softplayer/softplayer-helmfile
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

switch to zot

Browse Source
This commit is contained in:
Nikolai Rodionov 2024-05-08 17:38:52 +02:00
parent cb2ce491a1
commit 8c09f38193
No known key found for this signature in database
GPG Key ID: 0AA46A90E25592AD
30 changed files with 479 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
charts/ippool/.helmignore Normal file
View File

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

24
charts/ippool/Chart.yaml Normal file
View File

@ -0,0 +1,24 @@
apiVersion: v2
name: network-base
description: A Helm chart for Kubernetes
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "1.16.0"

51
charts/ippool/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,51 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "network-base.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "network-base.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "network-base.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "network-base.labels" -}}
helm.sh/chart: {{ include "network-base.chart" . }}
{{ include "network-base.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "network-base.selectorLabels" -}}
app.kubernetes.io/name: {{ include "network-base.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

11
charts/ippool/templates/ipaddresspool.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: {{ include "network-base.fullname" . }}
labels:
{{- include "network-base.labels" $ | nindent 4 }}
spec:
addresses:
- {{ .Values.ipPool }}
autoAssign: true
avoidBuggyIPs: false

1
charts/ippool/values.yaml Normal file
View File

@ -0,0 +1 @@
ipPool: 0.0.0.0-1.1.1.1

23
charts/network-base/.helmignore Normal file
View File

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

24
charts/network-base/Chart.yaml Normal file
View File

@ -0,0 +1,24 @@
apiVersion: v2
name: network-base
description: A Helm chart for Kubernetes
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "1.16.0"

51
charts/network-base/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,51 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "network-base.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "network-base.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "network-base.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "network-base.labels" -}}
helm.sh/chart: {{ include "network-base.chart" . }}
{{ include "network-base.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "network-base.selectorLabels" -}}
app.kubernetes.io/name: {{ include "network-base.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

14
charts/network-base/templates/certificate.yaml Normal file
View File

@ -0,0 +1,14 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: {{ include "network-base.fullname" . }}
labels:
{{- include "network-base.labels" $ | nindent 4 }}
spec:
dnsNames:
- {{ .Values.domain }}
- "*.{{ .Values.domain }}"
issuerRef:
kind: Issuer
name: {{ include "network-base.fullname" . }}
secretName: {{ include "network-base.fullname" . }}-cert

39
charts/network-base/templates/gateway.yaml Normal file
View File

@ -0,0 +1,39 @@
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
name: {{ include "network-base.fullname" . }}
labels:
{{- include "network-base.labels" $ | nindent 4 }}
spec:
selector:
istio: ingressgateway
servers:
- hosts:
- {{ .Values.domain }}
- "*.{{ .Values.domain }}"
port:
name: grpc-web
number: 8080
protocol: HTTPS
tls:
credentialName: {{ include "network-base.fullname" . }}-cert
mode: SIMPLE
- hosts:
- {{ .Values.domain }}
- "*.{{ .Values.domain }}"
port:
name: http
number: 80
protocol: HTTP2
tls:
httpsRedirect: true
- hosts:
- {{ .Values.domain }}
- "*.{{ .Values.domain }}"
port:
name: https
number: 443
protocol: HTTPS
tls:
credentialName: {{ include "network-base.fullname" . }}-cert
mode: SIMPLE

20
charts/network-base/templates/issuer.yaml Normal file
View File

@ -0,0 +1,20 @@
---
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: {{ include "network-base.fullname" . }}
labels:
{{- include "network-base.labels" $ | nindent 4 }}
spec:
acme:
email: {{ .Values.certificate.email }}
privateKeySecretRef:
name: {{ include "network-base.fullname" . }}-priv-key
server: https://acme-staging-v02.api.letsencrypt.org/directory
solvers:
- dns01:
cloudflare:
apiTokenSecretRef:
key: value
name: {{ include "network-base.fullname" . }}-clf-token
email: {{ .Values.certificate.email }}

10
charts/network-base/templates/secret.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ include "network-base.fullname" . }}-clf-token
# namespace: cert-manager
labels:
{{- include "network-base.labels" $ | nindent 4 }}
type: Opaque
stringData:
value: {{ .Values.certificate.cloudflareToken }}

4
charts/network-base/values.yaml Normal file
View File

@ -0,0 +1,4 @@
certificate:
email: email@email.email
cloudflareToken: token
domain: test.io

3
charts/softplayer-backend/templates/vs.yaml
View File

@ -1,4 +1,3 @@
---
apiVersion: networking.istio.io/v1beta1 apiVersion: networking.istio.io/v1beta1
kind: VirtualService kind: VirtualService
metadata: metadata:
@ -7,7 +6,7 @@ metadata:
{{- include "softplayer-backend.labels" . | nindent 4 }} {{- include "softplayer-backend.labels" . | nindent 4 }}
spec: spec:
gateways: gateways:
- istio-system/badhouseplants-net - {{ .Values.istio.gateway }}
hosts: hosts:
- {{ .Values.config.hostname }} - {{ .Values.config.hostname }}
http: http:

27
charts/softplayer-backend/values.yaml
View File

@ -1,12 +1,16 @@
config: config:
hostname: softplayer.dev.badhouseplants.net hostname: softplayer.dev.badhouseplants.net
# hostname: softplayer-backend.badhouseplants.net
replicaCount: 1 replicaCount: 1
istio:
gateway: istio-system/network-base
# gateway: istio-system/badhouseplants-net
image: image:
repository: git.badhouseplants.net/softplayer/softplayer-backend repository: git.badhouseplants.net/softplayer/softplayer-backend
pullPolicy: Always pullPolicy: Always
tag: latest tag: latest
imagePullSecrets: [] imagePullSecrets: []
nameOverride: "" nameOverride: ""
fullnameOverride: "" fullnameOverride: ""
@ -66,17 +70,20 @@ autoscaling:
# targetMemoryUtilizationPercentage: 80 # targetMemoryUtilizationPercentage: 80
# Additional volumes on the output Deployment definition. # Additional volumes on the output Deployment definition.
volumes: [] volumes:
# - name: foo - name: tmp
# secret: emptyDir: {}
# secretName: mysecret - name: tmpsoftplayer
# optional: false emptyDir: {}
# Additional volumeMounts on the output Deployment definition. # Additional volumeMounts on the output Deployment definition.
volumeMounts: [] volumeMounts:
# - name: foo - name: tmp
# mountPath: "/etc/foo" mountPath: "/tmp"
# readOnly: true readOnly: false
- name: tmpsoftplayer
mountPath: "/tmpsoftplayer"
readOnly: false
nodeSelector: {} nodeSelector: {}

2
charts/softplayer-web/templates/vs.yaml
View File

@ -7,7 +7,7 @@ metadata:
{{- include "softplayer-web.labels" . | nindent 4 }} {{- include "softplayer-web.labels" . | nindent 4 }}
spec: spec:
gateways: gateways:
- istio-system/badhouseplants-net - {{ .Values.istio.gateway }}
hosts: hosts:
- {{ .Values.config.hostname }} - {{ .Values.config.hostname }}
http: http:

2
charts/softplayer-web/values.yaml
View File

@ -1,5 +1,7 @@
config: config:
hostname: dev.badhouseplants.net hostname: dev.badhouseplants.net
istio:
gateway: istio-system/network-base
replicaCount: 1 replicaCount: 1

1
charts/tekton-pipelines/templates/pipelines/hetzner-cleanup.yaml
View File

@ -28,6 +28,7 @@ spec:
value: $(params.environment) value: $(params.environment)
- name: namespace - name: namespace
value: $(params.namespace) value: $(params.namespace)
- name: cleanup-dns-records - name: cleanup-dns-records
retries: 3 retries: 3
taskRef: taskRef:

18
charts/tekton-pipelines/templates/tasks/bootstrap-k3s.yml
View File

@ -55,6 +55,7 @@ spec:
script: | script: |
#!/bin/sh #!/bin/sh
ansible-playbook /src/playbooks/systems/system-bootstrap/playbook.yml ansible-playbook /src/playbooks/systems/system-bootstrap/playbook.yml
- name: prepare-k3s - name: prepare-k3s
env: env:
- name: SP_ENV - name: SP_ENV
@ -71,7 +72,9 @@ spec:
script: |- script: |-
#!/bin/sh #!/bin/sh
ansible-playbook /src/playbooks/systems/k3s-bootstrap/playbook.yml ansible-playbook /src/playbooks/systems/k3s-bootstrap/playbook.yml
- name: prepare-kubeconfig
- name: get-config
image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest
env: env:
- name: SP_ENV - name: SP_ENV
value: $(params.environment) value: $(params.environment)
@ -83,10 +86,12 @@ spec:
value: /tmp/outputs/ssh_key value: /tmp/outputs/ssh_key
- name: ANSIBLE_HOST_KEY_CHECKING - name: ANSIBLE_HOST_KEY_CHECKING
value: "false" value: "false"
image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest script: |
script: |-
#!/bin/sh #!/bin/sh
ansible-playbook /src/playbooks/other/k8s-create-user/playbook.yml ansible-playbook /src/playbooks/other/k3s-save-config/playbook.yml
export SERVICE_ENTRYPOINT=$(cat /tmp/outputs/inventory.yaml | yq '.servers.vars.service_entrypoint')
sed -i "s/127.0.0.1/${SERVICE_ENTRYPOINT}/" /tmp/outputs/config
- name: save-kubeconfig - name: save-kubeconfig
image: alpine/k8s:1.29.2 image: alpine/k8s:1.29.2
script: |- script: |-
@ -97,9 +102,10 @@ spec:
kubectl create secret generic \ kubectl create secret generic \
"$(params.environment)"-config \ "$(params.environment)"-config \
--namespace "$(params.namespace)" \ --namespace "$(params.namespace)" \
--from-file=value=/tmp/outputs/admin-default-config --from-file=value=/tmp/outputs/config
workspaces: workspaces:
- name: outputs - name: outputs
description: A folder to store outputs description: A folder to store outputs
optional: false optional: false
mountPath: /tmp/outputs mountPath: /tmp/outputs

13
charts/tekton-pipelines/templates/tasks/cleanup-dns-records.yml
View File

@ -13,13 +13,6 @@ spec:
- name: environment - name: environment
type: string type: string
steps: steps:
- name: get-provider-outputs
image: alpine/k8s:1.29.2
script: |-
#!/bin/sh
kubectl get configmap "$(params.environment)"-provider-outputs \
--namespace "$(params.namespace)" -o yaml \
| yq '.data."provider_outputs.yaml"' > /tmp/outputs/provider_outputs.yaml
- name: setup-dns - name: setup-dns
image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest
env: env:
@ -32,9 +25,3 @@ spec:
script: |- script: |-
#!/bin/sh #!/bin/sh
ansible-playbook /src/playbooks/other/cloudflare/playbook.yml ansible-playbook /src/playbooks/other/cloudflare/playbook.yml
workspaces:
- name: outputs
description: A folder to store outputs
optional: false
mountPath: /tmp/outputs

6
charts/tekton-pipelines/templates/tasks/deploy-helmfile-base.yml
View File

@ -30,6 +30,11 @@ spec:
"$(params.environment)" \ "$(params.environment)" \
--namespace "$(params.namespace)" \ --namespace "$(params.namespace)" \
"softplayer.net/status=installing-dependencies" "softplayer.net/status=installing-dependencies"
- name: get-yq
image: mikefarah/yq
script: |-
#!/bin/sh
cp $(which yq) /tmp/outputs/yq
- name: deploy-helmfile - name: deploy-helmfile
image: ghcr.io/helmfile/helmfile:v0.163.1 image: ghcr.io/helmfile/helmfile:v0.163.1
env: env:
@ -37,6 +42,7 @@ spec:
value: /tmp/outputs/config value: /tmp/outputs/config
script: |- script: |-
#!/bin/sh #!/bin/sh
cp /tmp/outputs/yq /usr/bin/yq
mkdir -p /src mkdir -p /src
git clone https://git.badhouseplants.net/softplayer/softplayer-helmfile.git /src/helmfile git clone https://git.badhouseplants.net/softplayer/softplayer-helmfile.git /src/helmfile
cd /src/helmfile/workload && helmfile sync cd /src/helmfile/workload && helmfile sync

5
charts/tekton-pipelines/templates/tasks/install-app.yml
View File

@ -44,4 +44,7 @@ spec:
--chart=helmrelease \ --chart=helmrelease \
--values-from Secret/$SP_APPLICATION-config \ --values-from Secret/$SP_APPLICATION-config \
--kubeconfig-secret-ref=$SP_ENV-config \ --kubeconfig-secret-ref=$SP_ENV-config \
--target-namespace=default --target-namespace=default --export \
| yq '.spec.storageNamespace="helm-installations"' \
| kubectl create -f -
flux reconcile helmrelease --namespace=$SP_ACCOUNT $SP_APPLICATION

13
charts/tekton-pipelines/templates/tasks/prepare-hetzner-infra.yml
View File

@ -30,6 +30,15 @@ spec:
"$(params.environment)" \ "$(params.environment)" \
--namespace "$(params.namespace)" \ --namespace "$(params.namespace)" \
"softplayer.net/status=infra-bootstrapping" "softplayer.net/status=infra-bootstrapping"
- name: get-dotenv-from-configmap
image: alpine/k8s:1.29.2
script: |-
#!/bin/sh
kubectl get configmap -o yaml \
$(params.environment) \
--namespace "$(params.namespace)" \
| yq '.data.vars' > /tmp/outputs/dotenv
- name: create-hetzner-infra - name: create-hetzner-infra
image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest
env: env:
@ -42,7 +51,9 @@ spec:
- name: SOPS_AGE_KEY - name: SOPS_AGE_KEY
value: {{ .Values.providers.hetzner.ageKey }} value: {{ .Values.providers.hetzner.ageKey }}
script: |- script: |-
#!/bin/sh #!/bin/bash
export $(grep -v '^#' /tmp/outputs/dotenv | xargs -0)
env
ansible-playbook /src/playbooks/providers/hetzner/playbook.yml ansible-playbook /src/playbooks/providers/hetzner/playbook.yml
- name: save-inventory - name: save-inventory
image: alpine/k8s:1.29.2 image: alpine/k8s:1.29.2

24
helmule/bitnami/build_charts.sh Executable file
View File

@ -0,0 +1,24 @@
#! /usr/bin/env bash
export REPO_NAME=bitnami
export REPO_URL=https://charts.bitnami.com/bitnami
WORKDIR=$(mktemp -d)
envsubst < ./helmule.yaml > "${WORKDIR}/helmule.yaml"
cat "${WORKDIR}/helmule.yaml"
helm repo add $REPO_NAME $REPO_URL
helm repo update
for chart in $(helm search repo bitnami -o yaml | yq '.[].name' | sed -e 's/.*\///'); do
export CHART_NAME=$chart
envsubst < ./charts.yaml.tpl > "$WORKDIR/$chart.yaml"
cat <<EOF >> $WORKDIR/helmule.yaml
- kind: Charts
path: "./$chart.yaml"
EOF
done
cat "${WORKDIR}/helmule.yaml"
helmule --config "${WORKDIR}/helmule.yaml"

4
helmule/bitnami/charts.yaml.tpl Normal file
View File

@ -0,0 +1,4 @@
name: $CHART_NAME
repository: $REPO_NAME
mirrors:
- zot

15
helmule/bitnami/helmule.yaml Normal file
View File

@ -0,0 +1,15 @@
mirrors:
- name: zot
custom_command:
package:
- helm package -d package .
upload:
- helm push ./package/{{ name }}-{{ version }}.tgz oci://registry.badhouseplants.net/softplayer/bitnami
repositories:
- name: $REPO_NAME
helm:
url: $REPO_URL
include:

21
helmule/helmule.yaml
View File

@ -2,6 +2,9 @@ repositories:
- name: cdf - name: cdf
helm: helm:
url: https://cdfoundation.github.io/tekton-helm-chart/ url: https://cdfoundation.github.io/tekton-helm-chart/
- name: keel
helm:
url: https://charts.keel.sh
- name: istio - name: istio
helm: helm:
url: https://istio-release.storage.googleapis.com/charts url: https://istio-release.storage.googleapis.com/charts
@ -47,6 +50,9 @@ repositories:
url: https://git.badhouseplants.net/allanger/helm-charts url: https://git.badhouseplants.net/allanger/helm-charts
git_ref: add-shadowsocks git_ref: add-shadowsocks
path: charts path: charts
- name: kubernetes-dashboard
helm:
url: https://kubernetes.github.io/dashboard/
mirrors: mirrors:
- name: custom-commands - name: custom-commands
@ -54,7 +60,7 @@ mirrors:
package: package:
- helm package -d package . - helm package -d package .
upload: upload:
- helm push ./package/{{ name }}-{{ version }}.tgz oci://git.badhouseplants.net/softplayer/helm - helm push ./package/{{ name }}-{{ version }}.tgz oci://registry.badhouseplants.net/softplayer/helm
- rm -rf ./package - rm -rf ./package
charts: charts:
@ -127,7 +133,7 @@ charts:
repository: fluxcd-community repository: fluxcd-community
mirrors: mirrors:
- custom_command - custom_command
- name: helmrelease - name: helmrelease
repository: softplayer repository: softplayer
mirrors: mirrors:
@ -137,3 +143,14 @@ charts:
repository: allanger-charts repository: allanger-charts
mirrors: mirrors:
- custom_command - custom_command
- name: keel
repository: keel
mirrors:
- custom_command
- name: kubernetes-dashboard
repository: kubernetes-dashboard
mirrors:
- custom_command

43
service/helmfile.yaml
View File

@ -1,6 +1,6 @@
repositories: repositories:
- name: zot - name: zot
url: git.badhouseplants.net/softplayer/helm url: registry.badhouseplants.net/softplayer/helm
oci: true oci: true
releases: releases:
@ -81,8 +81,8 @@ releases:
- ./values/cert-mangager.yaml - ./values/cert-mangager.yaml
- name: metallb - name: metallb
chart: metallb/metallb chart: zot/metallb
version: 0.14.3 version: 0.14.5
namespace: metallb-system namespace: metallb-system
createNamespace: false createNamespace: false
needs: needs:
@ -134,8 +134,45 @@ releases:
values: values:
- ./values/values.istiod.yaml - ./values/values.istiod.yaml
- name: keel
chart: zot/keel
version: 1.0.3
namespace: kube-system
- name: network-base
namespace: istio-system
createNamespace: false
chart: ../charts/network-base/
values:
- ./values/network-base.yaml
secrets:
- ./secrets/network-base.yaml
needs:
- istio-system/istio-ingressgateway
- cert-manager/cert-manager
- name: ippool
namespace: metallb-system
createNamespace: false
chart: ../charts/ippool
values:
{{ $ip4 := trim (exec "bash" (list "-c" "cat /tmp/outputs/provider_outputs.yaml | yq '.user_entrypoint'")) }}
- ipPool: "{{- printf "%s-%s" $ip4 $ip4 -}}"
needs:
- istio-system/istio-ingressgateway
- metallb-system/metallb
- cert-manager/cert-manager
- softplayer-backend/softplayer-backend
- softplayer-backend/softplayer-web
- name: softplayer-backend - name: softplayer-backend
chart: ../charts/softplayer-backend chart: ../charts/softplayer-backend
namespace: softplayer-backend namespace: softplayer-backend
needs: needs:
- istio-system/istio-ingressgateway - istio-system/istio-ingressgateway
- name: softplayer-web
chart: ../charts/softplayer-web
namespace: softplayer-backend
needs:
- istio-system/istio-ingressgateway

22
service/secrets/network-base.yaml Normal file
View File

@ -0,0 +1,22 @@
certificate:
cloudflareToken: ENC[AES256_GCM,data:82Y0qs40zEv9UY/Zp1BjSl/90UQCG6sUd6a6MIZW12NY9Os0k48W3w==,iv:THZC/Xf2JhQP2UUMTj2vZVfMe4oCmlQWaVsPssBSgnk=,tag:Ek29sys6S1DcihPwc0fXHA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1mrdee45qq36trja45u0wcem7c2mgydw35zkuhh97khgc7veanaaq29wzh4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0SVVDcFlFZ3l2cExqTHVJ
T0JLeHNubENpdmpmRkFBRjdLVWFWUzMvR0ZrCkVrV01acUJvcUtQSkhYcHpadlRH
UGFWZzliaXZ0dWt4RTl6V3NSYi85U2cKLS0tIGxxYWFNOGRrOExwdHArak1HaXNn
ZlU2WUwvRUNKWVVJVTRNaVA5d2EyMXcKfEPSd6MPfVHjYUgT5fMbiHfwvGXd9o+f
xW8rQMXUQ8d5Dojjw3GHgajE52kN4WuAMEVlPAC4tn7FbXD5Rz80gw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-05-05T10:02:48Z"
mac: ENC[AES256_GCM,data:C30vhqgW+aTTQxv8OuU1fGf8aUB5HsJaQEK7aaE/SVndFWBxgww+eKubdRqJ/jojClZxwH1lOlRTZe+v+8qnHGF9mMM6cqf2fsNuo8CuKKfrVDYuEd/eGszCYVOGv1Bo6zv6ZInzXhfUQBoPkpAuraJpuMG81RZOSnRQZ0qK25s=,iv:p8gPjjWSeHXcjzHNjJVpbo0GQ7jNbb2lxiEqkLn2ZwM=,tag:Bqxfd7Te3yEbGtAUxOMhYA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

4
service/values/network-base.yaml Normal file
View File

@ -0,0 +1,4 @@
certificate:
email: allanger@badhouseplants.net
domain: dev.badhouseplants.net
ipPool: 0.0.0.0-1.1.1.1