Compare commits
3 Commits
e5a4272042
...
251f012e9a
Author | SHA1 | Date |
---|---|---|
Massaki Archambault | 251f012e9a | |
Massaki Archambault | 77644f5240 | |
Massaki Archambault | 17e553fce4 |
|
@ -25,7 +25,7 @@ spec:
|
|||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: DRONE_RPC_HOST
|
||||
value: drone-server.$(DRONE_NAMESPACE_DEFAULT).svc.cluster.local
|
||||
value: drone-server.gitea.svc.cluster.local # TODO: not hardcode
|
||||
- name: DRONE_RPC_PROTO
|
||||
value: http
|
||||
- name: DRONE_RPC_SECRET
|
||||
|
|
|
@ -23,14 +23,14 @@ spec:
|
|||
- name: drone
|
||||
image: drone/drone
|
||||
env:
|
||||
- name: DRONE_GITEA_SERVER
|
||||
value: https://${GITEA_EXTERNAL_HOST}
|
||||
- name: DRONE_SERVER_HOST
|
||||
value: ${DRONE_EXTERNAL_HOST}
|
||||
- name: DRONE_SERVER_PORT
|
||||
value: ":80"
|
||||
- name: DRONE_SERVER_PROTO
|
||||
value: https
|
||||
- name: DRONE_GITEA_SERVER
|
||||
value: https://${GITEA_EXTERNAL_HOST}
|
||||
- name: DRONE_GITEA_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
|
|
|
@ -0,0 +1,12 @@
|
|||
apiVersion: helm.cattle.io/v1
|
||||
kind: HelmChart
|
||||
metadata:
|
||||
name: external-secrets
|
||||
namespace: kube-system
|
||||
spec:
|
||||
repo: https://charts.external-secrets.io
|
||||
chart: external-secrets
|
||||
version: 0.7.2
|
||||
targetNamespace: external-secrets
|
||||
set:
|
||||
installCRDs: "true"
|
|
@ -0,0 +1,4 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: external-secrets
|
|
@ -0,0 +1,6 @@
|
|||
resources:
|
||||
- external-secrets-namespace.yaml
|
||||
- external-secrets-helmchart.yaml
|
||||
|
||||
commonLabels:
|
||||
app.kubernetes.io/name: external-secrets
|
|
@ -20,12 +20,14 @@ spec:
|
|||
- name: gitea
|
||||
image: gitea/gitea
|
||||
env:
|
||||
- name: GITEA__SERVER__ROOT_URL
|
||||
value: https://${GITEA_EXTERNAL_HOST}
|
||||
- name: GITEA__WEBHOOK_ALLOWED_HOST_LIST
|
||||
value: ${DRONE_EXTERNAL_HOST}
|
||||
- name: GITEA__DEFAULT__APP_NAME
|
||||
value: Badjware's code stash
|
||||
- name: GITEA__SERVICE__DISABLE_REGISTRATION
|
||||
value: "yes"
|
||||
- name: GITEA__SERVER__ROOT_URL
|
||||
value: https://${GITEA_EXTERNAL_HOST}
|
||||
- name: GITEA__SERVER__SSH_DOMAIN
|
||||
value: ${GITEA_EXTERNAL_HOST}
|
||||
- name: GITEA__SERVER__SSH_PORT
|
||||
|
@ -36,8 +38,6 @@ spec:
|
|||
value: repo.wiki
|
||||
- name: GITEA__REPOSITORY__DEFAULT_REPO_UNITS
|
||||
value: repo.code,repo.releases
|
||||
- name: GITEA__WEBHOOK_ALLOWED_HOST_LIST
|
||||
value: ${DRONE_EXTERNAL_HOST}
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: 3000
|
||||
|
|
|
@ -10,6 +10,7 @@ spec:
|
|||
targetNamespace: longhorn-system
|
||||
set:
|
||||
backupTargetCredentialSecret: s3-backupstore-credentials
|
||||
ingress.host: ${LONGHORN_EXTERNAL_HOST}
|
||||
valuesContent: |-
|
||||
defaultSettings:
|
||||
backupTarget: s3://longhorn-backups@home/
|
||||
|
@ -27,4 +28,3 @@ spec:
|
|||
operator: Exists
|
||||
ingress:
|
||||
enabled: true
|
||||
host: ${LONGHORN_EXTERNAL_HOST}
|
||||
|
|
|
@ -1,8 +1,6 @@
|
|||
bases:
|
||||
resources:
|
||||
- ../postgres
|
||||
- ../redis
|
||||
|
||||
resources:
|
||||
- nextcloud-deployment.yaml
|
||||
- nextcloud-ingress.yaml
|
||||
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
resources:
|
||||
- https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/release-0.50/bundle.yaml
|
||||
|
||||
namespace: kube-system
|
||||
|
||||
commonLabels:
|
||||
app.kubernetes.io/part-of: monitoring
|
|
@ -4,5 +4,7 @@ resources:
|
|||
- traefik-helmchartconfig.yaml
|
||||
- traefik-ingress.yaml
|
||||
|
||||
namespace: kube-system
|
||||
|
||||
commonLabels:
|
||||
app.kubernetes.io/name: traefik
|
||||
|
|
|
@ -1,9 +1,7 @@
|
|||
bases:
|
||||
resources:
|
||||
- namespace.yaml
|
||||
- ../../bases/gitea
|
||||
- ../../bases/drone-server
|
||||
- ../../bases/drone-runner
|
||||
|
||||
resources:
|
||||
- namespace.yaml
|
||||
|
||||
namespace: gitea
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
bases:
|
||||
resources:
|
||||
- ../../bases/traefik
|
||||
- ../../bases/prometheus-operator
|
||||
|
||||
namespace: kube-system
|
||||
- ../../bases/external-secrets
|
|
@ -1,4 +1,4 @@
|
|||
bases:
|
||||
resources:
|
||||
- ../../bases/kubernetes-dashboard
|
||||
|
||||
namespace: kubernetes-dashboard
|
||||
|
|
|
@ -1,8 +1,9 @@
|
|||
bases:
|
||||
resources:
|
||||
- namespace.yaml
|
||||
- ../../bases/prometheus
|
||||
# - ../../bases/node-exporter
|
||||
- ../../bases/blackbox-exporter
|
||||
- ../../bases/ecommerce-exporter
|
||||
# - ../../bases/ecommerce-exporter
|
||||
- ../../bases/kube-state-metrics
|
||||
- ../../bases/grafana-agent
|
||||
- ../../bases/grafana
|
||||
|
@ -14,7 +15,4 @@ bases:
|
|||
# - servicemonitors/node-exporter.yaml
|
||||
- probes/blackbox-exporter.yaml
|
||||
|
||||
resources:
|
||||
- namespace.yaml
|
||||
|
||||
namespace: monitoring
|
||||
|
|
|
@ -1,7 +1,5 @@
|
|||
bases:
|
||||
- ../../bases/nextcloud
|
||||
|
||||
resources:
|
||||
- namespace.yaml
|
||||
- ../../bases/nextcloud
|
||||
|
||||
namespace: nextcloud
|
||||
|
|
|
@ -1,15 +1,23 @@
|
|||
bases:
|
||||
resources:
|
||||
- ../../namespaces/kube-system
|
||||
- ../../bases/longhorn
|
||||
|
||||
# allow "kubectl apply -l app.kubernetes.io/managed-by=cluster --prune ..."
|
||||
buildMetadata:
|
||||
- originAnnotations
|
||||
|
||||
commonLabels:
|
||||
app.kubernetes.io/managed-by: kustomize-cluster
|
||||
|
||||
transformers:
|
||||
- transformers/placeholders.yaml
|
||||
- transformers/ssm-secrets.yaml
|
||||
|
||||
configMapGenerator:
|
||||
- name: cluster-replacements
|
||||
namespace: default
|
||||
literals:
|
||||
- TRAEFIK_EXTERNAL_HOST=traefik.badjnet.home
|
||||
- LONGHORN_EXTERNAL_HOST=longhorn.badjnet.home
|
||||
|
||||
secretGenerator:
|
||||
- name: s3-backupstore-credentials
|
||||
type: Opaque
|
||||
|
@ -18,4 +26,32 @@ secretGenerator:
|
|||
literals:
|
||||
- AWS_ACCESS_KEY_ID=${ssm:/k3s/prod/longhorn/s3_access_key_id}
|
||||
- AWS_SECRET_ACCESS_KEY=${ssm:/k3s/prod/longhorn/s3_secret_access_key}
|
||||
- AWS_ENDPOINTS=https://s3.badjware.dev
|
||||
- AWS_ENDPOINTS=https://s3.badjware.dev
|
||||
|
||||
replacements:
|
||||
- source:
|
||||
kind: ConfigMap
|
||||
name: cluster-replacements
|
||||
namespace: default
|
||||
fieldPath: data.TRAEFIK_EXTERNAL_HOST
|
||||
targets:
|
||||
- select:
|
||||
kind: Ingress
|
||||
name: traefik
|
||||
namespace: kube-system
|
||||
fieldPaths:
|
||||
- spec.rules.0.host
|
||||
- source:
|
||||
kind: ConfigMap
|
||||
name: cluster-replacements
|
||||
namespace: default
|
||||
fieldPath: data.LONGHORN_EXTERNAL_HOST
|
||||
targets:
|
||||
- select:
|
||||
kind: HelmChart
|
||||
name: longhorn
|
||||
namespace: kube-system
|
||||
fieldPaths:
|
||||
- spec.set.[ingress.host]
|
||||
options:
|
||||
create: true
|
|
@ -1,2 +0,0 @@
|
|||
TRAEFIK_EXTERNAL_HOST=traefik.badjnet.home
|
||||
LONGHORN_EXTERNAL_HOST=longhorn.badjnet.home
|
|
@ -1,5 +0,0 @@
|
|||
apiVersion: badjware/v1
|
||||
kind: PlaceholderTransformer
|
||||
metadata:
|
||||
name: placeholders
|
||||
placeholdersFile: placeholders.txt
|
|
@ -7,6 +7,9 @@ resources:
|
|||
# resources:
|
||||
# - probes/external-services-bobcat-miner.yaml
|
||||
|
||||
buildMetadata:
|
||||
- originAnnotations
|
||||
|
||||
images:
|
||||
- name: gitea/gitea
|
||||
newTag: 1.16.9
|
||||
|
@ -30,11 +33,21 @@ images:
|
|||
newTag: 6.2.5
|
||||
|
||||
configMapGenerator:
|
||||
- name: ecommerce-exporter-config
|
||||
namespace: monitoring
|
||||
behavior: replace
|
||||
files:
|
||||
- ecommerce-exporter.yml=configurations/ecommerce-exporter/ecommerce-exporter.yml
|
||||
- name: replacements
|
||||
namespace: default
|
||||
literals:
|
||||
- GITEA_EXTERNAL_HOST=code.badjware.dev
|
||||
- GITEA_EXTERNAL_URL=https://code.badjware.dev
|
||||
|
||||
- DRONE_EXTERNAL_HOST=drone.badjware.dev
|
||||
- NEXTCLOUD_EXTERNAL_HOST=cloud.badjware.dev
|
||||
- GRAFANA_EXTERNAL_HOST=grafana.badjware.dev
|
||||
- PROMETHEUS_EXTERNAL_HOST=prometheus.badjnet.home
|
||||
# - name: ecommerce-exporter-config
|
||||
# namespace: monitoring
|
||||
# behavior: replace
|
||||
# files:
|
||||
# - ecommerce-exporter.yml=configurations/ecommerce-exporter/ecommerce-exporter.yml
|
||||
|
||||
secretGenerator:
|
||||
- name: drone-secret
|
||||
|
@ -96,7 +109,6 @@ commonLabels:
|
|||
app.kubernetes.io/managed-by: kustomize
|
||||
|
||||
transformers:
|
||||
- transformers/placeholders.yaml
|
||||
- transformers/ssm-secrets.yaml
|
||||
|
||||
patchesJson6902:
|
||||
|
@ -113,3 +125,101 @@ patchesJson6902:
|
|||
|
||||
# patchesStrategicMerge:
|
||||
# - patches/blackbox-exporter-probe-patch.yaml
|
||||
|
||||
replacements:
|
||||
- source:
|
||||
kind: ConfigMap
|
||||
name: replacements
|
||||
namespace: default
|
||||
fieldPath: data.GITEA_EXTERNAL_HOST
|
||||
targets:
|
||||
- select:
|
||||
kind: Ingress
|
||||
name: gitea
|
||||
namespace: gitea
|
||||
fieldPaths:
|
||||
- spec.rules.0.host
|
||||
- source:
|
||||
kind: ConfigMap
|
||||
name: replacements
|
||||
namespace: default
|
||||
fieldPath: data.GITEA_EXTERNAL_URL
|
||||
targets:
|
||||
- select:
|
||||
kind: Deployment
|
||||
name: gitea
|
||||
namespace: gitea
|
||||
fieldPaths:
|
||||
- spec.template.spec.containers.0.env.0.value
|
||||
- select:
|
||||
kind: Deployment
|
||||
name: drone-server
|
||||
namespace: gitea
|
||||
fieldPaths:
|
||||
- spec.template.spec.containers.0.env.0.value
|
||||
- source:
|
||||
kind: ConfigMap
|
||||
name: replacements
|
||||
namespace: default
|
||||
fieldPath: data.DRONE_EXTERNAL_HOST
|
||||
targets:
|
||||
- select:
|
||||
kind: Ingress
|
||||
name: drone
|
||||
namespace: gitea
|
||||
fieldPaths:
|
||||
- spec.rules.0.host
|
||||
- select:
|
||||
kind: Deployment
|
||||
name: drone-server
|
||||
namespace: gitea
|
||||
fieldPaths:
|
||||
- spec.template.spec.containers.0.env.1.value
|
||||
- select:
|
||||
kind: Deployment
|
||||
name: gitea
|
||||
namespace: gitea
|
||||
fieldPaths:
|
||||
- spec.template.spec.containers.0.env.1.value
|
||||
- select:
|
||||
kind: Deployment
|
||||
name: drone-server
|
||||
namespace: gitea
|
||||
fieldPaths:
|
||||
- spec.template.spec.containers.0.env.1.value
|
||||
- source:
|
||||
kind: ConfigMap
|
||||
name: replacements
|
||||
namespace: default
|
||||
fieldPath: data.NEXTCLOUD_EXTERNAL_HOST
|
||||
targets:
|
||||
- select:
|
||||
kind: Ingress
|
||||
name: nextcloud
|
||||
namespace: nextcloud
|
||||
fieldPaths:
|
||||
- spec.rules.0.host
|
||||
- source:
|
||||
kind: ConfigMap
|
||||
name: replacements
|
||||
namespace: default
|
||||
fieldPath: data.GRAFANA_EXTERNAL_HOST
|
||||
targets:
|
||||
- select:
|
||||
kind: Ingress
|
||||
name: grafana
|
||||
namespace: monitoring
|
||||
fieldPaths:
|
||||
- spec.rules.0.host
|
||||
- source:
|
||||
kind: ConfigMap
|
||||
name: replacements
|
||||
namespace: default
|
||||
fieldPath: data.PROMETHEUS_EXTERNAL_HOST
|
||||
targets:
|
||||
- select:
|
||||
kind: Ingress
|
||||
name: prometheus
|
||||
namespace: monitoring
|
||||
fieldPaths:
|
||||
- spec.rules.0.host
|
|
@ -1,7 +0,0 @@
|
|||
GITEA_EXTERNAL_HOST=code.badjware.dev
|
||||
DRONE_EXTERNAL_HOST=drone.badjware.dev
|
||||
NEXTCLOUD_EXTERNAL_HOST=cloud.badjware.dev
|
||||
|
||||
GRAFANA_EXTERNAL_HOST=grafana.badjware.dev
|
||||
KUBERNETES_DASHBOARD_EXTERNAL_HOST=kubernetes-dashboard.badjnet.home
|
||||
PROMETHEUS_EXTERNAL_HOST=prometheus.badjnet.home
|
|
@ -1,5 +0,0 @@
|
|||
apiVersion: badjware/v1
|
||||
kind: PlaceholderTransformer
|
||||
metadata:
|
||||
name: placeholders
|
||||
placeholdersFile: placeholders.txt
|
Loading…
Reference in New Issue