TazLab K8s Secrets Mapping
The ExternalSecrets delivery model bridges external secret stores with native Kubernetes secrets.
Mapping Inventory
| K8s Secret | Namespace | Source Path (Infisical) | Remote Key |
|---|---|---|---|
wildcard-tls | Multiple | /proxmox | WILDCARD_CRT, WILDCARD_KEY |
cloudflare-token | cert-manager | /proxmox | CLOUDFLARE_API_TOKEN |
github-token | flux-system | /proxmox | GITHUB_TOKEN |
mnemosyne-secrets | tazlab-db | /tazlab-db | GEMINI_API_KEY |
openclaw-secrets | ai-agents | /ai-agents | OPENCLAW_GATEWAY_TOKEN … |
Store Configuration
- Kind:
ClusterSecretStore - Name:
tazlab-secrets - Status: Currently Infisical. Target: HashiCorp Vault.
See Also
- Conventions: K8s Conventions - Purity rules.
- Hub: TazLab K8s Hub