DeveloperDurp/linode
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update argocd/argocd/apps/cert-manager.yaml, argocd/argocd/cert-manager/Chart.yaml, argocd/argocd/cert-manager/values.yaml, argocd/argocd/cert-manager/templates/letsencrypt-production.yaml, argocd/argocd/cert-manager/templates/letsencrypt-staging.yaml, argocd/argocd/cert-manager/templates/cloudflare-secret.yaml, .gitlab-ci.yml, main.yml

Browse Source
This commit is contained in:
DeveloperDurp
2022-09-25 19:15:38 +00:00
parent 214fefd22d
commit 7f3e84d240
8 changed files with 95 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitlab-ci.yml
View File

@@ -77,6 +77,7 @@ ansible:
- pip install kubernetes - pip install kubernetes
- ansible-galaxy collection install kubernetes.core - ansible-galaxy collection install kubernetes.core
- cat $kubeconfig > config - cat $kubeconfig > config
- cat $kubeseal > kubeseal.yaml
script: script:
- ansible-playbook $CI_PROJECT_DIR/main.yml - ansible-playbook $CI_PROJECT_DIR/main.yml
needs: needs:

20
argocd/argocd/apps/cert-manager.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cert-manager
namespace: argocd
spec:
project: default
source:
repoURL: https://gitlab.com/infrastructure-as-code5/infrastructure.git
targetRevision: main
path: argocd/cert-manager
destination:
namespace: cert-manager
name: in-cluster
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true

11
argocd/argocd/cert-manager/Chart.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: v2
name: cert-manager
description: A Helm chart for Kubernetes
type: application
version: 0.0.1
appVersion: 0.0.1
dependencies:
- name: cert-manager
repository: https://charts.jetstack.io
version: 1.8.0

15
argocd/argocd/cert-manager/templates/cloudflare-secret.yaml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: cloudflare-api-token-secret
namespace: cert-manager
spec:
encryptedData:
api-token: AgByFA+3NxZ6EPc0kt99+9+aFFRoYN0L82HPYilEtkxBKWdIc70k6SAmOAGUQnrBbCulWSq+qLaGSOk7l/ul2IzJLLitpluJbb2Ck2qiZyAoGCaO0V+rdZxzrOpKnDrEk8/puvz1jbfRbiDvPzz1/x/U3hG6InXzj63wU+WYsu3xCEcVrPSlEUILK0DeAVJipdn/5Auw5ckgVMZ6j+Fjcp94INWUw/Z7wiiebXOgeh5BxvFiYw9Pk7CMMRqdIkDT30ynCgn9v2Gl280P/J6QCByljGkr7b6gOXgYw/KIxSsl2mzv9Ar2+ZWvka9nqykdL8dE3Ju3MtFTPCNv+REdEZH+EubxXeE+WS+hYhMVoPPIt/47yh6Pu1xU7Ms8aLXlUMBxIzonBTcyRvktH2Mc86CWPXYYdfi7885iq/uRt4hJN3akAh4zazfBwJ/FCVzrJb+zMfozwR4tPiGwb2HxfggAy0UW0SYxUNGbwmr7J+9g5QOFyNrtPqsslH5piGHtERtegpB4MngdNFLln3oidt+ef0//Y3E+V4c2vY+t0OirgRgJ59UVhEFDLUgvaHNjJ2PGlmyQa98hSzYfpmm/4sAsTAIM/W/oRwtsA2arOjg79An397upqbepBVqYe0wqHML50eE1C3mX9bwtdq4+W3A1GmpadYl9n2HrtLF/rTPenFVLqzodN7VLBRNU8f49Xc7s9hEHnlMegrh/drYC2ckn3w/V2s1Yya8RUQiGnqztdOAJqCwL1o/f
template:
data: null
metadata:
creationTimestamp: null
name: cloudflare-api-token-secret
namespace: cert-manager

16
argocd/argocd/cert-manager/templates/letsencrypt-production.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-production
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: example-issuer-account-key
solvers:
- dns01:
cloudflare:
email: developerdurp@durp.info
apiTokenSecretRef:
name: cloudflare-api-token-secret
key: api-token

16
argocd/argocd/cert-manager/templates/letsencrypt-staging.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-staging
spec:
acme:
server: https://acme-staging-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: example-issuer-account-key
solvers:
- dns01:
cloudflare:
email: developerdurp@durp.info
apiTokenSecretRef:
name: cloudflare-api-token-secret
key: api-token

11
argocd/argocd/cert-manager/values.yaml Normal file
View File

@@ -0,0 +1,11 @@
cert-manager:
installCRDs: true
replicaCount: 3
extraArgs:
- --dns01-recursive-nameservers=1.1.1.1:53,1.0.0.1:53
- --dns01-recursive-nameservers-only
podDnsPolicy: None
podDnsConfig:
nameservers:
- "1.1.1.1"
- "1.0.0.1"

5
main.yml
View File

@@ -7,6 +7,11 @@
kind: Namespace kind: Namespace
state: present state: present
- name: deploy kubeseal
kubernetes.core.k8s:
src: ./kubeseal.yaml
state: present
- name: deploy argocd - name: deploy argocd
kubernetes.core.k8s: kubernetes.core.k8s:
src: ./argocd/argocd/argocd.yaml src: ./argocd/argocd/argocd.yaml