diff --git a/apps/homer/env/k3s-cluster/config.json b/apps/homer/env/k3s-cluster/config.json index bc1a9bc..79bd194 100644 --- a/apps/homer/env/k3s-cluster/config.json +++ b/apps/homer/env/k3s-cluster/config.json @@ -1,6 +1,7 @@ { "appName": "homer", "userGivenName": "homer", + "namespace": "homer", "destNamespace": "homer", "destServer": "https://kubernetes.default.svc", "srcPath": "apps/homer/env/k3s-cluster", diff --git a/apps/nexus/base/deployment.yaml b/apps/nexus/base/deployment.yaml new file mode 100644 index 0000000..0b3b44a --- /dev/null +++ b/apps/nexus/base/deployment.yaml @@ -0,0 +1,38 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nexus + namespace: nexus +spec: + replicas: 1 + selector: + matchLabels: + app: nexus + template: + metadata: + labels: + app: nexus + spec: + securityContext: + runAsUser: 0 + runAsGroup: 0 + containers: + - name: nexus + image: klo2k/nexus3:3.68.1-02 + resources: + limits: + memory: "3Gi" + cpu: "1" + requests: + memory: "2Gi" + cpu: "500m" + ports: + - containerPort: 8081 + volumeMounts: + - name: nexus-data + mountPath: /nexus-data + volumes: + - name: nexus-data + hostPath: + path: /mnt/nfs/AppData/nexus + type: Directory \ No newline at end of file diff --git a/apps/nexus/base/kustomization.yaml b/apps/nexus/base/kustomization.yaml new file mode 100644 index 0000000..87b09a3 --- /dev/null +++ b/apps/nexus/base/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./deployment.yaml + - ./service.yaml \ No newline at end of file diff --git a/apps/nexus/base/service.yaml b/apps/nexus/base/service.yaml new file mode 100644 index 0000000..6bf9f28 --- /dev/null +++ b/apps/nexus/base/service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: nexus + namespace: nexus + annotations: + prometheus.io/scrape: 'true' + prometheus.io/path: / + prometheus.io/port: '8081' +spec: + selector: + app: nexus + type: NodePort + ports: + - port: 8081 + targetPort: 8081 + nodePort: 32000 \ No newline at end of file diff --git a/resources/sealed-secrets/env/k3s-cluster/config.json b/apps/nexus/env/k3s-cluster/config.json similarity index 55% rename from resources/sealed-secrets/env/k3s-cluster/config.json rename to apps/nexus/env/k3s-cluster/config.json index a689d07..a95f526 100644 --- a/resources/sealed-secrets/env/k3s-cluster/config.json +++ b/apps/nexus/env/k3s-cluster/config.json @@ -1,9 +1,9 @@ { - "appName": "sealed-secrets", - "userGivenName": "sealed-secrets", - "destNamespace": "argocd", + "appName": "nexus", + "userGivenName": "nexus", + "destNamespace": "nexus", "destServer": "https://kubernetes.default.svc", - "srcPath": "resources/sealed-secrets/env/k3s-cluster", + "srcPath": "apps/nexus/env/k3s-cluster", "srcRepoURL": "https://github.com/3dwardch3ng/home-cluster-ops.git", "srcTargetRevision": "", "labels": null, diff --git a/resources/sealed-secrets/env/k3s-cluster/kustomization.yaml b/apps/nexus/env/k3s-cluster/kustomization.yaml similarity index 100% rename from resources/sealed-secrets/env/k3s-cluster/kustomization.yaml rename to apps/nexus/env/k3s-cluster/kustomization.yaml diff --git a/apps/snippet-box/base/deployment.yaml b/apps/snippet-box/base/deployment.yaml new file mode 100644 index 0000000..b7cf5e4 --- /dev/null +++ b/apps/snippet-box/base/deployment.yaml @@ -0,0 +1,34 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: snippet-box + namespace: snippet-box + labels: + app.kubernetes.io/name: snippet-box +spec: + selector: + matchLabels: + app.kubernetes.io/name: snippet-box + template: + metadata: + labels: + app.kubernetes.io/name: snippet-box + spec: + containers: + - name: snippet-box + image: pawelmalak/snippet-box:arm + ports: + - protocol: TCP + containerPort: 5000 + name: snippet-box + env: + - name: TZ + value: Australia/Sydney + volumeMounts: + - name: snippet-box-data + mountPath: /app/data + volumes: + - name: snippet-box-data + hostPath: + path: /mnt/nfs/AppData/snippet-box + type: Directory diff --git a/apps/snippet-box/base/ingress.yaml b/apps/snippet-box/base/ingress.yaml new file mode 100644 index 0000000..fa1fcd5 --- /dev/null +++ b/apps/snippet-box/base/ingress.yaml @@ -0,0 +1,21 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: snippet-box-ingress + namespace: snippet-box + annotations: + nginx.ingress.kubernetes.io/ssl-redirect: "false" + nginx.ingress.kubernetes.io/use-regex: "true" +spec: + ingressClassName: nginx + rules: + - host: "snippet-box.cluster.edward.sydney" + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: snippet-box + port: + number: 5000 \ No newline at end of file diff --git a/apps/snippet-box/base/kustomization.yaml b/apps/snippet-box/base/kustomization.yaml new file mode 100644 index 0000000..1ad0930 --- /dev/null +++ b/apps/snippet-box/base/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./deployment.yaml + - ./service.yaml + - ./ingress.yaml \ No newline at end of file diff --git a/apps/snippet-box/base/service.yaml b/apps/snippet-box/base/service.yaml new file mode 100644 index 0000000..7261884 --- /dev/null +++ b/apps/snippet-box/base/service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: snippet-box + namespace: snippet-box + labels: + app.kubernetes.io/name: snippet-box +spec: + selector: + app.kubernetes.io/name: snippet-box + type: ClusterIP + internalTrafficPolicy: Cluster + ports: + - protocol: TCP + port: 5000 + targetPort: 5000 + name: snippet-box diff --git a/apps/snippet-box/env/k3s-cluster/config.json b/apps/snippet-box/env/k3s-cluster/config.json new file mode 100644 index 0000000..98e6b4f --- /dev/null +++ b/apps/snippet-box/env/k3s-cluster/config.json @@ -0,0 +1,11 @@ +{ + "appName": "snippet-box", + "userGivenName": "snippet-box", + "destNamespace": "snippet-box", + "destServer": "https://kubernetes.default.svc", + "srcPath": "apps/snippet-box/env/k3s-cluster", + "srcRepoURL": "https://github.com/3dwardch3ng/home-cluster-ops.git", + "srcTargetRevision": "", + "labels": null, + "annotations": null +} \ No newline at end of file diff --git a/apps/snippet-box/env/k3s-cluster/kustomization.yaml b/apps/snippet-box/env/k3s-cluster/kustomization.yaml new file mode 100644 index 0000000..a227ac4 --- /dev/null +++ b/apps/snippet-box/env/k3s-cluster/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ../../base \ No newline at end of file diff --git a/infrastructures/ingress-nginx/env/k3s-cluster/config.json b/infrastructures/ingress-nginx/env/k3s-cluster/config.json index c4c946b..2f2cd35 100644 --- a/infrastructures/ingress-nginx/env/k3s-cluster/config.json +++ b/infrastructures/ingress-nginx/env/k3s-cluster/config.json @@ -1,6 +1,7 @@ { "appName": "ingress-nginx", "userGivenName": "ingress-nginx", + "namespace": "ingress-nginx", "destNamespace": "ingress-nginx", "destServer": "https://kubernetes.default.svc", "srcPath": "infrastructures/ingress-nginx/env/k3s-cluster", diff --git a/projects/k3s-cluster-app.yaml b/projects/k3s-cluster-app.yaml index 3987395..27a2eeb 100644 --- a/projects/k3s-cluster-app.yaml +++ b/projects/k3s-cluster-app.yaml @@ -46,7 +46,7 @@ spec: app.kubernetes.io/managed-by: argocd app.kubernetes.io/name: '{{ appName }}' name: '{{ userGivenName }}' - namespace: argocd + namespace: '{{ namespace }}' spec: destination: namespace: '{{ destNamespace }}' diff --git a/projects/k3s-cluster-infra.yaml b/projects/k3s-cluster-infra.yaml index e09f6aa..6890179 100644 --- a/projects/k3s-cluster-infra.yaml +++ b/projects/k3s-cluster-infra.yaml @@ -46,7 +46,7 @@ spec: app.kubernetes.io/managed-by: argocd app.kubernetes.io/name: '{{ appName }}' name: '{{ userGivenName }}' - namespace: argocd + namespace: '{{ namespace }}' spec: destination: namespace: '{{ destNamespace }}' diff --git a/projects/k3s-cluster-res.yaml b/projects/k3s-cluster-res.yaml index f7b34f3..fe59844 100644 --- a/projects/k3s-cluster-res.yaml +++ b/projects/k3s-cluster-res.yaml @@ -46,7 +46,7 @@ spec: app.kubernetes.io/managed-by: argocd app.kubernetes.io/name: '{{ appName }}' name: '{{ userGivenName }}' - namespace: argocd + namespace: '{{ namespace }}' spec: destination: namespace: '{{ destNamespace }}' diff --git a/resources/app-secrets/env/k3s-cluster/Chart.yaml b/resources/app-secrets/env/k3s-cluster/Chart.yaml new file mode 100644 index 0000000..df30551 --- /dev/null +++ b/resources/app-secrets/env/k3s-cluster/Chart.yaml @@ -0,0 +1,9 @@ +apiVersion: v2 +version: "0.0.1" +appVersion: "0.0.1" +name: app-secrets + +dependencies: + - name: nginx + version: 0.0.1 + repository: "https://raw.githubusercontent.com/timtsoitt/argocd-base-charts/main/releases" \ No newline at end of file diff --git a/resources/app-secrets/env/k3s-cluster/config.json b/resources/app-secrets/env/k3s-cluster/config.json new file mode 100644 index 0000000..ca1a97c --- /dev/null +++ b/resources/app-secrets/env/k3s-cluster/config.json @@ -0,0 +1,12 @@ +{ + "appName": "app-secrets", + "userGivenName": "app-secrets", + "namespace": "app-secrets", + "destNamespace": "app-secrets", + "destServer": "https://kubernetes.default.svc", + "srcPath": "resources/app-secrets/env/k3s-cluster", + "srcRepoURL": "https://github.com/3dwardch3ng/home-cluster-ops.git", + "srcTargetRevision": "", + "labels": null, + "annotations": null +} \ No newline at end of file diff --git a/resources/app-secrets/env/k3s-cluster/templates/postgresql.yaml b/resources/app-secrets/env/k3s-cluster/templates/postgresql.yaml new file mode 100644 index 0000000..12094e2 --- /dev/null +++ b/resources/app-secrets/env/k3s-cluster/templates/postgresql.yaml @@ -0,0 +1,26 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + annotations: + sealedsecrets.bitnami.com/cluster-wide: "true" + creationTimestamp: null + name: postgresql-secrets + namespace: postgresql +spec: + encryptedData: + database: AgBJ/TwGeaHpcCg6oSUywLp1q84Gr3rm3w3J4v5A0NoRPucO029RVtYCr3Lz3VJ06c6qyWFAZCEo3jRvYer67vZenN9uSfZS+qtQafyeISogUejpmHzulOvgvQXTBU09X6lKzCC6l+HFKB1qJ0bMzabY127KHIvgv7Dq+v4Mv7l2L6fdE1PElqozTciWsynAZbSNRQrDZB5g0SYnuLURPpnYe3OXQbUWzZsKnuP6oCiGAJsO0OlVQq5QwxvosfpmQeth6GBKUoymPqI1AOYl3qKDtATrlC4jEFOLTttQmXgU+aJMhx82TEkLrtIv4uniNTSFFJlIe3IOlstcPKypx67J8aPSes9Yw30a0Loe4PFAwe6jkYhpvdgfKJjs8Iw4N3GfAtWkyAcOCQ6tGUKlcAAoErvUo0QLe/QeB4GWWklSd3yo4tH3XD2rwFzgBbFlFmCLgwvS5AZw/KL/TDzyMu9MHYjUUMjtgP46/pApYKBRLXmGRwO+4Bec7IKqJfS+hsK8Ax2hdvJlsmiwkm3WmdMVDXznQzjZ2APRdKtgUSD5onHHKODOPq2MwV2a+qHuCvpbaU6FaM86Brb7zgYxBhatLJdDFCqEPxudO/Z04D/tPqq1q9iuBO8i2afQr00Yqync1SC8Ua3iAxks27PX5XZcy6/wCbWGzgxVldktmUiKLzeyCrDVX+yMj1xQ9e5WpIBKrSWlztUWBQ== + password: AgAu0129Ov9tkdHLsEQOXJFppXj/DtLpUEOFjwV29IVGYIgNEVGJ04vEbXL3y46gih6h3NuUZU0DrT0kyNTwIRWm1AKAzAMZ6jGYsGvxYOOnLzZKO/mLrWb3Wh9srh9I7S2OCY63XsBZjemfqyDlgS/s1146fnLzndpJAribTf060nhhNhGODWDEZcd0zn53eL3V8Mu8Sh0qen6oCrbtHUBN21IJLmqvNWr6XsINGrlI9emNRvsVc7KTLd74KcHfhGTGELogBNxECZQIT7BVC3PGHRvAD+XD2pnJgQrYi7QcCZj9C64Ivcui645JL++BDFtdegyJZN478Fn2YRqt+p/eW6pd3QhC+Xl66o9KuktbkbhtEPUhDM+jBJluFFECEdDuqAi9FiDiZSRrLaMPmudwuhpSUFeo4zFjkPcs38yuqS0ruIvzo0F0xf5XtENXFj38vCwVzPDY/3Ip1RLB9M4xV1LBV82eANM+FEsn7FALvXRC/anL/lqq0CNzM479h5KfwfALIqF4pFYLSPguDzuiYFoDMBpHBakFvi8aAryOnOjURI9rWvWEvXzdLyYEgfFGlETbyh3az8PJlixv1owzjGC8JdIv266pqAJJIh+hyZqZ44M6XaL9qEwfWktoYueJIFTPElkY89f3Hf1to3vrPO17hUHRG9IVuU/f9CBpq2VG/DDduPfc1HQZMhtjalJbxT/Etvd3t/8vmI+4vvVPkWBWMQ== + postgres_password: AgC+PhYh1JmEpaO3S3dR0sMpMKBMg7rcECaiuPvczFEPUR9RepSofQEoQ31NuWMr8H5uSTAof5t57xNoLfFDLA7a2MWqE+0o94Z8hN7u05/wjhAuHPN43/EWGMQ5fI95r3kwpIoen3qjYWDIiYhCOHoAuj70OqYj0UZWxPyG/Hlqklo8DZ/wEzLBA2qyQ7iPOqjpD6niFOafv35/594dAQlwmKgViZNz8cruFxNn1pDwo1aCTtFqw+4xrCTRIyoyfPanyo6DlqxZtLMqKzEKaSeU8U+iF3dKpjOWN27RNtxB4YjfjR9oyqu6nGGv7uPEZLcmk/LjZZB6760Ok4VCb4f2WhziNSnN9mlKdUi8BREBuZBx4wTCxHAryKnX2bUrPhsQZEVaUa9cceplHTRglHN4bB5BTl8SekFaCP6sHyIDL8n88wjqTaHaRnjlbmUu82ehu87EZMCYZu2jIWQoDS3VeyUMhs+pf8iqrg2yal1dX/SlpDThvyElKSnXYE0mLXsmME6skWm7e0iEZljSM9ZGiAZLJEqBPFqpvqbVOkZ12Nh0qj/8N9R+jow/x2SgV/afBOqLHtmLRrJdXy6EOvvIXnswwLZHIq0Ak8tewpFHlEdnWNaV7RJrPfM2ArkodxMPjvy/IXUUOs1HQZc56OPyb9GwgCYIvBWFiPFrpEruW9h9Dk+ahgJvMLT4oQNrje5R/jpdHEY7Rf8dXL2DV+bVDBcBQw== + replication_password: AgBkc4gk1ZyvJPChepr45Qs2xSQIFVLWjaV5VIfHOYIQF+SFSjxlHqEWsPwZFa9nU6soK/kOukTS6nlW+MTzPXHZZRu3fPdyY8ETa4Iq5588v3xWKVrUyLpKIVIkRnwguTlh+54MUylOBugyHSKAOowWyaiu1VvjS7L75b5NTXYeXIDVegBzss1OVEW/GoTaRgx23GJbGSfB0t1eqhdeF8bQRmkpI7rdBIO99bw4TEF7x3+PfEK9k5dctLbWKl1raSJeVLXClm+tQiN3eU2SvSBRxhyHIg2w7mshMreX7JQd9AJL0AcPzLKaSDhP/Dr2lFXIVtA1QbG8baEM2sMH2cVVFj9yHVZZ2zY1NruElSju0jQXfKXc6ZYR9P5FGBI33ZZnfqXefdchepRccv4VLv9M79e5toVt5KciUv3d50RVMIDv46OvYO1qmLuXpyIxnh6bHHUtFLrJSODfjxDU/OVWHSgTRJh7M7OZqgzCpNUQWG48fT546aAiBpX3qqh/C2T/dw2esHXhaS0V7q5FL+NiW1wWMmyPbkzAMyMXw4j04Zy3RFhIQ3ga+Hq7aKC7hwBBx1obwabz0q9mbvk1yk1Fgllfxtp5FxKFb3LtGOQOnWZlo3u0sgYG5F6Wr9psPMdBqtBHETQzBIzhTt+8QxLp2yOZ7HaY06WYL5NViEcRKBRQWbhf2C4gXyAwOOXlRPyBlZ+9nJbTAH3D/3cEOHP4DPqpig== + username: AgAsbp2tj4P/IS6gM9yMov1dxs6MyR8r3WkDhVQhR4zn8aFByml4GfPhTFQHHNawVUDrnEUiBzV2fTFG7+45HlOtPOJ2w/0Uc1vC0PiX6qdjhRASiTIj0qtndnPvatW7Q1eKycwB7WdKHEO4CRLKYaLGc2sqQ0i3Us+IGPV/8xmvyk/fmG/EnFBwny1fclKxkkT5me9RPmqnO2btxIx7Pe2Flo2Bo82YZwCTP1dvBmG/XbgE5oqDoX1ZDnP0WelIBB0d6uqF+g+ZhWZEuxAZJAv7FUoTmR+4x8JLMTZ6ByP3J8ZaAnEg3g20r18QNCZV7wz8qWM1LLoU9G2rHEWssF2IKYxgf5JpB/ESdtZVKgBkvTAbSc+9Css/NFT3cSeVflxbnRczUTRwP8/4zqSX0U0qTwChCOx4LvrznWYF7v2gennziIIxc2rdT9en2o0OKKF7db5rIhCi1m/C5peu9CEhqm9mzxfDfNj6gCED8a2z75IHHpqj7BGNBqjKtmSb+0+gmwfZG0i5UOczSSxNBayXsCkUPZZNYb1lnPLNnxASBRAcFikqHHpp0gsb54DmgL/LzfZGEEbzco59/DA1F9O+Ypy11FlLJw89bM+4bHoLXnzqI48tlThslFT6pIYT7nizJR+zjn+3pC6bxX31MqQPVu6whfHIR6OBh94T1fyoISdc3SeODTlsNAd9/pPnS7v+LaPaQno= + template: + metadata: + annotations: + argocd.argoproj.io/sync-options: Prune=false + sealedsecrets.bitnami.com/cluster-wide: "true" + sealedsecrets.bitnami.com/managed: "true" + creationTimestamp: null + name: postgresql-secrets + namespace: postgresql + type: Opaque diff --git a/resources/ingress-nginx-configmap/env/k3s-cluster/config.json b/resources/ingress-nginx-configmap/env/k3s-cluster/config.json index 7b6a97c..150a793 100644 --- a/resources/ingress-nginx-configmap/env/k3s-cluster/config.json +++ b/resources/ingress-nginx-configmap/env/k3s-cluster/config.json @@ -1,6 +1,7 @@ { "appName": "ingress-nginx-configmap", "userGivenName": "ingress-nginx-configmap", + "namespace": "ingress-nginx", "destNamespace": "ingress-nginx", "destServer": "https://kubernetes.default.svc", "srcPath": "resources/ingress-nginx-configmap/env/k3s-cluster", diff --git a/resources/local-path-provisioner/env/k3s-cluster/config.json b/resources/local-path-provisioner/env/k3s-cluster/config.json index 44bfa62..fafad8d 100644 --- a/resources/local-path-provisioner/env/k3s-cluster/config.json +++ b/resources/local-path-provisioner/env/k3s-cluster/config.json @@ -1,6 +1,7 @@ { "appName": "local-path-provisioner", "userGivenName": "local-path-provisioner", + "namespace": "local-path-provisioner", "destNamespace": "local-path-provisioner", "destServer": "https://kubernetes.default.svc", "srcPath": "resources/local-path-provisioner/env/k3s-cluster", diff --git a/resources/namespaces/base/app-secrets.yaml b/resources/namespaces/base/app-secrets.yaml new file mode 100644 index 0000000..510eb2b --- /dev/null +++ b/resources/namespaces/base/app-secrets.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Namespace +metadata: + annotations: + argocd.argoproj.io/sync-options: Prune=false + creationTimestamp: null + name: app-secrets +spec: {} +status: {} diff --git a/resources/namespaces/base/kustomization.yaml b/resources/namespaces/base/kustomization.yaml index 46a572d..f975da8 100644 --- a/resources/namespaces/base/kustomization.yaml +++ b/resources/namespaces/base/kustomization.yaml @@ -2,6 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./adguard-home.yaml + - ./app-secrets.yaml - ./cert-manager.yaml - ./code-server.yaml - ./consul.yaml diff --git a/resources/namespaces/env/k3s-cluster/config.json b/resources/namespaces/env/k3s-cluster/config.json index d027bb8..1892bad 100644 --- a/resources/namespaces/env/k3s-cluster/config.json +++ b/resources/namespaces/env/k3s-cluster/config.json @@ -1,6 +1,7 @@ { "appName": "namespaces", "userGivenName": "namespaces", + "namespace": "argocd", "destNamespace": "argocd", "destServer": "https://kubernetes.default.svc", "srcPath": "resources/namespaces/env/k3s-cluster", diff --git a/resources/sealed-secrets/base/kustomization.yaml b/resources/sealed-secrets/base/kustomization.yaml deleted file mode 100644 index db6356b..0000000 --- a/resources/sealed-secrets/base/kustomization.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -helmCharts: - - name: sealed-secrets - repo: https://bitnami-labs.github.io/sealed-secrets - version: 2.16.0 - releaseName: sealed-secrets - valuesFile: values.yaml \ No newline at end of file diff --git a/resources/sealed-secrets/base/values.yaml b/resources/sealed-secrets/base/values.yaml deleted file mode 100644 index e69de29..0000000 diff --git a/resources/sync-job/env/k3s-cluster/config.json b/resources/sync-job/env/k3s-cluster/config.json index 6a1af33..d1b37b7 100644 --- a/resources/sync-job/env/k3s-cluster/config.json +++ b/resources/sync-job/env/k3s-cluster/config.json @@ -1,6 +1,7 @@ { "appName": "sync-job", "userGivenName": "sync-job", + "namespace": "argocd", "destNamespace": "argocd", "destServer": "https://kubernetes.default.svc", "srcPath": "resources/sync-job/env/k3s-cluster", diff --git a/scripts/5.install-sealed-secrets.sh b/scripts/5.install-sealed-secrets.sh new file mode 100644 index 0000000..472b0f0 --- /dev/null +++ b/scripts/5.install-sealed-secrets.sh @@ -0,0 +1,6 @@ +#!/bin/bash +set -e + +helm repo add sealed-secrets https://bitnami-labs.github.io/sealed-secrets +helm repo update +helm install sealed-secrets -n kube-system --set-string fullnameOverride=sealed-secrets-controller sealed-secrets/sealed-secrets -f sealed-secrets-values.yaml \ No newline at end of file diff --git a/scripts/encript-file-by-age.sh b/scripts/encrypt-file-by-age.sh similarity index 100% rename from scripts/encript-file-by-age.sh rename to scripts/encrypt-file-by-age.sh diff --git a/scripts/encrypt-file-by-sealed-secrets.sh b/scripts/encrypt-file-by-sealed-secrets.sh new file mode 100644 index 0000000..0536289 --- /dev/null +++ b/scripts/encrypt-file-by-sealed-secrets.sh @@ -0,0 +1,7 @@ +#!/usr/bin/bash +set -e + +secretName=$1 +filePath=$2 + +cat $filePath | kubeseal --format yaml --scope cluster-wide | tee $filePath \ No newline at end of file diff --git a/resources/sealed-secrets/env/k3s-cluster/values.yaml b/scripts/sealed-secrets-values.yaml similarity index 100% rename from resources/sealed-secrets/env/k3s-cluster/values.yaml rename to scripts/sealed-secrets-values.yaml