infra/foundation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: infra/foundation:main
Branches Tags
infra/foundation:main
..
compare: infra/foundation:357ed774e2e2487e9d1ede7ea97aca6f09488000
Branches Tags
infra/foundation:main

2 Commits
main .. 357ed774e2

Author SHA1 Message Date
Dreaded_X 357ed774e2 feat: Added authelia
kustomization/lldap/12ab30af reconciliation succeeded
kustomization/flux-system/12ab30af reconciliation succeeded
 2025-12-22 02:50:14 +01:00
Dreaded_X c186ee59f5 feat: Enable cilium dsr 2025-12-22 02:48:17 +01:00
18 changed files with 32 additions and 147 deletions
Expand all files Collapse all files
apps/artifacts.yaml
-5
View File
@@ -19,8 +19,3 @@ spec:
copy: copy:
- from: "@foundation/apps/lldap/**" - from: "@foundation/apps/lldap/**"
to: "@artifact/" to: "@artifact/"
- name: authelia
originRevision: "@foundation"
copy:
- from: "@foundation/apps/authelia/**"
to: "@artifact/"
apps/authelia/authelia.yaml
-20
View File
@@ -1,20 +0,0 @@
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: authelia
namespace: flux-system
spec:
interval: 1h
retryInterval: 2m
timeout: 5m
dependsOn:
- name: cnpg
- name: lldap-controller
- name: dragonfly-operator
- name: authelia-controller
sourceRef:
kind: ExternalArtifact
name: authelia
path: ./${cluster_env}
prune: true
wait: true
apps/authelia/base/values.yaml
+9 -14
View File
@@ -2,16 +2,11 @@ pod:
kind: Deployment kind: Deployment
replicas: 2 replicas: 2
ingress: ingress:
enabled: true enabled: false
gatewayAPI:
enabled: true
parentRefs:
- name: gateway
namespace: default
secret: secret:
additionalSecrets: additionalSecrets:
db-app: postgres-app:
key: db-app key: db-app
authelia-lldap-credentials: authelia-lldap-credentials:
key: authelia-lldap-credentials key: authelia-lldap-credentials
@@ -37,10 +32,10 @@ configMap:
secret_name: authelia-lldap-credentials secret_name: authelia-lldap-credentials
path: password path: password
session: # session:
redis: # redis:
enabled: true # enabled: true
host: dragonfly.authelia # host: dragonflydb.authelia
storage: storage:
postgres: postgres:
@@ -56,6 +51,6 @@ configMap:
filesystem: filesystem:
enabled: true enabled: true
access_control: # access_control:
secret: # secret:
existingSecret: authelia-acl # existingSecret: authelia-acl
apps/authelia/production/dragonfly.yaml
-7
View File
@@ -1,7 +0,0 @@
apiVersion: dragonflydb.io/v1alpha1
kind: Dragonfly
metadata:
name: dragonfly
namespace: authelia
spec:
replicas: 2
apps/authelia/production/kustomization.yaml
-16
View File
@@ -1,16 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../base
- dragonfly.yaml
patches:
- path: cluster.yaml
target:
kind: Cluster
configMapGenerator:
- name: values-overlay
namespace: authelia
files:
- values.yaml
apps/authelia/staging/dragonfly.yaml
-7
View File
@@ -1,7 +0,0 @@
apiVersion: dragonflydb.io/v1alpha1
kind: Dragonfly
metadata:
name: dragonfly
namespace: authelia
spec:
replicas: 1
apps/authelia/staging/kustomization.yaml
+1 -2
View File
@@ -2,7 +2,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
resources: resources:
- ../base - ../base
- dragonfly.yaml
patches: patches:
- path: cluster.yaml - path: cluster.yaml
@@ -14,6 +13,6 @@ patches:
configMapGenerator: configMapGenerator:
- name: values-overlay - name: values-overlay
namespace: authelia namespace: cnpg-system
files: files:
- values.yaml - values.yaml
clusters/testing/kustomization.yaml
-3
View File
@@ -11,8 +11,6 @@ resources:
- ../../controllers/cnpg/cnpg.yaml - ../../controllers/cnpg/cnpg.yaml
- ../../controllers/reflector/reflector.yaml - ../../controllers/reflector/reflector.yaml
- ../../controllers/lldap-controller/lldap-controller.yaml - ../../controllers/lldap-controller/lldap-controller.yaml
- ../../controllers/authelia-controller/authelia-controller.yaml
- ../../controllers/dragonfly-operator/dragonfly-operator.yaml
- ../../configs/artifacts.yaml - ../../configs/artifacts.yaml
- ../../configs/cilium-config/cilium-config.yaml - ../../configs/cilium-config/cilium-config.yaml
@@ -23,4 +21,3 @@ resources:
- ../../apps/artifacts.yaml - ../../apps/artifacts.yaml
- ../../apps/spegel/spegel.yaml - ../../apps/spegel/spegel.yaml
- ../../apps/lldap/lldap.yaml - ../../apps/lldap/lldap.yaml
- ../../apps/authelia/authelia.yaml
controllers/artifacts.yaml
-5
View File
@@ -44,8 +44,3 @@ spec:
copy: copy:
- from: "@foundation/controllers/reflector/**" - from: "@foundation/controllers/reflector/**"
to: "@artifact/" to: "@artifact/"
- name: dragonfly-operator
originRevision: "@foundation"
copy:
- from: "@foundation/controllers/dragonfly-operator/**"
to: "@artifact/"
controllers/authelia-controller/authelia-controller.yaml
-26
View File
@@ -1,26 +0,0 @@
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: OCIRepository
metadata:
name: authelia-controller
namespace: flux-system
spec:
interval: 1m0s
url: oci://git.huizinga.dev/infra/authelia-controller/manifests
ref:
tag: edge
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: authelia-controller
namespace: flux-system
spec:
interval: 1h
retryInterval: 2m
timeout: 5m
sourceRef:
kind: OCIRepository
name: authelia-controller
path: ./
prune: true
wait: true
controllers/cert-manager/helm-release.yaml
+2 -7
View File
@@ -13,14 +13,9 @@ spec:
strategy: strategy:
name: RetryOnFailure name: RetryOnFailure
retryInterval: 3m retryInterval: 3m
chart: chartRef:
spec: kind: OCIRepository
chart: cert-manager
version: "1.19.x"
sourceRef:
kind: HelmRepository
name: cert-manager name: cert-manager
interval: 24h
values: values:
crds: crds:
enabled: true enabled: true
controllers/cert-manager/helm-repository.yaml
-9
View File
@@ -1,9 +0,0 @@
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: cert-manager
namespace: cert-manager
spec:
type: "oci"
interval: 24h
url: oci://quay.io/jetstack/charts/
controllers/cert-manager/kustomization.yaml
+3 -3
View File
@@ -1,6 +1,6 @@
apiVersion: kustomize.config.k8s.io/v1beta1 apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
resources: resources:
- namespace.yaml - ./namespace.yaml
- helm-repository.yaml - ./oci-repository.yaml
- helm-release.yaml - ./helm-release.yaml
controllers/cert-manager/oci-repository.yaml
+13
View File
@@ -0,0 +1,13 @@
apiVersion: source.toolkit.fluxcd.io/v1
kind: OCIRepository
metadata:
name: cert-manager
namespace: cert-manager
spec:
interval: 24h
url: oci://quay.io/jetstack/charts/cert-manager
layerSelector:
mediaType: "application/vnd.cncf.helm.chart.content.v1.tar+gzip"
operation: copy
ref:
semver: "1.19.x"
controllers/cilium/base/helm-release.yaml
+1 -3
View File
@@ -17,9 +17,7 @@ spec:
chart: chart:
spec: spec:
chart: cilium chart: cilium
# Regression in cilium causes issues, so we stay on .7 version: "1.18.x"
version: "1.18.7"
# version: "1.18.x"
sourceRef: sourceRef:
kind: HelmRepository kind: HelmRepository
name: cilium name: cilium
controllers/cilium/base/values.yaml
+2
View File
@@ -29,3 +29,5 @@ gatewayAPI:
enabled: true enabled: true
enableAlpn: true enableAlpn: true
enableAppProtocol: true enableAppProtocol: true
loadBalancer:
mode: dsr
controllers/dragonfly-operator/dragonfly-operator.yaml
-15
View File
@@ -1,15 +0,0 @@
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: dragonfly-operator
namespace: flux-system
spec:
interval: 1h
retryInterval: 2m
timeout: 5m
sourceRef:
kind: ExternalArtifact
name: dragonfly-operator
path: .
prune: true
wait: true
controllers/dragonfly-operator/kustomization.yaml
-4
View File
@@ -1,4 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- https://raw.githubusercontent.com/dragonflydb/dragonfly-operator/v1.3.1/manifests/dragonfly-operator.yaml