shpaq/auricom-home-cluster
1
0
Fork 0
mirror of https://github.com/auricom/home-cluster.git synced 2025-09-28 13:05:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

🔥 drone

Browse Source
This commit is contained in:
auricom
2023-07-15 10:07:57 +02:00
parent da674ef259
commit 34590ac9dc
11 changed files with 0 additions and 312 deletions
Download Patch File Download Diff File Expand all files Collapse all files

99
kubernetes/apps/default/drone/app/helmrelease.yaml
View File

@@ -1,99 +0,0 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: drone
namespace: default
spec:
interval: 15m
chart:
spec:
chart: drone
version: 0.6.4
sourceRef:
kind: HelmRepository
name: drone
namespace: flux-system
maxHistory: 3
install:
createNamespace: true
remediation:
retries: 3
upgrade:
cleanupOnFail: true
remediation:
retries: 3
uninstall:
keepHistory: false
values:
image:
repository: drone/drone
tag: 2.18.0
persistentVolume:
enabled: false
env:
DRONE_DATABASE_DRIVER: postgres
DRONE_GIT_ALWAYS_AUTH: true
DRONE_GITEA_SERVER: https://gitea.${SECRET_CLUSTER_DOMAIN}
DRONE_SERVER_HOST: &host drone.${SECRET_CLUSTER_DOMAIN}
DRONE_SERVER_PROTO: https
DRONE_SERVER_PROXY_HOST: drone.default.svc:8080
DRONE_SERVER_PROXY_PROTO: http
DRONE_USER_CREATE: username:context,admin:true
ingress:
enabled: true
className: nginx
annotations:
hajimari.io/icon: mdi:reload
hosts:
- host: *host
paths:
- path: /
pathType: Prefix
tls:
- hosts:
- *host
valuesFrom:
- targetPath: env.DRONE_DATABASE_DATASOURCE
kind: Secret
name: drone
valuesKey: DRONE_DATABASE_DATASOURCE
- targetPath: env.DRONE_GITEA_CLIENT_ID
kind: Secret
name: drone
valuesKey: DRONE_GITEA_CLIENT_ID
- targetPath: env.DRONE_GITEA_CLIENT_SECRET
kind: Secret
name: drone
valuesKey: DRONE_GITEA_CLIENT_SECRET
- targetPath: env.DRONE_RPC_SECRET
kind: Secret
name: drone
valuesKey: DRONE_RPC_SECRET
postRenderers:
- kustomize:
patchesStrategicMerge:
- kind: Deployment
apiVersion: apps/v1
metadata:
name: drone
spec:
template:
spec:
initContainers:
- name: init-db
image: ghcr.io/onedr0p/postgres-initdb:14.8
env:
- name: POSTGRES_HOST
value: ${POSTGRES_HOST}
- name: POSTGRES_DB
value: drone
- name: POSTGRES_SUPER_PASS
valueFrom:
secretKeyRef:
name: postgres-superuser
key: password
envFrom:
- secretRef:
name: drone

7
kubernetes/apps/default/drone/app/kustomization.yaml
View File

@@ -1,7 +0,0 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: default
resources:
- ./helmrelease.yaml

74
kubernetes/apps/default/drone/ks.yaml
View File

@@ -1,74 +0,0 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/kustomization_v1beta2.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: cluster-apps-drone
namespace: flux-system
labels:
substitution.flux.home.arpa/enabled: "true"
spec:
path: ./kubernetes/apps/default/drone/app
prune: true
sourceRef:
kind: GitRepository
name: home-ops-kubernetes
dependsOn:
- name: cluster-apps-cloudnative-pg-cluster
- name: cluster-apps-drone-runner-kube
healthChecks:
- apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
name: drone
namespace: default
interval: 30m
retryInterval: 1m
timeout: 3m
---
# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/kustomization_v1beta2.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: cluster-apps-drone-kubernetes-secrets
namespace: flux-system
labels:
substitution.flux.home.arpa/enabled: "true"
spec:
path: ./kubernetes/apps/default/drone/kubernetes-secrets
prune: true
sourceRef:
kind: GitRepository
name: home-ops-kubernetes
healthChecks:
- apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
name: drone-kubernetes-secrets
namespace: default
interval: 30m
retryInterval: 1m
timeout: 3m
---
# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/kustomization_v1beta2.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: cluster-apps-drone-runner-kube
namespace: flux-system
labels:
substitution.flux.home.arpa/enabled: "true"
spec:
path: ./kubernetes/apps/default/drone/runner-kube
prune: true
sourceRef:
kind: GitRepository
name: home-ops-kubernetes
dependsOn:
- name: cluster-apps-drone-kubernetes-secrets
healthChecks:
- apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
name: drone-runner-kube
namespace: default
interval: 30m
retryInterval: 1m
timeout: 3m

36
kubernetes/apps/default/drone/kubernetes-secrets/helmrelease.yaml
View File

@@ -1,36 +0,0 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: drone-kubernetes-secrets
namespace: default
spec:
interval: 15m
chart:
spec:
chart: drone-kubernetes-secrets
version: 0.1.4
sourceRef:
kind: HelmRepository
name: drone
namespace: flux-system
maxHistory: 3
install:
createNamespace: true
remediation:
retries: 3
upgrade:
cleanupOnFail: true
remediation:
retries: 3
uninstall:
keepHistory: false
values:
env:
KUBERNETES_NAMESPACE: default
valuesFrom:
- targetPath: env.SECRET_KEY
kind: Secret
name: drone
valuesKey: DRONE_SECRET_PLUGIN_TOKEN

8
kubernetes/apps/default/drone/kubernetes-secrets/kustomization.yaml
View File

@@ -1,8 +0,0 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: default
resources:
- ./helmrelease.yaml
- ./secret.sops.yaml

35
kubernetes/apps/default/drone/kubernetes-secrets/secret.sops.yaml
View File

@@ -1,35 +0,0 @@
# yamllint disable
apiVersion: v1
kind: Secret
metadata:
name: drone
namespace: default
type: Opaque
stringData:
DRONE_DATABASE_DATASOURCE: ENC[AES256_GCM,data:+9NZ76uh+GIJCyXz/4KT9TUhnHRkZ7OCHPEJ9w3zwgxqFhbtf6qRoTbPszumvFkn71xgmBhkul8ZWx6A5/gIhbwfTi3+829VLzBivXdFv0nC9/KYPcEGmsXVMFQ=,iv:NhUdL1/fVhfpsIQYgYGxqhO1zt/4QvgooNb9VVbXrWM=,tag:yWWvV7IwwtlcMYefty3ytw==,type:str]
DRONE_GITEA_CLIENT_ID: ENC[AES256_GCM,data:hdXlmw5xNXx+ejn73qt0FFyOzTuA3IP4ktVv/Y8SpDBxgHiA,iv:VYSzQYRp+z7RaYpXFNQ5x6WXuMCiN4s8HiKA5KIyzzc=,tag:/PYkbjoq3YLVf9zct7QiOQ==,type:str]
DRONE_GITEA_CLIENT_SECRET: ENC[AES256_GCM,data:c++RGOWPOY6lifgFJC1zqm/M2+vo7aM7Wo6woO5MJUTwa+lBm59+uPnwBpgqOOkJKSntFBcMVDY=,iv:ZRazYwK6jfFvkMwpBotqp1Ol/018ZBNf7apidx0lMdY=,tag:53kf/zdjGjtv0ImLsI5oQA==,type:str]
DRONE_RPC_SECRET: ENC[AES256_GCM,data:O+YljkHzgFe4HSgSRkosuTTFpaOPSyAjeVpC39BKSIU=,iv:H8SO0S8TL060mnKCOBPWexUNdYwUmyVPdetuoto6uck=,tag:XU8JCsippp0Gadptpuwuog==,type:str]
DRONE_SECRET_PLUGIN_TOKEN: ENC[AES256_GCM,data:rRP1/jdkyHkwTmB8j5svo0xg6YFw64f9EVcoMzyzHbk=,iv:LYMgl50+edTnk0Im7uzLZW0THemraadOpOLkyvL/5Og=,tag:nIkuWVAK1NvawHksQar0tQ==,type:str]
POSTGRES_USER: ENC[AES256_GCM,data:IG2irMs=,iv:JouooVVdstNAmb4FberAJyiztIgvzL1hmLtnEk9U/FU=,tag:YTOuutIco2NohhvCDhn0Gw==,type:str]
POSTGRES_PASS: ENC[AES256_GCM,data:qiHiSB+YLlgLCVvY5Vs=,iv:jDOqLd0lRYZCBJrAsnyz/QAu8F/zgTQRfX5lkcNzQO8=,tag:+VCCujZOsTOrxZda4TLcLA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1hhurqwmfvl9m3vh3hk8urulfzcdsrep2ax2neazqt435yhpamu3qj20asg
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBVWZVaFFvMVJRRWR1eUU3
QzI5cjNscE83czk0TG9Ra1JvVmExa0hWbWt3Ck1YY1htcXhDamwxY1pVcE0wS2U3
WWNQbTJFK1dFdEhkMk8vbG9pQlJzN1kKLS0tIDBUTUZhMUF2VVJhbFNpQ1FTNWZC
ZUZsSDdUYXFVb3JROEFnaC8yRU1zZ0UK1klzjeo3oaS6n1Apy0nY746ax2Uxxddg
Mn61QDtkPf8FLNBC3tFTe3pWzhWseD/89WaW3f3GScJxy34SFUZxLQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2022-11-27T13:34:21Z"
mac: ENC[AES256_GCM,data:dWcCWWjAhu3y8uxJ/CXFrq549v3QwOJ8KW0PVzKYzCJPBebAlTl707ItPEivbr0Hv8oZBKdMdprxAW1GGPX+GcpWMp55F9Q5AVXPMDacNciu0RCx29lcHu7XoR2kYZRcHX9SceV+Pr7JD0Ms7CbvFc/dXpq7o2SpnnUfI2vCYCk=,iv:avYarYn6G7nHsSkfV4rg2TM2AXR2qjjhou+Bk/vGWCE=,tag:YY85MDuCvFUUCW2JitbpiA==,type:str]
pgp: []
encrypted_regex: ^(data|stringData)$
version: 3.7.3

34
kubernetes/apps/default/drone/runner-kube/helmrelease.yaml
View File

@@ -1,34 +0,0 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: drone-runner-kube
namespace: default
spec:
interval: 1h
chart:
spec:
chart: drone-runner-kube
version: 0.1.10
sourceRef:
kind: HelmRepository
name: drone
namespace: flux-system
values:
image:
repository: drone/drone-runner-kube
tag: 1.0.0-beta.5
env:
DRONE_NAMESPACE_DEFAULT: default
DRONE_RPC_HOST: drone.default.svc:8080
DRONE_SECRET_PLUGIN_ENDPOINT: http://drone-kubernetes-secrets.default.svc:3000
valuesFrom:
- targetPath: env.DRONE_RPC_SECRET
kind: Secret
name: drone
valuesKey: DRONE_RPC_SECRET
- targetPath: env.DRONE_SECRET_PLUGIN_TOKEN
kind: Secret
name: drone
valuesKey: DRONE_SECRET_PLUGIN_TOKEN

7
kubernetes/apps/default/drone/runner-kube/kustomization.yaml
View File

@@ -1,7 +0,0 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: default
resources:
- ./helmrelease.yaml

1
kubernetes/apps/default/kustomization.yaml
View File

@@ -12,7 +12,6 @@ resources:
- ./calibre-web/ks.yaml
- ./changedetection/ks.yaml
- ./cloudnative-pg/ks.yaml
- ./drone/ks.yaml
- ./emqx/ks.yaml
- ./firefly-iii/ks.yaml
- ./flood/ks.yaml

10
kubernetes/flux/repositories/helm/drone.yaml
View File

@@ -1,10 +0,0 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helmrepository_v1beta2.json
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
name: drone
namespace: flux-system
spec:
interval: 2h
url: https://charts.drone.io

1
kubernetes/flux/repositories/helm/kustomization.yaml
View File

@@ -13,7 +13,6 @@ resources:
- ./cloudnative-pg.yaml
- ./crowdsec.yaml
- ./descheduler.yaml
- ./drone.yaml
- ./dysnix.yaml
- ./emxq.yaml
- ./external-dns.yaml