badhouseplants/k8s-cluster-config
Archived
4
0
Fork 0
Code Issues 6 Pull Requests 1 Actions Packages Projects Releases Activity

Compare commits

base: badhouseplants:refactor-helmfiles
Branches Tags
badhouseplants:main badhouseplants:renovate/configure badhouseplants:try-argo-and-flux badhouseplants:fail-kust badhouseplants:add-dependencies badhouseplants:refactor-helmfiles badhouseplants:rook-ceph-arm badhouseplants:invalid.config badhouseplants:try-elementor badhouseplants:prepare-arm-cluster badhouseplants:try-tekton badhouseplants:fix-check-da-helm badhouseplants:try-arm badhouseplants:upgrading-openvpn
..
compare: badhouseplants:try-elementor
Branches Tags
badhouseplants:renovate/configure badhouseplants:try-argo-and-flux badhouseplants:fail-kust badhouseplants:main badhouseplants:add-dependencies badhouseplants:refactor-helmfiles badhouseplants:rook-ceph-arm badhouseplants:invalid.config badhouseplants:try-elementor badhouseplants:prepare-arm-cluster badhouseplants:try-tekton badhouseplants:fix-check-da-helm badhouseplants:try-arm badhouseplants:upgrading-openvpn

2 Commits
refactor-h ... try-elemen

Author SHA1 Message Date
Nikolai Rodionov
6201faf1f7 Test notification 2023-12-13 22:15:08 +01:00
Nikolai Rodionov
92ce78edde Install elementor 2023-12-13 22:06:13 +01:00
11 changed files with 129 additions and 28 deletions
Expand all files Collapse all files

1
.woodpecker/.cdh.yml
View File

@ -13,6 +13,7 @@ steps:
RUST_LOG: info RUST_LOG: info
commands: commands:
- cdh --kind helmfile -p $CI_WORKSPACE/helmfile.yaml --helmfile-environment badhouseplants -o --output html >> result.html - cdh --kind helmfile -p $CI_WORKSPACE/helmfile.yaml --helmfile-environment badhouseplants -o --output html >> result.html
notification: notification:
image: deblan/woodpecker-email image: deblan/woodpecker-email
settings: settings:

16
.woodpecker/.helmfile.yml
View File

@ -16,6 +16,22 @@ steps:
- mkdir $HOME/.kube - mkdir $HOME/.kube
- echo "$KUBECONFIG_CONTENT" > $HOME/.kube/config && chmod 0600 $HOME/.kube/config - echo "$KUBECONFIG_CONTENT" > $HOME/.kube/config && chmod 0600 $HOME/.kube/config
- helmfile -e $ENVIRONMENT diff --suppress-secrets - helmfile -e $ENVIRONMENT diff --suppress-secrets
notification:
image: deblan/woodpecker-email
settings:
from: woody@badhouseplants.net
host: badhouseplants.net
username:
from_secret: smtp_username
password:
from_secret: smtp_password
recipients:
- allanger@badhouseplants.net
subject: CDH result
target: main
when:
- status: [success, failure]
apply: apply:
image: ghcr.io/helmfile/helmfile:canary image: ghcr.io/helmfile/helmfile:canary
secrets: [sops_age_key, kubeconfig_content] secrets: [sops_age_key, kubeconfig_content]

5
badhouseplants/helmfile.yaml
View File

@ -26,6 +26,11 @@ releases:
installed: true installed: true
namespace: nrodionov-application namespace: nrodionov-application
createNamespace: false createNamespace: false
- <<: *elementor
installed: true
namespace: elementor-application
createNamespace: false
- <<: *minecraft - <<: *minecraft
installed: true installed: true

28
badhouseplants/values/secrets.elementor.yaml Normal file
View File

@ -0,0 +1,28 @@
wordpressPassword: ENC[AES256_GCM,data:WVNPgi7QCoCeYqpWETnZWtxnT5dl7Ffzlg==,iv:1nhk8JDEfBSXQwEVUgimsYvv1iyTS2YgALW3Pr2R3Jc=,tag:Xy9BtSWl4V7pyJelZyZN1g==,type:str]
wordpressEmail: ENC[AES256_GCM,data:BXVBeqlUsBS3iLB1LlaZmEVBbCifjSjOiEg=,iv:hbkrawGiZCFka0zuK0mPSLpR6JMgP87pEZIGhAXB1dg=,tag:sWzT00jZZ3mnCPQR85ncEA==,type:str]
mariadb:
auth:
rootPassword: ENC[AES256_GCM,data:BT0YXF8MxiapCyJ4sZ0LwAAfLYzImtfPfw==,iv:W5l1TA6FJXZ9iNTWXKP5wsyB75hG+R0WrCM/QdJ4gxo=,tag:qPg5hBfY7gsAbIFVgUilYQ==,type:str]
database: ENC[AES256_GCM,data:EB/3kKgiTLOWORXhgRpZKYA=,iv:XZXr0vPl0idWYewicpNB+P4CypF3HqndH0uDsx8ZMFY=,tag:2X6rZ3Rw8uCnM+c/I+1Jew==,type:str]
username: ENC[AES256_GCM,data:41CY65J+EfKW0oiq,iv:VGs3Ka3u1KjFI7ZK6WXvus/DNbQkNAHModJcvnAkQ14=,tag:VNDVXpixML+bTc9RZ7IGCg==,type:str]
password: ENC[AES256_GCM,data:Kg417xg8acWSAyMgKyRNzpQ4y5Ow+kLr4A==,iv:L2vr8DtMx6mYPMAStdUooVSVhKKv8YLB3rCsNwzE4f0=,tag:I/j1EAgc65qzHrCUABcDeg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0U2QxWDMwMkxxdG1QK0No
VU1sejBKellnSGFpSXpVRTE0clcvS0Q0NXpVCnFXRlpsVXQ0V2NlYk1nUjlUY1Fj
NEJVYkVxalEvdDliSGY3c2dqRmQ4ZWcKLS0tIERYd0laME1iR203SFRPWTlPaCtB
T0dvMXp6NkwwTkRKcFpYMHlJVGFKejAKIy1VdB7mSXLkHZywSc1c+VUgtc0mrUrD
oStf0xCbfZvKx0XhA+u7R0jM5rM6CfvQr4yYTpW2fDszsS9yKjH33A==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-12-13T20:16:19Z"
mac: ENC[AES256_GCM,data:vQZxLR2SCEJd29DC9OuSeoblM4vgELPEAVG/1fxpchKzlh2QpKdyz51Art0ATsKcoHM8RjKztMxne5LN2VciFAdvfn3fa4/itG1oK/b8FM0PQkcLJAxtZFeZLfTtW9NCPfTorcEIcA+3PUwSjW1dO6BaeEFxpA9dSceOJd6dXd8=,iv:DzpEwuTFtdzjEh0T1x7W70nluLM1XH8gabLeulgow7g=,tag:9ak6El1tY8W8X//gC0Gbqw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

6
badhouseplants/values/secrets.vaultwarden.yaml
View File

@ -2,7 +2,7 @@ vaultwarden:
smtp: smtp:
username: ENC[AES256_GCM,data:6kAu3et5PmRgZ7B/qQQKA/hwsubozpBEcuzA,iv:cqNO3VWKFRWqBRAFTf2AyMQskuZvcDghseT2PWEsCjA=,tag:nkzugvJTJ/KhLuldXxdBrg==,type:str] username: ENC[AES256_GCM,data:6kAu3et5PmRgZ7B/qQQKA/hwsubozpBEcuzA,iv:cqNO3VWKFRWqBRAFTf2AyMQskuZvcDghseT2PWEsCjA=,tag:nkzugvJTJ/KhLuldXxdBrg==,type:str]
password: password:
value: ENC[AES256_GCM,data:rTCIH4vU7sfCNu6FxfdfyPKKQ01MQHBM0g==,iv:ZKD98V5W1GH0NZCfYG86AdFhbe8Ig+nCHFdU0NGcQT4=,tag:cL3fSAKntmWZ/QvSPYwbvw==,type:str] value: ENC[AES256_GCM,data:9PJzeGeXiNN50GrWMxU1ho9+jHs=,iv:wOrU8g/xBBKFRYvDB1G/I+VG3lpvFdMirgJmP01PbhQ=,tag:dlDq9S+SQmlb4SZIGYhrlQ==,type:str]
adminToken: adminToken:
value: ENC[AES256_GCM,data:PT62LcyiNqW1NVeuZ5+HTj8fzwSwuD1av/Z8S2GnR6j62+F8/aibhW/ATFG92chw++w=,iv:LnaRBem4dsggV4u4IlNjlWY301ajAHot2D259Y383m0=,tag:f24QDtGrtNJFA95Qo6Umqg==,type:str] value: ENC[AES256_GCM,data:PT62LcyiNqW1NVeuZ5+HTj8fzwSwuD1av/Z8S2GnR6j62+F8/aibhW/ATFG92chw++w=,iv:LnaRBem4dsggV4u4IlNjlWY301ajAHot2D259Y383m0=,tag:f24QDtGrtNJFA95Qo6Umqg==,type:str]
sops: sops:
@ -20,8 +20,8 @@ sops:
U25tMkxQS1gzcyt6R2NkZnVLRVVoOWMKZSaIZxzTlYim2kmiHrQcgRu9XmWelRkT U25tMkxQS1gzcyt6R2NkZnVLRVVoOWMKZSaIZxzTlYim2kmiHrQcgRu9XmWelRkT
HZZmSa0L9yEdksUCK3+iqjCZhQBYc/6qJHRYvuAaJ+/hs5RxuLUr8g== HZZmSa0L9yEdksUCK3+iqjCZhQBYc/6qJHRYvuAaJ+/hs5RxuLUr8g==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2023-12-25T19:33:37Z" lastmodified: "2023-10-20T07:01:25Z"
mac: ENC[AES256_GCM,data:Fl9x8f4YlhAciCdRNRWukK4lj/OqP+TJ8+xEXUSb+1FqUAv/aHocy/f3IuzEhgq/+i9RSKORy2+glYBdK+tL50FzaPQCXz9YgYMtshsIkfkVIw2j9R7sqs5Uo5fQ6g5V3ir5/czb8FSqoS7S+2onyHxZawuG1XCWYPPLATVrKa8=,iv:7K6NABns5rzYIJgthRxqkGD5bQXKPhgIxoCs2ZS0JGY=,tag:FvTTObosyFZom45xuVABog==,type:str] mac: ENC[AES256_GCM,data:Oa6UiHJR5U8Tquo/FmKM2LNR1l7Tdc95T55sl8IbC80ywC5hmJcpOdYXSeVzAdEtr2EauEH74FAwyFtjeFHpneRjkl8Hx0Vann3qBMJ1laxYEQhKESqeyJTcMv15Hu61aUQ+OhW9hP9xkcRCNmkXHa0KeoCXy1aloTWc3u7Ls8E=,iv:SsywMpg5KQvfsFbIRiZkEadtQ7Ce2AqjM9+zeaG/ZaM=,tag:X426dGhxmeMqDJnRs4Qhww==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.8.1 version: 3.8.1

59
badhouseplants/values/values.elementor.yaml Normal file
View File

@ -0,0 +1,59 @@
---
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: elementor-http
gateway: istio-system/badhouseplants-net
kind: http
hostname: elementor.badhouseplants.net
service: elementor-wordpress
port: 8080
ext-database:
enabled: true
name: nrodionov-mysql
instance: mysql
wordpressPlugins:
- elementor
wordpressBlogName: Elementor
wordpressUsername: admin
wordpressFirstName: Nikolai
wordpressLastName: Rodionov
wordpressTablePrefix: wp_
wordpressScheme: http
existingWordPressConfigurationSecret: ""
resources:
requests:
memory: 300Mi
cpu: 10m
service:
type: ClusterIP
ports:
http: 8080
https: 8443
persistence:
enabled: true
storageClass: ""
accessModes:
- ReadWriteOnce
accessMode: ReadWriteOnce
size: 2Gi
dataSource: {}
existingClaim: ""
selector: {}
mariadb:
enabled: true
primary:
persistence:
enabled: true
storageClass: ""
accessModes:
- ReadWriteOnce
size: 3Gi

6
badhouseplants/values/values.redis.yaml
View File

@ -1,11 +1,7 @@
metrics: metrics:
enabled: false enabled: false
secretAnnotations:
reflector.v1.k8s.emberstack.com/reflection-allowed: "true"
reflector.v1.k8s.emberstack.com/reflection-auto-enabled: "true"
reflector.v1.k8s.emberstack.com/reflection-allowed-namespaces: "gitea-service,funkwhale-application"
architecture: standalone architecture: standalone
master: master:
persistence: persistence:
enabled: false enabled: false

11
badhouseplants/values/values.woodpecker-ci.yaml
View File

@ -18,11 +18,6 @@ ext-database:
credentials: credentials:
WOODPECKER_DATABASE_DATASOURCE: "postgres://{{ .Username }}:{{ .Password }}@{{ .Hostname }}:{{ .Port }}/{{ .Database }}?sslmode=disable" WOODPECKER_DATABASE_DATASOURCE: "postgres://{{ .Username }}:{{ .Password }}@{{ .Hostname }}:{{ .Port }}/{{ .Database }}?sslmode=disable"
server: server:
#image:
# registry: git.badhouseplants.net
# repository: allanger/woodpecker-server
# pullPolicy: Always
# tag: icon
enabled: true enabled: true
env: env:
WOODPECKER_GITEA: true WOODPECKER_GITEA: true
@ -38,10 +33,14 @@ server:
extraSecretNamesForEnvFrom: extraSecretNamesForEnvFrom:
- woodpecker-postgres16-creds - woodpecker-postgres16-creds
agent: agent:
image: image:
# -- The image registry
registry: git.badhouseplants.net registry: git.badhouseplants.net
# -- The image repository
repository: allanger/woodpecker-agent repository: allanger/woodpecker-agent
# -- The pull policy for the image
pullPolicy: Always pullPolicy: Always
# -- Overrides the image tag whose default is the chart appVersion.
tag: dev tag: dev
enabled: true enabled: true
extraSecretNamesForEnvFrom: [] extraSecretNamesForEnvFrom: []

5
helmfile.yaml
View File

@ -46,10 +46,5 @@ releases:
namespace: metallb-system namespace: metallb-system
createNamespace: true createNamespace: true
- <<: *reflector
installed: true
namespace: reflector-system
createNamespace: true
helmfiles: helmfiles:
- path: {{.Environment.Name }}/helmfile.yaml - path: {{.Environment.Name }}/helmfile.yaml

15
releases.yaml
View File

@ -250,6 +250,16 @@ templates:
- template: ext-istio-resource - template: ext-istio-resource
- template: ext-database - template: ext-database
elementor: &elementor
name: elementor
chart: bitnami/wordpress
version: 18.1.24
inherit:
- template: default-env-values
- template: default-env-secrets
- template: ext-istio-resource
- template: ext-database
minio: &minio minio: &minio
name: minio name: minio
chart: minio/minio chart: minio/minio
@ -352,8 +362,3 @@ templates:
- template: default-env-secrets - template: default-env-secrets
- template: ext-istio-resource - template: ext-istio-resource
- template: ext-database - template: ext-database
reflector: &reflector
name: reflector
chart: emberstack/reflector
version: 7.1.216

5
repositories.yaml
View File

@ -1,3 +1,4 @@
---
repositories: repositories:
- name: metrics-server - name: metrics-server
url: https://kubernetes-sigs.github.io/metrics-server/ url: https://kubernetes-sigs.github.io/metrics-server/
@ -39,7 +40,3 @@ repositories:
url: https://badhouseplants.github.io/helm-charts/ url: https://badhouseplants.github.io/helm-charts/
- name: woodpecker - name: woodpecker
url: https://woodpecker-ci.org url: https://woodpecker-ci.org
- name: firefly-iii
url: https://firefly-iii.github.io/kubernetes/
- name: emberstack
url: https://emberstack.github.io/helm-charts