From 5f78efd4fdb5e3a72600af3f2786678ff8aa1c06 Mon Sep 17 00:00:00 2001
From: j <repobase@j7b.net>
Date: Thu, 3 Jul 2025 14:40:10 +1000
Subject: [PATCH] Add replicator

---
 deployments/kustomization.yaml        |  1 +
 deployments/operators/replicator.yaml | 90 +++++++++++++++++++++++++++
 2 files changed, 91 insertions(+)
 create mode 100644 deployments/operators/replicator.yaml

diff --git a/deployments/kustomization.yaml b/deployments/kustomization.yaml
index 0e8ac86..92e5910 100644
--- a/deployments/kustomization.yaml
+++ b/deployments/kustomization.yaml
@@ -7,6 +7,7 @@ resources:
   - monitoring/loki.yaml
   - monitoring/prometheus.yaml
   - operators/mariadb.yaml
+  - operators/replicator.yaml
   - dns/namespace.yaml
   - dns/bind.yaml
   - dns/externaldns.yaml
diff --git a/deployments/operators/replicator.yaml b/deployments/operators/replicator.yaml
new file mode 100644
index 0000000..a553138
--- /dev/null
+++ b/deployments/operators/replicator.yaml
@@ -0,0 +1,90 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: kubernetes-replicator
+  namespace: kube-system
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: kubernetes-replicator
+rules:
+  - apiGroups: ["", "apps", "extensions"]
+    resources:
+      - secrets
+      - configmaps
+      - roles
+      - rolebindings
+      - cronjobs
+      - deployments
+      - events
+      - ingresses
+      - jobs
+      - pods
+      - pods/attach
+      - pods/exec
+      - pods/log
+      - pods/portforward
+      - services
+    verbs: ["*"]
+  - apiGroups: ["batch"]
+    resources:
+      - configmaps
+      - cronjobs
+      - deployments
+      - events
+      - ingresses
+      - jobs
+      - pods
+      - pods/attach
+      - pods/exec
+      - pods/log
+      - pods/portforward
+      - services
+    verbs: ["*"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: kubernetes-replicator
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: kubernetes-replicator
+subjects:
+  - kind: ServiceAccount
+    name: kubernetes-replicator
+    namespace: kube-system
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: HelmRepository
+metadata:
+  name: mittwald
+  namespace: flux-system
+spec:
+  url: https://helm.mittwald.de
+  interval: 1h
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: kubernetes-replicator
+  namespace: kube-system
+spec:
+  interval: 5m
+  chart:
+    spec:
+      chart: kubernetes-replicator
+      sourceRef:
+        kind: HelmRepository
+        name: mittwald
+        namespace: flux-system
+  install:
+    createNamespace: false
+  upgrade:
+    disableWait: false
+  values:
+    serviceAccount:
+      create: false
+      name: kubernetes-replicator