Restructure deployments

2025-12-22 16:44:24 +00:00 · 2024-12-24 13:25:02 +01:00
parent c267c4ea65
commit 487ce7c0ec
34 changed files with 83 additions and 91 deletions
--- a/infrastructure/base/authelia/base-release.yaml
+++ b/infrastructure/base/authelia/base-release.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/authelia/release.yaml
+# /apps/base/authelia/base-release.yaml
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
--- a/infrastructure/base/authelia/kustomization.yaml
+++ b/infrastructure/base/authelia/kustomization.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/authelia/kustomization.yaml
+# /apps/base/authelia/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: auth
--- a/infrastructure/base/authelia/namespace.yaml
+++ b/infrastructure/base/authelia/namespace.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/authelia/namespace.yaml
+# /apps/base/authelia/namespace.yaml
 apiVersion: v1
 kind: Namespace
 metadata:
--- a/infrastructure/base/authelia/repository.yaml
+++ b/infrastructure/base/authelia/repository.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/authelia/repository.yaml
+# /apps/base/authelia/repository.yaml
 apiVersion: source.toolkit.fluxcd.io/v1
 kind: HelmRepository
 metadata:
--- a/infrastructure/prod/authelia/forward-auth-middleware.yaml
+++ b/infrastructure/prod/authelia/forward-auth-middleware.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/authelia/forward-auth-middleware.yaml
+# /apps/prod/authelia/forward-auth-middleware.yaml
 apiVersion: traefik.containo.us/v1alpha1
 kind: Middleware
 metadata:
--- a/infrastructure/prod/authelia/ingress.yaml
+++ b/infrastructure/prod/authelia/ingress.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/authelia/ingress.yaml
+# /apps/prod/authelia/ingress.yaml
 apiVersion: traefik.containo.us/v1alpha1
 kind: IngressRoute
 metadata:
--- a/infrastructure/prod/authelia/kustomization.yaml
+++ b/infrastructure/prod/authelia/kustomization.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/authelia/kustomization.yaml
+# /apps/prod/authelia/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: auth
--- a/infrastructure/prod/authelia/release.yaml
+++ b/infrastructure/prod/authelia/release.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/authelia/release.yaml
+# /apps/prod/authelia/release.yaml
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
--- a/infrastructure/prod/authelia/users-database.enc.yaml
+++ b/infrastructure/prod/authelia/users-database.enc.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/authelia/users-database.enc.yaml
+# /apps/prod/authelia/users-database.enc.yaml
 apiVersion: v1
 kind: Secret
 metadata:
--- a/infrastructure/prod/authelia/values.yaml
+++ b/infrastructure/prod/authelia/values.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/authelia/values.yaml
+# /apps/prod/authelia/values.yaml
 domain: 'example.com'
 configMap:
  authentication_backend:
--- a/apps/prod/kustomization.yaml
+++ b/apps/prod/kustomization.yaml
@@ -0,0 +1,6 @@
+# apps/prod/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - authelia
+  - gitea
--- a/clusters/prod/apps.yaml
+++ b/clusters/prod/apps.yaml
@@ -1,3 +1,4 @@
+# /clusters/prod/apps.yaml
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
@@ -11,7 +12,7 @@ spec:
    kind: GitRepository
    name: flux-system
  dependsOn:
-    - name: infrastructure
+    - name: infrastructure-configs
  decryption:
    provider: sops
    secretRef:
--- a/clusters/prod/infrastructure.yaml
+++ b/clusters/prod/infrastructure.yaml
@@ -1,16 +1,48 @@
+# /clusters/prod/infrastructure.yaml
+---
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
-  name: infrastructure
+  name: infrastructure-core
  namespace: flux-system
 spec:
  interval: 10m0s
-  path: ./infrastructure/prod
+  path: ./infrastructure/core
  prune: true
  sourceRef:
    kind: GitRepository
    name: flux-system
+---
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: infrastructure-controllers
+  namespace: flux-system
+spec:
+  interval: 10m0s
+  path: ./infrastructure/controllers
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+  dependsOn:
+    - name: infrastructure-core
+---
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: infrastructure-configs
+  namespace: flux-system
+spec:
+  interval: 10m0s
+  path: ./infrastructure/configs
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+  dependsOn:
+    - name: infrastructure-controllers
  decryption:
    provider: sops
    secretRef:
-      name: sops-age
+      name: sops-age
--- a/infrastructure/base/cert-manager/base-release.yaml
+++ b/infrastructure/base/cert-manager/base-release.yaml
@@ -1,19 +0,0 @@
-# /infrastructure/base/cert-manager/release.yaml
-apiVersion: helm.toolkit.fluxcd.io/v2
-kind: HelmRelease
-metadata:
-  name: cert-manager
-  namespace: cert-manager
-spec:
-  interval: 12h
-  chart:
-    spec:
-      chart: cert-manager
-      version: "1.x"
-      sourceRef:
-        kind: HelmRepository
-        name: cert-manager
-        namespace: cert-manager
-      interval: 12h
-  values:
-    installCRDs: true
--- a/infrastructure/base/cert-manager/kustomization.yaml
+++ b/infrastructure/base/cert-manager/kustomization.yaml
@@ -1,8 +0,0 @@
-# /infrastructure/base/cert-manager/kustomization.yaml
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: cert-manager
-
-resources:
-  - namespace.yaml
-  - repository.yaml
--- a/infrastructure/base/traefik/base-release.yaml
+++ b/infrastructure/base/traefik/base-release.yaml
@@ -1,16 +0,0 @@
-# /infrastructure/base/traefik/release.yaml
-apiVersion: helm.toolkit.fluxcd.io/v2
-kind: HelmRelease
-metadata:
-  name: traefik
-  namespace: traefik
-spec:
-  interval: 10m
-  chart:
-    spec:
-      chart: traefik
-      version: 28.2.0
-      sourceRef:
-        kind: HelmRepository
-        name: traefik-helm-repo
-      interval: 10m
--- a/infrastructure/configs/cert-manager/certificate.yaml
+++ b/infrastructure/configs/cert-manager/certificate.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/traefik/certificate.yaml
+# /infrastructure/configs/cert-manager/certificate.yaml
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
--- a/infrastructure/configs/cert-manager/cloudflare-secret.enc.yaml
+++ b/infrastructure/configs/cert-manager/cloudflare-secret.enc.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/cert-manager/secret.enc.yaml
+# /infrastructure/configs/cert-manager/secret.enc.yaml
 apiVersion: v1
 kind: Secret
 metadata:
--- a/infrastructure/configs/cert-manager/issuer.yaml
+++ b/infrastructure/configs/cert-manager/issuer.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/cert-manager/issuer.yaml
+# /infrastructure/configs/cert-manager/issuer.yaml
 apiVersion: cert-manager.io/v1
 kind: ClusterIssuer
 metadata:
--- a/infrastructure/configs/cert-manager/kustomization.yaml
+++ b/infrastructure/configs/cert-manager/kustomization.yaml
@@ -0,0 +1,7 @@
+# /infrastructure/configs/cert-manager/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - cloudflare-secret.enc.yaml
+  - issuer.yaml
+  - certificate.yaml
--- a/infrastructure/controllers/cert-manager/kustomization.yaml
+++ b/infrastructure/controllers/cert-manager/kustomization.yaml
@@ -1,8 +1,7 @@
-# /infrastructure/base/traefik/kustomization.yaml
+# /infrastructure/controllers/cert-manager/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
-namespace: traefik
-
 resources:
  - namespace.yaml
  - repository.yaml
+  - release.yaml
--- a/infrastructure/controllers/cert-manager/namespace.yaml
+++ b/infrastructure/controllers/cert-manager/namespace.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/cert-manager/namespace.yaml
+# /infrastructure/controllers/cert-manager/namespace.yaml
 apiVersion: v1
 kind: Namespace
 metadata:
--- a/infrastructure/controllers/cert-manager/release.yaml
+++ b/infrastructure/controllers/cert-manager/release.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/cert-manager/release.yaml
+# /infrastructure/controllers/cert-manager/release.yaml
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
--- a/infrastructure/controllers/cert-manager/repository.yaml
+++ b/infrastructure/controllers/cert-manager/repository.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/cert-manager/repository.yaml
+# /infrastructure/controllers/cert-manager/repository.yaml
 apiVersion: source.toolkit.fluxcd.io/v1
 kind: HelmRepository
 metadata:
--- a/infrastructure/controllers/kustomization.yaml
+++ b/infrastructure/controllers/kustomization.yaml
@@ -0,0 +1,6 @@
+# infrastructure/controllers/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - cert-manager
+  - traefik
--- a/infrastructure/controllers/traefik/kustomization.yaml
+++ b/infrastructure/controllers/traefik/kustomization.yaml
@@ -1,8 +1,9 @@
-# /infrastructure/prod/traefik/kustomization.yaml
+# /infrastructure/controllers/traefik/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - ../../base/traefik
+  - namespace.yaml
+  - repository.yaml
  - release.yaml

 configMapGenerator:
--- a/infrastructure/controllers/traefik/namespace.yaml
+++ b/infrastructure/controllers/traefik/namespace.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/traefik/namespace.yaml
+# /infrastructure/controllers/traefik/namespace.yaml
 apiVersion: v1
 kind: Namespace
 metadata:
--- a/infrastructure/controllers/traefik/release.yaml
+++ b/infrastructure/controllers/traefik/release.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/traefik/release.yaml
+# /infrastructure/controllers/traefik/release.yaml
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
--- a/infrastructure/controllers/traefik/repository.yaml
+++ b/infrastructure/controllers/traefik/repository.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/traefik/repository.yaml
+# /infrastructure/controllers/traefik/repository.yaml
 apiVersion: source.toolkit.fluxcd.io/v1
 kind: HelmRepository
 metadata:
--- a/infrastructure/controllers/traefik/values.yaml
+++ b/infrastructure/controllers/traefik/values.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/prod/traefik/values.yaml
+# /infrastructure/controllers/traefik/values.yaml
 deployment:
  additionalVolumes:
  - name: access-log
--- a/infrastructure/base/storage-class/kustomization.yaml
+++ b/infrastructure/base/storage-class/kustomization.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/storage-class/kustomization.yaml
+# /infrastructure/core/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
--- a/infrastructure/base/storage-class/storage-class.yaml
+++ b/infrastructure/base/storage-class/storage-class.yaml
@@ -1,4 +1,4 @@
-# /infrastructure/base/storage-class/storage-class.yaml
+# /infrastructure/core/storage-class.yaml
 apiVersion: storage.k8s.io/v1
 kind: StorageClass
 metadata:
--- a/infrastructure/prod/cert-manager/kustomization.yaml
+++ b/infrastructure/prod/cert-manager/kustomization.yaml
@@ -1,9 +0,0 @@
-# /infrastructure/prod/cert-manager/kustomization.yaml
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - ../../base/cert-manager
-  - secret.enc.yaml
-  - release.yaml
-  - issuer.yaml
-
--- a/infrastructure/prod/kustomization.yaml
+++ b/infrastructure/prod/kustomization.yaml
@@ -1,8 +0,0 @@
-# /infrastructure/prod/kustomization.yaml
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - ../base/storage-class
-  - authelia
-  - cert-manager
-  - traefik