shpaq/auricom-home-cluster
1
0
Fork 0
mirror of https://github.com/auricom/home-cluster.git synced 2025-09-17 18:24:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

♻️ flux rework

Browse Source
This commit is contained in:
auricom
2022-09-12 22:36:08 +02:00
parent 9c34132fa0
commit d319bd59c3
19 changed files with 110 additions and 5976 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
.github/workflows/schedule-flux-update.yaml vendored
View File

@@ -1,50 +0,0 @@
---
name: Schedule - Flux Update
on: # yamllint disable-line rule:truthy
workflow_dispatch:
schedule:
- cron: "0 */4 * * *"
push:
branches:
- main
paths:
- ".github/workflows/schedule-flux-update.yaml"
jobs:
flux-update:
name: Flux Update
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Generate Token
uses: tibdex/github-app-token@v1
id: generate-token
with:
app_id: "${{ secrets.BOT_APP_ID }}"
private_key: "${{ secrets.BOT_APP_PRIVATE_KEY }}"
- name: Install Flux
uses: fluxcd/flux2/action@main
- name: Flux Update
id: update
run: |
UGLY_VERSION="$(flux -v)"
VERSION="v${UGLY_VERSION#*flux version }"
flux install --version="${VERSION}" \
--network-policy=false \
--export > ./cluster/base/flux-system/gotk-components.yaml
echo "::set-output name=flux_version::$VERSION"
- name: Create pull request
uses: peter-evans/create-pull-request@v4
with:
token: "${{ steps.generate-token.outputs.token }}"
branch: "github-action/flux-update-${{ steps.update.outputs.flux_version }}"
delete-branch: true
title: "chore(github-action): update flux components to ${{ steps.update.outputs.flux_version }}"
signoff: true
commit-message: "chore(github-action): update flux components to ${{ steps.update.outputs.flux_version }}"
body: |
Release notes: https://github.com/fluxcd/flux2/releases/tag/${{ steps.update.outputs.flux_version }}
labels: |
renovate/github-action

5887
cluster/base/flux-system/gotk-components.yaml
View File

File diff suppressed because it is too large Load Diff

5
cluster/base/flux-system/kustomization.yaml
View File

@@ -1,5 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- gotk-components.yaml
- gotk-sync.yaml

17
cluster/charts/benji-charts.yaml
View File

@@ -1,17 +0,0 @@
---
apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: GitRepository
metadata:
name: benji-charts
namespace: flux-system
spec:
interval: 1h
url: https://github.com/elemental-lf/benji
timeout: 3m
ref:
branch: master
ignore: |
# exclude all
/*
# include charts directory
!/charts/

9
cluster/charts/bjw-s-charts.yaml Normal file
View File

@@ -0,0 +1,9 @@
---
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
name: bjw-s-charts
namespace: flux-system
spec:
interval: 1h
url: https://bjw-s.github.io/helm-charts/

2
cluster/charts/kustomization.yaml
View File

@@ -4,8 +4,8 @@ kind: Kustomization
resources: resources:
- authelia-charts.yaml - authelia-charts.yaml
- authentik-charts.yaml - authentik-charts.yaml
- benji-charts.yaml
- bitnami-charts.yaml - bitnami-charts.yaml
- bjw-s-charts.yaml
- cert-manager-webhook-ovh.yaml - cert-manager-webhook-ovh.yaml
- emxq-charts.yaml - emxq-charts.yaml
- external-dns-charts.yaml - external-dns-charts.yaml

0
cluster/configuration/secrets/cluster-secrets.sops.yaml → cluster/configuration/cluster-secrets.sops.yaml
View File

0
cluster/configuration/settings/cluster-settings.yaml → cluster/configuration/cluster-settings.yaml
View File

4
cluster/configuration/kustomization.yaml
View File

@@ -1,5 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1 apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
resources: resources:
- secrets - cluster-secrets.sops.yaml
- settings - cluster-settings.yaml

4
cluster/configuration/settings/kustomization.yaml
View File

@@ -1,4 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- cluster-settings.yaml

0
cluster/base/apps.yaml → cluster/flux/apps.yaml
View File

0
cluster/base/charts.yaml → cluster/flux/charts.yaml
View File

0
cluster/base/configuration.yaml → cluster/flux/configuration.yaml
View File

0
cluster/base/core.yaml → cluster/flux/core.yaml
View File

0
cluster/base/crds.yaml → cluster/flux/crds.yaml
View File

19
cluster/base/flux-system/gotk-sync.yaml → cluster/flux/flux-system/flux-cluster.yaml
View File

@@ -1,27 +1,28 @@
# This manifest was generated by flux. DO NOT EDIT.
--- ---
apiVersion: source.toolkit.fluxcd.io/v1beta2 apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: GitRepository kind: GitRepository
metadata: metadata:
name: flux-system name: flux-cluster
namespace: flux-system namespace: flux-system
spec: spec:
interval: 1m0s interval: 10m
# https://github.com/k8s-at-home/template-cluster-k3s/issues/324
url: ssh://git@github.com/auricom/home-ops
ref: ref:
branch: main branch: main
secretRef: secretRef:
name: flux-system name: github-deploy-key
url: ssh://git@github.com/auricom/home-ops
--- ---
apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
kind: Kustomization kind: Kustomization
metadata: metadata:
name: flux-system name: flux-cluster
namespace: flux-system namespace: flux-system
spec: spec:
interval: 10m0s interval: 10m
path: ./cluster/base path: ./cluster/flux
prune: true prune: true
wait: false
sourceRef: sourceRef:
kind: GitRepository kind: GitRepository
name: flux-system name: flux-cluster

55
cluster/flux/flux-system/flux-installation.yaml Normal file
View File

@@ -0,0 +1,55 @@
---
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: GitRepository
metadata:
name: flux-installation
namespace: flux-system
spec:
interval: 10m
ref:
# renovate: datasource=github-releases depName=fluxcd/flux2
tag: "v0.34.0"
url: https://github.com/fluxcd/flux2
ignore: |
# exclude all
/*
# path to manifests
!/manifests
---
apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
kind: Kustomization
metadata:
name: flux-installation
namespace: flux-system
spec:
interval: 10m
path: ./manifests/install
prune: true
wait: true
sourceRef:
kind: GitRepository
name: flux-installation
images:
- name: fluxcd/helm-controller
newName: ghcr.io/fluxcd/helm-controller
- name: fluxcd/image-automation-controller
newName: ghcr.io/fluxcd/image-automation-controller
- name: fluxcd/image-reflector-controller
newName: ghcr.io/fluxcd/image-reflector-controller
- name: fluxcd/kustomize-controller
newName: ghcr.io/fluxcd/kustomize-controller
- name: fluxcd/notification-controller
newName: ghcr.io/fluxcd/notification-controller
- name: fluxcd/source-controller
newName: ghcr.io/fluxcd/source-controller
patches:
- target:
group: networking.k8s.io
version: v1
kind: NetworkPolicy
patch: |-
$patch: delete
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: not-used

31
cluster/flux/flux-system/github-deploy-key.sops.yaml Normal file
View File

@@ -0,0 +1,31 @@
# yamllint disable
# https://github.com/k8s-at-home/template-cluster-k3s/issues/324
apiVersion: v1
kind: Secret
metadata:
name: github-deploy-key
namespace: flux-system
stringData:
identity: ENC[AES256_GCM,data:9W1QtXKVHOZtK/flmsoU5+h1BTmG46s+JY98Qk9Qxt/WccZIeqtiwHozp2popqJSwOqMTzbMJuFiELOrzxY8mc7vntTuLhsguRNPPHfsXPS+ScIio32jP/cxKUl2f6myphnSWwvSmRcH1L/ixzHI5UQC1Jh6GHU/I78esqNcaucjBHqSuu118dYd0eiGfK3eLyyuUFAXP/f5UzetPsP/Mq6V2ha3svop9ZGVdVo/VjWqR2JJ/BBYzL3GLqFB6hnifLZxQ+cKun2KQKbhvhcFXkPll3ZAvgpIYm62fwfqVws98Lsn6uuByWKdEuPMgl9WtU4lfJeWso9G+sWGyinfFRzodOHk8exSsAT0g68x2IAGY7ZjQTgF5RDmii40OQBLC/I0VIjgb3C7/O3CbnU+IBr7,iv:Z9C1WbJLa5dULnXvT1Z7C5xNbI3wCNsYZtp+mJYBJF8=,tag:/JpI9PsIIV1SbZPhhYzkZg==,type:str]
identidy.pub: ENC[AES256_GCM,data:oXByCEAnnEmC2ZZiXjPJqkyh3h6Dqk4SyYchIlsoLr5Y9KKKvGLwZ7yGNIhpSbU7PUYdp8NIO0LMeYrK5xfUEmFKBdZl3uZ6fWQ5IFNW32v/0lwg2ZJqUIdywPLvmbPTUg8+nkcLVMMJVgN8edjWsVz69OdkpIWdbaGf/+j75cIO2QbXIUUNXC0bEzOF46zSTD3UOeQpd86AxO1W4NuRH355bPmw0RytQB7bNG8svKu8/1Ymh4CIZAizDwOqihdu6W71LfiTsNsoENMSiw==,iv:eRNPkhiaoqd+Wit+C1NPxBMM0swqbC2MlRnSsXXx0oA=,tag:zjuKq38HE3Ma134dMhj8iQ==,type:str]
known_hosts: ENC[AES256_GCM,data:Lcmee02u0o3QQc+/kvdwUUaSMY6Hz0gAsfagIVbAh2BC/kMHESQDgVBq98SDW68myww5GTzRXsgtxVapXc6KpOmpBF0Fh39tEpe1Q1lvzRdNKSCJ6ffuA/kupM3QUstLr4jpXzQ3mw06vM0xrei7lmyycBzF+HL3P6byE9GtFkS88bQCj4w6phUa6ve3L7ImmqL4u/F+5note0HW4STS4nChWjGielx2vdEvEQ==,iv:grJD1VvcxXLNzZxf6jROx1mGDl/ViHhT6Ht56dQ1lYY=,tag:zQdj6V6p7VS9G3qVIj6eBg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1hhurqwmfvl9m3vh3hk8urulfzcdsrep2ax2neazqt435yhpamu3qj20asg
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGUkcxTmRBUGhLbHFiMmlC
RTIzK09EOFByYWladXFZUm4wZHlocmVieEhJCnI2emlSN1hjRGRQdXNueWZiWHpO
RHMzSE12S2lHeVF3bkJRQVBZMW5nM3cKLS0tIHhieFpPalp1YXZoQWd4MHlnRkQ3
Vm9McjJVUnVrODBzTzVsOEZPODR2c1kKWRxQqDWq+2YsNBLXYB8frfs7YWIo4FaZ
tZ7eUewEEhP/sWB5zc96NoVJMQSoE+Obn0A+FBLCQFaA7AY2G9hi1w==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2022-09-12T20:34:27Z"
mac: ENC[AES256_GCM,data:ypR+H3I5o5cVJL4ZJwwfffHm3LuEGC6vOYM3FRwCeP+U7giVCcXNv1qHGSHhuCVynHfZUPXuJTx1gliRk4UvkP877E+nlzJAlRN10uhXS4DNWvs86EIM1cDLVzBmsjWY+q3RhZ1FC5ceVNSLdtihKLeKQz7ICyFuXhBCbuTZko0=,iv:u/EuOR3jRwPdqnMWBAdeY/WF5XrNiuUpPYkkzSqh268=,tag:ShtGtcZaEKiWVkEsqorTiQ==,type:str]
pgp: []
encrypted_regex: ^(data|stringData)$
version: 3.7.3

3
cluster/configuration/secrets/kustomization.yaml → cluster/flux/flux-system/kustomization.yaml
View File

@@ -1,4 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1 apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
resources: resources:
- cluster-secrets.sops.yaml - flux-installation.yaml
- flux-cluster.yaml