badjware
/
home-stack-kustomize
1
0
Fork 0
Code Releases Activity

fix gitea configuration, install external-secrets

This commit is contained in:
Massaki Archambault 2023-02-07 00:02:13 -05:00
parent 77644f5240
commit 251f012e9a
12 changed files with 78 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
kustomize/bases/drone-runner/drone-runner-deployment.yaml
View File

@ -25,7 +25,7 @@ spec:
fieldRef: fieldRef:
fieldPath: metadata.namespace fieldPath: metadata.namespace
- name: DRONE_RPC_HOST - name: DRONE_RPC_HOST
value: drone-server.$(DRONE_NAMESPACE_DEFAULT).svc.cluster.local value: drone-server.gitea.svc.cluster.local # TODO: not hardcode
- name: DRONE_RPC_PROTO - name: DRONE_RPC_PROTO
value: http value: http
- name: DRONE_RPC_SECRET - name: DRONE_RPC_SECRET

4
kustomize/bases/drone-server/drone-server-deployment.yaml
View File

@ -23,14 +23,14 @@ spec:
- name: drone - name: drone
image: drone/drone image: drone/drone
env: env:
- name: DRONE_GITEA_SERVER
value: https://${GITEA_EXTERNAL_HOST}
- name: DRONE_SERVER_HOST - name: DRONE_SERVER_HOST
value: ${DRONE_EXTERNAL_HOST} value: ${DRONE_EXTERNAL_HOST}
- name: DRONE_SERVER_PORT - name: DRONE_SERVER_PORT
value: ":80" value: ":80"
- name: DRONE_SERVER_PROTO - name: DRONE_SERVER_PROTO
value: https value: https
- name: DRONE_GITEA_SERVER
value: https://${GITEA_EXTERNAL_HOST}
- name: DRONE_GITEA_CLIENT_ID - name: DRONE_GITEA_CLIENT_ID
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:

12
kustomize/bases/external-secrets/external-secrets-helmchart.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: external-secrets
namespace: kube-system
spec:
repo: https://charts.external-secrets.io
chart: external-secrets
version: 0.7.2
targetNamespace: external-secrets
set:
installCRDs: "true"

4
kustomize/bases/external-secrets/external-secrets-namespace.yaml Normal file
View File

@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: external-secrets

6
kustomize/bases/external-secrets/kustomization.yaml Normal file
View File

@ -0,0 +1,6 @@
resources:
- external-secrets-namespace.yaml
- external-secrets-helmchart.yaml
commonLabels:
app.kubernetes.io/name: external-secrets

8
kustomize/bases/gitea/gitea-deployment.yaml
View File

@ -20,12 +20,14 @@ spec:
- name: gitea - name: gitea
image: gitea/gitea image: gitea/gitea
env: env:
- name: GITEA__SERVER__ROOT_URL
value: https://${GITEA_EXTERNAL_HOST}
- name: GITEA__WEBHOOK_ALLOWED_HOST_LIST
value: ${DRONE_EXTERNAL_HOST}
- name: GITEA__DEFAULT__APP_NAME - name: GITEA__DEFAULT__APP_NAME
value: Badjware's code stash value: Badjware's code stash
- name: GITEA__SERVICE__DISABLE_REGISTRATION - name: GITEA__SERVICE__DISABLE_REGISTRATION
value: "yes" value: "yes"
- name: GITEA__SERVER__ROOT_URL
value: https://${GITEA_EXTERNAL_HOST}
- name: GITEA__SERVER__SSH_DOMAIN - name: GITEA__SERVER__SSH_DOMAIN
value: ${GITEA_EXTERNAL_HOST} value: ${GITEA_EXTERNAL_HOST}
- name: GITEA__SERVER__SSH_PORT - name: GITEA__SERVER__SSH_PORT
@ -36,8 +38,6 @@ spec:
value: repo.wiki value: repo.wiki
- name: GITEA__REPOSITORY__DEFAULT_REPO_UNITS - name: GITEA__REPOSITORY__DEFAULT_REPO_UNITS
value: repo.code,repo.releases value: repo.code,repo.releases
- name: GITEA__WEBHOOK_ALLOWED_HOST_LIST
value: ${DRONE_EXTERNAL_HOST}
ports: ports:
- name: http - name: http
containerPort: 3000 containerPort: 3000

2
kustomize/bases/prometheus-operator/kustomization.yaml
View File

@ -1,5 +1,7 @@
resources: resources:
- https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/release-0.50/bundle.yaml - https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/release-0.50/bundle.yaml
namespace: kube-system
commonLabels: commonLabels:
app.kubernetes.io/part-of: monitoring app.kubernetes.io/part-of: monitoring

2
kustomize/bases/traefik/kustomization.yaml
View File

@ -4,5 +4,7 @@ resources:
- traefik-helmchartconfig.yaml - traefik-helmchartconfig.yaml
- traefik-ingress.yaml - traefik-ingress.yaml
namespace: kube-system
commonLabels: commonLabels:
app.kubernetes.io/name: traefik app.kubernetes.io/name: traefik

3
kustomize/namespaces/kube-system/kustomization.yaml
View File

@ -1,5 +1,4 @@
resources: resources:
- ../../bases/traefik - ../../bases/traefik
- ../../bases/prometheus-operator - ../../bases/prometheus-operator
- ../../bases/external-secrets
namespace: kube-system

2
kustomize/namespaces/monitoring/kustomization.yaml
View File

@ -3,7 +3,7 @@ resources:
- ../../bases/prometheus - ../../bases/prometheus
# - ../../bases/node-exporter # - ../../bases/node-exporter
- ../../bases/blackbox-exporter - ../../bases/blackbox-exporter
- ../../bases/ecommerce-exporter # - ../../bases/ecommerce-exporter
- ../../bases/kube-state-metrics - ../../bases/kube-state-metrics
- ../../bases/grafana-agent - ../../bases/grafana-agent
- ../../bases/grafana - ../../bases/grafana

1
kustomize/overlays/prod-cluster/kustomization.yaml
View File

@ -4,7 +4,6 @@ resources:
buildMetadata: buildMetadata:
- originAnnotations - originAnnotations
- transformerAnnotations
commonLabels: commonLabels:
app.kubernetes.io/managed-by: kustomize-cluster app.kubernetes.io/managed-by: kustomize-cluster

49
kustomize/overlays/prod/kustomization.yaml
View File

@ -9,7 +9,6 @@ resources:
buildMetadata: buildMetadata:
- originAnnotations - originAnnotations
- transformerAnnotations
images: images:
- name: gitea/gitea - name: gitea/gitea
@ -38,15 +37,17 @@ configMapGenerator:
namespace: default namespace: default
literals: literals:
- GITEA_EXTERNAL_HOST=code.badjware.dev - GITEA_EXTERNAL_HOST=code.badjware.dev
- GITEA_EXTERNAL_URL=https://code.badjware.dev
- DRONE_EXTERNAL_HOST=drone.badjware.dev - DRONE_EXTERNAL_HOST=drone.badjware.dev
- NEXTCLOUD_EXTERNAL_HOST=cloud.badjware.dev - NEXTCLOUD_EXTERNAL_HOST=cloud.badjware.dev
- GRAFANA_EXTERNAL_HOST=grafana.badjware.dev - GRAFANA_EXTERNAL_HOST=grafana.badjware.dev
- PROMETHEUS_EXTERNAL_HOST=prometheus.badjnet.home - PROMETHEUS_EXTERNAL_HOST=prometheus.badjnet.home
- name: ecommerce-exporter-config # - name: ecommerce-exporter-config
namespace: monitoring # namespace: monitoring
behavior: replace # behavior: replace
files: # files:
- ecommerce-exporter.yml=configurations/ecommerce-exporter/ecommerce-exporter.yml # - ecommerce-exporter.yml=configurations/ecommerce-exporter/ecommerce-exporter.yml
secretGenerator: secretGenerator:
- name: drone-secret - name: drone-secret
@ -138,6 +139,24 @@ replacements:
namespace: gitea namespace: gitea
fieldPaths: fieldPaths:
- spec.rules.0.host - spec.rules.0.host
- source:
kind: ConfigMap
name: replacements
namespace: default
fieldPath: data.GITEA_EXTERNAL_URL
targets:
- select:
kind: Deployment
name: gitea
namespace: gitea
fieldPaths:
- spec.template.spec.containers.0.env.0.value
- select:
kind: Deployment
name: drone-server
namespace: gitea
fieldPaths:
- spec.template.spec.containers.0.env.0.value
- source: - source:
kind: ConfigMap kind: ConfigMap
name: replacements name: replacements
@ -150,6 +169,24 @@ replacements:
namespace: gitea namespace: gitea
fieldPaths: fieldPaths:
- spec.rules.0.host - spec.rules.0.host
- select:
kind: Deployment
name: drone-server
namespace: gitea
fieldPaths:
- spec.template.spec.containers.0.env.1.value
- select:
kind: Deployment
name: gitea
namespace: gitea
fieldPaths:
- spec.template.spec.containers.0.env.1.value
- select:
kind: Deployment
name: drone-server
namespace: gitea
fieldPaths:
- spec.template.spec.containers.0.env.1.value
- source: - source:
kind: ConfigMap kind: ConfigMap
name: replacements name: replacements