clusterConfig: manifests: https://gitlab.com/oceanbox/manifests.git cilium: enabled: false env: "prod" distro: "nixos" domain: "rossby.oceanbox.io" initca: "/var/lib/kubernetes/secrets" apiserver: "rossby-manage" apiserverip: "172.16.239.221" etcd_nodes: [ "172.16.239.221, 172.16.239.222, 172.16.239.210" ] k8s_nodes: [ "172.16.239.221, 172.16.239.222, 172.16.239.210, 172.16.239.111, 172.16.239.112, 172.16.239.113, 172.16.239.114, 172.16.239.115, 172.16.239.116, 172.16.239.117, 172.16.239.118, 172.16.239.119, 172.16.239.120, 172.16.239.121, 172.16.239.122, 172.16.239.123, 172.16.239.124, 172.16.239.125, 172.16.239.126, 172.16.239.127, 172.16.239.128, 172.16.239.129, 172.16.239.130" ] cluster: "rossby" ingress_nodes: ["rossby, rossby-manage" ] ingress_replica_count: 2 fileserver: "172.16.239.222" acme_email: "acme@oceanbox.io" oidc: - name: oceanbox provider: azuread tenant: "3f737008-e9a0-4485-9d27-40329d288089" secret_ref: name: oceanbox-oidc group_id: "eb17a659-4ce6-41bc-9153-d9b117c44479" nodes: - name: rossby-manage taints: [] labels: - "node-role.kubernetes.io=control-plane" - name: rossby taints: [] labels: - "node-role.kubernetes.io=control-plane" - name: fs-work # taints: # - "workload=data:NoSchedule" labels: - "node-role.kubernetes.io=control-plane" - "nfs=work" - "nfs=data" - name: c0-1 taints: - "workload=compute:NoSchedule" - name: c0-2 taints: - "workload=compute:NoSchedule" - name: c0-3 taints: - "workload=compute:NoSchedule" - name: c0-4 taints: - "workload=compute:NoSchedule" - name: c0-5 taints: - "workload=compute:NoSchedule" - name: c0-6 taints: - "workload=compute:NoSchedule" - name: c0-7 taints: - "workload=compute:NoSchedule" - name: c0-8 taints: - "workload=compute:NoSchedule" - name: c0-9 taints: - "workload=compute:NoSchedule" - name: c0-10 taints: - "workload=compute:NoSchedule" - name: c0-11 taints: - "workload=compute:NoSchedule" - name: c0-12 taints: - "workload=compute:NoSchedule" - name: c0-13 taints: - "workload=compute:NoSchedule" - name: c0-14 taints: - "workload=compute:NoSchedule" - name: c0-15 taints: - "workload=compute:NoSchedule" - name: c0-16 taints: - "workload=compute:NoSchedule" - name: c0-17 taints: - "workload=compute:NoSchedule" - name: c0-18 taints: - "workload=compute:NoSchedule" - name: c0-19 taints: - "workload=compute:NoSchedule" - name: c0-20 taints: - "workload=compute:NoSchedule" # TODO(mrtz): Move to values/*/helmfile.yaml # argocd: # adminLogin: false # additional_rbac_settings: # - g, "eb17a659-4ce6-41bc-9153-d9b117c44479", role:org-admin # linkerd: # trustAnchorPEM: | # -----BEGIN CERTIFICATE----- # MIIBtDCCAVqgAwIBAgIQRlhbOLj9zw+QTGHqbOBaozAKBggqhkjOPQQDAjAlMSMw # IQYDVQQDExpyb290LmxpbmtlcmQuY2x1c3Rlci5sb2NhbDAeFw0yMTA0MDkxNDAy # NTFaFw0zMTA0MDcxNDAyNTFaMCUxIzAhBgNVBAMTGnJvb3QubGlua2VyZC5jbHVz # dGVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEljOLtSPSi6XIEdFP # VCGa4BKoQ0X5dBSZvHRLt/IzHRzAbIVIjgjvyRQc7EQlRKvZ8P9um/WG1ypyyA2l # C9MWz6NsMGowDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQEwHQYD # VR0OBBYEFHz4UuVKCNX8/hsZCcdTlmWnSCGXMCUGA1UdEQQeMByCGnJvb3QubGlu # a2VyZC5jbHVzdGVyLmxvY2FsMAoGCCqGSM49BAMCA0gAMEUCIGAiz3yNhboVdze1 # sNFcFL2GF5WwW9z53u03UkPkiuBTAiEA4ZHWZJVGV5VAQArL5v32HeH/IjC1ssGl # 7Y8D0rQqkis= # -----END CERTIFICATE----- # webhookPEM: | # -----BEGIN CERTIFICATE----- # MIIBlDCCATqgAwIBAgIRAP9aY0pRwkDnXqi3FwKmfZowCgYIKoZIzj0EAwIwKDEm # MCQGA1UEAxMdd2ViaG9vay5saW5rZXJkLmNsdXN0ZXIubG9jYWwwHhcNMjIxMDI3 # MDUxNTE0WhcNMjQxMDI1MDkxNTE0WjAoMSYwJAYDVQQDEx13ZWJob29rLmxpbmtl # cmQuY2x1c3Rlci5sb2NhbDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABIGSt6Th # 62wgjM5dRbZLa9YwPQAm/T2QnTzzrAUm+GeqvKfBhpPMGX6+91/x20X0uV26LvKz # YV1wVMs7tuPZioijRTBDMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/ # AgEBMB0GA1UdDgQWBBQWV6+eqRWOPyLWz9s0HT96MOr01zAKBggqhkjOPQQDAgNI # ADBFAiBTBFuIJUBEI5T2unrnFhM+Bj0rZFfuxQqEwD6+z2YRzwIhAOINkH5u7Z8M # zIVl06Biq2N+MO4TJ+CSS1C1w/22CDru # -----END CERTIFICATE----- # multicluster: # enabled: false # prometheus: # version: 39.6.0 # snitchUrl: "https://nosnch.in/bceb803932" # nfs_provisioner: # version: 4.0.17 # cert_manager: # version: 1.9.1 # gitlab_runner: # enabled: false # velero: # enabled: false # kyverno: # enabled: true # nginx: # version: 4.12.1