flux: prep git repo

README.md

@@ -22,6 +22,30 @@ References:
 - <https://gitea.com/gitea/helm-gitea>
 - <https://dl.gitea.com/charts/>
 
+Migration to flux
+
+For fluxcd setup execute.
+
+```bash
+ops-scripts/apply-flux.sh
+```
+
+**sops / age:**
+
+``` bash
+age-keygen -o deploy/clusters/prod/flux-system/.env.d/age.agekey
+cat deploy/clusters/prod/flux-system/.env.d/age.agekey | \
+kubectl create secret generic flux-sops-age \
+--namespace=git-limbosolutions-com \
+--from-file=age.agekey=/dev/stdin
+```
+
+**Encrypt secrets:**
+
+``` bash
+sops -e deploy/clusters/prod/app/helm-values.private.dec.yaml > deploy/clusters/prod/app/helm-values.private.yaml
+```
+
 ### Continuous Deploy
 
 Executes [App Deploy](#app) using [Gitea workflow](./.gitea/workflows/app-continous-deploy.yaml).
@@ -50,6 +74,8 @@ Deploy App
 ```
 
 - [kustomization](/deploy/infra/kustomization.yaml)
+
+
   
 ## Backups
 

deploy/flux/git-repo.yaml

@@ -0,0 +1,12 @@
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: GitRepository
+metadata:
+  name: git-limbosolutions-com
+  namespace: git-limbosolutions-com
+spec:
+  interval: 1m0s
+  url: ssh://git@git.limbosolutions.com:2222/limbosolutions.com/git.limbosolutions.com.git
+  ref:
+    branch: main
+  secretRef:
+    name: flux-repo-ssh-credentials

deploy/flux/kustomization.yaml

@@ -0,0 +1,12 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+ - git-repo.yaml
+secretGenerator:
+  - name: flux-repo-ssh-credentials
+    files:
+      - "identity=./.env.d/flux-repo-ssh-key"
+      - "known_hosts=./.env.d/flux-repo-ssh-known_hosts"
+      - "pubkey=./.env.d/flux-repo-ssh-key.pub"
+generatorOptions:
+  disableNameSuffixHash: true

ops-scripts/apply-flux.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+set -e
+echo "Executing infra deploy."
+
+kubectl kustomize deploy/flux | kubectl -n git-limbosolutions-com apply -f -
+
+