alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 8 Actions Packages Projects Releases Wiki Activity

migration to next

Browse Source
This commit is contained in:
Alex Lebens
2025-03-02 16:56:16 -06:00
parent 1693ecd0ae
commit 9fe661cf24
342 changed files with 166 additions and 159 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
clusters/cl01tl/deployment/argocd/Chart.yaml Normal file
View File

@@ -0,0 +1,21 @@
apiVersion: v2
name: argocd
version: 1.0.0
description: Argo CD
keywords:
- argo-cd
- delivery
- deployment
- gitops
home: https://wiki.alexlebens.dev/doc/argocd-hsBKD1tztr
sources:
- https://github.com/argoproj/argo-cd
- https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd
maintainers:
- name: alexlebens
dependencies:
- name: argo-cd
version: 7.8.7
repository: https://argoproj.github.io/argo-helm
icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/argocd.png
appVersion: v2.13.2

70
clusters/cl01tl/deployment/argocd/templates/external-secret.yaml Normal file
View File

@@ -0,0 +1,70 @@
# apiVersion: external-secrets.io/v1beta1
# kind: ExternalSecret
# metadata:
# name: argocd-oidc-secret
# namespace: {{ .Release.Namespace }}
# labels:
# app.kubernetes.io/name: argocd-oidc-secret
# app.kubernetes.io/instance: {{ .Release.Name }}
# app.kubernetes.io/version: {{ .Chart.AppVersion }}
# app.kubernetes.io/component: server
# app.kubernetes.io/part-of: argocd
# spec:
# secretStoreRef:
# kind: ClusterSecretStore
# name: vault
# data:
# - secretKey: secret
# remoteRef:
# conversionStrategy: Default
# decodingStrategy: None
# key: /authentik/oidc/argocd
# metadataPolicy: None
# property: secret
# - secretKey: client
# remoteRef:
# conversionStrategy: Default
# decodingStrategy: None
# key: /authentik/oidc/argocd
# metadataPolicy: None
# property: client
# ---
# apiVersion: external-secrets.io/v1beta1
# kind: ExternalSecret
# metadata:
# name: argocd-gitea-repo-infrastructure-secret
# namespace: {{ .Release.Namespace }}
# labels:
# app.kubernetes.io/name: argocd-gitea-repo-infrastructure-secret
# app.kubernetes.io/instance: {{ .Release.Name }}
# app.kubernetes.io/version: {{ .Chart.AppVersion }}
# app.kubernetes.io/component: repo
# app.kubernetes.io/part-of: argocd
# argocd.argoproj.io/secret-type: repository
# spec:
# secretStoreRef:
# kind: ClusterSecretStore
# name: vault
# data:
# - secretKey: type
# remoteRef:
# conversionStrategy: Default
# decodingStrategy: None
# key: /cl01tl/argocd/credentials/repo/infrastructure
# metadataPolicy: None
# property: type
# - secretKey: url
# remoteRef:
# conversionStrategy: Default
# decodingStrategy: None
# key: /cl01tl/argocd/credentials/repo/infrastructure
# metadataPolicy: None
# property: url
# - secretKey: sshPrivateKey
# remoteRef:
# conversionStrategy: Default
# decodingStrategy: None
# key: /cl01tl/argocd/credentials/repo/infrastructure
# metadataPolicy: None
# property: sshPrivateKey

27
clusters/cl01tl/deployment/argocd/templates/ingress.yaml Normal file
View File

@@ -0,0 +1,27 @@
# apiVersion: networking.k8s.io/v1
# kind: Ingress
# metadata:
# name: argocd-tailscale
# namespace: {{ .Release.Namespace }}
# labels:
# app.kubernetes.io/name: argocd-tailscale
# app.kubernetes.io/instance: {{ .Release.Name }}
# app.kubernetes.io/version: {{ .Chart.AppVersion }}
# app.kubernetes.io/component: web
# app.kubernetes.io/part-of: {{ .Release.Name }}
# spec:
# ingressClassName: tailscale
# tls:
# - hosts:
# - argocd-cl01tl
# rules:
# - host: argocd-cl01tl
# http:
# paths:
# - path: /
# pathType: Prefix
# backend:
# service:
# name: argocd-server
# port:
# number: 80

76
clusters/cl01tl/deployment/argocd/values.yaml Normal file
View File

@@ -0,0 +1,76 @@
argo-cd:
crds:
install: true
configs:
cm:
admin.enabled: true
resource.customizations.ignoreDifferences.apps_Deployment: |
jqPathExpressions:
- '.spec.template.spec.hostUsers'
resource.customizations.ignoreDifferences.batch_CronJob: |
jqPathExpressions:
- '.spec.jobTemplate.spec.template.spec.hostUsers'
resource.customizations.ignoreDifferences.batch_Job: |
jqPathExpressions:
- '.spec.template.spec.hostUsers'
timeout.reconciliation: 100s
timeout.reconciliation.jitter: 60s
url: https://argocd.alexlebens.net
statusbadge.enabled: true
# dex.config: |
# connectors:
# - config:
# issuer: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/argocd/
# clientID: $argocd-oidc-secret:client
# clientSecret: $argocd-oidc-secret:secret
# insecureEnableGroups: true
# scopes:
# - openid
# - profile
# - email
# name: authentik
# type: oidc
# id: authentik
rbac:
policy.csv: |
g, ArgoCD Admins, role:admin
params:
server.insecure: true
server:
replicas: 2
ingress:
enabled: false
controller: generic
ingressClassName: cilium
annotations:
cert-manager.io/cluster-issuer: letsencrypt-issuer
hostname: argocd.alexlebens.net
tls: true
metrics:
enabled: true
serviceMonitor:
enabled: true
dex:
enabled: true
redis-ha:
enabled: true
redisSecretInit:
enabled: false
controller:
replicas: 1
metrics:
enabled: true
serviceMonitor:
enabled: true
repoServer:
replicas: 2
metrics:
enabled: true
serviceMonitor:
enabled: true
applicationSet:
replicas: 2
metrics:
enabled: true
serviceMonitor:
enabled: true