diff --git a/apps/code-kustomization.yaml b/apps/code-kustomization.yaml new file mode 100644 index 0000000..62419a3 --- /dev/null +++ b/apps/code-kustomization.yaml @@ -0,0 +1,13 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1beta1 +kind: Kustomization +metadata: + name: stackspout-apps + namespace: flux-system +spec: + interval: 10m + retryInterval: 2m + prune: true + path: ./apps/code + sourceRef: + kind: GitRepository + name: stackspout diff --git a/apps/gitea-kustomization.yaml b/apps/code/gitea-kustomization.yaml similarity index 96% rename from apps/gitea-kustomization.yaml rename to apps/code/gitea-kustomization.yaml index 3e1bed5..12ceb54 100644 --- a/apps/gitea-kustomization.yaml +++ b/apps/code/gitea-kustomization.yaml @@ -5,7 +5,7 @@ metadata: namespace: flux-system spec: interval: 10m - retryInterval: 1m + retryInterval: 2m wait: true timeout: 3m dependsOn: diff --git a/apps/code/gitea-secrets/stackspin-gitea-variables.yaml b/apps/code/gitea-secrets/stackspin-gitea-variables.yaml new file mode 100644 index 0000000..f629e7d --- /dev/null +++ b/apps/code/gitea-secrets/stackspin-gitea-variables.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: secretgenerator.mittwald.de/v1alpha1 +kind: StringSecret +metadata: + name: stackspin-gitea-variables + namespace: flux-system +spec: + fields: + - fieldName: gitea_mariadb_password + - fieldName: gitea_mariadb_root_password + - fieldName: gitea_session_secret diff --git a/apps/code/gitea-secrets/stackspout-gitea-oauth-secret.yaml b/apps/code/gitea-secrets/stackspout-gitea-oauth-secret.yaml new file mode 100644 index 0000000..9117d44 --- /dev/null +++ b/apps/code/gitea-secrets/stackspout-gitea-oauth-secret.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: secretgenerator.mittwald.de/v1alpha1 +kind: StringSecret +metadata: + name: stackspin-gitea-oauth-variables + namespace: flux-system +spec: + data: + client_id: gitea + fields: + - fieldName: client_secret + length: "32" diff --git a/apps/code/gitea-data-pvc.yaml b/apps/code/gitea/gitea-data-pvc.yaml similarity index 100% rename from apps/code/gitea-data-pvc.yaml rename to apps/code/gitea/gitea-data-pvc.yaml diff --git a/apps/code/gitea-oauth-client.yaml b/apps/code/gitea/gitea-oauth-client.yaml similarity index 100% rename from apps/code/gitea-oauth-client.yaml rename to apps/code/gitea/gitea-oauth-client.yaml diff --git a/apps/code/gitea-postgres-pvc.yaml b/apps/code/gitea/gitea-postgres-pvc.yaml similarity index 100% rename from apps/code/gitea-postgres-pvc.yaml rename to apps/code/gitea/gitea-postgres-pvc.yaml diff --git a/apps/code/gitea-release.yaml b/apps/code/gitea/gitea-release.yaml similarity index 100% rename from apps/code/gitea-release.yaml rename to apps/code/gitea/gitea-release.yaml diff --git a/apps/code/gitea-values-configmap.yaml b/apps/code/gitea/gitea-values-configmap.yaml similarity index 100% rename from apps/code/gitea-values-configmap.yaml rename to apps/code/gitea/gitea-values-configmap.yaml diff --git a/apps/code/ingress-gitea.yaml b/apps/code/gitea/ingress-gitea.yaml similarity index 100% rename from apps/code/ingress-gitea.yaml rename to apps/code/gitea/ingress-gitea.yaml diff --git a/apps/code/gitea/kustomization.yaml b/apps/code/gitea/kustomization.yaml new file mode 100644 index 0000000..938a8c1 --- /dev/null +++ b/apps/code/gitea/kustomization.yaml @@ -0,0 +1,9 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - gitea-release.yaml + - gitea-values-configmap.yaml + - metallb-gitea.yaml + - gitea-oauth-client.yaml + - gitea-data-pvc.yaml + - gitea-postgres-pvc.yaml diff --git a/apps/code/metallb-gitea.yaml b/apps/code/gitea/metallb-gitea.yaml similarity index 100% rename from apps/code/metallb-gitea.yaml rename to apps/code/gitea/metallb-gitea.yaml diff --git a/apps/do-test/kustomization.yaml b/apps/do/do-test/kustomization.yaml similarity index 100% rename from apps/do-test/kustomization.yaml rename to apps/do/do-test/kustomization.yaml diff --git a/apps/do-test/vikunja-oauth-client.yaml b/apps/do/do-test/vikunja-oauth-client.yaml similarity index 100% rename from apps/do-test/vikunja-oauth-client.yaml rename to apps/do/do-test/vikunja-oauth-client.yaml diff --git a/apps/do-test/vikunja-postgres-pvc.yaml b/apps/do/do-test/vikunja-postgres-pvc.yaml similarity index 100% rename from apps/do-test/vikunja-postgres-pvc.yaml rename to apps/do/do-test/vikunja-postgres-pvc.yaml diff --git a/apps/do-test/vikunja-release.yaml b/apps/do/do-test/vikunja-release.yaml similarity index 100% rename from apps/do-test/vikunja-release.yaml rename to apps/do/do-test/vikunja-release.yaml diff --git a/apps/do-test/vikunja-values-configmap.yaml b/apps/do/do-test/vikunja-values-configmap.yaml similarity index 100% rename from apps/do-test/vikunja-values-configmap.yaml rename to apps/do/do-test/vikunja-values-configmap.yaml diff --git a/apps/vikunja-kustomization.yaml b/apps/do/vikunja-kustomization.yaml similarity index 96% rename from apps/vikunja-kustomization.yaml rename to apps/do/vikunja-kustomization.yaml index fea8112..332d5bc 100644 --- a/apps/vikunja-kustomization.yaml +++ b/apps/do/vikunja-kustomization.yaml @@ -6,7 +6,7 @@ metadata: namespace: flux-system spec: interval: 10m - retryInterval: 1m + retryInterval: 2m wait: true timeout: 3m dependsOn: diff --git a/apps/do/vikunja-secrets/stackspout-vikunja-variables.yaml b/apps/do/vikunja-secrets/stackspout-vikunja-variables.yaml new file mode 100644 index 0000000..6e55c96 --- /dev/null +++ b/apps/do/vikunja-secrets/stackspout-vikunja-variables.yaml @@ -0,0 +1,9 @@ +apiVersion: secretgenerator.mittwald.de/v1alpha1 +kind: StringSecret +metadata: + name: stackspin-vikunja-variables + namespace: flux-system +spec: + fields: + - fieldName: jwt + - fieldName: postgresql_password diff --git a/apps/vikunja-test-kustomization.yaml b/apps/do/vikunja-test-kustomization.yaml similarity index 96% rename from apps/vikunja-test-kustomization.yaml rename to apps/do/vikunja-test-kustomization.yaml index f060498..aafb037 100644 --- a/apps/vikunja-test-kustomization.yaml +++ b/apps/do/vikunja-test-kustomization.yaml @@ -6,7 +6,7 @@ metadata: namespace: flux-system spec: interval: 10m - retryInterval: 1m + retryInterval: 2m wait: true timeout: 3m dependsOn: diff --git a/apps/do/kustomization.yaml b/apps/do/vikunja/kustomization.yaml similarity index 100% rename from apps/do/kustomization.yaml rename to apps/do/vikunja/kustomization.yaml diff --git a/apps/do/vikunja-files-pvc.yaml b/apps/do/vikunja/vikunja-files-pvc.yaml similarity index 100% rename from apps/do/vikunja-files-pvc.yaml rename to apps/do/vikunja/vikunja-files-pvc.yaml diff --git a/apps/do/vikunja-oauth-client.yaml b/apps/do/vikunja/vikunja-oauth-client.yaml similarity index 100% rename from apps/do/vikunja-oauth-client.yaml rename to apps/do/vikunja/vikunja-oauth-client.yaml diff --git a/apps/do/vikunja-postgres-pvc.yaml b/apps/do/vikunja/vikunja-postgres-pvc.yaml similarity index 100% rename from apps/do/vikunja-postgres-pvc.yaml rename to apps/do/vikunja/vikunja-postgres-pvc.yaml diff --git a/apps/do/vikunja-release.yaml b/apps/do/vikunja/vikunja-release.yaml similarity index 100% rename from apps/do/vikunja-release.yaml rename to apps/do/vikunja/vikunja-release.yaml diff --git a/apps/do/vikunja-values-configmap.yaml b/apps/do/vikunja/vikunja-values-configmap.yaml similarity index 100% rename from apps/do/vikunja-values-configmap.yaml rename to apps/do/vikunja/vikunja-values-configmap.yaml diff --git a/apps/forge-kustomization.yaml b/apps/forge-kustomization.yaml new file mode 100644 index 0000000..489a138 --- /dev/null +++ b/apps/forge-kustomization.yaml @@ -0,0 +1,13 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1beta1 +kind: Kustomization +metadata: + name: stackspout-apps + namespace: flux-system +spec: + interval: 10m + retryInterval: 2m + prune: true + path: ./apps/forge + sourceRef: + kind: GitRepository + name: stackspout diff --git a/apps/forgejo-kustomization.yaml b/apps/forge/forgejo-kustomization.yaml similarity index 96% rename from apps/forgejo-kustomization.yaml rename to apps/forge/forgejo-kustomization.yaml index 54f863a..f77286c 100644 --- a/apps/forgejo-kustomization.yaml +++ b/apps/forge/forgejo-kustomization.yaml @@ -5,7 +5,7 @@ metadata: namespace: flux-system spec: interval: 10m - retryInterval: 1m + retryInterval: 2m wait: true timeout: 3m dependsOn: diff --git a/apps/forge/forgejo-data-pvc.yaml b/apps/forge/forgejo/forgejo-data-pvc.yaml similarity index 100% rename from apps/forge/forgejo-data-pvc.yaml rename to apps/forge/forgejo/forgejo-data-pvc.yaml diff --git a/apps/forge/forgejo-oauth-client.yaml b/apps/forge/forgejo/forgejo-oauth-client.yaml similarity index 100% rename from apps/forge/forgejo-oauth-client.yaml rename to apps/forge/forgejo/forgejo-oauth-client.yaml diff --git a/apps/forge/forgejo-postgres-pvc.yaml b/apps/forge/forgejo/forgejo-postgres-pvc.yaml similarity index 100% rename from apps/forge/forgejo-postgres-pvc.yaml rename to apps/forge/forgejo/forgejo-postgres-pvc.yaml diff --git a/apps/forge/forgejo-release.yaml b/apps/forge/forgejo/forgejo-release.yaml similarity index 100% rename from apps/forge/forgejo-release.yaml rename to apps/forge/forgejo/forgejo-release.yaml diff --git a/apps/forge/forgejo-values-configmap.yaml b/apps/forge/forgejo/forgejo-values-configmap.yaml similarity index 100% rename from apps/forge/forgejo-values-configmap.yaml rename to apps/forge/forgejo/forgejo-values-configmap.yaml diff --git a/apps/kustomization.yaml b/apps/kustomization.yaml index ebeee95..339d15e 100644 --- a/apps/kustomization.yaml +++ b/apps/kustomization.yaml @@ -1,8 +1,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - gitea-kustomization.yaml - - forgejo-kustomization.yaml - - invoiceninja-customization.yaml - - vikunja-kustomization.yaml - - vikunja-test-kustomization.yaml + - code-kustomization.yaml + - forge-kustomization.yaml + - ninja-kustomization.yaml diff --git a/apps/ninja-kustomization.yaml b/apps/ninja-kustomization.yaml new file mode 100644 index 0000000..71a100c --- /dev/null +++ b/apps/ninja-kustomization.yaml @@ -0,0 +1,13 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1beta1 +kind: Kustomization +metadata: + name: stackspout-apps + namespace: flux-system +spec: + interval: 10m + retryInterval: 2m + prune: true + path: ./apps/ninja + sourceRef: + kind: GitRepository + name: stackspout diff --git a/apps/invoiceninja-customization.yaml b/apps/ninja/invoiceninja-customization.yaml similarity index 97% rename from apps/invoiceninja-customization.yaml rename to apps/ninja/invoiceninja-customization.yaml index 9688422..efcb7a0 100644 --- a/apps/invoiceninja-customization.yaml +++ b/apps/ninja/invoiceninja-customization.yaml @@ -5,7 +5,7 @@ metadata: namespace: flux-system spec: interval: 10m - retryInterval: 1m + retryInterval: 2m wait: true timeout: 3m #dependsOn: diff --git a/apps/ninja/invoiceninja-mariadb-pvc.yaml b/apps/ninja/invoiceninja/invoiceninja-mariadb-pvc.yaml similarity index 100% rename from apps/ninja/invoiceninja-mariadb-pvc.yaml rename to apps/ninja/invoiceninja/invoiceninja-mariadb-pvc.yaml diff --git a/apps/ninja/invoiceninja-pvc.yaml b/apps/ninja/invoiceninja/invoiceninja-pvc.yaml similarity index 100% rename from apps/ninja/invoiceninja-pvc.yaml rename to apps/ninja/invoiceninja/invoiceninja-pvc.yaml diff --git a/apps/ninja/invoiceninja-release.yaml b/apps/ninja/invoiceninja/invoiceninja-release.yaml similarity index 100% rename from apps/ninja/invoiceninja-release.yaml rename to apps/ninja/invoiceninja/invoiceninja-release.yaml diff --git a/apps/ninja/invoiceninja-values-configmap.yaml b/apps/ninja/invoiceninja/invoiceninja-values-configmap.yaml similarity index 100% rename from apps/ninja/invoiceninja-values-configmap.yaml rename to apps/ninja/invoiceninja/invoiceninja-values-configmap.yaml diff --git a/apps/ninja/invoiceninja/stackspout-invoiceninja-variables.yaml b/apps/ninja/invoiceninja/stackspout-invoiceninja-variables.yaml new file mode 100644 index 0000000..f6ba2d0 --- /dev/null +++ b/apps/ninja/invoiceninja/stackspout-invoiceninja-variables.yaml @@ -0,0 +1,12 @@ +apiVersion: secretgenerator.mittwald.de/v1alpha1 +kind: StringSecret +metadata: + name: stackspin-invoiceninja-variables + namespace: flux-system +spec: + fields: + - fieldName: app_key + - fieldName: password + - fieldName: redis_password + - fieldName: mariadb_password + - fieldName: mariadb_root_password diff --git a/apps/people/suitecrm-secrets/stackspout-suitecrm-variables.yaml b/apps/people/suitecrm-secrets/stackspout-suitecrm-variables.yaml new file mode 100644 index 0000000..551c402 --- /dev/null +++ b/apps/people/suitecrm-secrets/stackspout-suitecrm-variables.yaml @@ -0,0 +1,9 @@ +apiVersion: secretgenerator.mittwald.de/v1alpha1 +kind: StringSecret +metadata: + name: stackspin-suitecrm-variables + namespace: flux-system +data: + password: "{{ 32 | generate_password | b64encode }}" + mariadb_password: "{{ 32 | generate_password | b64encode }}" + mariadb_root_password: "{{ 32 | generate_password | b64encode }}" diff --git a/apps/people/kustomization.yaml b/apps/people/suitecrm/kustomization.yaml similarity index 100% rename from apps/people/kustomization.yaml rename to apps/people/suitecrm/kustomization.yaml diff --git a/apps/people/suitecrm-release.yaml b/apps/people/suitecrm/suitecrm-release.yaml similarity index 100% rename from apps/people/suitecrm-release.yaml rename to apps/people/suitecrm/suitecrm-release.yaml diff --git a/apps/people/suitecrm-values-configmap.yaml b/apps/people/suitecrm/suitecrm-values-configmap.yaml similarity index 100% rename from apps/people/suitecrm-values-configmap.yaml rename to apps/people/suitecrm/suitecrm-values-configmap.yaml diff --git a/apps/support/zammad-kustomization.yaml b/apps/support/zammad-kustomization.yaml new file mode 100644 index 0000000..ebc080a --- /dev/null +++ b/apps/support/zammad-kustomization.yaml @@ -0,0 +1,25 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +kind: Kustomization +metadata: + name: zammad + namespace: flux-system +spec: + interval: 10m + retryInterval: 2m + wait: true + timeout: 3m + dependsOn: + - name: single-sign-on + sourceRef: + kind: GitRepository + name: stackspout + path: ./basic/apps/name + prune: true + postBuild: + substituteFrom: + #- kind: Secret + # name: stackspin-zammad-variables + - kind: Secret + name: stackspin-zammad-oauth-variables + - kind: Secret + name: stackspin-cluster-variables diff --git a/apps/support/zammad/zammad-oauth-client.yaml b/apps/support/zammad/zammad-oauth-client.yaml new file mode 100644 index 0000000..5b4abe0 --- /dev/null +++ b/apps/support/zammad/zammad-oauth-client.yaml @@ -0,0 +1,21 @@ +apiVersion: hydra.ory.sh/v1alpha1 +kind: OAuth2Client +metadata: + name: zammad-oauth-client + # Has to live in the same namespace as the stackspin-zammad-oauth-variables secret + namespace: flux-system +spec: + # TODO copied from wekan: https://github.com/wekan/wekan/wiki/Keycloak + grantTypes: + - authorization_code + - refresh_token + - client_credentials + - implicit + responseTypes: + - id_token + - code + scope: "openid profile email stackspin_roles" + secretName: stackspin-zammad-oauth-variables + #redirectUris: + # - https://support.${domain}/oauth/openid/ + #tokenEndpointAuthMethod: client_secret_post diff --git a/apps/support/zammad/zammad-pvc.yaml b/apps/support/zammad/zammad-pvc.yaml new file mode 100644 index 0000000..5d2af63 --- /dev/null +++ b/apps/support/zammad/zammad-pvc.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: zammad-data + namespace: stackspout + labels: + stackspin.net/backupSet: "zammad" +spec: + accessModes: + - ReadWriteOnce + volumeMode: Filesystem + resources: + requests: + storage: 2Gi + storageClassName: local-path diff --git a/apps/support/zammad/zammad-release.yaml b/apps/support/zammad/zammad-release.yaml new file mode 100644 index 0000000..76664a8 --- /dev/null +++ b/apps/support/zammad/zammad-release.yaml @@ -0,0 +1,27 @@ +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: zammad + namespace: stackspout +spec: + releaseName: zammad + chart: + spec: + chart: zammad + version: # TODO + sourceRef: + kind: HelmRepository + name: zammad + namespace: flux-system + interval: 5m + valuesFrom: + - kind: ConfigMap + name: stackspin-zammad-values + optional: false + # Allow overriding values by ConfigMap or Secret + - kind: ConfigMap + name: stackspin-zammad-override + optional: true + - kind: Secret + name: stackspin-zammad-override + optional: true diff --git a/apps/support/zammad/zammad-values-configmap.yaml b/apps/support/zammad/zammad-values-configmap.yaml new file mode 100644 index 0000000..45e4f7e --- /dev/null +++ b/apps/support/zammad/zammad-values-configmap.yaml @@ -0,0 +1,40 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: stackspin-zammad-values + namespace: stackspout +data: + values.yaml: | + # TODO verify structure matches chart + ingress: + enabled: true + # Elaborate style + annotations: + kubernetes.io/tls-acme: "true" + hosts: + - host: "support.${domain}" + paths: + - path: / + pathType: Prefix + tls: + - secretName: zammad-tls + hosts: + - "support.${domain}" + # Bitnami style + hostname: "support.${domain}" + tls: true + certManager: true + # TODO Configure PVC for data & database + # TODO Adjust zammad Mailing config + # mailer: + # enabled: "${outgoing_mail_enabled}" + # host: "${outgoing_mail_smtp_host}" + # port: "${outgoing_mail_smtp_port}" + # username: "${outgoing_mail_smtp_user}" + # password: "${outgoing_mail_smtp_password}" + # fromemail: "${outgoing_mail_from_address}" + # TODO Adjust zammad OpenID Connect Single Sign-On Configuration + # - name: Stackspin + # key: "${client_id}" + # secret: "${client_secret}" + # autoDiscoverUrl: 'https://sso.${domain}/.well-known/openid-configuration' diff --git a/apps/time/kimai-secrets/stackspout-kimai-variables.yaml b/apps/time/kimai-secrets/stackspout-kimai-variables.yaml new file mode 100644 index 0000000..19c3a52 --- /dev/null +++ b/apps/time/kimai-secrets/stackspout-kimai-variables.yaml @@ -0,0 +1,10 @@ +apiVersion: secretgenerator.mittwald.de/v1alpha1 +kind: StringSecret +metadata: + name: stackspin-kimai-variables + namespace: flux-system +data: + password: "{{ 32 | generate_password | b64encode }}" + secret: "{{ 32 | generate_password | b64encode }}" + mariadb_password: "{{ 32 | generate_password | b64encode }}" + mariadb_root_password: "{{ 32 | generate_password | b64encode }}" diff --git a/apps/time/pvc.yaml b/apps/time/kimai/kimai-data-pvc.yaml similarity index 100% rename from apps/time/pvc.yaml rename to apps/time/kimai/kimai-data-pvc.yaml diff --git a/apps/time/kimai-release.yaml b/apps/time/kimai/kimai-release.yaml similarity index 100% rename from apps/time/kimai-release.yaml rename to apps/time/kimai/kimai-release.yaml diff --git a/apps/time/kimai-values-configmap.yaml b/apps/time/kimai/kimai-values-configmap.yaml similarity index 100% rename from apps/time/kimai-values-configmap.yaml rename to apps/time/kimai/kimai-values-configmap.yaml diff --git a/apps/time/kustomization.yaml b/apps/time/kustomization.yaml deleted file mode 100644 index c799291..0000000 --- a/apps/time/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - kimai-release.yaml - - pvc.yaml - - kimai-values-configmap.yaml diff --git a/infrastructure/sources/zammad.yaml b/infrastructure/sources/zammad.yaml new file mode 100644 index 0000000..8972876 --- /dev/null +++ b/infrastructure/sources/zammad.yaml @@ -0,0 +1,8 @@ +apiVersion: source.toolkit.fluxcd.io/v1beta1 +kind: HelmRepository +metadata: + name: zammad + namespace: flux-system +spec: + interval: 60m + url: https://zammad.github.io/zammad-helm