issues
search
ThomasBuchinger
/
voodoo-gitops
Sinlge-Board-Computer Kubernetes Cluster using cloud-init + GitOps for Management
0
stars
0
forks
source link
Add Cert-Manager and Vault Improvements
#11
Closed
ThomasBuchinger
closed
2 years ago
ThomasBuchinger
commented
2 years ago
Remove unused Secrets after moving Vault from external to internal storage
Document how to rotate PublicKey for SealedSecrets
Add Cert-Manager with Cloudflare DNS challenge
Move Applications to HTTPS
Add ExternalSecrets ClusterSecretStore to move Secrets between Namespaces
Remove explicit dependencies between Flux Objects (faster, when dependency did not change, but fails when depencendy has a required change)
Move components that install CRDs to a common infra-resource
Tested on a fresh cluster
Drastically improve Vault Startup-Secrets
Add ability store Secrets in Vault on the fly, instead of Startup only
Vault no longer has a root-token, as it is not necessary with local backend and kubernetes auth