nold/hive-apps
1
0
Fork 0
mirror of https://github.com/nold360/hive-apps synced 2024-11-20 04:29:26 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update: ansible & ingress values

Browse source
This commit is contained in:
nold 2022-01-23 16:17:46 +01:00
parent b6e9495027
commit 3aafc8d267
8 changed files with 84 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
ansible/Containerfile Normal file
View file

@ -0,0 +1,9 @@
FROM quay.io/ansible/ansible-runner:latest
RUN useradd -m nold && chown -R nold:nold /home/runner
COPY . /ansible
WORKDIR /ansible
USER 1000
CMD ["/bin/bash", "/ansible/entrypoint.sh"]

3
ansible/entrypoint.sh Normal file
View file

@ -0,0 +1,3 @@
#!/bin/bash
ansible-galaxy role list 2>/dev/null | grep -q ansible-role-k3s || ansible-galaxy role install git+https://github.com/PyratLabs/ansible-role-k3s
ansible-playbook k3s-playbook.yml -i inventory.ini -K

2
ansible/inventory.ini Normal file
View file

@ -0,0 +1,2 @@
[all]
hive.lan

24
ansible/k3s-playbook.yml
View file

@ -1,13 +1,25 @@
# K3s Setup/Update Playbook for my Homelab host
- hosts: localhost
connection: local
- hosts: all
vars:
ansible_user: nold
ansible_become_method: su
ansible_become: true
k3s_release_version: v1.22
k3s_debug: false
k3s_registration_address: 192.168.1.111
k3s_become_for_all: false
k3s_become: true
k3s_control_node: true
k3s_start_on_boot: false
k3s_registries:
mirrors:
docker.io:
endpoint:
- "https://reg.dc/f/docker"
configs:
"reg.dc":
tls:
ca_file: /etc/ssl/vault_ca.crt
k3s_server:
cluster-cidr: 10.0.0.0/8
flannel-backend: "none"
@ -16,6 +28,10 @@
- traefik
- servicelb
disable-network-policy: true
pre_tasks:
- name: Ensure Vault CA file exists
copy:
src: vault_ca.crt
dest: /etc/ssl/vault_ca.crt
roles:
- ansible-role-k3s

3
ansible/run.sh Normal file
View file

@ -0,0 +1,3 @@
#!/bin/bash
docker build -f Containerfile -t hive-ansible .
docker run -ti --rm -v /home/nold/.ssh:/home/nold/.ssh hive-ansible

41
ansible/vault_ca.crt Normal file
View file

@ -0,0 +1,41 @@
-----BEGIN CERTIFICATE-----
MIIDGjCCAgKgAwIBAgIUEaD1kSZtDX9X/0rZMSIjvurPqIowDQYJKoZIhvcNAQEL
BQAwDTELMAkGA1UEAxMCZGMwHhcNMjEwNDMwMTAwNTE5WhcNMzEwNDI4MTAwNTQ5
WjANMQswCQYDVQQDEwJkYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKLcvBssxeO7Py6X1fCDMc3woF2KnF9MH87PJSH0aJ32B18FSjmTH5VKBc/azov5
MLzavMdCyMXl3QO77EIYjHtrZFJOeFVARLU2BtPN2Ebz8u6bII6uGbyUHrBO8fpl
hh0Ug3Dks9Fk7EV3Re+1C9oluxZNPC+p8zRfT/jTy0ddJfGcePCkPDAF7FGEjfWn
f5qlu6lDwaEk/M4BjGFgeP2pswaMljfo2YSQOKOEaktaNgcklMeRLtIds6IGgypX
apYh7TtxSzt3oHzxOSFLDFZNLolGZGYqfkGez3Z01rrfBrEYf20OaCI3xHurguRr
TD6EX2oa1fGCCZ5PV8UKpRUCAwEAAaNyMHAwDgYDVR0PAQH/BAQDAgEGMA8GA1Ud
EwEB/wQFMAMBAf8wHQYDVR0OBBYEFO3+pFOMVitiPXqMhHXpDDH+NKIqMB8GA1Ud
IwQYMBaAFO3+pFOMVitiPXqMhHXpDDH+NKIqMA0GA1UdEQQGMASCAmRjMA0GCSqG
SIb3DQEBCwUAA4IBAQBGuzYCepecnpIobYgSB4T/Gq+Ak5XoabiVXFaKIRUqiHq4
Ofzl/GJcZ9IXhKxdzjwI2YVKI9Z+J8oy2fzt6rShjnVaz4hJNuN/uCtUAfXdpirb
Rbh+nlaiNVq7+YadiuOJnTKOEMgTWbjcKtzNoAhwQW+HPNhzHxKtcYIrq0Muppo9
PAqhJaBdx/NLNOM2X7oOCqEwWE/vaGxPSFjQ1ZGRwTCiZG55z/NILznkmdWH1zln
jyS8mVciA68yGhH3BBnDmWDktgXGHgFRGwj/AFDZy0MaXziEXXi9OAdMXcqZ7/V9
MdjCPHJhQp173zE64/OZ0IBDgCgjTDb7gr3g96ko
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDlDCCAnygAwIBAgIUIysxDnlOcWOQPdrnD9JobSNbKIAwDQYJKoZIhvcNAQEL
BQAwDTELMAkGA1UEAxMCZGMwHhcNMjEwNDMwMTAxMzAxWhcNMjYwNDI5MTAxMzMx
WjAkMSIwIAYDVQQDExlkYyBJbnRlcm1lZGlhdGUgQXV0aG9yaXR5MIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4Y9Tx4SSMv9MBeIGxpIpBntFCtgtfIr
rrplPRZuWOkML3psJkLL+BXiESO4vOX6Zj32PK2uyg/AGg+hCEkNNLdc9B4yyg9Z
Nm1ILRfyXFU1IeWzhibg9orAVsQNjJO/S8SPIXRGPpkNrfnOmUlHUIdD40/3drh7
tM13h82pS3ptsUxYDso4Symhgz52eAuWYKgno1SbL1FIGrafgBVRjdbNRcu8OaMK
VWMK0aM/u0gVW0H7MlcCNV7fVEq59JtQBjyebtml09A77kKzZj49BkI03hh68v7w
D0CLqhqSO4d5ytMtojtza7YA4KbU1Ub1JA47of83oAxvIKocuOrdDQIDAQABo4HU
MIHRMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSO
FRMNYkAXQVgbE+K1d0g55bDXDzAfBgNVHSMEGDAWgBTt/qRTjFYrYj16jIR16Qwx
/jSiKjA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAKGH2h0dHA6Ly8xMjcuMC4w
LjE6ODIwMC92MS9wa2kvY2EwMQYDVR0fBCowKDAmoCSgIoYgaHR0cDovLzEyNy4w
LjAuMTo4MjAwL3YxL3BraS9jcmwwDQYJKoZIhvcNAQELBQADggEBAFWex1uAg3vh
P1O9jcMk/FQ78+Lo//O2dlO3XvifflsQm+a0uFkhr8C9lCg+lB1Tc4M7OSuirxBb
gQWF/6Z34iulIyEUC97JeATjQT44B2sAXY02w5M9kioDeDz1xX3REST27MmaO6JE
XPWU4hMELrlcQCIHI9rzV9pU2NkLFL98zs8xozGt8xk6GolNvFIlNrxJRV0tCmxI
VwNx5hCyyxlWbpy+0WJnwfL6xAXaThNP51auiX8iuYiJTmeryEmyH5pULY1Dd43Y
uiNf5WHKzaYH8uXbk0xyQKmd+m7HwdtXzjC9ZEQrAP1Tocum6lV54DkL4Ujn0iI2
Nm3zqtPjMX0=
-----END CERTIFICATE-----

9
projects/blocky/values/blocky.yaml
View file

@ -9,9 +9,6 @@ podAnnotations:
prometheus.io/scrape: "true"
prometheus.io/port: "4000"
image:
tag: v0.15
service:
main:
ports:
@ -32,7 +29,7 @@ service:
persistence:
logs:
enabled: true
enabled: false
mountPath: /logs
accessMode: ReadWriteOnce
size: 1Gi
@ -189,11 +186,11 @@ config: |
# optional: write query information (question, answer, client, duration etc) to daily csv file
queryLog:
# # directory (should be mounted as volume in docker)
dir: /logs
# dir: /logs
# # if true, write one file per client. Writes all queries to single file otherwise
# perClient: true
# # if > 0, deletes log files which are older than ... days
logRetentionDays: 1
# logRetentionDays: 1
port: 53
httpPort: 4000

3
projects/core/values/ingress-internal.yaml
View file

@ -5,6 +5,9 @@ ingressClass:
providers:
kubernetesCRD:
ingressClass: traefik
kubernetesIngress:
publishedService:
enabled: true
globalArguments: []