diff --git a/apps/templates/cert-manager.yaml b/apps/templates/cert-manager.yaml index c93bd56..2e63da0 100644 --- a/apps/templates/cert-manager.yaml +++ b/apps/templates/cert-manager.yaml @@ -9,12 +9,8 @@ spec: server: {{ .Values.spec.destination.server }} project: default source: - chart: cert-manager - repoURL: https://charts.jetstack.io - targetRevision: 1.*.* - helm: - valuesObject: - crds: - enabled: true + path: cert-manager + repoURL: {{ .Values.spec.source.repoURL }} + targetRevision: {{ .Values.spec.source.targetRevision }} syncPolicy: automated: {} \ No newline at end of file diff --git a/apps/templates/cluster-config.yaml b/apps/templates/cluster-config.yaml new file mode 100644 index 0000000..deccbb1 --- /dev/null +++ b/apps/templates/cluster-config.yaml @@ -0,0 +1,16 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: cluster-config + namespace: argocd +spec: + destination: + namespace: default + server: {{ .Values.spec.destination.server }} + project: default + source: + path: cluster-config + repoURL: {{ .Values.spec.source.repoURL }} + targetRevision: {{ .Values.spec.source.targetRevision }} + syncPolicy: + automated: {} \ No newline at end of file diff --git a/argocd/kustomization.yaml b/argocd/kustomization.yaml index 8d6b7dc..32499c2 100644 --- a/argocd/kustomization.yaml +++ b/argocd/kustomization.yaml @@ -8,3 +8,7 @@ configMapGenerator: behavior: merge files: - ssh_known_hosts +- name: argocd-cm + behavior: merge + literals: + - kustomize.buildOptions=--enable-helm \ No newline at end of file diff --git a/cert-manager/cloudflare.yaml b/cert-manager/cloudflare.yaml new file mode 100644 index 0000000..bb565e3 --- /dev/null +++ b/cert-manager/cloudflare.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: cloudflare-api-token-secret +type: Opaque +stringData: + api-token: 2HvBOy8LzwnvssuL4jZxOVlMtHoLP981FJRY2cQF \ No newline at end of file diff --git a/cert-manager/clusterissuer.yaml b/cert-manager/clusterissuer.yaml new file mode 100644 index 0000000..233207a --- /dev/null +++ b/cert-manager/clusterissuer.yaml @@ -0,0 +1,21 @@ +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-prod + namespace: cert-manager +spec: + acme: + # The ACME server URL + server: https://acme-v02.api.letsencrypt.org/directory + # Email address used for ACME registration + email: leon.liuyang.d@gmail.com + # Name of a secret used to store the ACME account private key + privateKeySecretRef: + name: letsencrypt-prod + # Enable the HTTP-01 challenge provider + solvers: + - dns01: + cloudflare: + apiTokenSecretRef: + name: cloudflare-api-token-secret + key: api-token \ No newline at end of file diff --git a/cert-manager/kustomization.yaml b/cert-manager/kustomization.yaml new file mode 100644 index 0000000..7ff5519 --- /dev/null +++ b/cert-manager/kustomization.yaml @@ -0,0 +1,12 @@ +resources: + - cloudflare.yaml + - clusterissuer.yaml + +helmCharts: + - name: cert-manager + repo: https://charts.jetstack.io + releaseName: cert-manager + namespace: cert-manager + valuesInline: + crds: + enabled: true \ No newline at end of file diff --git a/cluster-config/dockerconfig.yaml b/cluster-config/dockerconfig.yaml new file mode 100644 index 0000000..236949b --- /dev/null +++ b/cluster-config/dockerconfig.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +data: + .dockerconfigjson: eyJhdXRocyI6eyJnaGNyLmlvIjp7InVzZXJuYW1lIjoibGVvbmxpdXkiLCJwYXNzd29yZCI6ImdocF9GU0swVDhxRE1mYmZ0eFJhZ1VaVU1DWWZ0eFlLM2IxckcwTHAiLCJlbWFpbCI6Imxlb24ubGl1eWFuZy5kQGdtYWlsLmNvbSIsImF1dGgiOiJiR1Z2Ym14cGRYazZaMmh3WDBaVFN6QlVPSEZFVFdaaVpuUjRVbUZuVlZwVlRVTlpablI0V1VzellqRnlSekJNY0E9PSJ9fX0= +kind: Secret +metadata: + name: ghcr-auth +type: kubernetes.io/dockerconfigjson \ No newline at end of file