From 9de3a6ba0fe489084dba53b2742aaf70dde7422c Mon Sep 17 00:00:00 2001
From: Vegard Hagen <vegard@stonegarden.dev>
Date: Tue, 13 Aug 2024 21:37:51 +0200
Subject: [PATCH] chore(cloudflared): clean up cloudflared deployment

remove unused config and enable renovate
---
 k8s/apps/external/haos/endpoint-slice.yaml       |  2 +-
 k8s/apps/external/proxmox/endpoint-slice.yaml    |  6 +++---
 .../{cloudflared-config.yaml => config.yaml}     | 11 ++---------
 k8s/infra/network/cloudflared/daemon-set.yaml    | 16 ++++++++--------
 k8s/infra/network/cloudflared/kustomization.yaml |  6 +++---
 5 files changed, 17 insertions(+), 24 deletions(-)
 rename k8s/infra/network/cloudflared/{cloudflared-config.yaml => config.yaml} (62%)

diff --git a/k8s/apps/external/haos/endpoint-slice.yaml b/k8s/apps/external/haos/endpoint-slice.yaml
index 6ffbda2..f67610c 100644
--- a/k8s/apps/external/haos/endpoint-slice.yaml
+++ b/k8s/apps/external/haos/endpoint-slice.yaml
@@ -13,5 +13,5 @@ ports:
     port: 8123
 endpoints:
   - addresses:
-      - 192.168.1.27
+      - 192.168.1.186
     conditions: { } # https://github.com/argoproj/argo-cd/issues/15554
diff --git a/k8s/apps/external/proxmox/endpoint-slice.yaml b/k8s/apps/external/proxmox/endpoint-slice.yaml
index a539e42..556d65f 100644
--- a/k8s/apps/external/proxmox/endpoint-slice.yaml
+++ b/k8s/apps/external/proxmox/endpoint-slice.yaml
@@ -13,7 +13,7 @@ ports:
     port: 8006
 endpoints:
   - addresses:
-      - 192.168.1.42
-      - 192.168.1.52
-      - 192.168.1.62
+      - 192.168.1.42  # euclid
+      - 192.168.1.52  # cantor
+      - 192.168.1.62  # abel
     conditions: { } # https://github.com/argoproj/argo-cd/issues/15554
diff --git a/k8s/infra/network/cloudflared/cloudflared-config.yaml b/k8s/infra/network/cloudflared/config.yaml
similarity index 62%
rename from k8s/infra/network/cloudflared/cloudflared-config.yaml
rename to k8s/infra/network/cloudflared/config.yaml
index 0abd461..7c79088 100644
--- a/k8s/infra/network/cloudflared/cloudflared-config.yaml
+++ b/k8s/infra/network/cloudflared/config.yaml
@@ -1,5 +1,5 @@
 tunnel: gauss-k8s
-credentials-file: /etc/cloudflared/creds/credentials.json
+credentials-file: /etc/cloudflared/credentials/credentials.json
 metrics: 0.0.0.0:2000
 no-autoupdate: true
 
@@ -7,23 +7,16 @@ warp-routing:
   enabled: true
 
 ingress:
-  - hostname: hello.euclid.stonegarden.dev
+  - hostname: hello.stonegarden.dev
     service: hello_world
   - hostname: proxmox.stonegarden.dev
     service: https://proxmox.proxmox.svc.cluster.local:443
-    #service: https://cilium-gateway-tls-passthrough.gateway.svc.cluster.local:443
     originRequest:
       originServerName: proxmox.stonegarden.dev
   - hostname: truenas.stonegarden.dev
-    #service: https://192.168.1.114:443
     service: https://truenas.truenas.svc.cluster.local:443
-    #service: https://cilium-gateway-tls-passthrough.gateway.svc.cluster.local:443
     originRequest:
       originServerName: truenas.stonegarden.dev
-  - hostname: "*.euclid.stonegarden.dev"
-    service: https://cilium-gateway-euclid.gateway.svc.cluster.local:443
-    originRequest:
-      originServerName: "*.euclid.stonegarden.dev"
   - hostname: "*.stonegarden.dev"
     service: https://cilium-gateway-stonegarden.gateway.svc.cluster.local:443
     originRequest:
diff --git a/k8s/infra/network/cloudflared/daemon-set.yaml b/k8s/infra/network/cloudflared/daemon-set.yaml
index c107d95..f33e6da 100644
--- a/k8s/infra/network/cloudflared/daemon-set.yaml
+++ b/k8s/infra/network/cloudflared/daemon-set.yaml
@@ -16,7 +16,7 @@ spec:
     spec:
       containers:
         - name: cloudflared
-          image: cloudflare/cloudflared:2024.6.1
+          image: cloudflare/cloudflared:2024.6.1 # renovate: docker=cloudflare/cloudflared
           imagePullPolicy: IfNotPresent
           args:
             - tunnel
@@ -37,17 +37,17 @@ spec:
             limits:
               memory: 512Mi
           volumeMounts:
-            - name: cloudflared-config
+            - name: config
               mountPath: /etc/cloudflared/config/config.yaml
-              subPath: cloudflared-config.yaml
-            - name: tunnel-credentials
-              mountPath: /etc/cloudflared/creds
+              subPath: config.yaml
+            - name: credentials
+              mountPath: /etc/cloudflared/credentials
               readOnly: true
       restartPolicy: Always
       volumes:
-        - name: cloudflared-config
+        - name: config
           configMap:
-            name: cloudflared-config
-        - name: tunnel-credentials
+            name: config
+        - name: credentials
           secret:
             secretName: tunnel-credentials
diff --git a/k8s/infra/network/cloudflared/kustomization.yaml b/k8s/infra/network/cloudflared/kustomization.yaml
index b51d1ad..0a32357 100644
--- a/k8s/infra/network/cloudflared/kustomization.yaml
+++ b/k8s/infra/network/cloudflared/kustomization.yaml
@@ -2,12 +2,12 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
 configMapGenerator:
-  - name: cloudflared-config
+  - name: config
     namespace: cloudflared
     files:
-      - cloudflared-config.yaml
+      - config.yaml
 
 resources:
   - ns.yaml
   - tunnel-credentials.yaml
-  - daemon-set.yaml
\ No newline at end of file
+  - daemon-set.yaml