badjware
/
home-stack-kustomize
1
0
Fork 0
Code Releases Activity

Compare commits

base: badjware:251f012e9ae112fcc39b5b11f140faab3cf01ca6
Branches Tags
badjware:master
..
compare: badjware:e5a4272042d38153c6aad203c7c82e1b8339c678
Branches Tags
badjware:master

No commits in common. "251f012e9ae112fcc39b5b11f140faab3cf01ca6" and "e5a4272042d38153c6aad203c7c82e1b8339c678" have entirely different histories.
251f012e9a ... e5a4272042

21 changed files with 57 additions and 201 deletions
Show Stats Expand all files Collapse all files

2
kustomize/bases/drone-runner/drone-runner-deployment.yaml
View File

@ -25,7 +25,7 @@ spec:
fieldRef: fieldRef:
fieldPath: metadata.namespace fieldPath: metadata.namespace
- name: DRONE_RPC_HOST - name: DRONE_RPC_HOST
value: drone-server.gitea.svc.cluster.local # TODO: not hardcode value: drone-server.$(DRONE_NAMESPACE_DEFAULT).svc.cluster.local
- name: DRONE_RPC_PROTO - name: DRONE_RPC_PROTO
value: http value: http
- name: DRONE_RPC_SECRET - name: DRONE_RPC_SECRET

4
kustomize/bases/drone-server/drone-server-deployment.yaml
View File

@ -23,14 +23,14 @@ spec:
- name: drone - name: drone
image: drone/drone image: drone/drone
env: env:
- name: DRONE_GITEA_SERVER
value: https://${GITEA_EXTERNAL_HOST}
- name: DRONE_SERVER_HOST - name: DRONE_SERVER_HOST
value: ${DRONE_EXTERNAL_HOST} value: ${DRONE_EXTERNAL_HOST}
- name: DRONE_SERVER_PORT - name: DRONE_SERVER_PORT
value: ":80" value: ":80"
- name: DRONE_SERVER_PROTO - name: DRONE_SERVER_PROTO
value: https value: https
- name: DRONE_GITEA_SERVER
value: https://${GITEA_EXTERNAL_HOST}
- name: DRONE_GITEA_CLIENT_ID - name: DRONE_GITEA_CLIENT_ID
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:

12
kustomize/bases/external-secrets/external-secrets-helmchart.yaml
View File

@ -1,12 +0,0 @@
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: external-secrets
namespace: kube-system
spec:
repo: https://charts.external-secrets.io
chart: external-secrets
version: 0.7.2
targetNamespace: external-secrets
set:
installCRDs: "true"

4
kustomize/bases/external-secrets/external-secrets-namespace.yaml
View File

@ -1,4 +0,0 @@
apiVersion: v1
kind: Namespace
metadata:
name: external-secrets

6
kustomize/bases/external-secrets/kustomization.yaml
View File

@ -1,6 +0,0 @@
resources:
- external-secrets-namespace.yaml
- external-secrets-helmchart.yaml
commonLabels:
app.kubernetes.io/name: external-secrets

8
kustomize/bases/gitea/gitea-deployment.yaml
View File

@ -20,14 +20,12 @@ spec:
- name: gitea - name: gitea
image: gitea/gitea image: gitea/gitea
env: env:
- name: GITEA__SERVER__ROOT_URL
value: https://${GITEA_EXTERNAL_HOST}
- name: GITEA__WEBHOOK_ALLOWED_HOST_LIST
value: ${DRONE_EXTERNAL_HOST}
- name: GITEA__DEFAULT__APP_NAME - name: GITEA__DEFAULT__APP_NAME
value: Badjware's code stash value: Badjware's code stash
- name: GITEA__SERVICE__DISABLE_REGISTRATION - name: GITEA__SERVICE__DISABLE_REGISTRATION
value: "yes" value: "yes"
- name: GITEA__SERVER__ROOT_URL
value: https://${GITEA_EXTERNAL_HOST}
- name: GITEA__SERVER__SSH_DOMAIN - name: GITEA__SERVER__SSH_DOMAIN
value: ${GITEA_EXTERNAL_HOST} value: ${GITEA_EXTERNAL_HOST}
- name: GITEA__SERVER__SSH_PORT - name: GITEA__SERVER__SSH_PORT
@ -38,6 +36,8 @@ spec:
value: repo.wiki value: repo.wiki
- name: GITEA__REPOSITORY__DEFAULT_REPO_UNITS - name: GITEA__REPOSITORY__DEFAULT_REPO_UNITS
value: repo.code,repo.releases value: repo.code,repo.releases
- name: GITEA__WEBHOOK_ALLOWED_HOST_LIST
value: ${DRONE_EXTERNAL_HOST}
ports: ports:
- name: http - name: http
containerPort: 3000 containerPort: 3000

2
kustomize/bases/longhorn/longhorn-helmchart.yaml
View File

@ -10,7 +10,6 @@ spec:
targetNamespace: longhorn-system targetNamespace: longhorn-system
set: set:
backupTargetCredentialSecret: s3-backupstore-credentials backupTargetCredentialSecret: s3-backupstore-credentials
ingress.host: ${LONGHORN_EXTERNAL_HOST}
valuesContent: |- valuesContent: |-
defaultSettings: defaultSettings:
backupTarget: s3://longhorn-backups@home/ backupTarget: s3://longhorn-backups@home/
@ -28,3 +27,4 @@ spec:
operator: Exists operator: Exists
ingress: ingress:
enabled: true enabled: true
host: ${LONGHORN_EXTERNAL_HOST}

4
kustomize/bases/nextcloud/kustomization.yaml
View File

@ -1,6 +1,8 @@
resources: bases:
- ../postgres - ../postgres
- ../redis - ../redis
resources:
- nextcloud-deployment.yaml - nextcloud-deployment.yaml
- nextcloud-ingress.yaml - nextcloud-ingress.yaml

2
kustomize/bases/prometheus-operator/kustomization.yaml
View File

@ -1,7 +1,5 @@
resources: resources:
- https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/release-0.50/bundle.yaml - https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/release-0.50/bundle.yaml
namespace: kube-system
commonLabels: commonLabels:
app.kubernetes.io/part-of: monitoring app.kubernetes.io/part-of: monitoring

2
kustomize/bases/traefik/kustomization.yaml
View File

@ -4,7 +4,5 @@ resources:
- traefik-helmchartconfig.yaml - traefik-helmchartconfig.yaml
- traefik-ingress.yaml - traefik-ingress.yaml
namespace: kube-system
commonLabels: commonLabels:
app.kubernetes.io/name: traefik app.kubernetes.io/name: traefik

6
kustomize/namespaces/gitea/kustomization.yaml
View File

@ -1,7 +1,9 @@
resources: bases:
- namespace.yaml
- ../../bases/gitea - ../../bases/gitea
- ../../bases/drone-server - ../../bases/drone-server
- ../../bases/drone-runner - ../../bases/drone-runner
resources:
- namespace.yaml
namespace: gitea namespace: gitea

5
kustomize/namespaces/kube-system/kustomization.yaml
View File

@ -1,4 +1,5 @@
resources: bases:
- ../../bases/traefik - ../../bases/traefik
- ../../bases/prometheus-operator - ../../bases/prometheus-operator
- ../../bases/external-secrets
namespace: kube-system

2
kustomize/namespaces/kubernetes-dashboard/kustomization.yaml
View File

@ -1,4 +1,4 @@
resources: bases:
- ../../bases/kubernetes-dashboard - ../../bases/kubernetes-dashboard
namespace: kubernetes-dashboard namespace: kubernetes-dashboard

8
kustomize/namespaces/monitoring/kustomization.yaml
View File

@ -1,9 +1,8 @@
resources: bases:
- namespace.yaml
- ../../bases/prometheus - ../../bases/prometheus
# - ../../bases/node-exporter # - ../../bases/node-exporter
- ../../bases/blackbox-exporter - ../../bases/blackbox-exporter
# - ../../bases/ecommerce-exporter - ../../bases/ecommerce-exporter
- ../../bases/kube-state-metrics - ../../bases/kube-state-metrics
- ../../bases/grafana-agent - ../../bases/grafana-agent
- ../../bases/grafana - ../../bases/grafana
@ -15,4 +14,7 @@ resources:
# - servicemonitors/node-exporter.yaml # - servicemonitors/node-exporter.yaml
- probes/blackbox-exporter.yaml - probes/blackbox-exporter.yaml
resources:
- namespace.yaml
namespace: monitoring namespace: monitoring

6
kustomize/namespaces/nextcloud/kustomization.yaml
View File

@ -1,5 +1,7 @@
resources: bases:
- namespace.yaml
- ../../bases/nextcloud - ../../bases/nextcloud
resources:
- namespace.yaml
namespace: nextcloud namespace: nextcloud

44
kustomize/overlays/prod-cluster/kustomization.yaml
View File

@ -1,23 +1,15 @@
resources: bases:
- ../../namespaces/kube-system - ../../namespaces/kube-system
- ../../bases/longhorn - ../../bases/longhorn
buildMetadata: # allow "kubectl apply -l app.kubernetes.io/managed-by=cluster --prune ..."
- originAnnotations
commonLabels: commonLabels:
app.kubernetes.io/managed-by: kustomize-cluster app.kubernetes.io/managed-by: kustomize-cluster
transformers: transformers:
- transformers/placeholders.yaml
- transformers/ssm-secrets.yaml - transformers/ssm-secrets.yaml
configMapGenerator:
- name: cluster-replacements
namespace: default
literals:
- TRAEFIK_EXTERNAL_HOST=traefik.badjnet.home
- LONGHORN_EXTERNAL_HOST=longhorn.badjnet.home
secretGenerator: secretGenerator:
- name: s3-backupstore-credentials - name: s3-backupstore-credentials
type: Opaque type: Opaque
@ -26,32 +18,4 @@ secretGenerator:
literals: literals:
- AWS_ACCESS_KEY_ID=${ssm:/k3s/prod/longhorn/s3_access_key_id} - AWS_ACCESS_KEY_ID=${ssm:/k3s/prod/longhorn/s3_access_key_id}
- AWS_SECRET_ACCESS_KEY=${ssm:/k3s/prod/longhorn/s3_secret_access_key} - AWS_SECRET_ACCESS_KEY=${ssm:/k3s/prod/longhorn/s3_secret_access_key}
- AWS_ENDPOINTS=https://s3.badjware.dev - AWS_ENDPOINTS=https://s3.badjware.dev
replacements:
- source:
kind: ConfigMap
name: cluster-replacements
namespace: default
fieldPath: data.TRAEFIK_EXTERNAL_HOST
targets:
- select:
kind: Ingress
name: traefik
namespace: kube-system
fieldPaths:
- spec.rules.0.host
- source:
kind: ConfigMap
name: cluster-replacements
namespace: default
fieldPath: data.LONGHORN_EXTERNAL_HOST
targets:
- select:
kind: HelmChart
name: longhorn
namespace: kube-system
fieldPaths:
- spec.set.[ingress.host]
options:
create: true

2
kustomize/overlays/prod-cluster/placeholders.txt Normal file
View File

@ -0,0 +1,2 @@
TRAEFIK_EXTERNAL_HOST=traefik.badjnet.home
LONGHORN_EXTERNAL_HOST=longhorn.badjnet.home

5
kustomize/overlays/prod-cluster/transformers/placeholders.yaml Normal file
View File

@ -0,0 +1,5 @@
apiVersion: badjware/v1
kind: PlaceholderTransformer
metadata:
name: placeholders
placeholdersFile: placeholders.txt

122
kustomize/overlays/prod/kustomization.yaml
View File

@ -7,9 +7,6 @@ resources:
# resources: # resources:
# - probes/external-services-bobcat-miner.yaml # - probes/external-services-bobcat-miner.yaml
buildMetadata:
- originAnnotations
images: images:
- name: gitea/gitea - name: gitea/gitea
newTag: 1.16.9 newTag: 1.16.9
@ -33,21 +30,11 @@ images:
newTag: 6.2.5 newTag: 6.2.5
configMapGenerator: configMapGenerator:
- name: replacements - name: ecommerce-exporter-config
namespace: default namespace: monitoring
literals: behavior: replace
- GITEA_EXTERNAL_HOST=code.badjware.dev files:
- GITEA_EXTERNAL_URL=https://code.badjware.dev - ecommerce-exporter.yml=configurations/ecommerce-exporter/ecommerce-exporter.yml
- DRONE_EXTERNAL_HOST=drone.badjware.dev
- NEXTCLOUD_EXTERNAL_HOST=cloud.badjware.dev
- GRAFANA_EXTERNAL_HOST=grafana.badjware.dev
- PROMETHEUS_EXTERNAL_HOST=prometheus.badjnet.home
# - name: ecommerce-exporter-config
# namespace: monitoring
# behavior: replace
# files:
# - ecommerce-exporter.yml=configurations/ecommerce-exporter/ecommerce-exporter.yml
secretGenerator: secretGenerator:
- name: drone-secret - name: drone-secret
@ -109,6 +96,7 @@ commonLabels:
app.kubernetes.io/managed-by: kustomize app.kubernetes.io/managed-by: kustomize
transformers: transformers:
- transformers/placeholders.yaml
- transformers/ssm-secrets.yaml - transformers/ssm-secrets.yaml
patchesJson6902: patchesJson6902:
@ -125,101 +113,3 @@ patchesJson6902:
# patchesStrategicMerge: # patchesStrategicMerge:
# - patches/blackbox-exporter-probe-patch.yaml # - patches/blackbox-exporter-probe-patch.yaml
replacements:
- source:
kind: ConfigMap
name: replacements
namespace: default
fieldPath: data.GITEA_EXTERNAL_HOST
targets:
- select:
kind: Ingress
name: gitea
namespace: gitea
fieldPaths:
- spec.rules.0.host
- source:
kind: ConfigMap
name: replacements
namespace: default
fieldPath: data.GITEA_EXTERNAL_URL
targets:
- select:
kind: Deployment
name: gitea
namespace: gitea
fieldPaths:
- spec.template.spec.containers.0.env.0.value
- select:
kind: Deployment
name: drone-server
namespace: gitea
fieldPaths:
- spec.template.spec.containers.0.env.0.value
- source:
kind: ConfigMap
name: replacements
namespace: default
fieldPath: data.DRONE_EXTERNAL_HOST
targets:
- select:
kind: Ingress
name: drone
namespace: gitea
fieldPaths:
- spec.rules.0.host
- select:
kind: Deployment
name: drone-server
namespace: gitea
fieldPaths:
- spec.template.spec.containers.0.env.1.value
- select:
kind: Deployment
name: gitea
namespace: gitea
fieldPaths:
- spec.template.spec.containers.0.env.1.value
- select:
kind: Deployment
name: drone-server
namespace: gitea
fieldPaths:
- spec.template.spec.containers.0.env.1.value
- source:
kind: ConfigMap
name: replacements
namespace: default
fieldPath: data.NEXTCLOUD_EXTERNAL_HOST
targets:
- select:
kind: Ingress
name: nextcloud
namespace: nextcloud
fieldPaths:
- spec.rules.0.host
- source:
kind: ConfigMap
name: replacements
namespace: default
fieldPath: data.GRAFANA_EXTERNAL_HOST
targets:
- select:
kind: Ingress
name: grafana
namespace: monitoring
fieldPaths:
- spec.rules.0.host
- source:
kind: ConfigMap
name: replacements
namespace: default
fieldPath: data.PROMETHEUS_EXTERNAL_HOST
targets:
- select:
kind: Ingress
name: prometheus
namespace: monitoring
fieldPaths:
- spec.rules.0.host

7
kustomize/overlays/prod/placeholders.txt Normal file
View File

@ -0,0 +1,7 @@
GITEA_EXTERNAL_HOST=code.badjware.dev
DRONE_EXTERNAL_HOST=drone.badjware.dev
NEXTCLOUD_EXTERNAL_HOST=cloud.badjware.dev
GRAFANA_EXTERNAL_HOST=grafana.badjware.dev
KUBERNETES_DASHBOARD_EXTERNAL_HOST=kubernetes-dashboard.badjnet.home
PROMETHEUS_EXTERNAL_HOST=prometheus.badjnet.home

5
kustomize/overlays/prod/transformers/placeholders.yaml Normal file
View File

@ -0,0 +1,5 @@
apiVersion: badjware/v1
kind: PlaceholderTransformer
metadata:
name: placeholders
placeholdersFile: placeholders.txt