diff --git a/cluster/apps/harbor/harbor-ingress.yaml b/cluster/apps/harbor/harbor-ingress.yaml deleted file mode 100644 index dfbdd88..0000000 --- a/cluster/apps/harbor/harbor-ingress.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: harbor-core-ingress - namespace: harbor - annotations: - cert-manager.io/cluster-issuer: letsencrypt-production - traefik.ingress.kubernetes.io/router.entrypoints: websecure -spec: - rules: - - host: &host "oci.${SECRET_NEW_DOMAIN}" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: harbor - port: - number: 80 - tls: - - hosts: - - *host - secretName: wildcard-main-tls \ No newline at end of file diff --git a/cluster/apps/harbor/harbor-pv.yaml b/cluster/apps/harbor/harbor-pv.yaml deleted file mode 100644 index 367a113..0000000 --- a/cluster/apps/harbor/harbor-pv.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: harbor-pv - namespace: harbor -spec: - storageClassName: hostpath - persistentVolumeReclaimPolicy: Retain - capacity: - storage: 5Gi - accessModes: - - ReadWriteOnce - hostPath: - path: "/mnt/MainPool/Kubernetes/harbor" ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: harbor-pv-claim - namespace: harbor -spec: - storageClassName: hostpath - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 5Gi \ No newline at end of file diff --git a/cluster/apps/harbor/harbor.sops.yaml b/cluster/apps/harbor/harbor.sops.yaml deleted file mode 100644 index 9ceb81e..0000000 --- a/cluster/apps/harbor/harbor.sops.yaml +++ /dev/null @@ -1,64 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: harbor-secret - namespace: harbor -stringData: - REGISTRY_STORAGE_S3_ACCESSKEY: ENC[AES256_GCM,data:1k2KYsDvvQs=,iv:6GEFFeLSKH8+QxDg3rLR7q9h0jglYU4ou1byklt2x8w=,tag:JjFAs/3jsVhSBGJmbul4iQ==,type:str] - REGISTRY_STORAGE_S3_SECRETKEY: ENC[AES256_GCM,data:0U40z0y7vn2wPPyGt0dYQx80QuGoj7Ni/uJMtHgrc5U=,iv:YX9acsf2G2B4RLnGez6VLD2UiwKFIqhz2X4S+uTyX50=,tag:hVJVh2aSpVz22BjGGcPOuA==,type:str] - #ENC[AES256_GCM,data:JGk1Br4y3LKLTdPHRD4F+hwP,iv:rzYB5JF0SeE9BWwp5btZABpfHgqKfQukXpXAa0Dy2A0=,tag:K9pJFFtcDhmrE4SfYlivwg==,type:comment] - password: ENC[AES256_GCM,data:XkJEhaoRRSlxbKP94GN8dIZbj8KCwZFkcpgWNjn4vZE=,iv:Bi0D/T1izvN+l8LoZDwyUrcoN1ViS2Q6ambq2xyJFk8=,tag:ojUu0VOdnXJjbsb0XigkDg==,type:str] - REDIS_PASSWORD: ENC[AES256_GCM,data:8kEbWelcGhd4v/yewnM4QshW2hzx+VWX2iFE76sKhYc=,iv:kbGieMQhMbml2SIznBX1pTncnSaxdsZ0PUynCECpjyU=,tag:HfRJA+P57IzpxuFtKD+tTg==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-04-16T05:54:57Z" - mac: ENC[AES256_GCM,data:c4DP6+KnDOXYubNbf5NqVZPxBik0a0BDiKqNLqm5dlNqjReeQFMa5BJxENelMwLMH2T/pHZ40i1UVfkTDbsy//+oWgUwZDcmN4MVDC+Y0nPqgF48K6obxJ0XgNg5tDqPWyxTMJuslMP3QDCZVyBWODb51Zzfwpd6fuiBogKdlBM=,iv:JiHRd3tFLg+UKcRfKlnyK6CEK6K6EAe/QNc0lm4Lf4w=,tag:wkt+kX3I//yN1Ob2+aiw5A==,type:str] - pgp: - - created_at: "2023-06-19T18:35:58Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMAzKleRwoSoixAQ/8DxiD1YIAVNgg45XOY/mTWNfWy/IScUmkxdRygygmPEEX - OWU4sR7fW44U0hNRbWZX0Rl99ifn//eAjbTX9vnEj50de5dHW8r17piOaPtYEOqa - 5woX+O+VgHCw9KM1rao8w34EZEeHKinXYiDhPrlZ3w2UFU+Jzi2DM+n2+dLhpxUU - QUYn3l3e/igLo00rA3/HzxRF2U0OaAtbnRENkSpOblAjdlrSpTFRmdvsw6F7RRO1 - ddVFaVu7+EewH4YEerrP1VeZyuQ5wtSCrGqYNbuDko6/kizAz02JRbTNlPmCVqeI - liBIz6DJQWZe+6aN0cARBRi+POP/mFY/aL87vL7n13Oz8OLVwc5nb5ZXWZrJguEb - SRIX3m5gR24MIg0y5J0VzE4XQeJHhHv2CFptXqDATi8z05gmgYAaaO63KMh4Ztgw - Q9KLyT6RV2ipoUdwE0t+aY5JqKXlIj5iYhLkdkGrVZ5DJWYnxQThZJeE0oEGI7Xa - xNxJHONCuOTXXcS8wIpCsHAMKq2CjCa4PT2vGFsgoN5AL/DoU6M44T/YQpBG3vDA - /y8AVv6+jhp42iWWlkmqkjhlqOZbRrTqYaQTsMTSdZ5USE+p94TujFcaDWl40tkz - lY52y8sQ9iL2MmE2c6VqLvKK4zL/PbOxp8Hmq0wknoFrltJ8ln1PqN8xWYn/IHbU - aAEJAhBewFZNfVPgYFQF08q2PxaL5f12yeeDV/r6x66+INJixSFn2KAT8l9B4r3f - PMQRIj5HAwVu1pHh02dSqApy5nSFCapxonxFFEhyp5sFnTIAJIYrtOp3qlGiC+DF - ISEsf0H2tK5G - =1vmu - -----END PGP MESSAGE----- - fp: 2CC2B3631D5C3393901335DB68F95C5D753EE1E5 - - created_at: "2023-06-19T18:35:58Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMAy5t8IMoPu4VAQ/7BEeLXvCMGrx5tmkipqFlu3z8ERLJ53uqLobFgevs0Cjw - gMnC74vQned+UFqwygWYjE1uAmZAx1MEZN64wPKBbin7wpcgdFl5b0BFGr1CoruG - tMlvWOtQMfJOPkAAwltqdkYrHMqjYuK8c5UD7k/X7cbf9zviN9L74JdwWrR8/EOO - WfhreYnGTyMRIw7nHE+lDoOt0SsW0e/N3beuWZEcYlkYaWQxwMKnNIfOpoyJqIcM - KpFTYVLsOGu5BJL6yWGfMFZ3FH/cwbWxOS11I7nVZVHHrQNRyMt/9vomU7+tpye3 - XW+BESYEyHb7c+8t0zW3Vf7PfBYl434fy5qh3QY1qZPzf0AJeF+am19moebmNmO/ - ZEi4avaefM7a7ruTbqKJJBMTqfR9Lc/XpTKcmCWyTYu/NGYxJn3CPaXoxyd94PVi - UD0caq8xdoDsszlI/iCv0A83CXV8THOT0Ak+vaMYLJ9FsxlTyL8ApcrhV3X7pgTT - GOCtPTe5cq1PxIyWnzynBwwbc9iIVduXgrjkbTZrri78T6ySGoj+G4m2CpXFibV5 - QLoom4t13UROPrFpiPlwHb/yMYIds32FhFuW8wEzd8LXal2U1TgRYu0qa6GmGRqy - qkPGuKIZb6ahtJm7rRN6Kd8CuUQo3pV+YwX2ljHde8H3tDeUJijJPAgwZVk5kXLU - aAEJAhBA2OUNkgAOFcVgrrym90PW+PnTP2oFLwngZIg5izvCyhTXRoL7D1j/blhx - 1EDzHzqQKmNoEN46y+sgbJMu9MzjahE7CfcoTCYs3A69eFiD/y6cfY4t/yBMFzWr - LDYnqh+p0PBC - =sfsx - -----END PGP MESSAGE----- - fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D - encrypted_regex: ^(data|stringData)$ - version: 3.7.3 diff --git a/cluster/apps/harbor/helm-release.yaml b/cluster/apps/harbor/helm-release.yaml deleted file mode 100644 index 0b6839a..0000000 --- a/cluster/apps/harbor/helm-release.yaml +++ /dev/null @@ -1,85 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2beta2 -kind: HelmRelease -metadata: - name: harbor - namespace: harbor -spec: - interval: 5m - chart: - spec: - chart: harbor - version: 1.14.x - sourceRef: - kind: HelmRepository - name: harbor-charts - namespace: flux-system - - values: - logLevel: debug - - expose: - type: clusterIP - - tls: - enabled: false -# secret: -# secretName: wildcard-main-tls -# notarySecretName: wildcard-main-tls -# -# ingress: -# hosts: -# core: oci.${SECRET_NEW_DOMAIN} -# notary: charts.${SECRET_NEW_DOMAIN} -# -# annotations: -# cert-manager.io/cluster-issuer: letsencrypt-production -# traefik.ingress.kubernetes.io/router.entrypoints: websecure - - persistence: - persistentVolumeClaim: - registry: - existingClaim: harbor-pv-claim - subPath: "registry/" - jobservice: - jobLog: - existingClaim: harbor-pv-claim - subPath: "jobservice/" - -# trivy: -# existingClaim: -# subPath: "trivy/" - - imageChartStorage: - type: s3 - s3: - bucket: harbor - existingSecret: "harbor-secret" - regionendpoint: https://s3.seanomik.net:9000 - - notary: - enabled: false - - trivy: - enabled: false - - database: - type: external - external: - host: "postgresql.database" - port: "5432" - username: "k3spostgresql" - existingSecret: "harbor-secret" - coreDatabase: "harbor-registry" - - redis: - type: external - external: - addr: "redis-master.database:6379" - username: "" - existingSecret: "harbor-secret" - - metrics: - enabled: true - - serviceMonitor: - enabled: true \ No newline at end of file diff --git a/cluster/apps/harbor/helm-repository.yaml b/cluster/apps/harbor/helm-repository.yaml deleted file mode 100644 index 4985cab..0000000 --- a/cluster/apps/harbor/helm-repository.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: source.toolkit.fluxcd.io/v1beta2 -kind: HelmRepository -metadata: - name: harbor-charts - namespace: flux-system -spec: - interval: 1m - url: https://helm.goharbor.io \ No newline at end of file diff --git a/cluster/apps/harbor/kustomization.yaml b/cluster/apps/harbor/kustomization.yaml deleted file mode 100644 index 2b55b69..0000000 --- a/cluster/apps/harbor/kustomization.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: -- ./namespace.yaml -- ./harbor.sops.yaml -- ./harbor-pv.yaml -- ./helm-repository.yaml -- ./helm-release.yaml -- ./harbor-ingress.yaml \ No newline at end of file diff --git a/cluster/apps/harbor/namespace.yaml b/cluster/apps/harbor/namespace.yaml deleted file mode 100644 index 2185bd7..0000000 --- a/cluster/apps/harbor/namespace.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: harbor - labels: - name: harbor \ No newline at end of file