mirrors/khuedoan-homelab
1
0
Fork 0
mirror of https://github.com/khuedoan/homelab.git synced 2025-02-25 22:18:53 +07:00
Code Issues Packages Projects Releases Wiki Activity
1,600 Commits 6 Branches 8 Tags 12 MiB
4a4828f20b
Commit Graph

239 Commits

Author SHA1 Message Date
Khue Doan
7b744b5e92 ci: get pipeline secrets from Vault 2022-05-14 20:59:15 +07:00
Khue Doan
0e351eb81b fix(tekton): remove Terraform service account 2022-05-14 17:50:58 +07:00
Khue Doan
e710e5814b fix(dex): remove hard coded values 2022-05-14 12:20:16 +07:00
Khue Doan
8abee08165 chore: remove outdated TODOs 2022-05-13 22:45:16 +07:00
Khue Doan
f721976b5b fix(external-secrets): use the correct vault secret ref 2022-05-12 12:11:27 +07:00
Khue Doan
f4447a1a3f fix(vault): update storage class name 2022-05-12 12:11:10 +07:00
Khue Doan
651084c346 fix(vault): disable internal TLS 2022-05-11 23:44:27 +07:00
Khue Doan
50b60fa580 fix(vault): update generate secrets job to use new token 2022-05-11 23:33:58 +07:00
Khue Doan
5a22615744 refactor(vault): switch to Vault Operator 2022-05-11 22:49:58 +07:00
Khue Doan
7f1d413d92 feat(vault): add auto init job 2022-05-10 09:52:40 +07:00
Khue Doan
683282cd76 refactor(vault): disable Vault HA 
Still need manual unseal after rolling upgrade anyway
 2022-05-08 22:10:55 +07:00
Khue Doan
4676650f59 refactor: switch config jobs to cron jobs 2022-05-08 21:20:07 +07:00
Khue Doan
295d43f579 refactor(vault): disable dev mode 2022-05-08 21:20:01 +07:00
Khue Doan
d94c5eb6dd chore(external-secrets): upgrade API version to v1beta1 2022-05-08 11:41:16 +07:00
Khue Doan
5b410ceb1d refactor(platform): replace Authentik with Dex 2022-05-07 11:55:29 +07:00
Khue Doan
71b0217a54 feat: add app name and icon for all ingress 2022-05-04 09:17:42 +07:00
Khue Doan
96216b36f3 refactor(tekton): move external tasks to .tekton 2022-04-17 12:25:26 +07:00
Khue Doan
3f8d910c4d refactor(renovate): reduce update frequency 2022-03-24 11:08:42 +07:00
Khue Doan
4e8de6307d refactor(renovate): get token from Vault 2022-03-24 10:51:17 +07:00
Khue Doan
99054d90c5 fix(gitea): add missing config source (again) 2022-03-24 10:16:45 +07:00
Khue Doan
01bb22cfdd Revert "fix(gitea): add missing config source" 
This reverts commit 2748c86e5a.
 2022-03-24 10:16:20 +07:00
Khue Doan
2748c86e5a fix(gitea): add missing config source 2022-03-24 09:58:19 +07:00
Khue Doan
134c0b4902 refactor(gitea)!: switch init job to structured config as code 2022-03-24 09:54:26 +07:00
Renovate Bot
86807062b2 chore(deps): update all non-major dependencies helm releases 2022-03-23 15:07:13 +00:00
Khue Doan
3f45a5f527 feat(gitea): create or migrate repo depending on config 2022-03-22 13:47:57 +07:00
Khue Doan
f52cca560a feat(gitea): read config from file 2022-03-22 13:08:58 +07:00
Khue Doan
ad180d24de feat(gitea): POC config as code (WIP) 2022-03-22 12:39:22 +07:00
Khue Doan
c0375483f8 feat(gitea): basic config structure in Go 2022-03-15 00:30:17 +07:00
Khue Doan
b5b821f3b4 feat(gitea): initial config as code structure 2022-03-14 23:22:54 +07:00
Khue Doan
1dec81df4a fix(gitea): get admin secret from new source 2022-03-10 00:36:41 +07:00
Khue Doan
a8e6189c85 refactor(vault): use address and token from env vars 2022-03-10 00:32:48 +07:00
Khue Doan
9341f436ab fix(vault): add go.sum back 
Volume mount from config map is read-only
 2022-03-10 00:29:45 +07:00
Khue Doan
3159e37302 Revert "chore: ignore go.sum" 
This reverts commit 082ae89d34.
 2022-03-10 00:29:24 +07:00
Khue Doan
7ab20db660 fix(vault): update go.mod 2022-03-10 00:18:00 +07:00
Khue Doan
dded29b0bd feat(vault): add Job to generate secrets 2022-03-10 00:13:47 +07:00
Khue Doan
6b11f7f142 fix(gitea): update correct secret path 2022-03-09 01:09:05 +07:00
Khue Doan
60b2a3e0fa feat(vault): read random secrets config from file instead 2022-03-09 01:05:51 +07:00
Khue Doan
391ce26c63 refactor(vault): change random secret config structure 2022-03-09 01:00:51 +07:00
Khue Doan
be9817458c feat(vault): add sample random secrets config 2022-03-03 02:54:54 +07:00
Khue Doan
4dec742406 feat(vault): generate secrets from yaml input 2022-03-03 02:37:11 +07:00
Khue Doan
19f9d44f70 feat(vault): create random secret if not exists (WIP) 2022-03-01 02:18:45 +07:00
Khue Doan
082ae89d34 chore: ignore go.sum 2022-02-27 14:07:43 +07:00
Khue Doan
f504955392 style(vault): format go mod 2022-02-27 14:05:57 +07:00
Khue Doan
e86708536a chore(external-secrets): add test vault token as well 
Will remove later
 2022-02-27 13:20:00 +07:00
Khue Doan
c290a32d96 feat(vault): initial random secret generation 2022-02-26 21:48:03 +07:00
Khue Doan
ab795ab34b fix(gitea): use template engine v2 for external secret 2022-02-26 11:46:50 +07:00
Khue Doan
d6ea436368 fix(gitea): remove .data prefix in template 2022-02-26 11:42:30 +07:00
Khue Doan
1764039b9f fix(gitea): escape curly braces 2022-02-26 11:29:09 +07:00
Khue Doan
e5f35f3640 fix(gitea): add missing password template in data 2022-02-26 11:21:34 +07:00
Khue Doan
552feda283 fix(gitea): add missing property for admin secret ref 2022-02-26 10:50:20 +07:00
Khue Doan
182a2d80b4 refactor(gitea)!: use admin secret from vault 2022-02-26 10:46:27 +07:00
Khue Doan
693893bcb2 feat(external-secrets): add test secret store 2022-02-26 10:37:25 +07:00
Khue Doan
adbb6ca247 feat(platform): install external secret operator 2022-02-26 09:28:46 +07:00
Khue Doan
81f0a94574 chore(deps): update all non-major dependencies 
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [cloudflare](https://registry.terraform.io/providers/cloudflare/cloudflare) ([source](https://github.com/cloudflare/terraform-provider-cloudflare)) | required_provider | minor | `~> 3.7.0` -> `~> 3.8.0` |
| [dendrite](https://github.com/locmai/charts) |  | patch | `0.0.1` -> `0.0.2` |
| [renovate](https://github.com/renovatebot/helm-charts) |  | minor | `31.62.0` -> `31.63.2` |

⚠️ Release Notes retrieval for this PR were skipped because no github.com credentials were available.
If you are self-hosted, please see [this instruction](https://github.com/renovatebot/renovate/blob/master/docs/usage/examples/self-hosting.md#githubcom-token-for-release-notes).

---

📅 **Schedule**: At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Reviewed-on: https://git.khuedoan.com/ops/homelab/pulls/2
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-committed-by: Renovate Bot <bot@renovateapp.com>
 2022-01-31 23:21:52 +07:00
Khue Doan
983c8deeea fix: set Gitea root url 
https://github.com/renovatebot/renovate/discussions/9774
 2022-01-30 21:29:42 +07:00
Khue Doan
734ba9c6e4 fix(renovate): use the configured git endpoint directly 2022-01-30 17:30:06 +07:00
Khue Doan
9b29eb38ab fix(renovate): use HTTPS Gitea endpoint via Ingress 2022-01-30 17:00:33 +07:00
Khue Doan
0aefd5a94f fix(renovate): update syntax 2022-01-30 16:24:03 +07:00
Khue Doan
9012cc500b chore(renovate): update test token 2022-01-30 16:15:10 +07:00
Khue Doan
e6d945d3ff Revert "Revert "feat(platform): install Renovate Bot"" 
This reverts commit 70c1b3f385.
 2022-01-30 16:11:06 +07:00
Renovate Bot
d6a8495767 chore(deps): update all non-major dependencies helm releases 2022-01-27 18:19:34 +00:00
Khue Doan
70c1b3f385 Revert "feat(platform): install Renovate Bot" 
This reverts commit 6f7b16d2f9.

Probably better to run as a Tekton pipeline instead of a Job
 2022-01-24 00:18:56 +07:00
Khue Doan
26fcbf6370 fix(renovate): add missing Gitea endpoint 2022-01-24 00:12:25 +07:00
Khue Doan
1e4f3c130e chore(renovate): update cron for testing 2022-01-23 23:47:56 +07:00
Khue Doan
1171411af2 fix(renovate): fix incorrect chart name 2022-01-23 23:37:37 +07:00
Khue Doan
1412aa4f28 chore(renovate): update default config 2022-01-23 23:28:31 +07:00
Khue Doan
6f7b16d2f9 feat(platform): install Renovate Bot 2022-01-23 23:24:20 +07:00
Khue Doan
8b31c9e9e2 fix(vault): set storage class explicitly 2022-01-22 19:21:30 +07:00
Khue Doan
bb356a41de Revert "refactor(vault): disable dev mode" 
This reverts commit e839a96bfb.

Still not ready yet
 2022-01-22 08:59:57 +07:00
Khue Doan
e839a96bfb refactor(vault): disable dev mode 
Get ready for auto init
 2022-01-19 18:46:00 +07:00
Khue Doan
d49eec60ad Revert "feat(tekton): let ArgoCD manage Tekton config for all repo" 
This reverts commit 9cbcf7721f.
 2022-01-02 17:16:49 +07:00
Khue Doan
9e0bc7eff2 fix(trow): fix NGINX max body size syntax (again) 2022-01-01 00:28:15 +07:00
Khue Doan
9aeead0e09 fix(trow): fix NGINX max body size syntax 2022-01-01 00:08:15 +07:00
Khue Doan
74081c584a refactor: disable some tunnels 2021-12-30 11:30:02 +07:00
Khue Doan
09eed8a5a0 fix(trow): remove Ingress request body size limit 2021-12-29 22:52:40 +07:00
Khue Doan
f86077894c ci: disable blog pipeline for now 2021-12-27 14:15:03 +07:00
Khue Doan
9cbcf7721f feat(tekton): let ArgoCD manage Tekton config for all repo 2021-12-27 11:18:31 +07:00
Khue Doan
6afac60219 Revert "refactor(trow): testing user and password" 
This reverts commit 122eab6736.
 2021-12-26 23:02:18 +07:00
Khue Doan
122eab6736 refactor(trow): testing user and password 2021-12-26 13:56:21 +07:00
Khue Doan
bde8724284 style: format YAMLs to fix yamllint 2021-12-26 12:36:14 +07:00
Khue Doan
b879ad282a Revert "refactor: expose Tekton dashboard to the internet" 
This reverts commit e09aa337cc.
 2021-12-26 01:54:45 +07:00
Khue Doan
e007c71855 fix(trow): set storage class explicitly 2021-12-25 23:54:57 +07:00
Khue Doan
c2f86a18a9 chore(authentik): reduce Redis volume size 2021-12-25 22:30:32 +07:00
Khue Doan
fced2670b9 fix(authentik): indent 2021-12-25 22:05:46 +07:00
Khue Doan
aa80484b2a fix(authentik): re-enable Redis 2021-12-25 18:50:56 +07:00
Khue Doan
9519ffc68f refactor(platform): temporarily remove Knative 2021-12-25 18:48:25 +07:00
Khue Doan
85dadf8671 feat(tekton): install pull request task 2021-12-25 17:05:56 +07:00
Khue Doan
22940f9aa6 Revert "Revert "Revert "Revert "Revert "tekton: use read-only dashboard""""" 
This reverts commit cb370c214c.

I PROMISE THIS IS THE LAST TIME
 2021-12-25 16:38:18 +07:00
Khue Doan
0408d9d0a5 fix(gitea): do not overwrite admin username 
CreateUser: name is reserved [name: admin]
 2021-12-25 16:10:00 +07:00
Khue Doan
0b5dcd97ab chore(gitea): upgrade chart version to 5.0.0 2021-12-25 15:30:58 +07:00
Khue Doan
e40341449e Revert "Revert "refactor: expose container registry to the internet"" 
This reverts commit e43d1f42c2.
 2021-12-25 14:23:47 +07:00
Khue Doan
e09aa337cc refactor: expose Tekton dashboard to the internet 2021-12-25 13:51:34 +07:00
Khue Doan
bbf418f45b feat(tekton): install Kaniko task 2021-12-25 13:42:33 +07:00
Khue Doan
f9dd268934 fix(trow): increase max body size for Ingress 
413 Request Entity Too Large
 2021-12-25 13:33:00 +07:00
Khue Doan
e43d1f42c2 Revert "refactor: expose container registry to the internet" 
This reverts commit 64c872fcd1.
 2021-12-25 13:25:38 +07:00
Khue Doan
9db137683f fix(trow): use the correct service port 2021-12-25 13:22:44 +07:00
Khue Doan
64c872fcd1 refactor: expose container registry to the internet 2021-12-25 12:32:14 +07:00
Khue Doan
490aa7b9e4 chore(tekton): rename Terraform secrets 2021-12-25 12:01:57 +07:00
Khue Doan
e7bd2e35f8 fix(trow): workaround deprecated ingress resource 
https://github.com/ContainerSolutions/trow/issues/282
 2021-12-25 11:54:38 +07:00
Khue Doan
27468592ce build: inject Terraform secrets to tekton-pipelines namespace 2021-12-25 03:03:46 +07:00