diff --git a/.github/labeler.yaml b/.github/labeler.yaml index f0a70f56..8a048cd7 100644 --- a/.github/labeler.yaml +++ b/.github/labeler.yaml @@ -2,16 +2,9 @@ area/ansible: - changed-files: - any-glob-to-any-file: ansible/**/* -area/bootstrap: - - changed-files: - - any-glob-to-any-file: bootstrap/**/* area/github: - changed-files: - any-glob-to-any-file: .github/**/* area/kubernetes: - changed-files: - any-glob-to-any-file: kubernetes/**/* -area/taskfile: - - changed-files: - - any-glob-to-any-file: .taskfiles/**/* - - any-glob-to-any-file: Taskfile* diff --git a/.github/labels.yaml b/.github/labels.yaml index 88510325..bac4da07 100644 --- a/.github/labels.yaml +++ b/.github/labels.yaml @@ -1,13 +1,10 @@ --- # Area - { name: "area/ansible", color: "0e8a16" } -- { name: "area/bootstrap", color: "0e8a16" } - { name: "area/github", color: "0e8a16" } - { name: "area/kubernetes", color: "0e8a16" } -- { name: "area/taskfile", color: "0e8a16" } # Distro - { name: "distro/k3s", color: "ffc300" } -- { name: "distro/talos", color: "ffc300" } # Renovate - { name: "renovate/ansible", color: "027fa0" } - { name: "renovate/container", color: "027fa0" } diff --git a/.github/tests/config-k3s-ipv6.yaml b/.github/tests/config-k3s-ipv6.yaml deleted file mode 100644 index 5efa50c6..00000000 --- a/.github/tests/config-k3s-ipv6.yaml +++ /dev/null @@ -1,42 +0,0 @@ ---- -skip_tests: true - -bootstrap_timezone: Etc/UTC -bootstrap_distribution: k3s -bootstrap_node_network: 10.10.10.0/24 -bootstrap_node_default_gateway: 10.10.10.1 -bootstrap_node_inventory: - - name: k8s-controller-0 - address: 10.10.10.100 - controller: true - ssh_user: fake - - name: k8s-worker-0 - address: 10.10.10.101 - controller: false - ssh_user: fake -bootstrap_dns_servers: ["1.1.1.1"] -bootstrap_search_domain: "fake" -bootstrap_pod_network: 10.42.0.0/16,fd7f:8f5:e87c:a::/64 -bootstrap_service_network: 10.43.0.0/16,fd7f:8f5:e87c:e::/112 -bootstrap_controllers_vip: 10.10.10.254 -bootstrap_tls_sans: ["fake"] -bootstrap_sops_age_pubkey: $BOOTSTRAP_AGE_PUBLIC_KEY -bootstrap_bgp: - enabled: false -bootstrap_github_address: https://github.com/onedr0p/cluster-template -bootstrap_github_branch: main -bootstrap_github_webhook_token: fake -bootstrap_cloudflare: - enabled: true - domain: fake - token: take - acme: - email: fake@example.com - production: false - tunnel: - account_id: fake - id: fake - secret: fake - ingress_vip: 10.10.10.252 - ingress_vip: 10.10.10.251 - gateway_vip: 10.10.10.253 diff --git a/.github/tests/config-talos.yaml b/.github/tests/config-talos.yaml deleted file mode 100644 index 545a5469..00000000 --- a/.github/tests/config-talos.yaml +++ /dev/null @@ -1,44 +0,0 @@ ---- -skip_tests: true - -bootstrap_timezone: Etc/UTC -bootstrap_distribution: talos -boostrap_talos: - schematic_id: "df491c50a5acc05b977ef00c32050e1ceb0df746e40b33c643ac8a9bfb7c7263" -bootstrap_node_network: 10.10.10.0/24 -bootstrap_node_default_gateway: 10.10.10.1 -bootstrap_node_inventory: - - name: k8s-controller-0 - address: 10.10.10.100 - controller: true - talos_disk: fake - - name: k8s-worker-0 - address: 10.10.10.101 - controller: false - talos_disk: fake -bootstrap_dns_servers: ["1.1.1.1"] -bootstrap_search_domain: "fake" -bootstrap_pod_network: 10.69.0.0/16 -bootstrap_service_network: 10.96.0.0/16 -bootstrap_controllers_vip: 10.10.10.254 -bootstrap_tls_sans: ["fake"] -bootstrap_sops_age_pubkey: $BOOTSTRAP_AGE_PUBLIC_KEY -bootstrap_bgp: - enabled: false -bootstrap_github_address: https://github.com/onedr0p/cluster-template -bootstrap_github_branch: main -bootstrap_github_webhook_token: fake -bootstrap_cloudflare: - enabled: true - domain: fake - token: take - acme: - email: fake@example.com - production: false - tunnel: - account_id: fake - id: fake - secret: fake - ingress_vip: 10.10.10.252 - ingress_vip: 10.10.10.251 - gateway_vip: 10.10.10.253 diff --git a/.github/workflows/devcontainer.yaml b/.github/workflows/devcontainer.yaml deleted file mode 100644 index 00d37c31..00000000 --- a/.github/workflows/devcontainer.yaml +++ /dev/null @@ -1,57 +0,0 @@ ---- -# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json -name: "devcontainer" - -on: - workflow_dispatch: - push: - branches: ["main"] - paths: [".devcontainer/ci/**"] - pull_request: - branches: ["main"] - paths: [".devcontainer/ci/**"] - schedule: - - cron: "0 0 * * 1" - -concurrency: - group: ${{ github.workflow }}-${{ github.event.number || github.ref }} - cancel-in-progress: true - -jobs: - devcontainer: - name: publish - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - with: - platforms: linux/amd64,linux/arm64 - - - if: ${{ github.event_name != 'pull_request' }} - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Build and push - uses: devcontainers/ci@v0.3 - env: - BUILDX_NO_DEFAULT_ATTESTATIONS: true - with: - imageName: ghcr.io/${{ github.repository }}/devcontainer - # cacheFrom: ghcr.io/${{ github.repository }}/devcontainer - imageTag: base,latest - platform: linux/amd64,linux/arm64 - configFile: .devcontainer/ci/devcontainer.json - push: ${{ github.event_name == 'pull_request' && 'never' || 'always' }} diff --git a/.github/workflows/flux-diff.yaml b/.github/workflows/flux-diff.yaml index 064f6087..afb3bdee 100644 --- a/.github/workflows/flux-diff.yaml +++ b/.github/workflows/flux-diff.yaml @@ -47,7 +47,7 @@ jobs: --strip-attrs "helm.sh/chart,checksum/config,app.kubernetes.io/version,chart" --limit-bytes 10000 --all-namespaces - --sources "flux-systems" + --sources "flux-system" --output-file diff.patch - name: Generate Diff diff --git a/ansible/inventory/group_vars/kubernetes/main.yaml b/ansible/inventory/group_vars/kubernetes/main.yaml index c9512fe5..6ed77279 100644 --- a/ansible/inventory/group_vars/kubernetes/main.yaml +++ b/ansible/inventory/group_vars/kubernetes/main.yaml @@ -15,7 +15,7 @@ k3s_registries: quay.io: registry.k8s.io: # renovate: datasource=github-releases depName=k3s-io/k3s -k3s_release_version: v1.31.1+k3s1 +k3s_release_version: v1.31.2+k3s1 k3s_server_manifests_templates: - custom-cilium-helmchart.yaml - kube-vip-ds.yaml diff --git a/ansible/playbooks/templates/kube-vip-ds.yaml b/ansible/playbooks/templates/kube-vip-ds.yaml deleted file mode 100644 index 417ece30..00000000 --- a/ansible/playbooks/templates/kube-vip-ds.yaml +++ /dev/null @@ -1,75 +0,0 @@ ---- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: kube-vip - namespace: kube-system - labels: - app.kubernetes.io/name: kube-vip -spec: - selector: - matchLabels: - app.kubernetes.io/name: kube-vip - template: - metadata: - labels: - app.kubernetes.io/name: kube-vip - spec: - containers: - - name: kube-vip - image: ghcr.io/kube-vip/kube-vip:v0.8.4 - imagePullPolicy: IfNotPresent - args: ["manager"] - env: - - name: address - value: "192.168.0.77" - - name: vip_arp - value: "true" - - name: lb_enable - value: "true" - - name: port - value: "6443" - - name: vip_cidr - value: "32" - - name: cp_enable - value: "true" - - name: cp_namespace - value: kube-system - - name: vip_ddns - value: "false" - - name: svc_enable - value: "false" - - name: vip_leaderelection - value: "true" - - name: vip_leaseduration - value: "15" - - name: vip_renewdeadline - value: "10" - - name: vip_retryperiod - value: "2" - - name: prometheus_server - value: :2112 - securityContext: - capabilities: - add: ["NET_ADMIN", "NET_RAW", "SYS_TIME"] - hostAliases: - - hostnames: - - kubernetes - ip: 127.0.0.1 - hostNetwork: true - serviceAccountName: kube-vip - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: node-role.kubernetes.io/master - operator: Exists - - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: Exists - tolerations: - - effect: NoSchedule - operator: Exists - - effect: NoExecute - operator: Exists diff --git a/bootstrap/templates/ansible/inventory/group_vars/kubernetes/main.yaml.j2 b/bootstrap/templates/ansible/inventory/group_vars/kubernetes/main.yaml.j2 deleted file mode 100644 index 13470f3b..00000000 --- a/bootstrap/templates/ansible/inventory/group_vars/kubernetes/main.yaml.j2 +++ /dev/null @@ -1,23 +0,0 @@ ---- -k3s_become: true -k3s_etcd_datastore: true -k3s_install_hard_links: true -k3s_registration_address: "#{ bootstrap_controllers_vip }#" -k3s_registries: - mirrors: - docker.io: - gcr.io: - ghcr.io: - k8s.gcr.io: - lscr.io: - mcr.microsoft.com: - public.ecr.aws: - quay.io: - registry.k8s.io: -# renovate: datasource=github-releases depName=k3s-io/k3s -k3s_release_version: v1.31.1+k3s1 -k3s_server_manifests_templates: - - custom-cilium-helmchart.yaml - - kube-vip-ds.yaml - - kube-vip-rbac.yaml -k3s_use_unsupported_config: true diff --git a/kubernetes/raspberry/storage/longhorn/app/helmrelease.yaml b/kubernetes/raspberry/storage/longhorn/app/helmrelease.yaml index 61bde2c1..a58e175e 100644 --- a/kubernetes/raspberry/storage/longhorn/app/helmrelease.yaml +++ b/kubernetes/raspberry/storage/longhorn/app/helmrelease.yaml @@ -45,7 +45,6 @@ spec: gethomepage.dev/icon: longhorn.png gethomepage.dev/name: longhorn gethomepage.dev/pod-selector: "app=longhorn-ui" - gethomepage.dev/widget.type: "longhorn" host: &host "longhorn.raspberry.${SECRET_DOMAIN}" tls: true tlsSecret: "longhorn-certs"