chore(cloudflared): clean up cloudflared deployment

remove unused config and enable renovate

k8s/apps/external/haos/endpoint-slice.yaml

@@ -13,5 +13,5 @@ ports:
     port: 8123
 endpoints:
   - addresses:
-      - 192.168.1.27
+      - 192.168.1.186
     conditions: { } # https://github.com/argoproj/argo-cd/issues/15554

k8s/apps/external/proxmox/endpoint-slice.yaml

@@ -13,7 +13,7 @@ ports:
     port: 8006
 endpoints:
   - addresses:
-      - 192.168.1.42
-      - 192.168.1.52
-      - 192.168.1.62
+      - 192.168.1.42  # euclid
+      - 192.168.1.52  # cantor
+      - 192.168.1.62  # abel
     conditions: { } # https://github.com/argoproj/argo-cd/issues/15554

k8s/infra/network/cloudflared/config.yaml

@@ -1,5 +1,5 @@
 tunnel: gauss-k8s
-credentials-file: /etc/cloudflared/creds/credentials.json
+credentials-file: /etc/cloudflared/credentials/credentials.json
 metrics: 0.0.0.0:2000
 no-autoupdate: true
 
@@ -7,23 +7,16 @@ warp-routing:
   enabled: true
 
 ingress:
-  - hostname: hello.euclid.stonegarden.dev
+  - hostname: hello.stonegarden.dev
     service: hello_world
   - hostname: proxmox.stonegarden.dev
     service: https://proxmox.proxmox.svc.cluster.local:443
-    #service: https://cilium-gateway-tls-passthrough.gateway.svc.cluster.local:443
     originRequest:
       originServerName: proxmox.stonegarden.dev
   - hostname: truenas.stonegarden.dev
-    #service: https://192.168.1.114:443
     service: https://truenas.truenas.svc.cluster.local:443
-    #service: https://cilium-gateway-tls-passthrough.gateway.svc.cluster.local:443
     originRequest:
       originServerName: truenas.stonegarden.dev
-  - hostname: "*.euclid.stonegarden.dev"
-    service: https://cilium-gateway-euclid.gateway.svc.cluster.local:443
-    originRequest:
-      originServerName: "*.euclid.stonegarden.dev"
   - hostname: "*.stonegarden.dev"
     service: https://cilium-gateway-stonegarden.gateway.svc.cluster.local:443
     originRequest:

k8s/infra/network/cloudflared/daemon-set.yaml

@@ -16,7 +16,7 @@ spec:
     spec:
       containers:
         - name: cloudflared
-          image: cloudflare/cloudflared:2024.6.1
+          image: cloudflare/cloudflared:2024.6.1 # renovate: docker=cloudflare/cloudflared
           imagePullPolicy: IfNotPresent
           args:
             - tunnel
@@ -37,17 +37,17 @@ spec:
             limits:
               memory: 512Mi
           volumeMounts:
-            - name: cloudflared-config
+            - name: config
               mountPath: /etc/cloudflared/config/config.yaml
-              subPath: cloudflared-config.yaml
-            - name: tunnel-credentials
-              mountPath: /etc/cloudflared/creds
+              subPath: config.yaml
+            - name: credentials
+              mountPath: /etc/cloudflared/credentials
               readOnly: true
       restartPolicy: Always
       volumes:
-        - name: cloudflared-config
+        - name: config
           configMap:
-            name: cloudflared-config
-        - name: tunnel-credentials
+            name: config
+        - name: credentials
           secret:
             secretName: tunnel-credentials

k8s/infra/network/cloudflared/kustomization.yaml

@@ -2,10 +2,10 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
 configMapGenerator:
-  - name: cloudflared-config
+  - name: config
     namespace: cloudflared
     files:
-      - cloudflared-config.yaml
+      - config.yaml
 
 resources:
   - ns.yaml