diff --git a/.envrc b/.envrc index 9a170d3..1905046 100644 --- a/.envrc +++ b/.envrc @@ -1,7 +1,4 @@ use flake -watch_file ./nix/checks.nix -watch_file ./nix/dev-shell.nix - eval "$shellHook" diff --git a/.gitignore b/.gitignore index 92453a8..a8d2188 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,4 @@ charts temp site !base/charts +.pre-commit-config.yaml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 6fc13de..8f46e20 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,47 +1,23 @@ --- -variables: - NIX_VERSION: "latest" - NIX_CONFIG: "experimental-features = nix-command flakes recursive-nix" - default: - image: nixpkgs/nix-unstable:${NIX_VERSION} - timeout: 1 hours + tags: + - nix before_script: - # - nix flake show - # - nix profile install --inputs-from . 'nixpkgs#direnv' - # - direnv hook bash >> ~/.bashrc - # - . ~/.bashrc - # - . /etc/profile - # - env - # - direnv allow - # - direnv status - # - direnv reload - # - cd $(pwd) - - nix profile install --inputs-from . 'nixpkgs#yamllint' - - nix profile install --inputs-from . 'nixpkgs#mdl' - - nix profile install --inputs-from . 'nixpkgs#kubectl' - - nix profile install --inputs-from . 'nixpkgs#kubernetes-helm' - - nix profile install --inputs-from . 'nixpkgs#kustomize' + - nix develop stages: - test - build - - release - - deploy lint.yaml: stage: test script: - yamllint -f auto . -lint.markdown: - stage: test - script: mdl . - -kustomize.dev: - stage: test +lint.kustomize.dev: + stage: build script: kubectl kustomize overlays/dev --enable-helm -kustomize.prod: - stage: test +lint.kustomize.prod: + stage: build script: kubectl kustomize overlays/prod --enable-helm diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml deleted file mode 100644 index 97cb12f..0000000 --- a/.pre-commit-config.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -repos: - - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.3.0 - hooks: - - id: check-added-large-files - - id: check-builtin-literals - - id: check-case-conflict - - id: check-docstring-first - - id: check-json - - id: check-merge-conflict - - id: check-yaml - - id: detect-private-key - - id: double-quote-string-fixer - - id: end-of-file-fixer - - id: trailing-whitespace - - - repo: https://github.com/adrienverge/yamllint - rev: v1.27.1 - hooks: - - id: yamllint - files: '.*(? /dev/null 2>&1& - %: @true diff --git a/README.md b/README.md index 54906c8..cec608c 100644 --- a/README.md +++ b/README.md @@ -1,47 +1,36 @@
- +
-The FabCityOS Integration Repo for Kubernetes ⚓️
- -This Integration repo is designed to be a lightweight way to configure FabCityOS applications. - -**FabCityOS** is an operating system enabling a data-based circular economy via global collaboration and local production. +This Repo is designed to be a lightweight way to configure the Interfacer SWKit applications. Interfacer SWKit is a bundle of Applications to enabling a data-based circular economy via global collaboration and local production. ## Table of Contents - [📖 Documentation](#-documentation) - [🚀 Getting Started](#-getting-started) - [Repository structure](#repository-structure) -- [🤖 Compatibility with FabCityOS](#-compatibility-with-fabcityos) + - [Install kubectl](#install-kubectl) + - [Install helm](#install-helm) - [⚙️ Development Workflow and Contributing](#️-development-workflow-and-contributing) ## 📖 Documentation -- [k3d](https://k3d.io/) - [kubectl](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands) - [kustomize](https://kubectl.docs.kubernetes.io/guides/) - [helm](https://helm.sh/docs/) -- [kubectx](https://kubectx.dev/) -- [kube-linter](https://github.com/stackrox/kube-linter) -- [k9s](https://k9scli.io/) -- [sops](https://github.com/mozilla/sops) - [cert-manager](https://cert-manager.io/docs/)y ## 🚀 Getting Started @@ -53,59 +42,42 @@ First of all, you will need a Kubernetes cluster up and running. If you are not ### Repository structure ```yaml -├── apps # kustomize global applications folder -│ ├── wordpress # kustomize global application folder -│ │ ├── kustomization.yaml # kustomize global application definition -│ │ ├── charts # helm global chart config folder -│ │ └── ... # kustomize global application objects -│ └── ... # kustomize global applications objects -├── base # kustomize global objects folder -│ ├── kustomization.yaml # kustomize global application config -│ └── ... # kustomize global cluster objects -├── overlays # kustomize environment overrides -│ ├── dev # kustomize environment folder -│ │ ├── kustomization.yaml # kustomize environment definition -│ │ └── apps # kustomize applications folder -│ │ └── cert-manager # kustomize application folder -│ │ ├── kustomization.yaml # kustomize application config -│ │ └── ... # kustomize application objects -│ └── ... # kustomize environment folder -├── .envrc # direnv support file -├── default.nix # nixos flake legacy support file -├── flake.lock # nixos flake versions lock file -├── flake.nix # nixos local runtime dependency -├── shell.nix # nixos local development shell +├── base # kustomize global objects folder +│ ├── kustomization.yaml # kustomize global application config +│ └── ... # kustomize global cluster objects +├── apps # kustomize global applications folder +│ ├── gitea # kustomize global application folder +│ │ ├── kustomization.yaml # kustomize global application definition +│ │ ├── charts # helm global chart config folder +│ │ └── ... # kustomize global application objects +│ └── ... # kustomize global applications objects +├── overlays # kustomize environment overrides +│ ├── dev # kustomize environment specific +│ │ ├── kustomization.yaml # kustomize environment definition +│ │ └── cert-manager # kustomize applications folder +│ │ ├── kustomization.yaml # kustomize application config +│ │ └── ... # kustomize application objects +│ └── ... # kustomize environment folder +├── .envrc # direnv support file +└── flake.nix # nix flake for local runtime dependency ``` -### Install kubectl +### Install kubectl `kubectl` is the most commonly used CLI to manage a Kubernetes cluster. The installation instructions are [available here](https://kubernetes.io/docs/tasks/tools/install-kubectl/). -### Deploy FabCityOS +### Install helm -#### Install Kustomize +`helm` is a Command Line Interface which will automate chart management and installation on your Kubernetes cluster. To install Helm, follow the [Helm installation instructions](https://helm.sh/docs/intro/install/). -Kustomize CLI is a Command Line Interface which will automate configuration management on your Kubernetes cluster. To install Kustomize, follow the [Kustomize installation instructions](https://kubectl.docs.kubernetes.io/installation/kustomize/). - -#### Install helm - -Helm CLI is a Command Line Interface which will automate chart management and installation on your Kubernetes cluster. To install Helm, follow the [Helm installation instructions](https://helm.sh/docs/intro/install/). - -#### Deploy FabCityOS +#### Deploy the SWKit ```sh -kubectl kustomize overlays/prod --enable-helm | kubectl apply -f - +git clone https://gitlab.fabcity.hamburg/software/interfacer-swkit.git +cd interfacer-swkit +kubectl kustomize --enable-helm | kubectl apply -f - ``` -## 🤖 Compatibility with FabCityOS - -We recommend that the Helm chart version is aligned to the version of the product you want to deploy. This will ensure that you are using a chart version that has been tested against the corresponding production version. -This will also ensure that the documentation and examples for the chart will work with the version of the product, you are installing. - -For example, if you want to deploy an fcos `0.1.0` cluster, use the corresponding `0.1.0` [tag][fcos-010]. - -The `master` version of these charts is intended to support the latest pre-release versions of our products, and therefore may or may not work with current released versions. - ## ⚙️ Development Workflow and Contributing Any new contribution is more than welcome in this project! diff --git a/base/charts/gitea/kustomization.yaml b/apps/gitea/kustomization.yaml similarity index 64% rename from base/charts/gitea/kustomization.yaml rename to apps/gitea/kustomization.yaml index c9e8456..dfe7bd9 100644 --- a/base/charts/gitea/kustomization.yaml +++ b/apps/gitea/kustomization.yaml @@ -4,8 +4,7 @@ resources: - namespace.yaml helmCharts: - name: gitea - version: v5.0.9 - releaseName: fcos-gitea + version: 6.0.3 + releaseName: interfacer-gitea namespace: gitea repo: https://dl.gitea.io/charts/ - valuesFile: values.yaml diff --git a/base/charts/gitea/namespace.yaml b/apps/gitea/namespace.yaml similarity index 100% rename from base/charts/gitea/namespace.yaml rename to apps/gitea/namespace.yaml diff --git a/base/charts/gitea/values.yaml b/apps/gitea/values.yaml similarity index 78% rename from base/charts/gitea/values.yaml rename to apps/gitea/values.yaml index 1e4e7da..7e89627 100644 --- a/base/charts/gitea/values.yaml +++ b/apps/gitea/values.yaml @@ -4,11 +4,11 @@ service: http: type: ClusterIP port: 3000 - clusterIP: + clusterIP: "" ssh: type: ClusterIP port: 22 - clusterIP: + clusterIP: "" ingress: enabled: true apiVersion: networking.k8s.io/v1 @@ -16,20 +16,20 @@ ingress: kubernetes.io/ingress.class: nginx kubernetes.io/tls-acme: "true" hosts: - - host: code.dev.fabcity-hamburg.de + - host: code.k8s.dev.fabcity-hamburg.de paths: - path: / pathType: Prefix resources: - limits: - cpu: 100m - memory: 128Mi requests: cpu: 100m memory: 128Mi + limits: + cpu: 250m + memory: 256Mi gitea: config: - APP_NAME: "Fab City Codebase" + APP_NAME: "Interfacer Codebase" log: ENABLE_ACCESS_LOG: true metrics: diff --git a/apps/interfacer-core/kustomization.yaml b/apps/interfacer-core/kustomization.yaml new file mode 100644 index 0000000..bd1b3cd --- /dev/null +++ b/apps/interfacer-core/kustomization.yaml @@ -0,0 +1,10 @@ +--- +namespace: interfacer-core +resources: + - namespace.yaml +helmCharts: + - name: fcoscore + version: 0.1.0 + releaseName: interfacer-core + namespace: interfacer-core + repo: https://gitlab.fabcity.hamburg/api/v4/projects/248/packages/helm/alpha diff --git a/base/operators/postgresql/namespace.yaml b/apps/interfacer-core/namespace.yaml similarity index 65% rename from base/operators/postgresql/namespace.yaml rename to apps/interfacer-core/namespace.yaml index c018263..89e6091 100644 --- a/base/operators/postgresql/namespace.yaml +++ b/apps/interfacer-core/namespace.yaml @@ -2,4 +2,4 @@ apiVersion: v1 kind: Namespace metadata: - name: postgresql + name: interfacer-core diff --git a/apps/interfacer-webpresence/deployment.yaml b/apps/interfacer-webpresence/deployment.yaml new file mode 100644 index 0000000..147b06b --- /dev/null +++ b/apps/interfacer-webpresence/deployment.yaml @@ -0,0 +1,27 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: interfacer-webpresence-deployment +spec: + selector: + matchLabels: + app: interfacer-webpresence + replicas: 2 + template: + metadata: + labels: + app: interfacer-webpresence + spec: + containers: + - name: webpresence + image: fabcityhamburg/interfacer-webpresence:latest + ports: + - containerPort: 80 + resources: + requests: + memory: "64Mi" + cpu: "250m" + limits: + memory: "128Mi" + cpu: "500m" diff --git a/apps/interfacer-webpresence/kustomization.yaml b/apps/interfacer-webpresence/kustomization.yaml new file mode 100644 index 0000000..67c151f --- /dev/null +++ b/apps/interfacer-webpresence/kustomization.yaml @@ -0,0 +1,6 @@ +--- +namespace: interfacer-webpresence +resources: + - namespace.yaml + - deployment.yaml + - service.yaml diff --git a/base/apps/keycloak/namespace.yaml b/apps/interfacer-webpresence/namespace.yaml similarity index 59% rename from base/apps/keycloak/namespace.yaml rename to apps/interfacer-webpresence/namespace.yaml index bf1caaf..2b24e65 100644 --- a/base/apps/keycloak/namespace.yaml +++ b/apps/interfacer-webpresence/namespace.yaml @@ -2,4 +2,4 @@ apiVersion: v1 kind: Namespace metadata: - name: keycloak + name: interfacer-webpresence diff --git a/apps/interfacer-webpresence/service.yaml b/apps/interfacer-webpresence/service.yaml new file mode 100644 index 0000000..4567c16 --- /dev/null +++ b/apps/interfacer-webpresence/service.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: interfacer-webpresence +spec: + type: ClusterIP + ports: + - name: http + port: 4141 + targetPort: http + protocol: TCP diff --git a/apps/kustomization.yaml b/apps/kustomization.yaml new file mode 100644 index 0000000..4ce24be --- /dev/null +++ b/apps/kustomization.yaml @@ -0,0 +1,5 @@ +--- +resources: + - gitea + - interfacer-webpresence + - interfacer-core diff --git a/base/apps/cert-manager/letsencrypt.yaml b/base/apps/cert-manager/letsencrypt.yaml deleted file mode 100644 index 1e91c7d..0000000 --- a/base/apps/cert-manager/letsencrypt.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -apiVersion: cert-manager.io/v1 -kind: Issuer -metadata: - name: letsencrypt-acme-staging -spec: - acme: - email: hostmaster@fabcity-hamburg.de - server: https://acme-staging-v02.api.letsencrypt.org/directory - privateKeySecretRef: - name: letsencrypt-acme-key-staging - solvers: - - http01: - ingress: - class: nginx ---- -apiVersion: cert-manager.io/v1 -kind: Issuer -metadata: - name: letsencrypt-acme -spec: - acme: - email: hostmaster@fabcity-hamburg.de - server: https://acme-v02.api.letsencrypt.org/directory - privateKeySecretRef: - name: letsencrypt-acme-key - solvers: - - http01: - ingress: - class: nginx diff --git a/base/apps/keycloak/database.yaml b/base/apps/keycloak/database.yaml deleted file mode 100644 index 2043ca0..0000000 --- a/base/apps/keycloak/database.yaml +++ /dev/null @@ -1,36 +0,0 @@ ---- -apiVersion: postgres-operator.crunchydata.com/v1beta1 -kind: PostgresCluster -metadata: - name: fcos-keycloak-postgresql-cluster -spec: - postgresVersion: 14 - instances: - - replicas: 1 - dataVolumeClaimSpec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: 1Gi - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 1 - podAffinityTerm: - topologyKey: kubernetes.io/hostname - labelSelector: - matchLabels: - postgres-operator.crunchydata.com/cluster: keycloak-db - postgres-operator.crunchydata.com/instance-set: "00" - backups: - pgbackrest: - repos: - - name: repo1 - volume: - volumeClaimSpec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: 1Gi diff --git a/base/apps/keycloak/instance.yaml b/base/apps/keycloak/instance.yaml deleted file mode 100644 index 7484846..0000000 --- a/base/apps/keycloak/instance.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -apiVersion: k8s.keycloak.org/v2alpha1 -kind: Keycloak -metadata: - name: fcos-keycloak -spec: - instances: 1 - hostname: id.dev.fabcity-hamburg.de - serverConfiguration: - - name: db - value: postgres - - name: db-url - secret: - name: fcos-keycloak-postgresql-cluster-pguser-fcos-keycloak-postgresql-cluster - key: jdbc-uri - tlsSecret: tls-keycloak diff --git a/base/apps/keycloak/kustomization.yaml b/base/apps/keycloak/kustomization.yaml deleted file mode 100644 index a63d4bc..0000000 --- a/base/apps/keycloak/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -namespace: keycloak -resources: - - database.yaml - - instance.yaml - - realm.yaml diff --git a/base/apps/kustomization.yaml b/base/apps/kustomization.yaml deleted file mode 100644 index 20e2acb..0000000 --- a/base/apps/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -resources: - - cert-manager - # - keycloak diff --git a/base/cert-manager/kustomization.yaml b/base/cert-manager/kustomization.yaml new file mode 100644 index 0000000..ee8a493 --- /dev/null +++ b/base/cert-manager/kustomization.yaml @@ -0,0 +1,11 @@ +--- +# namespace: cert-manager +resources: + - namespace.yaml +helmCharts: + - name: cert-manager + version: v1.10.1 + releaseName: interfacer-cert-manager + repo: https://charts.jetstack.io + namespace: cert-manager + valuesFile: values.yaml diff --git a/base/operators/cert-manager/namespace.yaml b/base/cert-manager/namespace.yaml similarity index 100% rename from base/operators/cert-manager/namespace.yaml rename to base/cert-manager/namespace.yaml diff --git a/base/cert-manager/values.yaml b/base/cert-manager/values.yaml new file mode 100644 index 0000000..5313695 --- /dev/null +++ b/base/cert-manager/values.yaml @@ -0,0 +1,2 @@ +--- +installCRDs: true diff --git a/base/charts/external-dns/kustomization.yaml b/base/charts/external-dns/kustomization.yaml deleted file mode 100644 index c64c0c9..0000000 --- a/base/charts/external-dns/kustomization.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -namespace: external-dns -resources: - - namespace.yaml -helmCharts: - - name: external-dns - version: 1.11.0 - releaseName: fcos-external-dns - namespace: external-dns - repo: https://kubernetes-sigs.github.io/external-dns/ - valuesFile: values.yaml diff --git a/base/charts/external-dns/namespace.yaml b/base/charts/external-dns/namespace.yaml deleted file mode 100644 index 3e353b5..0000000 --- a/base/charts/external-dns/namespace.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: external-dns diff --git a/base/charts/external-dns/values.yaml b/base/charts/external-dns/values.yaml deleted file mode 100644 index 85c3213..0000000 --- a/base/charts/external-dns/values.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -provider: rfc2136 -extraArgs: - - --rfc2136-host=dns.svc.mesh.sourceindex.de - - --rfc2136-port=53 - - --rfc2136-zone=dev.fabcity-hamburg.de - - --rfc2136-tsig-keyname=k8s - - --rfc2136-tsig-secret=vIGI59apswrajcLTuw3j9xX9/Y/LewNtxJwqXxI3sUEQYvxRjQH7PuVtcEEXu4vr - - --rfc2136-tsig-secret-alg=hmac-sha384 - - --rfc2136-tsig-axfr - - --domain-filter=dev.fabcity-hamburg.de diff --git a/base/charts/kustomization.yaml b/base/charts/kustomization.yaml deleted file mode 100644 index 8d8ab55..0000000 --- a/base/charts/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -resources: - - ingress-nginx - - external-dns - - gitea diff --git a/base/charts/ingress-nginx/kustomization.yaml b/base/ingress-nginx/kustomization.yaml similarity index 77% rename from base/charts/ingress-nginx/kustomization.yaml rename to base/ingress-nginx/kustomization.yaml index a2b4088..94c634a 100644 --- a/base/charts/ingress-nginx/kustomization.yaml +++ b/base/ingress-nginx/kustomization.yaml @@ -4,8 +4,8 @@ resources: - namespace.yaml helmCharts: - name: ingress-nginx - version: 4.2.0 - releaseName: fcos-ingress-nginx + version: 4.4.0 + releaseName: interfacer-ingress-nginx repo: https://kubernetes.github.io/ingress-nginx namespace: ingress-nginx valuesFile: values.yaml diff --git a/base/charts/ingress-nginx/namespace.yaml b/base/ingress-nginx/namespace.yaml similarity index 100% rename from base/charts/ingress-nginx/namespace.yaml rename to base/ingress-nginx/namespace.yaml diff --git a/base/charts/ingress-nginx/values.yaml b/base/ingress-nginx/values.yaml similarity index 100% rename from base/charts/ingress-nginx/values.yaml rename to base/ingress-nginx/values.yaml diff --git a/base/kustomization.yaml b/base/kustomization.yaml index 3e38a5e..7bc9dc0 100644 --- a/base/kustomization.yaml +++ b/base/kustomization.yaml @@ -1,5 +1,4 @@ --- resources: - - operators - - charts - - apps + - cert-manager + # - ingress-nginx diff --git a/base/operators/cert-manager/kustomization.yaml b/base/operators/cert-manager/kustomization.yaml deleted file mode 100644 index 57fdb23..0000000 --- a/base/operators/cert-manager/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -namespace: cert-manager -resources: - - namespace.yaml - - subscription.yaml - - operatorgroup.yaml diff --git a/base/operators/cert-manager/operatorgroup.yaml b/base/operators/cert-manager/operatorgroup.yaml deleted file mode 100644 index 64f0444..0000000 --- a/base/operators/cert-manager/operatorgroup.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: operators.coreos.com/v1 -kind: OperatorGroup -metadata: - name: cert-manager diff --git a/base/operators/cert-manager/subscription.yaml b/base/operators/cert-manager/subscription.yaml deleted file mode 100644 index 826de4b..0000000 --- a/base/operators/cert-manager/subscription.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -apiVersion: operators.coreos.com/v1alpha1 -kind: Subscription -metadata: - name: cert-manager -spec: - name: cert-manager - channel: stable - source: operatorhubio-catalog - sourceNamespace: olm - installPlanApproval: Automatic diff --git a/base/operators/keycloak/kustomization.yaml b/base/operators/keycloak/kustomization.yaml deleted file mode 100644 index 29b0254..0000000 --- a/base/operators/keycloak/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -namespace: keycloak -resources: - - namespace.yaml - - subscription.yaml - - operatorgroup.yaml diff --git a/base/operators/keycloak/namespace.yaml b/base/operators/keycloak/namespace.yaml deleted file mode 100644 index bf1caaf..0000000 --- a/base/operators/keycloak/namespace.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: keycloak diff --git a/base/operators/keycloak/operatorgroup.yaml b/base/operators/keycloak/operatorgroup.yaml deleted file mode 100644 index 5fb477c..0000000 --- a/base/operators/keycloak/operatorgroup.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -apiVersion: operators.coreos.com/v1 -kind: OperatorGroup -metadata: - name: keycloak -spec: - targetNamespaces: - - keycloak diff --git a/base/operators/keycloak/subscription.yaml b/base/operators/keycloak/subscription.yaml deleted file mode 100644 index f40ede8..0000000 --- a/base/operators/keycloak/subscription.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -apiVersion: operators.coreos.com/v1alpha1 -kind: Subscription -metadata: - name: keycloak -spec: - name: keycloak-operator - channel: candidate - source: operatorhubio-catalog - sourceNamespace: olm - installPlanApproval: Automatic diff --git a/base/operators/kustomization.yaml b/base/operators/kustomization.yaml deleted file mode 100644 index 75f3cd8..0000000 --- a/base/operators/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -resources: - - cert-manager - - postgresql - - keycloak diff --git a/base/operators/postgresql/kustomization.yaml b/base/operators/postgresql/kustomization.yaml deleted file mode 100644 index 3cb9700..0000000 --- a/base/operators/postgresql/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -namespace: postgresql -resources: - - namespace.yaml - - subscription.yaml - - operatorgroup.yaml diff --git a/base/operators/postgresql/operatorgroup.yaml b/base/operators/postgresql/operatorgroup.yaml deleted file mode 100644 index 5c3c25c..0000000 --- a/base/operators/postgresql/operatorgroup.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -apiVersion: operators.coreos.com/v1 -kind: OperatorGroup -metadata: - name: postgresql -spec: - targetNamespaces: - - keycloak diff --git a/base/operators/postgresql/subscription.yaml b/base/operators/postgresql/subscription.yaml deleted file mode 100644 index f5a5546..0000000 --- a/base/operators/postgresql/subscription.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -apiVersion: operators.coreos.com/v1alpha1 -kind: Subscription -metadata: - name: postgresql -spec: - name: postgresql - channel: v5 - source: operatorhubio-catalog - sourceNamespace: olm - installPlanApproval: Automatic diff --git a/default.nix b/default.nix deleted file mode 100644 index 80aeb43..0000000 --- a/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -(import (let lock = builtins.fromJSON (builtins.readFile ./flake.lock); -in fetchTarball { - url = - "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz"; - sha256 = lock.nodes.flake-compat.locked.narHash; -}) { src = ./.; }).defaultNix diff --git a/docs/applications/gitea.md b/docs/applications/gitea.md deleted file mode 100644 index 344e171..0000000 --- a/docs/applications/gitea.md +++ /dev/null @@ -1,7 +0,0 @@ -# Gitea - -*- -
- -The FabCityOS Integration Repo for Kubernetes ⚓️
- -This Integration repo is designed to be a lightweight way to configure FabCityOS applications. - -**FabCityOS** is an operating system enabling a data-based circular economy via global collaboration and local production. - -## Table of Contents - -- [📖 Documentation](#-documentation) -- [🚀 Getting Started](#-getting-started) - - [Repository structure](#repository-structure) -- [🤖 Compatibility with FabCityOS](#-compatibility-with-fabcityos) -- [⚙️ Development Workflow and Contributing](#️-development-workflow-and-contributing) - -## 📖 Documentation - -- [k3d](https://k3d.io/) -- [kubectl](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands) -- [kustomize](https://kubectl.docs.kubernetes.io/guides/) -- [helm](https://helm.sh/docs/) -- [kubectx](https://kubectx.dev/) -- [kube-linter](https://github.com/stackrox/kube-linter) -- [k9s](https://k9scli.io/) -- [sops](https://github.com/mozilla/sops) -- [cert-manager](https://cert-manager.io/docs/)y - -## 🚀 Getting Started - -Kubernetes (K8s), is an open-source system for automating deployment, scaling, and management of containerized applications. You can run a FabCityOS Core instance inside your Kubernetes cluster, either if you want to expose it to the outside world or just let some other applications use it inside your cluster and take advantage of the instant and powerful search engine. - -First of all, you will need a Kubernetes cluster up and running. If you are not familiar with how Kuberentes works or need some help with this step, please check the [Kubernetes documentation](https://kubernetes.io/docs/home/). - -### Repository structure - -```yaml -├── apps # kustomize global applications folder -│ ├── wordpress # kustomize global application folder -│ │ ├── kustomization.yaml # kustomize global application definition -│ │ ├── charts # helm global chart config folder -│ │ └── ... # kustomize global application objects -│ └── ... # kustomize global applications objects -├── base # kustomize global objects folder -│ ├── kustomization.yaml # kustomize global application config -│ └── ... # kustomize global cluster objects -├── overlays # kustomize environment overrides -│ ├── dev # kustomize environment folder -│ │ ├── kustomization.yaml # kustomize environment definition -│ │ └── apps # kustomize applications folder -│ │ └── cert-manager # kustomize application folder -│ │ ├── kustomization.yaml # kustomize application config -│ │ └── ... # kustomize application objects -│ └── ... # kustomize environment folder -├── .envrc # direnv support file -├── default.nix # nixos flake legacy support file -├── flake.lock # nixos flake versions lock file -├── flake.nix # nixos local runtime dependency -├── shell.nix # nixos local development shell -``` - -### Install kubectl - -`kubectl` is the most commonly used CLI to manage a Kubernetes cluster. The installation instructions are [available here](https://kubernetes.io/docs/tasks/tools/install-kubectl/). - -### Deploy FabCityOS - -#### Install Kustomize - -Kustomize CLI is a Command Line Interface which will automate configuration management on your Kubernetes cluster. To install Kustomize, follow the [Kustomize installation instructions](https://kubectl.docs.kubernetes.io/installation/kustomize/). - -#### Install helm - -Helm CLI is a Command Line Interface which will automate chart management and installation on your Kubernetes cluster. To install Helm, follow the [Helm installation instructions](https://helm.sh/docs/intro/install/). - -#### Deploy FabCityOS - -```sh -kubectl kustomize overlays/prod --enable-helm | kubectl apply -f - -``` - -## 🤖 Compatibility with FabCityOS - -We recommend that the Helm chart version is aligned to the version of the product you want to deploy. This will ensure that you are using a chart version that has been tested against the corresponding production version. -This will also ensure that the documentation and examples for the chart will work with the version of the product, you are installing. - -For example, if you want to deploy an fcos `0.1.0` cluster, use the corresponding `0.1.0` [tag][fcos-010]. - -The `master` version of these charts is intended to support the latest pre-release versions of our products, and therefore may or may not work with current released versions. - -## ⚙️ Development Workflow and Contributing - -Any new contribution is more than welcome in this project! - -If you want to know more about the development workflow or want to contribute, please visit our [contributing guidelines](/CONTRIBUTING.md) for detailed instructions! diff --git a/flake.lock b/flake.lock index d589634..ea83da4 100644 --- a/flake.lock +++ b/flake.lock @@ -3,11 +3,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1650374568, - "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", "owner": "edolstra", "repo": "flake-compat", - "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", "type": "github" }, "original": { @@ -18,11 +18,11 @@ }, "flake-utils": { "locked": { - "lastModified": 1656928814, - "narHash": "sha256-RIFfgBuKz6Hp89yRr7+NR5tzIAbn52h8vT6vXkYjZoM=", + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", "owner": "numtide", "repo": "flake-utils", - "rev": "7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", "type": "github" }, "original": { @@ -31,27 +31,117 @@ "type": "github" } }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1660459072, + "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "nixpkgs": { "locked": { - "lastModified": 1657425264, - "narHash": "sha256-3aHvoI2e8vJKw3hvnHECaBpSsL5mxVsVtaLCnTdNcH8=", + "lastModified": 1669542132, + "narHash": "sha256-DRlg++NJAwPh8io3ExBJdNW7Djs3plVI5jgYQ+iXAZQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "de5b3dd17034e6106e75746e81618e5bd408de8a", + "rev": "a115bb9bd56831941be3776c8a94005867f316a7", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable-small", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1668984258, + "narHash": "sha256-0gDMJ2T3qf58xgcSbYoXiRGUkPWmKyr5C3vcathWhKs=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "cf63ade6f74bbc9d2a017290f1b2e33e8fbfa70a", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-22.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1668994630, + "narHash": "sha256-1lqx6HLyw6fMNX/hXrrETG1vMvZRGm2XVC9O/Jt0T6c=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "af50806f7c6ab40df3e6b239099e8f8385f6c78b", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "pre-commit-hooks": { + "inputs": { + "flake-compat": "flake-compat", + "flake-utils": "flake-utils", + "gitignore": "gitignore", + "nixpkgs": "nixpkgs_2", + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1669152228, + "narHash": "sha256-FEDReoTLWJHXcNso7aaAlAUU7uOqIR6Hc/C/nqlfooE=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "078b0dee35e2da01334af682ec347463b70a9986", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, "root": { "inputs": { - "flake-compat": "flake-compat", - "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs" + "nixpkgs": "nixpkgs", + "pre-commit-hooks": "pre-commit-hooks", + "utils": "utils" + } + }, + "utils": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" } } }, diff --git a/flake.nix b/flake.nix index 5fc8461..2c21ce5 100644 --- a/flake.nix +++ b/flake.nix @@ -1,22 +1,96 @@ { - description = "SRX frugal bioreactor"; + description = "Interfacer SWKit"; inputs = { - nixpkgs = { url = "github:NixOS/nixpkgs/nixos-unstable-small"; }; - flake-compat = { - url = "github:edolstra/flake-compat"; - flake = false; - }; - flake-utils.url = "github:numtide/flake-utils"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + utils.url = "github:numtide/flake-utils"; + pre-commit-hooks.url = "github:cachix/pre-commit-hooks.nix"; }; - outputs = { self, nixpkgs, flake-utils, ... }@inputs: - flake-utils.lib.eachSystem [ "x86_64-linux" ] (system: - let - pkgs = import nixpkgs { - inherit system; - config = { - allowUnfree = true; - allowBroken = true; + outputs = { + self, + nixpkgs, + pre-commit-hooks, + utils, + ... + }: + utils.lib.eachDefaultSystem ( + system: let + pkgs = nixpkgs.legacyPackages.${system}; + in { + checks = { + pre-commit-check = pre-commit-hooks.lib.${system}.run { + src = utils.lib.cleanSource ./.; + hooks = { + alejandra.enable = true; + nix-linter.enable = true; + statix .enable = true; + }; + settings.nix-linter.checks = [ + "DIYInherit" + "EmptyInherit" + "EmptyLet" + "EtaReduce" + "LetInInheritRecset" + "ListLiteralConcat" + "NegateAtom" + "SequentialLet" + "SetLiteralUpdate" + "UnfortunateArgName" + "UnneededRec" + "UnusedArg" + "UnusedLetBind" + "UpdateEmptySet" + "BetaReduction" + "EmptyVariadicParamSet" + "UnneededAntiquote" + "no-FreeLetInFunc" + "no-AlphabeticalArgs" + "no-AlphabeticalBindings" + ]; }; }; - in { devShells.default = import ./shell.nix { inherit pkgs; }; }); + devShell = with pkgs; + mkShell { + name = "interfacer.swkit"; + nativeBuildInputs = with pkgs; [ + alejandra + cmctl + conftest + docker + dotenv-linter + editorconfig-checker + git + gnumake + k9s + kube3d + kubeconform + kubectl + kubectx + kubernetes-helm + kubeval + kubeval-schema + kustomize + mdl + mdsh + nix-linter + pre-commit + rnix-lsp + vscodium-fhs + yaml-language-server + yamllint + yq + ]; + + postInstall = '' + . <(helm completion $(basename $SHELL)) + . <(k3d completion $(basename $SHELL)) + . <(kubectl completion $(basename $SHELL)) + . <(ct completion $(basename $SHELL)) + ''; + + shellHook = '' + ${self.checks.${system}.pre-commit-check.shellHook} + ''; + }; + } + ); } diff --git a/ci/k3d-fcos-dev.yaml b/k3s-dev.yaml similarity index 93% rename from ci/k3d-fcos-dev.yaml rename to k3s-dev.yaml index 217e304..bfbaab5 100644 --- a/ci/k3d-fcos-dev.yaml +++ b/k3s-dev.yaml @@ -1,7 +1,7 @@ --- apiVersion: k3d.io/v1alpha4 kind: Simple -image: docker.io/rancher/k3s:v1.23.8-k3s1 +image: docker.io/rancher/k3s:v1.23.14-k3s1 servers: 1 agents: 2 ports: diff --git a/mkdocs.yml b/mkdocs.yml deleted file mode 100644 index 8d23747..0000000 --- a/mkdocs.yml +++ /dev/null @@ -1,34 +0,0 @@ -site_name: Fab City OS -site_description: A Kubernetes environment to rollout the Fab City OS Core and Software Kit. -site_author: Fab City Hamburg e. V. -site_url: https://fabcityos.fabcity.hamburg/ -repo_url: https://gitlab.fabcity.hamburg/software/fabcity-os-integration/ -copyright: © 2022 INTERFACER, All rights reserved.. -theme: - name: material - locale: en - logo: assets/fc_logo.svg - favicon: assets/fc_logo.ico -nav: - - Home: index.md - - Getting started: getting-started.md - - Application: - - Keycloak: applications/keycloak.md - - Gitea: applications/gitea.md - - Development: - - Contributing: development/contributing.md -markdown_extensions: - - attr_list - - md_in_html - - tables - - toc - - pymdownx.highlight: - anchor_linenums: true - - pymdownx.inlinehilite - - pymdownx.snippets - - pymdownx.superfences -plugins: - - search -extra: - generator: false - homepage: https://www.interfacerproject.eu/ diff --git a/overlays/dev/cert-manager/kustomization.yaml b/overlays/dev/cert-manager/kustomization.yaml index 48fc7aa..c519dfe 100644 --- a/overlays/dev/cert-manager/kustomization.yaml +++ b/overlays/dev/cert-manager/kustomization.yaml @@ -1,4 +1,4 @@ --- namespace: cert-manager resources: - - selfsigned.yaml + - letsencrypt.yaml diff --git a/overlays/dev/cert-manager/letsencrypt.yaml b/overlays/dev/cert-manager/letsencrypt.yaml new file mode 100644 index 0000000..8817a23 --- /dev/null +++ b/overlays/dev/cert-manager/letsencrypt.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: letsencrypt +spec: + acme: + email: hostmaster@fabcity-hamburg.de + server: https://acme-staging-v02.api.letsencrypt.org/directory + privateKeySecretRef: + name: letsencrypt-key + solvers: + - http01: + ingress: + class: nginx diff --git a/overlays/dev/cert-manager/selfsigned.yaml b/overlays/dev/cert-manager/selfsigned.yaml deleted file mode 100644 index 62be889..0000000 --- a/overlays/dev/cert-manager/selfsigned.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: selfsigned-issuer -spec: - selfSigned: {} ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: selfsigned-issuer -spec: - isCA: true - duration: 8760h - secretName: tls-selfsigned-issuer - commonName: selfsigned-issuer - subject: - organizations: - - k8s-local-dev - issuerRef: - name: selfsigned-issuer - kind: ClusterIssuer - group: cert-manager.io diff --git a/overlays/dev/gitea/ingress.yaml b/overlays/dev/gitea/ingress.yaml new file mode 100644 index 0000000..095111d --- /dev/null +++ b/overlays/dev/gitea/ingress.yaml @@ -0,0 +1,22 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: gitea + annotations: + kubernetes.io/ingress.class: nginx + cert-manager.io/cluster-issuer: letsencrypt +spec: + rules: + - http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: gitea + port: + name: http + tls: + - hosts: + - code.k8s.dev.fabcity-hamburg.de diff --git a/overlays/dev/gitea/kustomization.yaml b/overlays/dev/gitea/kustomization.yaml new file mode 100644 index 0000000..90bcea2 --- /dev/null +++ b/overlays/dev/gitea/kustomization.yaml @@ -0,0 +1,24 @@ +--- +namespace: gitea +# patches: +# - target: +# kind: Ingress +# group: networking.k8s.io +# version: v1 +# labelSelector: "app=gitea" +# patch: |- +# - op: replace +# path: /spec/rules +# value: +# - host: code.k8s.dev.fabcity-hamburg.de +# http: +# paths: +# - path: / +# pathType: Prefix + +# - op: replace +# path: /spec/tls +# value: +# - secretName: gitea-tls +# hosts: +# - code.k8s.dev.fabcity-hamburg.de diff --git a/overlays/dev/keycloak/certificate.yaml b/overlays/dev/keycloak/certificate.yaml deleted file mode 100644 index f182e71..0000000 --- a/overlays/dev/keycloak/certificate.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: tls-keycloak - labels: - app: keycloak -spec: - secretName: tls-keycloak - isCA: false - privateKey: - algorithm: RSA - encoding: PKCS1 - size: 2048 - rotationPolicy: Always - subject: - organizations: - - keycloak - duration: 2160h - renewBefore: 360h - issuerRef: - name: selfsigned-issuer - kind: ClusterIssuer - commonName: "id.dev.fabcity-hamburg.de" - dnsNames: - - "id.dev.fabcity-hamburg.de" diff --git a/overlays/dev/keycloak/kustomization.yaml b/overlays/dev/keycloak/kustomization.yaml deleted file mode 100644 index b6b09cb..0000000 --- a/overlays/dev/keycloak/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -namespace: keycloak -resources: - - certificate.yaml diff --git a/overlays/dev/kustomization.yaml b/overlays/dev/kustomization.yaml index 7ede3eb..d7fd0e9 100644 --- a/overlays/dev/kustomization.yaml +++ b/overlays/dev/kustomization.yaml @@ -1,5 +1,6 @@ --- resources: - ../../base + - ../../apps - cert-manager - - keycloak + - gitea diff --git a/base/apps/cert-manager/kustomization.yaml b/overlays/prod/cert-manager/kustomization.yaml similarity index 100% rename from base/apps/cert-manager/kustomization.yaml rename to overlays/prod/cert-manager/kustomization.yaml diff --git a/overlays/prod/cert-manager/letsencrypt.yaml b/overlays/prod/cert-manager/letsencrypt.yaml new file mode 100644 index 0000000..895a9ec --- /dev/null +++ b/overlays/prod/cert-manager/letsencrypt.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: letsencrypt +spec: + acme: + email: hostmaster@fabcity-hamburg.de + server: https://acme-v02.api.letsencrypt.org/directory + privateKeySecretRef: + name: letsencrypt-key + solvers: + - http01: + ingress: + class: nginx diff --git a/overlays/prod/gitea/kustomization.yaml b/overlays/prod/gitea/kustomization.yaml deleted file mode 100644 index 97fc0ca..0000000 --- a/overlays/prod/gitea/kustomization.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -namespace: gitea -patches: - - target: - kind: Ingress - group: networking.k8s.io - version: v1 - labelSelector: "app=gitea" - patch: |- - - op: replace - path: /spec/rules - value: - - host: code.fabcity-hamburg.de - http: - paths: - - path: / - pathType: Prefix - - - op: replace - path: /spec/tls - value: - - secretName: gitea-tls - hosts: - - code.fabcity-hamburg.de diff --git a/overlays/prod/interfacer-webpresence/ingress.yaml b/overlays/prod/interfacer-webpresence/ingress.yaml new file mode 100644 index 0000000..56b05b2 --- /dev/null +++ b/overlays/prod/interfacer-webpresence/ingress.yaml @@ -0,0 +1,22 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: interfacer-webpresence + annotations: + kubernetes.io/ingress.class: nginx + cert-manager.io/cluster-issuer: letsencrypt +spec: + rules: + - http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: interfacer-webpresence + port: + name: http + tls: + - hosts: + - www.k8s.dev.fabcity-hamburg.de diff --git a/overlays/prod/interfacer-webpresence/kustomization.yaml b/overlays/prod/interfacer-webpresence/kustomization.yaml new file mode 100644 index 0000000..73ba776 --- /dev/null +++ b/overlays/prod/interfacer-webpresence/kustomization.yaml @@ -0,0 +1,3 @@ +--- +resources: + - ingress.yaml diff --git a/overlays/prod/keycloak/kustomization.yaml b/overlays/prod/keycloak/kustomization.yaml deleted file mode 100644 index dbe9364..0000000 --- a/overlays/prod/keycloak/kustomization.yaml +++ /dev/null @@ -1,44 +0,0 @@ ---- -namespace: keycloak -patches: - - target: - kind: PostgresCluster - group: postgres-operator.crunchydata.com - version: v1beta1 - patch: |- - - op: replace - path: /spec/instances - value: - - replicas: 2 - dataVolumeClaimSpec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: 1Gi - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 1 - podAffinityTerm: - topologyKey: kubernetes.io/hostname - labelSelector: - matchLabels: - postgres-operator.crunchydata.com/cluster: keycloak-db - postgres-operator.crunchydata.com/instance-set: "00" - - target: - kind: Keycloak - group: k8s.keycloak.org - version: v2alpha1 - patch: |- - - op: replace - path: /spec/instances - value: 2 - - target: - kind: Keycloak - group: k8s.keycloak.org - version: v2alpha1 - patch: |- - - op: replace - path: /spec/hostname - value: id.fabcity-hamburg.de diff --git a/overlays/prod/kustomization.yaml b/overlays/prod/kustomization.yaml index b0817ac..5d5093a 100644 --- a/overlays/prod/kustomization.yaml +++ b/overlays/prod/kustomization.yaml @@ -1,17 +1,6 @@ --- resources: - ../../base - - keycloak - - gitea -patches: - - target: - kind: Ingress - group: networking.k8s.io - version: v1 - patch: |- - - op: replace - path: /metadata/annotations - value: - kubernetes.io/ingress.class: "nginx" - kubernetes.io/tls-acme: "true" - cert-manager.io/cluster-issuer: "letsencrypt-acme + - ../../apps + - cert-manager + - interfacer-webpresence diff --git a/shell.nix b/shell.nix deleted file mode 100644 index 396101d..0000000 --- a/shell.nix +++ /dev/null @@ -1,54 +0,0 @@ -{ pkgs ? import