Compare commits
No commits in common. "main" and "36_openproject_prod" have entirely different histories.
main
...
36_openpro
6 changed files with 105 additions and 5 deletions
|
|
@ -50,6 +50,41 @@ spec:
|
||||||
---
|
---
|
||||||
apiVersion: argoproj.io/v1alpha1
|
apiVersion: argoproj.io/v1alpha1
|
||||||
kind: Application
|
kind: Application
|
||||||
|
metadata:
|
||||||
|
name: aaron-drone-runner
|
||||||
|
namespace: argocd
|
||||||
|
spec:
|
||||||
|
project: default
|
||||||
|
sources:
|
||||||
|
- chart: drone-runner-kube
|
||||||
|
repoURL: https://charts.drone.io
|
||||||
|
targetRevision: 0.1.10
|
||||||
|
helm:
|
||||||
|
releaseName: drone-runner
|
||||||
|
values: |
|
||||||
|
extraSecretNamesForEnvFrom:
|
||||||
|
- drone-secrets
|
||||||
|
rbac:
|
||||||
|
buildNamespaces:
|
||||||
|
- aaron-drone
|
||||||
|
env:
|
||||||
|
DRONE_RPC_HOST: drone.ar21.de
|
||||||
|
DRONE_RPC_PROTO: https
|
||||||
|
DRONE_NAMESPACE_DEFAULT: drone
|
||||||
|
- repoURL: https://git.ar21.de/aaron/k8s-deployments.git
|
||||||
|
targetRevision: HEAD
|
||||||
|
path: drone
|
||||||
|
destination:
|
||||||
|
server: https://kubernetes.default.svc
|
||||||
|
namespace: aaron-drone
|
||||||
|
syncPolicy:
|
||||||
|
syncOptions:
|
||||||
|
- CreateNamespace=true
|
||||||
|
automated:
|
||||||
|
prune: false
|
||||||
|
---
|
||||||
|
apiVersion: argoproj.io/v1alpha1
|
||||||
|
kind: Application
|
||||||
metadata:
|
metadata:
|
||||||
name: aaron-hoylogo
|
name: aaron-hoylogo
|
||||||
namespace: argocd
|
namespace: argocd
|
||||||
|
|
@ -118,7 +153,7 @@ spec:
|
||||||
sources:
|
sources:
|
||||||
- chart: cloudnative-pg
|
- chart: cloudnative-pg
|
||||||
repoURL: https://cloudnative-pg.io/charts
|
repoURL: https://cloudnative-pg.io/charts
|
||||||
targetRevision: 0.23.2
|
targetRevision: 0.23.0
|
||||||
helm:
|
helm:
|
||||||
releaseName: cloudnative-pg
|
releaseName: cloudnative-pg
|
||||||
destination:
|
destination:
|
||||||
|
|
@ -140,7 +175,7 @@ spec:
|
||||||
sources:
|
sources:
|
||||||
- repoURL: https://charts.openproject.org
|
- repoURL: https://charts.openproject.org
|
||||||
chart: openproject
|
chart: openproject
|
||||||
targetRevision: 9.10.0
|
targetRevision: 9.7.0
|
||||||
helm:
|
helm:
|
||||||
releaseName: openproject
|
releaseName: openproject
|
||||||
valueFiles:
|
valueFiles:
|
||||||
|
|
|
||||||
5
drone/kustomization.yaml
Normal file
5
drone/kustomization.yaml
Normal file
|
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
generators:
|
||||||
|
- ./secret-generator.yaml
|
||||||
11
drone/secret-generator.yaml
Normal file
11
drone/secret-generator.yaml
Normal file
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
apiVersion: viaduct.ai/v1
|
||||||
|
kind: ksops
|
||||||
|
metadata:
|
||||||
|
name: secret-generator
|
||||||
|
annotations:
|
||||||
|
config.kubernetes.io/function: |
|
||||||
|
exec:
|
||||||
|
path: ksops
|
||||||
|
files:
|
||||||
|
- ./secret.yaml
|
||||||
45
drone/secret.yaml
Normal file
45
drone/secret.yaml
Normal file
|
|
@ -0,0 +1,45 @@
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: drone-secrets
|
||||||
|
type: Opaque
|
||||||
|
data:
|
||||||
|
DRONE_RPC_SECRET: ENC[AES256_GCM,data:jrF3Y4c6HVYse2h8MhzPMTfLhD2VLmAGyr4yxjf0gFspTAVLcYwNtoJbjnI=,iv:7xGbWm5exOTDYJc3Uwj++9HWheyJI+F0SypeAmK7HcI=,tag:ksWv+zzc8fH9a193cNwYXA==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age14uxgmvw26e7f82gkvxl0zwnfc5l75rdn5sms4zj0xrtrnlgn4qlsqh3kkt
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4cWRBQzFHTzR0WUNhc0Rl
|
||||||
|
dWlaTE9BTUFBb250c1ZaVjRrVUY3MjBXcDNjCmgwMjRzcFlmc3NhRUhkdHJHa3BV
|
||||||
|
bis5VWNCY1JFZ0ZpcjhJUWcxZXluZ0kKLS0tIFk1NnhSMWxvZ0JuSTFTV1lwY1Na
|
||||||
|
UW1YSVplRWNZc0o2UjNDUG5CUncvbk0KR/UDgABlTT4wA7CcE31LkPOMk7sXM6jr
|
||||||
|
rccWRqlgEyvD3AgRPQNUEZ/3nJbORhFLDt8jxsT4POFsDtZvxH1f2g==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1z5wtjmk0jw0j9qz9k5rrnp30nzqxrl3v6wgl7eryvqus28zekp4qpx9jc2
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTYkljMUlGZmtnNTU4dnR2
|
||||||
|
dXFyMkNUeFVHMENZa3d0a3MxNGpyYlhSS0VBClVXaXBVTU9GWkNjWk9OakNxakJK
|
||||||
|
a29VNzZ1UGFqNFhWclRONUw5dFo0WVUKLS0tIEQzS2ZxeldzZFY0cWlvRzIvVkl1
|
||||||
|
MGJpczFOcThtTlVrSUROMytRNVVkc0kK0iO5dHZA/PhRGczCqFa1frXGMfJE30Cq
|
||||||
|
ZVfX5HcndP/87F5dv8FO2A9EJz4riz/TjuOpxIUhinDul7JI0T4KQw==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1mraede6gqxkh2rkeq5fjrcflp7emenl2qn885asxvtx5erga2pdqujuexz
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBUXREYjJEUmVwZ1ZTTmZh
|
||||||
|
cnp4K3dYdmczQ3o5RWFzMlF3NTRrOHFaSzA4CnBFbXk2MXVpVUxudXBMRWJwQ0JW
|
||||||
|
S2M3UEp1Qys3L0J1KzNsV1R3d05zamcKLS0tIDhMaDFmeG1vZWkzWDBKWGVoNWJS
|
||||||
|
REFDWXpDUkVkSnkzSmNiMzd6a2ZsbUEKFoDTBpjI/VCPCeqE+hVNk0zswNEWbnNw
|
||||||
|
TTwVfQ1xOXD5FeH8B+9zHo14UTi/Cp9T4OIcYNduKar7K0rQLlgz6A==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2025-02-13T20:19:15Z"
|
||||||
|
mac: ENC[AES256_GCM,data:kCdPeuBOut4sXFYcp5uStaERQL8steUy1MZ51hWlP7sDfHpoKIV2oEEbRDlVy/2+no58WfH161J8gy5dw+B+ambwkcBShUA3D8yR8akX3ZlCSPR+Xp/KsUrtM5CtBmWpCiaI+0RZUnEXcRRWYPzHA4g2Hmrlg5mMmcD63zmV100=,iv:nXWlCN+DNLovf26fyCMDc0GmVtCaKB18pZUVpbqfjzw=,tag:QNT0A0SN8Vt992WAukNpmA==,type:str]
|
||||||
|
pgp: []
|
||||||
|
encrypted_regex: ^(data|stringData)$
|
||||||
|
version: 3.9.1
|
||||||
|
|
@ -17,7 +17,7 @@ spec:
|
||||||
barmanObjectStore:
|
barmanObjectStore:
|
||||||
destinationPath: "s3://openproject/backups"
|
destinationPath: "s3://openproject/backups"
|
||||||
endpointURL: "https://fsn1.your-objectstorage.com"
|
endpointURL: "https://fsn1.your-objectstorage.com"
|
||||||
serverName: "db" # in case of restore change this
|
serverName: "openproject-backup" # in case of restore change this
|
||||||
s3Credentials:
|
s3Credentials:
|
||||||
accessKeyId:
|
accessKeyId:
|
||||||
name: openproject-secret
|
name: openproject-secret
|
||||||
|
|
@ -33,7 +33,7 @@ spec:
|
||||||
barmanObjectStore:
|
barmanObjectStore:
|
||||||
destinationPath: "s3://openproject/backups"
|
destinationPath: "s3://openproject/backups"
|
||||||
endpointURL: "https://fsn1.your-objectstorage.com"
|
endpointURL: "https://fsn1.your-objectstorage.com"
|
||||||
serverName: "db"
|
serverName: "openproject-backup"
|
||||||
s3Credentials:
|
s3Credentials:
|
||||||
accessKeyId:
|
accessKeyId:
|
||||||
name: openproject-secret
|
name: openproject-secret
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
image:
|
image:
|
||||||
registry: git.ar21.de
|
registry: git.ar21.de
|
||||||
repository: aaron/openproject
|
repository: aaron/openproject
|
||||||
tag: '45'
|
tag: '36'
|
||||||
appInit:
|
appInit:
|
||||||
resources:
|
resources:
|
||||||
limits:
|
limits:
|
||||||
|
|
@ -21,6 +21,10 @@ workers:
|
||||||
environment:
|
environment:
|
||||||
OPENPROJECT_DISABLE__PASSWORD__LOGIN: true
|
OPENPROJECT_DISABLE__PASSWORD__LOGIN: true
|
||||||
openproject:
|
openproject:
|
||||||
|
admin_user:
|
||||||
|
password_reset: 'true'
|
||||||
|
name: Aaron Riedel
|
||||||
|
mail: aaron@ar21.de
|
||||||
extraEnvVarsSecret: openproject-secret
|
extraEnvVarsSecret: openproject-secret
|
||||||
oidc:
|
oidc:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue