Packer.Images/ansible/vars/metacluster.yml
Danny Bessems 277c91eeba
All checks were successful
continuous-integration/drone/push Build is passing
Fix module name;Add indentation;Update dependencies #2
2022-07-29 11:39:39 +02:00

153 lines
4.1 KiB
YAML

platform:
k3s:
version: v1.24.1+k3s1
gitops:
# repo_ref: v0.1
repo_ref: HEAD
packaged_components:
- name: traefik
namespace: kube-system
config: |2
globalArguments: []
ports:
ssh:
port: 8022
protocol: TCP
web:
redirectTo: websecure
ingressRoute:
dashboard:
enabled: false
helm_repositories:
- name: longhorn
url: https://charts.longhorn.io
- name: harbor
url: https://helm.goharbor.io
- name: gitea-charts
url: https://dl.gitea.io/charts/
- name: argo
url: https://argoproj.github.io/argo-helm
- name: sealed-secrets
url: https://bitnami-labs.github.io/sealed-secrets
components:
longhorn:
helm:
version: 1.3.0
chart: longhorn/longhorn
parse_logic: cat values.yaml | yq eval '.. | select(has("repository")) | .repository + ":" + .tag'
chart_values: !unsafe |
defaultSettings:
defaultDataPath: /mnt/blockstorage
defaultReplicaCount: 1
ingress:
enabled: true
host: storage.{{ vapp['metacluster.fqdn'] }}
persistence:
defaultClassReplicaCount: 1
harbor:
helm:
version: 1.9.1 # (= Harbor v2.5.1)
chart: harbor/harbor
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /'
chart_values: !unsafe |
expose:
ingress:
hosts:
core: registry.{{ vapp['metacluster.fqdn'] }}
externalURL: https://registry.{{ vapp['metacluster.fqdn'] }}
harborAdminPassword: "{{ vapp['guestinfo.rootpw'] }}"
notary:
enabled: false
gitea:
helm:
version: v5.0.9 # (= Gitea v1.16.8)
chart: gitea-charts/gitea
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | sed '/:/!s/$/:latest/'
chart_values: !unsafe |
config:
offlineMode: true
gitea:
admin:
username: administrator
password: "{{ vapp['guestinfo.rootpw'] }}"
email: admin@{{ vapp['metacluster.fqdn'] }}
image:
pullPolicy: IfNotPresent
ingress:
enabled: true
hosts:
- host: git.{{ vapp['metacluster.fqdn'] }}
paths:
- path: /
pathType: Prefix
service:
ssh:
type: ClusterIP
port: 22
clusterIP:
argo-cd:
helm:
version: 4.9.7 # (= ArgoCD v2.4.2)
chart: argo/argo-cd
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /'
chart_values: !unsafe |
server:
extraArgs:
- --insecure
ingress:
enabled: true
hosts:
- gitops.{{ vapp['metacluster.fqdn'] }}
configs:
secret:
argocdServerAdminPassword: "{{ vapp['guestinfo.rootpw'] | password_hash('bcrypt') }}"
sealed-secrets:
helm:
version: 2.4.0 # (= SealedSecrets v0.18.1)
chart: sealed-secrets/sealed-secrets
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /'
dependencies:
ansible_galaxy_collections:
- ansible.posix
- ansible.utils
- community.crypto
- community.general
- community.vmware
- kubernetes.core
# container_images:
# - <usefulcontainer>
static_binaries:
- filename: govc
url: https://github.com/vmware/govmomi/releases/download/v0.29.0/govc_Linux_x86_64.tar.gz
archive: compressed
- filename: helm
url: https://get.helm.sh/helm-v3.9.0-linux-amd64.tar.gz
archive: compressed
extra_opts: --strip-components=1
- filename: skopeo
url: https://sn.itch.fyi/Repository/rel/skopeo
username: "{{ repo_username }}"
password: "{{ repo_password }}"
- filename: yq
url: http://github.com/mikefarah/yq/releases/download/v4.25.3/yq_linux_amd64
packages:
- lvm2
- python3-jmespath
- python3-passlib
- python3-pyvmomi