From 9e76ceb29d68728483312d67a9dfff4a191ade89 Mon Sep 17 00:00:00 2001
From: Moritz Graf <github@moritzgraf.de>
Date: Sun, 5 Apr 2020 19:40:18 +0200
Subject: [PATCH] Adding # status: notices

---
 k8s/README.md                           | 29 ++++++++++++++++++
 k8s/auth/phpldapadmin.yaml              | 26 ++++++++++++++++
 k8s/blub/deploy.yaml                    | 27 -----------------
 k8s/blub/ing.yaml                       | 16 ----------
 k8s/blub/svc.yaml                       | 20 -------------
 k8s/cert-manager/cert-manager.yaml      |  2 ++
 k8s/cert-manager/production-issuer.yaml | 40 +++++++++++++------------
 k8s/cert-manager/staging-issuer.yaml    | 40 +++++++++++++------------
 k8s/development/gitlab.yaml             | 21 +++++++++++++
 k8s/nextcloud/nextcloud.yaml            | 23 ++++++++++++++
 k8s/nginx-ingress/nginx-ingress.yaml    |  2 ++
 k8s/{ => troubleshoot}/busybox.yaml     |  2 ++
 12 files changed, 147 insertions(+), 101 deletions(-)
 create mode 100644 k8s/auth/phpldapadmin.yaml
 delete mode 100644 k8s/blub/deploy.yaml
 delete mode 100644 k8s/blub/ing.yaml
 delete mode 100644 k8s/blub/svc.yaml
 create mode 100644 k8s/development/gitlab.yaml
 create mode 100644 k8s/nextcloud/nextcloud.yaml
 rename k8s/{ => troubleshoot}/busybox.yaml (90%)

diff --git a/k8s/README.md b/k8s/README.md
index 8f60c7b..e69eaea 100644
--- a/k8s/README.md
+++ b/k8s/README.md
@@ -14,6 +14,8 @@ k create ns cert-manager
 k create ns nginx-ingress
 k create ns infrapuzzle
 k create ns kuard
+k create ns auth
+k create nextcloud
 ```
 
 ## [helm-operator](https://github.com/fluxcd/helm-operator/blob/master/chart/helm-operator/README.md)
@@ -55,3 +57,30 @@ $ kubectl apply -f kuard
 # checkout: https://kuard.haumdaucher.de
 $ kubectl delete -f kuard
 ```
+
+## auth
+
+Including:
+
+* openLDAP
+* phpldapadmin
+* ldap self service
+* dex
+
+
+```sh
+
+```
+
+## nextcloud
+
+Install with helm
+
+```sh
+
+```
+
+Migate
+
+
+Backup
\ No newline at end of file
diff --git a/k8s/auth/phpldapadmin.yaml b/k8s/auth/phpldapadmin.yaml
new file mode 100644
index 0000000..d9eaf3d
--- /dev/null
+++ b/k8s/auth/phpldapadmin.yaml
@@ -0,0 +1,26 @@
+# status: chart not working
+# note: problem could not be found yet
+
+apiVersion: helm.fluxcd.io/v1
+kind: HelmRelease
+metadata:
+  name: helm-phpldapadmin
+  namespace: flux
+spec:
+  releaseName: phpldapadmin
+  targetNamespace: auth
+  chart:
+    repository: https://cetic.github.io/helm-charts
+    version: 0.1.3
+    name: phpldapadmin
+  values:
+    service:
+      type: ClusterIP
+    ingress:
+      enabled: true
+      hosts:
+        - "ldap.haumdaucher.de"
+      annotations:
+        cert-manager.io/cluster-issuer: "letsencrypt-prod"
+      tls:
+        - ldap-haumdaucher-de
diff --git a/k8s/blub/deploy.yaml b/k8s/blub/deploy.yaml
deleted file mode 100644
index efc79cb..0000000
--- a/k8s/blub/deploy.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  creationTimestamp: null
-  labels:
-    app: nginx
-  name: nginx
-  namespace: blub
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: nginx
-  strategy: {}
-  template:
-    metadata:
-      creationTimestamp: null
-      labels:
-        app: nginx
-    spec:
-      containers:
-      - image: nginx
-        name: nginx
-        resources: {}
-        ports:
-        - containerPort: 80
-status: {}
diff --git a/k8s/blub/ing.yaml b/k8s/blub/ing.yaml
deleted file mode 100644
index 7694774..0000000
--- a/k8s/blub/ing.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-apiVersion: networking.k8s.io/v1beta1
-kind: Ingress
-metadata:
-  name: nginx
-  namespace: blub
-  annotations:
-    nginx.ingress.kubernetes.io/rewrite-target: /
-spec:
-  rules:
-  - host: blub.haumdaucher.de
-    http:
-      paths:
-      - path: /
-        backend:
-          serviceName: nginx
-          servicePort: 80
\ No newline at end of file
diff --git a/k8s/blub/svc.yaml b/k8s/blub/svc.yaml
deleted file mode 100644
index b71a4ba..0000000
--- a/k8s/blub/svc.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  creationTimestamp: "2020-04-05T08:37:56Z"
-  labels:
-    app: nginx
-  name: nginx
-  namespace: blub
-spec:
-  clusterIP: 10.233.34.90
-  ports:
-  - port: 80
-    protocol: TCP
-    targetPort: 80
-  selector:
-    app: nginx
-  sessionAffinity: None
-  type: ClusterIP
-status:
-  loadBalancer: {}
diff --git a/k8s/cert-manager/cert-manager.yaml b/k8s/cert-manager/cert-manager.yaml
index 58a0fde..9bd9c32 100644
--- a/k8s/cert-manager/cert-manager.yaml
+++ b/k8s/cert-manager/cert-manager.yaml
@@ -1,3 +1,5 @@
+# status: implemented
+
 apiVersion: helm.fluxcd.io/v1
 kind: HelmRelease
 metadata:
diff --git a/k8s/cert-manager/production-issuer.yaml b/k8s/cert-manager/production-issuer.yaml
index b24229e..3aba3e8 100644
--- a/k8s/cert-manager/production-issuer.yaml
+++ b/k8s/cert-manager/production-issuer.yaml
@@ -1,19 +1,21 @@
-   apiVersion: cert-manager.io/v1alpha2
-   kind: ClusterIssuer
-   metadata:
-     name: letsencrypt-prod
-     namespace: cert-manager
-   spec:
-     acme:
-       # The ACME server URL
-       server: https://acme-v02.api.letsencrypt.org/directory
-       # Email address used for ACME registration
-       email: moritz@moritzgraf.de
-       # Name of a secret used to store the ACME account private key
-       privateKeySecretRef:
-         name: letsencrypt-prod
-       # Enable the HTTP-01 challenge provider
-       solvers:
-       - http01:
-           ingress:
-             class: nginx
+# status: implemented
+
+apiVersion: cert-manager.io/v1alpha2
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-prod
+  namespace: cert-manager
+spec:
+  acme:
+    # The ACME server URL
+    server: https://acme-v02.api.letsencrypt.org/directory
+    # Email address used for ACME registration
+    email: moritz@moritzgraf.de
+    # Name of a secret used to store the ACME account private key
+    privateKeySecretRef:
+      name: letsencrypt-prod
+    # Enable the HTTP-01 challenge provider
+    solvers:
+    - http01:
+        ingress:
+          class: nginx
diff --git a/k8s/cert-manager/staging-issuer.yaml b/k8s/cert-manager/staging-issuer.yaml
index 40d167e..a3f0feb 100644
--- a/k8s/cert-manager/staging-issuer.yaml
+++ b/k8s/cert-manager/staging-issuer.yaml
@@ -1,19 +1,21 @@
-   apiVersion: cert-manager.io/v1alpha2
-   kind: ClusterIssuer
-   metadata:
-     name: letsencrypt-staging
-     namespace: cert-manager
-   spec:
-     acme:
-       # The ACME server URL
-       server: https://acme-staging-v02.api.letsencrypt.org/directory
-       # Email address used for ACME registration
-       email: moritz@moritzgraf.de
-       # Name of a secret used to store the ACME account private key
-       privateKeySecretRef:
-         name: letsencrypt-staging
-       # Enable the HTTP-01 challenge provider
-       solvers:
-       - http01:
-           ingress:
-             class:  nginx
+# status: implemented
+
+apiVersion: cert-manager.io/v1alpha2
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-staging
+  namespace: cert-manager
+spec:
+  acme:
+    # The ACME server URL
+    server: https://acme-staging-v02.api.letsencrypt.org/directory
+    # Email address used for ACME registration
+    email: moritz@moritzgraf.de
+    # Name of a secret used to store the ACME account private key
+    privateKeySecretRef:
+      name: letsencrypt-staging
+    # Enable the HTTP-01 challenge provider
+    solvers:
+    - http01:
+        ingress:
+          class:  nginx
diff --git a/k8s/development/gitlab.yaml b/k8s/development/gitlab.yaml
new file mode 100644
index 0000000..a93dc98
--- /dev/null
+++ b/k8s/development/gitlab.yaml
@@ -0,0 +1,21 @@
+apiVersion: helm.fluxcd.io/v1
+kind: HelmRelease
+metadata:
+  name: helm-nextcloud
+  namespace: nextcloud
+spec:
+  releaseName: nextcloud
+  targetNamespace: nextcloud
+  chart:
+    repository: https://kubernetes-charts.storage.googleapis.com
+    version: 1.9.2
+    name: nextcloud
+  values:
+    nextcloud:
+      username: admin
+      password: xxx
+      # TODO
+      # storage: nextcloud
+      # storage: mariadb
+      # .secret file with pw:mariadb user&admin
+      #              with pw:nextcloud
diff --git a/k8s/nextcloud/nextcloud.yaml b/k8s/nextcloud/nextcloud.yaml
new file mode 100644
index 0000000..03ef8c4
--- /dev/null
+++ b/k8s/nextcloud/nextcloud.yaml
@@ -0,0 +1,23 @@
+## status: NOT implemented
+
+apiVersion: helm.fluxcd.io/v1
+kind: HelmRelease
+metadata:
+  name: helm-nextcloud
+  namespace: nextcloud
+spec:
+  releaseName: nextcloud
+  targetNamespace: nextcloud
+  chart:
+    repository: https://kubernetes-charts.storage.googleapis.com
+    version: 1.9.2
+    name: nextcloud
+  values:
+    nextcloud:
+      username: admin
+      password: xxx
+      # TODO
+      # storage: nextcloud
+      # storage: mariadb
+      # .secret file with pw:mariadb user&admin
+      #              with pw:nextcloud
diff --git a/k8s/nginx-ingress/nginx-ingress.yaml b/k8s/nginx-ingress/nginx-ingress.yaml
index f6c88eb..01a6911 100644
--- a/k8s/nginx-ingress/nginx-ingress.yaml
+++ b/k8s/nginx-ingress/nginx-ingress.yaml
@@ -1,3 +1,5 @@
+# status: implemented
+
 apiVersion: helm.fluxcd.io/v1
 kind: HelmRelease
 metadata:
diff --git a/k8s/busybox.yaml b/k8s/troubleshoot/busybox.yaml
similarity index 90%
rename from k8s/busybox.yaml
rename to k8s/troubleshoot/busybox.yaml
index bfd81ae..45b26d4 100644
--- a/k8s/busybox.yaml
+++ b/k8s/troubleshoot/busybox.yaml
@@ -1,3 +1,5 @@
+# status: ready
+# note: readym to debug your problem
 apiVersion: apps/v1
 kind: Deployment
 metadata: