1
0
Fork 0

drop helmchart

This commit is contained in:
Massaki Archambault 2020-05-15 22:19:37 -04:00
parent 79dcd4d4eb
commit 88a34cb3d2
17 changed files with 110 additions and 123 deletions

View File

@ -7,7 +7,7 @@ KUBECTLDIFFFLAGS = --server-side
KUBECTLAPPLYFLAGS = -l managed-by=kustomize --prune
SRC := $(shell find kustomize/ -type f)
OUTDIR = build/
OUTDIR = build
ifeq ($(environment),prod)
# prod

View File

@ -10,14 +10,14 @@ services:
privileged: true
environment:
- K3S_CLUSTER_SECRET=${K3S_CLUSTER_SECRET:-replaceme}
- K3S_KUBECONFIG_OUTPUT=/host/build/kubeconfig.yaml
- K3S_KUBECONFIG_OUTPUT=/host/kubectl/kubeconfig.yaml
- K3S_KUBECONFIG_MODE=666
volumes:
- k3s_data:/var/lib/rancher/k3s
- .:/host
ports:
- 80:80
- 443:443
- 80:30080
- 443:30443
- 6443:6443
agent:
image: "rancher/k3s"

View File

@ -1,7 +0,0 @@
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: nginx-ingress-controller
spec:
repo: https://kubernetes.github.io/ingress-nginx
chart: ingress-nginx

View File

@ -1,5 +0,0 @@
resources:
- namespace.yaml
- helmchart.yaml
namespace: ingress-controller

View File

@ -1,4 +0,0 @@
apiVersion: v1
kind: Namespace
metadata:
name: ingress-controller

View File

@ -0,0 +1,11 @@
generators:
- nginx-ingress-controller.yaml
patchesStrategicMerge:
- nodeselector.yaml
- nodeport.yaml
namespace: ingress-nginx
commonlabels:
app: ingress-nginx

View File

@ -0,0 +1,7 @@
apiVersion: badjware/v1
kind: RemoteResources
metadata:
name: nginx-ingress-controller
resources:
- url: https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-0.32.0/deploy/static/provider/baremetal/deploy.yaml
sha256: b51736bb5cf846902ef5870d7d34e5627050ad8452850fdae0ab59fab54e69b6

View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: Service
metadata:
name: ingress-nginx-controller
namespace: ingress-nginx
spec:
externalTrafficPolicy: Local
ports:
- port: 80
nodePort: 30080
- port: 443
nodePort: 30443

View File

@ -0,0 +1,10 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: ingress-nginx-controller
namespace: ingress-nginx
spec:
template:
spec:
nodeSelector:
node-role.kubernetes.io/master: "true"

View File

@ -1,12 +0,0 @@
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: kubernetes-dashboard
spec:
repo: https://funkypenguin.github.io/helm-charts
chart: kubernetes-dashboard
version: 2.0.0-rc7-fp6
valuesContent: |-
ingress:
enabled: true
hosts: ["kubernetes-dashboard.127.0.0.1.nip.io"]

View File

@ -0,0 +1,7 @@
apiVersion: badjware/v1
kind: RemoteResources
metadata:
name: kubernetes-dashboard
resources:
- url: https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml
sha256: d8b96dfa27da511d5116fc3583281dd1da709c3c6e07b033e4f3424bc2ab64c8

View File

@ -1,6 +1,10 @@
resources:
- namespace.yaml
- admin-user.yaml
- helmchart.yaml
generators:
- kubernetes-dashboard.yaml
namespace: kubernetes-dashboard
commonlabels:
app: kubernetes-dashboard

View File

@ -1,4 +0,0 @@
apiVersion: v1
kind: Namespace
metadata:
name: kubernetes-dashboard

View File

@ -0,0 +1,17 @@
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: kubernetes-dashboard-ingress
labels:
app: kubernetes-dashboard
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: kubernetes-dashboard.staging.massaki.ca
http:
paths:
- path: /
backend:
serviceName: kubernetes-dashboard
servicePort: http

View File

@ -1,9 +1,37 @@
bases:
- ../../base/ingress-controller
- ../../base/ingress-nginx
- ../../base/kubernetes-dashboard
- ../../base/gitea
- ../../base/nextcloud
resources:
- kubernetes-dashboard/ingress.yaml
patchesJson6902:
- target: &ingress_target
group: networking.k8s.io
version: v1beta1
kind: Ingress
name: nextcloud-ingress
patch: |-
- op: replace
path: /spec/rules/0/host
value: nextcloud.staging.massaki.ca
- target:
<<: *ingress_target
name: gitea-ingress
patch: |-
- op: replace
path: /spec/rules/0/host
value: gitea.staging.massaki.ca
- target:
<<: *ingress_target
name: drone-ingress
patch: |-
- op: replace
path: /spec/rules/0/host
value: drone.staging.massaki.ca
# secretGenerator:
# - name: drone-gitea-oauth-secret
# type: Opaque
@ -16,3 +44,6 @@ bases:
# allow "kubectl apply -l managed-by=kustomize --prune ..."
commonlabels:
managed-by: kustomize
# transformers:
# - ssm-secrets.yaml

View File

@ -0,0 +1,4 @@
apiVersion: badjware/v1
kind: SSMParameterPlaceholderTransformer
metadata:
name: ssm-parameter

View File

@ -1,84 +0,0 @@
APP_NAME = Badjware's code stash
RUN_MODE = prod
RUN_USER = git
[repository]
ROOT = /data/git/repositories
[repository.local]
LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
[repository.upload]
TEMP_PATH = /data/gitea/uploads
[server]
APP_DATA_PATH = /data/gitea
SSH_DOMAIN = gitea.127.0.0.1.nip.io
HTTP_PORT = 3000
ROOT_URL = http://gitea.127.0.0.1.nip.io/
DISABLE_SSH = false
SSH_PORT = 22
SSH_LISTEN_PORT = 22
LFS_START_SERVER = true
LFS_CONTENT_PATH = /data/git/lfs
DOMAIN = gitea.127.0.0.1.nip.io
LFS_JWT_SECRET = EiPLMzu-LGvjhcByu5_t3PszAVCg1RP_8e8A1oI_-FA
OFFLINE_MODE = false
[database]
PATH = /data/gitea/gitea.db
DB_TYPE = mysql
HOST = mariadb.gitea.svc:3306
NAME = gitea
USER = gitea
PASSWD = replaceme
SSL_MODE = disable
CHARSET = utf8
[indexer]
ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
[session]
PROVIDER_CONFIG = /data/gitea/sessions
PROVIDER = file
[picture]
AVATAR_UPLOAD_PATH = /data/gitea/avatars
REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
DISABLE_GRAVATAR = false
ENABLE_FEDERATED_AVATAR = true
[attachment]
PATH = /data/gitea/attachments
[log]
ROOT_PATH = /data/gitea/log
MODE = file
LEVEL = info
[security]
INSTALL_LOCK = true
SECRET_KEY = Y38P9GDsbUe28RO5y04GlMv7Zbw14plInI7N4zYrZPjTGqANdFHfVlC2XY1UayLu
INTERNAL_TOKEN = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1ODgyMTgxODR9.ljBAqOJAIHV14GXmAAoKXOXUho4WaY-Js4XnEHz3qoY
[service]
DISABLE_REGISTRATION = false
REQUIRE_SIGNIN_VIEW = false
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = false
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = false
DEFAULT_KEEP_EMAIL_PRIVATE = false
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ENABLE_TIMETRACKING = true
NO_REPLY_ADDRESS = noreply.localhost
[oauth2]
JWT_SECRET = L1Aei9Ggp0Lc4g2DSDDFVclLlOT0IAP-zGbVD1XQEXI
[mailer]
ENABLED = false
[openid]
ENABLE_OPENID_SIGNIN = true
ENABLE_OPENID_SIGNUP = true