add vaultwarden, self manage argo

2025-10-13 11:22:11 +02:00
parent 8def14af64
commit ba59b53e69
17 changed files with 244 additions and 12 deletions
--- a/kluster-deployments/argocd/application.yaml
+++ b/kluster-deployments/argocd/application.yaml
@@ -0,0 +1,19 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: argocd-application
+  namespace: argocd
+spec:
+  project: infrastructure
+  source:
+    repoURL: git@github.com:moll-re/bootstrap-k3s-infra.git
+    targetRevision: main
+    path: infrastructure/argocd
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: argocd
+  syncPolicy:
+    automated:
+      prune: false
+      # since other argo projects are added to this namespace (but not managed in this repo), they should not be deleted even though they are not referenced in this manifest
+      selfHeal: true
--- a/kluster-deployments/argocd/kustomization.yaml
+++ b/kluster-deployments/argocd/kustomization.yaml
@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - application.yaml
--- a/kluster-deployments/kustomization.yaml
+++ b/kluster-deployments/kustomization.yaml
@@ -9,6 +9,9 @@ resources:
  # - bootstrap-repo.sealedsecret.yaml already set for app of apps
  - gitea-repo.sealedsecret.yaml

+  # let argocd manage its own namespace
+  - argocd/
+
  # infrastructure apps
  - projects.yaml
  - nfs-provisioner/
@@ -22,6 +25,7 @@ resources:
  - external-services/
  - monitoring/application.yaml
  - authelia/
+  - passwords/

  # simple apps
  - adguard/
--- a/kluster-deployments/passwords/application.yaml
+++ b/kluster-deployments/passwords/application.yaml
@@ -0,0 +1,23 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: passwords-application
+  namespace: argocd
+spec:
+  project: infrastructure
+  source:
+    repoURL: git@github.com:moll-re/bootstrap-k3s-infra.git
+    targetRevision: main
+    path: infrastructure/passwords
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: passwords
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+  ignoreDifferences:
+    - group: apps/v1
+      kind: Deployment
+      jsonPointers:
+        - /metadata/annotations
--- a/kluster-deployments/passwords/kustomization.yaml
+++ b/kluster-deployments/passwords/kustomization.yaml
@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - application.yaml