diff --git a/apps/gitea/apps_v1_Deployment_gitea-memcached.yaml b/apps/gitea/apps_v1_Deployment_gitea-memcached.yaml index b69e2c8..7f3e048 100644 --- a/apps/gitea/apps_v1_Deployment_gitea-memcached.yaml +++ b/apps/gitea/apps_v1_Deployment_gitea-memcached.yaml @@ -6,7 +6,7 @@ metadata: namespace: vynil-ci labels: app.kubernetes.io/name: memcached - helm.sh/chart: memcached-6.3.14 + helm.sh/chart: memcached-6.3.13 app.kubernetes.io/instance: gitea app.kubernetes.io/managed-by: Helm spec: @@ -22,7 +22,7 @@ spec: metadata: labels: app.kubernetes.io/name: memcached - helm.sh/chart: memcached-6.3.14 + helm.sh/chart: memcached-6.3.13 app.kubernetes.io/instance: gitea app.kubernetes.io/managed-by: Helm annotations: @@ -47,7 +47,7 @@ spec: serviceAccountName: default containers: - name: memcached - image: docker.io/bitnami/memcached:1.6.19-debian-11-r7 + image: docker.io/bitnami/memcached:1.6.19-debian-11-r3 imagePullPolicy: "IfNotPresent" securityContext: runAsNonRoot: true diff --git a/apps/gitea/apps_v1_StatefulSet_gitea.yaml b/apps/gitea/apps_v1_StatefulSet_gitea.yaml index 6d0a21b..85d1522 100644 --- a/apps/gitea/apps_v1_StatefulSet_gitea.yaml +++ b/apps/gitea/apps_v1_StatefulSet_gitea.yaml @@ -5,12 +5,12 @@ metadata: name: gitea annotations: labels: - helm.sh/chart: gitea-8.3.0 + helm.sh/chart: gitea-8.0.3 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea - app.kubernetes.io/version: "1.19.3" - version: "1.19.3" + app.kubernetes.io/version: "1.19.1" + version: "1.19.1" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -22,15 +22,15 @@ spec: template: metadata: annotations: - checksum/config: 27af0e4460a4b6fa0279e60d04c3d82609060dda7af59dd2051139acc1cdb203 + checksum/config: 92a115496ca24d008eee552477c9d92637e4c5dafa30a3f43dbffed1ea616881 checksum/ldap_0: 9356e28431e375c7fc7d624460a9f41c243f14c3f9765c40aa2b13cf46203eaf labels: - helm.sh/chart: gitea-8.3.0 + helm.sh/chart: gitea-8.0.3 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea - app.kubernetes.io/version: "1.19.3" - version: "1.19.3" + app.kubernetes.io/version: "1.19.1" + version: "1.19.1" app.kubernetes.io/managed-by: Helm spec: @@ -38,7 +38,7 @@ spec: fsGroup: 1000 initContainers: - name: init-directories - image: "gitea/gitea:1.19.3" + image: "gitea/gitea:1.19.1" imagePullPolicy: Always command: ["/usr/sbin/init_directory_structure.sh"] env: @@ -70,7 +70,7 @@ spec: cpu: 100m memory: 128Mi - name: init-app-ini - image: "gitea/gitea:1.19.3" + image: "gitea/gitea:1.19.1" imagePullPolicy: Always command: ["/usr/sbin/config_environment.sh"] env: @@ -108,7 +108,7 @@ spec: cpu: 100m memory: 128Mi - name: configure-gitea - image: "gitea/gitea:1.19.3" + image: "gitea/gitea:1.19.1" command: ["/usr/sbin/configure_gitea.sh"] imagePullPolicy: Always securityContext: @@ -163,7 +163,7 @@ spec: terminationGracePeriodSeconds: 60 containers: - name: gitea - image: "gitea/gitea:1.19.3" + image: "gitea/gitea:1.19.1" imagePullPolicy: Always env: # SSH Port values have to be set here as well for openssh configuration diff --git a/apps/gitea/index.rhai b/apps/gitea/index.rhai index 04ad77f..dc1610c 100644 --- a/apps/gitea/index.rhai +++ b/apps/gitea/index.rhai @@ -4,7 +4,7 @@ const SRC=src; const DEST=dest; fn pre_pack() { shell("helm repo add gitea-charts https://dl.gitea.io/charts/"); - shell(`helm template gitea gitea-charts/gitea --namespace=vynil-ci --values values.yml >${global::SRC}/chart.yaml`); + shell(`helm template gitea gitea-charts/gitea --version 8.0.3 --namespace=vynil-ci --values values.yml >${global::SRC}/chart.yaml`); } fn post_pack() { shell(`rm -f ${global::DEST}/v1_Pod_gitea-test-connection.yaml`); diff --git a/apps/gitea/index.yaml b/apps/gitea/index.yaml index 7029348..a504a97 100644 --- a/apps/gitea/index.yaml +++ b/apps/gitea/index.yaml @@ -9,98 +9,30 @@ metadata: A painless self-hosted Git service. Gitea is a community managed lightweight code hosting solution written in Go. It is published under the MIT license. options: - images: + postgres: default: - gitea: - pullPolicy: IfNotPresent - registry: docker.io - repository: gitea/gitea - tag: 1.19.3 - memcached: - registry: docker.io - repository: bitnami/memcached - tag: 1.6.19-debian-11-r7 + replicas: 1 + storage: 10Gi + version: '14' examples: - - gitea: - pullPolicy: IfNotPresent - registry: docker.io - repository: gitea/gitea - tag: 1.19.3 - memcached: - registry: docker.io - repository: bitnami/memcached - tag: 1.6.19-debian-11-r7 + - replicas: 1 + storage: 10Gi + version: '14' properties: - gitea: - default: - pullPolicy: IfNotPresent - registry: docker.io - repository: gitea/gitea - tag: 1.19.3 - properties: - pullPolicy: - default: IfNotPresent - enum: - - Always - - Never - - IfNotPresent - type: string - registry: - default: docker.io - type: string - repository: - default: gitea/gitea - type: string - tag: - default: 1.19.3 - type: string - type: object - memcached: - default: - registry: docker.io - repository: bitnami/memcached - tag: 1.6.19-debian-11-r7 - properties: - registry: - default: docker.io - type: string - repository: - default: bitnami/memcached - type: string - tag: - default: 1.6.19-debian-11-r7 - type: string - type: object - type: object - load-balancer: - default: - ip: '' - examples: - - ip: '' - properties: - ip: - default: '' + replicas: + default: 1 + type: integer + storage: + default: 10Gi + type: string + version: + default: '14' type: string type: object - webhook: - default: - allowed-hosts: private - skip-tls-verify: false + domain-name: + default: your_company.com examples: - - allowed-hosts: private - skip-tls-verify: false - properties: - allowed-hosts: - default: private - type: string - skip-tls-verify: - default: false - type: boolean - type: object - release: - default: 8.3.0 - examples: - - 8.3.0 + - your_company.com type: string push-create: default: @@ -122,6 +54,41 @@ options: default: 'true' type: string type: object + theme: + default: gitea-modern + examples: + - gitea-modern + type: string + release: + default: 8.3.0 + examples: + - 8.3.0 + type: string + default-branch: + default: main + examples: + - main + type: string + webhook: + default: + allowed-hosts: private + skip-tls-verify: false + examples: + - allowed-hosts: private + skip-tls-verify: false + properties: + allowed-hosts: + default: private + type: string + skip-tls-verify: + default: false + type: boolean + type: object + replicas: + default: 1 + examples: + - 1 + type: integer volume: default: size: 10Gi @@ -132,71 +99,6 @@ options: default: 10Gi type: string type: object - default-branch: - default: main - examples: - - main - type: string - postgres: - default: - replicas: 1 - storage: 10Gi - version: '14' - examples: - - replicas: 1 - storage: 10Gi - version: '14' - properties: - replicas: - default: 1 - type: integer - storage: - default: 10Gi - type: string - version: - default: '14' - type: string - type: object - ingress-class: - default: traefik - examples: - - traefik - type: string - ssh-port: - default: 2222 - examples: - - 2222 - type: integer - domain-name: - default: your_company.com - examples: - - your_company.com - type: string - domain: - default: your-company - examples: - - your-company - type: string - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - disable-registration: - default: true - examples: - - true - type: boolean - replicas: - default: 1 - examples: - - 1 - type: integer - sub-domain: - default: git - examples: - - git - type: string admin: default: email: git-admin@git.your_company.com @@ -212,15 +114,113 @@ options: default: gitea_admin type: string type: object + images: + default: + gitea: + pullPolicy: IfNotPresent + registry: docker.io + repository: gitea/gitea + tag: 1.20.1 + memcached: + registry: docker.io + repository: bitnami/memcached + tag: 1.6.19-debian-11-r7 + examples: + - gitea: + pullPolicy: IfNotPresent + registry: docker.io + repository: gitea/gitea + tag: 1.20.1 + memcached: + registry: docker.io + repository: bitnami/memcached + tag: 1.6.19-debian-11-r7 + properties: + gitea: + default: + pullPolicy: IfNotPresent + registry: docker.io + repository: gitea/gitea + tag: 1.20.1 + properties: + pullPolicy: + default: IfNotPresent + enum: + - Always + - Never + - IfNotPresent + type: string + registry: + default: docker.io + type: string + repository: + default: gitea/gitea + type: string + tag: + default: 1.20.1 + type: string + type: object + memcached: + default: + registry: docker.io + repository: bitnami/memcached + tag: 1.6.19-debian-11-r7 + properties: + registry: + default: docker.io + type: string + repository: + default: bitnami/memcached + type: string + tag: + default: 1.6.19-debian-11-r7 + type: string + type: object + type: object timezone: default: Europe/Paris examples: - Europe/Paris type: string - theme: - default: gitea-modern + domain: + default: your-company examples: - - gitea-modern + - your-company + type: string + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + ingress-class: + default: traefik + examples: + - traefik + type: string + ssh-port: + default: 2222 + examples: + - 2222 + type: integer + load-balancer: + default: + ip: '' + examples: + - ip: '' + properties: + ip: + default: '' + type: string + type: object + disable-registration: + default: true + examples: + - true + type: boolean + sub-domain: + default: git + examples: + - git type: string dependencies: - dist: null diff --git a/apps/gitea/ingress.tf b/apps/gitea/ingress.tf index 0ded2c5..5c05743 100644 --- a/apps/gitea/ingress.tf +++ b/apps/gitea/ingress.tf @@ -1,22 +1,27 @@ - locals { dns-names = ["${var.sub-domain}.${var.domain-name}"] middlewares = [{"name" = "${var.instance}-https"}] - services = [{ - "kind" = "Service" - "name" = "gitea-http" - "namespace" = var.namespace - "port" = 3000 - }] - routes = [ for v in local.dns-names : { - "kind" = "Rule" - "match" = "Host(`${v}`)" - "middlewares" = local.middlewares - "services" = local.services + service = { + "name" = "gitea-http" + "port" = { + "number" = 3000 + } + } + rules = [ for v in local.dns-names : { + "host" = "${v}" + "http" = { + "paths" = [{ + "backend" = { + "service" = local.service + } + "path" = "/" + "pathType" = "Prefix" + }] + } }] } -resource "kubectl_manifest" "gitea_certificate" { +resource "kubectl_manifest" "prj_certificate" { yaml_body = <<-EOF apiVersion: "cert-manager.io/v1" kind: "Certificate" @@ -34,7 +39,7 @@ resource "kubectl_manifest" "gitea_certificate" { EOF } -resource "kubectl_manifest" "gitea_https_redirect" { +resource "kubectl_manifest" "prj_https_redirect" { yaml_body = <<-EOF apiVersion: "traefik.containo.us/v1alpha1" kind: "Middleware" @@ -49,21 +54,22 @@ resource "kubectl_manifest" "gitea_https_redirect" { EOF } -resource "kubectl_manifest" "gitea_ingress" { +resource "kubectl_manifest" "prj_ingress" { force_conflicts = true yaml_body = <<-EOF - apiVersion: "traefik.containo.us/v1alpha1" - kind: "IngressRoute" + apiVersion: "networking.k8s.io/v1" + kind: "Ingress" metadata: name: "${var.instance}" namespace: "${var.namespace}" labels: ${jsonencode(local.common-labels)} - # annotations: - # "kubernetes.io/ingress.class": "${var.ingress-class}" + annotations: + "traefik.ingress.kubernetes.io/router.middlewares": "${join(",", [for m in local.middlewares : format("%s-%s@kubernetescrd", var.namespace, m)])}" spec: - entryPoints: ["web","websecure"] - routes: ${jsonencode(local.routes)} + ingressClassName: "${var.ingress-class}" + rules: ${jsonencode(local.rules)} tls: + - hosts: ${jsonencode(local.dns-names)} secretName: "${var.instance}-cert" EOF } diff --git a/apps/gitea/v1_Secret_gitea-init.yaml b/apps/gitea/v1_Secret_gitea-init.yaml index dc3c0db..3bae4fc 100644 --- a/apps/gitea/v1_Secret_gitea-init.yaml +++ b/apps/gitea/v1_Secret_gitea-init.yaml @@ -4,12 +4,12 @@ kind: Secret metadata: name: gitea-init labels: - helm.sh/chart: gitea-8.3.0 + helm.sh/chart: gitea-8.0.3 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea - app.kubernetes.io/version: "1.19.3" - version: "1.19.3" + app.kubernetes.io/version: "1.19.1" + version: "1.19.1" app.kubernetes.io/managed-by: Helm type: Opaque stringData: diff --git a/apps/gitea/v1_Secret_gitea.yaml b/apps/gitea/v1_Secret_gitea.yaml index c280f38..3afe6d0 100644 --- a/apps/gitea/v1_Secret_gitea.yaml +++ b/apps/gitea/v1_Secret_gitea.yaml @@ -4,12 +4,12 @@ kind: Secret metadata: name: gitea labels: - helm.sh/chart: gitea-8.3.0 + helm.sh/chart: gitea-8.0.3 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea - app.kubernetes.io/version: "1.19.3" - version: "1.19.3" + app.kubernetes.io/version: "1.19.1" + version: "1.19.1" app.kubernetes.io/managed-by: Helm type: Opaque stringData: diff --git a/apps/gitea/v1_Service_gitea-http.yaml b/apps/gitea/v1_Service_gitea-http.yaml index 7992d59..26fed0f 100644 --- a/apps/gitea/v1_Service_gitea-http.yaml +++ b/apps/gitea/v1_Service_gitea-http.yaml @@ -4,12 +4,12 @@ kind: Service metadata: name: gitea-http labels: - helm.sh/chart: gitea-8.3.0 + helm.sh/chart: gitea-8.0.3 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea - app.kubernetes.io/version: "1.19.3" - version: "1.19.3" + app.kubernetes.io/version: "1.19.1" + version: "1.19.1" app.kubernetes.io/managed-by: Helm annotations: {} diff --git a/apps/gitea/v1_Service_gitea-memcached.yaml b/apps/gitea/v1_Service_gitea-memcached.yaml index 8b7bcd2..92bf309 100644 --- a/apps/gitea/v1_Service_gitea-memcached.yaml +++ b/apps/gitea/v1_Service_gitea-memcached.yaml @@ -6,7 +6,7 @@ metadata: namespace: vynil-ci labels: app.kubernetes.io/name: memcached - helm.sh/chart: memcached-6.3.14 + helm.sh/chart: memcached-6.3.13 app.kubernetes.io/instance: gitea app.kubernetes.io/managed-by: Helm annotations: diff --git a/apps/gitea/v1_Service_gitea-ssh.yaml b/apps/gitea/v1_Service_gitea-ssh.yaml index 30b5f5d..b1b1751 100644 --- a/apps/gitea/v1_Service_gitea-ssh.yaml +++ b/apps/gitea/v1_Service_gitea-ssh.yaml @@ -4,12 +4,12 @@ kind: Service metadata: name: gitea-ssh labels: - helm.sh/chart: gitea-8.3.0 + helm.sh/chart: gitea-8.0.3 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea - app.kubernetes.io/version: "1.19.3" - version: "1.19.3" + app.kubernetes.io/version: "1.19.1" + version: "1.19.1" app.kubernetes.io/managed-by: Helm annotations: metallb.universe.tf/address-pool: mlb-pool-public diff --git a/apps/nextcloud/datas.tf b/apps/nextcloud/datas.tf index 290d2f6..543999a 100644 --- a/apps/nextcloud/datas.tf +++ b/apps/nextcloud/datas.tf @@ -33,6 +33,10 @@ data "kustomization_overlay" "data" { spec: template: spec: + volumes: + - name: certs + secret: + secretName: "${var.instance}-cert" containers: - name: nextcloud image: "${var.images.nextcloud.registry}/${var.images.nextcloud.repository}:${var.images.nextcloud.tag}" @@ -58,6 +62,10 @@ data "kustomization_overlay" "data" { value: "6379" resources: {} + volumeMounts: + - name: certs + mountPath: /etc/local-ca + readOnly: true - name: nextcloud-nginx image: "${var.images.nginx.registry}/${var.images.nginx.repository}:${var.images.nginx.tag}" imagePullPolicy: "${var.images.nginx.pullPolicy}" diff --git a/apps/nextcloud/index.yaml b/apps/nextcloud/index.yaml index 62ab4db..4f5b80e 100644 --- a/apps/nextcloud/index.yaml +++ b/apps/nextcloud/index.yaml @@ -6,6 +6,35 @@ metadata: name: nextcloud description: null options: + sub-domain: + default: cloud + examples: + - cloud + type: string + domain-name: + default: your_company.com + examples: + - your_company.com + type: string + storage: + default: + accessMode: ReadWriteOnce + size: 10Gi + examples: + - accessMode: ReadWriteOnce + size: 10Gi + properties: + accessMode: + default: ReadWriteOnce + enum: + - ReadWriteOnce + - ReadOnlyMany + - ReadWriteMany + type: string + size: + default: 10Gi + type: string + type: object images: default: exporter: @@ -109,31 +138,6 @@ options: type: string type: object type: object - sub-domain: - default: cloud - examples: - - cloud - type: string - postgres: - default: - replicas: 1 - storage: 5Gi - version: '14' - examples: - - replicas: 1 - storage: 5Gi - version: '14' - properties: - replicas: - default: 1 - type: integer - storage: - default: 5Gi - type: string - version: - default: '14' - type: string - type: object hpa: default: avg-cpu: 50 @@ -154,21 +158,46 @@ options: default: 1 type: integer type: object - domain-name: - default: your_company.com + postgres: + default: + replicas: 1 + storage: 5Gi + version: '14' examples: - - your_company.com + - replicas: 1 + storage: 5Gi + version: '14' + properties: + replicas: + default: 1 + type: integer + storage: + default: 5Gi + type: string + version: + default: '14' + type: string + type: object + admin: + default: + name: nextcloud_admin + examples: + - name: nextcloud_admin + properties: + name: + default: nextcloud_admin + type: string + type: object + domain: + default: your-company + examples: + - your-company type: string ingress-class: default: traefik examples: - traefik type: string - domain: - default: your-company - examples: - - your-company - type: string issuer: default: letsencrypt-prod examples: @@ -207,35 +236,6 @@ options: default: 2Gi type: string type: object - storage: - default: - accessMode: ReadWriteOnce - size: 10Gi - examples: - - accessMode: ReadWriteOnce - size: 10Gi - properties: - accessMode: - default: ReadWriteOnce - enum: - - ReadWriteOnce - - ReadOnlyMany - - ReadWriteMany - type: string - size: - default: 10Gi - type: string - type: object - admin: - default: - name: nextcloud_admin - examples: - - name: nextcloud_admin - properties: - name: - default: nextcloud_admin - type: string - type: object dependencies: [] providers: kubernetes: true diff --git a/apps/nextcloud/v1_ServiceAccount_nextcloud-serviceaccount.yaml b/apps/nextcloud/v1_ServiceAccount_nextcloud-serviceaccount.yaml index c1bbce5..c4b9c51 100644 --- a/apps/nextcloud/v1_ServiceAccount_nextcloud-serviceaccount.yaml +++ b/apps/nextcloud/v1_ServiceAccount_nextcloud-serviceaccount.yaml @@ -1,3 +1,4 @@ +--- # Source: nextcloud/templates/serviceaccount.yaml apiVersion: v1 kind: ServiceAccount