Skip to content

Commit

Permalink
Tailscale podSecurity
Browse files Browse the repository at this point in the history
  • Loading branch information
@itconstruct
itconstruct committed Nov 19, 2024
1 parent 84141b4 commit c893788
Show file tree
Hide file tree
Showing 5 changed files with 149 additions and 150 deletions.
112 changes: 56 additions & 56 deletions clusters/main/clusterenv.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,52 +1,52 @@
#ENC[AES256_GCM,data:rakEJPmSElBQ2HJNg+Nd9G41GRBY4y7AqMAqrvYuT+WISIu3hz+XFK3dcstoIi633CgW/u5gexwU083sQMn0n7I=,iv:GvrdaWI2N0XNkVuB43bZ88QvEC/ufMJcTiKLMGgA5uo=,tag:TrfvLjOi3cHO6J/UJqpE4A==,type:comment]
#ENC[AES256_GCM,data:nblFXfgt8ZqQRC5FVyvCJ18JVQF1V8jL9aUxbxd8zGrzOpzd9ZXEiJ0LjoY=,iv:zOIGqb39qP3ALWx/1t2oUKGanVlXU0XtuJzrPMAsvb0=,tag:2Y1Pt4EdIsISvGrULfzGzw==,type:comment]
VIP: ENC[AES256_GCM,data:C4FaNReY0pdNU8krBQ==,iv:DMdgROpVAAwndWI/yD3E4aRANmKIOGHz4nzOiR1Qjyw=,tag:boEn2GYRpzEtyqoio7UV3Q==,type:str]
#ENC[AES256_GCM,data:a9Kc6QW3Vl8Nuy4P385/Rh6uTgm4Y2cVTm88,iv:mJq+DsDp8UhIKEHOW09b9cgbm+tM2P2CoWww9l+O7Ik=,tag:g0IIRjK7mA+wGVwVhdVvDQ==,type:comment]
#ENC[AES256_GCM,data:H1UJpA2u25z7SKdcd8Mlbgh0NvYJuVdnXW6If3Grril1Co92DV1qYp7cP5BXCHFOu5YUx4WwaeEdq1AoyBh4aavlnqLeqIQiuijFiufkCs+GEwMv4Y1ul8I=,iv:/cpUIla6CdnIMyAWsqvOdMOXNx58dgX/RFkdUHgTsYg=,tag:mLeUvS19EqVoXHGcIw/uhA==,type:comment]
MASTER1IP: ENC[AES256_GCM,data:IB2oTz+nrP39F5sbBA==,iv:Pci+V5xAwAVLHbk0IOaYBxQ24HZu1KHKswmaNMPi/eE=,tag:9px946BoJSkYMlqmABZl5w==,type:str]
#ENC[AES256_GCM,data:PvklefGEAZKwlPQWddObNDy7p+oIfYlP6SJs57dDRyNhFA==,iv:Kp2YTXwzvvM+qiN2ZLx3rjF0pJrwDsPHQNvzRy3/AUs=,tag:HeF66DIbeXOliu5Cm6Ye7g==,type:comment]
GATEWAY: ENC[AES256_GCM,data:L/isE7WYNgyeco4=,iv:F1QZ4E/fMmnrjDrAevU85gag3+DoaKgACTbVOJpczwQ=,tag:hFV0jF7Ae4aAUCR/pxNDog==,type:str]
#ENC[AES256_GCM,data:PFRwY9Su5Il0C33r0GFCbpmESqlKzp5hX3APoZAJnKy8g4ESQa0a4yqcCl/rV7A=,iv:oEMp3zcO4oPav7DPCgJb3H3wJ4lCkJBG3+/5yGS39QE=,tag:4A+2bIR7VgVoPB3Q6IICYQ==,type:comment]
METALLB_RANGE: ENC[AES256_GCM,data:ewhhd/41pTiJfmMcImYYYioAockFuK9gkGPO,iv:2CwYifD2iuoK9RqyV9+9DH2dzm19k9AZ4T1nu5nvCnY=,tag:eZuBW9lAXI+ieaxHOzt1uA==,type:str]
#ENC[AES256_GCM,data:lnqOcbIV9ehO5JlO034fwDEZI127srgGdAdz/alUviZ8mYIOUPtsD9jXoilzvNwU5PQHaqOk+Aj0ItG5xxMPzYdl5mo1EtU1XUN++2fClUZ0Pw==,iv:lJlGIdyPDsTM3RI3wH8xlYTY56Waw+5neRIj+aQe5Ak=,tag:RYTmdOpUrCi7KZopaoKnsQ==,type:comment]
TRAEFIK_IP: ENC[AES256_GCM,data:CvPvXrJbgBRum3DC7Q==,iv:Z0J0fP6N9LiS8ptjHveXJD9I/yo7+LzK53AGRm5goZM=,tag:SmV8y/QkbK2Fi1whkBzyrw==,type:str]
#ENC[AES256_GCM,data:RxHqZuTYoRtwFHSd+QJVbxOyr5NKcqJ7zJSIahfLtdaf,iv:AS577bXqdpAh6Mkn0N1DAweonzrKo/+vGfujRGfF8e4=,tag:uz4zrST1zTkv2patQtT8NQ==,type:comment]
BLOCKY_IP: ENC[AES256_GCM,data:s+sExcmFMzfSpRy46Q==,iv:Qsk5iQMrpVmI+fpxO5SfrqqJlsUfAUE8bV5FWGYVr1g=,tag:KAb244pUd5LFPjRLc1/L/Q==,type:str]
#ENC[AES256_GCM,data:KjbojmqA6ZCwR0m2M0JO6oDOHKCgn36rHfyDiM/96ZUHh4ZhVzdRYTDOeNw6Oa0FXHYWQNK81ufO6Gr9bhZ/XVauEZ9AhZNZOqSbV7fTT/U=,iv:nSkTmmcsY7SUcgwxY2IPBUDtsu6thw7RfcTbEkz2oz0=,tag:AdlR//s57nx6U+bAjHB8dA==,type:comment]
DASHBOARD_IP: ENC[AES256_GCM,data:46iSJ6Bm+3UTRl2Sag==,iv:+VLM80UwGUV//W/zpY/PmnYnrLGIKg/KIxLVYBRaK3w=,tag:qMPrqAH0Pdr1kRXI/c80QA==,type:str]
#ENC[AES256_GCM,data:mqDx+0NN8DqYbhv0Bsjc9jcmPqDgijtI,iv:zEv0ZiyPPa0/p+W8SX/WDBshV8zLHLcSWSZHqxoppZ8=,tag:O7nsPLitfCM5TImyUxPmhA==,type:comment]
LIBRESPEED_IP: ENC[AES256_GCM,data:mtQMnsjxeaGvU5at9A==,iv:gLJws0VRh0rUUB8h4RA8Kgd316P1FqFY8FnOGHAwi+I=,tag:J5tlvowRGhLrI7uCq7eLJw==,type:str]
#ENC[AES256_GCM,data:q10p4IiGl9feS4eSrWu8pgf3GFA=,iv:YYIYDmZRJZ6+nW5CvPj+AdY1XMrwQOsQ29sktrdDc58=,tag:sSnBqgDZZSbjA3V1JqH0cA==,type:comment]
METUBE_IP: ENC[AES256_GCM,data:9hC8kQ3sbtW7G+Cl0Q==,iv:rGIXCBx733EMtCt1dyaIIPwe/bgyjgyFqeGJvYLuUwk=,tag:eIi86h18IkubD8IbJLQx0g==,type:str]
#ENC[AES256_GCM,data:0IIwsvcHeSYijsDSbGUVvr1HvMU1aPY8L9N4345npKpckxK7ZmWGL/rI7HsaEd0VLtidM1yhi8Y=,iv:1vsQP5WbYC8U43gRlp1iAiK8bNOPK9ftl0PEp9P3dWk=,tag:CtzJJXAjq9WW7NUuWhBmBw==,type:comment]
#ENC[AES256_GCM,data:vrVpI88v44Q6hmqOyF630ypQi79YGnH2VQ==,iv:feb9qivE+W4bhUMX6jUfQHVqcQLBh+maWpbezrrKy+4=,tag:jKTlqsUnkmXEwpPiqQknYw==,type:comment]
#ENC[AES256_GCM,data:0tw5nTih7wRTdoB1EOwqgy13L/xphQRVMl0lv3dWP5iebuxY/ervFzen2zy75Jh9t3putX8H8RfqJaQtRUvkNumxAAxi5gtW3FBFG/4=,iv:0QLNRQAwfOJNkZf1bblGUB3CjC3VItqKcxVbR2VIGn0=,tag:X/KPh4O3cA0sFIbEZsvQKA==,type:comment]
#ENC[AES256_GCM,data:8WxTBhhJr0+C/jNEkh2UzAXxzbu1HYcMfpbwwln4Fnt27BXMAwwtkC8JjjliIzIQ5vzyXxHFhBJ2IwCAaB4kQHLgPw6xTsKBm7PxOCiysNZSoQjSA8SF,iv:DydJTVtV+jvaIYfbyknPhPC20kaUaezYRfr2/48de/8=,tag:85MPiBymI9ZqfbRQrmIsaA==,type:comment]
#ENC[AES256_GCM,data:J65yYgSTspnuFRSyuhUhMwQRXD4J5kZxTTj/xRlbA8EXG/O+cr+RWGGqyNr3JJxcaNo8SMmnGkryZowRq4+Jj01jZ80jsV0vmBZa/ngNHoG5FSxvNpG1ML5URekEfrETBMvkCtT72k8HVCt8Pto30DyYSp06gRmf3i9mDw==,iv:MaQh27e4MH08muizZ6PXknndrhqeRb5JqdvvIEc+9Us=,tag:i8UMSAmNyt9G9XM2QqIQ+A==,type:comment]
#ENC[AES256_GCM,data:E2YrB9MTN3oDaDBW604vJvhExL1wqmmmlbC0bUMCW+UZ+DdVrhVm3G4nW0IHFtbnib7z2OXuaT+rYbFJiWatwmoNH/nVTA4MEUBq2SoGVcU=,iv:4B0GylIqCQHHEZiSAwgefYBy1jWHX8XGnActI5j37jA=,tag:XNQwlAv6c9lVKQZphroDTg==,type:comment]
#ENC[AES256_GCM,data:yYRKdcVG0iZ1rh45qQXn1TRRTKqVQvPYL65ysQPNdwQ7G7GCaK0cpZPhszRORPeDyL2jisas,iv:MLBjBc4pzlpKOQcMzlGarCopdwL7L4fqofLHHN4UeNg=,tag:qwLcPV6nZ0t9kQcePOImeQ==,type:comment]
DOMAIN_0: ENC[AES256_GCM,data:pR3m9C43xeN+kogwyP2V5mvz,iv:d2Oa5cFpTNSpuwB+5UTh3Maymu9pjLyjPN4jytbanGc=,tag:YqnkfzmHyLy/U2MmFekAvg==,type:str]
DOMAIN_0_EMAIL: ENC[AES256_GCM,data:Ep2F6vUE95A4SQ8+oVB5r2iBI5vp24Fc,iv:VgRCzFfk6DXl+pXCp//298VbSif2F5CApv9rFoUB5IU=,tag:gRJSoxP2seK2vGogtgsTHQ==,type:str]
DOMAIN_0_CLOUDFLARE_TOKEN: ENC[AES256_GCM,data:2/5NTHvEUEQ4VXIwItEzc1G4SlEXOqBPfTr8fY+jQlt94fBf5OQJow==,iv:kSra9qTDMeO/wXEzQ9y8u8FL66fcTP1bhtqhxJiHC5c=,tag:6eyEibXBFIjj9iVcw1JblA==,type:str]
#ENC[AES256_GCM,data:HcAsZZmiUS9mpl92zl7ntN+G5Ea8w315icLE7Oon5NDxqi0gzYVhebC2qHj31yAMaw+L2KGhj+8=,iv:WGQAF3p9LpS6xVcjv84WM9BO0BenLIk449DK9FZyunU=,tag:STSkVB+EBxO83hmKYYtaVQ==,type:comment]
#ENC[AES256_GCM,data:91EqrWt4KMPxKbIrOJbmbK6SPF9AE3eCtw==,iv:n3O7Bmj+C3YIi8i8TY2GMbPTLmdS1+jakH3rWik+FnU=,tag:l2eJcSiqCwMxE8Nvi95Xng==,type:comment]
#ENC[AES256_GCM,data:2fvONJ8Nqc6JIXHjQiDD8C69h7B4TQ3pDXPlkyy+7zabdvcltc9gp4wO0E1BI5fBaavwjKcZWOAqR3O4L+8KVBXSeSP+zsIPUFJGfQQ=,iv:zjvcVNMr6pgIH6xAauRy3gTXZjOxgsODCYj286dtMKQ=,tag:hlcwKbqpljTX3nf/Y+Gu4w==,type:comment]
GITHUB_REPOSITORY: ENC[AES256_GCM,data:3o7RPciHpRhW601cfdceUp/SSFZWyVUVwieIbgv651Um0aA8yh0uS4HQfnw=,iv:/gMyyvE3Z9sUMSOFdWDOwmvS9RIKGf+YStLpeWU605A=,tag:vKvxPvpWnRlFOChW0l4x7w==,type:str]
#ENC[AES256_GCM,data:Q+u2yJrnfqcRGzTWG5smHR6apjbN3D6Um82E0xJ32aTC8tgv8b2JP7APKnwCW0wBQFMgCZgw0kHJEvUQHq9viIDe2/WT0P0=,iv:F8YAWVfVj6f3E74fBaxqTTZbgCGe/WnO7jF0ByDIC9Q=,tag:o7e7SAs+1i457uYuPpTCBw==,type:comment]
#ENC[AES256_GCM,data:UuAyhp9Tnn5iQpyoeDLUs8mVYjkym63M6UVtUwAdzyyRPdTQTjPFSTwsgnb5JMZdiPAWk38F,iv:9CMP9reFdbbg9Fn494DoDBv4oGgOML16yMB4ZpUECyM=,tag:e0nytFArrFVkEjW+De8egg==,type:comment]
DOCKERHUB_USER: ENC[AES256_GCM,data:l3c90R2IJ9sf00U=,iv:Ho+1ae/lU7jLLhXCGHQGQVqDG1jB2nI3lcjhjUF16Rc=,tag:rAFUjtaEUcUByGIwf0Gl8Q==,type:str]
DOCKERHUB_PASSWORD: ENC[AES256_GCM,data:wIylJ/r7/5cuPKqP213DbuuWlQ==,iv:7NGiQodZnGW88/TjaH/yCsKGXudXXPcuYfzGP8DoWx8=,tag:7NTtyafBFP9LUxEgzVUmKQ==,type:str]
BASE_DOMAIN: ENC[AES256_GCM,data:J/Hu3hwj4Yj/pc6XB3zRNeb6,iv:TKHca6Exh5/lImpUUG+ayML3y8QqycEi8eKWQ8d1Z0k=,tag:jlHGGJMxSfbT9ur3DlVNcg==,type:str]
S3KEY: ENC[AES256_GCM,data:DYs1wf30My1MTd3r4DUamMGJdF4HtAB79vGVreMZxw==,iv:XHeRQPffUGvNkld5YHzPH4VRqmmCzQ9VEoudRHDXI3Y=,tag:Nz5+r9829YtcaTI/jZPQ5Q==,type:str]
S3ID: ENC[AES256_GCM,data:olPa/MgW3w78LOzWZZhVaLzY1nzsoIazQg==,iv:sk/hvtltvngQz1Qf4Y8TOFqLvxkg3j1hGnMd99AvPIE=,tag:8fN4XuGn4/3He2s9BXXpqw==,type:str]
S3NAME: ENC[AES256_GCM,data:Q9s=,iv:bmsiAOYzWfIiplj/2SvogQ9S2CeV9YLCoTawki7kPCQ=,tag:L6f3EbsB7upVb/MPCZbA5w==,type:str]
S3URL: ENC[AES256_GCM,data:+BBrBPuc8cDCRWxAmHL4UywrpRlfNXs6zePvj7PEulkZHid2znI=,iv:yRo5ZtO50yh9Hj0PGxneqGoGekk2qIFHzeekJ4qgDKA=,tag:WCIQf2Lz6rGNwq0kME5K6Q==,type:str]
S3PREFIX: ENC[AES256_GCM,data:FPPUKk0H,iv:Mn7Assuv7PyI8t7+ghxGnz0NNPhPq3FcieVwo4fNLp0=,tag:zcSaY1zIkPza4t0YaCEz4g==,type:str]
#ENC[AES256_GCM,data:738azCDCl7ufycn7hVm5ls23,iv:s7ODfzm04/hE7z+x+erVD/BG8Do2iFfGr0C/kyHIXfk=,tag:iPSsj4gMbSTfcUtimcp/pA==,type:comment]
TAILSCALE_AUTHKEY: ENC[AES256_GCM,data:unyIV1IYn1AIU45sH0+5nY12J7N+7oRCykJd9cgmo0HuwzWL1vEwo7n725KVeOXiXABluwtYaiW6gCXY9CM=,iv:0WknXJhblRQtZxrLxJcqNQZbakchPtPK+oWlWLTKHUY=,tag:KGHvG0CsXodZ1L5JuAoAPQ==,type:str]
#ENC[AES256_GCM,data:N8uSVMOPVJkB6Vvo0mc=,iv:K2Y9z8+PniXYhUJNrTM06xYGLkVZxe/0vOxfnK6vgxM=,tag:4ZDHU4EGYRlTu/ZpWiYzxg==,type:comment]
PODNET: ENC[AES256_GCM,data:F6qmwZIQ0Tr8bOfWZA==,iv:6Uq+6rxphwcSOpIFp34PETz4SbLXCMvvrNGAqIKdQmQ=,tag:+qjJFPIajJR5FgQUiY+yig==,type:str]
SVCNET: ENC[AES256_GCM,data:3TNf28AunguEFhWYGw==,iv:mF9CAKSLKsQ3IRmVZm0ce6WMlTHUqg7Z/mgI0cT2uV0=,tag:Mc9o7KG7y8W3JZrKUAxbBA==,type:str]
#ENC[AES256_GCM,data:vx5aXZULDCteKzjKloN1wYV9pyRSVrKNMbyH/165PJekfvZqhRUCfeLeb14cO95XW/06FMsJbYDptIwFLXzZbVk=,iv:Duya0hYuy6dJ+s2rRKBr4elsZ57g/B06VjxbhkpZCgM=,tag:35FZDIoyfsp74lUzkmN5TQ==,type:comment]
#ENC[AES256_GCM,data:0pKHWyg3JZc2pXeFUWsh8RHVsi+G4I+84jnk7hFGCQfe316SlA8KCa4Msyw=,iv:yqnmMZpX1bA8PXCveMtM2mcJYRfbWX8tU1Y5cJtiRBY=,tag:sQJfPM2ySZjNfYZ//HgCQQ==,type:comment]
VIP: ENC[AES256_GCM,data:94/1SINQaaIgCne3zA==,iv:vOUwaDtmkLmXsuIV4EsRLbDSwcOt26brZtTqAuFxrVA=,tag:t6Q+cddvjzpKi0QuGR4Jdg==,type:str]
#ENC[AES256_GCM,data:CaLadsrVqFKh59IbP4GraRLpJg0O6MN9tRZu,iv:1sFLk3W20Weab0tfQOdwBANjz9ulWwLOf3+xWINQpOE=,tag:CuHmNpPppdoAtMGJJN1VqA==,type:comment]
#ENC[AES256_GCM,data:cxWOjWeNd6UOXBjXP4eQpK1o7FKKN0ylmRRgxND0u+AOhjBpsAh3ZmL2KQyhE9nEA2iwV40xxlJuwNIBIzsLZZwhqrAS9aMFHSBB9cUwri7CJYkF2ihLpjk=,iv:cONKU5PKg2yqeK5kNWOzDuwnMTSZxurMiUyQ/tgF9i8=,tag:rkNtxrRi5raLj6TQSimFfw==,type:comment]
MASTER1IP: ENC[AES256_GCM,data:6p/OCUFY7hM1ImloOw==,iv:jrOLIeEcZFVU5wiEoh2ucteubmREoe9PGpGf21lbcEA=,tag:F5XLGWskMbloe8TBXo+Eyg==,type:str]
#ENC[AES256_GCM,data:VxaEjubudnVoBp2GnxKcQ8K6O3yZGAS/mB+EO3WbYyhzuQ==,iv:FixOV7lDsomULgT/9M4TCoR25i64vuInYKV2IbJ3/uU=,tag:lMW0qDB6qr8IoufmKOMwIQ==,type:comment]
GATEWAY: ENC[AES256_GCM,data:HkXyA1Wc2bthk0M=,iv:oi8k+wIk/2EN/HlGR1hhSQy6NUHVhnPhw9XB5CKDH/M=,tag:M+/4HNt8utMLDERThE2MiA==,type:str]
#ENC[AES256_GCM,data:+m85kUKeVCOfqYabzRcSDnfUqHHKeFGj7PLs5/i3mF8SQlgAtNA4z418fSkmI+o=,iv:9MVgteab6i5OAYaToMtSOo3enjPLJlUDejmGNQOhbUc=,tag:/9XRXv1QkARXEXGGChk+4Q==,type:comment]
METALLB_RANGE: ENC[AES256_GCM,data:K701T6qQvmIpHm91s02MgD6W2R70IzriteyL,iv:mK0ikVSY3z//3aYH7v+qpvNPOAiYLlt3YkKANroCVI0=,tag:caMDIhcT+zd7g9IvmnEt2A==,type:str]
#ENC[AES256_GCM,data:UdgkehvoJiEjvHP/ECOMV4N94BraDRV1ed6/WEpVPzqx0JqaiEusv8+9LloVf12BIAVD/+JCwvYc71YQLCJKXUuLow8JM6Fo1RrNjhlSwbmoBQ==,iv:/p9kKl31SD6ouYB5tad7qFWBy1hOYMLvP1GOz4rCC3E=,tag:iqkWML7ex1M7HGoPWGGF0A==,type:comment]
TRAEFIK_IP: ENC[AES256_GCM,data:c7kgC0jgKwPvtxQUiw==,iv:mwRi9onJJQLnw372aiP26GYZ6HXUC7NauKsHFFDgSXA=,tag:RvFYVFIKVqPVEfr5U6rL6w==,type:str]
#ENC[AES256_GCM,data:GDCAgkChk6Ivaxkc6wOcB0X6mf7xehLChLs7sg4ey2sl,iv:V4W/qm1AP5oE+F1SMpQ05CcFEWqDoklEEjL6tBQguoc=,tag:2MCl0V2USPmaVcZjMAF7hA==,type:comment]
BLOCKY_IP: ENC[AES256_GCM,data:70PpfS7CRAPbeuKFRw==,iv:YpYmpWWXTcTkvPe03BlKz23guwssDBZ8kF07smTbdIY=,tag:X1dqETZU9TqUwl83XEO0cw==,type:str]
#ENC[AES256_GCM,data:9DE/hETkRFknCXhKPRG6VlI81eFVfzh2dmADj9vaVyTADI6khtlc+eeY9L3VV0huLBVQDQy9YZuvM/NZO4qkhIYqruL+g3ZkxcdiSUMNy1U=,iv:8PN8Gpggm/03z8N8Km0JjeLiO6c2odRyuHZ7oWZylZk=,tag:la+6rTbgn/cO0BL1A4atNw==,type:comment]
DASHBOARD_IP: ENC[AES256_GCM,data:Bok3ncYQSxv8AD+I0A==,iv:nsPMZdRXZX4LmHAz1Clx9eTY5vlZVkgSgh1ROCvI+us=,tag:HPyDyZmV8S1TjUZMjc9Lyg==,type:str]
#ENC[AES256_GCM,data:lWcMnA2qzWgG0AsDvjUoIwTIfq7bYj1Y,iv:Hyqmujsh00a3h6PSfGF1RKw6wA25qPvpU/x/Mszzs8w=,tag:rSJkuNYkz1QePLctpkhSrg==,type:comment]
LIBRESPEED_IP: ENC[AES256_GCM,data:6Zcs+DhXM0D2uYmZ9Q==,iv:SBuxDYnBmkjz9948t/9ZFw4euz4KeDDSNCAVtbCs5tQ=,tag:GuqS1gQBrxPRVcCoX7RI+g==,type:str]
#ENC[AES256_GCM,data:uDzuuj5l7c6ZmEFPGAFtdEoJ5L8=,iv:GqON5k/g58owmmog9j5HplnwV0aXjXpmup+yXtoTK14=,tag:vJhvD4yhiJSEm0PrjtPGkg==,type:comment]
METUBE_IP: ENC[AES256_GCM,data:sGRUgRtLh7Hme0DQTw==,iv:ECBT3nvs9aEgHz8fBOUILnbNOtGIjXP+33j0XDaeORI=,tag:w09qzL1+4dmUFd3kIn7EFQ==,type:str]
#ENC[AES256_GCM,data:pHWxZOR/mWpf9UWH15hhlRgT5PRyVwwneeAtV2ah1ZO6GZ7rGojG2tmefTn19/bGdQofsJ/spaQ=,iv:irPG/71M9vljucF6k1Xr6i9JbCSD4B/sFciOqOv6BfA=,tag:CCDKi9AJ2HeuNMNlj0f4Rg==,type:comment]
#ENC[AES256_GCM,data:Io6/PCS3zwg55uEY9aj0oMHpTcljWxHpng==,iv:DIhNqk2KL6g1LD4tkgdAZQcNvkkmb8yuIJJWXw4a1v0=,tag:Ds3QUoYMievlO2eS3Rgkfw==,type:comment]
#ENC[AES256_GCM,data:4p1h/iGJHE9oKTJ7akbyTz+w9tDNpjsvVlbVm+dZMOi9Qu/oQF+Ovu7vjmoCelqUAuiKUsy9fB/XCj2jMTvm+jsLZITJyZA0ZpAjbMs=,iv:KzOs96y4Vvx8tUlp2W8CdrJTAv0WMYNXYY812sl4VPs=,tag:/RInyc49DkUd64khypLukg==,type:comment]
#ENC[AES256_GCM,data:HPanj9BpyZhxgWc2fHZG1LioFydVLcyCt1DwZg5NIs1QlL1V0RftmZkY3oETMXGp8PPJbhqaXgtsJAA8my6tynX7RpVuI5eY0lGBQN+ILrPAfnvbJZRu,iv:9Lf8X608eoYhWkU0CP6aV+jCTGQB926XCNylghbTfT4=,tag:Uu898KDz/m4MKHSFp5wc6A==,type:comment]
#ENC[AES256_GCM,data:cu8s0y35iYD2JN0C9edd6cMWgePx++ZoeNYiOXu1/0ULdRWKgK9PMooUUEDxGBkVb2VnJIFom2hzHOnv6mBt1xFP0u6qJBZ7dJe7x8IIXybD3aQe+7eDIRfQhY061Fb2xyD+4V3Pp5bOhY21u9ORlQ9W08x74qt6ZLAnVg==,iv:8RoRvUKtrt6g+vkzyOMq11gZ4dyw0yIup4qKimvF3XU=,tag:LnsJ9rbWMkBZ2VBCdHZkcw==,type:comment]
#ENC[AES256_GCM,data:YMQ165c4N6RaVOcKfg1xP0ur7XudV7wGhu9OSi9uJ5Yzndu4f6BS2S1h7OxRLIS8KKVubm9fMbmecwtczS69wmp6xHBH/uf8bWfSzrTQND0=,iv:gRiAuF16//xhb0XHDe+3oVsHx1s/c9xteP7ldF7YIIY=,tag:vEqqMQKUub1AXsBcZHT37w==,type:comment]
#ENC[AES256_GCM,data:9DX+7I7D3S0JXLgNnwqIWZbvZNYCS4NZi8ZUDva2QBZVoUFDNpvt8d52c6p+ovoTmt+VvudV,iv:T2D1MLeb0jiOZ9Jy7vvlEY9rcRFukCSHQqh7MSo9NuI=,tag:dmv/RjpUwg5/i0MbfhUbLQ==,type:comment]
DOMAIN_0: ENC[AES256_GCM,data:5MsUGWr0jFShz44KU8tGduk1,iv:McJKE8gvSMgfWI1KPu1QR89BqJwYMmzixrNaSAhHswo=,tag:BPMoKdB1/Lo0qRs14Oj3uQ==,type:str]
DOMAIN_0_EMAIL: ENC[AES256_GCM,data:WMI3i2X/HsAVyiRb3Pao976TZgXUS+3A,iv:imo2PLJDmXDUTify+7s3R2eS76umoHjgPTpPPSlCi4w=,tag:COzbCf0jDlcTuyps0LLQHA==,type:str]
DOMAIN_0_CLOUDFLARE_TOKEN: ENC[AES256_GCM,data:MTKmgfnsvT0fRvBqImDPWopfUNcwL4IlJ2Usd1vjZGNxaRf+UYLiRw==,iv:PLHffQUJYRgmIattivHtrf3GDxKaoNxT1jZHYPaNtwI=,tag:WbyIwD9UNKKeVLRQ7VdEYQ==,type:str]
#ENC[AES256_GCM,data:Gj4+oRtBVI7Oiz8RUYrUgIFoiEpdyRCMxGz4HYkdHaR/uKXdmFj0ky036dT4zD96uvplzf7eo0w=,iv:yJ4wNLi7N6TDOc6dt/GdxZrCkWyrRE2KZSKb6qh8vgE=,tag:HJP3QBY33V39J83TyoYcfw==,type:comment]
#ENC[AES256_GCM,data:3VuCJdRDDwkHMgGFbV3cnEDcY5jssUzuwg==,iv:VairtekgshjjPa/t5hmgZdiWlEucev9gPa/J8def/VA=,tag:JMPSSRetMHtCkGqGBt3Atg==,type:comment]
#ENC[AES256_GCM,data:AGRFtiuqKYT786bTYPFzx5wRtupz55v8iTA4isM6DSj/uG9BYrmyLX6AJqvp1z9AlkpqJD4yOvPaQtS1GzvNiWW7v7vUwiVBqN3Qsv4=,iv:Mh37D/mAZfLAa22WTwn9RbdWGmDsR1Ue+mBdyUmArj4=,tag:svZUT4+/8wP98Ji1lfp2iQ==,type:comment]
GITHUB_REPOSITORY: ENC[AES256_GCM,data:Hg9f1SNFB7qvdtRhhQdWskEkmBivq/knmJxjtsB9GIGftJXFp+FvYBDPEwI=,iv:OcJMrqaFPCd3NbJJwE1NOf2DoWW2kCjfyXcYG7DDPoU=,tag:ZIrj4ripCyi15GPkwUbzsQ==,type:str]
#ENC[AES256_GCM,data:+pIzj54frpqFoWfG4sScGiIoy2r4umnf+2OWJc5UmafpB1ixhY1pPKxFCuV/X3ay3YuvH0yrJGbkBrxFFvA7r+6oAUbGNlA=,iv:XCwJoIHQNySRcjQzW+d2JDKyf/7ndSn3IllMTbnNvM4=,tag:oY3lrqmd0b8y5YragTTP5w==,type:comment]
#ENC[AES256_GCM,data:gCSs7/u7Tfn7tHzaU/l82rVaPepgujprXU3RVDX33iVSiExSxbquoGK9jdeq8MCCbOPBSu0B,iv:ZiiWRe80wyr6RtWtkj6Yk8GL5JBUc7gS9CeP3kgdjkA=,tag:VNjuTLcVW9JSK9q4zj4FzQ==,type:comment]
DOCKERHUB_USER: ENC[AES256_GCM,data:W+MzUHVU52D+7OU=,iv:CJGJZ+MDe0V0/4Al6Nv/tgnPLUSRy0gOwgTyHveB9bs=,tag:PGRM4QRUVByMKySoMH7Wyw==,type:str]
DOCKERHUB_PASSWORD: ENC[AES256_GCM,data:KWr40kerz/kuuAKD/hUvL9qnqA==,iv:Ehzd2Wo/n6Xo0NpArY6/3QMASoBpwifzct9dk1b41EM=,tag:ZzrcxnJmSeJ00gnffKlNTg==,type:str]
BASE_DOMAIN: ENC[AES256_GCM,data:Ci3NA0rOGXy9NHsiQmIU3g6+,iv:nT7YwznftV1Qtr+i0MaMdxsX6OccQSclvyWVco0l6uA=,tag:lfDrzdxiSCU1R3E+uv+bZw==,type:str]
S3KEY: ENC[AES256_GCM,data:MUwo6r8KnXPhal4ltGKmD9jmJ5HPtti7erI3bVi0eg==,iv:IyDqrXMZsKVrZgfi3WrpvNBvAt7toJk6Kp3P7EaUYUc=,tag:VJjBpDjgl3/ScTtdFZcCgg==,type:str]
S3ID: ENC[AES256_GCM,data:VIxd8G+nYXE4ZECuwv6laNOv9LSXpBKMHg==,iv:VegOp2XriKpkRAJMOYFCCN+laISRqx0XDsW3OP+xBHc=,tag:nuRjNox+g23A8Z8YrHcZFg==,type:str]
S3NAME: ENC[AES256_GCM,data:djk=,iv:Fc4/uEKZC7KR2eSPkuEWwx91a+y/B6Te/bAN0GOLEw0=,tag:Z/hwG1FWq5S9tLj8YNYG3g==,type:str]
S3URL: ENC[AES256_GCM,data:rMXR4OTxu6+JgE696K0p/kAO8JadRNDpGfvwKS810jnvc7V/vow=,iv:0QQpWWCZt8coRgdlraLL3Mo5KGIDmgjm8m4Xwy/9E5E=,tag:NKsKcO07QorsfK3cRPbwOQ==,type:str]
S3PREFIX: ENC[AES256_GCM,data:lxfa9wcA,iv:tBhIodQuxGZt400tAc3IVG1mkbHGAgqeu42TbqCImT8=,tag:rUPrYvYrCprROUS4kSc4gQ==,type:str]
#ENC[AES256_GCM,data:+Wtw/v1lVJwPfhRfMoX6Q3BQ,iv:I/9gUjTo1m5OgJYICgKMCL23zLk40diezQ+zWVpY+1s=,tag:04VGDcGCBEz88IEifJthuQ==,type:comment]
TAILSCALE_AUTHKEY: ENC[AES256_GCM,data:XjwRGwnhbgug/nu/Aw3Ai2W8WtKpA4OMOWpRjEVtnZgiYAlECjf2yrvH2eSsiu1Y1U5Q7UYAXr+LjQGxVzM=,iv:OzroQ29aBW0XUJlnTBnr9jJoiv8xmxLp+vld37CT+08=,tag:IYklODqMFWx6Nu4REjp2hg==,type:str]
#ENC[AES256_GCM,data:fDy/D1b0zLYrE/pp25M=,iv:dRZmsvfez6Zg8X+tw/Vs+VDtes4i/eL8PzjOm6Yg9sw=,tag:emA275jeBckJX0o4kSIr5Q==,type:comment]
PODNET: ENC[AES256_GCM,data:jx3yJ/gWEbnAuIGJog==,iv:bHjjmuNbBHrP6afv2dtXiJ9R8sdxWE4ffLCR9xM8WNI=,tag:B1V1Ldow/70GZbAX+yre4w==,type:str]
SVCNET: ENC[AES256_GCM,data:pWR51hXgSPxb6r8m7Q==,iv:oCz0qcaidVwWM/y++EPbBUOsX1uFp1LE+TkhylW57jw=,tag:mnj9QDkDx6bBRFs0j7w3KQ==,type:str]
sops:
shamir_threshold: 3
kms: []
Expand All @@ -57,13 +57,13 @@ sops:
- recipient: age1mfh4698xzqlp2jvkzdagdqc85v2gz0r75uaz3pkh8twchdvgnp7se9u8kr
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5dS83K290TFYySm5JQmwr
L1lzYXhyWDVLNDI5cFBFYWkvTkNxYjROUjNZClNKZEpSakVuNTVJQmpnMFQ1V2Jq
SDBhQ0FOK3lpTURHWm9KemZFYkREajQKLS0tIEZidWk0aDJxNTJma2pvaDd4TzRQ
RytBY2k3ZWtlN1JwS1BpajZJZGY2b3cKGBHmXwNhLY60P3858xIfovaYBTO+egie
Juk1Mr5dMlLNXX4V3lrvrZInOgZtyDYgRAZbDp3bg882i44QqTk0zw==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLNzdTekh1eG5MMGt2ZS9E
TFFXVzA5eWFPcFc5UXgvbk1CbmM3TlgzdUdFCmt6dFJQaVhPOFp4amUwZHRaZHFT
OHMxa2JLQnpUK2JvZkRqeTR0eWxjODgKLS0tIE9LelZja0ZNV3BvZERHd1F2Z2Jw
VWNOZEhxcUUxald4SituUEVmc1M2MVEKoCVUZqwX2sXZZWv5qMEX8eaKf64IMSoa
bfr3pLzQ/Zkb5K8urU+a9UpmbFacjLXZOfOoH0fZeUvVNuJKDQVyBg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-11-19T07:59:34Z"
mac: ENC[AES256_GCM,data:U18S09HvO/K38x/xVndITp9kj4csr9wg5si6fRPv/7JNCMz4xWUK9vSS0uxnAJUa8cUAawWffcUVUDehA5BOu1xp5td0BKzx2ZRzZhwTFz68db4XktIiA1SAz05laP32B5IgQFH13+KZVxXZhgQn2hSHoFMVwhXSe6bD+pYY9XU=,iv:IevPx7V8s46aEEjnZgtfUPwwnFwlq3sp+1QgYX30U2M=,tag:1KAiRBjXqHqMKtkm9E1wSQ==,type:str]
lastmodified: "2024-11-19T08:08:17Z"
mac: ENC[AES256_GCM,data:O9A4uGiGqE3grokzGUbPTCkkCz/wN+Hvj3PSUkxsH7dJXR3V1ccvJjvB3H2KN6AsXpthO7OGkIjg/eu9d6P2AFu8x1xqxQ51UPxmQfSz2lhQxEjHnz7vv+solqXsgOl0D0motJB35RLOdXyDkD905OIFHsWhXUrVGYD8UF0vuR4=,iv:sFUA0KVmglLLXl4RV7kh8xBo3w9PogdRCJoOvz6hP/M=,tag:nQQadx+vhSt84pscMuML8w==,type:str]
pgp: []
version: 3.9.1
11 changes: 5 additions & 6 deletions clusters/main/kubernetes/apps/tailscale/app/helm-release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,13 +18,12 @@ spec:
tailscale:
authkey: "${TAILSCALE_AUTHKEY}"
securityContext:
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
runAsNonRoot: false
runAsUser: 0
capabilities:
add: ["NET_ADMIN"]
drop: ["ALL"]
add: ["NET_ADMIN", "NET_RAW"]
podSecurityContext:
fsGroup: 1000

volumes:
- name: tun
Expand Down
Loading

0 comments on commit c893788

Please sign in to comment.