From b266a059b558a875cf327533a3fadbb2069c9b03 Mon Sep 17 00:00:00 2001
From: dvirlabs <dvirlabs@gmail.com>
Date: Fri, 18 Jul 2025 12:51:11 +0300
Subject: [PATCH] Add external secret app

---
 argocd-apps/external-secrets-my-apps.yaml     | 20 +++++++++++++++++
 .../nextcloud/external-secret.yaml            | 22 +++++++++++++++++++
 2 files changed, 42 insertions(+)
 create mode 100644 argocd-apps/external-secrets-my-apps.yaml
 create mode 100644 manifests/external-secrets/nextcloud/external-secret.yaml

diff --git a/argocd-apps/external-secrets-my-apps.yaml b/argocd-apps/external-secrets-my-apps.yaml
new file mode 100644
index 0000000..67af465
--- /dev/null
+++ b/argocd-apps/external-secrets-my-apps.yaml
@@ -0,0 +1,20 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: external-secrets-my-apps
+  namespace: argocd
+spec:
+  project: my-apps
+  source:
+    repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
+    targetRevision: HEAD
+    path: manifests/external-secrets
+    directory:
+      recurse: true
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: my-apps
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
diff --git a/manifests/external-secrets/nextcloud/external-secret.yaml b/manifests/external-secrets/nextcloud/external-secret.yaml
new file mode 100644
index 0000000..18e1fc6
--- /dev/null
+++ b/manifests/external-secrets/nextcloud/external-secret.yaml
@@ -0,0 +1,22 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: nextcloud-exporter-secret
+  namespace: dev-tools
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    name: vault-general-secrets
+    kind: ClusterSecretStore
+  target:
+    name: nextcloud-exporter-secret
+    creationPolicy: Owner
+  data:
+    - secretKey: username
+      remoteRef:
+        key: general-secrets/nextcloud-exporter
+        property: username
+    - secretKey: password
+      remoteRef:
+        key: general-secrets/nextcloud-exporter
+        property: password