mirror of
https://github.com/nold360/hive-apps
synced 2025-01-02 19:51:18 +00:00
Update: ansible & ingress values
This commit is contained in:
parent
b6e9495027
commit
3aafc8d267
8 changed files with 84 additions and 10 deletions
9
ansible/Containerfile
Normal file
9
ansible/Containerfile
Normal file
|
|
@ -0,0 +1,9 @@
|
||||||
|
FROM quay.io/ansible/ansible-runner:latest
|
||||||
|
|
||||||
|
RUN useradd -m nold && chown -R nold:nold /home/runner
|
||||||
|
|
||||||
|
COPY . /ansible
|
||||||
|
WORKDIR /ansible
|
||||||
|
|
||||||
|
USER 1000
|
||||||
|
CMD ["/bin/bash", "/ansible/entrypoint.sh"]
|
||||||
3
ansible/entrypoint.sh
Normal file
3
ansible/entrypoint.sh
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
#!/bin/bash
|
||||||
|
ansible-galaxy role list 2>/dev/null | grep -q ansible-role-k3s || ansible-galaxy role install git+https://github.com/PyratLabs/ansible-role-k3s
|
||||||
|
ansible-playbook k3s-playbook.yml -i inventory.ini -K
|
||||||
2
ansible/inventory.ini
Normal file
2
ansible/inventory.ini
Normal file
|
|
@ -0,0 +1,2 @@
|
||||||
|
[all]
|
||||||
|
hive.lan
|
||||||
|
|
@ -1,13 +1,25 @@
|
||||||
# K3s Setup/Update Playbook for my Homelab host
|
# K3s Setup/Update Playbook for my Homelab host
|
||||||
- hosts: localhost
|
- hosts: all
|
||||||
connection: local
|
|
||||||
vars:
|
vars:
|
||||||
|
ansible_user: nold
|
||||||
|
ansible_become_method: su
|
||||||
|
ansible_become: true
|
||||||
|
|
||||||
k3s_release_version: v1.22
|
k3s_release_version: v1.22
|
||||||
k3s_debug: false
|
k3s_debug: false
|
||||||
k3s_registration_address: 192.168.1.111
|
k3s_registration_address: 192.168.1.111
|
||||||
k3s_become_for_all: false
|
k3s_become: true
|
||||||
k3s_control_node: true
|
k3s_control_node: true
|
||||||
k3s_start_on_boot: false
|
k3s_start_on_boot: false
|
||||||
|
k3s_registries:
|
||||||
|
mirrors:
|
||||||
|
docker.io:
|
||||||
|
endpoint:
|
||||||
|
- "https://reg.dc/f/docker"
|
||||||
|
configs:
|
||||||
|
"reg.dc":
|
||||||
|
tls:
|
||||||
|
ca_file: /etc/ssl/vault_ca.crt
|
||||||
k3s_server:
|
k3s_server:
|
||||||
cluster-cidr: 10.0.0.0/8
|
cluster-cidr: 10.0.0.0/8
|
||||||
flannel-backend: "none"
|
flannel-backend: "none"
|
||||||
|
|
@ -16,6 +28,10 @@
|
||||||
- traefik
|
- traefik
|
||||||
- servicelb
|
- servicelb
|
||||||
disable-network-policy: true
|
disable-network-policy: true
|
||||||
|
pre_tasks:
|
||||||
|
- name: Ensure Vault CA file exists
|
||||||
|
copy:
|
||||||
|
src: vault_ca.crt
|
||||||
|
dest: /etc/ssl/vault_ca.crt
|
||||||
roles:
|
roles:
|
||||||
- ansible-role-k3s
|
- ansible-role-k3s
|
||||||
|
|
|
||||||
3
ansible/run.sh
Normal file
3
ansible/run.sh
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
#!/bin/bash
|
||||||
|
docker build -f Containerfile -t hive-ansible .
|
||||||
|
docker run -ti --rm -v /home/nold/.ssh:/home/nold/.ssh hive-ansible
|
||||||
41
ansible/vault_ca.crt
Normal file
41
ansible/vault_ca.crt
Normal file
|
|
@ -0,0 +1,41 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIDGjCCAgKgAwIBAgIUEaD1kSZtDX9X/0rZMSIjvurPqIowDQYJKoZIhvcNAQEL
|
||||||
|
BQAwDTELMAkGA1UEAxMCZGMwHhcNMjEwNDMwMTAwNTE5WhcNMzEwNDI4MTAwNTQ5
|
||||||
|
WjANMQswCQYDVQQDEwJkYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
|
||||||
|
AKLcvBssxeO7Py6X1fCDMc3woF2KnF9MH87PJSH0aJ32B18FSjmTH5VKBc/azov5
|
||||||
|
MLzavMdCyMXl3QO77EIYjHtrZFJOeFVARLU2BtPN2Ebz8u6bII6uGbyUHrBO8fpl
|
||||||
|
hh0Ug3Dks9Fk7EV3Re+1C9oluxZNPC+p8zRfT/jTy0ddJfGcePCkPDAF7FGEjfWn
|
||||||
|
f5qlu6lDwaEk/M4BjGFgeP2pswaMljfo2YSQOKOEaktaNgcklMeRLtIds6IGgypX
|
||||||
|
apYh7TtxSzt3oHzxOSFLDFZNLolGZGYqfkGez3Z01rrfBrEYf20OaCI3xHurguRr
|
||||||
|
TD6EX2oa1fGCCZ5PV8UKpRUCAwEAAaNyMHAwDgYDVR0PAQH/BAQDAgEGMA8GA1Ud
|
||||||
|
EwEB/wQFMAMBAf8wHQYDVR0OBBYEFO3+pFOMVitiPXqMhHXpDDH+NKIqMB8GA1Ud
|
||||||
|
IwQYMBaAFO3+pFOMVitiPXqMhHXpDDH+NKIqMA0GA1UdEQQGMASCAmRjMA0GCSqG
|
||||||
|
SIb3DQEBCwUAA4IBAQBGuzYCepecnpIobYgSB4T/Gq+Ak5XoabiVXFaKIRUqiHq4
|
||||||
|
Ofzl/GJcZ9IXhKxdzjwI2YVKI9Z+J8oy2fzt6rShjnVaz4hJNuN/uCtUAfXdpirb
|
||||||
|
Rbh+nlaiNVq7+YadiuOJnTKOEMgTWbjcKtzNoAhwQW+HPNhzHxKtcYIrq0Muppo9
|
||||||
|
PAqhJaBdx/NLNOM2X7oOCqEwWE/vaGxPSFjQ1ZGRwTCiZG55z/NILznkmdWH1zln
|
||||||
|
jyS8mVciA68yGhH3BBnDmWDktgXGHgFRGwj/AFDZy0MaXziEXXi9OAdMXcqZ7/V9
|
||||||
|
MdjCPHJhQp173zE64/OZ0IBDgCgjTDb7gr3g96ko
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIDlDCCAnygAwIBAgIUIysxDnlOcWOQPdrnD9JobSNbKIAwDQYJKoZIhvcNAQEL
|
||||||
|
BQAwDTELMAkGA1UEAxMCZGMwHhcNMjEwNDMwMTAxMzAxWhcNMjYwNDI5MTAxMzMx
|
||||||
|
WjAkMSIwIAYDVQQDExlkYyBJbnRlcm1lZGlhdGUgQXV0aG9yaXR5MIIBIjANBgkq
|
||||||
|
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4Y9Tx4SSMv9MBeIGxpIpBntFCtgtfIr
|
||||||
|
rrplPRZuWOkML3psJkLL+BXiESO4vOX6Zj32PK2uyg/AGg+hCEkNNLdc9B4yyg9Z
|
||||||
|
Nm1ILRfyXFU1IeWzhibg9orAVsQNjJO/S8SPIXRGPpkNrfnOmUlHUIdD40/3drh7
|
||||||
|
tM13h82pS3ptsUxYDso4Symhgz52eAuWYKgno1SbL1FIGrafgBVRjdbNRcu8OaMK
|
||||||
|
VWMK0aM/u0gVW0H7MlcCNV7fVEq59JtQBjyebtml09A77kKzZj49BkI03hh68v7w
|
||||||
|
D0CLqhqSO4d5ytMtojtza7YA4KbU1Ub1JA47of83oAxvIKocuOrdDQIDAQABo4HU
|
||||||
|
MIHRMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSO
|
||||||
|
FRMNYkAXQVgbE+K1d0g55bDXDzAfBgNVHSMEGDAWgBTt/qRTjFYrYj16jIR16Qwx
|
||||||
|
/jSiKjA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAKGH2h0dHA6Ly8xMjcuMC4w
|
||||||
|
LjE6ODIwMC92MS9wa2kvY2EwMQYDVR0fBCowKDAmoCSgIoYgaHR0cDovLzEyNy4w
|
||||||
|
LjAuMTo4MjAwL3YxL3BraS9jcmwwDQYJKoZIhvcNAQELBQADggEBAFWex1uAg3vh
|
||||||
|
P1O9jcMk/FQ78+Lo//O2dlO3XvifflsQm+a0uFkhr8C9lCg+lB1Tc4M7OSuirxBb
|
||||||
|
gQWF/6Z34iulIyEUC97JeATjQT44B2sAXY02w5M9kioDeDz1xX3REST27MmaO6JE
|
||||||
|
XPWU4hMELrlcQCIHI9rzV9pU2NkLFL98zs8xozGt8xk6GolNvFIlNrxJRV0tCmxI
|
||||||
|
VwNx5hCyyxlWbpy+0WJnwfL6xAXaThNP51auiX8iuYiJTmeryEmyH5pULY1Dd43Y
|
||||||
|
uiNf5WHKzaYH8uXbk0xyQKmd+m7HwdtXzjC9ZEQrAP1Tocum6lV54DkL4Ujn0iI2
|
||||||
|
Nm3zqtPjMX0=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
|
@ -9,9 +9,6 @@ podAnnotations:
|
||||||
prometheus.io/scrape: "true"
|
prometheus.io/scrape: "true"
|
||||||
prometheus.io/port: "4000"
|
prometheus.io/port: "4000"
|
||||||
|
|
||||||
image:
|
|
||||||
tag: v0.15
|
|
||||||
|
|
||||||
service:
|
service:
|
||||||
main:
|
main:
|
||||||
ports:
|
ports:
|
||||||
|
|
@ -32,7 +29,7 @@ service:
|
||||||
|
|
||||||
persistence:
|
persistence:
|
||||||
logs:
|
logs:
|
||||||
enabled: true
|
enabled: false
|
||||||
mountPath: /logs
|
mountPath: /logs
|
||||||
accessMode: ReadWriteOnce
|
accessMode: ReadWriteOnce
|
||||||
size: 1Gi
|
size: 1Gi
|
||||||
|
|
@ -189,11 +186,11 @@ config: |
|
||||||
# optional: write query information (question, answer, client, duration etc) to daily csv file
|
# optional: write query information (question, answer, client, duration etc) to daily csv file
|
||||||
queryLog:
|
queryLog:
|
||||||
# # directory (should be mounted as volume in docker)
|
# # directory (should be mounted as volume in docker)
|
||||||
dir: /logs
|
# dir: /logs
|
||||||
# # if true, write one file per client. Writes all queries to single file otherwise
|
# # if true, write one file per client. Writes all queries to single file otherwise
|
||||||
# perClient: true
|
# perClient: true
|
||||||
# # if > 0, deletes log files which are older than ... days
|
# # if > 0, deletes log files which are older than ... days
|
||||||
logRetentionDays: 1
|
# logRetentionDays: 1
|
||||||
|
|
||||||
port: 53
|
port: 53
|
||||||
httpPort: 4000
|
httpPort: 4000
|
||||||
|
|
|
||||||
|
|
@ -5,6 +5,9 @@ ingressClass:
|
||||||
providers:
|
providers:
|
||||||
kubernetesCRD:
|
kubernetesCRD:
|
||||||
ingressClass: traefik
|
ingressClass: traefik
|
||||||
|
kubernetesIngress:
|
||||||
|
publishedService:
|
||||||
|
enabled: true
|
||||||
|
|
||||||
globalArguments: []
|
globalArguments: []
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue