Skip to content

Commit

Permalink
various changes
Browse files Browse the repository at this point in the history
  • Loading branch information
@tuxpeople
tuxpeople committed Jul 1, 2023
1 parent e875161 commit 4dc2b2f
Show file tree
Hide file tree
Showing 95 changed files with 1,488 additions and 245 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/meta-labeler.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Labeler
uses: actions/labeler@9fcb2c2f5584144ca754f8bfe8c6f81e77753375 # v4.1.0
uses: actions/labeler@0967ca812e7fdc8f5f71402a1b486d5bd061fe20 # v4.2.0
with:
configuration-path: .github/labeler.yaml
repo-token: "${{ secrets.GITHUB_TOKEN }}"
2 changes: 1 addition & 1 deletion .github/workflows/release-drafter.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:
update:
runs-on: ubuntu-latest
steps:
- uses: release-drafter/release-drafter@569eb7ee3a85817ab916c8f8ff03a5bd96c9c83e # v5.23.0
- uses: release-drafter/release-drafter@65c5fb495d1e69aa8c08a3317bc44ff8aabe9772 # v5.24.0
with:
config-name: release-drafter.yaml
env:
Expand Down
2 changes: 1 addition & 1 deletion __before_move/cluster/apps/development/code-server/helm-release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ spec:
kubernetes.io/ingress.class: nginx
traefik.ingress.kubernetes.io/router.tls: "true"
external-dns/is-public: "true"
external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN_K8S}
external-dns.alpha.kubernetes.io/target: ${SECRET_DNS_TARGET}
hosts:
- host: code.${SECRET_DOMAIN_ME}
paths:
Expand Down
8 changes: 4 additions & 4 deletions __before_move/cluster/apps/development/documentation/ingress.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,11 @@ metadata:
name: documentation
annotations:
kubernetes.io/ingress.class: nginx
traefik.ingress.kubernetes.io/router.tls: 'true'
external-dns/is-public: 'true'
external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN_K8S}
traefik.ingress.kubernetes.io/router.tls: "true"
external-dns/is-public: "true"
external-dns.alpha.kubernetes.io/target: ${SECRET_DNS_TARGET}
traefik.ingress.kubernetes.io/router.middlewares: networking-forwardauth-authelia@kubernetescrd
hajimari.io/enable: 'true'
hajimari.io/enable: "true"
hajimari.io/icon: file-document-edit
spec:
tls:
Expand Down
4 changes: 2 additions & 2 deletions __before_move/cluster/apps/networking/cert-manager/letsencrypt-production.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,13 +6,13 @@ metadata:
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: ${SECRET_CLOUDFLARE_EMAIL}
email: ${SECRET_ACME_EMAIL}
privateKeySecretRef:
name: letsencrypt-production
solvers:
- dns01:
cloudflare:
email: ${SECRET_CLOUDFLARE_EMAIL}
email: ${SECRET_ACME_EMAIL}
apiTokenSecretRef:
name: cloudflare-api-key
key: api-key
Expand Down
4 changes: 2 additions & 2 deletions __before_move/cluster/apps/networking/cert-manager/letsencrypt-staging.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,13 +6,13 @@ metadata:
spec:
acme:
server: https://acme-staging-v02.api.letsencrypt.org/directory
email: ${SECRET_CLOUDFLARE_EMAIL}
email: ${SECRET_ACME_EMAIL}
privateKeySecretRef:
name: letsencrypt-production
solvers:
- dns01:
cloudflare:
email: ${SECRET_CLOUDFLARE_EMAIL}
email: ${SECRET_ACME_EMAIL}
apiTokenSecretRef:
name: cloudflare-api-key
key: api-key
Expand Down
4 changes: 2 additions & 2 deletions __before_move/cluster/apps/networking/external-dns/helm-release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ spec:
name: external-dns-charts
namespace: flux-system
test:
enable: false # Enable helm test
enable: false # Enable helm test
install:
createNamespace: true
remediation:
Expand All @@ -33,7 +33,7 @@ spec:
provider: cloudflare
env:
- name: CF_API_EMAIL
value: ${SECRET_CLOUDFLARE_EMAIL}
value: ${SECRET_ACME_EMAIL}
- name: CF_API_TOKEN
valueFrom:
secretKeyRef:
Expand Down
8 changes: 4 additions & 4 deletions __before_move/cluster/apps/networking/traefik/dashboard/ingress.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,11 @@ metadata:
name: traefik-dashboard
annotations:
kubernetes.io/ingress.class: nginx
traefik.ingress.kubernetes.io/router.tls: 'true'
external-dns/is-public: 'true'
external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN_K8S}
traefik.ingress.kubernetes.io/router.tls: "true"
external-dns/is-public: "true"
external-dns.alpha.kubernetes.io/target: ${SECRET_DNS_TARGET}
traefik.ingress.kubernetes.io/router.middlewares: networking-forwardauth-authelia@kubernetescrd
hajimari.io/enable: 'true'
hajimari.io/enable: "true"
hajimari.io/icon: web
hajimari.io/appName: traefik
spec:
Expand Down
2 changes: 1 addition & 1 deletion __before_move/cluster/apps/system-upgrade-controller/app/kustomization.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- github.com/rancher/system-upgrade-controller?ref=v0.11.0
- github.com/rancher/system-upgrade-controller?ref=v0.12.0
- plans
images:
- name: rancher/system-upgrade-controller
Expand Down
14 changes: 7 additions & 7 deletions __before_move/cluster/apps/vcluster/loft/helmrelease.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ spec:
name: loft-charts
namespace: flux-system
test:
enable: false # Enable helm test
enable: false # Enable helm test
install:
createNamespace: true
crds: CreateReplace
Expand All @@ -31,26 +31,26 @@ spec:
recreate: true
values:
admin:
create: 'true'
create: "true"
username: admin
password: ${CODESERVER_PASSWORD}
ingress:
enabled: true
host: loft.${SECRET_DOMAIN_K8S}
ingressClass: traefik
annotations:
traefik.ingress.kubernetes.io/router.tls: 'true'
external-dns/is-public: 'true'
external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN_K8S}
hajimari.io/enable: 'true'
traefik.ingress.kubernetes.io/router.tls: "true"
external-dns/is-public: "true"
external-dns.alpha.kubernetes.io/target: ${SECRET_DNS_TARGET}
hajimari.io/enable: "true"
hajimari.io/icon: mdi:chart-arc
tls:
enabled: true
secret: ${SECRET_DOMAIN_K8S//./-}-tls

# audit
audit:
enableSideCar: 'true'
enableSideCar: "true"
config:
audit:
enabled: true
Expand Down
10 changes: 5 additions & 5 deletions __before_move/old/_very_old/ansible-semaphore/semaphore-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ spec:
- name: SEMAPHORE_DB_HOST
value: mariadb
- name: SEMAPHORE_DB_PORT
value: '3306'
value: "3306"
- name: SEMAPHORE_DB
value: semaphore
- name: SEMAPHORE_PLAYBOOK_PATH
Expand All @@ -46,7 +46,7 @@ spec:
- name: SEMAPHORE_ADMIN_NAME
value: admin
- name: SEMAPHORE_ADMIN_EMAIL
value: ${SECRET_CLOUDFLARE_EMAIL}
value: ${SECRET_ACME_EMAIL}
- name: SEMAPHORE_ADMIN
value: admin
name: semaphore
Expand Down Expand Up @@ -94,9 +94,9 @@ kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN_K8S}
external-dns/is-public: 'true'
traefik.ingress.kubernetes.io/router.tls: 'true'
external-dns.alpha.kubernetes.io/target: ${SECRET_DNS_TARGET}
external-dns/is-public: "true"
traefik.ingress.kubernetes.io/router.tls: "true"
labels:
app: semaphore
name: semaphore-ingress
Expand Down
8 changes: 4 additions & 4 deletions __before_move/old/_very_old/dokuwiki/ingress.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,11 +8,11 @@ metadata:
name: dokuwiki
annotations:
kubernetes.io/ingress.class: nginx
traefik.ingress.kubernetes.io/router.tls: 'true'
external-dns/is-public: 'true'
external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN_K8S}
traefik.ingress.kubernetes.io/router.tls: "true"
external-dns/is-public: "true"
external-dns.alpha.kubernetes.io/target: ${SECRET_DNS_TARGET}
traefik.ingress.kubernetes.io/router.middlewares: networking-forwardauth-authelia@kubernetescrd
hajimari.io/enable: 'true'
hajimari.io/enable: "true"
hajimari.io/icon: file-document-edit
spec:
tls:
Expand Down
24 changes: 12 additions & 12 deletions __before_move/old/_very_old/gitea/helm-release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ spec:
name: gitea
namespace: flux-system
test:
enable: false # Enable helm test
enable: false # Enable helm test
install:
createNamespace: true
remediation:
Expand All @@ -38,7 +38,7 @@ spec:
repository:
ROOT: ~/gitea-repositories
repository.pull-request:
WORK_IN_PROGRESS_PREFIXES: 'WIP:,[WIP]:'
WORK_IN_PROGRESS_PREFIXES: "WIP:,[WIP]:"
cache:
builtIn:
enabled: true
Expand All @@ -48,17 +48,17 @@ spec:
ROOT_URL: https://git.${SECRET_DOMAIN_ME}
DISABLE_SSH: true
cron.sync_external_users:
ENABLED: 'true'
RUN_AT_START: 'true'
SCHEDULE: '@every 10m'
UPDATE_EXISTING: 'true'
NO_SUCCESS_NOTICE: 'true'
ENABLED: "true"
RUN_AT_START: "true"
SCHEDULE: "@every 10m"
UPDATE_EXISTING: "true"
NO_SUCCESS_NOTICE: "true"
ldap:
enabled: true
name: k8s-ldap
securityProtocol: unencrypted
host: openldap.identity.svc.cluster.local
port: '1389'
port: "1389"
userSearchBase: ou=users,dc=sky,dc=lab
userFilter: (sn=%s)
adminFilter: (&(objectClass=groupOfNames)(cn=admins)))
Expand All @@ -80,10 +80,10 @@ spec:
- git.${SECRET_DOMAIN_ME}
annotations:
kubernetes.io/ingress.class: nginx
traefik.ingress.kubernetes.io/router.tls: 'true'
external-dns/is-public: 'true'
external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN_K8S}
hajimari.io/enable: 'true'
traefik.ingress.kubernetes.io/router.tls: "true"
external-dns/is-public: "true"
external-dns.alpha.kubernetes.io/target: ${SECRET_DNS_TARGET}
hajimari.io/enable: "true"
hajimari.io/icon: git
tls:
- secretName: ${SECRET_DOMAIN_ME//./-}-tls
Expand Down
8 changes: 4 additions & 4 deletions __before_move/old/_very_old/gollum/ingress.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,14 +8,14 @@ metadata:
name: gollum
annotations:
kubernetes.io/ingress.class: nginx
traefik.ingress.kubernetes.io/router.tls: 'true'
traefik.ingress.kubernetes.io/router.tls: "true"
ingress.kubernetes.io/auth-type: basic
ingress.kubernetes.io/auth-realm: traefik
ingress.kubernetes.io/auth-secret: gollum-basic-auth
external-dns/is-public: 'true'
external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN_K8S}
external-dns/is-public: "true"
external-dns.alpha.kubernetes.io/target: ${SECRET_DNS_TARGET}
traefik.ingress.kubernetes.io/router.middlewares: networking-forwardauth-authelia@kubernetescrd
hajimari.io/enable: 'true'
hajimari.io/enable: "true"
hajimari.io/icon: file-document-edit-outline
spec:
tls:
Expand Down
8 changes: 4 additions & 4 deletions __before_move/old/_very_old/homer/helm-release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ spec:
name: k8s-at-home
namespace: flux-system
test:
enable: false # Enable helm test
enable: false # Enable helm test
install:
createNamespace: true
remediation:
Expand Down Expand Up @@ -46,9 +46,9 @@ spec:
enabled: true
annotations:
kubernetes.io/ingress.class: nginx
traefik.ingress.kubernetes.io/router.tls: 'true'
external-dns/is-public: 'true'
external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN_K8S}
traefik.ingress.kubernetes.io/router.tls: "true"
external-dns/is-public: "true"
external-dns.alpha.kubernetes.io/target: ${SECRET_DNS_TARGET}
traefik.ingress.kubernetes.io/router.middlewares: networking-forwardauth-authelia@kubernetescrd
hosts:
- host: homer.${SECRET_DOMAIN_ME}
Expand Down
12 changes: 6 additions & 6 deletions __before_move/old/_very_old/joplin/helm-release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ spec:
name: k8s-at-home
namespace: flux-system
test:
enable: false # Enable helm test
enable: false # Enable helm test
install:
createNamespace: true
remediation:
Expand Down Expand Up @@ -52,10 +52,10 @@ spec:
enabled: true
annotations:
kubernetes.io/ingress.class: nginx
traefik.ingress.kubernetes.io/router.tls: 'true'
external-dns/is-public: 'true'
external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN_K8S}
hajimari.io/enable: 'true'
traefik.ingress.kubernetes.io/router.tls: "true"
external-dns/is-public: "true"
external-dns.alpha.kubernetes.io/target: ${SECRET_DNS_TARGET}
hajimari.io/enable: "true"
hajimari.io/icon: newspaper
hosts:
- host: joplin.${SECRET_DOMAIN_ME}
Expand All @@ -69,7 +69,7 @@ spec:
service:
main:
annotations:
prometheus.io/probe: 'true'
prometheus.io/probe: "true"
prometheus.io/protocol: tcp
persistence:
data:
Expand Down
12 changes: 6 additions & 6 deletions __before_move/old/_very_old/k10/helm-release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ spec:
namespace: flux-system
releaseName: k10
test:
enable: false # Enable helm test
enable: false # Enable helm test
install:
createNamespace: true
crds: CreateReplace
Expand All @@ -34,7 +34,7 @@ spec:
eula:
accept: true
company: tuxpeople-k8s-homelab
email: ${SECRET_CLOUDFLARE_EMAIL}
email: ${SECRET_ACME_EMAIL}
clusterName: k8s-homelab
resources:
requests:
Expand All @@ -61,10 +61,10 @@ spec:
ingress:
annotations:
kubernetes.io/ingress.class: nginx
traefik.ingress.kubernetes.io/router.tls: 'true'
external-dns/is-public: 'true'
external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN_K8S}
hajimari.io/enable: 'true'
traefik.ingress.kubernetes.io/router.tls: "true"
external-dns/is-public: "true"
external-dns.alpha.kubernetes.io/target: ${SECRET_DNS_TARGET}
hajimari.io/enable: "true"
hajimari.io/icon: file-cabinet
hajimari.io/appName: Kasten K10
hajimari.io/url: https://k10.eighty-three.me/k10/
Expand Down
8 changes: 4 additions & 4 deletions __before_move/old/_very_old/keycloak/helm-release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ spec:
name: codecentric
namespace: flux-system
test:
enable: false # Enable helm test
enable: false # Enable helm test
install:
createNamespace: true
remediation:
Expand All @@ -34,9 +34,9 @@ spec:
enabled: true
annotations:
kubernetes.io/ingress.class: nginx
traefik.ingress.kubernetes.io/router.tls: 'true'
external-dns/is-public: 'true'
external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN_K8S}
traefik.ingress.kubernetes.io/router.tls: "true"
external-dns/is-public: "true"
external-dns.alpha.kubernetes.io/target: ${SECRET_DNS_TARGET}
rules:
- host: sso.${SECRET_DOMAIN_ME}
paths:
Expand Down
Loading

0 comments on commit 4dc2b2f

Please sign in to comment.