j/home-server
1
0
Fork 0
Code Issues 7 Pull requests Projects 1 Releases Packages Wiki Activity Actions

Difficult bit into kust. Strip mariadb from helm.

Browse source
This commit is contained in:
j 2025-07-10 13:56:45 +10:00
parent 0786edbead
commit 950012fa3d
8 changed files with 161 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

6
charts/subcharts/Chart.yaml
View file

@ -2,12 +2,6 @@ apiVersion: v2
name: home-server-subcharts name: home-server-subcharts
version: 0.1.0 version: 0.1.0
dependencies: dependencies:
- name: mariadb-operator-crds
version: 0.38.1
repository: https://helm.mariadb.com/mariadb-operator
- name: mariadb-operator
version: 0.38.1
repository: https://helm.mariadb.com/mariadb-operator
- name: cert-manager - name: cert-manager
version: v1.18.2 version: v1.18.2
repository: https://charts.jetstack.io repository: https://charts.jetstack.io

4
charts/subcharts/templates/cert-manager.yaml
View file

@ -22,10 +22,10 @@ spec:
apiVersion: cert-manager.io/v1 apiVersion: cert-manager.io/v1
kind: Certificate kind: Certificate
metadata: metadata:
name: wildcard-{{ .Values.global.domain | replace "." "-" }} name: {{ .Values.global.ssl_secret_name }}
namespace: {{ .Values.global.namespace }} namespace: {{ .Values.global.namespace }}
spec: spec:
secretName: wildcard-{{ .Values.global.domain | replace "." "-" }} secretName: {{ .Values.global.ssl_secret_name }}
secretTemplate: secretTemplate:
annotations: annotations:
replicator.v1.mittwald.de/replication-allowed: "true" replicator.v1.mittwald.de/replication-allowed: "true"

4
deployments/kustomization.yaml
View file

@ -4,4 +4,6 @@ kind: Kustomization
resources: resources:
- manifests/00-namespaces.yaml - manifests/00-namespaces.yaml
- manifests/10-repo-prod.yaml - manifests/10-repo-prod.yaml
- manifests/20-hrel-prod.yaml - manifests/20-hrel-mariadb.yaml
- manifests/20-hrel-replicator.yaml
- manifests/30-hrel-prod.yaml

56
deployments/manifests/20-hrel-mariadb.yaml Normal file
View file

@ -0,0 +1,56 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: mariadb-system
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: mariadb-operator
namespace: flux-system
spec:
url: https://helm.mariadb.com/mariadb-operator
interval: 1h
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: mariadb-operator-crds
namespace: mariadb-system
spec:
interval: 30m
chart:
spec:
chart: mariadb-operator-crds
version: 0.38.1
sourceRef:
kind: HelmRepository
name: mariadb-operator
namespace: flux-system
install:
createNamespace: true
upgrade:
disableWait: true
timeout: 5m
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: mariadb-operator
namespace: mariadb-system
spec:
interval: 30m
chart:
spec:
chart: mariadb-operator
version: 0.38.1
sourceRef:
kind: HelmRepository
name: mariadb-operator
namespace: flux-system
install:
createNamespace: true
dependsOn:
- name: mariadb-operator-crds
namespace: mariadb-system

99
deployments/manifests/20-hrel-replicator.yaml Normal file
View file

@ -0,0 +1,99 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: kubernetes-replicator
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: kubernetes-replicator
rules:
- apiGroups: ["", "apps", "extensions"]
resources:
- secrets
- configmaps
- roles
- rolebindings
- cronjobs
- deployments
- events
- ingresses
- jobs
- pods
- pods/attach
- pods/exec
- pods/log
- pods/portforward
- services
- namespaces
- serviceaccounts
verbs: ["*"]
- apiGroups: ["batch"]
resources:
- configmaps
- cronjobs
- deployments
- events
- ingresses
- jobs
- pods
- pods/attach
- pods/exec
- pods/log
- pods/portforward
- services
verbs: ["*"]
- apiGroups: ["rbac.authorization.k8s.io"]
resources:
- roles
- rolebindings
- clusterrolebindings
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kubernetes-replicator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kubernetes-replicator
subjects:
- kind: ServiceAccount
name: kubernetes-replicator
namespace: kube-system
---
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
name: mittwald
namespace: flux-system
spec:
url: https://helm.mittwald.de
interval: 1h
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: kubernetes-replicator
namespace: kube-system
spec:
interval: 5m
chart:
spec:
chart: kubernetes-replicator
sourceRef:
kind: HelmRepository
name: mittwald
namespace: flux-system
install:
createNamespace: false
upgrade:
disableWait: false
values:
serviceAccount:
create: false
name: kubernetes-replicator

0
deployments/manifests/20-hrel-dev.yaml → deployments/manifests/30-hrel-dev.yaml
View file

0
deployments/manifests/20-hrel-prod.yaml → deployments/manifests/30-hrel-prod.yaml
View file

1
values.yaml
View file

@ -1,5 +1,6 @@
global: global:
domain: hxme.net domain: hxme.net
ssl_secret_name: wildcard-hxme-net
namespace: cert-manager namespace: cert-manager
issuerName: letsencrypt-rfc2136 issuerName: letsencrypt-rfc2136
email: admin@hxme.net email: admin@hxme.net