freezer/mareshq-gitops-legacy
Archived
1
0
Fork 0
Code Activity

feat(cherry): add vault

Browse source
This commit is contained in:
Vojtěch Mareš 2023-09-30 01:14:38 +02:00
parent a33a268714
commit 69efd24f0c
Signed by: vojtech.mares
GPG key ID: C6827B976F17240D
1 changed files with 89 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

89
clusters/cherry/apps/vault.yaml Normal file
View file

@ -0,0 +1,89 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cherry-vault
namespace: argocd
spec:
project: infrastructure
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true
destination:
server: https://kubernetes.default.svc
namespace: vault
source:
chart: vault
repoURL: https://charts.hetzner.cloud
targetRevision: 2.5.1
helm:
releaseName: vault
valuesObject:
global:
enabled: true
tlsDisable: false
injector:
enabled: true
resources:
requests:
memory: 256Mi
cpu: 250m
limits:
memory: 256Mi
cpu: 250m
server:
ingress:
enabled: true
ingressClassName: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
pathType: Prefix
tls:
- secretName: vault-tls
hosts:
- vault.mareshq.com
hosts:
- host: vault.mareshq.com
paths:
- /
resources:
requests:
memory: 512Mi
cpu: 400m
limits:
memory: 1Gi
cpu: 400m
readinessProbe:
enabled: true
path: "/v1/sys/health?standbyok=true&sealedcode=204&uninitcode=204"
livenessProbe:
enabled: true
path: "/v1/sys/health?standbyok=true"
initialDelaySeconds: 60
auditStorage:
enabled: true
size: 5Gi
dataStorage:
enabled: true
size: 5Gi
standalone:
enabled: false
ha:
enabled: true
replicas: 3
raft:
enabled: true
setNodeId: true
disruptionBudget:
enabled: true