infrapuzzle/k8s/README.md

# k8s

This folder holds all the services required for my private infrastructure. Following contraints apply:

* Order of implementation is top down.
* Every namespace has a subfolder within this subdirectory.
* helm3

## namespaces

```yaml
k create ns flux
k create ns cert-manager
k create ns nginx-ingress
k create ns infrapuzzle
k create ns kuard
k create ns auth
k create nextcloud
```

## [helm-operator](https://github.com/fluxcd/helm-operator/blob/master/chart/helm-operator/README.md)

As I use helm extensively, using the helm-operator was a logical step. [See documentation for installation.](https://github.com/fluxcd/helm-operator/blob/master/chart/helm-operator/README.md)

```bash
$ helm repo add fluxcd https://charts.fluxcd.io
$ helm repo update
$ kubectl apply -f https://raw.githubusercontent.com/fluxcd/helm-operator/master/deploy/crds.yaml
$ helm upgrade -i helm-operator fluxcd/helm-operator \
    --namespace flux \
    --set helm.versions=v3
```

## [ingress-controller](https://github.com/helm/charts/tree/master/stable/nginx-ingress)

Apply with helm-operator:

```bash
$ kubectl apply -f nginx-ingress/ingress.yaml
```

## [cert-manager](https://cert-manager.io/docs/tutorials/acme/ingress/)

Apply with helm-operator:

```bash
$ kubectl apply -f https://raw.githubusercontent.com/jetstack/cert-manager/master/deploy/manifests/00-crds.yaml
$ kubectl apply -f cert-manager/cert-manager.yaml
$ kubectl apply -f cert-manager/staging-issuer.yaml
$ kubectl apply -f cert-manager/production-issuer.yaml
```

To test all this you may use the kuaard demo project:

```sh
$ kubectl apply -f kuard
# checkout: https://kuard.haumdaucher.de
$ kubectl delete -f kuard
```

## auth

Including:

* openLDAP
* phpldapadmin
* ldap self service
* dex


```sh

```

## nextcloud

Install with helm

```sh

```

Migate


Backup