From c3f8d375e10c811c39d521a153182c162dbdf345 Mon Sep 17 00:00:00 2001 From: JJGadgets Date: Wed, 29 Nov 2023 12:33:58 +0800 Subject: [PATCH] chore: cleanup --- .gitignore | 2 + .taskfiles/k8s/Taskfile.dist.yaml | 18 ++- .vscode/extensions.json | 28 ++++ .vscode/settings.json | 123 +++++++++++++++++- Taskfile.dist.yaml | 2 +- .../cilium/app/bootstrap-install/install.sh | 6 + .../app/bootstrap-install/kustomization.yaml | 28 ++++ kube/deploy/apps/whoogle/app/netpol.yaml | 1 + 8 files changed, 194 insertions(+), 14 deletions(-) create mode 100644 .vscode/extensions.json create mode 100755 archive/kube/deploy/core/_networking/cilium/app/bootstrap-install/install.sh create mode 100644 archive/kube/deploy/core/_networking/cilium/app/bootstrap-install/kustomization.yaml diff --git a/.gitignore b/.gitignore index 0e6a8315ba..d3bd8a533b 100644 --- a/.gitignore +++ b/.gitignore @@ -7,7 +7,9 @@ talosconfig clusterconfig/ **/clusterconfig **/clusterconfig/* +**/charts/cilium/* **/cilium*/app/bootstrap-install/charts/* +**/cilium*/app/bootstrap-install/base-values.yaml .pem .key .pub diff --git a/.taskfiles/k8s/Taskfile.dist.yaml b/.taskfiles/k8s/Taskfile.dist.yaml index e20a145fe3..e02c51fca6 100644 --- a/.taskfiles/k8s/Taskfile.dist.yaml +++ b/.taskfiles/k8s/Taskfile.dist.yaml @@ -94,24 +94,30 @@ tasks: - kubectl delete configmap -n kube-system cilium-config || true - kubectl delete daemonset -n kube-system cilium || true - kubectl delete deployment -n kube-system cilium-operator || true - - cp /{{.ROOT_DIR}}/kube/deploy/core/_networking/cilium/clusters/{{.C}}/helm-values.yaml /{{.ROOT_DIR}}/kube/deploy/core/_networking/cilium/app/bootstrap-install/base-values.yaml + #- cp /{{.ROOT_DIR}}/kube/deploy/core/_networking/cilium/clusters/{{.C}}/helm-values.yaml /{{.ROOT_DIR}}/kube/deploy/core/_networking/cilium/app/bootstrap-install/base-values.yaml - task: sops-apply vars: C: '{{.C | default "admin@biohazard"}}' - F: "/{{.ROOT_DIR}}/kube/deploy/core/_networking/cilium/app/bootstrap-install" + F: "/{{.ROOT_DIR}}/kube/deploy/core/_networking/cilium/clusters/{{.C}}/" FCMD: "kustomize build --enable-helm" - - defer: rm -rf /{{.ROOT_DIR}}/kube/deploy/core/_networking/cilium/app/bootstrap-install/base-values.yaml + #- defer: rm -rf /{{.ROOT_DIR}}/kube/deploy/core/_networking/cilium/app/bootstrap-install/base-values.yaml newapp: desc: Copy app folder structure template, substitute APPNAME, and (TODO) prompt user for variables values such as DNS, UID etc. vars: APP: &app-fail '{{ or .APP (fail "Missing `app` variable!") }}' cmds: - - cp -r ./kube/templates/test ./kube/deploy/apps/{{.app}} + - cp -r ./kube/templates/test ./kube/deploy/apps/{{.APP}} # lowercase, used for resource names etc - - grep -lR 'APPNAME' ./kube/deploy/apps/{{.app}}/ | xargs -I% sed -i 's/${APPNAME}/{{.app}}/g' % + - grep -lR 'APPNAME' ./kube/deploy/apps/{{.APP}}/ | xargs -I% sed -i 's/${APPNAME}/{{.APP}}/g' % # uppercase, for variable substitution references e.g. ${APP_DNS_AUTHENTIK} - - grep -lR 'APPNAME' ./kube/deploy/apps/{{.app}}/ | xargs -I% sed -i 's/_APPNAME}/_{{.app}}}/g;s/\(_{{.app}}}\)/\U\1/g' % + - grep -lR 'APPNAME' ./kube/deploy/apps/{{.APP}}/ | xargs -I% sed -i 's/_APPNAME}/_{{.APP}}}/g;s/\(_{{.APP}}}\)/\U\1/g' % + + shortnames: + desc: List all installed CRDs and their short names. + cmds: + - |- + kubectl get crds -o jsonpath='{range .items[*]}{.spec.names.kind}: {.spec.names.shortNames}{"\n"}{end}' iperf2: desc: Start a iperf2 server on one node, and iperf2 client on another node, to benchmark network performance. diff --git a/.vscode/extensions.json b/.vscode/extensions.json new file mode 100644 index 0000000000..44859f219d --- /dev/null +++ b/.vscode/extensions.json @@ -0,0 +1,28 @@ +{ + "recommendations": [ + "2gua.rainbow-brackets", + "albert.TabOut", + "bierner.markdown-preview-github-styles", + "christian-kohler.path-intellisense", + "codezombiech.gitignore", + "donjayamanne.githistory", + "enkia.tokyo-night", + "formulahendry.auto-close-tag", + "formulahendry.auto-rename-tag", + "GitHub.vscode-pull-request-github", + "golang.go", + "ms-kubernetes-tools.vscode-kubernetes-tools", + "ms-vsliveshare.vsliveshare", + "oderwat.indent-rainbow", + "redhat.fabric8-analytics", + "redhat.vscode-xml", + "redhat.vscode-yaml", + "streetsidesoftware.code-spell-checker", + "VisualStudioExptTeam.intellicode-api-usage-examples", + "VisualStudioExptTeam.vscodeintellicode", + "waderyan.gitblame", + "weaveworks.vscode-gitops-tools", + "wraith13.zoombar-vscode", + "zh9528.file-size", + ] +} \ No newline at end of file diff --git a/.vscode/settings.json b/.vscode/settings.json index dbb02c06ab..58c377c1c5 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,9 +1,118 @@ { - "yaml.schemas": { - "https://raw.githubusercontent.com/JJGadgets/flux2-schemas/main/kustomization-kustomize-v1beta2.json": ["kustomization.yaml", "kustomization.yml", "*-fKt.yaml", "*-fKt.yml"], - "https://raw.githubusercontent.com/JJGadgets/flux2-schemas/main/helmrelease-helm-v2beta1.json": ["helm-release.yaml", "helm-release.yml", "*-fHr.yaml", "*-fHr.yml"], - "https://raw.githubusercontent.com/JJGadgets/flux2-schemas/main/helmrepository-helm-v1beta2.json": ["charts/*", "charts/*/*", "*-charts.yaml", "*-charts.yml"], + "yaml.schemas": { + "https://raw.githubusercontent.com/JJGadgets/flux2-schemas/main/kustomization-kustomize-v1.json": [ + "kube/**/ks.yaml", + "kube/**/ks.yml", + "kube/**/*crd*.yaml", + "kube/**/*crd*.yml" + ], + "https://raw.githubusercontent.com/JJGadgets/flux2-schemas/main/helmrelease-helm-v2beta1.json": [ + "kube/**/helm-release.yaml", + "kube/**/helm-release.yml", + "kube/**/hr.yaml", + "kube/**/hr.yml" + ], + "https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/kyverno.io/clusterpolicy_v1.json": "file:///home/jj-void/GitRepos/JJGadgets/Biohazard/kube/deploy/core/flux-system/misc/kyverno.yaml", + "kubernetes://schema/postgres-operator.crunchydata.com/v1beta1@postgrescluster": [ + "file:///home/jj-void/GitRepos/JJGadgets/Biohazard/kube/deploy/core/db/pg/clusters/default/crunchydata.yaml", + "file:///home/jj-void/GitRepos/JJGadgets/Biohazard/kube/deploy/core/db/pg/clusters/template/crunchy.yaml", + "file:///home/jj-void/GitRepos/JJGadgets/Biohazard/kube/deploy/core/db/pg/clusters/default/crunchy.yaml" + ] + }, + "git.autofetch": false, + "git.autoStash": true, + "editor.mouseWheelZoom": false, + "files.autoSave": "afterDelay", + "editor.formatOnSave": true, + "editor.bracketPairColorization.enabled": true, + "editor.bracketPairColorization.independentColorPoolPerBracketType": true, + "editor.guides.bracketPairs": true, + "editor.matchBrackets": "always", + "editor.autoClosingDelete": "auto", + "editor.autoClosingOvertype": "auto", + "editor.autoSurround": "quotes", + "terminal.integrated.enableMultiLinePasteWarning": true, + "editor.autoClosingBrackets": "languageDefined", + "editor.guides.bracketPairsHorizontal": "active", + "editor.fontFamily": "'Iosevka NF', 'monospace', monospace", + "editor.fontLigatures": true, + "git.alwaysShowStagedChangesResourceGroup": false, + "git.autofetchPeriod": 10, + "git.autorefresh": true, + "git.autoRepositoryDetection": true, + "git.branchProtectionPrompt": "alwaysPrompt", + "git.countBadge": "all", + "git.enableCommitSigning": true, + "git.inputValidation": "warn", + "git.mergeEditor": true, + "git.terminalGitEditor": true, + "git.terminalAuthentication": true, + "git.supportCancellation": true, + "git.showPushSuccessNotification": true, + "git.showProgress": true, + "git.showInlineOpenFileAction": true, + "git.untrackedChanges": "mixed", + "terminal.integrated.confirmOnKill": "always", + "search.useParentIgnoreFiles": true, + "editor.fontSize": 12, + "zoombar.defaultZoom": 100, + "gitblame.inlineMessageEnabled": true, + "scm.diffDecorationsGutterPattern": { + "added": true + }, + "githubPullRequests.quickDiff": true, + "better-comments.highlightPlainText": true, + "todo-tree.ripgrep.ripgrep": "/usr/bin/rg", + "terminal.integrated.cursorStyle": "line", + "terminal.integrated.enableFileLinks": "notRemote", + "terminal.integrated.fontSize": 12, + "terminal.integrated.smoothScrolling": true, + "editor.minimap.showSlider": "always", + "editor.minimap.size": "fill", + "terminal.integrated.env.linux": { + "EDITOR": "code-oss", + "VISUAL": "code-oss" + }, + "terminal.integrated.sendKeybindingsToShell": true, + "terminal.integrated.allowChords": false, + "hungryDelete.enableSmartBackspace": true, + "hungryDelete.languageConfigurations": [ + { + "languageId": "go", + "indentationRules": { + "increaseIndentPattern": "^.*(\\bcase\\b.*:|\\bdefault\\b:|(\\b(func|if|else|switch|select|for|struct)\\b.*)?{[^}\"'`]*|\\([^)\"'`]*)$", + "decreaseIndentPattern": "^\\s*(\\bcase\\b.*:|\\bdefault\\b:|}[)}]*[),]?|\\)[,]?)$" + } }, - "git.autofetch": "all", - "git.autoStash": true -} \ No newline at end of file + { + "languageId": "json", + "indentationRules": { + "increaseIndentPattern": "^.*(\\{[^}]*|\\[[^\\]]*)$", + "decreaseIndentPattern": "^\\s*[}\\]],?\\s*$" + } + }, + { + "languageId": "less", + "indentationRules": { + "increaseIndentPattern": "(^.*\\{[^}]*$)", + "decreaseIndentPattern": "^\\s*\\}" + } + }, + { + "languageId": "yaml", + "indentationRules": { + "increaseIndentPattern": "^\\s*.*(:|-) ?(&\\w+)?(\\{[^}\"']*|\\([^)\"']*)?$", + "decreaseIndentPattern": "^\\s+\\}$" + } + } + ], + "editor.lineNumbers": "relative", + "zenMode.hideLineNumbers": false, + "git.enableSmartCommit": false, + "editor.multiCursorModifier": "ctrlCmd", + "terminal.integrated.tabs.focusMode": "singleClick", + // "editor.tokenColorCustomizations": { + // "comments": "", + // "textMateRules": [] + // } +} diff --git a/Taskfile.dist.yaml b/Taskfile.dist.yaml index 90eb81bf88..e66053afc8 100644 --- a/Taskfile.dist.yaml +++ b/Taskfile.dist.yaml @@ -92,7 +92,7 @@ tasks: KUBECONFIGSOPS: '{{ .KUBECONFIG | default "~/.kube/config.sops.yaml" }}' KCMD: sh: |- - [[ -n "{{.KUBECTL_CMD}}" ]] && echo "{{.KUBECTL_CMD}}" || [[ -n $(command -v kubecolor) ]] && command -v kubecolor && exit || [[ -n $(command -v kubectl) ]] && command -v kubectl && exit || exit 1 + [[ -n "{{.KCMD}}" ]] && echo "{{.KCMD}}" || [[ -n $(command -v kubecolor) ]] && command -v kubecolor && exit || [[ -n $(command -v kubectl) ]] && command -v kubectl && exit || exit 1 KUBETMPDIR: sh: "mktemp -d" KUBECONFIG: "{{.KUBETMPDIR}}/decrypted.yaml" diff --git a/archive/kube/deploy/core/_networking/cilium/app/bootstrap-install/install.sh b/archive/kube/deploy/core/_networking/cilium/app/bootstrap-install/install.sh new file mode 100755 index 0000000000..fee36f6427 --- /dev/null +++ b/archive/kube/deploy/core/_networking/cilium/app/bootstrap-install/install.sh @@ -0,0 +1,6 @@ +#!/bin/bash +## one of these days, I'll learn and switch to Taskfiles +set -euo pipefail +GITROOT=$(git rev-parse --show-toplevel) +source <(sops -d $1 | yq .data | sed -re 's/^/export /g' | sed -e 's/: /="/g' | sed -re 's/$/"/g') +kustomize build $2 --enable-helm | envsubst diff --git a/archive/kube/deploy/core/_networking/cilium/app/bootstrap-install/kustomization.yaml b/archive/kube/deploy/core/_networking/cilium/app/bootstrap-install/kustomization.yaml new file mode 100644 index 0000000000..732cec0537 --- /dev/null +++ b/archive/kube/deploy/core/_networking/cilium/app/bootstrap-install/kustomization.yaml @@ -0,0 +1,28 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +helmCharts: + - name: cilium + repo: https://helm.cilium.io/ + # version: 1.14.2 + version: 1.13.4 + releaseName: cilium + namespace: kube-system + valuesFile: base-values.yaml + # valuesMerge: override + # valuesInline: + # hubble: + # enabled: false + # relay: + # enabled: false + # ui: + # enabled: false + # tls: + # enabled: false + # auto: + # enabled: false +commonAnnotations: + meta.helm.sh/release-name: cilium + meta.helm.sh/release-namespace: kube-system +commonLabels: + app.kubernetes.io/managed-by: Helm diff --git a/kube/deploy/apps/whoogle/app/netpol.yaml b/kube/deploy/apps/whoogle/app/netpol.yaml index 923b6db99f..2b683d5fe5 100644 --- a/kube/deploy/apps/whoogle/app/netpol.yaml +++ b/kube/deploy/apps/whoogle/app/netpol.yaml @@ -35,6 +35,7 @@ spec: - world toPorts: - ports: + - port: "80" - port: "443" # allow querying $IP_HOME_DNS - toCIDRSet: