chore(cloudflared): clean up cloudflared deployment

remove unused config and enable renovate
2025-11-04 03:47:45 +00:00 · 2024-08-13 21:37:51 +02:00
parent 11cba23ae2
commit 9de3a6ba0f
5 changed files with 17 additions and 24 deletions
--- a/k8s/apps/external/haos/endpoint-slice.yaml
+++ b/k8s/apps/external/haos/endpoint-slice.yaml
@@ -13,5 +13,5 @@ ports:
    port: 8123
 endpoints:
  - addresses:
-      - 192.168.1.27
+      - 192.168.1.186
    conditions: { } # https://github.com/argoproj/argo-cd/issues/15554
--- a/k8s/apps/external/proxmox/endpoint-slice.yaml
+++ b/k8s/apps/external/proxmox/endpoint-slice.yaml
@@ -13,7 +13,7 @@ ports:
    port: 8006
 endpoints:
  - addresses:
-      - 192.168.1.42
+      - 192.168.1.42  # euclid
-      - 192.168.1.52
+      - 192.168.1.52  # cantor
-      - 192.168.1.62
+      - 192.168.1.62  # abel
    conditions: { } # https://github.com/argoproj/argo-cd/issues/15554
--- a/k8s/infra/network/cloudflared/cloudflared-config.yaml
+++ b/k8s/infra/network/cloudflared/cloudflared-config.yaml
@@ -1,5 +1,5 @@
 tunnel: gauss-k8s
-credentials-file: /etc/cloudflared/creds/credentials.json
+credentials-file: /etc/cloudflared/credentials/credentials.json
 metrics: 0.0.0.0:2000
 no-autoupdate: true
@@ -7,23 +7,16 @@ warp-routing:
  enabled: true
 ingress:
-  - hostname: hello.euclid.stonegarden.dev
+  - hostname: hello.stonegarden.dev
    service: hello_world
  - hostname: proxmox.stonegarden.dev
    service: https://proxmox.proxmox.svc.cluster.local:443
    #service: https://cilium-gateway-tls-passthrough.gateway.svc.cluster.local:443
    originRequest:
      originServerName: proxmox.stonegarden.dev
  - hostname: truenas.stonegarden.dev
    #service: https://192.168.1.114:443
    service: https://truenas.truenas.svc.cluster.local:443
    #service: https://cilium-gateway-tls-passthrough.gateway.svc.cluster.local:443
    originRequest:
      originServerName: truenas.stonegarden.dev
  - hostname: "*.euclid.stonegarden.dev"
    service: https://cilium-gateway-euclid.gateway.svc.cluster.local:443
    originRequest:
      originServerName: "*.euclid.stonegarden.dev"
  - hostname: "*.stonegarden.dev"
    service: https://cilium-gateway-stonegarden.gateway.svc.cluster.local:443
    originRequest:
--- a/k8s/infra/network/cloudflared/daemon-set.yaml
+++ b/k8s/infra/network/cloudflared/daemon-set.yaml
@@ -16,7 +16,7 @@ spec:
    spec:
      containers:
        - name: cloudflared
-          image: cloudflare/cloudflared:2024.6.1
+          image: cloudflare/cloudflared:2024.6.1 # renovate: docker=cloudflare/cloudflared
          imagePullPolicy: IfNotPresent
          args:
            - tunnel
@@ -37,17 +37,17 @@ spec:
            limits:
              memory: 512Mi
          volumeMounts:
-            - name: cloudflared-config
+            - name: config
              mountPath: /etc/cloudflared/config/config.yaml
-              subPath: cloudflared-config.yaml
+              subPath: config.yaml
-            - name: tunnel-credentials
+            - name: credentials
-              mountPath: /etc/cloudflared/creds
+              mountPath: /etc/cloudflared/credentials
              readOnly: true
      restartPolicy: Always
      volumes:
-        - name: cloudflared-config
+        - name: config
          configMap:
-            name: cloudflared-config
+            name: config
-        - name: tunnel-credentials
+        - name: credentials
          secret:
            secretName: tunnel-credentials
--- a/k8s/infra/network/cloudflared/kustomization.yaml
+++ b/k8s/infra/network/cloudflared/kustomization.yaml
@@ -2,12 +2,12 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 configMapGenerator:
-  - name: cloudflared-config
+  - name: config
    namespace: cloudflared
    files:
-      - cloudflared-config.yaml
+      - config.yaml
 resources:
  - ns.yaml
  - tunnel-credentials.yaml
-  - daemon-set.yaml
+  - daemon-set.yaml