diff --git a/kubernetes/apps/default/kustomization.yaml b/kubernetes/apps/default/kustomization.yaml deleted file mode 100644 index c298088..0000000 --- a/kubernetes/apps/default/kustomization.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - # Pre Flux-Kustomizations - - ./namespace.yaml - # Flux-Kustomizations - - ./rocky-jump/ks.yaml diff --git a/kubernetes/apps/default/rocky-jump/app/externalsecret.yaml b/kubernetes/apps/default/rocky-jump/app/externalsecret.yaml deleted file mode 100644 index 88948c1..0000000 --- a/kubernetes/apps/default/rocky-jump/app/externalsecret.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: tailscale - namespace: default -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: tailscale-jump-secret - creationPolicy: Owner - template: - engineVersion: v2 - data: - TS_AUTHKEY: "{{ .TS_AUTHKEY }}" - dataFrom: - - extract: - key: tailscale-jump diff --git a/kubernetes/apps/default/rocky-jump/app/helmrelease.yaml b/kubernetes/apps/default/rocky-jump/app/helmrelease.yaml deleted file mode 100644 index 967db0d..0000000 --- a/kubernetes/apps/default/rocky-jump/app/helmrelease.yaml +++ /dev/null @@ -1,74 +0,0 @@ ---- -# yaml-language-server: $schema=https://ks.hsn.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: tailscale - namespace: default -spec: - interval: 30m - chart: - spec: - chart: app-template - version: 2.0.3 - sourceRef: - kind: HelmRepository - name: bjw-s - namespace: flux-system - maxHistory: 2 - install: - remediation: - retries: 3 - upgrade: - cleanupOnFail: true - remediation: - retries: 3 - uninstall: - keepHistory: false - values: - controllers: - main: - annotations: - reloader.stakater.com/auto: "true" - containers: - main: - image: - repository: rockylinux - tag: 9 - command: ["/bin/bash", "-c", "while true; do sleep 10; done"] - tailscale: - image: - repository: ghcr.io/tailscale/tailscale - tag: v1.52.0 - env: - TZ: "America/Chicago" - SA_NAME: valinor-jump - TS_USERSPACE: true - TS_KUBE_SECRET: tailscale-state - TS_EXTRA_ARGS: --advertise-exit-node --ssh - TS_TAILSCALED_EXTRA_ARGS: --debug=0.0.0.0:2000 - envFrom: - - secretRef: - name: tailscale-jump-secret - resources: - requests: - cpu: 5m - memory: 128M - limits: - memory: 256M - service: - main: - ports: - http: - port: 2000 - serviceAccount: - name: tailscale - serviceMonitor: - main: - enabled: true - endpoints: - - port: http - scheme: http - path: /debug/metrics - interval: 1m - scrapeTimeout: 30s diff --git a/kubernetes/apps/default/rocky-jump/app/kustomization.yaml b/kubernetes/apps/default/rocky-jump/app/kustomization.yaml deleted file mode 100644 index 39e1b33..0000000 --- a/kubernetes/apps/default/rocky-jump/app/kustomization.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: default -resources: - - ./rbac.yaml - - ./externalsecret.yaml - - ./helmrelease.yaml diff --git a/kubernetes/apps/default/rocky-jump/app/rbac.yaml b/kubernetes/apps/default/rocky-jump/app/rbac.yaml deleted file mode 100644 index d1c30e7..0000000 --- a/kubernetes/apps/default/rocky-jump/app/rbac.yaml +++ /dev/null @@ -1,43 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: tailscale - namespace: default -rules: - - apiGroups: - - "" - resources: - - secrets - verbs: - - create - - apiGroups: - - "" - resourceNames: - - tailscale-state - resources: - - secrets - verbs: - - get - - update - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: tailscale - namespace: default -subjects: - - kind: ServiceAccount - name: tailscale - namespace: default -roleRef: - kind: Role - name: tailscale - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: tailscale - namespace: default diff --git a/kubernetes/apps/default/rocky-jump/ks.yaml b/kubernetes/apps/default/rocky-jump/ks.yaml deleted file mode 100644 index b4c52f8..0000000 --- a/kubernetes/apps/default/rocky-jump/ks.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: cluster-apps-rocky-jump - namespace: flux-system -spec: - interval: 10m - path: "./kubernetes/apps/default/rocky-jump/app" - prune: true - sourceRef: - kind: GitRepository - name: valinor - wait: false diff --git a/kubernetes/apps/default/rocky.yaml b/kubernetes/apps/default/rocky.yaml new file mode 100644 index 0000000..b1132cf --- /dev/null +++ b/kubernetes/apps/default/rocky.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Pod +metadata: + name: rocky-linux + namespace: default +spec: + containers: + - name: rocky + image: rockylinux:9 + securityContext: + privileged: true + command: ["/bin/bash", "-c", "while true; do sleep 10; done"] + resources: + requests: + cpu: 50m + memory: 443M + limits: + cpu: 4000m + memory: 886M