feat: add external dns

Architecture.md

@@ -56,6 +56,6 @@ Yay! you now have an interface, and an IP address to broadcast on :D
 op connect server create cluster --vaults cluster
 op connect token create cluster --server <Server ID> --vault cluster
 
-kubectl create secret generic -n 1password-system 1password-credentials  --from-literal=password="$(op read ''op://cluster/1password-credentials.json/1password-credentials.json.base64)"
+kubectl create secret generic -n 1password-system 1password-credentials  --from-literal=password="$(op read 'op://cluster/1password-credentials/password')"
-kubectl create secret generic -n 1password-system 1password-token  --from-literal password="$(op read 'op://cluster/op-token/op-token')"
+kubectl create secret generic -n 1password-system 1password-token  --from-literal password="$(op read 'op://cluster/1password-token/password')"
 ```

cluster/base/infra/external-dns.yaml

@@ -1,18 +1,18 @@
-# ---
+---
-# apiVersion: kustomize.toolkit.fluxcd.io/v1
+apiVersion: kustomize.toolkit.fluxcd.io/v1
-# kind: Kustomization
+kind: Kustomization
-# metadata:
+metadata:
-#   name: infra-external-dns
+  name: infra-external-dns
-#   namespace: flux-system
+  namespace: flux-system
-# spec:
+spec:
-#   interval: 1h0m0s
+  interval: 1h0m0s
-#   path: ./infra/controllers/external-dns
+  path: ./infra/controllers/external-dns
-#   dependsOn:
+  dependsOn:
-#   - name: infra-1password-config
+  - name: infra-1password-config
-#   prune: true
+  prune: true
-#   retryInterval: 1m0s
+  retryInterval: 1m0s
-#   sourceRef:
+  sourceRef:
-#     kind: GitRepository
+    kind: GitRepository
-#     name: flux-system
+    name: flux-system
-#   timeout: 5m0s
+  timeout: 5m0s
-#   wait: true
+  wait: true

infra/controllers/external-dns/external-dns.yaml

@@ -1,4 +1,12 @@
 ---
+apiVersion: onepassword.com/v1
+kind: OnePasswordItem
+metadata:
+  name: cloudflare-api-key
+  namespace: external-dns-system
+spec:
+  itemPath: "vaults/cluster/items/cloudflare-token"
+---
 apiVersion: source.toolkit.fluxcd.io/v1
 kind: HelmRepository
 metadata:
@@ -8,7 +16,7 @@ spec:
   interval: 15m0s
   url: https://kubernetes-sigs.github.io/external-dns/
 ---
-apiVersion: helm.toolkit.fluxcd.io/v2beta1
+apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
   name: external-dns
@@ -17,16 +25,20 @@ spec:
   chart:
     spec:
       chart: external-dns
-      version: 1.15.0
+      reconcileStrategy: ChartVersion
       sourceRef:
         kind: HelmRepository
-        name: external-dns
+        name: external-dns-repo
-        namespace: external-dns-system
+      version: 1.15.0
-  interval: 15m
+  interval: 1m
   timeout: 5m
-  releaseName: external-dns
   values:
-    crd:
+    provider:
-      create: true
+      name: cloudflare
-    sources:
+    env:
+      - name: CF_API_TOKEN
+        valueFrom:
+          secretKeyRef:
+            name: cloudflare-token
+            key: password