Restructure deployments

2025-12-23 00:54:26 +00:00 · 2024-12-24 13:25:02 +01:00
parent c267c4ea65
commit 487ce7c0ec
34 changed files with 83 additions and 91 deletions
--- a/infrastructure/base/authelia/base-release.yaml
+++ b/infrastructure/base/authelia/base-release.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/authelia/release.yaml
+# /apps/base/authelia/base-release.yaml
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
--- a/infrastructure/base/authelia/kustomization.yaml
+++ b/infrastructure/base/authelia/kustomization.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/authelia/kustomization.yaml
+# /apps/base/authelia/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: auth
--- a/infrastructure/base/authelia/namespace.yaml
+++ b/infrastructure/base/authelia/namespace.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/authelia/namespace.yaml
+# /apps/base/authelia/namespace.yaml
 apiVersion: v1
 kind: Namespace
 metadata:
--- a/infrastructure/base/authelia/repository.yaml
+++ b/infrastructure/base/authelia/repository.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/authelia/repository.yaml
+# /apps/base/authelia/repository.yaml
 apiVersion: source.toolkit.fluxcd.io/v1
 kind: HelmRepository
 metadata:
--- a/infrastructure/prod/authelia/forward-auth-middleware.yaml
+++ b/infrastructure/prod/authelia/forward-auth-middleware.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/authelia/forward-auth-middleware.yaml
+# /apps/prod/authelia/forward-auth-middleware.yaml
 apiVersion: traefik.containo.us/v1alpha1
 kind: Middleware
 metadata:
--- a/infrastructure/prod/authelia/ingress.yaml
+++ b/infrastructure/prod/authelia/ingress.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/authelia/ingress.yaml
+# /apps/prod/authelia/ingress.yaml
 apiVersion: traefik.containo.us/v1alpha1
 kind: IngressRoute
 metadata:
--- a/infrastructure/prod/authelia/kustomization.yaml
+++ b/infrastructure/prod/authelia/kustomization.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/authelia/kustomization.yaml
+# /apps/prod/authelia/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: auth
--- a/infrastructure/prod/authelia/release.yaml
+++ b/infrastructure/prod/authelia/release.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/authelia/release.yaml
+# /apps/prod/authelia/release.yaml
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
--- a/infrastructure/prod/authelia/users-database.enc.yaml
+++ b/infrastructure/prod/authelia/users-database.enc.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/authelia/users-database.enc.yaml
+# /apps/prod/authelia/users-database.enc.yaml
 apiVersion: v1
 kind: Secret
 metadata:
--- a/infrastructure/prod/authelia/values.yaml
+++ b/infrastructure/prod/authelia/values.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/authelia/values.yaml
+# /apps/prod/authelia/values.yaml
 domain: 'example.com'
 configMap:
  authentication_backend:
--- a/apps/prod/kustomization.yaml
+++ b/apps/prod/kustomization.yaml
@@ -0,0 +1,6 @@
 # apps/prod/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - authelia
  - gitea
--- a/clusters/prod/apps.yaml
+++ b/clusters/prod/apps.yaml
@@ -1,3 +1,4 @@
 # /clusters/prod/apps.yaml
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
@@ -11,7 +12,7 @@ spec:
    kind: GitRepository
    name: flux-system
  dependsOn:
-    - name: infrastructure
+    - name: infrastructure-configs
  decryption:
    provider: sops
    secretRef:
--- a/clusters/prod/infrastructure.yaml
+++ b/clusters/prod/infrastructure.yaml
@@ -1,16 +1,48 @@
 # /clusters/prod/infrastructure.yaml
 ---
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
-  name: infrastructure
+  name: infrastructure-core
  namespace: flux-system
 spec:
  interval: 10m0s
-  path: ./infrastructure/prod
+  path: ./infrastructure/core
  prune: true
  sourceRef:
    kind: GitRepository
    name: flux-system
 ---
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
  name: infrastructure-controllers
  namespace: flux-system
 spec:
  interval: 10m0s
  path: ./infrastructure/controllers
  prune: true
  sourceRef:
    kind: GitRepository
    name: flux-system
  dependsOn:
    - name: infrastructure-core
 ---
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
  name: infrastructure-configs
  namespace: flux-system
 spec:
  interval: 10m0s
  path: ./infrastructure/configs
  prune: true
  sourceRef:
    kind: GitRepository
    name: flux-system
  dependsOn:
    - name: infrastructure-controllers
  decryption:
    provider: sops
    secretRef:
-      name: sops-age
+      name: sops-age
--- a/infrastructure/base/cert-manager/base-release.yaml
+++ b/infrastructure/base/cert-manager/base-release.yaml
@@ -1,19 +0,0 @@
 # /infrastructure/base/cert-manager/release.yaml
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
  name: cert-manager
  namespace: cert-manager
 spec:
  interval: 12h
  chart:
    spec:
      chart: cert-manager
      version: "1.x"
      sourceRef:
        kind: HelmRepository
        name: cert-manager
        namespace: cert-manager
      interval: 12h
  values:
    installCRDs: true
--- a/infrastructure/base/cert-manager/kustomization.yaml
+++ b/infrastructure/base/cert-manager/kustomization.yaml
@@ -1,8 +0,0 @@
 # /infrastructure/base/cert-manager/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: cert-manager
 resources:
  - namespace.yaml
  - repository.yaml
--- a/infrastructure/base/traefik/base-release.yaml
+++ b/infrastructure/base/traefik/base-release.yaml
@@ -1,16 +0,0 @@
 # /infrastructure/base/traefik/release.yaml
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
  name: traefik
  namespace: traefik
 spec:
  interval: 10m
  chart:
    spec:
      chart: traefik
      version: 28.2.0
      sourceRef:
        kind: HelmRepository
        name: traefik-helm-repo
      interval: 10m
--- a/infrastructure/configs/cert-manager/certificate.yaml
+++ b/infrastructure/configs/cert-manager/certificate.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/traefik/certificate.yaml
+# /infrastructure/configs/cert-manager/certificate.yaml
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
--- a/infrastructure/configs/cert-manager/cloudflare-secret.enc.yaml
+++ b/infrastructure/configs/cert-manager/cloudflare-secret.enc.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/cert-manager/secret.enc.yaml
+# /infrastructure/configs/cert-manager/secret.enc.yaml
 apiVersion: v1
 kind: Secret
 metadata:
--- a/infrastructure/configs/cert-manager/issuer.yaml
+++ b/infrastructure/configs/cert-manager/issuer.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/cert-manager/issuer.yaml
+# /infrastructure/configs/cert-manager/issuer.yaml
 apiVersion: cert-manager.io/v1
 kind: ClusterIssuer
 metadata:
--- a/infrastructure/configs/cert-manager/kustomization.yaml
+++ b/infrastructure/configs/cert-manager/kustomization.yaml
@@ -0,0 +1,7 @@
 # /infrastructure/configs/cert-manager/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - cloudflare-secret.enc.yaml
  - issuer.yaml
  - certificate.yaml
--- a/infrastructure/controllers/cert-manager/kustomization.yaml
+++ b/infrastructure/controllers/cert-manager/kustomization.yaml
@@ -1,8 +1,7 @@
-# /infrastructure/base/traefik/kustomization.yaml
+# /infrastructure/controllers/cert-manager/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: traefik
 resources:
  - namespace.yaml
  - repository.yaml
  - release.yaml
--- a/infrastructure/controllers/cert-manager/namespace.yaml
+++ b/infrastructure/controllers/cert-manager/namespace.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/cert-manager/namespace.yaml
+# /infrastructure/controllers/cert-manager/namespace.yaml
 apiVersion: v1
 kind: Namespace
 metadata:
--- a/infrastructure/controllers/cert-manager/release.yaml
+++ b/infrastructure/controllers/cert-manager/release.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/cert-manager/release.yaml
+# /infrastructure/controllers/cert-manager/release.yaml
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
--- a/infrastructure/controllers/cert-manager/repository.yaml
+++ b/infrastructure/controllers/cert-manager/repository.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/cert-manager/repository.yaml
+# /infrastructure/controllers/cert-manager/repository.yaml
 apiVersion: source.toolkit.fluxcd.io/v1
 kind: HelmRepository
 metadata:
--- a/infrastructure/controllers/kustomization.yaml
+++ b/infrastructure/controllers/kustomization.yaml
@@ -0,0 +1,6 @@
 # infrastructure/controllers/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - cert-manager
  - traefik
--- a/infrastructure/controllers/traefik/kustomization.yaml
+++ b/infrastructure/controllers/traefik/kustomization.yaml
@@ -1,8 +1,9 @@
-# /infrastructure/prod/traefik/kustomization.yaml
+# /infrastructure/controllers/traefik/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - ../../base/traefik
+  - namespace.yaml
  - repository.yaml
  - release.yaml
 configMapGenerator:
--- a/infrastructure/controllers/traefik/namespace.yaml
+++ b/infrastructure/controllers/traefik/namespace.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/traefik/namespace.yaml
+# /infrastructure/controllers/traefik/namespace.yaml
 apiVersion: v1
 kind: Namespace
 metadata:
--- a/infrastructure/controllers/traefik/release.yaml
+++ b/infrastructure/controllers/traefik/release.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/traefik/release.yaml
+# /infrastructure/controllers/traefik/release.yaml
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
--- a/infrastructure/controllers/traefik/repository.yaml
+++ b/infrastructure/controllers/traefik/repository.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/traefik/repository.yaml
+# /infrastructure/controllers/traefik/repository.yaml
 apiVersion: source.toolkit.fluxcd.io/v1
 kind: HelmRepository
 metadata:
--- a/infrastructure/controllers/traefik/values.yaml
+++ b/infrastructure/controllers/traefik/values.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/traefik/values.yaml
+# /infrastructure/controllers/traefik/values.yaml
 deployment:
  additionalVolumes:
  - name: access-log
--- a/infrastructure/base/storage-class/kustomization.yaml
+++ b/infrastructure/base/storage-class/kustomization.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/storage-class/kustomization.yaml
+# /infrastructure/core/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
--- a/infrastructure/base/storage-class/storage-class.yaml
+++ b/infrastructure/base/storage-class/storage-class.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/storage-class/storage-class.yaml
+# /infrastructure/core/storage-class.yaml
 apiVersion: storage.k8s.io/v1
 kind: StorageClass
 metadata:
--- a/infrastructure/prod/cert-manager/kustomization.yaml
+++ b/infrastructure/prod/cert-manager/kustomization.yaml
@@ -1,9 +0,0 @@
 # /infrastructure/prod/cert-manager/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - ../../base/cert-manager
  - secret.enc.yaml
  - release.yaml
  - issuer.yaml
--- a/infrastructure/prod/kustomization.yaml
+++ b/infrastructure/prod/kustomization.yaml
@@ -1,8 +0,0 @@
 # /infrastructure/prod/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - ../base/storage-class
  - authelia
  - cert-manager
  - traefik