From 3b095fe75a4c735482169711ebe86be129b96fdb Mon Sep 17 00:00:00 2001 From: Peter Kurfer Date: Thu, 21 Dec 2023 22:10:01 +0100 Subject: [PATCH] chore: replace control plane setup --- infrastructure/configs/core-user.yaml.tmpl | 2 +- .../configs/cp/cp-config.yaml | 0 infrastructure/configs/cp/k3s-flatcar.yaml | 69 ++++ infrastructure/configs/cp/litestream.yml | 12 + .../configs/cp}/traefik.yaml | 0 .../configs/{ => workers}/k3s-flatcar.yaml | 3 +- infrastructure/dns.tf | 6 +- infrastructure/k8s_cluster.tf | 49 --- infrastructure/k8s_control_plane.tf | 104 ++++++ infrastructure/k8s_flatcar_machines.tf | 24 +- infrastructure/k8s_network.tf | 16 + infrastructure/tf.sh | 12 + infrastructure/vars.tf | 46 ++- infrastructure/versions.tf | 16 +- infrastructure/vms.auto.tfvars | 39 ++- k8s/inventory/group_vars/all.yml | 312 +++++++++--------- k8s/roles/coder/tasks/main.yml | 39 --- k8s/roles/coder/templates/values.coder.yml.j2 | 63 ---- k8s/roles/fider/files/kustomization.yaml | 8 +- .../k3s/control-plane/defaults/main.yaml | 2 - k8s/roles/k3s/control-plane/tasks/main.yml | 94 ------ .../control-plane/templates/k3s.service.j2 | 24 -- k8s/roles/minio-config/tasks/main.yaml | 10 - k8s/roles/postgres-config/tasks/main.yaml | 37 --- 24 files changed, 470 insertions(+), 517 deletions(-) rename k8s/roles/k3s/control-plane/templates/cp-config.yaml.j2 => infrastructure/configs/cp/cp-config.yaml (100%) create mode 100644 infrastructure/configs/cp/k3s-flatcar.yaml create mode 100644 infrastructure/configs/cp/litestream.yml rename {k8s/roles/k3s/control-plane/files => infrastructure/configs/cp}/traefik.yaml (100%) rename infrastructure/configs/{ => workers}/k3s-flatcar.yaml (93%) delete mode 100644 infrastructure/k8s_cluster.tf create mode 100644 infrastructure/k8s_control_plane.tf create mode 100644 infrastructure/k8s_network.tf create mode 100755 infrastructure/tf.sh delete mode 100644 k8s/roles/coder/tasks/main.yml delete mode 100644 k8s/roles/coder/templates/values.coder.yml.j2 delete mode 100644 k8s/roles/k3s/control-plane/defaults/main.yaml delete mode 100644 k8s/roles/k3s/control-plane/tasks/main.yml delete mode 100644 k8s/roles/k3s/control-plane/templates/k3s.service.j2 delete mode 100644 k8s/roles/minio-config/tasks/main.yaml delete mode 100644 k8s/roles/postgres-config/tasks/main.yaml diff --git a/infrastructure/configs/core-user.yaml.tmpl b/infrastructure/configs/core-user.yaml.tmpl index ee5e0f0..9d40935 100644 --- a/infrastructure/configs/core-user.yaml.tmpl +++ b/infrastructure/configs/core-user.yaml.tmpl @@ -1,5 +1,5 @@ variant: flatcar -version: 1.0.0 +version: 1.1.0 passwd: users: diff --git a/k8s/roles/k3s/control-plane/templates/cp-config.yaml.j2 b/infrastructure/configs/cp/cp-config.yaml similarity index 100% rename from k8s/roles/k3s/control-plane/templates/cp-config.yaml.j2 rename to infrastructure/configs/cp/cp-config.yaml diff --git a/infrastructure/configs/cp/k3s-flatcar.yaml b/infrastructure/configs/cp/k3s-flatcar.yaml new file mode 100644 index 0000000..5539db4 --- /dev/null +++ b/infrastructure/configs/cp/k3s-flatcar.yaml @@ -0,0 +1,69 @@ +variant: flatcar +version: 1.1.0 + +systemd: + units: + - name: litestream.service + enabled: true + contents: | + [Unit] + Description=Litestream + + [Service] + Restart=always + TimeoutSec=1800 + TimeoutStartSec=180 + ExecStartPre=/bin/bash -c "mkdir -p /opt/litestream && curl -L https://github.com/benbjohnson/litestream/releases/download/${litestream_version}/litestream-${litestream_version}-linux-arm64.tar.gz | tar -xvz -C /opt/litestream/" + ExecStartPre=/opt/litestream/litestream restore -replica s3 -if-db-not-exists -if-replica-exists /var/lib/rancher/k3s/server/db/state.db + ExecStart=/opt/litestream/litestream replicate + + [Install] + WantedBy=multi-user.target + - name: k3s-install.service + enabled: true + contents: | + [Unit] + Description=Run K3s script + Wants = network-online.target + After = network.target network-online.target litestream.service + ConditionPathExists=/opt/k3s-install.sh + ConditionPathExists=!/opt/k3s/bin/k3s + + [Service] + Type=forking + Restart=always + TimeoutSec=1800 + TimeoutStartSec=120 + ExecStartPre=-/sbin/modprobe br_netfilter + ExecStartPre=-/sbin/modprobe overlay + ExecStartPre=mkdir -p /opt/k3s + LimitNOFILE=1048576 + LimitNPROC=infinity + LimitCORE=infinity + TasksMax=infinity + TimeoutStartSec=180 + RemainAfterExit=yes + KillMode=process + Environment="K3S_TOKEN=${k3s_token}" + Environment="INSTALL_K3S_VERSION=${k3s_version}" + Environment="INSTALL_K3S_BIN_DIR=/opt/k3s" + Environment="INSTALL_K3S_EXEC=server --data-dir /var/lib/rancher/k3s --advertise-address 172.23.2.10 --node-ip ${node_ip} --node-taint=node-type=k3s-controlplane:NoSchedule %{for san in k3s_sans }--tls-san='${san}' %{endfor} --disable-cloud-controller --disable servicelb --kubelet-arg=cloud-provider=external" + ExecStart=/usr/bin/sh -c "/opt/k3s-install.sh" + + [Install] + WantedBy=multi-user.target + +storage: + files: + - path: /etc/hostname + mode: 0644 + contents: + inline: ${host} + - path: /opt/k3s-install.sh + mode: 0777 + contents: + source: https://get.k3s.io + - path: /etc/litestream.yml + mode: 0644 + contents: + source: data:;base64,${litestream_config} \ No newline at end of file diff --git a/infrastructure/configs/cp/litestream.yml b/infrastructure/configs/cp/litestream.yml new file mode 100644 index 0000000..19e5e4b --- /dev/null +++ b/infrastructure/configs/cp/litestream.yml @@ -0,0 +1,12 @@ +access-key-id: ${accessKey} +secret-access-key: ${secretKey} + +dbs: + - path: /var/lib/rancher/k3s/server/db/state.db + replicas: + - type: s3 + endpoint: ${endpoint} + bucket: k3s + region: us-east-1 + retention: 72h + snapshot-interval: 1h \ No newline at end of file diff --git a/k8s/roles/k3s/control-plane/files/traefik.yaml b/infrastructure/configs/cp/traefik.yaml similarity index 100% rename from k8s/roles/k3s/control-plane/files/traefik.yaml rename to infrastructure/configs/cp/traefik.yaml diff --git a/infrastructure/configs/k3s-flatcar.yaml b/infrastructure/configs/workers/k3s-flatcar.yaml similarity index 93% rename from infrastructure/configs/k3s-flatcar.yaml rename to infrastructure/configs/workers/k3s-flatcar.yaml index bb38fc5..e3970fc 100644 --- a/infrastructure/configs/k3s-flatcar.yaml +++ b/infrastructure/configs/workers/k3s-flatcar.yaml @@ -1,5 +1,5 @@ variant: flatcar -version: 1.0.0 +version: 1.1.0 systemd: units: @@ -19,6 +19,7 @@ systemd: KillMode=process Environment="K3S_URL=https://172.23.2.10:6443" Environment="K3S_TOKEN=${k3s_token}" + Environment="INSTALL_K3S_VERSION=${k3s_version}" Environment="INSTALL_K3S_EXEC=agent --node-ip=${node_ip} --kubelet-arg --cloud-provider=external" ExecStart=/usr/bin/sh -c "/opt/k3s-install.sh" [Install] diff --git a/infrastructure/dns.tf b/infrastructure/dns.tf index fd13dc3..331387d 100644 --- a/infrastructure/dns.tf +++ b/infrastructure/dns.tf @@ -71,7 +71,7 @@ resource "hetznerdns_record" "wildcard_ipv4" { name = "*" type = "A" value = "65.109.42.5" - ttl = 300 + ttl = 300 } resource "hetznerdns_record" "wildcard_ipv6" { @@ -79,7 +79,7 @@ resource "hetznerdns_record" "wildcard_ipv6" { name = "*" type = "AAAA" value = "2a01:4f9:c01d:4f1::1" - ttl = 300 + ttl = 300 } resource "hetznerdns_record" "k8s" { @@ -87,5 +87,5 @@ resource "hetznerdns_record" "k8s" { name = "k8s" type = "AAAA" value = "2a01:4f9:c012:7d4b::1" - ttl = 60 + ttl = 60 } \ No newline at end of file diff --git a/infrastructure/k8s_cluster.tf b/infrastructure/k8s_cluster.tf deleted file mode 100644 index 5a57cb8..0000000 --- a/infrastructure/k8s_cluster.tf +++ /dev/null @@ -1,49 +0,0 @@ -resource "hcloud_network" "k8s_net" { - name = "k8s-net" - ip_range = "172.16.0.0/12" -} - -resource "hcloud_network_subnet" "k8s_internal" { - network_id = hcloud_network.k8s_net.id - type = "cloud" - network_zone = "eu-central" - ip_range = "172.23.2.0/23" -} - -resource "hcloud_ssh_key" "default" { - name = "Default Management" - public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKfHZaI0F5GjAcrM8hjWqwMfULDkAZ2TOIBTQtRocg1F id_ed25519" -} - -resource "hcloud_server" "nodes" { - for_each = var.vms - - name = each.key - server_type = each.value.server_type - datacenter = "hel1-dc2" - image = "ubuntu-22.04" - - backups = each.value.backups - - ssh_keys = [ - hcloud_ssh_key.default.id - ] - - labels = { - "node_type" = each.value.node_type - "cluster" = "icb4dc0.de" - } - - public_net { - ipv4_enabled = true - ipv6_enabled = true - } -} - -resource "hcloud_server_network" "k8s_internal" { - for_each = var.vms - - server_id = hcloud_server.nodes[each.key].id - network_id = hcloud_network.k8s_net.id - ip = each.value.private_ip -} diff --git a/infrastructure/k8s_control_plane.tf b/infrastructure/k8s_control_plane.tf new file mode 100644 index 0000000..5c55de2 --- /dev/null +++ b/infrastructure/k8s_control_plane.tf @@ -0,0 +1,104 @@ +resource "hcloud_server" "control-plane" { + for_each = var.k3s_control_plane + name = each.key + server_type = each.value.server_type + location = each.value.location + image = "ubuntu-22.04" + + backups = false + + ssh_keys = [ + hcloud_ssh_key.provisioning_key.id, + hcloud_ssh_key.default.id + ] + + labels = { + "node_type" = "control-plane" + "cluster" = "icb4dc0.de" + } + + network { + network_id = hcloud_network.k8s_net.id + ip = each.value.private_ip + alias_ips = each.value.alias_ips + } + + public_net { + ipv4_enabled = true + ipv6_enabled = false + } + + # boot into rescue OS + rescue = "linux64" + + connection { + host = self.ipv4_address + private_key = tls_private_key.provisioning.private_key_pem + timeout = "2m" + } + + provisioner "file" { + content = data.ct_config.machine-ignitions-cp[each.key].rendered + destination = "/root/ignition.json" + } + + provisioner "remote-exec" { + inline = [ + "set -ex", + "apt-get install -y gawk", + "curl -fsSLO --retry-delay 1 --retry 60 --retry-connrefused --retry-max-time 60 --connect-timeout 20 https://raw.githubusercontent.com/flatcar/init/flatcar-master/bin/flatcar-install", + "chmod +x flatcar-install", + "curl -L https://github.com/benbjohnson/litestream/releases/download/${var.litestream_version}/litestream-${var.litestream_version}-linux-arm64.tar.gz | tar -xvz -C /root", + "./flatcar-install -s -i /root/ignition.json -C ${var.release_channel}", + "reboot", + ] + on_failure = continue + } + + provisioner "remote-exec" { + connection { + host = self.ipv4_address + private_key = tls_private_key.provisioning.private_key_pem + timeout = "3m" + user = "core" + } + + inline = [ + "sudo hostnamectl set-hostname ${self.name}", + ] + } +} + +data "ct_config" "machine-ignitions-cp" { + for_each = var.k3s_control_plane + strict = true + content = templatefile( + "${path.module}/configs/cp/k3s-flatcar.yaml", + { + "host" = "${each.key}" + "k3s_token" = "${var.k3s_token}" + "litestream_version" = "${var.litestream_version}", + "litestream_config" = base64encode( + templatefile( + "${path.module}/configs/cp/litestream.yml", + { + "accessKey" = var.litestream_access_key, + "secretKey" = var.litestream_secret_key, + "endpoint" = var.litestream_endpoint + } + ) + ) + "node_ip" = "${each.value.private_ip}" + "k3s_version" = "${var.control_plane_k3s_version}", + "k3s_sans" = var.k3s_sans, + } + ) + snippets = [ + templatefile( + "${path.module}/configs/core-user.yaml.tmpl", + { + ssh_keys = jsonencode(concat(var.ssh_keys, [tls_private_key.provisioning.public_key_openssh])) + } + ) + ] +} diff --git a/infrastructure/k8s_flatcar_machines.tf b/infrastructure/k8s_flatcar_machines.tf index ff9f694..f3e97aa 100644 --- a/infrastructure/k8s_flatcar_machines.tf +++ b/infrastructure/k8s_flatcar_machines.tf @@ -23,13 +23,13 @@ resource "local_file" "provisioning_key_pub" { } resource "hcloud_server" "machine" { - for_each = var.k3os_workers + for_each = var.k3s_workers name = each.key server_type = each.value.server_type location = each.value.location image = "ubuntu-22.04" - backups = each.value.backups + backups = false ssh_keys = [ hcloud_ssh_key.provisioning_key.id, @@ -37,7 +37,7 @@ resource "hcloud_server" "machine" { ] labels = { - "node_type" = each.value.node_type + "node_type" = "worker" "cluster" = "icb4dc0.de" } @@ -60,6 +60,11 @@ resource "hcloud_server" "machine" { timeout = "2m" } + provisioner "file" { + source = "${path.module}/configs/cp/traefik.yaml" + destination = "/root/traefik.yaml" + } + provisioner "file" { content = data.ct_config.machine-ignitions[each.key].rendered destination = "/root/ignition.json" @@ -92,15 +97,16 @@ resource "hcloud_server" "machine" { } data "ct_config" "machine-ignitions" { - for_each = var.k3os_workers + for_each = var.k3s_workers strict = true content = templatefile( - "${path.module}/configs/k3s-flatcar.yaml", + "${path.module}/configs/workers/k3s-flatcar.yaml", { - "host" = "${each.key}" - "k3s_token" = "${var.k3s_token}" - "datacenter" = "hel1-dc2" - "node_ip" = "${each.value.private_ip}" + "host" = "${each.key}" + "k3s_token" = "${var.k3s_token}" + "datacenter" = "hel1-dc2" + "node_ip" = "${each.value.private_ip}" + "k3s_version" = "${var.worker_k3s_version}" } ) snippets = [ diff --git a/infrastructure/k8s_network.tf b/infrastructure/k8s_network.tf new file mode 100644 index 0000000..90a47e4 --- /dev/null +++ b/infrastructure/k8s_network.tf @@ -0,0 +1,16 @@ +resource "hcloud_network" "k8s_net" { + name = "k8s-net" + ip_range = "172.16.0.0/12" +} + +resource "hcloud_network_subnet" "k8s_internal" { + network_id = hcloud_network.k8s_net.id + type = "cloud" + network_zone = "eu-central" + ip_range = "172.23.2.0/23" +} + +resource "hcloud_ssh_key" "default" { + name = "Default Management" + public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKfHZaI0F5GjAcrM8hjWqwMfULDkAZ2TOIBTQtRocg1F id_ed25519" +} diff --git a/infrastructure/tf.sh b/infrastructure/tf.sh new file mode 100755 index 0000000..81dc10d --- /dev/null +++ b/infrastructure/tf.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash + +export AWS_ACCESS_KEY=$(rbw get --raw "CloudFlare TFState" | jq -r ".data.username") +export AWS_SECRET_KEY=$(rbw get --raw "CloudFlare TFState" | jq -r ".data.password") +export HETZNER_DNS_API_TOKEN=$(rbw get --raw "Hetzner DNS" | jq -r '.fields[0].value') +export TF_VAR_hcloud_token="$(rbw get "HCloud API")" +export TF_VAR_k3s_token="$(rbw get "K3s Token")" +export TF_VAR_litestream_access_key="$(rbw get --raw "Litestream" | jq -r ".data.username")" +export TF_VAR_litestream_secret_key="$(rbw get "Litestream")" +export TF_VAR_litestream_endpoint="$(rbw get --raw "Litestream" | jq -r ".fields[0].value")" + +tofu $@ \ No newline at end of file diff --git a/infrastructure/vars.tf b/infrastructure/vars.tf index 07d6961..5255dbe 100644 --- a/infrastructure/vars.tf +++ b/infrastructure/vars.tf @@ -6,6 +6,39 @@ variable "k3s_token" { sensitive = true } +variable "litestream_access_key" { + sensitive = true + type = string +} + +variable "litestream_secret_key" { + sensitive = true + type = string +} + +variable "litestream_endpoint" { + type = string +} + +variable "litestream_version" { + type = string + default = "v0.3.13" +} + +variable "control_plane_k3s_version" { + type = string + default = "v1.28.4+k3s2" +} + +variable "worker_k3s_version" { + type = string + default = "v1.28.4+k3s2" +} + +variable "k3s_sans" { + type = list(string) +} + variable "vms" { type = map(object({ node_type = string @@ -15,11 +48,18 @@ variable "vms" { })) } -variable "k3os_workers" { +variable "k3s_control_plane" { + type = map(object({ + server_type = string + private_ip = string + location = string + alias_ips = set(string) + })) +} + +variable "k3s_workers" { type = map(object({ - node_type = string server_type = string - backups = bool private_ip = string location = string })) diff --git a/infrastructure/versions.tf b/infrastructure/versions.tf index 710c62d..41e3140 100644 --- a/infrastructure/versions.tf +++ b/infrastructure/versions.tf @@ -3,15 +3,15 @@ terraform { required_version = ">= 0.14" backend "s3" { - bucket = "tfstate" - key = "terraform.tfstate" - region = "us-east-1" - endpoint = "https://2df513adaee2eeae12106af900bed297.r2.cloudflarestorage.com" - skip_metadata_api_check = true - skip_region_validation = true + bucket = "tfstate" + key = "terraform.tfstate" + region = "us-east-1" + endpoint = "https://2df513adaee2eeae12106af900bed297.r2.cloudflarestorage.com" + skip_metadata_api_check = true + skip_region_validation = true skip_credentials_validation = true use_path_style = true - skip_s3_checksum = true + skip_s3_checksum = true } required_providers { @@ -25,7 +25,7 @@ terraform { } ct = { source = "poseidon/ct" - version = "0.11.0" + version = "0.13.0" } null = { diff --git a/infrastructure/vms.auto.tfvars b/infrastructure/vms.auto.tfvars index d5f130a..1e25eb9 100644 --- a/infrastructure/vms.auto.tfvars +++ b/infrastructure/vms.auto.tfvars @@ -1,25 +1,34 @@ -k3os_workers = { - "worker1-gen5" = { - backups = false - node_type = "worker" +k3s_control_plane = { + "cp1-cax11-hel1-gen2" = { + server_type = "cax11", + private_ip = "172.23.2.11" + location = "hel1" + alias_ips = ["172.23.2.10"] + } +} + +k3s_sans = [ + "127.0.0.1", + "2a01:4f9:c012:7d4b::1", + "k8s.icb4dc0.de" +] + +k3s_workers = { + "w1-cx21-hel1-gen1" = { server_type = "cx21" - private_ip = "172.23.2.23" + private_ip = "172.23.2.20" location = "hel1" } - "w2-cax21-hel1-gen5" = { - backups = false - node_type = "worker" + "w2-cax21-hel1-gen6" = { server_type = "cax21" - private_ip = "172.23.2.24" + private_ip = "172.23.2.21" location = "hel1" } - "w3-cax21-hel1-gen5" = { - backups = false - node_type = "worker" + "w3-cax21-hel1-gen6" = { server_type = "cax21" - private_ip = "172.23.2.25" + private_ip = "172.23.2.22" location = "hel1" } } @@ -29,10 +38,10 @@ vms = { node_type = "control-plane" server_type = "cpx11", backups = true, - private_ip = "172.23.2.10" + private_ip = "172.23.2.15" } } -ssh_keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKfHZaI0F5GjAcrM8hjWqwMfULDkAZ2TOIBTQtRocg1F id_ed25519"] +ssh_keys = ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQoNCLuHgcaDn4JTjCeQKJsIsYU0Jmub5PUMzIIZbUBb+TGMh6mCAY/UbYaq/n4jVnskXopzPGJbx4iPBG5HrNzqYZqMjkk8uIeeT0mdIcNv9bXxuCxCH1iHZF8LlzIZCmQ0w3X6VQ1izcJgvjrAYzbHN3gqCHOXtNkqIUkwaadIWCEjg33OVSlM4yrIDElr6+LHzv84VNh/PhemixCVVEMJ83GjhDtpApMg9WWW3es6rpJn4TlYEMV+aPNU4ZZEWFen/DFBKoX+ulkiJ8CwpY3eJxSzlBijs5ZKH89OOk/MXN1lnREElFqli+jE8EbZKQzi59Zmx8ZOb52qVNot8XZT0Un4EttAIEeE8cETqUC4jK+6RbUrsXtclVbU9i57LWRpl65LYSIJEFmkTxvYdkPXqGbvlW024IjgSo8kds121w95+Rpo6419cSYsQWowS8+aXfEv2Q8SE81QH7ObYfWFXsPBAmmNleQNN3E5HOoaxpWQjv3aTUGuxm4PCzKLdP0LsHmTfGJB7Priaj+9i8xLjDWe7zXDde2Gp9FmdedDr06uEkVSRFnS35Dwfd7M7xP6NsilfMOdWzJWWy/BAYxtnWcrEFxhaEr4vgs8Ub+KBtKhr740x3Mr8up+mythConAs4LOj37lWK4kJ8cI7TXjcSJi9nTIPd39us7tp3Aw== cardno:24_781_961"] release_channel = "stable" diff --git a/k8s/inventory/group_vars/all.yml b/k8s/inventory/group_vars/all.yml index 5caaf2a..119ff09 100644 --- a/k8s/inventory/group_vars/all.yml +++ b/k8s/inventory/group_vars/all.yml @@ -1,157 +1,157 @@ $ANSIBLE_VAULT;1.1;AES256 -38303064643634643931393932353266653032316631303432633136323165376165653136396533 -6436393762353630373231366530366239316337303066360a336132663334336462656533303134 -66643134373439633931366638316365306330303334613033396238333361333434653833393039 -3538396130653538330a616264386230396633346131663032663764353937313162333630333365 -35323064636531363937613563333336636634393763613730386237393633653136616165313034 -65396166373334386236396266616639333866616434666337626433323233363461316666383034 -63373131376239353330316236306464303739386139663439616339363636666137613137336336 -65393462386436376137656363333362393265396537323632646561373030303263613466383534 -35353834646461363661356430646463383663626135663133643633633335383763326438646462 -64393062646264386364343638326562646130313330316162633636356233363661613033303965 -32346565373839663233336338366536333636306333353839633761326638393538343638343436 -38313466393836336137643162663862313732303161356161343234393965393337346161666535 -34336534356463653331643163653032643631343832323838633862353339303632353033343761 -66356465323838313966623832396338316436616162633866386262306134623134393430393737 -66333664333133376638306238393534303230386133346661636435373035323736306230613132 -66633838303939636564346333666636336434303839303565363063666430623866356232646336 -39316636616239646538636537396336363933376136663263633830623235303038613030326337 -37633264376534303061343539653538633137316464386438653639613035613962646431626436 -38656437323963663935353430303462653865353666346362343536623836653733366538323239 -37316330303131333238303263653235303063616230663139396130646432626664636531343934 -30383665316364303661373330373838383565323637636532333961363863316235366264373634 -62313936386334326332313235366461613636376533333262623262636539656336633531643435 -36613435383763303761646263653139633233346661306265333365376135306238663465313331 -64326139306338633664646437363639373564643131616436343163313838346137396462373536 -33376530636130623437623561343239663163346232316664326533316339353165623735343236 -37626136626662633561616233666338353863633330323933373863316462623361633066646632 -63386565626537363932643534633730346564326163383064303735656164636439353039333138 -61656238356462303836633361663938346436666638316233356631646365666636376134396133 -37346366663363306336326532666439353333666137663832363064316331316337613763633863 -33333665316432373965356261613638613261633937383365653936666538346432353838613162 -63376534313135646331626662623037376363323465653963376431633835643238386161383630 -39313436643566326630336639663464316538323262623238666662653364626432353963626333 -30663335613265383138626532653061643933336664346266396263363130386162613637353561 -65643464376536323139613566653633633533666438323838666230383638316266646334326632 -36306130383138656565366638323766656261636564346464616339633465303539343137636465 -35346238326161356634313136323331393539663965353635616439393765643731373238663131 -36383036663166373562376333393236383266653337613766386636303638666362613264336231 -32373164326538613432356136353935623930663965323932653133343836636566353739383766 -65386266383665653835386634653531623161346165383335376165316538316130353432343533 -35306431663135626162636165613464326538633163383563383166353236643038616631653233 -36613330373130376364303662356464343462303039383934316432346539393130336662376364 -32306537656436393438373565373735363530323366336431363165393033326661343732366333 -31333031326633616536636338393932643337376237666533383238343761663538303235633036 -61366433326662623663376331316363643633356335353939336462636335656263313665663333 -36306361353432663639616339616338346663346532356534303165393664636263333861343066 -31636266643861316539353639616163393535393935343763313863656438613733643866323363 -36316337393936623836356332373239663365303863616563343833336337633731303063376431 -66653139353764313631333134383262666331316632623438316537343039396539643130376631 -38623134393339363033623136393538633830363764323661623332356139303035653236623265 -63653366343133303564626231396336666533316534356230363664333231313862393631346432 -37336231656262633763356162656264623363633237643661393337323034613338336239376331 -65663833613564353139666332613062373162333831393636363835373237636464356235323836 -61363532383939653638376464393232303636353836613936623362646661316534313366643337 -37633534333465306330303433353264636534303037616639316464336161393339636462393738 -31336563303134336133313737653933373137393532623238396464636665613166633438623132 -65346161646362653661376639366636653336373364636439316363656530386334333233336530 -36663137643736356264636438363837363561353666333232343639343361646534396166316163 -34373262336332373961326631363065613364316131633838616539333632373835653333616535 -31343034373939353834313532383264343939303931366632386362663065303637356362306564 -36376365393865323036613165303538343938343132663137626635643031653637383961613861 -65303366363236386431373761346261353466613035616331613835333332303235613834346439 -33646634393434323164363631393639616661336233346562646461613231613064646331633932 -35376538663764303137616138353030353664646564356534363139643836613937303838343239 -32623739376332633531363766343862353530313837353535346337623337333238353231303636 -62616134323730623732313633343230613735663766353665636538383761346131313634393036 -61646163343332653339643933326665366536383365376535643265613535396137663962666538 -32626166326462306331313133343736323664646234376239623861643833383839373439343139 -33386536366435653861363738333338316162383365636632343431376131656562616432313163 -39623066386638396662653338656533373135393338623037383037353865626566366131363639 -64393462656135623237623832373063626166633166663337653633396332393364316331326136 -30316563386434333534656163656639663031323265643462626136616435376262346336633534 -64626533623535323061373834326139326634396564343861356366323461313334326165633336 -33323639613765623431363661613065386561373639646333333132313263356535396363333134 -61346237323565383632393031373635656135383162633066653730366562336265653136393934 -30613231643132633936326531303131663139633630323734643166316636626338373136333266 -62623165363536393766626438613934613532323566646634383263663331623461393335666265 -61653063633030633866353630623038653463383131613332626630323835373836656138333335 -63323335393737323134333065633733343631333638373463356531313562383532653137653063 -33363065306662353633666535373961643862613161626664613634303233376664373566336666 -64643862346563666261363938306464383931383035326262316135343662343338393164336233 -63373361303034306134396365323466303139363062383537353862393964316664313238393233 -37313732633732303535316437663865653537613330616466623531656461636530623163393465 -66353233616133343935663061666130643536623634396363383930373761623732323066666264 -38666332353038666665636561323561383037353864316365343635313764653966366531396331 -32306531323763353736333231386663616662663834616263316565393736323239636163323031 -34616437316564666335343735356435306231616331363038393136663733643934356462313566 -37623032363135306633343964343464333434396366303162613135633365343436376363656164 -30646334613266613638326665313930343163303238336362633061366337346338313430663165 -37336536343632356538343536373033363263376630626666643563646331306438653262386530 -61346362653338383865656131363165353634393739323465613865373437633166643861356536 -64333139636233646166376361393937643937383765306362613662383537663765363961353263 -30313637646536373233343033653936613233373635616366343463323837616537396539643036 -33346435636164333362303461323237383937343366356534633435633631616233383539636562 -66356461303735323863633465356133303339333139326133366465353435373962663435383863 -34323931653465306336356132396235623135333061623538616632613834393630393663373638 -32316331343438386564386238323764313033396535663461626163393166386534373061636530 -64633236636139393164613862623338313839623233353963363866363530663032633264356563 -62366636626230383032353930656134363061366262643234343838306566366463333430373630 -32316563616461313764306434633133366361383938616339383161653563313930313165353962 -37326466393438383762656335653763316236633139363562306332373030313639666363346633 -63656531633934633261653331383531653831663331373932613665643430323063376331656438 -33666639646530613735366665666238336263663066373234663332373533313031633565643535 -61653465623462633131393864393964316561643562343966316166373035656436376361336564 -32363339363666616335376630613137333761333239653534376666386438396438333363313530 -61643638353139313931323765313336653263636433633765666535643532636362656539633632 -31393964373434366435613763343737646235313236613361666334656237333438303265313630 -35366233393561303432383834656537373562336633316437316432383031383431653931393763 -66616664363735663261383732333438356237653830326336666666343761653963393533653037 -35643339346566396634356137323661663037373830373438613866376333613838356362303934 -33373361633437326265353035653033656436346539396166626634633530316465656630326134 -37353265363533653938363337643039336464633962663130383032643664663536323664303138 -39323661316636316361393534376338346666636336656234363166356461383732313164393231 -61633936336162663464353631313931373533313861633335383662343131653566343863326432 -33333961323231623239356437393166636463323465613234346434373264323565633162626535 -64643337366439633736623933393761623266363036313763376535643834366633663937376564 -61336238336130323632653138326536656165346237663463336336303363623838633665393330 -65376236303564336434613566613565363366613065356334623734616134373239663430373631 -37333862386364653262336436313639656565356233376239363565396638393761616466653763 -33323238626434316334376264653831346236616332383533333964643832356330363439393433 -34666532396661333439346430656637343033323831663962613838616132663365393465613435 -64656534316164343839633063323431613135633665613630656265366334333262636363346531 -30356331373464663736656661373661356265393064346539313034356334633437313838346338 -61663137353733383333363836343130326662343633336637616134393163663939316663333738 -61316333663862643038663466343733636465383739376363396534373061666430336163376265 -39663066303534343936323032393038396139373733663133336330363436643638643561343465 -62343930653539356664643934613433336462363634616439346338303161656632616435633831 -31343934313636323665303037303862376236333765323436343734303535663565303237656237 -30373431643631623232646265393839653538383636333230663563393531653637303237376465 -36353235623839653630353663306135353131343537656338343631386263653833393234333238 -30353232303433396434393730666662373230343838616264363466393365326239333537363138 -35363163333564373865366265373566363763326466653164313636626337336636623834643335 -36643564323839316435633032376433393938393030643531636265663635366331346137396339 -38663831643237646239353463343662633931613464326132376139303764643930636265656466 -35646530643330356662623238646635316134663962613164323566653231363464313530356263 -64376335636266613333653361353739306131373364316335623764306566366535633530376432 -32356363626633633138623132666638623236353539366531643637383030636239656138386537 -34303431623039316565613036626531666638343835633133393533306334323866623630393462 -65343832663434323338313433376135333439336133636438373938386233386633633337346362 -30303062633735363339323934393730373761333133333166636639623764383330383732343061 -39623735356238333333616362646137376562333432313535323835383263633165323930303461 -32396662643664333566653239306137636430313434393335633161336330386637343261633737 -32323337383834366563626565363639663536346538386466623936396636666339353037646166 -30346238323164663839386364333963313336666435393935613730616433346630613463383938 -65343736343764373465316261383731626631363661613639393162643566646365333061323035 -66623030363961356335663334376530313961366235646431336538336162383632363264643639 -65646531373964323635386134343032313137633239363030633539383639373965656135316334 -62343131643333383131323662366163326137343933323539383063373066363561643665363063 -36653036643930313835343631383631326231653762323433336238396332386133303132373462 -62333366383133326161343537623833323431323732393433333839656464373433396531653262 -64313930656162326637656534323263393336303235653362323632316138663166363864653164 -31383462373033616137623339633031343235623537353130333235613464636333383064376137 -64313365356335636235616333313965366264366134376235333565323132313636643239376639 -64373439636230623537663834653763616133356537313566306261343933386130623566373165 -35663263393034306134633630643463383063643339623533383235646266363234336562303636 -65623238343936353933313465363330333361323262656535653133396538366462306564643265 -32636362633239633162 +65356136623464336332663762636163643365656365346566346435333139363738623565623632 +3665353033663838373062646437326365626133393439640a646333306237373835366263313961 +64663937383538646565636664373164366236316533663134343435653264646562336162663432 +6232376134353139330a663838613034383162333065396561306464666264396432306234636163 +65656264646638666230313565356537303461396438633031663066323063393530626137633736 +33613562353264666338663430646335653034666663633938616462633737666234616661393435 +61653232376362646437353930343439353731333062636239303038613436376531643734326263 +36373463623864303937373434326335303334323236636137353838393463303739363936333739 +36643563663462396635666436366330633964653063393464653665653938613731316538616165 +61313164623038376366343332656262316130373230346266633536363934313032633565616136 +62363635303733643039633961613864303665656362346161636635353765663238636135363133 +34316364383461653039656233333261373637613334363931383065333733653466353462383066 +36386435333434633061666334366565653737313133613566643537656366376638316230363164 +38306261383264366437613333346465653438393637393735303763343536633838393764626137 +64656633646531623634346437616664313266323733376637636336326532323364363531396236 +38373262363364663733643039663663356639313934656233616639396235373435663737656536 +63383037386637663239616531363862663630336165323539336231636232303066393761346538 +31366535356465326463323537393263386536376235313137656437666662626137346366326231 +64646338303062316363343661393434633130376639626631343833623761663837366636316332 +38646463373561306661333665303662616564633333633339373830653532303131343337346434 +61633037386665383862333436386335613164303236373066653963353863653239366337376362 +33646562376561383265643766373466646639326231623261623634326439633133386234306338 +34656262373532663331333764666166623932373166353634323437353433313733343262663333 +30313237396331333734363132353538643734336539633334393061656366306664386532363930 +36343965383635613933376336626162646334363966323737396539356634356635313235666666 +33633363336234613962383962336331323934383337396238653062643533363432376533336533 +36613932663633353239383636653936306539393333343431653733663334373261396532343165 +34653736383732666130626435653332303938366432613234616265316564396437373634356464 +65396466663137666334646265333238336639396233313863653938336431653561643034343338 +66326462346135646230613230396565353061326137306562313832383361613332393165386236 +61396534666632613261356536636331326464323638363632306533303066663339306333373138 +35666563636666383763346638326264343331646134396337306561643535383238353532396137 +31623962393666386266663263643236356666343130333833646231393762646639653138356130 +31643339386231306533346637396138633534663431623932363164323638323130643930396532 +65633536396236633564303631313035653666666634636361633135613862356432666436633565 +61633930643664633630363164396537326536633764633338653231376535623065313634353539 +35343532363532356137383139366264323130623334373530383436616537353930643866373636 +33366137396433323433353630356532386231393133663635303063383033656633333733623235 +38386636653461323730326239313432643734303335653030303632393032383863363462373138 +64316137396262393164303733303831306132643030393338626130333462636337336236656638 +33336464613038326134303234316362643361323063316664346366333561626565396561356132 +65363431373565313231653664303039663539306232393865353864323664323636353938623936 +63336532363033313765636430313138383734333462633466373761396536356536333965333434 +37313431376137643766353865333535363832653830376538663738643861336463306332306363 +33366439633730373737383664623332643137373334333335343965316436386466643238366565 +30363861346333363137646462323964623131346130316465303038616535643165303462336336 +66306132343963623737633837626162626630363837653761346335626432636631393339303731 +32326235383961623438646264656235336361313764653861396333623630303964343131643038 +30313036643131363965313365636638383966316566316635333866353539653330306132346661 +65623832326135663365386134356230633834326137353838626164323831303830643633313934 +33623333356437383534336536303338346233346365336632363762386335663961663435373334 +32373532636436653361353061396365313761313666623835363861633363353261643561346532 +66336430356462356237663031373864396663396130636264636666386363643862343233306535 +62343532386330323364336461623661623761306236366135393634346535303132376462356666 +64613535313639313632666266666263356539313839353632313836333862643730333431346164 +31666136636464366161383161653338663861653835623831626266373432663461616561643738 +34626639666330383766356332346231396132326132623937343134353230333833383164383632 +37353737333037303032623366656565643833303866613133636561363836323163323138643766 +38313237623262653062306137343539313237396561353837353530316361363731306465343435 +63633966366265633865643665663765616236376366313165336330653132373466333638656334 +62366430383430313665393061623562373733373365363264396631643837623433316634343236 +66363334636232666230366336346334623637323333346639383933663664393263353837346432 +35666630366461383739363737323537636361383532393433363134363662343666356332613661 +37666538653834373133343737366435386338353932393861646638623561323134363264343230 +35386265343061306334383736613739623038646434633130356462336534393634383439323735 +64356332636563656435333465303834336166666630343066663164656532656666653162626531 +38353064323034636563353062613736613663383433303837353433376562316430633961303565 +31663335313839633265363766613964613236356539613464366666613166656139303034303438 +65633830303135323163353064623633663964313539653461643437336438373035646135383830 +35316134353636333431366638393134666336383433373539366564653533336666326663343864 +30633032373736663663616438333564316661633261376131313833633365383234636562633239 +66626661373438643236613566356130646334616234626434336235343930346361316530653861 +39643630633364313530653634616462343736363031626436643931353764303633323662383334 +66613264623239353166336534633135643436653965323534363034306536643438386366386239 +38626265666535643166303139373964393633666564656135653031626337383931376335626635 +34363363613136393139653732663735616332653563353634366634303662656338323562656536 +31366336346536663934373133346239396162363130343532616539376465623638396432313664 +65323563306539373162343663613462373133333039643434366666383666653366626564396532 +38613830653330316461336430393465393732646566646637653961323231356439616463373132 +39346162653838353636323238336662663237333164383338333534383730353665383566393134 +64323638326461383931636132396262306563643834333136643031666236643239663766353063 +38343966613632343862343538636564663031383865383835636563333066396535383261633065 +30343764336338356566646333636538643534613563616136333539663061303333373533653331 +35653162386132643439373261396539363361353635653164613464613232323362656136653930 +36646437313861613235643766386137386536333131326338656233396633623136316638663338 +36393238626261313766346133313530653862653033366166623032393736316565663461643230 +37323232333761343732303864373138306435623334396262623566346263386334313139393936 +61303637633637383039653033656230343161366530643631343735303637613262653464323438 +34343837613231343238613033356131346266643330383738363838343963343536653339636539 +36613065393661616463656336353739646663323062373839656638306362653637323233653239 +64323862343835633433643561356530623536376436323439373838626162353465356539333435 +33643465646439373531303661613933623631303161363635613836623534346533643835396438 +32396164623639643132343635633134313065326232343562363332303964633639303562653032 +39643939336633376231646537303563363531343762326166653465646533386633323762326336 +37656138653035613830343561626335373335383433323566393034616637323237616265643439 +63633830316539313539666539303066346234363234333533626233663833353463376235313835 +66313031336636666462396339333433326437343362346232653136363839333364356333316531 +35396435626130383837366562363864633362663963353465653161636139313165666234633738 +63386630373335663961623131666230383765396130363333653662643039343336353964383737 +38656666333331666338633066376339303530653666643232363564393262306464616538346131 +30656461613138663031356535306634613566616137376363386635356330666137386261323938 +62343933323931336666343834373136353933633039363065356662626164303365303861336337 +39646464653331656433643433333161663633616264323634356230326466626431326136316536 +35336639626161643466323536356262363961313763353162643662346361346366356531333061 +39306433653962343137343631363364613266656361363733666366353434663861306365323436 +64383866646532316164353633633230616665316333646538633762323139323164306665323534 +30353332633333323065326564366631666539623235653436343833323164393864343531376363 +64643732343233643633616534656562333461613736363361653133666366356365343663663130 +36313732626136646166633230323333353433313464313861623432653762633365613661663936 +63633438326133353262386337353330306133303130343736656365663062663633313362356262 +31623934333239313439646133383438636536356430376261363633336437663364323239393238 +37376634613634393035376433336630636234653461633366373333333061363133623032653263 +33393333646633646666316430303262636237613439373938336162633834313339663939623366 +32653832663735356263613836643063306263393836366637366563646363313638646234313261 +30356337663138393935623065313662646439613435653831306231653535356536396137353134 +38623439636139666530613237346161353737393339656235613836636338353930373739376138 +35663366633463323337656131356231616138316562393565343937366563663933316438643538 +62316130303333633435643265383030323435306665303833633261626463393733383435356135 +30376139656338333035623130343238336332626234363663326334636139326231626264633564 +66643739626163393266633333393061333862383937363432633436396663333966353330376539 +32373738623766643165313761373961313466633939383362663237383332313461356235656638 +31613765616461363964626434643435326664373864653662633631336634333134366439613539 +62303137626537633166653061363466313563333537653835343162383062363263663539393861 +39643832623238363937653864356433646563623239376534353933333661313737376562376435 +35656534623163386438303532373763313831653739306236353632393734393833643635383935 +65633565373331656330363130323064306131666232623330303136643765333938633031613939 +33313662343538626465666165343339306563336161656564363332653635336661336336333563 +33313362306137643538313164346536376434633164343733633830383238386237393565376133 +64333534633534666332663434323937346139656265366130623564353038353338616132613132 +30663638336233613336616666383233663936653039333436616566646438373838616232303636 +32303538393762303138326533646338306263663339666366646466613734663463613762653534 +61356338356334306461353739326236303832396238633835303231356537303463656466333532 +65346161643261343461343837653264356132633934363862383233376435343036323936396132 +34313864396166326533393839633364343964613635643363636638346437366635333238656134 +37373938343166663432353636346631636536623962626234623431613663326331636437393638 +61373637323032316161383037306539636430306332313536656231636263356362386362633839 +32643338633335366637306139613262373965313434616261613663623636626661356531306332 +36626539383262316165656333333763323761626335336335363233346639376339663831383863 +37343237326461343763373938386336366264393231323135336265636438616431343636303361 +37663733616230333530333935386464313539383863363066353436383364396238663463396336 +36633234303762633937333662343163646633313530663365663061316431613133653064346634 +65643265303566646464633638663734323136613738323235343036333937663534323064643364 +37383438343135633435313837333234363038346534393739346139303534356664326132623363 +65643166386331373230373439333132316663636239653032363232333563333334353337386466 +33643939633436653736386235663830383833343031356636346231323637323434663034326533 +34626139613337303337653035323932343737626132343264633364633139376161353061303535 +33373739626462653338343335343463363163626537613838373235613831383132313633633830 +32653365303639393233323166643366363733656534366439666266316139666531376164613065 +63353661386162333133626339333133393964636433653165653266633163393863623562636633 +65306337366362373236393633323038356137316631363533636239323434316133616539396131 +32356133666165316163633365653734313736323563393234396338663535333636383938353938 +32646435663465653364366439386565363933303531643439363961363264653766643239346231 +61303765333232353161343961363431663164646433343263636362346164613130386239313861 +36313234396261363563343139656562626562656161663630643730343938303065363963353563 +37663163616533326265636566376132636434343939653034383963393062383533643566303134 +34373830663834653561 diff --git a/k8s/roles/coder/tasks/main.yml b/k8s/roles/coder/tasks/main.yml deleted file mode 100644 index b0527aa..0000000 --- a/k8s/roles/coder/tasks/main.yml +++ /dev/null @@ -1,39 +0,0 @@ ---- -- name: Create Coder namespace - kubernetes.core.k8s: - name: coder - api_version: v1 - kind: Namespace - state: present - definition: - metadata: - labels: - prometheus: default - -- name: Create Coder secret - kubernetes.core.k8s: - state: present - definition: - apiVersion: v1 - kind: Secret - metadata: - name: coder-secrets - namespace: coder - data: - DB_URL: "{{ coder.db.url | b64encode }}" - OIDC_CLIENT_ID: "{{ coder.auth.clientId | b64encode }}" - OIDC_CLIENT_SECRET: "{{ coder.auth.clientSecret | b64encode }}" - -- name: Add Coder chart repo - kubernetes.core.helm_repository: - name: coderv2 - repo_url: https://helm.coder.com/v2 - -- name: Deploy Coder chart - kubernetes.core.helm: - name: coder - chart_ref: coderv2/coder - release_namespace: coder - chart_version: 2.3.1 - update_repo_cache: true - release_values: "{{ lookup('template', 'values.coder.yml.j2') | from_yaml }}" \ No newline at end of file diff --git a/k8s/roles/coder/templates/values.coder.yml.j2 b/k8s/roles/coder/templates/values.coder.yml.j2 deleted file mode 100644 index 9fca99a..0000000 --- a/k8s/roles/coder/templates/values.coder.yml.j2 +++ /dev/null @@ -1,63 +0,0 @@ ---- -coder: - ingress: - enable: true - host: ide.icb4dc0.de - wildcardHost: "*.ide.icb4dc0.de" - annotations: - gethomepage.dev/description: Remote IDE - gethomepage.dev/enabled: "true" - gethomepage.dev/group: Apps - gethomepage.dev/icon: coder.png - gethomepage.dev/name: Coder - env: - - name: CODER_WILDCARD_ACCESS_URL - value: '*.ide.icb4dc0.de' - - name: CODER_ACCESS_URL - value: "https://ide.icb4dc0.de" - - name: CODER_PG_CONNECTION_URL - valueFrom: - secretKeyRef: - name: coder-secrets - key: DB_URL - - name: CODER_DISABLE_PASSWORD_AUTH - value: "true" - - name: CODER_OIDC_ISSUER_URL - value: "https://code.icb4dc0.de/" - - name: CODER_OIDC_SIGN_IN_TEXT - value: "Sign in with Gitea" - - name: CODER_OIDC_ICON_URL - value: https://gitea.io/images/gitea.png - - name: CODER_OIDC_CLIENT_ID - valueFrom: - secretKeyRef: - name: coder-secrets - key: OIDC_CLIENT_ID - - name: CODER_OIDC_CLIENT_SECRET - valueFrom: - secretKeyRef: - name: coder-secrets - key: OIDC_CLIENT_SECRET - - name: CODER_GITAUTH_0_ID - value: primary-forgejo - - name: CODER_GITAUTH_0_TYPE - value: gitlab - - name: CODER_GITAUTH_0_AUTH_URL - value: https://code.icb4dc0.de/login/oauth/authorize - - name: CODER_GITAUTH_0_TOKEN_URL - value: https://code.icb4dc0.de/login/oauth/access_token - - name: CODER_GITAUTH_0_VALIDATE_URL - value: https://code.icb4dc0.de/login/oauth/userinfo - - name: CODER_GITAUTH_0_CLIENT_ID - valueFrom: - secretKeyRef: - name: coder-secrets - key: OIDC_CLIENT_ID - - name: CODER_GITAUTH_0_CLIENT_SECRET - valueFrom: - secretKeyRef: - name: coder-secrets - key: OIDC_CLIENT_SECRET - - service: - type: ClusterIP \ No newline at end of file diff --git a/k8s/roles/fider/files/kustomization.yaml b/k8s/roles/fider/files/kustomization.yaml index d3feb8b..4ae5dc4 100644 --- a/k8s/roles/fider/files/kustomization.yaml +++ b/k8s/roles/fider/files/kustomization.yaml @@ -3,9 +3,11 @@ kind: Kustomization namespace: fider -commonLabels: - app.kubernetes.io/instance: icb4dc0de-feedback - app.kubernetes.io/managed-by: kustomize +labels: +- includeSelectors: true + pairs: + app.kubernetes.io/instance: icb4dc0de-feedback + app.kubernetes.io/managed-by: kustomize resources: - "resources/deployment.yaml" diff --git a/k8s/roles/k3s/control-plane/defaults/main.yaml b/k8s/roles/k3s/control-plane/defaults/main.yaml deleted file mode 100644 index 5df07c9..0000000 --- a/k8s/roles/k3s/control-plane/defaults/main.yaml +++ /dev/null @@ -1,2 +0,0 @@ ---- -k3s_server_location: /var/lib/rancher/k3s \ No newline at end of file diff --git a/k8s/roles/k3s/control-plane/tasks/main.yml b/k8s/roles/k3s/control-plane/tasks/main.yml deleted file mode 100644 index 7a8e485..0000000 --- a/k8s/roles/k3s/control-plane/tasks/main.yml +++ /dev/null @@ -1,94 +0,0 @@ ---- -- name: Copy K3s service file - register: k3s_service - template: - src: "k3s.service.j2" - dest: "{{ systemd_dir }}/k3s.service" - owner: root - group: root - mode: 0644 - -- name: Copy Traefik customization - ansible.builtin.copy: - src: traefik.yaml - dest: /var/lib/rancher/k3s/server/manifests/traefik-config.yaml - owner: root - group: root - mode: 0644 - -- name: Render control plain config - ansible.builtin.template: - src: cp-config.yaml.j2 - dest: /etc/rancher/k3s/config.yaml - owner: root - group: root - mode: 0644 - -- name: Enable and check K3s service - systemd: - name: k3s - daemon_reload: true - state: restarted - enabled: true - -- name: Wait for node-token - wait_for: - path: "{{ k3s_server_location }}/server/node-token" - -- name: Register node-token file access mode - stat: - path: "{{ k3s_server_location }}/server/node-token" - register: p - -- name: Change file access node-token - file: - path: "{{ k3s_server_location }}/server/node-token" - mode: "g+rx,o+rx" - -- name: Read node-token from control-plane - slurp: - path: "{{ k3s_server_location }}/server/node-token" - register: node_token - -- name: Store control-plane node-token - set_fact: - token: "{{ node_token.content | b64decode | regex_replace('\n', '') }}" - -- name: Restore node-token file access - file: - path: "{{ k3s_server_location }}/server/node-token" - mode: "{{ p.stat.mode }}" - -- name: Create directory .kube - file: - path: ~{{ ansible_user }}/.kube - state: directory - owner: "{{ ansible_user }}" - mode: "u=rwx,g=rx,o=" - -- name: Copy config file to user home directory - copy: - src: /etc/rancher/k3s/k3s.yaml - dest: ~{{ ansible_user }}/.kube/config - remote_src: yes - owner: "{{ ansible_user }}" - mode: "u=rw,g=,o=" - -- name: Replace https://localhost:6443 by https://master-ip:6443 - command: >- - k3s kubectl config set-cluster default - --server=https://{{ master_ip }}:6443 - --kubeconfig ~{{ ansible_user }}/.kube/config - changed_when: true - -- name: Create kubectl symlink - file: - src: /usr/local/bin/k3s - dest: /usr/local/bin/kubectl - state: link - -- name: Create crictl symlink - file: - src: /usr/local/bin/k3s - dest: /usr/local/bin/crictl - state: link diff --git a/k8s/roles/k3s/control-plane/templates/k3s.service.j2 b/k8s/roles/k3s/control-plane/templates/k3s.service.j2 deleted file mode 100644 index 8be9bbb..0000000 --- a/k8s/roles/k3s/control-plane/templates/k3s.service.j2 +++ /dev/null @@ -1,24 +0,0 @@ -[Unit] -Description=Lightweight Kubernetes -Documentation=https://k3s.io -After=network-online.target - -[Service] -Type=notify -ExecStartPre=-/sbin/modprobe br_netfilter -ExecStartPre=-/sbin/modprobe overlay -ExecStart=/usr/local/bin/k3s server --data-dir {{ k3s_server_location }} --advertise-address {{ k8s_ip }} --node-ip {{ k8s_ip }} {{ extra_server_args | default("") }} -KillMode=process -Delegate=yes -# Having non-zero Limit*s causes performance problems due to accounting overhead -# in the kernel. We recommend using cgroups to do container-local accounting. -LimitNOFILE=1048576 -LimitNPROC=infinity -LimitCORE=infinity -TasksMax=infinity -TimeoutStartSec=0 -Restart=always -RestartSec=5s - -[Install] -WantedBy=multi-user.target diff --git a/k8s/roles/minio-config/tasks/main.yaml b/k8s/roles/minio-config/tasks/main.yaml deleted file mode 100644 index 3ac7729..0000000 --- a/k8s/roles/minio-config/tasks/main.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -- name: Manage buckets - amazon.aws.s3_bucket: - name: "{{ item.name }}" - state: '{{ item.state | default("present") }}' - endpoint_url: http://localhost:9000 - access_key: "{{ minio.rootUser }}" - secret_key: "{{ minio.rootPassword }}" - loop: - - name: zipline \ No newline at end of file diff --git a/k8s/roles/postgres-config/tasks/main.yaml b/k8s/roles/postgres-config/tasks/main.yaml deleted file mode 100644 index 05b24e1..0000000 --- a/k8s/roles/postgres-config/tasks/main.yaml +++ /dev/null @@ -1,37 +0,0 @@ ---- -- name: Create users - community.postgresql.postgresql_user: - name: "{{ item.name }}" - password: "{{ item.password }}" - login_host: "127.0.0.1" - login_password: "{{ PostgresPassword }}" - loop: - - name: gitea - password: "{{ gitea.dbPassword }}" - - name: "{{ grafana.db.user }}" - password: "{{ grafana.db.password }}" - - name: "{{ hedgedoc.db.user }}" - password: "{{ hedgedoc.db.password }}" - - name: "{{ nocodb.db.user }}" - password: "{{ nocodb.db.password }}" - - name: "{{ zipline.db.user }}" - password: "{{ zipline.db.password }}" - -- name: Create databases - community.postgresql.postgresql_db: - name: "{{ item.name }}" - owner: "{{ item.owner }}" - encoding: UTF-8 - login_host: "127.0.0.1" - login_password: "{{ PostgresPassword }}" - loop: - - name: gitea - owner: gitea - - name: grafana - owner: "{{ grafana.db.user }}" - - name: hedgedoc - owner: "{{ hedgedoc.db.user }}" - - name: noco - owner: "{{ nocodb.db.user }}" - - name: zipline - owner: "{{ zipline.db.user }}" \ No newline at end of file