Adding # status: notices

2020-04-05 19:40:18 +02:00 · 2020-04-05 19:40:18 +02:00 · 9e76ceb29d
parent ea445d4fb0
commit 9e76ceb29d
12 changed files with 147 additions and 101 deletions
--- a/k8s/README.md
+++ b/k8s/README.md
@ -14,6 +14,8 @@ k create ns cert-manager
 k create ns nginx-ingress
 k create ns infrapuzzle
 k create ns kuard
 k create ns auth
 k create nextcloud
 ```
 ## [helm-operator](https://github.com/fluxcd/helm-operator/blob/master/chart/helm-operator/README.md)
@ -55,3 +57,30 @@ $ kubectl apply -f kuard
 # checkout: https://kuard.haumdaucher.de
 $ kubectl delete -f kuard
 ```
 ## auth
 Including:
 * openLDAP
 * phpldapadmin
 * ldap self service
 * dex
 ```sh
 ```
 ## nextcloud
 Install with helm
 ```sh
 ```
 Migate
 Backup
--- a/k8s/auth/phpldapadmin.yaml
+++ b/k8s/auth/phpldapadmin.yaml
@ -0,0 +1,26 @@
 # status: chart not working
 # note: problem could not be found yet
 apiVersion: helm.fluxcd.io/v1
 kind: HelmRelease
 metadata:
  name: helm-phpldapadmin
  namespace: flux
 spec:
  releaseName: phpldapadmin
  targetNamespace: auth
  chart:
    repository: https://cetic.github.io/helm-charts
    version: 0.1.3
    name: phpldapadmin
  values:
    service:
      type: ClusterIP
    ingress:
      enabled: true
      hosts:
        - "ldap.haumdaucher.de"
      annotations:
        cert-manager.io/cluster-issuer: "letsencrypt-prod"
      tls:
        - ldap-haumdaucher-de
--- a/k8s/blub/deploy.yaml
+++ b/k8s/blub/deploy.yaml
@ -1,27 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  creationTimestamp: null
  labels:
    app: nginx
  name: nginx
  namespace: blub
 spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  strategy: {}
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: nginx
    spec:
      containers:
      - image: nginx
        name: nginx
        resources: {}
        ports:
        - containerPort: 80
 status: {}
--- a/k8s/blub/ing.yaml
+++ b/k8s/blub/ing.yaml
@ -1,16 +0,0 @@
 apiVersion: networking.k8s.io/v1beta1
 kind: Ingress
 metadata:
  name: nginx
  namespace: blub
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
 spec:
  rules:
  - host: blub.haumdaucher.de
    http:
      paths:
      - path: /
        backend:
          serviceName: nginx
          servicePort: 80
--- a/k8s/blub/svc.yaml
+++ b/k8s/blub/svc.yaml
@ -1,20 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  creationTimestamp: "2020-04-05T08:37:56Z"
  labels:
    app: nginx
  name: nginx
  namespace: blub
 spec:
  clusterIP: 10.233.34.90
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: nginx
  sessionAffinity: None
  type: ClusterIP
 status:
  loadBalancer: {}
--- a/k8s/cert-manager/cert-manager.yaml
+++ b/k8s/cert-manager/cert-manager.yaml
@ -1,3 +1,5 @@
 # status: implemented
 apiVersion: helm.fluxcd.io/v1
 kind: HelmRelease
 metadata:
--- a/k8s/cert-manager/production-issuer.yaml
+++ b/k8s/cert-manager/production-issuer.yaml
@ -1,19 +1,21 @@
-   apiVersion: cert-manager.io/v1alpha2
+# status: implemented
-   kind: ClusterIssuer
+
-   metadata:
+apiVersion: cert-manager.io/v1alpha2
-     name: letsencrypt-prod
+kind: ClusterIssuer
-     namespace: cert-manager
+metadata:
-   spec:
+  name: letsencrypt-prod
-     acme:
+  namespace: cert-manager
-       # The ACME server URL
+spec:
-       server: https://acme-v02.api.letsencrypt.org/directory
+  acme:
-       # Email address used for ACME registration
+    # The ACME server URL
-       email: moritz@moritzgraf.de
+    server: https://acme-v02.api.letsencrypt.org/directory
-       # Name of a secret used to store the ACME account private key
+    # Email address used for ACME registration
-       privateKeySecretRef:
+    email: moritz@moritzgraf.de
-         name: letsencrypt-prod
+    # Name of a secret used to store the ACME account private key
-       # Enable the HTTP-01 challenge provider
+    privateKeySecretRef:
-       solvers:
+      name: letsencrypt-prod
-       - http01:
+    # Enable the HTTP-01 challenge provider
-           ingress:
+    solvers:
-             class: nginx
+    - http01:
        ingress:
          class: nginx
--- a/k8s/cert-manager/staging-issuer.yaml
+++ b/k8s/cert-manager/staging-issuer.yaml
@ -1,19 +1,21 @@
-   apiVersion: cert-manager.io/v1alpha2
+# status: implemented
-   kind: ClusterIssuer
+
-   metadata:
+apiVersion: cert-manager.io/v1alpha2
-     name: letsencrypt-staging
+kind: ClusterIssuer
-     namespace: cert-manager
+metadata:
-   spec:
+  name: letsencrypt-staging
-     acme:
+  namespace: cert-manager
-       # The ACME server URL
+spec:
-       server: https://acme-staging-v02.api.letsencrypt.org/directory
+  acme:
-       # Email address used for ACME registration
+    # The ACME server URL
-       email: moritz@moritzgraf.de
+    server: https://acme-staging-v02.api.letsencrypt.org/directory
-       # Name of a secret used to store the ACME account private key
+    # Email address used for ACME registration
-       privateKeySecretRef:
+    email: moritz@moritzgraf.de
-         name: letsencrypt-staging
+    # Name of a secret used to store the ACME account private key
-       # Enable the HTTP-01 challenge provider
+    privateKeySecretRef:
-       solvers:
+      name: letsencrypt-staging
-       - http01:
+    # Enable the HTTP-01 challenge provider
-           ingress:
+    solvers:
-             class:  nginx
+    - http01:
        ingress:
          class:  nginx
--- a/k8s/development/gitlab.yaml
+++ b/k8s/development/gitlab.yaml
@ -0,0 +1,21 @@
 apiVersion: helm.fluxcd.io/v1
 kind: HelmRelease
 metadata:
  name: helm-nextcloud
  namespace: nextcloud
 spec:
  releaseName: nextcloud
  targetNamespace: nextcloud
  chart:
    repository: https://kubernetes-charts.storage.googleapis.com
    version: 1.9.2
    name: nextcloud
  values:
    nextcloud:
      username: admin
      password: xxx
      # TODO
      # storage: nextcloud
      # storage: mariadb
      # .secret file with pw:mariadb user&admin
      #              with pw:nextcloud
--- a/k8s/nextcloud/nextcloud.yaml
+++ b/k8s/nextcloud/nextcloud.yaml
@ -0,0 +1,23 @@
 ## status: NOT implemented
 apiVersion: helm.fluxcd.io/v1
 kind: HelmRelease
 metadata:
  name: helm-nextcloud
  namespace: nextcloud
 spec:
  releaseName: nextcloud
  targetNamespace: nextcloud
  chart:
    repository: https://kubernetes-charts.storage.googleapis.com
    version: 1.9.2
    name: nextcloud
  values:
    nextcloud:
      username: admin
      password: xxx
      # TODO
      # storage: nextcloud
      # storage: mariadb
      # .secret file with pw:mariadb user&admin
      #              with pw:nextcloud
--- a/k8s/nginx-ingress/nginx-ingress.yaml
+++ b/k8s/nginx-ingress/nginx-ingress.yaml
@ -1,3 +1,5 @@
 # status: implemented
 apiVersion: helm.fluxcd.io/v1
 kind: HelmRelease
 metadata:
--- a/k8s/troubleshoot/busybox.yaml
+++ b/k8s/troubleshoot/busybox.yaml
@ -1,3 +1,5 @@
 # status: ready
 # note: readym to debug your problem
 apiVersion: apps/v1
 kind: Deployment
 metadata: