badjware
/
home-stack-kustomize
1
0
Fork 0
Code Releases Activity

Compare commits

base: badjware:9018280bcaea444cb025f09615f40e094ae8f046
Branches Tags
badjware:master
..
compare: badjware:c0b61a2eb4d49a0df1840a16cc3273456822f3b6
Branches Tags
badjware:master

No commits in common. "9018280bcaea444cb025f09615f40e094ae8f046" and "c0b61a2eb4d49a0df1840a16cc3273456822f3b6" have entirely different histories.
9018280bca ... c0b61a2eb4

18 changed files with 193 additions and 165 deletions
Show Stats Expand all files Collapse all files

26
kustomize/bases/gitea/gitea-deployment.yaml
View File

@ -1,7 +1,7 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: server
name: gitea
labels:
app.kubernetes.io/name: gitea
spec:
@ -20,22 +20,16 @@ spec:
- name: gitea
image: gitea/gitea
env:
- name: GITEA__SERVER__SSH_DOMAIN
valueFrom:
configMapKeyRef:
name: kustomize-generated-config
key: GITEA_EXTERNAL_HOST
- name: GITEA__SERVER__ROOT_URL
valueFrom:
configMapKeyRef:
name: kustomize-generated-config
key: GITEA_EXTERNAL_URL
# - name: GITEA__WEBHOOK_ALLOWED_HOST_LIST
# value: ${DRONE_EXTERNAL_HOST}
value: https://${GITEA_EXTERNAL_HOST}
- name: GITEA__WEBHOOK_ALLOWED_HOST_LIST
value: ${DRONE_EXTERNAL_HOST}
- name: GITEA__DEFAULT__APP_NAME
value: Badjware's code stash
- name: GITEA__SERVICE__DISABLE_REGISTRATION
value: "yes"
- name: GITEA__SERVER__SSH_DOMAIN
value: ${GITEA_EXTERNAL_HOST}
- name: GITEA__SERVER__SSH_PORT
value: "30022"
- name: GITEA__METRICS__ENABLED
@ -62,7 +56,7 @@ spec:
volumes:
- name: gitea-pv
persistentVolumeClaim:
claimName: server-pvc
claimName: gitea-pvc
# ---
# apiVersion: v1
# kind: PersistentVolume
@ -83,7 +77,7 @@ spec:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: server-pvc
name: gitea-pvc
labels:
app.kubernetes.io/name: gitea
spec:
@ -100,7 +94,7 @@ spec:
apiVersion: v1
kind: Service
metadata:
name: server
name: gitea
labels:
app.kubernetes.io/name: gitea
monitor: prometheus
@ -115,7 +109,7 @@ spec:
apiVersion: v1
kind: Service
metadata:
name: server-ssh
name: gitea-ssh
labels:
app.kubernetes.io/name: gitea
spec:

4
kustomize/bases/gitea/gitea-ingress.yaml
View File

@ -1,7 +1,7 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: server
name: gitea
labels:
app.kubernetes.io/name: gitea
probe: blackbox-http
@ -14,6 +14,6 @@ spec:
pathType: Prefix
backend:
service:
name: server
name: gitea
port:
name: http

20
kustomize/bases/gitea/kustomization.yaml
View File

@ -2,8 +2,6 @@ resources:
- gitea-deployment.yaml
- gitea-ingress.yaml
namePrefix: gitea-
commonLabels:
app.kubernetes.io/name: gitea
app.kubernetes.io/component: server
@ -17,21 +15,3 @@ commonLabels:
# - database=gitea
# - username=gitea
# - password=changeme
configMapGenerator:
- name: kustomize-generated-config
literals:
- GITEA_EXTERNAL_HOST=code.badjware.dev
- GITEA_EXTERNAL_URL=https://code.badjware.dev
replacements:
- source:
kind: ConfigMap
name: kustomize-generated-config
fieldPath: data.GITEA_EXTERNAL_HOST
targets:
- select:
kind: Ingress
name: server
fieldPaths:
- spec.rules.0.host

18
kustomize/bases/grafana/grafana-deployment.yaml
View File

@ -1,7 +1,7 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: server
name: grafana
labels:
app.kubernetes.io/name: grafana
spec:
@ -28,15 +28,9 @@ spec:
image: grafana/grafana
env:
- name: GF_SERVER_DOMAIN
valueFrom:
configMapKeyRef:
name: kustomize-generated-config
key: GRAFANA_EXTERNAL_HOST
value: ${GRAFANA_EXTERNAL_HOST}
- name: GF_SERVER_ROOT_URL
valueFrom:
configMapKeyRef:
name: kustomize-generated-config
key: GRAFANA_EXTERNAL_URL
value: https://${GRAFANA_EXTERNAL_HOST}/
# - name: GF_AUTH_ANONYMOUS_ENABLED
# value: "true"
- name: GF_INSTALL_PLUGINS
@ -86,12 +80,12 @@ spec:
secretName: grafana-config
- name: grafana-pv
persistentVolumeClaim:
claimName: server-pvc
claimName: grafana-pvc
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: server-pvc
name: grafana-pvc
spec:
accessModes:
- ReadWriteOnce
@ -102,7 +96,7 @@ spec:
apiVersion: v1
kind: Service
metadata:
name: server
name: grafana
labels:
app.kubernetes.io/name: grafana
monitor: prometheus

2
kustomize/bases/grafana/grafana-externalsecret.yaml
View File

@ -1,7 +1,7 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: server-config
name: grafana-config
spec:
secretStoreRef:
name: aws-parameters-store

4
kustomize/bases/grafana/grafana-ingress.yaml
View File

@ -1,7 +1,7 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: server
name: grafana
labels:
app.kubernetes.io/name: grafana
probe: blackbox-http
@ -14,6 +14,6 @@ spec:
pathType: Prefix
backend:
service:
name: server
name: grafana
port:
name: http

19
kustomize/bases/grafana/kustomization.yaml
View File

@ -3,34 +3,15 @@ resources:
- grafana-ingress.yaml
- grafana-externalsecret.yaml
namePrefix: grafana-
commonLabels:
app.kubernetes.io/name: grafana
app.kubernetes.io/component: server
app.kubernetes.io/part-of: monitoring
configMapGenerator:
- name: kustomize-generated-config
literals:
- GRAFANA_EXTERNAL_HOST=grafana.badjware.dev
- GRAFANA_EXTERNAL_URL=https://grafana.badjware.dev
- name: grafana-datasources
files:
- datasources.yaml=provision/datasources.yaml
replacements:
- source:
kind: ConfigMap
name: kustomize-generated-config
fieldPath: data.GRAFANA_EXTERNAL_HOST
targets:
- select:
kind: Ingress
name: server
fieldPaths:
- spec.rules.0.host
# secretGenerator:
# - name: postgres-credentials
# type: Opaque

21
kustomize/bases/longhorn/kustomization.yaml
View File

@ -4,26 +4,5 @@ resources:
- longhorn-recurringjob.yaml
- longhorn-externalsecret.yaml
namePrefix: longhorn-
commonLabels:
app.kubernetes.io/name: longhorn
configMapGenerator:
- name: kustomize-generated-config
literals:
- LONGHORN_EXTERNAL_HOST=longhorn.badjnet.home
replacements:
- source:
kind: ConfigMap
name: kustomize-generated-config
fieldPath: data.LONGHORN_EXTERNAL_HOST
targets:
- select:
kind: HelmChart
name: chart
fieldPaths:
- spec.set.[ingress.host]
options:
create: true

2
kustomize/bases/longhorn/longhorn-helmchart.yaml
View File

@ -1,7 +1,7 @@
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: chart
name: longhorn
namespace: kube-system
spec:
repo: https://charts.longhorn.io

19
kustomize/bases/nextcloud/kustomization.yaml
View File

@ -4,28 +4,9 @@ resources:
- nextcloud-deployment.yaml
- nextcloud-ingress.yaml
namePrefix: nextcloud-
commonLabels:
app.kubernetes.io/name: nextcloud
configMapGenerator:
- name: kustomize-generated-config
literals:
- NEXTCLOUD_EXTERNAL_HOST=cloud.badjware.dev
replacements:
- source:
kind: ConfigMap
name: kustomize-generated-config
fieldPath: data.NEXTCLOUD_EXTERNAL_HOST
targets:
- select:
kind: Ingress
name: server
fieldPaths:
- spec.rules.0.host
patches:
- patch: |-
apiVersion: external-secrets.io/v1beta1

12
kustomize/bases/nextcloud/nextcloud-deployment.yaml
View File

@ -1,7 +1,7 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: server
name: nextcloud
labels:
app.kubernetes.io/name: nextcloud
app.kubernetes.io/component: server
@ -45,14 +45,14 @@ spec:
- name: TRUSTED_PROXIES
value: 10.0.0.0/8
- name: REDIS_HOST
value: nextcloud-redis.$(NAMESPACE).svc.cluster.local
value: redis.$(NAMESPACE).svc.cluster.local
- name: REDIS_HOST_PASSWORD
valueFrom:
secretKeyRef:
name: redis-credentials
key: password
- name: POSTGRES_HOST
value: nextcloud-postgres.$(NAMESPACE).svc.cluster.local
value: postgres.$(NAMESPACE).svc.cluster.local
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
@ -84,12 +84,12 @@ spec:
volumes:
- name: nextcloud-pv
persistentVolumeClaim:
claimName: server-pvc
claimName: nextcloud-pvc
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: server-pvc
name: nextcloud-pvc
spec:
accessModes:
- ReadWriteOnce
@ -100,7 +100,7 @@ spec:
apiVersion: v1
kind: Service
metadata:
name: server
name: nextcloud
labels:
app.kubernetes.io/name: nextcloud
spec:

4
kustomize/bases/nextcloud/nextcloud-ingress.yaml
View File

@ -1,7 +1,7 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: server
name: nextcloud
labels:
app.kubernetes.io/name: nextcloud
probe: blackbox-http
@ -14,6 +14,6 @@ spec:
pathType: Prefix
backend:
service:
name: server
name: nextcloud
port:
name: http

19
kustomize/bases/prometheus/kustomization.yaml
View File

@ -4,8 +4,6 @@ resources:
- prometheus-ingress.yaml
- traefik-podmonitor.yaml
namePrefix: prometheus-
commonLabels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/part-of: monitoring
@ -22,22 +20,5 @@ secretGenerator:
literals:
- prometheus-additional.yaml=
configMapGenerator:
- name: kustomize-generated-config
literals:
- PROMETHEUS_EXTERNAL_HOST=prometheus.badjnet.home
replacements:
- source:
kind: ConfigMap
name: kustomize-generated-config
fieldPath: data.PROMETHEUS_EXTERNAL_HOST
targets:
- select:
kind: Ingress
name: prometheus
fieldPaths:
- spec.rules.0.host
configurations:
- kustomizeconfig/namereference.yaml

19
kustomize/bases/traefik/kustomization.yaml
View File

@ -4,26 +4,7 @@ resources:
- traefik-helmchartconfig.yaml
- traefik-ingress.yaml
namePrefix: traefik-
namespace: kube-system
commonLabels:
app.kubernetes.io/name: traefik
configMapGenerator:
- name: kustomize-generated-config
literals:
- TRAEFIK_EXTERNAL_HOST=traefik.badjnet.home
replacements:
- source:
kind: ConfigMap
name: kustomize-generated-config
fieldPath: data.TRAEFIK_EXTERNAL_HOST
targets:
- select:
kind: Ingress
name: traefik
fieldPaths:
- spec.rules.0.host

165
kustomize/env/prod/kustomization.yaml vendored
View File

@ -3,8 +3,6 @@ resources:
# - ../../namespaces/kubernetes-dashboard
- ../../overlays/gitea
# - ../../overlays/woodpecker
# - ../../overlays/gitlab
- ../../overlays/monitoring
- ../../overlays/nextcloud
@ -36,7 +34,22 @@ images:
- name: redis
newTag: 6.2.10
# configMapGenerator:
configMapGenerator:
- name: replacements
namespace: default
literals:
- TRAEFIK_EXTERNAL_HOST=traefik.badjnet.home
- LONGHORN_EXTERNAL_HOST=longhorn.badjnet.home
- GITEA_EXTERNAL_HOST=code.badjware.dev
- GITEA_EXTERNAL_URL=https://code.badjware.dev
- GRAFANA_EXTERNAL_HOST=grafana.badjware.dev
- GRAFANA_EXTERNAL_URL=https://grafana.badjware.dev
- DRONE_EXTERNAL_HOST=drone.badjware.dev
- NEXTCLOUD_EXTERNAL_HOST=cloud.badjware.dev
- PROMETHEUS_EXTERNAL_HOST=prometheus.badjnet.home
# - name: ecommerce-exporter-config
# namespace: monitoring
# behavior: replace
@ -44,7 +57,7 @@ images:
# - ecommerce-exporter.yml=configurations/ecommerce-exporter/ecommerce-exporter.yml
secretGenerator:
- name: prometheus-additional-scrape-configs
- name: additional-scrape-configs
type: Opaque
namespace: monitoring
behavior: replace
@ -59,7 +72,7 @@ patches:
- target:
version: v1
kind: Deployment
name: nextcloud-server
name: nextcloud
path: patches/nextcloud-deployment-patch.yaml
# - target:
# version: v1
@ -69,3 +82,145 @@ patches:
# patchesStrategicMerge:
# - patches/blackbox-exporter-probe-patch.yaml
replacements:
- source:
kind: ConfigMap
name: replacements
namespace: default
fieldPath: data.TRAEFIK_EXTERNAL_HOST
targets:
- select:
kind: Ingress
name: traefik
namespace: kube-system
fieldPaths:
- spec.rules.0.host
- source:
kind: ConfigMap
name: replacements
namespace: default
fieldPath: data.LONGHORN_EXTERNAL_HOST
targets:
- select:
kind: HelmChart
name: longhorn
namespace: kube-system
fieldPaths:
- spec.set.[ingress.host]
options:
create: true
- source:
kind: ConfigMap
name: replacements
namespace: default
fieldPath: data.GITEA_EXTERNAL_HOST
targets:
- select:
kind: Ingress
name: gitea
namespace: gitea
fieldPaths:
- spec.rules.0.host
- source:
kind: ConfigMap
name: replacements
namespace: default
fieldPath: data.GITEA_EXTERNAL_URL
targets:
- select:
kind: Deployment
name: gitea
namespace: gitea
fieldPaths:
- spec.template.spec.containers.0.env.0.value
- select:
kind: Deployment
name: drone-server
namespace: gitea
fieldPaths:
- spec.template.spec.containers.0.env.0.value
- source:
kind: ConfigMap
name: replacements
namespace: default
fieldPath: data.GRAFANA_EXTERNAL_HOST
targets:
- select:
kind: Ingress
name: grafana
namespace: monitoring
fieldPaths:
- spec.rules.0.host
- select:
kind: Deployment
name: grafana
namespace: monitoring
fieldPaths:
- spec.template.spec.containers.0.env.0.value
- source:
kind: ConfigMap
name: replacements
namespace: default
fieldPath: data.GRAFANA_EXTERNAL_URL
targets:
- select:
kind: Deployment
name: grafana
namespace: monitoring
fieldPaths:
- spec.template.spec.containers.0.env.1.value
- source:
kind: ConfigMap
name: replacements
namespace: default
fieldPath: data.DRONE_EXTERNAL_HOST
targets:
- select:
kind: Ingress
name: drone
namespace: gitea
fieldPaths:
- spec.rules.0.host
- select:
kind: Deployment
name: drone-server
namespace: gitea
fieldPaths:
- spec.template.spec.containers.0.env.1.value
- select:
kind: Deployment
name: gitea
namespace: gitea
fieldPaths:
- spec.template.spec.containers.0.env.1.value
- select:
kind: Deployment
name: drone-server
namespace: gitea
fieldPaths:
- spec.template.spec.containers.0.env.1.value
- source:
kind: ConfigMap
name: replacements
namespace: default
fieldPath: data.NEXTCLOUD_EXTERNAL_HOST
targets:
- select:
kind: Ingress
name: nextcloud
namespace: nextcloud
fieldPaths:
- spec.rules.0.host
- source:
kind: ConfigMap
name: replacements
namespace: default
fieldPath: data.PROMETHEUS_EXTERNAL_HOST
targets:
- select:
kind: Ingress
name: prometheus
namespace: monitoring
fieldPaths:
- spec.rules.0.host

2
kustomize/overlays/gitea/kustomization.yaml
View File

@ -1,5 +1,7 @@
resources:
- namespace.yaml
- ../../bases/gitea
- ../../bases/drone-server
- ../../bases/drone-runner
namespace: gitea

1
kustomize/overlays/monitoring/kustomization.yaml
View File

@ -1,6 +1,5 @@
resources:
- namespace.yaml
- ../../bases/prometheus-operator
- ../../bases/prometheus
# - ../../bases/node-exporter
- ../../bases/blackbox-exporter

1
kustomize/overlays/system/kustomization.yaml
View File

@ -1,5 +1,6 @@
resources:
- ../../bases/longhorn
- ../../bases/traefik
- ../../bases/prometheus-operator
- ../../bases/external-secrets
- clustersecretstore.yaml