stackspout/README.md

90 lines
3.1 KiB
Markdown
Raw Normal View History

# Stackspin Outwards - Stackspout
2022-03-30 17:04:47 +00:00
This repository extends [Stackspin](https://open.greenhost.net/stackspin/stackspin)
with extra applications and overrides
2023-12-11 16:52:49 +00:00
focused on business use.
Once stabilized, the aim is to contribute as much upstream as possible.
2022-03-30 17:04:47 +00:00
Stackspout is used in day-to-day business
2022-11-16 11:16:18 +00:00
with a double-digit user number,
so all experiments happen carefully.
2023-12-11 16:52:49 +00:00
Still, it is an experimental offering.
2022-03-30 20:11:12 +00:00
2022-11-16 11:16:18 +00:00
## Tools
Useful tools for administration:
- my `stack` CLI helper, currently part of my dotfiles:
https://git.jfischer.org/xeruf/dotfiles/src/branch/main/.config/shell/server#L11
- stackspin docs:
https://docs.stackspin.net/en/v2/system_administration/customizing.html
2023-12-11 16:52:49 +00:00
### Guide: Creating OAuth Credentials for an external service
2024-01-23 21:50:41 +00:00
- add a line in `install.sh` and run it to generate the secret (TODO: Update to new stackspin mechanism)
- append another OAuth2Client definition to `overrides/oauth-clients.yaml`,
2022-11-16 11:16:18 +00:00
adjusting `metadata.name` and `spec.secretName` as well as `spec.redirectUris`
- apply changes to the cluster
2022-11-16 11:24:21 +00:00
- obtain the generated `client_secret` for your application from kubernetes:
2022-11-16 11:16:18 +00:00
2022-11-16 11:24:21 +00:00
kubectl get secret -n flux-system stackspin-APP-oauth-variables --template '{{.data.client_secret}}' | base64 -d
with client_id:
kubectl get secret -n flux-system stackspin-APP-oauth-variables --template '{{.data.client_id}}{{"\n"}}{{.data.client_secret}}{{"\n"}}' | while read in; do echo $in | base64 -d; echo; done
2022-11-16 11:16:18 +00:00
## Customizations
2022-03-30 20:11:12 +00:00
### Overrides
- Adds many Nextcloud extensions and some configuration
2023-12-11 16:52:49 +00:00
-> most notably `external` to add Applications into Nextcloud as hub
- Add Email Auth back to Zulip so guests can be invited
### New Applications
2022-11-16 11:16:18 +00:00
below list is formatted as:
> subdomain: Service (helmrepo, if not provided by the service authors)
2023-12-11 16:52:49 +00:00
#### Stable including Single-Sign-On
2023-12-11 16:52:49 +00:00
- dev: Gitea (TODO: Forgej)
- do: Vikunja (k8s-at-home - migrating to creators chart)
- ninja: InvoiceNinja (No SSO)
#### In Development
- people: SuiteCRM (bitnami repo)
- time: Kimai (robjuz repo)
#### Planned
- meet: Jitsi Meet
- wiki: Wiki (maybe wikijs, but I'd like something that integrated with Nextcloud and Markdown/Orgdown)
#### Ideas
- link: URL Shortener
2023-12-11 16:52:49 +00:00
- connect: Bonfire
2023-12-11 16:52:49 +00:00
### Issues to Tackle
- generate_secrets.py was copied from Stackpin
2023-12-11 16:52:49 +00:00
-> new mechanism
#### Functionally
2023-12-11 16:52:49 +00:00
- Nextcloud too slow - add Redis?
- Preconfigure user settings in Nextcloud, Vikunja and more
2023-12-11 16:52:49 +00:00
## Setup
> Warning: Lots of experiments happening here!
2022-03-30 20:11:12 +00:00
2023-12-11 16:52:49 +00:00
First [install Stackspin](https://docs.stackspin.net/en/latest/installation/install_stackspin.html).
Then apply the configuration to your cluster:
2022-03-30 20:11:12 +00:00
```sh
2024-01-23 21:50:41 +00:00
install.sh
2022-03-30 20:11:12 +00:00
```
2023-12-11 16:52:49 +00:00
Done!
Note that the added applications are currently only toggled via repository changes
and integration with Stackspin mechanisms is very rudimentary.
To list the central resource related to this repo:
2022-03-30 20:11:12 +00:00
```sh
kubectl get gitrepositories -A
kubectl get kustomization -A -o=jsonpath='{.items[?(@.spec.sourceRef.name=="stackspout")].metadata.name}'
kubectl -n stackspout get helmreleases
kubectl -n stackspout get pods
2022-03-30 20:11:12 +00:00
```
2023-12-11 16:52:49 +00:00
But there are also ConfigMaps, Secrets, StatefulSets, PVCs, Helmrepos and more...