diff --git a/argo-apps/cloud/foundry-code-and-quest-app.cd.yaml b/argo-apps/cloud/foundry-code-and-quest-app.cd.yaml new file mode 100644 index 0000000..7d2bd8a --- /dev/null +++ b/argo-apps/cloud/foundry-code-and-quest-app.cd.yaml @@ -0,0 +1,54 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: cloud-foundry-code-and-quest + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: foundry + syncPolicy: + automated: + prune: true + destination: + name: cloud + namespace: foundry + source: + repoURL: https://charts.derwitt.dev + targetRevision: 12.0.2 + chart: foundryvtt + helm: + releaseName: code-and-quest + values: | + + config: + enableTelemetry: true + defaultWorld: danddhard + existingSecret: + name: code-and-quest-foundryvtt + containsLicenseKey: true + containsAwsConfig: true + storage: + className: longhorn + size: 5Gi + resources: + requests: + cpu: 40m + memory: 512Mi + limits: + memory: 512Mi + ingress: + enabled: true + className: nginx + annotations: + cert-manager.io/cluster-issuer: code-and-quest-de-letsencrypt + nginx.ingress.kubernetes.io/proxy-body-size: 64m + hosts: + - host: vtt.code-and-quest.de + paths: + - path: / + pathType: ImplementationSpecific + tls: + - hosts: + - vtt.code-and-quest.de + secretName: foundry-code-and-quest-ingress-tls diff --git a/cloud/custom-resources/argo-workflows/code-and-quest-backup-restore.yaml b/cloud/custom-resources/argo-workflows/code-and-quest-backup-restore.yaml index 819f0b6..070aded 100644 --- a/cloud/custom-resources/argo-workflows/code-and-quest-backup-restore.yaml +++ b/cloud/custom-resources/argo-workflows/code-and-quest-backup-restore.yaml @@ -25,9 +25,9 @@ spec: arguments: parameters: - name: instance - value: foundry + value: code-and-quest-foundryvtt - name: pvc-name - value: foundry-data-pvc + value: data-code-and-quest-foundryvtt-0 templateRef: name: foundry-backup-restore-template template: main @@ -39,7 +39,7 @@ spec: arguments: parameters: - name: name - value: foundry + value: code-and-quest-foundryvtt - name: replicaCount value: "1" - name: type diff --git a/cloud/custom-resources/argo-workflows/code-and-quest-offsite-backup.yaml b/cloud/custom-resources/argo-workflows/code-and-quest-offsite-backup.yaml index 507d3c5..9dd01b7 100644 --- a/cloud/custom-resources/argo-workflows/code-and-quest-offsite-backup.yaml +++ b/cloud/custom-resources/argo-workflows/code-and-quest-offsite-backup.yaml @@ -32,11 +32,11 @@ spec: arguments: parameters: - name: instance - value: foundry + value: code-and-quest-foundryvtt - name: restic-hostname - value: foundry-data + value: code-and-quest-foundryvtt - name: pvc-name - value: foundry-data-pvc + value: data-code-and-quest-foundryvtt-0 - name: exit-handler steps: @@ -44,7 +44,7 @@ spec: arguments: parameters: - name: name - value: foundry + value: code-and-quest-foundryvtt - name: replicaCount value: "1" - name: type diff --git a/cloud/custom-resources/external-secrets/foundry-credentials.yaml b/cloud/custom-resources/external-secrets/code-and-quest-foundryvtt.yaml similarity index 50% rename from cloud/custom-resources/external-secrets/foundry-credentials.yaml rename to cloud/custom-resources/external-secrets/code-and-quest-foundryvtt.yaml index 108976b..4ff76d0 100644 --- a/cloud/custom-resources/external-secrets/foundry-credentials.yaml +++ b/cloud/custom-resources/external-secrets/code-and-quest-foundryvtt.yaml @@ -2,19 +2,14 @@ apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret metadata: - name: foundry-credentials - labels: - app.kubernetes.io/name: foundry-credentials - app.kubernetes.io/component: foundry - app.kubernetes.io/part-of: foundry - app.kubernetes.io/managed-by: argocd + name: code-and-quest-foundryvtt spec: refreshInterval: 1h secretStoreRef: name: vault-backend-foundry kind: ClusterSecretStore target: - name: foundry-credentials + name: code-and-quest-foundryvtt creationPolicy: Owner deletionPolicy: Delete data: @@ -28,3 +23,18 @@ spec: key: /credentials property: password secretKey: foundry-password + - remoteRef: + conversionStrategy: Default + key: /license + property: code-and-quest-license-key + secretKey: foundry-license-key + - remoteRef: + conversionStrategy: Default + key: /settings + property: code-and-quest-admin-key + secretKey: admin-key + - remoteRef: + conversionStrategy: Default + key: /settings + property: code-and-quest-aws-config + secretKey: awsConfig.json diff --git a/cloud/custom-resources/external-secrets/foundry-licenses.yaml b/cloud/custom-resources/external-secrets/foundry-licenses.yaml deleted file mode 100644 index df04399..0000000 --- a/cloud/custom-resources/external-secrets/foundry-licenses.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: foundry-licenses - labels: - app.kubernetes.io/name: foundry-licenses - app.kubernetes.io/component: foundry - app.kubernetes.io/part-of: foundry - app.kubernetes.io/managed-by: argocd -spec: - refreshInterval: 1h - secretStoreRef: - name: vault-backend-foundry - kind: ClusterSecretStore - target: - name: foundry-licenses - creationPolicy: Owner - deletionPolicy: Delete - data: - - remoteRef: - conversionStrategy: Default - key: /license - property: foundry-license-key - secretKey: foundry-license-key diff --git a/cloud/custom-resources/external-secrets/foundry-settings.yaml b/cloud/custom-resources/external-secrets/foundry-settings.yaml deleted file mode 100644 index de2a6ab..0000000 --- a/cloud/custom-resources/external-secrets/foundry-settings.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: foundry-settings - labels: - app.kubernetes.io/name: foundry-settings - app.kubernetes.io/component: foundry - app.kubernetes.io/part-of: foundry - app.kubernetes.io/managed-by: argocd -spec: - refreshInterval: 1h - secretStoreRef: - name: vault-backend-foundry - kind: ClusterSecretStore - target: - name: foundry-settings - creationPolicy: Owner - deletionPolicy: Delete - data: - - remoteRef: - conversionStrategy: Default - key: /settings - property: admin-key - secretKey: admin-key - - remoteRef: - conversionStrategy: Default - key: /settings - property: aws-config - secretKey: awsConfig.json diff --git a/cloud/custom-resources/external-secrets/saltysausage-foundryvtt.yaml b/cloud/custom-resources/external-secrets/saltysausage-foundryvtt.yaml index 2bd5d95..11da207 100644 --- a/cloud/custom-resources/external-secrets/saltysausage-foundryvtt.yaml +++ b/cloud/custom-resources/external-secrets/saltysausage-foundryvtt.yaml @@ -26,7 +26,7 @@ spec: - remoteRef: conversionStrategy: Default key: /license - property: foundry-saltysausage-license-key + property: saltysausage-license-key secretKey: foundry-license-key - remoteRef: conversionStrategy: Default diff --git a/cloud/networking/foundry-ingress.yaml b/cloud/networking/foundry-ingress.yaml deleted file mode 100644 index 743c89b..0000000 --- a/cloud/networking/foundry-ingress.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: foundry - labels: - app.kubernetes.io/name: foundry - app.kubernetes.io/component: foundry - app.kubernetes.io/part-of: foundry - app.kubernetes.io/managed-by: argocd - annotations: - cert-manager.io/cluster-issuer: code-and-quest-de-letsencrypt - nginx.ingress.kubernetes.io/proxy-body-size: 64m -spec: - ingressClassName: nginx - tls: - - hosts: - - vtt.code-and-quest.de - secretName: foundry-ingress-tls - rules: - - host: vtt.code-and-quest.de - http: - paths: - - pathType: Prefix - path: "/" - backend: - service: - name: foundry - port: - name: http diff --git a/cloud/storage/foundry-data-pvc.yaml b/cloud/storage/foundry-data-pvc.yaml deleted file mode 100644 index 7f10274..0000000 --- a/cloud/storage/foundry-data-pvc.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: foundry-data-pvc - labels: - app.kubernetes.io/name: foundry-data-pvc - app.kubernetes.io/component: foundry - app.kubernetes.io/part-of: foundry - app.kubernetes.io/managed-by: argocd -spec: - resources: - requests: - storage: 10Gi - storageClassName: longhorn - volumeMode: Filesystem - accessModes: - - ReadWriteOnce diff --git a/cloud/workloads/foundry-deployment.yaml b/cloud/workloads/foundry-deployment.yaml deleted file mode 100644 index 2d4a6bc..0000000 --- a/cloud/workloads/foundry-deployment.yaml +++ /dev/null @@ -1,128 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: foundry - labels: - app.kubernetes.io/name: foundry - app.kubernetes.io/component: foundry - app.kubernetes.io/instance: foundry - app.kubernetes.io/managed-by: argocd -spec: - strategy: - type: Recreate - selector: - matchLabels: - app.kubernetes.io/name: foundry - app.kubernetes.io/component: foundry - app.kubernetes.io/instance: foundry - app.kubernetes.io/managed-by: argocd - template: - metadata: - labels: - app.kubernetes.io/name: foundry - app.kubernetes.io/component: foundry - app.kubernetes.io/instance: foundry - app.kubernetes.io/managed-by: argocd - spec: - hostname: foundry - automountServiceAccountToken: false - securityContext: - runAsNonRoot: true - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 421 - fsGroupChangePolicy: OnRootMismatch - seccompProfile: - type: RuntimeDefault - volumes: - - name: tmp - emptyDir: {} - - name: aws-config - secret: - secretName: foundry-settings - items: - - key: awsConfig.json - path: awsConfig.json - - name: data - persistentVolumeClaim: - claimName: foundry-data-pvc - containers: - - name: foundry - image: felddy/foundryvtt:12.331.0 # renovate - resources: - requests: - cpu: 40m - memory: 512Mi - limits: - memory: 512Mi - env: - - name: FOUNDRY_USERNAME - valueFrom: - secretKeyRef: - key: foundry-username - name: foundry-credentials - - name: FOUNDRY_PASSWORD - valueFrom: - secretKeyRef: - key: foundry-password - name: foundry-credentials - - name: FOUNDRY_LICENSE_KEY - valueFrom: - secretKeyRef: - key: foundry-license-key - name: foundry-licenses - - name: FOUNDRY_ADMIN_KEY - valueFrom: - secretKeyRef: - key: admin-key - name: foundry-settings - - name: CONTAINER_URL_FETCH_RETRY - value: "3" - - name: FOUNDRY_AWS_CONFIG - value: "/home/foundry/aws/awsConfig.json" - - name: FOUNDRY_HOSTNAME - value: vtt.code-and-quest.de - - name: FOUNDRY_LOCAL_HOSTNAME - value: vtt.code-and-quest.de - - name: FOUNDRY_MINIFY_STATIC_FILES - value: "true" - - name: FOUNDRY_PROXY_PORT - value: "443" - - name: FOUNDRY_PROXY_SSL - value: "true" - - name: FOUNDRY_TELEMETRY - value: "true" - - name: FOUNDRY_WORLD - value: "danddhard" - livenessProbe: - initialDelaySeconds: 600 - failureThreshold: 10 - periodSeconds: 300 - httpGet: - path: / - port: http - readinessProbe: - initialDelaySeconds: 30 - httpGet: - path: / - port: http - volumeMounts: - - mountPath: /data - name: data - - mountPath: /tmp - name: tmp - - mountPath: /home/foundry/aws - name: aws-config - ports: - - containerPort: 30000 - name: http - protocol: TCP - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: false - seccompProfile: - type: RuntimeDefault - runAsUser: 0 - runAsGroup: 0 - runAsNonRoot: false