badjware
/
home-stack-kustomize
1
0
Fork 0
Code Releases Activity

fix prod-cluster build

This commit is contained in:
Massaki Archambault 2021-08-26 12:42:41 -04:00
parent cd592c43d2
commit 648f018e53
12 changed files with 69 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Makefile
View File

@ -18,14 +18,14 @@ DEVCLUSTEROUT = $(DEVOUT)/cluster.yaml
PRODOUT = $(OUTDIR)/prod PRODOUT = $(OUTDIR)/prod
PRODMANIFESTOUT = $(PRODOUT)/manifest.yaml PRODMANIFESTOUT = $(PRODOUT)/manifest.yaml
PRODMANIFESTSRC = kustomize/overlays/prod PRODMANIFESTSRC = kustomize/overlays/prod
PRODCLUSTERTOUT = $(PRODOUT)/cluster.yaml PRODCLUSTEROUT = $(PRODOUT)/cluster.yaml
PRODCLUSTERTSRC = kustomize/overlays/prod-cluster PRODCLUSTERSRC = kustomize/overlays/prod-cluster
ifeq ($(environment),prod) ifeq ($(environment),prod)
environment = prod environment = prod
ENVOUTDIR = $(PRODOUT) ENVOUTDIR = $(PRODOUT)
ENVOUTFILE = $(PRODMANIFESTOUT) $(PRODCLUSTERTOUT) ENVOUTFILE = $(PRODMANIFESTOUT) $(PRODCLUSTEROUT)
else else
environment = dev environment = dev

2
kustomize/bases/longhorn/kustomization.yaml Normal file
View File

@ -0,0 +1,2 @@
resources:
- https://raw.githubusercontent.com/longhorn/longhorn/v1.2.0/deploy/longhorn.yaml

25
kustomize/overlays/dev/cert-manager/clusterissuer.yaml
View File

@ -1,25 +0,0 @@
apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer
metadata:
name: letsencrypt
namespace: cert-manager
spec:
acme:
# You must replace this email address with your own.
# Let's Encrypt will use this to contact you about expiring
# certificates, and issues related to your account.
email: marchambault@badjware.dev
server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef:
# Secret resource that will be used to store the account's private key.
name: letsencrypt-cert
solvers:
- selector:
dnsZones:
- local.badjware.dev
dns01:
cnameStrategy: Follow
digitalocean:
tokenSecretRef:
name: digitalocean-api-key
key: access-token

6
kustomize/overlays/dev/cert-manager/kustomizeconfig.yaml
View File

@ -1,6 +0,0 @@
nameReference:
- version: v1
kind: Secret
fieldSpecs:
- kind: ClusterIssuer
path: spec/acme/solvers/dns01/digitalocean/tokenSecretRef/name

5
kustomize/overlays/dev/placeholders.txt
View File

@ -1,6 +1,7 @@
DRONE_EXTERNAL_HOST=drone.localhost
GITEA_EXTERNAL_HOST=gitea.localhost GITEA_EXTERNAL_HOST=gitea.localhost
NEXTCLOUD_EXTERNAL_HOST=nextcloud.localhost
DRONE_EXTERNAL_HOST=drone.localhost
GRAFANA_EXTERNAL_HOST=grafana.localhost GRAFANA_EXTERNAL_HOST=grafana.localhost
KUBERNETES_DASHBOARD_EXTERNAL_HOST=kubernetes-dashboard.localhost KUBERNETES_DASHBOARD_EXTERNAL_HOST=kubernetes-dashboard.localhost
NEXTCLOUD_EXTERNAL_HOST=nextcloud.localhost
PROMETHEUS_EXTERNAL_HOST=prometheus.localhost PROMETHEUS_EXTERNAL_HOST=prometheus.localhost

9
kustomize/overlays/prod-cluster/kustomization.yaml Normal file
View File

@ -0,0 +1,9 @@
bases:
- ../../namespaces/kube-system
- ../../namespaces/operators
- ../../bases/longhorn
# - ../../namespaces/cert-manager
# allow "kubectl apply -l managed-by=cluster --prune ..."
commonlabels:
managed-by: kustomize-cluster

25
kustomize/overlays/prod/cert-manager/clusterissuer.yaml
View File

@ -1,25 +0,0 @@
apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer
metadata:
name: letsencrypt
namespace: cert-manager
spec:
acme:
# You must replace this email address with your own.
# Let's Encrypt will use this to contact you about expiring
# certificates, and issues related to your account.
email: marchambault@badjware.dev
server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef:
# Secret resource that will be used to store the account's private key.
name: letsencrypt-cert
solvers:
- selector:
dnsZones:
- badjware.dev
dns01:
cnameStrategy: Follow
digitalocean:
tokenSecretRef:
name: digitalocean-api-key
key: access-token

6
kustomize/overlays/prod/cert-manager/kustomizeconfig.yaml
View File

@ -1,6 +0,0 @@
nameReference:
- version: v1
kind: Secret
fieldSpecs:
- kind: ClusterIssuer
path: spec/acme/solvers/dns01/digitalocean/tokenSecretRef/name

40
kustomize/overlays/prod/kustomization.yaml Normal file
View File

@ -0,0 +1,40 @@
# bases:
# - ../../namespaces/kubernetes-dashboard
# - ../../namespaces/gitea
# - ../../namespaces/grafana
# - ../../namespaces/monitoring
# images:
# - name: gitea/gitea
# newtag: 1.15.0
# - name: grafana
# newtag: 8.1.2
# - name: drone/drone
# newtag: 2.0.6
# - name: drone/drone-runner-kube
# newtag: 1.0.0-beta.9
# secretGenerator:
# - name: drone-secret
# type: Opaque
# namespace: gitea
# behavior: replace
# literals:
# - rpc_secret=9128146e66f104873df80dad3ef12cf0
# # https://docs.drone.io/server/provider/gitea/
# - name: drone-gitea-oauth-secret
# type: Opaque
# namespace: gitea
# behavior: replace
# literals:
# - client_id=6c0c6878-baf1-4648-b0cf-69eeae69e692
# - client_secret=Q78VsgyfgTzKrvQEmokEMj84g7epKrlBpmDjcbhKXCIh
# # allow "kubectl apply -l managed-by=kustomize --prune ..."
# commonlabels:
# managed-by: kustomize
# transformers:
# - transformers/placeholders.yaml
# # - transformers/ssm-secrets.yaml

7
kustomize/overlays/prod/placeholders.txt Normal file
View File

@ -0,0 +1,7 @@
GITEA_EXTERNAL_HOST=code.badjware.dev
DRONE_EXTERNAL_HOST=drone.badjware.dev
NEXTCLOUD_EXTERNAL_HOST=cloud.badjware.dev
GRAFANA_EXTERNAL_HOST=grafana.badjnet.local
KUBERNETES_DASHBOARD_EXTERNAL_HOST=kubernetes-dashboard.badjnet.local
PROMETHEUS_EXTERNAL_HOST=prometheus.badjnet.local

5
kustomize/overlays/prod/transformers/placeholders.yaml Normal file
View File

@ -0,0 +1,5 @@
apiVersion: badjware/v1
kind: PlaceholderTransformer
metadata:
name: placeholders
placeholdersFile: placeholders.txt

0
kustomize/overlays/dev/transformers/ssm-secrets.yaml → kustomize/overlays/prod/transformers/ssm-secrets.yaml
View File