fix prod-cluster build

Makefile

@@ -18,14 +18,14 @@ DEVCLUSTEROUT = $(DEVOUT)/cluster.yaml
 PRODOUT = $(OUTDIR)/prod
 PRODMANIFESTOUT = $(PRODOUT)/manifest.yaml
 PRODMANIFESTSRC = kustomize/overlays/prod
-PRODCLUSTERTOUT = $(PRODOUT)/cluster.yaml
-PRODCLUSTERTSRC = kustomize/overlays/prod-cluster
+PRODCLUSTEROUT = $(PRODOUT)/cluster.yaml
+PRODCLUSTERSRC = kustomize/overlays/prod-cluster
 
 ifeq ($(environment),prod)
 	environment = prod
 
 	ENVOUTDIR  = $(PRODOUT)
-	ENVOUTFILE = $(PRODMANIFESTOUT) $(PRODCLUSTERTOUT)
+	ENVOUTFILE = $(PRODMANIFESTOUT) $(PRODCLUSTEROUT)
 else
 	environment = dev
 

kustomize/bases/longhorn/kustomization.yaml

@@ -0,0 +1,2 @@
+resources:
+  - https://raw.githubusercontent.com/longhorn/longhorn/v1.2.0/deploy/longhorn.yaml

kustomize/overlays/dev/cert-manager/clusterissuer.yaml

@@ -1,25 +0,0 @@
-apiVersion: cert-manager.io/v1alpha2
-kind: ClusterIssuer
-metadata:
-  name: letsencrypt
-  namespace: cert-manager
-spec:
-  acme:
-    # You must replace this email address with your own.
-    # Let's Encrypt will use this to contact you about expiring
-    # certificates, and issues related to your account.
-    email: marchambault@badjware.dev
-    server: https://acme-v02.api.letsencrypt.org/directory
-    privateKeySecretRef:
-      # Secret resource that will be used to store the account's private key.
-      name: letsencrypt-cert
-    solvers:
-      - selector:
-          dnsZones:
-          - local.badjware.dev
-        dns01: 
-          cnameStrategy: Follow
-          digitalocean:
-            tokenSecretRef:
-              name: digitalocean-api-key
-              key: access-token

kustomize/overlays/dev/cert-manager/kustomizeconfig.yaml

@@ -1,6 +0,0 @@
-nameReference:
-  - version: v1
-    kind: Secret
-    fieldSpecs:
-      - kind: ClusterIssuer
-        path: spec/acme/solvers/dns01/digitalocean/tokenSecretRef/name

kustomize/overlays/dev/placeholders.txt

@@ -1,6 +1,7 @@
-DRONE_EXTERNAL_HOST=drone.localhost
 GITEA_EXTERNAL_HOST=gitea.localhost
+NEXTCLOUD_EXTERNAL_HOST=nextcloud.localhost
+
+DRONE_EXTERNAL_HOST=drone.localhost
 GRAFANA_EXTERNAL_HOST=grafana.localhost
 KUBERNETES_DASHBOARD_EXTERNAL_HOST=kubernetes-dashboard.localhost
-NEXTCLOUD_EXTERNAL_HOST=nextcloud.localhost
 PROMETHEUS_EXTERNAL_HOST=prometheus.localhost

kustomize/overlays/prod-cluster/kustomization.yaml

@@ -0,0 +1,9 @@
+bases:
+  - ../../namespaces/kube-system
+  - ../../namespaces/operators
+  - ../../bases/longhorn
+  # - ../../namespaces/cert-manager
+
+# allow "kubectl apply -l managed-by=cluster --prune ..."
+commonlabels:
+  managed-by: kustomize-cluster

kustomize/overlays/prod/cert-manager/clusterissuer.yaml

@@ -1,25 +0,0 @@
-apiVersion: cert-manager.io/v1alpha2
-kind: ClusterIssuer
-metadata:
-  name: letsencrypt
-  namespace: cert-manager
-spec:
-  acme:
-    # You must replace this email address with your own.
-    # Let's Encrypt will use this to contact you about expiring
-    # certificates, and issues related to your account.
-    email: marchambault@badjware.dev
-    server: https://acme-v02.api.letsencrypt.org/directory
-    privateKeySecretRef:
-      # Secret resource that will be used to store the account's private key.
-      name: letsencrypt-cert
-    solvers:
-      - selector:
-          dnsZones:
-          - badjware.dev
-        dns01: 
-          cnameStrategy: Follow
-          digitalocean:
-            tokenSecretRef:
-              name: digitalocean-api-key
-              key: access-token

kustomize/overlays/prod/cert-manager/kustomizeconfig.yaml

@@ -1,6 +0,0 @@
-nameReference:
-  - version: v1
-    kind: Secret
-    fieldSpecs:
-      - kind: ClusterIssuer
-        path: spec/acme/solvers/dns01/digitalocean/tokenSecretRef/name

kustomize/overlays/prod/kustomization.yaml

@@ -0,0 +1,40 @@
+# bases:
+#   - ../../namespaces/kubernetes-dashboard
+#   - ../../namespaces/gitea
+#   - ../../namespaces/grafana
+#   - ../../namespaces/monitoring
+
+# images:
+#   - name: gitea/gitea
+#     newtag: 1.15.0
+#   - name: grafana
+#     newtag: 8.1.2
+#   - name: drone/drone
+#     newtag: 2.0.6
+#   - name: drone/drone-runner-kube
+#     newtag: 1.0.0-beta.9
+
+# secretGenerator:
+#   - name: drone-secret
+#     type: Opaque
+#     namespace: gitea
+#     behavior: replace
+#     literals:
+#       - rpc_secret=9128146e66f104873df80dad3ef12cf0
+#   # https://docs.drone.io/server/provider/gitea/
+#   - name: drone-gitea-oauth-secret
+#     type: Opaque
+#     namespace: gitea
+#     behavior: replace
+#     literals:
+#       - client_id=6c0c6878-baf1-4648-b0cf-69eeae69e692
+#       - client_secret=Q78VsgyfgTzKrvQEmokEMj84g7epKrlBpmDjcbhKXCIh
+
+# # allow "kubectl apply -l managed-by=kustomize --prune ..."
+# commonlabels:
+#   managed-by: kustomize
+
+# transformers:
+#   - transformers/placeholders.yaml
+#   # - transformers/ssm-secrets.yaml
+

kustomize/overlays/prod/placeholders.txt

@@ -0,0 +1,7 @@
+GITEA_EXTERNAL_HOST=code.badjware.dev
+DRONE_EXTERNAL_HOST=drone.badjware.dev
+NEXTCLOUD_EXTERNAL_HOST=cloud.badjware.dev
+
+GRAFANA_EXTERNAL_HOST=grafana.badjnet.local
+KUBERNETES_DASHBOARD_EXTERNAL_HOST=kubernetes-dashboard.badjnet.local
+PROMETHEUS_EXTERNAL_HOST=prometheus.badjnet.local

kustomize/overlays/prod/transformers/placeholders.yaml

@@ -0,0 +1,5 @@
+apiVersion: badjware/v1
+kind: PlaceholderTransformer
+metadata:
+  name: placeholders
+placeholdersFile: placeholders.txt