diff --git a/README.md b/README.md index 85e2a5b..c919fa9 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,6 @@ For more information about k3s cluster/nodes setup check [readme](./docs/k3s-clu - [Zigbee2mqtt](#zigbee2mqtt) - [node-red](#node-red) - [core-dns](#core-dns) -- [casa-vlan-cicd-runners (gitea act runners)](#casa-vlan-cicd-runners-gitea-act-runners) ## Home Assistant @@ -51,7 +50,6 @@ For more information about home assistant integration [check home assistant repo Deployments and scripts on services/wyoming repo folder. -[Continuous deploy](./.gitea/workflows/casa-services-deploy.yaml). Links: @@ -68,8 +66,6 @@ Attached SONOFF Universal Zigbee 3.0 USB Dongle Plus to the Proxmox node and con Deployments and scripts on services/Zigbee2mqtt repo folder. -[Continuous deploy](./.gitea/workflows/casa-services-deploy.yaml). - ## node-red check [readme](./services/node-red/README.md) for more information on setup and configuration. @@ -98,17 +94,3 @@ data: # ``` - -## casa-vlan-cicd-runners (gitea act runners) - -**Deploy app:** - -```bash -./services/casa-vlan-cicd-runners/ops-scripts/apply-app.sh -``` - -**Deploy Infra:** - -```bash -./services/casa-vlan-cicd-runners/ops-scripts/apply-infra.sh -``` diff --git a/services/storage-limbosolutions-com/.sops.yaml b/services/storage-limbosolutions-com/.sops.yaml new file mode 100644 index 0000000..68cff37 --- /dev/null +++ b/services/storage-limbosolutions-com/.sops.yaml @@ -0,0 +1,11 @@ +creation_rules: + # encrypt all values from file + - path_regex: \.dec\.yaml$ + encrypted_regex: '^(.*)$' + age: + - age1f9e4pvp5y8gzuk8mz2s5xm85dd7znxhk56tcpuxqwn78qfjwja0qekwlju + # encrypt secrets files + - path_regex: .*.yaml + encrypted_regex: ^(data|stringData)$ + age: + - age1f9e4pvp5y8gzuk8mz2s5xm85dd7znxhk56tcpuxqwn78qfjwja0qekwlju \ No newline at end of file diff --git a/services/storage-limbosolutions-com/README.md b/services/storage-limbosolutions-com/README.md new file mode 100644 index 0000000..4d760f4 --- /dev/null +++ b/services/storage-limbosolutions-com/README.md @@ -0,0 +1,17 @@ +# storage-limbosolutions-com + + + +## Setup + +Using flux for reconciliation. + +``` bash +./ops-scripts/apply-flux.sh +``` + +**Encrypt secrets:** + +``` bash +sops -e deploy/app/helm-values.private.dec.yaml > deploy/app/helm-values.private.yaml +``` diff --git a/services/storage-limbosolutions-com/deploy/app/helm-release.yaml b/services/storage-limbosolutions-com/deploy/app/helm-release.yaml new file mode 100644 index 0000000..6534cdb --- /dev/null +++ b/services/storage-limbosolutions-com/deploy/app/helm-release.yaml @@ -0,0 +1,22 @@ +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: storage-limbosolutions-com-seaweedfs-csi-driver +spec: + releaseName: storage-limbosolutions-com-seaweedfs-csi-driver + interval: 40h + chart: + spec: + chart: seaweedfs-csi-driver + version: 0.2.x + sourceRef: + kind: HelmRepository + name: seaweedfs-csi-driver + interval: 40h + valuesFrom: + - kind: Secret + name: seaweedfs-csi-helm-values + valuesKey: values.yaml + - kind: Secret + name: seaweedfs-csi-helm-values + valuesKey: values.private.yaml \ No newline at end of file diff --git a/services/storage-limbosolutions-com/deploy/app/helm-repo.yaml b/services/storage-limbosolutions-com/deploy/app/helm-repo.yaml new file mode 100644 index 0000000..9e3f3aa --- /dev/null +++ b/services/storage-limbosolutions-com/deploy/app/helm-repo.yaml @@ -0,0 +1,7 @@ +apiVersion: source.toolkit.fluxcd.io/v1 +kind: HelmRepository +metadata: + name: seaweedfs-csi-driver +spec: + interval: 40h + url: https://seaweedfs.github.io/seaweedfs-csi-driver/helm \ No newline at end of file diff --git a/services/storage-limbosolutions-com/deploy/app/helm-values.private.yaml b/services/storage-limbosolutions-com/deploy/app/helm-values.private.yaml new file mode 100644 index 0000000..abe0eb8 --- /dev/null +++ b/services/storage-limbosolutions-com/deploy/app/helm-values.private.yaml @@ -0,0 +1,16 @@ +seaweedfsFiler: ENC[AES256_GCM,data:NkXmSvxU0i4HmwzXi3X31pY=,iv:hk8W9Yo7SG4TZKjNwhC8Ov70K9sa0I9ddiX6YZt+uIM=,tag:SDPqLpvW7UjQUr1jLVB0AA==,type:str] +sops: + age: + - enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUOGtiaWhmZ0p6Z29HdGVX + OGM1NGlZV1c2M3psZTdNOVVVYzBHak1HVVV3CjZFYXpudDdlTHBnekwvQ2NqcnVW + cE9LRk5mYnBYZkphc0ZzRjFMdVBuZjAKLS0tIGUvUSswZzlTRTRPWExTOTdPQlps + RUhBc280ODVjaFgyYi91d2U2WEtoS0EKk5PrgsSWWfCkwg+I7nIPY2dmOkLuOME4 + RGO+MgqmlJIkw0c3sE0HnEjsbJm/QNClHPPVG+DvG1+2Hmw/iHBitQ== + -----END AGE ENCRYPTED FILE----- + recipient: age1f9e4pvp5y8gzuk8mz2s5xm85dd7znxhk56tcpuxqwn78qfjwja0qekwlju + encrypted_regex: ^(.*)$ + lastmodified: "2026-06-07T22:11:46Z" + mac: ENC[AES256_GCM,data:4Evu7sdJuy6aRw58/qQkxY9HzDHcREfOklzjc43PASrMjXrfgwzFJVGZ2KAIHlQtLPMgrdRaxHV+u0XQ6pMiGvfzJg2q3IYQOA9SqyeKAnvOsIjWcKnIzRkvhiEC3RCsOxm4dR1dFiITz/0exiCs2E3AFAdo2H4cC7joA7AQFYk=,iv:550SS2OnNvtoP9ERlI0IYeDRY93zNpUAKKNrrrDKJb0=,tag:MBs8CguK+51AxRfHiOoUgA==,type:str] + version: 3.13.1 diff --git a/services/storage-limbosolutions-com/deploy/app/helm-values.yaml b/services/storage-limbosolutions-com/deploy/app/helm-values.yaml new file mode 100644 index 0000000..c12c99e --- /dev/null +++ b/services/storage-limbosolutions-com/deploy/app/helm-values.yaml @@ -0,0 +1,6 @@ +storageClassName: "storage-limbosolutions-com" +storageClassVolumeBindingMode: Immediate +isDefaultStorageClass: false +tlsSecret: "" +driverName: storage-limbosolutions-com-csi-driver + diff --git a/services/storage-limbosolutions-com/deploy/app/kustomization.yaml b/services/storage-limbosolutions-com/deploy/app/kustomization.yaml new file mode 100644 index 0000000..6183e1a --- /dev/null +++ b/services/storage-limbosolutions-com/deploy/app/kustomization.yaml @@ -0,0 +1,13 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: teleport-agent +resources: + - helm-repo.yaml + - helm-release.yaml +secretGenerator: + - name: seaweedfs-csi-helm-values + files: + - values.yaml=helm-values.yaml + - values.private.yaml=helm-values.private.yaml +generatorOptions: + disableNameSuffixHash: true \ No newline at end of file diff --git a/services/storage-limbosolutions-com/deploy/flux/.env.d/.gitignore b/services/storage-limbosolutions-com/deploy/flux/.env.d/.gitignore new file mode 100644 index 0000000..d29675e --- /dev/null +++ b/services/storage-limbosolutions-com/deploy/flux/.env.d/.gitignore @@ -0,0 +1,2 @@ +** +!.gitignore \ No newline at end of file diff --git a/services/storage-limbosolutions-com/deploy/flux/app-sync.yaml b/services/storage-limbosolutions-com/deploy/flux/app-sync.yaml new file mode 100644 index 0000000..8564e48 --- /dev/null +++ b/services/storage-limbosolutions-com/deploy/flux/app-sync.yaml @@ -0,0 +1,16 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: teleport-agent +spec: + interval: 1m + sourceRef: + kind: GitRepository + name: casa + namespace: casa-limbosolutions-com + path: services/storage-limbosolutions-com/deploy/app + prune: true + decryption: + provider: sops + secretRef: + name: flux-sops-age \ No newline at end of file diff --git a/services/storage-limbosolutions-com/deploy/flux/kustomization.yaml b/services/storage-limbosolutions-com/deploy/flux/kustomization.yaml new file mode 100644 index 0000000..7407cc3 --- /dev/null +++ b/services/storage-limbosolutions-com/deploy/flux/kustomization.yaml @@ -0,0 +1,11 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: storage-limbosolutions-com +resources: + - app-sync.yaml +secretGenerator: + - name: flux-sops-age + files: + - "age.agekey=./.env.d/age.agekey" +generatorOptions: + disableNameSuffixHash: true \ No newline at end of file diff --git a/storage-limbosolutions-com/ops-scripts/apply.sh b/services/storage-limbosolutions-com/ops-scripts/apply.sh similarity index 66% rename from storage-limbosolutions-com/ops-scripts/apply.sh rename to services/storage-limbosolutions-com/ops-scripts/apply.sh index 8710637..268793a 100755 --- a/storage-limbosolutions-com/ops-scripts/apply.sh +++ b/services/storage-limbosolutions-com/ops-scripts/apply.sh @@ -6,7 +6,7 @@ kubectl kustomize ./storage-limbosolutions-com/deploy/infra | kubectl apply -f - helm repo add seaweedfs-csi-driver https://seaweedfs.github.io/seaweedfs-csi-driver/helm helm repo update seaweedfs-csi-driver -helm upgrade --install --version 0.2.15 \ ---values=./storage-limbosolutions-com/deploy/helm/values.yaml \ ---values=./storage-limbosolutions-com/deploy/helm/values.private.yaml \ +helm upgrade --install --version 0.2.23 \ +--values=./deploy/helm-values.yaml \ +--values=./deploy/helm-values.private.yaml \ storage-limbosolutions-com-seaweedfs-csi-driver seaweedfs-csi-driver/seaweedfs-csi-driver --namespace storage-limbosolutions-com \ No newline at end of file diff --git a/storage-limbosolutions-com/README.md b/storage-limbosolutions-com/README.md deleted file mode 100644 index fd66b1e..0000000 --- a/storage-limbosolutions-com/README.md +++ /dev/null @@ -1,7 +0,0 @@ -# storage-limbosolutions-com - - - -```bash {cwd=../} -./storage-limbosolutions-com/ops-scripts/apply.sh -``` diff --git a/storage-limbosolutions-com/deploy/helm/values.yaml b/storage-limbosolutions-com/deploy/helm/values.yaml deleted file mode 100644 index 00ecf15..0000000 --- a/storage-limbosolutions-com/deploy/helm/values.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# host and port of your SeaweedFs filer -seaweedfsFiler: "f???:8888" -storageClassName: "storage-limbosolutions-com" -storageClassVolumeBindingMode: Immediate -isDefaultStorageClass: false -tlsSecret: "" -imagePullPolicy: "Always" -driverName: storage-limbosolutions-com-csi-driver - - - -mountService: - enabled: true - image: chrislusf/seaweedfs-mount - # problems with latest version of mounter on helm version 0.2.15 - tag: v1.4.4 - -seaweedfsCsiPlugin: - image: chrislusf/seaweedfs-csi-driver - # problems with latest version of mounter on helm version 0.2.15 - tag: v1.4.4 - diff --git a/storage-limbosolutions-com/deploy/infra/kustomization.yaml b/storage-limbosolutions-com/deploy/infra/kustomization.yaml deleted file mode 100644 index 13aa9a1..0000000 --- a/storage-limbosolutions-com/deploy/infra/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ - -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - namespace.yaml -generatorOptions: - disableNameSuffixHash: true \ No newline at end of file diff --git a/storage-limbosolutions-com/deploy/infra/namespace.yaml b/storage-limbosolutions-com/deploy/infra/namespace.yaml deleted file mode 100644 index cb32588..0000000 --- a/storage-limbosolutions-com/deploy/infra/namespace.yaml +++ /dev/null @@ -1,7 +0,0 @@ - -apiVersion: v1 -kind: Namespace -metadata: - name: storage-limbosolutions-com - labels: - name: storage-limbosolutions-com \ No newline at end of file