scottk/homelab
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/homelab.git synced 2025-10-31 09:57:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add extra admin user

Browse Source
This commit is contained in:
Vegard Hagen
2024-10-30 18:56:44 +01:00
parent 237a321ec3
commit 4dd769fdf7
5 changed files with 45 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
k8s/infra/auth/lldap/lldap-config.yaml
View File

@@ -7,8 +7,8 @@ metadata:
namespace: lldap namespace: lldap
spec: spec:
encryptedData: encryptedData:
groups.json: AgCsBk4Vkv6TJ86WW7zrCXgLsM6zelThcVE/+gFRNM0CS1qPIKfaqh9L2ZM7LQOhULzCvnvwp8rWkQIBVZgPhTZi829wdj6nKyzKYkQ3QOiDQJSFnWqS93Qf650gA/HxgdahtVnPzMHO4Icf0l+khjoQu1UDPQv9PZP8c6DbGnD5+d/Hu8MY2V91qP/uUkSBDpUPOlpykg9H97L+eNkyHh3S7SBXMCsM2gl2JmcQ+ojNi7g+RVLfLuLNI8kiqA8y74pSRFhMD2PSiNT3v/Dn50afXEDNv88NGQQZAJG0kuvpfmeQePZayIBEeUl/dC0QbHtlxa31OF6L01eoSalUjsTRTVzY6REMwiSnLGDRRgnNAJ9Q7L8QMBmHcKZFVCzZCTLm7YG8jHdyvTrI1MAHHAX3hrje4zIfWdzpB8iD0Xqb+Y/lRJG8LgpRQuFwDFv4Lm0A5dXi7xOJJwoZqfQzZoUPFUA8xSpIq+in859EdbIiRGcTl132z+AK3TOFH5cdmtBkhoGWTOuvYOh2PB/KsDlAamYardpwrx2r4GXUUpR40b1GssGnTF0pcH20ovw34CG0qfu3cD34hPpOZPLwXctV247dTNM7rrMRk7fH1lLuU2i2M9j0eZnUkuiN3vntwEj+9r/uxfx11fGaj5QouvDof555t4RdOOk9aH8iBwLt92f75GvFVoeKqod1CWfZ6+gkl8ZJVP8XqKRAjpl5Rt2IrvtiCLK5gp3m5TpsLBhCh92UIMkCKCklo8LreOpHt6ROX9ZNHo07xbj9 groups.json: AgBW44gF2ox4DzSkcsWm7aZYk1KHpuAjzhSsw6nLEJauMTpJC6j8xKin/0ILWyGsZHZDZHYBRl4L1U3I9/hlt4Km12MSsfN1lFqvfNBeEB2T6OU2vTtl0aVSxaKH0m7yBCZapyXFvCGizhqRIWAMm9cJvN5DDiPksmi2K3GWrX51ih3wJxOxy0peB2r7M5ScQ3i9piHiGJfq6uAFKWWafsco+ry6jTVYGixOCn/lu6B8/bNdn0DqJ2HZrUP76bOSLw2Ifti2ItZzE8T7iGK+XBE0dJ/Z/ek4lHl4xiF2+V5XIiLVsXq/JEhE1VrsaNZJBXICQrzQTVr7oNv6wq7s5QKim4x30f7m7C6fGcV3JWonAjfpoZv/5SCpsUqkPokP8I82WGuG7/4za/18HRQbCDSbSKd1FpznT1B1orgZUNVjciRn6lYxBV9Z6aw8dJ5tASuiFRekQvBmfs5jlGwYrrozo+67XNryFknbSTShEVQV/mP3mJwggdRaQYnPnY1E2+QBJnX57sGC4pRoe5TX8avzM6r0mXboZhsSm0H/xwr4M2gXOzodkxLwM5IoOwX0J0A0X2W4zY+oBJNnA7IXt9iG9HjrGNgnMmynVEKNcMH6POyYup6UOVhTjyrzqMxbD525oCe4ewkfWCf8fO763E0qaxnjah03jFuc5N7ID9SSBGKZV8v6V53vtA7cExe15+02Gl0bqYqi9zMJib7VRj787OGiOpijwwlSkeoZx7yJjBDWmQc044pR1zjsictuK4U8luUZ6qeYkvm7
users.json: AgAQ3YsvSBluOwD8g9mJPlaOdiS+4hJdtYJ740If7wmk7tH5weg3GWX3ZGPldt/ykOjScEdthcMqs3GDYRA0eIEChENZ/nUakp/gsGLgNVX1gttZnW850y62fP0tt8cRokf/egfzkNJGt70gLI25MhZB8k1HUDEN1xVmGeKPb1QSTgO8Kf5jAz7oOC4V1cYLGHvyHNbyhVL65oTDsqePE9YPkrI1uXhTZTz8DFD/XL4JxvaDnH63dzecyRPSPUgStuupWYKAWKhnizZuzMl8TAHtlkUVHuyigtvX9Uzmt7pzblO7FsHE+Ga1dKfwB7ep8JiFqEDi83U4C/nT/cQ4pHYLGAEw5Ek0XOB8uTbSZmw0e50LdJyUB+LQ/+SOs7XF7nEj00ycA/k/L8uOthkhYJ0Rwi62Tm4kXjAFgtIN46rHA7vitTKsAgjsI/FBsxR7bUsCLh6IK6sUrbde/NYJ8Yrf+5yoVXqfN6mk1nfrvYEJOmdSbIkSQfg2cmMAYNQJYJBlfJeYPAK8VJ1SkKztMufzj9u+fI+8FkcQQAUfF3X8W6dRXFSnRMyJNSvwGWcYLBEs1MWMPO2CFM/17mxtsE+ThsISVx/njB247Gh0BWhNgEABnzf2fJ50maC+uiNnPieM4p5etxqQv/E7JYTq+bRqahsCSCMiLB48LRcjUhX5oRpHogdsIbHcdNf5GwBOKsfqXauqWUti4Wwv1Esf8h6rKfQ28+Vu+vTe5oGDqyo7BOkhhh3kmTuOWaGCTCiAtElyMgmd1p4qxoxhr8SucXBSyjIRV3LDFSlIlw0nxNivpYK23Xr2UyISWyLwyiZHtLN0u49pViXM4azWRCzJTUEQBiOtNpifhWX8kR8FQQ0tCziQYOddIGK+8B0biKppE+szkZ6OXIt0M4AIGIb1CKKKKxhuto+Un+TwYm506JhUVWqRlrdqTf+QbF+YB61usHY+HTC7QIIFWQANwO8zWTWtwVT6m1LPTkUjqhBSai0988kzhKR9dgHOTDgFAoqs53XdWu/HTJfBR9tvK5pUFsljhnmy+2E3qF3sqXnu0xLeWEHhOixtCNj4roGYw7+z/0juXJkhntu6mV/a/3I6A4uuAv+WHxrnnkCY5/FWjxln5SRrsZg++AcDiCv/kYQUXYyQjAY5zVo3Z2W7slQEVOv0xrpROzAVU92v789D4BXhMWA5lNWKHS63ks5YgBR9Ypbhu+TxYYsYd2AZ9CdeHk1cIBJcliByyY4BW9dvsgic2p3PovNR7y4qbIXbgxho+DG4RqWGkAcFulWy2eP5k5yPLfCUeyLifCfTLsNkOEq7LPQkZVykdlFPdsc2v85JpeMkqqR7EX61CmYAGxgOIYKg9kJ18uP2LAu5MwG0l1h9Qm6YO4SmdXnaU5E0oJpkXyy4c2jfkU3nezgC7nHSy8A= users.json: AgCsNmVaAzBY/Y1pq8hICNaenZteaVfxlcQ8y1hfw4SyQaxIuUSA4IRJqLtoOfIhUgOWwCZgbdvhP1Ptf8CViMNlG2SUXXqbhtjF9OBFli2wA2MBYZwFLanHwrLRRgrqvXWXzSvQS0nRF7T36TF1vkpBrqrNIHXIOof7wTowsO06GpQKo+XStxAQ+cNC6VviQqkZh2QmySqo6BR8H14VQTxOiDETnEi3btwGVn4MxjTLITVt0rua6seib8ohTYYAgf+57DImkaWCv9WlsV5iEsv03ERCSrII17Jfu/j49I+CQD61TJtYzEjrubGXLCV59KFtqb8MIVyPSpodfJMcf5Wwc3WIgqDbzwKKsAR1smgKBVBK97+CoGly/qbt94/9+gD0GjvoXB1wbY7g29uWcJYMiGE2LaS3tFnj7/gjGrgul5x4yJZ1ajFql2nnSgPrehBSBhB3zui9KJjeDe8auz0K/6ivF+Tz5J5Tr8H8q748GkXLvMwR7qdiP5YZVg69rSupBgJJJwLvzIUDRBU/rwcBni4geTZcMYJXWLFGzOHyOIucS1MEszhi28+/S9NoZJaz4JzBHbexUkKXz2XCZFSyI8idTb1VxraLaKrSn/Jx8aXzBoKpBW/YZDrPkAxL1yWRgA+J9nmMriXNH/im0EUFF/cGUxnYjKliiaEsXt2kRZCbfasSOlpF6IpHntV7Ghvu0B0/hCB7Ah2H/4EcZZM2ck0r7Slv4CwY0sQBiPmRlqrCICIC2XWs1DkEtP5ESr6DM6wQttPB2R5VmF56mim+GsNR7/ZVxMq9cITljW15Eev4AC4Tj0sylW1os5wNJatbWLfY8Fox7M8haDvMr9rJ24ZvlqiBJ3r24hNc3/GqASfkqXsGu6pNWgfjrukcpgd81ZF+NT3A2zFXZH/bn9GpWhLqnPLEWKDfRsxh8cZ6RKp9Za/DFbvoG+g6cKga0eZB+d/HJWdqaBm3q1QqwKfh+bcPXZ60xGg9bllvBikOGiOl4bqqpPe0i0Dhxd6XnqLUwIpIvxJTflYlO2hxkFt6qAi690qeaUqLFtDX+O4HtQzM23QrH87kbIYO0DS1rimMY9mTcWwqmT2/eTozFi2FWP9ODNwmRaFsxlowmOjqH/eypyOB4G7M0W7VE3KJtA0Avynz+zAbZZGF+oabR8MzwhXxGSKQJrYgmWB12idTYaNt/Tpt5qJR5HVPIAxXQ4/QJMpHhoHjJnmW12VIYtd0bS780MNEbVCzyNciOZGpahr66403cUbseiqdbUk3co1NxlqQnAdJY72do3CQkgkRpaW6DM08ByHs1v4Bp2tprAKyUWqCy6O0ozhHvqACHbt4wZHZFrW1meAPn8rmAlclDlan+KItmgjkDkNm89FNt2VU1EQBIDs1ZIulCDfVQaLvxKHrqAZYB7BSs3aY7VV2WGtVNz4Y28+6+BADeXegX/+TdRy4lYKfEGnCIVLZoHbOMt8+aqD88v+fptiAfE5fHURpIZkD54PhDksSHxSPVvOcZv1zlDjlokL+HNlP7eTRLpsNfhQaoefaWqzrXdQg8OcCxlJypj8rvENlaidFT2MHOfYan/Je7PiAMFx6dNWrwwsK8VR3LyvcKNyKhkOkdswz2UyuGpn7sA64e49ux0lH4m0sdYBLtyhK+RiRaFl+R/OlmkcpiaxEA4aGtec0jXFkBMiT3M5OuHaeOzueIXna4SyLf5CAMt/31FflGbCLYShYOkvT3xG8JX1VKVg94jlsxFmnrg==
template: template:
metadata: metadata:
creationTimestamp: null creationTimestamp: null

2
k8s/infra/project.yaml
View File

@@ -7,6 +7,8 @@ spec:
sourceRepos: sourceRepos:
- 'https://github.com/vehagn/homelab' - 'https://github.com/vehagn/homelab'
destinations: destinations:
- namespace: 'kube-system'
server: '*'
- namespace: 'argocd' - namespace: 'argocd'
server: '*' server: '*'
clusterResourceWhitelist: clusterResourceWhitelist:

25
k8s/infra/users/extra-admin-cluster-role-binding.yaml Normal file
View File

@@ -0,0 +1,25 @@
#apiVersion: rbac.authorization.k8s.io/v1
#kind: ClusterRoleBinding
#metadata:
# name: extra-cluster-admin
#roleRef:
# apiGroup: rbac.authorization.k8s.io
# kind: ClusterRole
# name: cluster-admin
#subjects:
# - apiGroup: rbac.authorization.k8s.io
# kind: Group
# name: extra:masters
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: extra-cluster-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: extra-admin
namespace: kube-system

9
k8s/infra/users/extra-admin.yaml Normal file
View File

@@ -0,0 +1,9 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: extra-admin
namespace: kube-system
# TOKEN=$(kubectl -n kube-system create token extra-admin)
# kubectl config set-credentials admin --token=$TOKEN
# kubectl config set-context admin@kubernetes --cluster talos --user extra-admin

7
k8s/infra/users/kustomization.yaml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
# https://dev.to/danielkun/kubernetes-certificates-tokens-authentication-and-service-accounts-4fj7
resources:
- extra-admin.yaml
- extra-admin-cluster-role-binding.yaml