From 79bcb47ca7bdd7b87a76870b4b22d2218ec48ea8 Mon Sep 17 00:00:00 2001 From: Sebastian Wendel Date: Sat, 30 Jul 2022 21:05:32 +0200 Subject: [PATCH] refactored project structure --- base/apps/kustomization.yaml | 4 ++++ .../ingress-nginx/kustomization.yaml | 15 +++++++------ .../{ => charts}/ingress-nginx/namespace.yaml | 0 base/charts/ingress-nginx/values.yaml | 22 +++++++++++++++++++ base/charts/kustomization.yaml | 4 ++++ base/ingress-nginx/configmap.yaml | 9 -------- base/kustomization.yaml | 7 +++--- base/operators/kustomization.yaml | 5 +++++ overlays/dev/kustomization.yaml | 15 ++----------- overlays/prod/kustomization.yaml | 12 +++++----- 10 files changed, 53 insertions(+), 40 deletions(-) create mode 100644 base/apps/kustomization.yaml rename base/{ => charts}/ingress-nginx/kustomization.yaml (79%) rename base/{ => charts}/ingress-nginx/namespace.yaml (100%) create mode 100644 base/charts/ingress-nginx/values.yaml create mode 100644 base/charts/kustomization.yaml delete mode 100644 base/ingress-nginx/configmap.yaml create mode 100644 base/operators/kustomization.yaml diff --git a/base/apps/kustomization.yaml b/base/apps/kustomization.yaml new file mode 100644 index 0000000..40d36ba --- /dev/null +++ b/base/apps/kustomization.yaml @@ -0,0 +1,4 @@ +--- +resources: + - cert-manager + - keycloak diff --git a/base/ingress-nginx/kustomization.yaml b/base/charts/ingress-nginx/kustomization.yaml similarity index 79% rename from base/ingress-nginx/kustomization.yaml rename to base/charts/ingress-nginx/kustomization.yaml index 0211b70..a2b4088 100644 --- a/base/ingress-nginx/kustomization.yaml +++ b/base/charts/ingress-nginx/kustomization.yaml @@ -1,10 +1,11 @@ --- -helmCharts: - - name: ingress-nginx - repo: https://kubernetes.github.io/ingress-nginx - namespace: ingress-nginx - version: 4.2.0 - releaseName: fcos-ingress-nginx +namespace: ingress-nginx resources: - namespace.yaml - # - configmap.yaml +helmCharts: + - name: ingress-nginx + version: 4.2.0 + releaseName: fcos-ingress-nginx + repo: https://kubernetes.github.io/ingress-nginx + namespace: ingress-nginx + valuesFile: values.yaml diff --git a/base/ingress-nginx/namespace.yaml b/base/charts/ingress-nginx/namespace.yaml similarity index 100% rename from base/ingress-nginx/namespace.yaml rename to base/charts/ingress-nginx/namespace.yaml diff --git a/base/charts/ingress-nginx/values.yaml b/base/charts/ingress-nginx/values.yaml new file mode 100644 index 0000000..997b560 --- /dev/null +++ b/base/charts/ingress-nginx/values.yaml @@ -0,0 +1,22 @@ +--- +controller: + ingressClassResource: + default: true + watchIngressWithoutClass: true + service: + ipFamilyPolicy: PreferDualStack + ipFamilies: + - IPv4 + - IPv6 + metrics: + enabled: true + service: + annotations: + prometheus.io/port: 10254 + prometheus.io/scrape: true + config: + enable-ocsp: true + enable-brotli: true + enable-real-ip: true + enable-modsecurity: true + enable-owasp-modsecurity-crs: true diff --git a/base/charts/kustomization.yaml b/base/charts/kustomization.yaml new file mode 100644 index 0000000..41be811 --- /dev/null +++ b/base/charts/kustomization.yaml @@ -0,0 +1,4 @@ +--- +resources: + - ingress-nginx + - gitea diff --git a/base/ingress-nginx/configmap.yaml b/base/ingress-nginx/configmap.yaml deleted file mode 100644 index e5d4534..0000000 --- a/base/ingress-nginx/configmap.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: ingress-nginx-controller - namespace: ingress-nginx -data: - hsts-preload: "true" - enable-brotli: "true" diff --git a/base/kustomization.yaml b/base/kustomization.yaml index 76fcec7..3e38a5e 100644 --- a/base/kustomization.yaml +++ b/base/kustomization.yaml @@ -1,6 +1,5 @@ --- resources: - - ./ingress-nginx - - ./cert-manager - - ../apps/keycloak - - ../apps/gitea + - operators + - charts + - apps diff --git a/base/operators/kustomization.yaml b/base/operators/kustomization.yaml new file mode 100644 index 0000000..75f3cd8 --- /dev/null +++ b/base/operators/kustomization.yaml @@ -0,0 +1,5 @@ +--- +resources: + - cert-manager + - postgresql + - keycloak diff --git a/overlays/dev/kustomization.yaml b/overlays/dev/kustomization.yaml index c39e8de..7ede3eb 100644 --- a/overlays/dev/kustomization.yaml +++ b/overlays/dev/kustomization.yaml @@ -1,16 +1,5 @@ --- resources: - ../../base -patches: - - target: - kind: Ingress - group: networking.k8s.io - version: v1 - patch: |- - - op: replace - path: /metadata/annotations - value: - kubernetes.io/ingress.class: nginx - nginx.ingress.kubernetes.io/rewrite-target: / - nginx.ingress.kubernetes.io/ssl-redirect: "false" - nginx.ingress.kubernetes.io/force-ssl-redirect: "false" + - cert-manager + - keycloak diff --git a/overlays/prod/kustomization.yaml b/overlays/prod/kustomization.yaml index 08ae2ea..b0817ac 100644 --- a/overlays/prod/kustomization.yaml +++ b/overlays/prod/kustomization.yaml @@ -1,9 +1,8 @@ --- resources: - ../../base - - ./apps/cert-manager - - ./apps/keycloak - - ./apps/gitea + - keycloak + - gitea patches: - target: kind: Ingress @@ -13,7 +12,6 @@ patches: - op: replace path: /metadata/annotations value: - kubernetes.io/ingress.class: nginx - kubernetes.io/tls-acme: 'true' - cert-manager.io/cluster-issuer: letsencrypt-acme-staging-v02 - cert-manager.io/cluster-issuer: letsencrypt-acme-v02 + kubernetes.io/ingress.class: "nginx" + kubernetes.io/tls-acme: "true" + cert-manager.io/cluster-issuer: "letsencrypt-acme