remove authentik, polaris, heimdall, and todos

Signed-off-by: Michael Thomson <michael@michaelthomson.dev>

authentik/authentik-email-password.yaml

@@ -1,21 +0,0 @@
-{
-  "kind": "SealedSecret",
-  "apiVersion": "bitnami.com/v1alpha1",
-  "metadata": {
-    "name": "authentik-email-password",
-    "namespace": "authentik",
-    "creationTimestamp": null
-  },
-  "spec": {
-    "template": {
-      "metadata": {
-        "name": "authentik-email-password",
-        "namespace": "authentik",
-        "creationTimestamp": null
-      }
-    },
-    "encryptedData": {
-      "AUTHENTIK_EMAIL__PASSWORD": "AgB9S0bCYnUrxbQ/EAG7vRuUuZstQuvZ/s9kz4E4c9iyWMN6AYVkYxyFhrFy5F5Ge9Mis3m8wUjVVUTRoKIesWodLwOXWbZQ/VBldXlOLf7qXFnfHamSsrBKmNvCemZA+IWIurTqr5f08MF3uZrZ4tiYR1VJLilfxVdWEWo+hahwUuwWA/9BHhrE73XUImRuG7avhGcn6ek+s2W8inEpLfd7XN8L+dDACYJPNMwB9KJkceZDVr+vxCJVNHKWVMicxrLT1u5IdFxYDwhFceOdXVLNhr4BS/P97DUxWwVv3hWgY/sgW0sf8ghMkjeKegnSINIcQbjW3iLJn7Txi0zoQipv6XhJOEWvU0URc+CSY8VvEFVULN/TJ7/11mINTeLrHsTX14JTmugbMhMQxqn0mYGMmjGthOFgob6YC6YBu9bDi7iZWLxaIbx89wfxfR/zvrcAvWE+xpvf77X/fmINHBNhvlgeq00IDpQGEo0Hbm/sp2bdEZTtz7HSneKKcdFH/RUYnwHRLmglfHfG4a74KGwxsGv/aUogdz+PywsTEz1B22YMp/qCCJBfn9HUdsWyTmyAsqXL1zzhRPIoHdeoqztnOBdwZwH3c9W1IImUToMjxiyFW4x8CuVIDrpfBj2pAmkGo+zd4zLbumMcLlkoq1M6A5ad4QuRgSftczX6slNG32XWNbN/8eICfgbcv/6beTWIOK19c9kOdTbSJIL6e5nMWrgx/925qanG"
-    }
-  }
-}

authentik/authentik-postgresql-password.yaml

@@ -1,21 +0,0 @@
-{
-  "kind": "SealedSecret",
-  "apiVersion": "bitnami.com/v1alpha1",
-  "metadata": {
-    "name": "authentik-postgresql-password",
-    "namespace": "authentik",
-    "creationTimestamp": null
-  },
-  "spec": {
-    "template": {
-      "metadata": {
-        "name": "authentik-postgresql-password",
-        "namespace": "authentik",
-        "creationTimestamp": null
-      }
-    },
-    "encryptedData": {
-      "AUTHENTIK_POSTGRESQL__PASSWORD": "AgBbQwrjhB1FpCCqqcK6t8u+tfvkGE4zauPEehkcgspGiTkK5gl7df6N+D2Ft8S16BL5wT3wcFL94pXousJZaASlV+P+MMD/mfpGUil2PM4nRM/BSXUDIqYYf/u5MiNDcT25DDv78K3Bg2RYZSssPNRb3r2+uTgmUAcsUKdmKm2E0fSCBMpo3+nMMPWjyUrVnZtGvJq48CxpG4DBW2awDQtFZOZkTnsXgXAyZEQOmmHNaZrRbqE7BwsMS5JEyvOW6vSYh4168fVls2fpJy389AV8OTUcwZfSzc+x3qCDkZYW+lgfW5n1R7eBD3sOOCbrNyLcHqJOgdsqetqr3Q//A7EvGbZ2WYHGTXJfwz0u61nJVNVtJPml1MybzvYUdGaunVo3fLetY/O6fEPCxDgUPAYZEhjYKYWxlosuz8KrihD1E+KNP9HP+7C04H3r1tBUelJSBcV/VAgM211TfhAxaq0Lh7O0ZaiNdt9w3fZufcwdxuRf4xuwHJKtS9GaFvprH/GF8rw9t6BHc798c7bW3S9/mym0l250KSb2WcjdZFOWYuWAPjtLrU2UjDQ79k8GuX7wx6lt8QWdiO+DFQGWV7TOXpyNfl+XA2241QVXx1SBdmCvQpimlbf9pTN5P0Op608TUVRTWGIDItaH17NDgo+qcnvNXElKzuRSwI7jmtL2H8xzQYG+0OILbc1fRatzSCRQhZExQZjZI8F8QDGXj6tiH7HwJivZCHuKOFZHImmPLKjf7FWw1BLOFgyPbgrLXfLc9A=="
-    }
-  }
-}

authentik/authentik-secret-key.yaml

@@ -1,21 +0,0 @@
-{
-  "kind": "SealedSecret",
-  "apiVersion": "bitnami.com/v1alpha1",
-  "metadata": {
-    "name": "authentik-secret-key",
-    "namespace": "authentik",
-    "creationTimestamp": null
-  },
-  "spec": {
-    "template": {
-      "metadata": {
-        "name": "authentik-secret-key",
-        "namespace": "authentik",
-        "creationTimestamp": null
-      }
-    },
-    "encryptedData": {
-      "AUTHENTIK_SECRET_KEY": "AgCKZPdfiUFALKZiKEojiSSaTwT0vIpxS6gygO7A1w93Z2qdJsDEpjMXK8V0XKUPw2+FF6oWhM1akDn7lblkM3pgjW4XuySndknaSCGyNxewuhlD0FOBXz8DPoOIyFNLCYV4DRo+A+wIHHdCADpKkCheFJcKKp8whsk+ee98CHjrhrWWWJwlaH3ao5tQQVPDLwUeqrNpCjycoBTgYa4T0iuK2bZUMOhP0EEaLBqLPiHfij2gioE9PHht49poXsKvoqAOXXL1mY1j2y70YJX2rMdq7UW0gVnUHL7WFAvXxTFVAzC4Owe7XTfTf9ttxNUpnTr/Ekkh0I10wNuZElTjJZH4Jk5IV9SzHeAiSXNroowZrSnzuFRtK+z35WEaWPtWwnw6JaM9Vuj/caZCHAC6MtNJMvW/F4z/W29oK396JRilz7yR1hCzyJbVkoDuSul2bIT/eG3+EMfD0lZP/odiArf1a/wI5AD0pL4E9shplw6+EnunJlNj+BRY75jMr6K5UABkjwznAvhnGIQXg5RQ5galFukKwBaGu/Ujpq0erhAaQnBgjsLH3D9/0dRmyuuMo2ymzySO4jCAJYmZ650xKb2tgdT8fGENgIc/+EZ1vudFAIJp7mYOeEhRde6t59R6EmGMOTgLlpeyPymPbq9x7OG1otKsoYVtw1Cjcerm01VasZY6FXfld0agu+sllfmnwYVu8r81bi7t47maWOmLLsgRhdSCAky4gWwQ7zBAWTr0og43E+fXZw5TWZKfWvOWYWbIcA=="
-    }
-  }
-}

authentik/dns-endpoint.yaml

@@ -1,15 +0,0 @@
-apiVersion: externaldns.k8s.io/v1alpha1
-kind: DNSEndpoint
-metadata:
-  name: authentik.michaelthomson.dev
-  namespace: authentik
-spec:
-  endpoints:
-  - dnsName: authentik.michaelthomson.dev
-    recordTTL: 180
-    recordType: CNAME
-    targets:
-      - michaelthomson.ddns.net
-    providerSpecific:
-      - name: external-dns.alpha.kubernetes.io/cloudflare-proxied
-        value: "true"

authentik/helmrelease-authentik.yaml

@@ -1,79 +0,0 @@
-apiVersion: helm.toolkit.fluxcd.io/v2beta2
-kind: HelmRelease
-metadata:
-  name: authentik
-  namespace: authentik
-spec:
-  chart:
-    spec:
-      chart: authentik
-      version: 2024.10.4
-      sourceRef:
-        kind: HelmRepository
-        name: authentik
-        namespace: flux-system
-  interval: 15m
-  timeout: 5m
-  releaseName: authentik
-  values:
-    global:
-      env:
-        - name: AUTHENTIK_SECRET_KEY
-          valueFrom:
-            secretKeyRef:
-              name: authentik-secret-key
-              key: AUTHENTIK_SECRET_KEY
-        - name: AUTHENTIK_POSTGRESQL__PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: authentik-postgresql-password
-              key: AUTHENTIK_POSTGRESQL__PASSWORD
-        - name: POSTGRES_PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: authentik-postgresql-password
-              key: AUTHENTIK_POSTGRESQL__PASSWORD
-        - name: AUTHENTIK_EMAIL__PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: authentik-email-password
-              key: AUTHENTIK_EMAIL__PASSWORD
-
-    authentik:
-      outposts:
-        kubernetes_ingress_secret_name: letsencrypt-wildcard-cert-michaelthomson.dev
-        # kubernetes_ingress_annotations:
-        #   traefik.ingress.kubernetes.io/router.tls: "true"
-        #   traefik.ingress.kubernetes.io/router.entrypoints: websecure
-      email:
-        host: mail.michaelthomson.dev
-        port: 465
-        username: server@michaelthomson.dev
-        use_tls: true
-        from: "Michael's Server <server@michaelthomson.dev>"
-
-    server:
-      ingress:
-        enabled: true
-        ingressClassName: traefik
-        annotations:
-          traefik.ingress.kubernetes.io/router.tls: "true"
-          traefik.ingress.kubernetes.io/router.entrypoints: websecure
-        hosts:
-          - authentik.michaelthomson.dev
-        tls:
-          - secretName: letsencrypt-wildcard-cert-michaelthomson.dev
-            hosts:
-              - authentik.michaelthomson.dev
-
-    postgresql:
-      enabled: true
-      auth:
-        existingSecret: authentik-postgresql-password
-        secretKeys:
-          adminPasswordKey: AUTHENTIK_POSTGRESQL__PASSWORD
-          userPasswordKey: AUTHENTIK_POSTGRESQL__PASSWORD
-          replicationPasswordKey: AUTHENTIK_POSTGRESQL__PASSWORD
-
-    redis:
-      enabled: true

bootstrap/helmrepositories/helmrepository-authentik.yaml

@@ -1,8 +0,0 @@
-apiVersion: source.toolkit.fluxcd.io/v1beta2
-kind: HelmRepository
-metadata:
-  name: authentik
-  namespace: flux-system
-spec:
-  interval: 15m
-  url: https://charts.goauthentik.io

bootstrap/helmrepositories/helmrepository-polaris.yaml

@@ -1,8 +0,0 @@
-apiVersion: source.toolkit.fluxcd.io/v1beta2
-kind: HelmRepository
-metadata:
-  name: fairwinds
-  namespace: flux-system
-spec:
-  interval: 15m
-  url: https://charts.fairwinds.com/stable

bootstrap/kustomizations/kustomization-authentik.yaml

@@ -1,18 +0,0 @@
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
-  name: authentik
-  namespace: flux-system
-spec:
-  interval: 15m
-  path: ./authentik
-  prune: true # remove any elements later removed from the above path
-  timeout: 2m # if not set, this defaults to interval duration, which is 1h
-  sourceRef:
-    kind: GitRepository
-    name: flux-system
-  healthChecks:
-    - apiVersion: helm.toolkit.fluxcd.io/v2beta2
-      kind: HelmRelease
-      name: authentik
-      namespace: authentik

bootstrap/kustomizations/kustomization-heimdall.yaml

@@ -1,18 +0,0 @@
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
-  name: heimdall
-  namespace: flux-system
-spec:
-  interval: 15m
-  path: ./heimdall
-  prune: true # remove any elements later removed from the above path
-  timeout: 2m # if not set, this defaults to interval duration, which is 1h
-  sourceRef:
-    kind: GitRepository
-    name: flux-system
-  healthChecks:
-    - apiVersion: apps/v1
-      kind: Deployment
-      name: heimdall
-      namespace: heimdall

bootstrap/kustomizations/kustomization-polaris.yaml

@@ -1,18 +0,0 @@
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
-  name: polaris
-  namespace: flux-system
-spec:
-  interval: 15m
-  path: ./polaris
-  prune: true # remove any elements later removed from the above path
-  timeout: 2m # if not set, this defaults to interval duration, which is 1h
-  sourceRef:
-    kind: GitRepository
-    name: flux-system
-  healthChecks:
-    - apiVersion: helm.toolkit.fluxcd.io/v2beta2
-      kind: HelmRelease
-      name: polaris
-      namespace: polaris

bootstrap/kustomizations/kustomization-todos.yaml

@@ -1,18 +0,0 @@
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
-  name: todo
-  namespace: flux-system
-spec:
-  interval: 15m
-  path: ./todo
-  prune: true # remove any elements later removed from the above path
-  timeout: 2m # if not set, this defaults to interval duration, which is 1h
-  sourceRef:
-    kind: GitRepository
-    name: flux-system
-  healthChecks:
-    - apiVersion: apps/v1
-      kind: Deployment
-      name: todo
-      namespace: todo

bootstrap/namespaces/namespace-authentik.yaml

@@ -1,4 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: authentik

bootstrap/namespaces/namespace-heimdall.yaml

@@ -1,4 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: heimdall

bootstrap/namespaces/namespace-polaris.yaml

@@ -1,4 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: polaris

bootstrap/namespaces/namespace-todo.yaml

@@ -1,4 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: todo

heimdall/deployment.yaml

@@ -1,30 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: heimdall
-  namespace: heimdall
-spec:
-  selector:
-    matchLabels:
-      app: heimdall
-  template:
-    metadata:
-      labels:
-        app: heimdall
-    spec:
-      containers:
-      - name: heimdall
-        image: lscr.io/linuxserver/heimdall:latest
-        ports:
-        - containerPort: 80
-          name: http
-          protocol: TCP
-        volumeMounts:
-        - name: config
-          mountPath: /config
-      volumes:
-      - name: config
-        persistentVolumeClaim: 
-          claimName: heimdall-config
-            
-          

heimdall/dns-endpoint.yaml

@@ -1,12 +0,0 @@
-apiVersion: externaldns.k8s.io/v1alpha1
-kind: DNSEndpoint
-metadata:
-  name: heimdall.michaelthomson.dev
-  namespace: heimdall
-spec:
-  endpoints:
-  - dnsName: heimdall.michaelthomson.dev
-    recordTTL: 180
-    recordType: CNAME
-    targets:
-    - server.michaelthomson.dev

heimdall/ingress.yaml

@@ -1,24 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: heimdall
-  namespace: heimdall
-  annotations:
-    traefik.ingress.kubernetes.io/router.entrypoints: websecure
-    traefik.ingress.kubernetes.io/router.tls: "true"
-spec:
-  rules:
-  - host: heimdall.michaelthomson.dev
-    http:
-      paths:
-      - pathType: ImplementationSpecific
-        path: /
-        backend:
-          service:
-            name: heimdall
-            port: 
-              name: http
-  tls:
-    - hosts:
-        - heimdall.michaelthomson.dev
-      secretName: letsencrypt-wildcard-cert-michaelthomson.dev

heimdall/pvc-config.yaml

@@ -1,12 +0,0 @@
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: heimdall-config
-  namespace: heimdall
-spec:
-  resources:
-    requests:
-      storage: 1Gi
-  storageClassName: longhorn
-  accessModes:
-    - ReadWriteOnce

heimdall/service.yaml

@@ -1,12 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: heimdall
-  namespace: heimdall
-spec:
-  selector:
-    app: heimdall
-  ports:
-  - port: 80
-    targetPort: http
-    name: http

polaris/dns-endpoint-polaris.yaml

@@ -1,12 +0,0 @@
-apiVersion: externaldns.k8s.io/v1alpha1
-kind: DNSEndpoint
-metadata:
-  name: polaris.michaelthomson.dev
-  namespace: kube-prometheus-stack
-spec:
-  endpoints:
-  - dnsName: polaris.michaelthomson.dev
-    recordTTL: 180
-    recordType: CNAME
-    targets:
-    - server.michaelthomson.dev

polaris/helmrelease-polaris.yaml

@@ -1,32 +0,0 @@
-apiVersion: helm.toolkit.fluxcd.io/v2beta1
-kind: HelmRelease
-metadata:
-  name: polaris
-  namespace: polaris
-spec:
-  chart:
-    spec:
-      chart: polaris
-      version: 5.x
-      sourceRef:
-        kind: HelmRepository
-        name: fairwinds
-        namespace: flux-system
-  interval: 15m
-  timeout: 5m
-  releaseName: polaris
-  values:
-    dashboard:
-      ingress:
-        enabled: true
-        annotations:
-          traefik.ingress.kubernetes.io/router.tls: "true"
-          traefik.ingress.kubernetes.io/router.entrypoints: websecure
-        hosts:
-        - polaris.michaelthomson.dev
-        path: /
-        tls:
-          - secretName: letsencrypt-wildcard-cert-michaelthomson.dev
-            hosts:
-              - polaris.michaelthomson.dev
-

todo/backend/database-secrets.yaml

@@ -1,17 +0,0 @@
----
-apiVersion: bitnami.com/v1alpha1
-kind: SealedSecret
-metadata:
-  creationTimestamp: null
-  name: database-secrets
-  namespace: todo
-spec:
-  encryptedData:
-    ADMIN_PASSWORD: AgBPpWA8X0L8pWBXSDW3TzPgcZCyUjGbRbAbgCHUvPhqLUR0dxorVfGQBWu/xCnhGOBR4HxjSQTY+qQVy6XP2Mzm3S+RXwX4vqys0d0f154VOSeagJwCzNhVdIXjcIWQZ+pov4rBYQnYCP+0/Tv7ZF2AWeSc8CbNYp+wcBP0tw8Huo9NBf9jxGDyukTepCPLMs8l0NEImKe8rMoOMRaGEkx4KZWK3/8E4Md8dA6+QST0+M/LFXYScp4r0ooq/8inuSW6sDLXO8Eg5MU7hozEGQBg550j0z8wNtz2G8dKSo4We1ObsscbFkVx0Yeg+bQeh34IJSJn30JQEbTYpoqsPaJ1ZZcpMM+3gP2ES+x9rHbV/3zTztOZxcuO2x8exY2tSFXgTWGIfL/n5MoTD02FfnPSRbzgxo+Xx6B4BOwtdDDapDw0yHGlw3aIPrP75d8PxUcGZMhrUFim1whucw4R2YTveKRg8+uv4weCis8Kut4N7J4YjUkLE+OUcFP7DIFLCH5g1lE/o5tqF8FJ/zeCgoMGnhR3BsS6LIlx+8rhdf146h1726mjMqf9jORx6GAoUBUhLvlCWmO5SW2ksXjA5gc/zNhE6Yxn58jHGqjJU/MAEeSaKHqp3YVxWeO4EiUVZYa7REbsG/00uG3XzTdQUNcNcp//UjXOTgFmXgauYtGUdEAHzS4bdsTdLDAvELklo6evWFZpYiCKd2S+25dZ/as6yL8zhgK18RETBSFC0fo=
-    REPLICATION_PASSWORD: AgBlJpe+ie26A/jWaDTD1vy1n7nx1vrXu9x4ULEhJ5OIpoJSJFYZTBqK7OyVWsUkc0gWiQMKxZdCuck3k857BWP7fIPBX15Kmvpp1gRRbNx3Wlv4IgsFp0tUEMH7YEezLML6uO18n5jilLLVx7z9EbjTrv8xYf5ufptRZrKzm6WtJXaQoj+3Y2unNIdPhUhHq7ltkPepm4EIRNiESpK+SijkdENH5o9Ci16xjoeZhbThMM8j4GqPhiRuxsy9rCBunQxvyRhPR7bZwe5N/CsKzhljbbmybZjRMVYZSeU/6uDsEm9HHA6Et7AUtcg51Z2LwtsmWq9jDnkAWFEfIFnjqrlTz2ET5TTseYAIfmCbEMYQqVSzRM56TyWmUAtPD/kjVQRtXVgryiIwu55+4nvvmzjq6brsoeBAAX+4TKmDqk+o92xT0saPFbdFSRP41MhFyxYYaUtv/1woo84491x+mHk1GeaiqytCXQjq8D2Yd/LiSzDBumA1aXEJ5esKna2FKbqclr693SS+SRwWDtH8twKHpEwW9aURhITT2qcQMN/67kJtpYTkhgWEik+w/PCIxpTRBQD9slBDsYQ0ZVXfM3sC8dxHhfdPnvBcMgztyfemAOehTxdsb/fyduPA6VIJjq8CjS8E6mzTahmz2UryximFUFtSzDOkeD8suOyhRqbCcjSE7ygk2ih9hjDHNrmbFUcQ3uLfCKXrT4n8HVrljcP5Ptw1uH/gu370Dq3siaM=
-    USER_PASSWORD: AgBfB5PAe8EkFObVo/or5MS3fOecSURgociP9FOSeT+OxqrrpSURudeo1LUHP0tzUqnEHiu67eoOvjXtyL3X5sxrpzMkPHORiOxEGOEc4EdwvvGSm/mIS10b25lKR54kh9u6QG7g033DJTbWdmegMtC59ZERiTp+nZoy1JTh2Qyprgfj9Ip+F73hgu+cZpQQwQnxUVbrfJ3McOp+eO76K0m9ecJqul9RsAKbY14N+9qCdE+ObmRfSRx2Eck0F9/6mNaqAl/lZ61YVJbyPWGcu5sZy+ZM/rBPdpJYJF24La1X4j5ru+wPvuETsOhFqKbKbpPBuXdBaLYwYYI+6GWH1BMk9bUxlCEhdF8fBQULJqMCpJMW2nKfdDf+PqKR/MR4rH2GcZiYOc9AXT6POjU7YstuFW5CUL6lX/wcQtkPvqRAxI31m8bISESQ/mUnEZZ+8wZ54C2qmw0wmPpMQbkvGm0g77Bwl3vUsbMgCTu82b3ShSde/zQMEfId21G54uPcJCyqlhiYI3wxhFN//W0elCRzACt36t90VH1/f268oo+m72j+mmIfPoV/2EXYLJaQCdjj/QTxYz1Q7TCTpYoscTxpHQFEwMVtf6sRTrKdy8PgUcSSOilklINlNto7283ZwdCoFgVg+dazrZQSKwKKLD2yvdKgwSXTTq9CcrFKu8cJU82n7y5FjufpccVwGYbTPVu7BSrO/6M64o+G71DxyR37kOW1HEddUIY77Im+ZCc=
-  template:
-    metadata:
-      creationTimestamp: null
-      name: database-secrets
-      namespace: todo

todo/backend/helmrelease-postgresql.yaml

@@ -1,35 +0,0 @@
-apiVersion: helm.toolkit.fluxcd.io/v2beta2
-kind: HelmRelease
-metadata:
-  name: todo-postgresql
-  namespace: todo
-spec:
-  chart:
-    spec:
-      chart: postgresql
-      version: 15.x
-      sourceRef:
-        kind: OCIRespository
-        name: bitnami
-        namespace: flux-system
-  interval: 15m
-  timeout: 5m
-  releaseName: postgresql
-  values:
-    global:
-      storageClass: "longhorn"
-      postgresql:
-        auth:
-          username: "todo"
-          database: "todos"
-          existingSecret: "database-secrets"
-          secretKeys:
-            adminPasswordKey: "ADMIN_PASSWORD"
-            userPasswordKey: "USER_PASSWORD"
-            replicationPasswordKey: "REPLICATION_PASSWORD"
-    primary:
-      persistence:
-        size: 1Gi
-    readReplicas:
-      persistence:
-        size: 1Gi

todo/frontend/app-secret.yaml

@@ -1,15 +0,0 @@
----
-apiVersion: bitnami.com/v1alpha1
-kind: SealedSecret
-metadata:
-  creationTimestamp: null
-  name: database-url
-  namespace: todo
-spec:
-  encryptedData:
-    DATABASE_URL: AgBxll7k7MBVaFaqaW5RS01tt+KDAOhyyei4ap5cvuQK/M0j08nY4Hu6hrKN+4I2Lm6wqR8pOYcM622QVp/5onL2II17ouFZKQX3JXDZB7r6bJJgkm3fzR4sIULXNc6VWhgS8DaYHI3ZmtMACqLK11/lAzdyXfq7ja8VxTpcE/jGe/OSqzxkObbJqt9goIIkpr7Hlwy+tzC36R2XY+3ruQQQdNk7QRbwiZiRDUCmQbRjE/0Mrq0WNevdy06KoM4EnpQrligKO6Ow6eRbZktHDZM4HOUecG4RQcB7/t9dnkCEKnIp5fAh7U95RW9lmDE0zCLAEtliJVDzIZTi/4vDuBgwbwI4HE7luK8N9RsJVYZt8USRe/vLp3fnmH+1L0lxtV76EORhsQj3sGq6JPTJ3UKcYudhhhJv1Yh0ZHt2fyNRlVpra6hj0qjNa7AHijqcp8gpxjOE8/aXQOC4v0i9vYeGUTaYNXfekGqnbQqUaEdLUsskaCPPuQYt8s3kgGv1L50pzMGJvX6ZiI97fkf4UYxrHf6vprSyfAcwd1iX3Vv9kC2LMsD7q+pXZCuh11W4CBp0fEYFslMyTCQj1/S8N0TfsspTlou+H1mrPHR1pJri0i8jOoEFqJcl3qu0l3aKY7sbccB8W/a6hRuBW98apWqxPoyHnfCQb9KzfTQ52p/V+jDVOFEFfU4PvKh3R4WxrjxeYNQdVsarqScN7IRSP6w+y5Am4Pv1RDKBomVKgXaIZCFRrkKpyz1Y9MfSUcfPnOJLyAmyhxLyBq4ZtNkypqUTo1Zxnw==
-  template:
-    metadata:
-      creationTimestamp: null
-      name: database-url
-      namespace: todo

todo/frontend/deployment.yaml

@@ -1,29 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: todo
-  namespace: todo
-  labels:
-    app: todo-app
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: todo-app
-  template:
-    metadata:
-      labels:
-        app: todo-app
-    spec:
-      containers:
-      - image: gitea.michaelthomson.dev/mthomson/go-todos-app:latest
-        name: todo
-        ports:
-        - name: http
-          containerPort: 3000
-        env:
-        - name: DATABASE_URL
-          valueFrom:
-            secretKeyRef:
-              name: database-url
-              key: DATABASE_URL

todo/frontend/dns-endpoint.yaml

@@ -1,12 +0,0 @@
-apiVersion: externaldns.k8s.io/v1alpha1
-kind: DNSEndpoint
-metadata:
-  name: todo.michaelthomson.dev
-  namespace: todo
-spec:
-  endpoints:
-  - dnsName: todo.michaelthomson.dev
-    recordTTL: 180
-    recordType: CNAME
-    targets:
-    - server.michaelthomson.dev

todo/frontend/ingress.yaml

@@ -1,23 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: todo
-  namespace: todo
-  annotations:
-    traefik.ingress.kubernetes.io/router.entrypoints: websecure
-    traefik.ingress.kubernetes.io/router.tls: "true"
-spec:
-  rules:
-  - host: todo.michaelthomson.dev
-    http:
-      paths:
-      - path: /
-        backend:
-          service:
-            name: todo
-            port: 
-              name: http
-  tls:
-    - hosts:
-        - todo.michaelthomson.dev
-      secretName: letsencrypt-wildcard-cert-michaelthomson.dev

todo/frontend/service.yaml

@@ -1,12 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: todo
-  namespace: todo
-spec:
-  selector:
-    app: todo-app
-  ports:
-  - port: 80
-    targetPort: http
-    name: http