c39465c2bd
Some checks failed
Test / test (push) Has been cancelled
Co-authored-by: Cursor <cursoragent@cursor.com>
231 lines
6.5 KiB
Bash
Executable File
231 lines
6.5 KiB
Bash
Executable File
#!/bin/bash
|
|
source ~/.bashrc
|
|
# Configure GitOps Workflows (Flux) on K3s Cluster
|
|
|
|
set -euo pipefail
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
|
|
|
|
# Load environment variables
|
|
if [ -f "$PROJECT_ROOT/.env" ]; then
|
|
set -a
|
|
source <(grep -v '^#' "$PROJECT_ROOT/.env" | grep -v '^$' | sed 's/#.*$//' | grep '=')
|
|
set +a
|
|
fi
|
|
|
|
# Colors
|
|
RED='\033[0;31m'
|
|
GREEN='\033[0;32m'
|
|
YELLOW='\033[1;33m'
|
|
BLUE='\033[0;34m'
|
|
NC='\033[0m'
|
|
|
|
log_info() {
|
|
echo -e "${GREEN}[INFO]${NC} $1"
|
|
}
|
|
|
|
log_warn() {
|
|
echo -e "${YELLOW}[WARN]${NC} $1"
|
|
}
|
|
|
|
log_error() {
|
|
echo -e "${RED}[ERROR]${NC} $1"
|
|
}
|
|
|
|
VM_USER="${VM_USER:-ubuntu}"
|
|
SSH_KEY="${SSH_KEY:-$HOME/.ssh/id_ed25519_proxmox}"
|
|
VMID=101
|
|
VM_NAME="k3s-master"
|
|
GIT_REPO="${GIT_REPO:-http://192.168.1.121:3000/hc-stack/gitops.git}"
|
|
GIT_BRANCH="${GIT_BRANCH:-main}"
|
|
GIT_PATH="${GIT_PATH:-gitops/}"
|
|
|
|
# Import helper library
|
|
if [ -f "$PROJECT_ROOT/scripts/lib/proxmox_vm_helpers.sh" ]; then
|
|
source "$PROJECT_ROOT/scripts/lib/proxmox_vm_helpers.sh"
|
|
else
|
|
log_error "Helper library not found"
|
|
exit 1
|
|
fi
|
|
|
|
main() {
|
|
log_info "Configuring GitOps Workflows on VM $VMID ($VM_NAME)"
|
|
echo ""
|
|
|
|
# Get IP using guest agent
|
|
local ip
|
|
ip="$(get_vm_ip_or_warn "$VMID" "$VM_NAME" || true)"
|
|
|
|
if [[ -z "$ip" ]]; then
|
|
log_error "Cannot get IP for VM $VMID. Ensure SSH is working and QEMU Guest Agent is installed."
|
|
exit 1
|
|
fi
|
|
|
|
log_info "Using IP: $ip"
|
|
echo ""
|
|
|
|
# Check K3s installation
|
|
log_info "Checking K3s installation..."
|
|
if ! ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no "${VM_USER}@${ip}" "sudo kubectl version --client" &>/dev/null; then
|
|
log_error "K3s/kubectl not found. Please install K3s first."
|
|
exit 1
|
|
fi
|
|
log_info "K3s is installed"
|
|
|
|
# Install Flux CLI
|
|
log_info "Installing Flux CLI..."
|
|
ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no "${VM_USER}@${ip}" <<'EOF'
|
|
set -e
|
|
if ! command -v flux &>/dev/null; then
|
|
curl -s https://fluxcd.io/install.sh | sudo bash
|
|
flux --version
|
|
else
|
|
echo "Flux CLI already installed"
|
|
flux --version
|
|
fi
|
|
EOF
|
|
|
|
# Check if Flux is already installed
|
|
log_info "Checking if Flux is already installed..."
|
|
if ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no "${VM_USER}@${ip}" "sudo kubectl get namespace flux-system" &>/dev/null; then
|
|
log_warn "Flux is already installed. Skipping installation."
|
|
else
|
|
# Install Flux
|
|
log_info "Installing Flux in K3s cluster..."
|
|
ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no "${VM_USER}@${ip}" <<'EOF'
|
|
set -e
|
|
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
|
|
sudo flux install --components=source-controller,kustomize-controller,helm-controller,notification-controller
|
|
EOF
|
|
log_info "Waiting for Flux to be ready..."
|
|
sleep 10
|
|
fi
|
|
|
|
# Create Git repository secret (if using HTTPS with token)
|
|
log_info "Configuring Git repository access..."
|
|
log_warn "Note: For Gitea, you may need to create a token and configure authentication"
|
|
|
|
# For now, we'll set up a basic GitRepository source
|
|
# User will need to configure authentication based on their setup
|
|
ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no "${VM_USER}@${ip}" <<EOF
|
|
set -e
|
|
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
|
|
|
|
# Create namespace for applications if it doesn't exist
|
|
sudo kubectl create namespace blockchain --dry-run=client -o yaml | sudo kubectl apply -f -
|
|
sudo kubectl create namespace monitoring --dry-run=client -o yaml | sudo kubectl apply -f -
|
|
sudo kubectl create namespace hc-stack --dry-run=client -o yaml | sudo kubectl apply -f -
|
|
|
|
# Create GitRepository source
|
|
cat <<'GITREPO' | sudo kubectl apply -f -
|
|
apiVersion: source.toolkit.fluxcd.io/v1beta2
|
|
kind: GitRepository
|
|
metadata:
|
|
name: gitops-repo
|
|
namespace: flux-system
|
|
spec:
|
|
interval: 1m
|
|
url: $GIT_REPO
|
|
ref:
|
|
branch: $GIT_BRANCH
|
|
ignore: |
|
|
# Exclude certain paths
|
|
.git/
|
|
.github/
|
|
docs/
|
|
scripts/
|
|
GITREPO
|
|
EOF
|
|
|
|
log_info "GitRepository source created"
|
|
log_warn "If your Git repository requires authentication, you'll need to:"
|
|
log_info "1. Create a Git token in Gitea"
|
|
log_info "2. Create a secret: kubectl create secret generic gitops-repo-auth \\"
|
|
log_info " --from-literal=username=<username> \\"
|
|
log_info " --from-literal=password=<token> \\"
|
|
log_info " -n flux-system"
|
|
log_info "3. Update GitRepository to reference the secret"
|
|
echo ""
|
|
|
|
# Create Kustomization for infrastructure
|
|
log_info "Creating Kustomization for infrastructure..."
|
|
ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no "${VM_USER}@${ip}" <<'EOF'
|
|
set -e
|
|
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
|
|
|
|
cat <<'KUSTOMIZATION' | sudo kubectl apply -f -
|
|
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
|
kind: Kustomization
|
|
metadata:
|
|
name: infrastructure
|
|
namespace: flux-system
|
|
spec:
|
|
interval: 5m
|
|
path: ./gitops/infrastructure
|
|
prune: true
|
|
sourceRef:
|
|
kind: GitRepository
|
|
name: gitops-repo
|
|
validation: client
|
|
KUSTOMIZATION
|
|
EOF
|
|
|
|
# Create Kustomization for applications
|
|
log_info "Creating Kustomization for applications..."
|
|
ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no "${VM_USER}@${ip}" <<'EOF'
|
|
set -e
|
|
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
|
|
|
|
cat <<'KUSTOMIZATION' | sudo kubectl apply -f -
|
|
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
|
kind: Kustomization
|
|
metadata:
|
|
name: applications
|
|
namespace: flux-system
|
|
spec:
|
|
interval: 5m
|
|
path: ./gitops/apps
|
|
prune: true
|
|
sourceRef:
|
|
kind: GitRepository
|
|
name: gitops-repo
|
|
validation: client
|
|
KUSTOMIZATION
|
|
EOF
|
|
|
|
# Wait for reconciliation
|
|
log_info "Waiting for Flux to reconcile..."
|
|
sleep 10
|
|
|
|
# Check Flux status
|
|
log_info "Checking Flux status..."
|
|
ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no "${VM_USER}@${ip}" <<'EOF'
|
|
set -e
|
|
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
|
|
|
|
echo "=== Flux Components ==="
|
|
sudo kubectl get pods -n flux-system
|
|
|
|
echo ""
|
|
echo "=== GitRepository Status ==="
|
|
sudo kubectl get gitrepository -n flux-system
|
|
|
|
echo ""
|
|
echo "=== Kustomization Status ==="
|
|
sudo kubectl get kustomization -n flux-system
|
|
EOF
|
|
|
|
log_info "✓ GitOps workflows configured!"
|
|
echo ""
|
|
log_info "Next steps:"
|
|
log_info "1. Ensure your Git repository is accessible from the cluster"
|
|
log_info "2. Configure authentication if required (see warnings above)"
|
|
log_info "3. Push your GitOps manifests to: $GIT_REPO"
|
|
log_info "4. Monitor reconciliation: kubectl get kustomization -n flux-system"
|
|
log_info "5. View logs: kubectl logs -n flux-system -l app=kustomize-controller"
|
|
}
|
|
|
|
main "$@"
|
|
|