From ad1770615e5978c5071e39b37838746ad73e08e4 Mon Sep 17 00:00:00 2001 From: trivernis Date: Wed, 27 Dec 2023 14:49:51 +0100 Subject: [PATCH] apps(minio): Add minio --- .gitignore | 3 ++- apps/minio/app.yaml | 10 +++++++++ apps/minio/app/00_namespace.yaml | 6 ++++++ apps/minio/app/10_sealedsecret.yaml | 17 +++++++++++++++ apps/minio/app/20_release.yaml | 32 +++++++++++++++++++++++++++++ apps/minio/app/30_route.yaml | 17 +++++++++++++++ cluster/apps.yaml | 17 +++++++++++++++ repos/bitnami.yaml | 9 ++++++++ 8 files changed, 110 insertions(+), 1 deletion(-) create mode 100644 apps/minio/app.yaml create mode 100644 apps/minio/app/00_namespace.yaml create mode 100644 apps/minio/app/10_sealedsecret.yaml create mode 100644 apps/minio/app/20_release.yaml create mode 100644 apps/minio/app/30_route.yaml create mode 100644 repos/bitnami.yaml diff --git a/.gitignore b/.gitignore index a21c963..68eaa09 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ **/*-secret.yaml -**/secret.yaml \ No newline at end of file +**/*_secret.yaml +**/secret.yaml diff --git a/apps/minio/app.yaml b/apps/minio/app.yaml new file mode 100644 index 0000000..2cb2b0d --- /dev/null +++ b/apps/minio/app.yaml @@ -0,0 +1,10 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: miniflux +metadata: + name: miniflux +resources: + - app/00_namespace.yaml + - app/10_sealedsecret.yaml + - app/20_release.yaml + - app/30_route.yaml diff --git a/apps/minio/app/00_namespace.yaml b/apps/minio/app/00_namespace.yaml new file mode 100644 index 0000000..57135e9 --- /dev/null +++ b/apps/minio/app/00_namespace.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: minio + labels: + name: minio diff --git a/apps/minio/app/10_sealedsecret.yaml b/apps/minio/app/10_sealedsecret.yaml new file mode 100644 index 0000000..a640ac5 --- /dev/null +++ b/apps/minio/app/10_sealedsecret.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: minio-secret + namespace: minio +spec: + encryptedData: + root-password: AgArMf9XnZpJsu7rr+5vZR00X9prgSuxDQzc+lYowmi6yvqv2ADAK4QqKwWQktPrnd23F+Aohs7x4SVricnxfD7j0Tq+8z3JBA/emFZpbJr19Rrb2nOm+Rs95Fuy/cbkOSuupbIllAn4/t1uHK7xxJTC8jB+HFcWWVhq/dbDEK4GiiX0tlGrv+XhELRq8Ox1vRWnxOj/CcRc5A+mehNHygJZwFIykB9EBVqMKWFvU6b3BCZI+K9BYlnGkAuVxRUuhBzsYZ1Ka4szYoxsr7WYwJM6jl4Ibn1mm24KoEkEqHG5zlNro/MUR67aVTWRcwtg800NaMV81K744gyzrXjooYQD6ocL1KnA7z6eDhlxyZyzuyq2fO0gWdcYe0dRoDgfGUwfauSSM4jeezZ9sX5dkQZbUAyGT8TEVTC9XC6HhgbJ8bDvBpV2M9xx9bZldJ+xCJ/FID7hmjp4GUXkzAegNxGEhoZymeMR1ow1JUlsDGdqMe+GCOrDxEEUn0gAJ5M0pWQe2PjhNYgmx9qXz5aNE2lgPHS+lLh8ITNgZvtt7Jx48nR8dAPEWsSfa3LClE/sPFLngFL1tgH5h+9IzsbgOLZAc1oZLsd53FkHKoT5yjqR48nhJUAMahAgDVdDgSfF0emQTvjq2RU65J/4d5w1nUuHftrkT9RpcT9/HsxshZBW4l17Z4zCGn6UPyUMyK6L54Fq1QaHBX/MsDxXOMM8Ew== + root-user: AgBRbmjGPDZD/Uut5+85wac7jGd3detU4e5d1Rv/s1iLYxvWZ7uD0Fb9VWoZFYodeo6/QAzZMAZdxPqUv1f9Sr6eZj+jmkrzBa1D63w48jmDhfUJ/rQ7eXmKnjtdEk5H+2avuSE318XhtebU1oMPujyLdtLj80992FV1FRNADvg1bvVSZsZmYLGVQ8yw3f7+vRMM9uFihQvmYO7Jrt75lCvWP24xz7u8J0ykqf1tIXNJVM6GWVoNULOwortytDoB5UFX7HSod5PpA9dVpt7YNbESbDAQFI8GLYneZuTHN9QkTQPcXW/j4PpC61t8tlmtMKT58/fuVT2svyU3KxPbJUECIZjEjTqWplhgBRLIbXyCGIN5clS2KKPyMpjWETU0Q2j+kJNuo1kM4bXerRfiRD7lhfskWvr2PzIf5JPnfnKUCRGUAvkZ7HHgjpXa/sX5SFp4xijRJeKKMpaHj97hwn+ut+BqklvxNwkUACFElAQE45/9b3LAiaPx181HcuVj2TQmA2RmO/3/saEbaTEhL/kRmZN5tS60Y3BYgq4wMjFM1tlIe/5jOGfN3ZppeZ7e3IJy6O+QBe6Rf4SFIvOnl7qbDYQLX3UV8b6g0j+R1BrIxzbnrn+fJZtb30ZUEN0JBwQvWSwFNGuO4r0zBdtDOTipfpN0rh7m9BtB000j1hGaJ5DpYFn9ZlUM06CO1NisfopC4yFuuIAVXas= + template: + metadata: + creationTimestamp: null + name: minio-secret + namespace: minio + type: Opaque diff --git a/apps/minio/app/20_release.yaml b/apps/minio/app/20_release.yaml new file mode 100644 index 0000000..f1e9af6 --- /dev/null +++ b/apps/minio/app/20_release.yaml @@ -0,0 +1,32 @@ +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: minio + namespace: minio +spec: + releaseName: minio + chart: + spec: + chart: minio + sourceRef: + kind: HelmRepository + name: bitnami + namespace: repos + interval: 60m + install: + remediation: + retries: 3 + values: + auth: + existingSecret: minio-secret + persistence: + enabled: true + storageClass: ebs-hdd + size: 100Gi + metrics: + serviceMonitor: + enabled: true + podAnnotations: + prometheus.io/scrape: "true" + prometheus.io/path: "/minio/v2/metrics/cluster" + prometheus.io/port: "9000" diff --git a/apps/minio/app/30_route.yaml b/apps/minio/app/30_route.yaml new file mode 100644 index 0000000..8fa0b18 --- /dev/null +++ b/apps/minio/app/30_route.yaml @@ -0,0 +1,17 @@ +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: web + namespace: minio +spec: + entryPoints: + - web + routes: + - match: Host(`minio.trivernis.dev`, `minio.trivernis.net`) + kind: Rule + middlewares: + - name: strict-security-headers + namespace: default + services: + - name: minio + port: http diff --git a/cluster/apps.yaml b/cluster/apps.yaml index a99e80f..2eb33df 100644 --- a/cluster/apps.yaml +++ b/cluster/apps.yaml @@ -303,3 +303,20 @@ spec: prune: true wait: true timeout: 5m0s +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: apps-minio + namespace: flux-system +spec: + dependsOn: + - name: repos + interval: 5m + sourceRef: + kind: GitRepository + name: flux-system + path: ./apps/minio + prune: true + wait: true + timeout: 5m0s diff --git a/repos/bitnami.yaml b/repos/bitnami.yaml new file mode 100644 index 0000000..dd91be3 --- /dev/null +++ b/repos/bitnami.yaml @@ -0,0 +1,9 @@ +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: HelmRepository +metadata: + name: bitnami + namespace: repos +spec: + interval: 60m + type: oci + url: oci://registry-1.docker.io/bitnamicharts