Configuration Options#
applications#
An application describes a single Argo CD application that can be rendered using n1x.
Usually the application is abstracted away behind a services option.
It is used to render Kubernetes resources when running n1x render and appears in the list of applications when running n1x list.
Type: attribute set of (submodule)
Default:
{ }
Example:
{
argocd = {
description = "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.";
namespace = "argocd";
resources = {
v1 = {
Namespace = {
argocd = { };
};
};
};
};
}
Declared by:
applications.<name>.description#
Description for the application.
Type: string
Default:
""
Declared by:
applications.<name>.enable#
Whether the application is enabled.
Type: boolean
Default:
true
Declared by:
applications.<name>.inAppOfApps#
Whether application should be a part of the app-of-apps application.
Type: boolean
Default:
true
Declared by:
applications.<name>.inBootstrap#
Whether application should be a part of the bootstrap application.
Type: boolean
Default:
false
Declared by:
applications.<name>.name#
Name of the application.
Type: string
Default:
"‹name›"
Declared by:
applications.<name>.namespace#
Namespace to deploy application into (defaults to name).
Type: string
Default:
"‹name›"
Declared by:
applications.<name>.project#
ArgoCD project to make application a part of.
Type: string
Default:
"default"
Declared by:
applications.<name>.resources#
Resources that make up the application.
They should be declared in the form <apiVersion>.<kind>.<name>.
For example the following namespace resource:
apiVersion: v1
kind: Namespace
metadata:
name: argocd
Would be declared in like this:
{
v1.Namespace.argocd = {
# This is redundant as `metadata.name` defaults
# to the name of the attribute for the resource.
metadata.name = "argocd";
};
}
Type: attribute set of attribute set of attribute set of anything
Default:
{ }
Example:
{
v1 = {
ConfigMap = {
argocd-cmd-params-cm = {
data = {
"server.insecure" = "true";
};
metadata = {
namespace = "argocd";
};
};
};
Namespace = {
argocd = { };
};
};
}
Declared by:
applications.<name>.syncPolicy.automated.prune#
Specifies if resources should be pruned during auto-syncing.
Type: boolean
Default:
false
Declared by:
applications.<name>.syncPolicy.automated.selfHeal#
Specifies if partial app sync should be executed when resources are changed only in target Kubernetes cluster and no git change detected.
Type: boolean
Default:
false
Declared by:
n1x.appOfApps.enable#
Whether to enable the app-of-apps application.
Type: boolean
Default:
false
Declared by:
n1x.appOfApps.name#
Name of the app-of-apps applications.
Type: string
Default:
"apps"
Declared by:
n1x.appOfApps.repository#
The source repository url to put on all generated Argo CD Applications.
Type: string
Declared by:
n1x.appOfApps.revision#
The target revision to put on all generated Argo CD Applications.
Type: string
Default:
"HEAD"
Declared by:
n1x.appOfApps.syncPolicy.automated.prune#
Specifies if resources should be pruned during auto-syncing.
Type: boolean
Default:
false
Declared by:
n1x.appOfApps.syncPolicy.automated.selfHeal#
Specifies if partial app sync should be executed when resources are changed only in target Kubernetes cluster and no git change detected.
Type: boolean
Default:
false
Declared by:
n1x.bootstrap.enable#
Whether to enable the bootstrap application.
Type: boolean
Default:
false
Declared by:
n1x.defaultSyncPolicy.automated.prune#
Specifies if resources should be pruned during auto-syncing. This is the default value for all applications if not explicitly set.
Type: boolean
Default:
false
Declared by:
n1x.defaultSyncPolicy.automated.selfHeal#
Specifies if partial app sync should be executed when resources are changed only in target Kubernetes cluster and no git change detected. This is the default value for all applications if not explicitly set.
Type: boolean
Default:
false
Declared by:
networking.cilium.enableIpv4#
Enable IPv4 support in cilium.
Type: boolean
Default:
true
Declared by:
networking.cilium.enableIpv6#
Enable IPv6 support in cilium.
Type: boolean
Default:
false
Declared by:
networking.cilium.extraYAMLs#
Extra resources defined in YAML that will be parsed and merged with the rest of the resources.
Type: list of strings concatenated with "\n"
Default:
[ ]
Example:
[
''
apiVersion: v1
kind: Namespace
metadata:
name: kube-system
''
''
apiVersion: v1
kind: ConfigMap
metadata:
name: my-config
namespace: kube-system
---
apiVersion: v1
kind: ConfigMap
metadata:
name: my-files
namespace: kube-system
data:
file.txt: |
some data here.
''
]
Declared by:
networking.cilium.ipamMode#
IP Address Management mode for cilium to use.
Type: one of "cluster-pool", "kubernetes", "eni"
Default:
"cluster-pool"
Declared by:
networking.cilium.name#
Name of the application for cilium.
Type: string
Default:
"cilium"
Declared by:
networking.cilium.namespace#
Destination namespace for cilium.
Type: string
Default:
"kube-system"
Declared by:
networking.cilium.podCidrs#
IPv4 CIDR list range to delegate to individual nodes for IPAM.
Type: list of string
Default:
["10.0.0.0/8"]
Declared by:
networking.cilium.podCidrsv6#
IPv6 CIDR mask size to delegate to individual nodes for IPAM.
Type: list of string
Default:
["fd00::/104"]
Declared by:
networking.cilium.policyAuditMode#
Enable policy audit mode in cilium.
Type: boolean
Default:
false
Declared by:
networking.cilium.policyEnforcementMode#
Policy enforcement mode for cilium to use.
See: https://docs.cilium.io/en/latest/security/policy/intro/#policy-enforcement-modes
Type: one of "default", "always", "never"
Default:
"default"
Declared by:
networking.cilium.values#
Values to pass on to the cilium helm chart.
Type: attribute set of anything
Default:
{ }
Declared by:
networking.cni#
Which CNI application to enable or none if null.
Type: null or one of "cilium", "flannel"
Default:
null
Declared by:
networking.flannel.backend#
Backend for kube-flannel.
See: https://github.com/flannel-io/flannel/blob/master/Documentation/backends.md
Type: one of "vxlan", "host-gw", "wireguard", "udp"
Default:
"vxlan"
Declared by:
networking.flannel.backendPort#
Port used by the backend. 0 means default value (VXLAN: 8472, Wireguard: 51821, UDP: 8285).
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
0
Declared by:
networking.flannel.extraYAMLs#
Extra resources defined in YAML that will be parsed and merged with the rest of the resources.
Type: list of strings concatenated with "\n"
Default:
[ ]
Example:
[
''
apiVersion: v1
kind: Namespace
metadata:
name: kube-flannel
''
''
apiVersion: v1
kind: ConfigMap
metadata:
name: my-config
namespace: kube-flannel
---
apiVersion: v1
kind: ConfigMap
metadata:
name: my-files
namespace: kube-flannel
data:
file.txt: |
some data here.
''
]
Declared by:
networking.flannel.name#
Name of the application for flannel.
Type: string
Default:
"flannel"
Declared by:
networking.flannel.namespace#
Destination namespace for flannel.
Type: string
Default:
"kube-flannel"
Declared by:
networking.flannel.podCidr#
IPv4 CIDR to delegate to pods.
Type: string
Default:
"10.244.0.0/16"
Declared by:
networking.flannel.podCidrv6#
IPv6 CIDR to delete got pods.
Type: string
Default:
""
Declared by:
networking.flannel.values#
Values to pass on to the flannel helm chart.
Type: attribute set of anything
Default:
{ }
Declared by:
services.argocd.enable#
Whether to enable argocd.
Type: boolean
Default:
false
Example:
true
Declared by:
services.argocd.extraYAMLs#
Extra resources defined in YAML that will be parsed and merged with the rest of the resources.
Type: list of strings concatenated with "\n"
Default:
[ ]
Example:
[
''
apiVersion: v1
kind: Namespace
metadata:
name: argocd
''
''
apiVersion: v1
kind: ConfigMap
metadata:
name: my-config
namespace: argocd
---
apiVersion: v1
kind: ConfigMap
metadata:
name: my-files
namespace: argocd
data:
file.txt: |
some data here.
''
]
Declared by:
services.argocd.ingress.enable#
Create an ingress for argocd-server.
Type: boolean
Default:
false
Declared by:
services.argocd.ingress.hosts#
Hostnames to put in the argocd-server ingress.
Type: list of string
Default:
[ ]
Declared by:
services.argocd.ingress.ingressClass#
Ingress class to set on the ingress for argocd-server.
Type: string
Default:
""
Declared by:
services.argocd.n1xPlugin.enable#
Whether to automatically add the n1x config management plugin to Argo CD.
Type: boolean
Default:
true
Declared by:
services.argocd.n1xPlugin.image#
The image to use in the Argo CD config management plugin sidecar.
Type: string
Default:
"ghcr.io/arnarg/n1x/argocd-cmp-plugin:latest"
Declared by:
services.argocd.name#
Name of the application for argocd.
Type: string
Default:
"argocd"
Declared by:
services.argocd.namespace#
Destination namespace for argocd.
Type: string
Default:
"argocd"
Declared by:
services.argocd.values#
Values to pass on to the argo-cd helm chart.
Type: attribute set of anything
Default:
{ }
Declared by:
services.cloudflare-operator.enable#
Whether to enable cloudflare-operator.
Type: boolean
Default:
false
Example:
true
Declared by:
services.cloudflare-operator.extraYAMLs#
Extra resources defined in YAML that will be parsed and merged with the rest of the resources.
Type: list of strings concatenated with "\n"
Default:
[ ]
Example:
[
''
apiVersion: v1
kind: Namespace
metadata:
name: cloudflare-operator
''
''
apiVersion: v1
kind: ConfigMap
metadata:
name: my-config
namespace: cloudflare-operator
---
apiVersion: v1
kind: ConfigMap
metadata:
name: my-files
namespace: cloudflare-operator
data:
file.txt: |
some data here.
''
]
Declared by:
services.cloudflare-operator.name#
Name of the application for cloudflare-operator.
Type: string
Default:
"cloudflare-operator"
Declared by:
services.cloudflare-operator.namespace#
Destination namespace for cloudflare-operator.
Type: string
Default:
"cloudflare-operator"
Declared by:
services.k8s-gateway.domain#
Delegated domain for k8s_gateway to use.
Type: string
Declared by:
services.k8s-gateway.enable#
Whether to enable k8s-gateway.
Type: boolean
Default:
false
Example:
true
Declared by:
services.k8s-gateway.extraYAMLs#
Extra resources defined in YAML that will be parsed and merged with the rest of the resources.
Type: list of strings concatenated with "\n"
Default:
[ ]
Example:
[
''
apiVersion: v1
kind: Namespace
metadata:
name: k8s-gateway
''
''
apiVersion: v1
kind: ConfigMap
metadata:
name: my-config
namespace: k8s-gateway
---
apiVersion: v1
kind: ConfigMap
metadata:
name: my-files
namespace: k8s-gateway
data:
file.txt: |
some data here.
''
]
Declared by:
services.k8s-gateway.name#
Name of the application for k8s-gateway.
Type: string
Default:
"k8s-gateway"
Declared by:
services.k8s-gateway.namespace#
Destination namespace for k8s-gateway.
Type: string
Default:
"k8s-gateway"
Declared by:
services.k8s-gateway.values#
Values to pass on to the k8s-gateway helm chart.
Type: attribute set of anything
Default:
{ }
Declared by:
services.sops-secrets-operator.ageKeySecret#
Name of a secret containing an age private key to use to decrypt SOPS secrets. Secret needs to contain a keys.txt data key.
Example:
apiVersion: v1
kind: Secret
metadata:
name: age-keys
namespace: sops-secrets-operator
stringData:
keys.txt: |
AGE-SECRET-KEY-123...
Type: null or string
Default:
null
Declared by:
services.sops-secrets-operator.enable#
Whether to enable sops-secrets-operator.
Type: boolean
Default:
false
Example:
true
Declared by:
services.sops-secrets-operator.extraYAMLs#
Extra resources defined in YAML that will be parsed and merged with the rest of the resources.
Type: list of strings concatenated with "\n"
Default:
[ ]
Example:
[
''
apiVersion: v1
kind: Namespace
metadata:
name: sops-secrets-operator
''
''
apiVersion: v1
kind: ConfigMap
metadata:
name: my-config
namespace: sops-secrets-operator
---
apiVersion: v1
kind: ConfigMap
metadata:
name: my-files
namespace: sops-secrets-operator
data:
file.txt: |
some data here.
''
]
Declared by:
services.sops-secrets-operator.name#
Name of the application for sops-secrets-operator.
Type: string
Default:
"sops-secrets-operator"
Declared by:
services.sops-secrets-operator.namespace#
Destination namespace for sops-secrets-operator.
Type: string
Default:
"sops-secrets-operator"
Declared by:
services.sops-secrets-operator.values#
Values to pass on to the sops-secrets-operator helm chart.
Type: attribute set of anything
Default:
{ }
Declared by:
services.tailscale-operator.enable#
Whether to enable tailscale-operator.
Type: boolean
Default:
false
Example:
true
Declared by:
services.tailscale-operator.extraYAMLs#
Extra resources defined in YAML that will be parsed and merged with the rest of the resources.
Type: list of strings concatenated with "\n"
Default:
[ ]
Example:
[
''
apiVersion: v1
kind: Namespace
metadata:
name: tailscale-operator
''
''
apiVersion: v1
kind: ConfigMap
metadata:
name: my-config
namespace: tailscale-operator
---
apiVersion: v1
kind: ConfigMap
metadata:
name: my-files
namespace: tailscale-operator
data:
file.txt: |
some data here.
''
]
Declared by:
services.tailscale-operator.name#
Name of the application for tailscale-operator.
Type: string
Default:
"tailscale-operator"
Declared by:
services.tailscale-operator.namespace#
Destination namespace for tailscale-operator.
Type: string
Default:
"tailscale-operator"
Declared by:
services.tailscale-operator.values#
Values to pass on to the tailscale-operator helm chart.
Type: attribute set of anything
Default:
{ }
Declared by:
services.traefik.enable#
Whether to enable traefik.
Type: boolean
Default:
false
Example:
true
Declared by:
services.traefik.extraYAMLs#
Extra resources defined in YAML that will be parsed and merged with the rest of the resources.
Type: list of strings concatenated with "\n"
Default:
[ ]
Example:
[
''
apiVersion: v1
kind: Namespace
metadata:
name: traefik
''
''
apiVersion: v1
kind: ConfigMap
metadata:
name: my-config
namespace: traefik
---
apiVersion: v1
kind: ConfigMap
metadata:
name: my-files
namespace: traefik
data:
file.txt: |
some data here.
''
]
Declared by:
services.traefik.ingressClass.enable#
Enable creating an ingress class resource for traefik.
Type: boolean
Default:
true
Declared by:
services.traefik.ingressClass.isDefaultClass#
Set traefik ingress class as the default one.
Type: boolean
Default:
true
Declared by:
services.traefik.ingressClass.name#
The name of the ingress class for traefik.
Type: string
Default:
"traefik"
Declared by:
services.traefik.name#
Name of the application for traefik.
Type: string
Default:
"traefik"
Declared by:
services.traefik.namespace#
Destination namespace for traefik.
Type: string
Default:
"traefik"
Declared by:
services.traefik.values#
Values to pass on to the traefik helm chart.
Type: attribute set of anything
Default:
{ }
Declared by:
storage.csi.nfs.driverName#
Name of the driver when deployed in the Kubernetes cluster.
Type: string
Default:
"nfs.csi.k8s.io"
Declared by:
storage.csi.nfs.enable#
Whether to enable csi-driver-nfs.
Type: boolean
Default:
false
Example:
true
Declared by:
storage.csi.nfs.extraYAMLs#
Extra resources defined in YAML that will be parsed and merged with the rest of the resources.
Type: list of strings concatenated with "\n"
Default:
[ ]
Example:
[
''
apiVersion: v1
kind: Namespace
metadata:
name: kube-system
''
''
apiVersion: v1
kind: ConfigMap
metadata:
name: my-config
namespace: kube-system
---
apiVersion: v1
kind: ConfigMap
metadata:
name: my-files
namespace: kube-system
data:
file.txt: |
some data here.
''
]
Declared by:
storage.csi.nfs.name#
Name of the application for csi-driver-nfs.
Type: string
Default:
"csi-driver-nfs"
Declared by:
storage.csi.nfs.namespace#
Destination namespace for csi-driver-nfs.
Type: string
Default:
"kube-system"
Declared by:
storage.csi.nfs.storageClass.enable#
Automatically create a StorageClass for csi-driver-nfs.
Type: boolean
Default:
false
Declared by:
storage.csi.nfs.storageClass.mountOptions#
Extra options to pass on when mounting the NFS share.
Type: list of string
Default:
[ ]
Example:
[
"nfsvers=4.1"
]
Declared by:
storage.csi.nfs.storageClass.name#
Name of the StorageClass to create for csi-driver-nfs.
Type: string
Default:
"nfs-csi"
Declared by:
storage.csi.nfs.storageClass.reclaimPolicy#
Reclaim policy to use for the StorageClass for csi-driver-nfs.
Type: one of "Delete", "Retain"
Default:
"Delete"
Declared by:
storage.csi.nfs.storageClass.server#
NFS server address to use to connect to.
Type: string
Declared by:
storage.csi.nfs.storageClass.share#
NFS share on the server to use for csi-driver-nfs.
Type: string
Declared by:
storage.csi.nfs.storageClass.volumeBindingMode#
VolumeBindingMode indicates how PersistentVolumeClaims should be provisioned and bound.
Type: one of "Immediate", "WaitForFirstConsumer"
Default:
"Immediate"
Declared by:
storage.csi.nfs.values#
Values to pass on to the csi-driver-nfs chart.
Type: attribute set of anything
Default:
{ }
Declared by: