From eb7ca5adb85df517366758c24aeee330a520a740 Mon Sep 17 00:00:00 2001 From: Simon Emms Date: Sat, 30 Nov 2024 16:53:56 +0000 Subject: [PATCH] feat(gotify): install gotify to cluster --- registry/clusters/dev/components/gotify.yaml | 53 +++++++++ registry/clusters/prod/components/gotify.yaml | 24 ++++ registry/components/gotify/application.yaml | 104 ++++++++++++++++++ registry/components/gotify/kustomization.yaml | 7 ++ registry/components/gotify/namespace.yaml | 6 + registry/components/gotify/secret.yaml | 27 +++++ registry/components/gotify/setup.yaml | 34 ++++++ 7 files changed, 255 insertions(+) create mode 100644 registry/clusters/dev/components/gotify.yaml create mode 100644 registry/clusters/prod/components/gotify.yaml create mode 100644 registry/components/gotify/application.yaml create mode 100644 registry/components/gotify/kustomization.yaml create mode 100644 registry/components/gotify/namespace.yaml create mode 100644 registry/components/gotify/secret.yaml create mode 100644 registry/components/gotify/setup.yaml diff --git a/registry/clusters/dev/components/gotify.yaml b/registry/clusters/dev/components/gotify.yaml new file mode 100644 index 0000000..6668261 --- /dev/null +++ b/registry/clusters/dev/components/gotify.yaml @@ -0,0 +1,53 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: gotify-components + namespace: argocd + annotations: + argocd.argoproj.io/sync-wave: "30" + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + source: + repoURL: https://github.com/mrsimonemms/infrastructure + path: registry/components/gotify + targetRevision: HEAD + kustomize: + patches: + - target: + group: argoproj.io + version: v1alpha1 + kind: Application + name: gotify + patch: |- + - op: replace + path: /spec/source/helm/valuesObject/ingress/main/hosts/0/host + value: gotify.dev.simonemms.com + - target: + group: argoproj.io + version: v1alpha1 + kind: Application + name: gotify + patch: |- + - op: replace + path: /spec/source/helm/valuesObject/ingress/main/tls/0/hosts/0 + value: gotify.dev.simonemms.com + - target: + group: argoproj.io + version: v1alpha1 + kind: Application + name: gotify + patch: |- + - op: replace + path: /spec/source/helm/valuesObject/ingress/main/annotations/cert-manager.io~1cluster-issuer + value: letsencrypt-staging + destination: + server: https://kubernetes.default.svc + namespace: gotify + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/registry/clusters/prod/components/gotify.yaml b/registry/clusters/prod/components/gotify.yaml new file mode 100644 index 0000000..0c8ca96 --- /dev/null +++ b/registry/clusters/prod/components/gotify.yaml @@ -0,0 +1,24 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: gotify-components + namespace: argocd + annotations: + argocd.argoproj.io/sync-wave: "10" + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + source: + repoURL: https://github.com/mrsimonemms/infrastructure + path: registry/components/gotify + targetRevision: HEAD + destination: + server: https://kubernetes.default.svc + namespace: gotify + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/registry/components/gotify/application.yaml b/registry/components/gotify/application.yaml new file mode 100644 index 0000000..103fcd6 --- /dev/null +++ b/registry/components/gotify/application.yaml @@ -0,0 +1,104 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: gotify + namespace: argocd + annotations: + argocd.argoproj.io/sync-wave: "10" + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + source: + chart: app-template + repoURL: https://bjw-s.github.io/helm-charts + targetRevision: 3.5.1 + helm: + valuesObject: + controllers: + main: + annotations: + secret.reloader.stakater.com/reload: credentials + defaultContainerOptions: + resources: + requests: + memory: 1Gi + cpu: 150m + containers: + main: + image: + repository: ghcr.io/gotify/server + pullPolicy: IfNotPresent + tag: 2.6.1 + probes: + liveness: + enabled: true + custom: true + spec: + httpGet: + path: /health + port: 8080 + readiness: + enabled: true + custom: true + spec: + httpGet: + path: /health + port: 8080 + env: + - name: TZ + value: UTC + - name: GOTIFY_DATABASE_DIALECT + value: sqlite3 + - name: GOTIFY_SERVER_PORT + value: "8080" + - name: GOTIFY_UPLOADEDIMAGESDIR + value: data/images + - name: GOTIFY_PLUGINSDIR + value: data/plugins + - name: GOTIFY_REGISTRATION + value: "false" + - name: GOTIFY_DEFAULTUSER_NAME + valueFrom: + secretKeyRef: + name: credentials + key: username + - name: GOTIFY_DEFAULTUSER_PASS + valueFrom: + secretKeyRef: + name: credentials + key: password + service: + main: + controller: main + ports: + http: + port: 8080 + ingress: + main: + enabled: true + annotations: + kubernetes.io/tls-acme: "true" + cert-manager.io/cluster-issuer: letsencrypt + className: nginx + hosts: + - host: gotify.simonemms.com + paths: + - path: / + pathType: Prefix + service: + identifier: main + port: http + tls: + - hosts: + - gotify.simonemms.com + secretName: gotify-tls + destination: + server: https://kubernetes.default.svc + namespace: gotify + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/registry/components/gotify/kustomization.yaml b/registry/components/gotify/kustomization.yaml new file mode 100644 index 0000000..2f2904d --- /dev/null +++ b/registry/components/gotify/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - application.yaml + - namespace.yaml + - secret.yaml + - setup.yaml diff --git a/registry/components/gotify/namespace.yaml b/registry/components/gotify/namespace.yaml new file mode 100644 index 0000000..67ef4e3 --- /dev/null +++ b/registry/components/gotify/namespace.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: gotify + annotations: + argocd.argoproj.io/sync-wave: "-1" diff --git a/registry/components/gotify/secret.yaml b/registry/components/gotify/secret.yaml new file mode 100644 index 0000000..696c4ff --- /dev/null +++ b/registry/components/gotify/secret.yaml @@ -0,0 +1,27 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: credentials + namespace: gotify + annotations: + argocd.argoproj.io/sync-wave: "10" +spec: + refreshInterval: 10s + secretStoreRef: + kind: ClusterSecretStore + name: infisical + target: + name: credentials + template: + engineVersion: v2 + data: + username: "{{ .username }}" + password: "{{ .password }}" + token: Basic {{ print .username ":" .password | b64enc }} + data: + - secretKey: username + remoteRef: + key: GOTIFY_USERNAME + - secretKey: password + remoteRef: + key: GOTIFY_PASSWORD diff --git a/registry/components/gotify/setup.yaml b/registry/components/gotify/setup.yaml new file mode 100644 index 0000000..4095214 --- /dev/null +++ b/registry/components/gotify/setup.yaml @@ -0,0 +1,34 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: setup + namespace: gotify + annotations: + argocd.argoproj.io/sync-wave: "20" + argocd.argoproj.io/hook: PostSync + argocd.argoproj.io/hook-delete-policy: HookSucceeded +spec: + ttlSecondsAfterFinished: 30 + backoffLimit: 3 + template: + spec: + containers: + - name: apps + image: alpine/curl:8.10.0 + command: + - sh + - -c + args: + - 'curl -s ${APP_URL}/application -H "Authorization: ${AUTH}" | grep -q "Share" || curl -X POST -s ${APP_URL}/application -H "Authorization: ${AUTH}" -H "Content-Type: application/json" -d "${APPLICATION_DATA}"' + env: + - name: APPLICATION_DATA + value: | + { "defaultPriority": 1, "description": "Share", "name": "Share" } + - name: APP_URL + value: http://gotify:8080 + - name: AUTH + valueFrom: + secretKeyRef: + name: credentials + key: token + restartPolicy: Never