drone
nold 2 years ago
parent 543e877573
commit 24795dac54
  1. 17
      charts/heqet/templates/_helpers.tpl
  2. 30
      charts/heqet/templates/heqet-apps.yaml
  3. 75
      charts/heqet/values.yaml

@ -0,0 +1,17 @@
{{- /*
Heket's Auto TLS Ingress Injector [ATIC]:
*/ -}}
{{- define "heqet.ingress" }}
ingress:
enabled: true
hosts:
- {{ required "You need to set a domain for your app or disable atic" .domain }}
annotations:
kubernetes.io/ingress.class: {{ .ingress_class | default "nginx" }}
kubernetes.io/tls-acme: "true"
cert-manager.io/cluster-issuer: {{ .ingress_cluster_issuer | default "letsencrypt" }}
tls:
- secretName: {{ .name }}-le-tls
hosts:
- {{ .domain }}
{{- end }}

@ -31,25 +31,21 @@ spec:
- name: {{ .name | quote }}
value: {{ .value | quote }}
{{- end }}
{{- end }}
{{- if .values }}
{{- end -}}
{{- if or .values $.Values.ingress.enabled }}
values:
{{- if $.Values.tls.enabled }}
# Heket TLS Ingress Injector:
ingress:
enabled: true
hosts:
- {{ .name }}.{{ required "You need to set a domain or disable tls" $.Values.domain }}
annotations:
kubernetes.io/ingress.class: {{ $.Values.tls.ingress.class | default "nginx" }}
kubernetes.io/tls-acme: "true"
cert-manager.io/cluster-issuer: {{ $.Values.tls.cluster-issuer | default "letsencrypt" }}
tls:
- secretName: {{ .name }}-le-tls
hosts:
- {{ .name }}.{{ $.Values.domain }}
{{- if .values }}
{{- toYaml .values | indent 6 }}
{{- end }}
{{- if and $.Values.ingress.enabled .domain }}
{{- $shift := empty .ingress_prefix -}}
{{- $indent := ternary 8 10 $shift -}}
{{- if .ingress_prefix }}
{{ .ingress_prefix | indent 8 }}:
{{- end }}
{{- include "heqet.ingress" . | indent $indent -}}
{{- end }}
{{- toYaml .values | indent 6 }}
{{- end }}
{{- end }}
syncPolicy:

@ -1,4 +1,15 @@
# Install Custom Ressource Definitions?
installCRDs: true
# This configures Heqet's ATIC ['Automatic-Tls-Ingress-Creator']
ingress:
enabled: true
#FIXME: Can't disable tls ATM
tls:
enabled: true
#cluster-issuer
# etc.
heqet:
defaults:
project: "default"
@ -19,19 +30,14 @@ heqet:
- name: argocd
repoURL: https://github.com/argoproj/argo-helm
path: charts/argo-cd
domain: argocd.heqet.gnu.one
ingress_prefix: server
parameters:
- name: server.debug
value: true
values: |
dex:
enabled: false
server:
ingress:
enabled: true
hosts:
- argocd.heqet.gnu.one
annotations:
kubernetes.io/ingress.class: "nginx"
kubernetes.io/tls-acme: "true"
cert-manager.io/cluster-issuer: letsencrypt
logLevel: debug
controller:
logLevel: debug
repoServer:
@ -41,20 +47,8 @@ heqet:
path: charts/jaeger
repoURL: https://github.com/jaegertracing/helm-charts
targetRevision: HEAD
values: |-
query:
ingress:
enabled: true
hosts:
- jaeger.heqet.gnu.one
annotations:
kubernetes.io/ingress.class: "nginx"
kubernetes.io/tls-acme: "true"
cert-manager.io/cluster-issuer: letsencrypt
tls:
- secretName: jaeger-cert
hosts:
- jaeger.heqet.gnu.one
domain: jaeger.heqet.gnu.one
ingress_prefix: query
- name: nginx-ingress
repoURL: https://github.com/kubernetes/ingress-nginx
@ -91,43 +85,22 @@ heqet:
- name: vault
repoURL: https://github.com/hashicorp/vault-helm
domain: vault.heqet.gnu.one
ingress_prefix: server
parameters:
- name: server.dev.enabled
value: true
values: |-
ui:
enabled: true
server:
dev:
enabled: true
ingress:
enabled: true
hosts:
- host: vault.heqet.gnu.one
annotations:
kubernetes.io/ingress.class: "nginx"
kubernetes.io/tls-acme: "true"
cert-manager.io/cluster-issuer: letsencrypt
tls:
- secretName: vault-cert
hosts:
- vault.heqet.gnu.one
- name: kubernetes-dashboard
path: stable/kubernetes-dashboard
repoURL: https://github.com/helm/charts
domain: dashboard.heqet.gnu.one
values: |-
rbac:
clusterAdminRole: true
ingress:
enabled: true
hosts:
- dashboard.heqet.gnu.one
annotations:
kubernetes.io/ingress.class: "nginx"
kubernetes.io/tls-acme: "true"
cert-manager.io/cluster-issuer: letsencrypt
tls:
- secretName: kubedash-cert
hosts:
- dashboard.heqet.gnu.one
- name: loki-stack
path: charts/loki-stack

Loading…
Cancel
Save