diff --git a/README.md b/README.md index 0b51c73..c0d66aa 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,23 @@ # Kluster setup and IaaC using argoCD + + +### Key to authorize against `git.kluster.moll.re` (ssh) +``` +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE+4SlRIV9wOKYZbBrPuW18K6GGjnDEviCYQvGQuKOm0 remy@ArchSpectre +``` + +### Initial setup +On a running (but otherwise bare) k3s instance run: +``` +kubectl apply -k infrastructure/argocd +``` +This will install argocd and CRDs in a dedicated namespace along with the app-of-apps configured under `kluster-deployments/`. + +The app-of-apps will bootstrap a fully featured cluster with the following components +- postgres instance +- backup of all nfs PVCs using restic +- traefik along with metallb as a publicly accessible reverse proxy +- an nfs-provisioner creating PVCs on-demand +- the bitnami sealedsecrets-operator +- a range of selfhosted apps \ No newline at end of file diff --git a/infrastructure/argocd/argo-apps.application.yaml b/infrastructure/argocd/argo-apps.application.yaml index 455c716..4b24b5a 100644 --- a/infrastructure/argocd/argo-apps.application.yaml +++ b/infrastructure/argocd/argo-apps.application.yaml @@ -11,4 +11,8 @@ spec: path: kluster-deployments destination: server: https://kubernetes.default.svc - namespace: argocd \ No newline at end of file + namespace: argocd + syncPolicy: + automated: + prune: true + selfHeal: true \ No newline at end of file diff --git a/kluster-deployments/immich/application.yaml b/kluster-deployments/immich/application.yaml new file mode 100644 index 0000000..4f4fadb --- /dev/null +++ b/kluster-deployments/immich/application.yaml @@ -0,0 +1,120 @@ +# apiVersion: source.toolkit.fluxcd.io/v1beta2 +# kind: HelmRepository +# metadata: +# name: immich-helmrepo +# namespace: flux-system +# spec: +# interval: 60m0s +# url: https://immich-app.github.io/immich-charts +# --- +# apiVersion: helm.toolkit.fluxcd.io/v2beta1 +# kind: HelmRelease +# metadata: +# name: immich-helmchart +# namespace: flux-system +# spec: +# interval: 5m0s +# chart: +# spec: +# chart: immich +# sourceRef: +# kind: HelmRepository +# name: immich-helmrepo +# valuesFiles: +# - ./apps/immich/values.yaml +# # - values-production.yaml +# # values: ./apps/immich/values.yaml +# --- +# apiVersion: image.toolkit.fluxcd.io/v1beta2 +# kind: ImageRepository +# metadata: +# name: immich-registry +# namespace: flux-system +# spec: +# image: ghcr.io/immich-app/immich-server +# interval: 15m +# --- +# apiVersion: image.toolkit.fluxcd.io/v1beta2 +# kind: ImagePolicy +# metadata: +# name: immich-imagerange +# namespace: flux-system +# spec: +# imageRepositoryRef: +# name: immich-registry +# policy: +# semver: +# range: 1.x.x +# --- +# apiVersion: image.toolkit.fluxcd.io/v1beta1 +# kind: ImageUpdateAutomation +# metadata: +# name: immich-automation +# namespace: flux-system +# spec: +# interval: 30m +# sourceRef: +# kind: GitRepository +# name: flux-system +# #### Git configuration +# git: +# checkout: +# ref: +# branch: main +# commit: +# author: +# email: flux@moll.re +# name: fluxcdbot +# messageTemplate: 'Bump {{range .Updated.Images}}{{println .}}{{end}}' +# push: +# #### Branch to push to +# branch: ci-update +# #### Update configuration +# update: +# #### Path to the file to update +# path: ./apps/immich/values.yaml +# #### Update strategy +# strategy: Setters +# --- + + +# # sourceRef: +# # kind: GitRepository +# # name: immich +# # git: +# # checkout: +# # ref: +# # branch: main +# # commit: +# # author: +# # email: flux@moll.re +# # name: fluxcdbot +# # messageTemplate: '[CI SKIP] Bump {{range .Updated.Images}}{{println .}}{{end}}' +# # push: +# # branch: main +# # update: +# # path: ./deployment/base/deployment.yaml +# # strategy: Setters + + +# --- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: immich-application + namespace: argocd +spec: + project: default + sources: + - chart: immich + repoURL: https://immich-app.github.io/immich-charts + helm: + releaseName: immich + valueFiles: + - $values/apps/immich/values.yaml + - repoURL: 'https://github.com/moll-re/k3s-infra.git' + targetRevision: dev + ref: values + destination: + server: https://kubernetes.default.svc + namespace: immich diff --git a/kluster-deployments/immich/deploymentereference.yaml b/kluster-deployments/immich/deploymentereference.yaml deleted file mode 100644 index b9c0ae8..0000000 --- a/kluster-deployments/immich/deploymentereference.yaml +++ /dev/null @@ -1,97 +0,0 @@ -apiVersion: source.toolkit.fluxcd.io/v1beta2 -kind: HelmRepository -metadata: - name: immich-helmrepo - namespace: flux-system -spec: - interval: 60m0s - url: https://immich-app.github.io/immich-charts ---- -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: immich-helmchart - namespace: flux-system -spec: - interval: 5m0s - chart: - spec: - chart: immich - sourceRef: - kind: HelmRepository - name: immich-helmrepo - valuesFiles: - - ./apps/immich/values.yaml - # - values-production.yaml - # values: ./apps/immich/values.yaml ---- -apiVersion: image.toolkit.fluxcd.io/v1beta2 -kind: ImageRepository -metadata: - name: immich-registry - namespace: flux-system -spec: - image: ghcr.io/immich-app/immich-server - interval: 15m ---- -apiVersion: image.toolkit.fluxcd.io/v1beta2 -kind: ImagePolicy -metadata: - name: immich-imagerange - namespace: flux-system -spec: - imageRepositoryRef: - name: immich-registry - policy: - semver: - range: 1.x.x ---- -apiVersion: image.toolkit.fluxcd.io/v1beta1 -kind: ImageUpdateAutomation -metadata: - name: immich-automation - namespace: flux-system -spec: - interval: 30m - sourceRef: - kind: GitRepository - name: flux-system - #### Git configuration - git: - checkout: - ref: - branch: main - commit: - author: - email: flux@moll.re - name: fluxcdbot - messageTemplate: 'Bump {{range .Updated.Images}}{{println .}}{{end}}' - push: - #### Branch to push to - branch: ci-update - #### Update configuration - update: - #### Path to the file to update - path: ./apps/immich/values.yaml - #### Update strategy - strategy: Setters ---- - - - # sourceRef: - # kind: GitRepository - # name: immich - # git: - # checkout: - # ref: - # branch: main - # commit: - # author: - # email: flux@moll.re - # name: fluxcdbot - # messageTemplate: '[CI SKIP] Bump {{range .Updated.Images}}{{println .}}{{end}}' - # push: - # branch: main - # update: - # path: ./deployment/base/deployment.yaml - # strategy: Setters \ No newline at end of file diff --git a/kluster-deployments/immich/kustomization.yaml b/kluster-deployments/immich/kustomization.yaml new file mode 100644 index 0000000..0b082ba --- /dev/null +++ b/kluster-deployments/immich/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- application.yaml \ No newline at end of file diff --git a/kluster-deployments/kustomization.yaml b/kluster-deployments/kustomization.yaml index d668ec8..702a498 100644 --- a/kluster-deployments/kustomization.yaml +++ b/kluster-deployments/kustomization.yaml @@ -7,3 +7,4 @@ namespace: argocd resources: - whoami/ - journal/ + - immich/ \ No newline at end of file diff --git a/kluster-deployments/whoami/application.yaml b/kluster-deployments/whoami/application.yaml index 28511c3..75a4ddb 100644 --- a/kluster-deployments/whoami/application.yaml +++ b/kluster-deployments/whoami/application.yaml @@ -11,4 +11,8 @@ spec: path: apps/whoami/overlays/main destination: server: https://kubernetes.default.svc - namespace: whoami \ No newline at end of file + namespace: whoami + syncPolicy: + automated: + prune: true + selfHeal: true \ No newline at end of file