platform: k3s: version: v1.24.1+k3s1 packaged_components: - name: traefik namespace: kube-system config: |2 ports: ssh: port: 8022 protocol: TCP web: redirectTo: websecure helm_repositories: - name: longhorn url: https://charts.longhorn.io - name: harbor url: https://helm.goharbor.io - name: gitea-charts url: https://dl.gitea.io/charts/ - name: argo url: https://argoproj.github.io/argo-helm - name: sealed-secrets url: https://bitnami-labs.github.io/sealed-secrets components: longhorn: helm: version: 1.3.0 chart: longhorn/longhorn parse_logic: cat values.yaml | yq eval '.. | select(has("repository")) | .repository + ":" + .tag' chart_values: !unsafe | defaultSettings: defaultDataPath: /mnt/blockstorage defaultReplicaCount: 1 ingress: enabled: true host: storage.{{ vapp['metacluster.fqdn'] }} persistence: defaultClassReplicaCount: 1 harbor: helm: version: 1.9.1 # (= Harbor v2.5.1) chart: harbor/harbor parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /' chart_values: !unsafe | expose: ingress: hosts: core: registry.{{ vapp['metacluster.fqdn'] }} externalURL: https://registry.{{ vapp['metacluster.fqdn'] }} harborAdminPassword: "{{ vapp['guestinfo.rootpw'] }}" notary: enabled: false gitea: helm: version: v5.0.9 # (= Gitea v1.16.8) chart: gitea-charts/gitea parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | sed '/:/!s/$/:latest/' chart_values: !unsafe | config: offlineMode: true gitea: admin: username: administrator password: "{{ vapp['guestinfo.rootpw'] }}" email: admin@{{ vapp['metacluster.fqdn'] }} image: pullPolicy: IfNotPresent ingress: enabled: true hosts: - host: git.{{ vapp['metacluster.fqdn'] }} paths: - path: / pathType: Prefix service: ssh: type: ClusterIP port: 22 clusterIP: manifests: - type: ingressroutetcp name: gitea-ssh namespace: gitea config: |2 entryPoints: - ssh routes: - match: HostSNI(`*`) services: - name: gitea-ssh port: 22 argo-cd: helm: version: 4.9.7 # (= ArgoCD v2.4.2) chart: argo/argo-cd parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /' chart_values: !unsafe | server: extraArgs: - --insecure ingress: enabled: true hosts: - gitops.{{ vapp['metacluster.fqdn'] }} configs: secret: argocdServerAdminPassword: "{{ vapp['guestinfo.rootpw'] | password_hash('bcrypt') }}" dependencies: ansible_galaxy_collections: - ansible.posix - ansible.utils - community.general - kubernetes.core container_images: - quay.io/skopeo/stable:v1.8.0 static_binaries: - filename: tea url: https://dl.gitea.io/tea/0.8.0/tea-0.8.0-linux-amd64 - filename: helm url: https://get.helm.sh/helm-v3.9.0-linux-amd64.tar.gz archive: compressed extra_opts: --strip-components=1 - filename: yq url: http://github.com/mikefarah/yq/releases/download/v4.25.3/yq_linux_amd64 packages: - lvm2 - python3-jmespath - python3-passlib - skopeo