diff --git a/SETUP.md b/SETUP.md index 64d7f70..2ac62a9 100644 --- a/SETUP.md +++ b/SETUP.md @@ -2,7 +2,7 @@ ## Install nfs-subdir-external-provisioner ```bash helm install nfs-subdir-external-provisioner nfs-subdir-external-provisioner/nfs-subdir-external-provisioner \ - --set nfs.server=192.168.15.61 \ + --set nfs.server= \ --set nfs.path=/export/config \ --set storageClass.name=nfs-client \ --set storageClass.pathPattern='${.PVC.namespace}/${.PVC.annotations.nfs.io/storage-path}' @@ -52,14 +52,20 @@ kubectl apply -f metallb-system/address-pool.yaml ```bash kubectl create namespace cert-manager kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.15.1/cert-manager.yaml +``` -# Create the private key for local CA +Create the private key for local CA: +```bash openssl genrsa -out ca.key 4096 +``` -# Create the root certificate, valid for 10 years +Create the root certificate (valid for 10 years): +```bash openssl req -x509 -new -nodes -key ca.key -sha256 -days 3650 -out ca.crt -subj "/CN=Homelab CA" - -# Create secret and ClusterIssuer -kubectl create secret tls internal-ca-secret -cert=ca.crt --key=ca.key -n cert-manager -kubectl apply -f cert-manager/cluster-issuer.yaml +``` + +Create secret and ClusterIssuer +```bash +kubectl create secret tls internal-ca-secret --cert=ca.crt --key=ca.key -n cert-manager +kubectl apply -f certs/internal-issuer.yaml ``` \ No newline at end of file diff --git a/dev/gitea-runner.yaml b/dev/gitea-runner.yaml index 234aae1..fba49fb 100644 --- a/dev/gitea-runner.yaml +++ b/dev/gitea-runner.yaml @@ -27,7 +27,7 @@ data: capacity: 4 timeout: 1h labels: - - "ubuntu-arm64:docker://docker.gitea.com/runner-images:ubuntu-latest-slim" + - "ubuntu-arm64:docker://docker.gitea.com/runner-images:ubuntu-latest" --- # PersistentVolumeClaim for AMD64 apiVersion: v1 @@ -176,7 +176,7 @@ spec: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - - key: kubernetes.io/arch + - key: kubernetes.io/hostname operator: In values: - - arm64 \ No newline at end of file + - nexus \ No newline at end of file diff --git a/infra/README.md b/infra/README.md new file mode 100644 index 0000000..e4905bb --- /dev/null +++ b/infra/README.md @@ -0,0 +1,3 @@ +```bash +kubectl create secret generic beszel-key --from-literal=SECRET-KEY= -n infra +``` \ No newline at end of file diff --git a/infra/beszel-agent.yaml b/infra/beszel-agent.yaml index 1f2f74b..8b8a508 100644 --- a/infra/beszel-agent.yaml +++ b/infra/beszel-agent.yaml @@ -22,22 +22,10 @@ spec: secretKeyRef: name: beszel-key key: SECRET-KEY - image: henrygd/beszel-agent:latest + image: henrygd/beszel-agent:0.12.10 imagePullPolicy: Always name: beszel-agent ports: - containerPort: 45876 hostPort: 45876 - restartPolicy: Always - tolerations: - - effect: NoSchedule - key: node-role.kubernetes.io/master - operator: Exists - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane - operator: Exists - updateStrategy: - rollingUpdate: - maxSurge: 0 - maxUnavailable: 100% - type: RollingUpdate \ No newline at end of file + restartPolicy: Always \ No newline at end of file diff --git a/infra/beszel.yaml b/infra/beszel.yaml index 4c38847..56ca055 100644 --- a/infra/beszel.yaml +++ b/infra/beszel.yaml @@ -17,7 +17,7 @@ spec: spec: containers: - name: beszel - image: henrygd/beszel:latest + image: ghcr.io/henrygd/beszel/beszel:0.12.10 imagePullPolicy: Always env: - name: PUID