Compare revisions

0b5e5d2c · 0b5e5d2c · 0b5e5d2c · 0b5e5d2c · 0b5e5d2c · 0b5e5d2c
--- a/basic/apps/ninja/invoiceninja-release.yaml
+++ b/basic/apps/ninja/invoiceninja-release.yaml
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: invoiceninja
+  namespace: stackspout
+spec:
+  releaseName: invoiceninja
+  chart:
+    spec:
+      # https://github.com/invoiceninja/dockerfiles/blob/master/charts/invoiceninja/Chart.yaml
+      chart: invoiceninja
+      version: 0.10.1
+      sourceRef:
+        kind: HelmRepository
+        name: invoiceninja
+        namespace: flux-system
+  interval: 5m
+  valuesFrom:
+    - kind: ConfigMap
+      name: stackspin-invoiceninja-values
+      optional: false
+    # Allow overriding values by ConfigMap or Secret
+    - kind: ConfigMap
+      name: stackspin-invoiceninja-override
+      optional: true
+    - kind: Secret
+      name: stackspin-invoiceninja-override
+      optional: true
--- a/basic/apps/ninja/invoiceninja-values-configmap.yaml
+++ b/basic/apps/ninja/invoiceninja-values-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: stackspin-invoiceninja-values
+  namespace: stackspout
+data:
+  values.yaml: |
+    # https://github.com/invoiceninja/dockerfiles/blob/master/charts/invoiceninja/values.yaml
+    image:
+      tag: 5.5
+      pullPolicy: Always
+    ingress:
+      enabled: true
+      hostname: "ninja.${domain}"
+      tls: true
+      certManager: true
+      annotations:
+        nginx.ingress.kubernetes.io/configuration-snippet: |
+          more_set_headers "Content-Security-Policy: frame-ancestors 'self' ${nextcloud_domain}";
+    persistence:
+      public:
+        existingClaim: invoiceninja-data
+    mariadb:
+      # https://github.com/bitnami/charts/blob/master/bitnami/mariadb/values.yaml
+      auth:
+        password: "${mariadb_password}"
+        rootPassword: "${mariadb_root_password}"
+      primary:
+        persistence:
+          existingClaim: invoiceninja-mariadb
+    redis:
+      # Redis is only cache, so no pvc needed: https://invoiceninja.github.io/docs/env-variables/
+      auth:
+        password: "${redis_password}"
+
+    appKey: "${app_key}"
+    appURL: "https://ninja.${domain}"
+    userEmail: "${admin_email}"
+    userPassword: "${password}"
+    mailer: "smtp" # FIXME use "${outgoing_mail_enabled}"
+    # https://github.com/invoiceninja/invoiceninja/blob/v5-stable/config/mail.php#L36
+    extraEnvVars:
+      - name: APP_CIPHER
+        value: AES-256-CBC
+      - name: MAIL_MAILER
+        value: smtp
+      - name: MAIL_HOST
+        value: "${outgoing_mail_smtp_host}"
+      - name: MAIL_PORT
+        value: "${outgoing_mail_smtp_port}"
+      - name: MAIL_USERNAME
+        value: "${outgoing_mail_smtp_user}"
+      - name: MAIL_PASSWORD
+        value: "${outgoing_mail_smtp_password}"
+      - name: MAIL_EHLO_DOMAIN
+        value: "${outgoing_mail_domain}"
+      - name: MAIL_FROM_ADDRESS
+        value: "${outgoing_mail_from_address}"
+      - name: MAIL_FROM_NAME
+        value: "${business_name}"
+
+    # Missing: invoiceninja OpenID Connect Single Sign-On Configuration
+    #    - name: Stackspin
+    #      key: "${client_id}"
+    #      secret: "${client_secret}"
+    #      autoDiscoverUrl: 'https://sso.${domain}/.well-known/openid-configuration'
--- a/basic/apps/people/kustomization.yaml
+++ b/basic/apps/people/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - suitecrm-values-configmap.yaml
+  - suitecrm-release.yaml
--- a/basic/apps/people/suitecrm-release.yaml
+++ b/basic/apps/people/suitecrm-release.yaml
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: suitecrm
+  namespace: stackspout
+spec:
+  releaseName: suitecrm
+  chart:
+    spec:
+      chart: suitecrm
+      version: 11.1.12
+      sourceRef:
+        kind: HelmRepository
+        name: bitnami
+        namespace: flux-system
+  interval: 5m
+  valuesFrom:
+    - kind: ConfigMap
+      name: stackspin-suitecrm-values
+      optional: false
+    # Allow overriding values by ConfigMap or Secret
+    - kind: ConfigMap
+      name: stackspin-suitecrm-override
+      optional: true
+    - kind: Secret
+      name: stackspin-suitecrm-override
+      optional: true
--- a/basic/apps/people/suitecrm-values-configmap.yaml
+++ b/basic/apps/people/suitecrm-values-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: stackspin-suitecrm-values
+  namespace: stackspout
+data:
+  values.yaml: |
+    ingress:
+      enabled: true
+      primary: false
+      hostname: "people.${domain}"
+      tls: true
+      certManager: true
+    suitecrmUsername: "admin"
+    suitecrmEmail: "${admin_email}"
+    suitecrmPassword: "${password}"
+    mariadb:
+      auth:
+        password: "${mariadb_password}"
+        rootPassword: "${mariadb_root_password}"
+    # TODO Adjust OIDC SSO to service
+    #    - name: Stackspin
+    #      key: "${client_id}"
+    #      secret: "${client_secret}"
+    #      customAuthUrl: "https://people.${domain}/login/login"
--- a/basic/apps/time/kimai-release.yaml
+++ b/basic/apps/time/kimai-release.yaml
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: kimai
+  namespace: stackspout
+spec:
+  releaseName: kimai
+  chart:
+    spec:
+      chart: kimai2
+      version: 1.3.0
+      sourceRef:
+        kind: HelmRepository
+        name: robjuz
+        namespace: flux-system
+  interval: 5m
+  valuesFrom:
+    - kind: ConfigMap
+      name: stackspin-kimai-values
+      optional: false
+    # Allow overriding values by ConfigMap or Secret
+    - kind: ConfigMap
+      name: stackspin-kimai-override
+      optional: true
+    - kind: Secret
+      name: stackspin-kimai-override
+      optional: true
--- a/basic/apps/time/kimai-values-configmap.yaml
+++ b/basic/apps/time/kimai-values-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: stackspin-kimai-values
+  namespace: stackspout
+data:
+  values.yaml: |
+    # https://github.com/robjuz/helm-charts/tree/master/charts/kimai2#parameters
+    image:
+      tag: apache-1.21.0-prod
+    kimaiAppSecret: "${secret}"
+    kimaiAdminEmail: "${admin_email}"
+    kimaiAdminPassword: "${password}"
+    kimaiMailerUrl: "smtp://${outgoing_mail_smtp_user}:${outgoing_mail_smtp_password}@${outgoing_mail_smtp_host}?encryption=tls&auth_mode=plain"
+    kimaiMailerFrom: "${outgoing_mail_from_address}"
+    ingress:
+      enabled: true
+      certManager: true
+      tls: true
+      hostname: "time.${domain}"
+    persistence:
+      existingClaim: kimai-data
+    mariadb:
+      auth:
+        password: "${mariadb_password}"
+        rootPassword: "${mariadb_root_password}"
+    #    - name: Stackspin
+    #      key: "${client_id}"
+    #      secret: "${client_secret}"
+    #      autoDiscoverUrl: 'https://sso.${domain}/.well-known/openid-configuration'
--- a/basic/apps/time/kustomization.yaml
+++ b/basic/apps/time/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - kimai-release.yaml
+  - pvc.yaml
+  - kimai-values-configmap.yaml
--- a/basic/apps/time/pvc.yaml
+++ b/basic/apps/time/pvc.yaml
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: kimai-data
+  namespace: stackspout
+  labels:
+    stackspin.net/backupSet: "kimai"
+spec:
+  accessModes:
+    - ReadWriteOnce
+  volumeMode: Filesystem
+  resources:
+    requests:
+      storage: 2Gi
+  storageClassName: local-path
--- a/basic/infrastructure/kustomizations/gitea-kustomization.yaml
+++ b/basic/infrastructure/kustomizations/gitea-kustomization.yaml
+apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
+kind: Kustomization
+metadata:
+  name: gitea
+  namespace: flux-system
+spec:
+  interval: 10m
+  retryInterval: 1m
+  wait: true
+  timeout: 3m
+  dependsOn:
+    - name: single-sign-on
+  sourceRef:
+    kind: GitRepository
+    name: stackspout
+  path: ./basic/apps/code
+  prune: true
+  postBuild:
+    substituteFrom:
+      #- kind: Secret
+      #  name: stackspin-gitea-variables
+      - kind: Secret
+        name: stackspin-gitea-oauth-variables
+      - kind: Secret
+        name: stackspin-cluster-variables
--- a/basic/infrastructure/kustomizations/invoiceninja-customization.yaml
+++ b/basic/infrastructure/kustomizations/invoiceninja-customization.yaml
+apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
+kind: Kustomization
+metadata:
+  name: invoiceninja
+  namespace: flux-system
+spec:
+  interval: 10m
+  retryInterval: 1m
+  wait: true
+  timeout: 3m
+  #dependsOn:
+  #  - name: single-sign-on
+  sourceRef:
+    kind: GitRepository
+    name: stackspout
+  path: ./basic/apps/ninja
+  prune: true
+  postBuild:
+    substituteFrom:
+      - kind: Secret
+        name: stackspin-invoiceninja-variables
+      - kind: Secret
+        name: stackspin-invoiceninja-oauth-variables
+        optional: true
+      - kind: Secret
+        name: stackspin-cluster-variables
+      - kind: ConfigMap
+        name: stackspin-nextcloud-kustomization-variables
--- a/basic/clusters/production/infrastructure-kustomization.yaml
+++ b/basic/clusters/production/infrastructure-kustomization.yaml
 apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
 kind: Kustomization
 metadata:
-  name: example-infrastructure
-  namespace: example-basic
+  name: stackspout-namespace
+  namespace: flux-system
 spec:
-  interval: 24h
+  interval: 10m
+  retryInterval: 1m
  sourceRef:
    kind: GitRepository
-    name: stackspin-flux-example
-  path: ./basic/infrastructure
+    name: stackspout
+  path: ./basic/infrastructure/namespaces
  prune: true
  validation: client
--- a/basic/infrastructure/kustomizations/overrides-kustomization.yaml
+++ b/basic/infrastructure/kustomizations/overrides-kustomization.yaml
+apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
+kind: Kustomization
+metadata:
+  name: stackspout-overrides
+  namespace: flux-system
+spec:
+  interval: 2m
+  sourceRef:
+    kind: GitRepository
+    name: stackspout
+  path: ./basic/overrides
+  prune: true
+  validation: client
+  postBuild:
+    substituteFrom:
+      - kind: Secret
+        name: stackspin-cluster-variables
--- a/basic/clusters/production/apps-kustomization.yaml
+++ b/basic/clusters/production/apps-kustomization.yaml
 apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
 kind: Kustomization
 metadata:
-  name: examle-apps
-  namespace: example-basic
+  name: stackspout-sources
+  namespace: flux-system
 spec:
-  interval: 24h
+  interval: 10m
+  retryInterval: 1m
  sourceRef:
    kind: GitRepository
-    name: stackspin-flux-example
-  path: ./basic/apps
+    name: stackspout
+  path: ./basic/infrastructure/sources
  prune: true
  validation: client
--- a/basic/infrastructure/kustomizations/vikunja-kustomization.yaml
+++ b/basic/infrastructure/kustomizations/vikunja-kustomization.yaml
+
+apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
+kind: Kustomization
+metadata:
+  name: vikunja
+  namespace: flux-system
+spec:
+  interval: 10m
+  retryInterval: 1m
+  wait: true
+  timeout: 3m
+  dependsOn:
+    - name: single-sign-on
+  sourceRef:
+    kind: GitRepository
+    name: stackspout
+  path: ./basic/apps/do
+  prune: true
+  postBuild:
+    substituteFrom:
+      - kind: Secret
+        name: stackspin-vikunja-variables
+      - kind: Secret
+        name: stackspin-vikunja-oauth-variables
+      - kind: Secret
+        name: stackspin-cluster-variables
--- a/basic/infrastructure/kustomizations/vikunja-test-kustomization.yaml
+++ b/basic/infrastructure/kustomizations/vikunja-test-kustomization.yaml
+
+apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
+kind: Kustomization
+metadata:
+  name: vikunja-test
+  namespace: flux-system
+spec:
+  interval: 10m
+  retryInterval: 1m
+  wait: true
+  timeout: 3m
+  dependsOn:
+    - name: single-sign-on
+  sourceRef:
+    kind: GitRepository
+    name: stackspout
+  path: ./basic/apps/do-test
+  prune: true
+  postBuild:
+    substituteFrom:
+      - kind: Secret
+        name: stackspin-vikunja-variables
+      - kind: Secret
+        name: stackspin-vikunja-test-oauth-variables
+      - kind: Secret
+        name: stackspin-cluster-variables
--- a/basic/infrastructure/namespaces/example-basic-namespace.yaml
+++ b/basic/infrastructure/namespaces/example-basic-namespace.yaml
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: example-basic
+  name: stackspout
--- a/basic/infrastructure/sources/podinfo-hr.yaml
+++ b/basic/infrastructure/sources/podinfo-hr.yaml
 apiVersion: source.toolkit.fluxcd.io/v1beta1
 kind: HelmRepository
 metadata:
-  name: podinfo
-  namespace: example-basic
+  name: gitea
+  namespace: flux-system
 spec:
-  interval: 1h
-  url: https://stefanprodan.github.io/podinfo
+  interval: 60m
+  url: https://dl.gitea.io/charts/
--- a/basic/infrastructure/sources/invoiceninja.yaml
+++ b/basic/infrastructure/sources/invoiceninja.yaml
+# For kimai2
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: HelmRepository
+metadata:
+  name: invoiceninja
+  namespace: flux-system
+spec:
+  interval: 60m
+  url: https://invoiceninja.github.io/dockerfiles/
--- a/basic/infrastructure/sources/k8s-at-home.yaml
+++ b/basic/infrastructure/sources/k8s-at-home.yaml
+# For Vikunja
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: HelmRepository
+metadata:
+  name: k8s-at-home
+  namespace: flux-system
+spec:
+  interval: 60m
+  url: https://k8s-at-home.com/charts/
No results found