badhouseplants/k8s-cluster-config
Archived
4
0
Fork 0
Code Issues 6 Pull Requests 1 Actions Packages Projects Releases Activity

Compare commits

base: badhouseplants:try-tekton
Branches Tags
badhouseplants:main badhouseplants:renovate/configure badhouseplants:try-argo-and-flux badhouseplants:fail-kust badhouseplants:add-dependencies badhouseplants:refactor-helmfiles badhouseplants:rook-ceph-arm badhouseplants:invalid.config badhouseplants:try-elementor badhouseplants:prepare-arm-cluster badhouseplants:try-tekton badhouseplants:fix-check-da-helm badhouseplants:try-arm badhouseplants:upgrading-openvpn
..
compare: badhouseplants:fix-check-da-helm
Branches Tags
badhouseplants:renovate/configure badhouseplants:try-argo-and-flux badhouseplants:fail-kust badhouseplants:main badhouseplants:add-dependencies badhouseplants:refactor-helmfiles badhouseplants:rook-ceph-arm badhouseplants:invalid.config badhouseplants:try-elementor badhouseplants:prepare-arm-cluster badhouseplants:try-tekton badhouseplants:fix-check-da-helm badhouseplants:try-arm badhouseplants:upgrading-openvpn

5 Commits
try-tekton ... fix-check-

Author SHA1 Message Date
Nikolai Rodionov
9d43635ef6 debug: Try running helmfile list 2023-09-27 05:12:47 +02:00
Nikolai Rodionov
240400097f debug: Try running helmfile list 2023-09-27 05:08:46 +02:00
Nikolai Rodionov
4843cdbedb chore: Upgrade releases 2023-09-26 06:48:37 +02:00
Nikolai Rodionov
357dba4476 Disable backups for minecraft 2023-09-23 16:51:07 +02:00
Nikolai Rodionov
4739b983bc Upgrade db-operator 2023-09-23 15:30:12 +02:00
15 changed files with 142 additions and 196 deletions
Expand all files Collapse all files

9
.drone.yml
View File

@ -93,9 +93,10 @@ type: docker
name: Check helmfiles name: Check helmfiles
trigger: trigger:
event: event:
- cron # - cron
cron: - push
- daily # cron:
# - daily
steps: steps:
- name: Check badhouseplants - name: Check badhouseplants
@ -105,6 +106,8 @@ steps:
SOPS_AGE_KEY: SOPS_AGE_KEY:
from_secret: SOPS_AGE_KEY from_secret: SOPS_AGE_KEY
commands: commands:
- helmfile -e badhouseplants fetch
- helmfile -e badhouseplants list
- echo "Hey, bud, some helm releases are outdated:" > message_file.tpl - echo "Hey, bud, some helm releases are outdated:" > message_file.tpl
- cdh --kind helmfile -p $DRONE_WORKSPACE/helmfile.yaml --helmfile-environment badhouseplants -o >> message_file.tpl - cdh --kind helmfile -p $DRONE_WORKSPACE/helmfile.yaml --helmfile-environment badhouseplants -o >> message_file.tpl

5
badhouseplants/helmfile.yaml
View File

@ -12,11 +12,6 @@ releases:
namespace: drone-service namespace: drone-service
createNamespace: false createNamespace: false
- <<: *tekton-pipeline
installed: true
namespace: tekton-service
createNamespace: true
- <<: *longhorn - <<: *longhorn
installed: true installed: true
namespace: longhorn-system namespace: longhorn-system

23
badhouseplants/values/secrets.tekton-pipeline.yaml
View File

@ -1,23 +0,0 @@
auth:
git:
password: ENC[AES256_GCM,data:X1wVDcAeDP9IY/Kry+pP3BayBFJJ4o4NxA==,iv:qVG9R033GKeQxaVpCpN3hUV9d6dGULceEPt70U5psX0=,tag:jgmc/T42T9/JH3PgN6v2qA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEdmJzcTFKd1M2dUZyTmxZ
Mnljc1FCRk9tQUFyWUk4U21kYWR0MVMzSms4CjdCNTFONTJGU1B4bDBOQnp3NEtW
UDZpTkU4bWFrYVhiV0tUbGRmaTlPTUEKLS0tIHJmTkhGbTZiQkQzR2VHckRoVFVF
eUtWMXpDWlBwVE1zM1FOMklQd3BhZk0KvJBAxTdAQCHGDd7W2qv/31OblHrX7o0X
0GCL/z1dw+sG4GS0zwgxVu8jlGzWK8PCZjq5k8bMMzbbKtUNKiShuA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-09-27T04:26:20Z"
mac: ENC[AES256_GCM,data:Hknt7Td7Tyx/c98Xf7dbsaGRLKO1zzZR34ZarkZtFVyvTcB0kxb5VWeJv+O215UAXEjPE7LUB2gHvhAtgLsAnek55stjZ84ifz923gMKB2ul18TeX4s0oqXyKvKZyv7SKPsVduSA4EutbrOnxLiZCmL8b/u0Y6scUH5pOe7aydg=,iv:vXvdvPE4n6ZYb0CXZZppWuvFFOlDEM2dMiiUwVTTTvE=,tag:gfNWefDG3cC1QzNGwgs5mQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.0

2
badhouseplants/values/values.minecraft.yaml
View File

@ -88,7 +88,7 @@ persistence:
enabled: true enabled: true
Size: 15Gi Size: 15Gi
mcbackup: mcbackup:
enabled: true enabled: false
backupInterval: 2h backupInterval: 2h
pauseIfNoPlayers: "false" pauseIfNoPlayers: "false"
pruneBackupsDays: 2 pruneBackupsDays: 2

4
badhouseplants/values/values.tekton-pipeline.yaml
View File

@ -1,4 +0,0 @@
auth:
git:
username: tekton
url: https://git.badhouseplants.net

3
manifests/metallb/badhouseplants-ip.yaml → manifests/badhouseplants-ip.yaml
View File

@ -1,4 +1,5 @@
# addresspool.yaml # addresspool.yaml
---
apiVersion: metallb.io/v1beta1 apiVersion: metallb.io/v1beta1
kind: IPAddressPool kind: IPAddressPool
metadata: metadata:
@ -6,4 +7,4 @@ metadata:
namespace: metallb-system namespace: metallb-system
spec: spec:
addresses: addresses:
- 195.201.250.50-195.201.250.50 - 195.201.250.50-195.201.250.50

17
manifests/debug/istio-stuff.yaml Normal file
View File

@ -0,0 +1,17 @@
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
name: proxy-protocol
namespace: istio-system
spec:
workloadSelector:
labels:
istio: ingressgateway
configPatches:
- applyTo: LISTENER
patch:
operation: MERGE
value:
listener_filters:
- name: envoy.listener.proxy_protocol

17
manifests/debug/proxy-prot.yaml Normal file
View File

@ -0,0 +1,17 @@
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
name: proxy-protocol
namespace: istio-system
spec:
configPatches:
- applyTo: LISTENER
patch:
operation: MERGE
value:
listener_filters:
- name: envoy.listener.proxy_protocol
- name: envoy.listener.tls_inspector
workloadSelector:
labels:
istio: ingressgateway

83
manifests/debug/test.yaml Normal file
View File

@ -0,0 +1,83 @@
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: httpbin-gateway
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 80
name: http
protocol: HTTP2
hosts:
- "test.badhouseplants.net"
- hosts:
- "test.badhouseplants.net"
port:
name: https
number: 443
protocol: HTTPS
tls:
credentialName: badhouseplants-wildcard-tls
mode: SIMPLE
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: httpbin
spec:
hosts:
- "test.badhouseplants.net"
gateways:
- httpbin-gateway
http:
- route:
- destination:
host: httpbin
port:
number: 8000
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: httpbin
---
apiVersion: v1
kind: Service
metadata:
name: httpbin
labels:
app: httpbin
service: httpbin
spec:
ports:
- name: http
port: 8000
targetPort: 80
selector:
app: httpbin
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: httpbin
spec:
replicas: 1
selector:
matchLabels:
app: httpbin
version: v1
template:
metadata:
labels:
app: httpbin
version: v1
spec:
serviceAccountName: httpbin
containers:
- image: docker.io/kong/httpbin
imagePullPolicy: IfNotPresent
name: httpbin
ports:
- containerPort: 80

3
manifests/metallb/etersoft-ip.yaml → manifests/etersoft-ip.yaml
View File

@ -1,4 +1,5 @@
# addresspool.yaml # addresspool.yaml
---
apiVersion: metallb.io/v1beta1 apiVersion: metallb.io/v1beta1
kind: IPAddressPool kind: IPAddressPool
metadata: metadata:
@ -6,4 +7,4 @@ metadata:
namespace: metallb-system namespace: metallb-system
spec: spec:
addresses: addresses:
- 91.232.225.63-91.232.225.63 - 91.232.225.63-91.232.225.63

80
manifests/git_clone.yaml
View File

@ -1,80 +0,0 @@
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: git-clone-repo
namespace: tekton-jobs
spec:
workspaces:
- name: src
mountPath: /src
params:
- name: url
steps:
- name: Git Clone
image: alpine/git
script: |
#!/bin/bash
---
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: write
namespace: tekton-jobs
spec:
workspaces:
- name: src
mountPath: /custom/path/relative/to/root
steps:
- name: goodbye
image: ubuntu
script: |
#!/bin/bash
cat $(workspaces.src.path)/check
---
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: hello-goodbye
namespace: tekton-jobs
spec:
tasks:
- name: read
taskRef:
name: read
workspaces:
- name: src
workspace: src
- name: write
runAfter:
- read
taskRef:
name: read
workspaces:
- name: src
workspace: src
workspaces:
- name: src
---
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
name: hello-goodbye-run
namespace: tekton-jobs
spec:
pipelineRef:
name: hello-goodbye
namespace: tekton-jobs
params:
- name: username
value: "Tekton"
workspaces:
- name: src
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce # access mode may affect how you can use this volume in parallel tasks
resources:
requests:
storage: 1Gi

13
manifests/tekton/cdh.yaml
View File

@ -1,13 +0,0 @@
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: check-da-helm
namespace: tekton-pipelines
spec:
params:
- name: environment
type: string
steps:
- name: check-da-helm
image: ghcr.io/allanger/check-da-helm-helmfile-secrets:stable
script: "cdh --kind helmfile -p helmfile.yaml --helmfile-environment \n"

13
manifests/tekton/gitea-event-listener.yaml
View File

@ -1,13 +0,0 @@
---
apiVersion: triggers.tekton.dev/v1beta1
kind: EventListener
metadata:
name: gitea-webhook
spec:
serviceAccountName: pipeline
triggers:
- name: tekton-greeter-webhook
bindings:
- ref: gitea-triggerbinding
template:
ref: tekton-greeter-trigger-template

58
releases.yaml
View File

@ -26,33 +26,6 @@ templates:
args: args:
- -c - -c
- "helm show crds {{ .Release.Chart }} --version {{ .Release.Version }} | kubectl delete -f - || true" - "helm show crds {{ .Release.Chart }} --version {{ .Release.Version }} | kubectl delete -f - || true"
tekton-triggers-hook:
hooks:
- events: ["preapply"]
showlogs: true
command: "sh"
args:
- -c
- |
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/release.yaml \
&& kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/interceptors.yaml
- events: ["prepare"]
showlogs: true
command: "sh"
args:
- -c
- |
kubectl diff -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/release.yaml || true \
&& kubectl diff -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/interceptors.yaml || true
- events: ["postuninstall"]
showlogs: true
command: "sh"
args:
- -c
- |
kubectl delete -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/release.yaml \
&& kubectl delete -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/interceptors.yaml
# ---------------------------- # ----------------------------
# -- Configs # -- Configs
# ---------------------------- # ----------------------------
@ -126,7 +99,7 @@ templates:
cert-manager: &cert-manager cert-manager: &cert-manager
name: cert-manager name: cert-manager
chart: jetstack/cert-manager chart: jetstack/cert-manager
version: 1.12.4 version: 1.13.0
set: set:
- name: installCRDs - name: installCRDs
value: true value: true
@ -140,7 +113,7 @@ templates:
argocd: &argocd argocd: &argocd
name: argocd name: argocd
chart: argo/argo-cd chart: argo/argo-cd
version: 5.46.2 version: 5.46.7
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
@ -153,7 +126,7 @@ templates:
prometheus: &prometheus prometheus: &prometheus
name: prometheus name: prometheus
chart: prometheus-community/kube-prometheus-stack chart: prometheus-community/kube-prometheus-stack
version: 51.0.0 version: 51.2.0
inherit: inherit:
- template: monitoring-common - template: monitoring-common
- template: default-env-values - template: default-env-values
@ -164,7 +137,7 @@ templates:
loki: &loki loki: &loki
name: loki name: loki
chart: grafana/loki chart: grafana/loki
version: 5.20.0 version: 5.23.0
inherit: inherit:
- template: monitoring-common - template: monitoring-common
- template: default-env-values - template: default-env-values
@ -172,7 +145,7 @@ templates:
promtail: &promtail promtail: &promtail
name: promtail name: promtail
chart: grafana/promtail chart: grafana/promtail
version: 6.15.1 version: 6.15.2
inherit: inherit:
- template: monitoring-common - template: monitoring-common
- template: default-env-values - template: default-env-values
@ -240,19 +213,10 @@ templates:
- template: default-env-secrets - template: default-env-secrets
- template: drone-common - template: drone-common
tekton-pipeline: &tekton-pipeline
name: tekton-pipeline
chart: cdf/tekton-pipeline
version: 1.0.2
inherit:
- template: default-env-values
- template: default-env-secrets
- template: tekton-triggers-hook
nrodionov: &nrodionov nrodionov: &nrodionov
name: nrodionov name: nrodionov
chart: bitnami/wordpress chart: bitnami/wordpress
version: 17.1.7 version: 17.1.11
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
@ -271,7 +235,7 @@ templates:
minecraft: &minecraft minecraft: &minecraft
name: minecraft name: minecraft
chart: minecraft-server-charts/minecraft chart: minecraft-server-charts/minecraft
version: 4.9.6 version: 4.10.0
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
@ -319,7 +283,7 @@ templates:
redis: &redis redis: &redis
name: redis name: redis
chart: bitnami/redis chart: bitnami/redis
version: 18.0.4 version: 18.1.0
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
@ -327,7 +291,7 @@ templates:
postgres: &postgres postgres: &postgres
name: postgres name: postgres
chart: bitnami/postgresql chart: bitnami/postgresql
version: 12.11.1 version: 12.12.7
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets
@ -335,7 +299,7 @@ templates:
db-operator: &db-operator db-operator: &db-operator
name: db-operator name: db-operator
chart: db-operator/db-operator chart: db-operator/db-operator
version: 1.10.1 version: 1.11.0
db-instances: &db-instances db-instances: &db-instances
name: db-instances name: db-instances
@ -348,7 +312,7 @@ templates:
mysql: &mysql mysql: &mysql
name: mysql name: mysql
chart: bitnami/mysql chart: bitnami/mysql
version: 9.12.2 version: 9.12.3
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: default-env-secrets - template: default-env-secrets

4
repositories.yaml
View File

@ -35,6 +35,4 @@ repositories:
- name: db-operator - name: db-operator
url: https://db-operator.github.io/charts url: https://db-operator.github.io/charts
- name: allanger-gitea - name: allanger-gitea
url: https://git.badhouseplants.net/api/packages/allanger/helm url: https://git.badhouseplants.net/api/packages/allanger/helm
- name: cdf
url: https://cdfoundation.github.io/tekton-helm-chart/