feat: add longhorn

cluster/core/storage/kustomization.yaml

@@ -1,5 +1,5 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
-resources: []
-#- ./longhorn
+resources:
+- ./longhorn
 #- ./local-path-provisioner

cluster/core/storage/longhorn/helm-release.yaml

@@ -0,0 +1,32 @@
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: longhorn
+  namespace: longhorn-system
+spec:
+  interval: 5m
+  chart:
+    spec:
+      chart: longhorn
+      version: "1.5.1"
+      sourceRef:
+        kind: HelmRepository
+        name: longhorn-charts
+        namespace: flux-system
+
+  values:
+    longhornUI:
+      replicas: 1
+
+    ingress:
+      enabled: true
+      annotations:
+        cert-manager.io/cluster-issuer: letsencrypt-production
+        traefik.ingress.kubernetes.io/router.entrypoints: websecure
+        traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
+      host: lnghrn.${SECRET_NEW_DOMAIN}
+      tls: true
+      tlsSecret: wildcard-main-tls
+
+    persistence:
+      defaultClassReplicaCount: 1 # TODO: When the cluster expands, expand the replica count

cluster/core/storage/longhorn/helm-repository.yaml

@@ -0,0 +1,8 @@
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: HelmRepository
+metadata:
+  name: longhorn-charts
+  namespace: flux-system
+spec:
+  interval: 1m
+  url: https://charts.longhorn.io

cluster/core/storage/longhorn/helm.yaml

@@ -1,178 +0,0 @@
-apiVersion: source.toolkit.fluxcd.io/v1beta2
-kind: HelmRepository
-metadata:
-  name: longhorn-charts
-  namespace: flux-system
-spec:
-  interval: 1m
-  url: https://charts.longhorn.io
----
-apiVersion: source.toolkit.fluxcd.io/v1beta2
-kind: HelmRepository
-metadata:
-  name: kyverno-charts
-  namespace: flux-system
-spec:
-  interval: 1m
-  url: https://kyverno.github.io/kyverno
----
-apiVersion: source.toolkit.fluxcd.io/v1beta2
-kind: HelmRepository
-metadata:
-  name: raw-charts
-  namespace: flux-system
-spec:
-  interval: 1m
-  url: https://buttahtoast.github.io/helm-charts/
----
-# ================= Release for longhorn =================
-apiVersion: helm.toolkit.fluxcd.io/v2beta1
-kind: HelmRelease
-metadata:
-  name: longhorn
-  namespace: longhorn-system
-spec:
-  interval: 5m
-  chart:
-    spec:
-      chart: longhorn
-      version: '1.4.x'
-      sourceRef:
-        kind: HelmRepository
-        name: longhorn-charts
-        namespace: flux-system
-      interval: 1m
----
-# ================= Release for kyverno =================
-apiVersion: helm.toolkit.fluxcd.io/v2beta1
-kind: HelmRelease
-metadata:
-  name: kyverno
-  namespace: longhorn-system
-spec:
-  interval: 5m
-  chart:
-    spec:
-      chart: kyverno
-      version: '2.6.x'
-      sourceRef:
-        kind: HelmRepository
-        name: kyverno-charts
-        namespace: flux-system
-      interval: 1m
----
-# ================= Release for incubator/raw =================
-#apiVersion: helm.toolkit.fluxcd.io/v2beta1
-#kind: HelmRelease
-#metadata:
-#  name: raw
-#  namespace: longhorn-system
-#spec:
-#  interval: 5m
-#  dependsOn:
-#    - name: kyverno
-#      namespace: longhorn-system
-#  chart:
-#    spec:
-#      chart: raw
-#      version: '2.0.0'
-#      sourceRef:
-#        kind: HelmRepository
-#        name: raw-charts
-#        namespace: flux-system
-#      interval: 1m
-#  values:
-#    resources:
-#      - apiVersion: v1
-#        kind: ConfigMap
-#        metadata:
-#          name: longhorn-custom-path
-#          namespace: longhorn-system
-#        data:
-#          PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin
-#      - apiVersion: kyverno.io/v1
-#        kind: ClusterPolicy
-#        metadata:
-#          name: add-host-path-to-longhorn
-#          annotations:
-#            policies.kyverno.io/title: Add Environment Variables from ConfigMap
-#            policies.kyverno.io/subject: Pod
-#            policies.kyverno.io/category: Other
-#            policies.kyverno.io/description: >-
-#              Longhorn invokes executables on the host system, and needs
-#              to be aware of the host systems PATH. This modifies all
-#              deployments such that the PATH is explicitly set to support
-#              NixOS based systems.
-#        spec:
-#          rules:
-#            - name: add-env-vars
-#              match:
-#                resources:
-#                  kinds:
-#                    - Pod
-#                  namespaces:
-#                    - longhorn-system
-#              mutate:
-#                patchStrategicMerge:
-#                  spec:
-#                    initContainers:
-#                      - (name): "*"
-#                        envFrom:
-#                          - configMapRef:
-#                              name: longhorn-custom-path
-#                    containers:
-#                      - (name): "*"
-#                        envFrom:
-#                          - configMapRef:
-#                              name: longhorn-custom-path
-
-
-
-
-
-
-
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: longhorn-custom-path
-  namespace: longhorn-system
-data:
-  PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin
----
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: add-host-path-to-longhorn
-  annotations:
-    policies.kyverno.io/title: Add Environment Variables from ConfigMap
-    policies.kyverno.io/subject: Pod
-    policies.kyverno.io/category: Other
-    policies.kyverno.io/description: >-
-      Longhorn invokes executables on the host system, and needs
-      to be aware of the host systems PATH. This modifies all
-      deployments such that the PATH is explicitly set to support
-      NixOS based systems.
-spec:
-  rules:
-    - name: add-env-vars
-      match:
-        resources:
-          kinds:
-            - Pod
-          namespaces:
-            - longhorn-system
-      mutate:
-        patchStrategicMerge:
-          spec:
-            initContainers:
-              - (name): "*"
-                envFrom:
-                  - configMapRef:
-                      name: longhorn-custom-path
-            containers:
-              - (name): "*"
-                envFrom:
-                  - configMapRef:
-                      name: longhorn-custom-path

cluster/core/storage/longhorn/ingress.yaml

@@ -1,20 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: longhorn-ingress
-  namespace: longhorn-system
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-production
-    traefik.ingress.kubernetes.io/router.entrypoints: websecure
-spec:
-  rules:
-    - host: "longhorn.${SECRET_DOMAIN}"
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: longhorn
-                port:
-                  number: 80

cluster/core/storage/longhorn/kustomization.yaml

@@ -2,5 +2,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
 - ./namespace.yaml
-- ./helm.yaml
-- ./ingress.yaml
+- ./helm-repository.yaml
+- ./helm-release.yaml

cluster/core/storage/longhorn/namespace.yaml

@@ -1,4 +1,6 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: longhorn-system
+  name: longhorn-system
+  labels:
+    name: longhorn-system