Newer
Older
# Example repository for customizing a Stackspin cluster
Example boilerplate for a custom [flux](https://fluxcd.io/) repository
which can be added to a [Stackspin](https://stackspin.net) cluster.
The main use-case is to add additional applications
which are not integrated into Stackspin (yet).
For a more advanced example
see the [flux2-kustomize-helm-example](https://github.com/fluxcd/flux2-kustomize-helm-example)
repository.
This repo's directory structure is similar to the `flux2-kustomize-helm-example`
one.
## Basic configuration
We'll start with a very basic configuration:
* It uses a public git repo
* No secrets are included
* No forking/modifications needed, install as it is
Apply it to your cluster:
```sh
basic/install.sh
```
List the resource created by this flux repo:
```sh
kubectl -n stackspout get gitrepositories
kubectl -n stackspout get kustomizations
kubectl -n stackspout get helmreleases
kubectl -n stackspout get pods
There are two ways of using a custom flux repo to host your custom config/apps
on a Stackspin cluster.
### A) Manage secrets manually
This approach is easier to start with,
because you don't need to configure your cluster to handle encrypted secrets
and access to a private git repository.
* Fork this repository into a public git repo, cloneable via `https://`
### Everything in version control, including secrets
* Fork this repository into a private git repo, cloneable via `ssh://`
* [Configure flux to use ssh instead of https for cloning](https://fluxcd.io/docs/components/source/gitrepositories/#ssh-authentication)
* You shouln't rely solely on transport encryption for your git repository
but rather end-to-end encrypt your secrets.
Different methods are available for flux:
* [Sops](https://fluxcd.io/docs/guides/mozilla-sops/)
[Sops section in flux2-kustomize-helm-example](https://github.com/fluxcd/flux2-kustomize-helm-example#encrypt-kubernetes-secrets)
* [Sealed Secrets](https://fluxcd.io/docs/guides/sealed-secrets/)