29 lines
721 B
Nix
29 lines
721 B
Nix
|
{ ... }: {
|
||
|
secret = name: {
|
||
|
metadata.namespace = "${name}";
|
||
|
spec = {
|
||
|
hostAPI = "http://infisical:8080";
|
||
|
resyncInterval = 10;
|
||
|
authentication = {
|
||
|
kubernetesAuth = {
|
||
|
identityId = "68d1f432-7b0a-4e4a-b439-acbbbc160f1e";
|
||
|
serviceAccountRef = {
|
||
|
name = "infisical-auth";
|
||
|
namespace = "infisical";
|
||
|
};
|
||
|
secretsScope = {
|
||
|
projectSlug = "kubernetes-homelab-dp67";
|
||
|
envSlug = "prod";
|
||
|
secretsPath = "/${name}";
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
managedSecretReference = {
|
||
|
secretName = "${name}";
|
||
|
secretNamespace = "${name}";
|
||
|
creationPolicy = "Owner";
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
}
|