDFLARE_API_KEY
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: cloudflare-keys
|
||||||
|
key: CLOUDFLARE_API_KEY
|
||||||
|
- name: CLOUDFLARE_DNS_RECORD_ID
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: cloudflare-keys
|
||||||
|
key: CLOUDFLARE_DNS_RECORD_ID
|
||||||
|
- name: KLUSTER_DOMAIN
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: cloudflare-keys
|
||||||
|
key: KLUSTER_DOMAIN
|
||||||
|
- name: CURRENT_IP
|
||||||
|
value: ???
|
||||||
|
|
||||||
|
restartPolicy: OnFailure
|
||||||
14
infrastructure/ddns/kustomization.yaml
Normal file
14
infrastructure/ddns/kustomization.yaml
Normal file
@@ -0,0 +1,14 @@
|
|||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
|
||||||
|
namespace: ddns
|
||||||
|
|
||||||
|
images:
|
||||||
|
- name: curl
|
||||||
|
newName: curlimages/curl
|
||||||
|
newTag: 8.5.0
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- namespace.yaml
|
||||||
|
- cronjob.yaml
|
||||||
|
- cloudflare-keys.sealedsecret.yaml
|
||||||
4
infrastructure/ddns/namespace.yaml
Normal file
4
infrastructure/ddns/namespace.yaml
Normal file
@@ -0,0 +1,4 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: placeholder
|
||||||
18
kluster-deployments/ddns/application.yaml
Normal file
18
kluster-deployments/ddns/application.yaml
Normal file
@@ -0,0 +1,18 @@
|
|||||||
|
apiVersion: argoproj.io/v1alpha1
|
||||||
|
kind: Application
|
||||||
|
metadata:
|
||||||
|
name: ddns-application
|
||||||
|
namespace: argocd
|
||||||
|
spec:
|
||||||
|
project: infrastructure
|
||||||
|
source:
|
||||||
|
repoURL: git@github.com:moll-re/bootstrap-k3s-infra.git
|
||||||
|
targetRevision: main
|
||||||
|
path: infrastructure/ddns
|
||||||
|
destination:
|
||||||
|
server: https://kubernetes.default.svc
|
||||||
|
namespace: ddns
|
||||||
|
syncPolicy:
|
||||||
|
automated:
|
||||||
|
prune: true
|
||||||
|
selfHeal: true
|
||||||
4
kluster-deployments/ddns/kustomization.yaml
Normal file
4
kluster-deployments/ddns/kustomization.yaml
Normal file
@@ -0,0 +1,4 @@
|
|||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
resources:
|
||||||
|
- application.yaml
|
||||||
@@ -11,6 +11,7 @@ resources:
|
|||||||
|
|
||||||
# infrastructure apps
|
# infrastructure apps
|
||||||
- projects.yaml
|
- projects.yaml
|
||||||
|
- ddns/
|
||||||
- nfs/
|
- nfs/
|
||||||
- backup/
|
- backup/
|
||||||
- pg-ha/
|
- pg-ha/
|
||||||
|
|||||||
Reference in New Issue
Block a user