diff --git a/_app-of-apps.yaml b/_app-of-apps-eu.yaml similarity index 96% rename from _app-of-apps.yaml rename to _app-of-apps-eu.yaml index 3e4fb9e..311556d 100644 --- a/_app-of-apps.yaml +++ b/_app-of-apps-eu.yaml @@ -20,7 +20,7 @@ spec: source: repoURL: git@github.com:fortedigital/sturdy-adventure.git targetRevision: HEAD - path: infra + path: infra/overlays/eu destination: server: https://kubernetes.default.svc namespace: default diff --git a/_app-of-apps-us.yaml b/_app-of-apps-us.yaml new file mode 100644 index 0000000..95317b3 --- /dev/null +++ b/_app-of-apps-us.yaml @@ -0,0 +1,32 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: monitoring + annotations: + argocd.argoproj.io/sync-wave: "-1" +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: infrastructure-apps + namespace: argocd + labels: + app.kubernetes.io/name: infrastructure-apps + app.kubernetes.io/part-of: platform + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + source: + repoURL: git@github.com:fortedigital/sturdy-adventure.git + targetRevision: HEAD + path: infra/overlays/us + destination: + server: https://kubernetes.default.svc + namespace: default + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/apps/argo-mcp.yaml b/apps/base/argo-mcp.yaml similarity index 100% rename from apps/argo-mcp.yaml rename to apps/base/argo-mcp.yaml diff --git a/apps/dot-ai-stack.yaml b/apps/base/dot-ai-stack.yaml similarity index 73% rename from apps/dot-ai-stack.yaml rename to apps/base/dot-ai-stack.yaml index b048233..f322e35 100644 --- a/apps/dot-ai-stack.yaml +++ b/apps/base/dot-ai-stack.yaml @@ -27,29 +27,19 @@ metadata: spec: project: default - source: - repoURL: ghcr.io/vfarcic/dot-ai-stack/charts + sources: + - repoURL: ghcr.io/vfarcic/dot-ai-stack/charts chart: dot-ai-stack targetRevision: "0.56.0" - helm: releaseName: dot-ai-stack - values: | - dot-ai: - ingress: - enabled: true - className: traefik - host: kubemcp.forteapps.net - webUI: - baseUrl: http://kubemcpui.forteapps.net - dot-ai-ui: - uiAuth: - secretRef: - name: dot-ai-secrets - ingress: - enabled: true - className: traefik - host: kubemcpui.forteapps.net + valueFiles: + - $values/infra/values/base/dot-ai-stack-values.yaml + - $values/infra/values/eu/dot-ai-stack-values.yaml + + - repoURL: git@github.com:fortedigital/sturdy-adventure.git + targetRevision: HEAD + ref: values destination: server: https://kubernetes.default.svc diff --git a/apps/base/kustomization.yaml b/apps/base/kustomization.yaml new file mode 100644 index 0000000..3cc3d12 --- /dev/null +++ b/apps/base/kustomization.yaml @@ -0,0 +1,8 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- dot-ai-stack.yaml +- mcp10x.yaml +- musicman.yaml +- mcpcoder.yaml +- argo-mcp.yaml diff --git a/apps/mcp10x.yaml b/apps/base/mcp10x.yaml similarity index 100% rename from apps/mcp10x.yaml rename to apps/base/mcp10x.yaml diff --git a/apps/mcpcoder.yaml b/apps/base/mcpcoder.yaml similarity index 100% rename from apps/mcpcoder.yaml rename to apps/base/mcpcoder.yaml diff --git a/apps/musicman.yaml b/apps/base/musicman.yaml similarity index 100% rename from apps/musicman.yaml rename to apps/base/musicman.yaml diff --git a/apps/overlays/eu/kustomization.yaml b/apps/overlays/eu/kustomization.yaml new file mode 100644 index 0000000..ea393bf --- /dev/null +++ b/apps/overlays/eu/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- ../../base + +# No patches needed — base already has "eu" paths +# EU is the default/base cluster diff --git a/apps/overlays/us/kustomization.yaml b/apps/overlays/us/kustomization.yaml new file mode 100644 index 0000000..0c93339 --- /dev/null +++ b/apps/overlays/us/kustomization.yaml @@ -0,0 +1,14 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- ../../base + +patches: +# dot-ai-stack: swap eu → us +- target: + kind: Application + name: dot-ai-stack + patch: | + - op: replace + path: /spec/sources/0/helm/valueFiles/1 + value: $values/infra/values/us/dot-ai-stack-values.yaml diff --git a/bootstrap.sh b/bootstrap.sh index 88c4473..381dfbd 100644 --- a/bootstrap.sh +++ b/bootstrap.sh @@ -2,7 +2,14 @@ # in case of $'\r': command not found error, run command below first # sed -i 's/\r$//' ./bootstrap.sh -echo "running $0..." +CLUSTER="${1:?Usage: ./bootstrap.sh (eu|us)}" + +echo "running $0 for cluster: ${CLUSTER}..." + +# Source cluster config +eval $(yq e 'to_entries | .[] | "export " + .key + "=\"" + .value + "\""' "clusters/${CLUSTER}.yaml") + +echo "Bootstrapping cluster: ${clusterName} (${CLUSTER})..." ############################################################ # Bootstrap # @@ -31,15 +38,15 @@ ArgoCd() { # install argocd echo "Installing ArgoCD..." - CLUSTER_NAME="${CLUSTER_NAME:-dev-fd-no-svg1}" helm upgrade --install argocd argo-cd \ --repo https://argoproj.github.io/argo-helm \ --namespace argocd --create-namespace \ - --values infra/values/argocd-values.yaml \ - --set notifications.context.clusterName="$CLUSTER_NAME" \ + --values infra/values/base/argocd-values.yaml \ + --values "infra/values/${CLUSTER}/argocd-values.yaml" \ + --set notifications.context.clusterName="${clusterName}" \ --timeout 60s --atomic - kubectl apply -f _app-of-apps.yaml -n argocd + kubectl apply -f "_app-of-apps-${CLUSTER}.yaml" -n argocd } Bootstrap diff --git a/clusters/eu.yaml b/clusters/eu.yaml new file mode 100644 index 0000000..8c02662 --- /dev/null +++ b/clusters/eu.yaml @@ -0,0 +1,10 @@ +clusterName: dev-fd-eu-no-svg1 +domain: forteapps.net +argocdDomain: argocd.127.0.0.1.nip.io +grafanaDomain: grafana.forteapps.net +keycloakDomain: id.forteapps.net +dotaiDomain: kubemcp.forteapps.net +dotaiUiDomain: kubemcpui.forteapps.net +letsencryptEmail: danijels@gmail.com +trustedIPs: "172.16.1.0/24" +cloudProvider: upcloud diff --git a/clusters/us.yaml b/clusters/us.yaml new file mode 100644 index 0000000..98a3a3c --- /dev/null +++ b/clusters/us.yaml @@ -0,0 +1,10 @@ +clusterName: dev-fd-us-east1 +domain: us.forteapps.net +argocdDomain: argocd.us.forteapps.net +grafanaDomain: grafana.us.forteapps.net +keycloakDomain: id.us.forteapps.net +dotaiDomain: kubemcp.us.forteapps.net +dotaiUiDomain: kubemcpui.us.forteapps.net +letsencryptEmail: danijels@gmail.com +trustedIPs: "10.0.0.0/16" +cloudProvider: tbd diff --git a/infra/cert-manager-application.yaml b/infra/base/cert-manager-application.yaml similarity index 100% rename from infra/cert-manager-application.yaml rename to infra/base/cert-manager-application.yaml diff --git a/infra/cluster-resources-application.yaml b/infra/base/cluster-resources-application.yaml similarity index 100% rename from infra/cluster-resources-application.yaml rename to infra/base/cluster-resources-application.yaml diff --git a/infra/enterprise-apps.yaml b/infra/base/enterprise-apps.yaml similarity index 96% rename from infra/enterprise-apps.yaml rename to infra/base/enterprise-apps.yaml index 0cce61e..5d0b5c3 100644 --- a/infra/enterprise-apps.yaml +++ b/infra/base/enterprise-apps.yaml @@ -18,7 +18,7 @@ spec: source: repoURL: git@github.com:fortedigital/sturdy-adventure.git targetRevision: HEAD - path: apps + path: apps/overlays/eu destination: server: https://kubernetes.default.svc namespace: apps diff --git a/infra/fluent-bit.yaml b/infra/base/fluent-bit.yaml similarity index 94% rename from infra/fluent-bit.yaml rename to infra/base/fluent-bit.yaml index 462665f..51cf40e 100644 --- a/infra/fluent-bit.yaml +++ b/infra/base/fluent-bit.yaml @@ -21,7 +21,7 @@ spec: helm: releaseName: fluent-bit valueFiles: - - $values/infra/values/fluent-bit-values.yaml + - $values/infra/values/base/fluent-bit-values.yaml - repoURL: git@github.com:fortedigital/sturdy-adventure.git targetRevision: HEAD diff --git a/infra/grafana.yaml b/infra/base/grafana.yaml similarity index 89% rename from infra/grafana.yaml rename to infra/base/grafana.yaml index 43d87c7..3261109 100644 --- a/infra/grafana.yaml +++ b/infra/base/grafana.yaml @@ -21,7 +21,8 @@ spec: helm: releaseName: grafana valueFiles: - - $values/infra/values/grafana-values.yaml + - $values/infra/values/base/grafana-values.yaml + - $values/infra/values/eu/grafana-values.yaml - repoURL: git@github.com:fortedigital/sturdy-adventure.git targetRevision: HEAD diff --git a/infra/keycloak.yaml b/infra/base/keycloak.yaml similarity index 89% rename from infra/keycloak.yaml rename to infra/base/keycloak.yaml index b5e00a0..a5f753f 100644 --- a/infra/keycloak.yaml +++ b/infra/base/keycloak.yaml @@ -21,7 +21,8 @@ spec: helm: releaseName: keycloak valueFiles: - - $values/infra/values/keycloak-values.yaml + - $values/infra/values/base/keycloak-values.yaml + - $values/infra/values/eu/keycloak-values.yaml - repoURL: git@github.com:fortedigital/sturdy-adventure.git targetRevision: HEAD diff --git a/infra/base/kustomization.yaml b/infra/base/kustomization.yaml new file mode 100644 index 0000000..adb38e1 --- /dev/null +++ b/infra/base/kustomization.yaml @@ -0,0 +1,17 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- traefik-application.yaml +- keycloak.yaml +- grafana.yaml +- cert-manager-application.yaml +- kyverno.yaml +- sealedsecrets.yaml +- prometheus.yaml +- loki.yaml +- fluent-bit.yaml +- trivy.yaml +- enterprise-apps.yaml +- cluster-resources-application.yaml +- kyverno-policies.yaml +- secrets.yaml diff --git a/infra/kyverno-policies.yaml b/infra/base/kyverno-policies.yaml similarity index 100% rename from infra/kyverno-policies.yaml rename to infra/base/kyverno-policies.yaml diff --git a/infra/kyverno.yaml b/infra/base/kyverno.yaml similarity index 100% rename from infra/kyverno.yaml rename to infra/base/kyverno.yaml diff --git a/infra/loki.yaml b/infra/base/loki.yaml similarity index 94% rename from infra/loki.yaml rename to infra/base/loki.yaml index 6d53444..9d90348 100644 --- a/infra/loki.yaml +++ b/infra/base/loki.yaml @@ -21,7 +21,7 @@ spec: helm: releaseName: loki valueFiles: - - $values/infra/values/loki-values.yaml + - $values/infra/values/base/loki-values.yaml - repoURL: git@github.com:fortedigital/sturdy-adventure.git targetRevision: HEAD diff --git a/infra/prometheus.yaml b/infra/base/prometheus.yaml similarity index 94% rename from infra/prometheus.yaml rename to infra/base/prometheus.yaml index b17436c..b6f01d0 100644 --- a/infra/prometheus.yaml +++ b/infra/base/prometheus.yaml @@ -21,7 +21,7 @@ spec: helm: releaseName: prometheus valueFiles: - - $values/infra/values/prometheus-values.yaml + - $values/infra/values/base/prometheus-values.yaml - repoURL: git@github.com:fortedigital/sturdy-adventure.git targetRevision: HEAD diff --git a/infra/sealedsecrets.yaml b/infra/base/sealedsecrets.yaml similarity index 100% rename from infra/sealedsecrets.yaml rename to infra/base/sealedsecrets.yaml diff --git a/infra/secrets.yaml b/infra/base/secrets.yaml similarity index 97% rename from infra/secrets.yaml rename to infra/base/secrets.yaml index ad1d8e9..8143603 100644 --- a/infra/secrets.yaml +++ b/infra/base/secrets.yaml @@ -18,7 +18,7 @@ spec: project: default source: repoURL: git@github.com:fortedigital/sturdy-adventure.git - path: secrets + path: secrets/eu destination: server: https://kubernetes.default.svc namespace: secrets diff --git a/infra/base/traefik-application.yaml b/infra/base/traefik-application.yaml new file mode 100644 index 0000000..b502e56 --- /dev/null +++ b/infra/base/traefik-application.yaml @@ -0,0 +1,51 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: traefik-system + annotations: + argocd.argoproj.io/sync-wave: "-1" +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: traefik + namespace: argocd + annotations: + argocd.argoproj.io/sync-wave: "1" + labels: + app.kubernetes.io/name: traefik + app.kubernetes.io/part-of: platform + app.kubernetes.io/managed-by: argocd + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + + sources: + - repoURL: https://traefik.github.io/charts + chart: traefik + targetRevision: "28.0.0" + helm: + releaseName: traefik + valueFiles: + - $values/infra/values/base/traefik-values.yaml + - $values/infra/values/eu/traefik-values.yaml + + - repoURL: git@github.com:fortedigital/sturdy-adventure.git + targetRevision: HEAD + ref: values + + destination: + server: https://kubernetes.default.svc + namespace: traefik-system + + syncPolicy: + automated: + prune: true + selfHeal: true + allowEmpty: false + + syncOptions: + - CreateNamespace=true + - Validate=true + - ServerSideApply=true diff --git a/infra/trivy.yaml b/infra/base/trivy.yaml similarity index 100% rename from infra/trivy.yaml rename to infra/base/trivy.yaml diff --git a/infra/overlays/eu/kustomization.yaml b/infra/overlays/eu/kustomization.yaml new file mode 100644 index 0000000..ea393bf --- /dev/null +++ b/infra/overlays/eu/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- ../../base + +# No patches needed — base already has "eu" paths +# EU is the default/base cluster diff --git a/infra/overlays/us/kustomization.yaml b/infra/overlays/us/kustomization.yaml new file mode 100644 index 0000000..902ae74 --- /dev/null +++ b/infra/overlays/us/kustomization.yaml @@ -0,0 +1,50 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- ../../base + +patches: +# Traefik: swap eu → us in valueFiles +- target: + kind: Application + name: traefik + patch: | + - op: replace + path: /spec/sources/0/helm/valueFiles/1 + value: $values/infra/values/us/traefik-values.yaml + +# Keycloak: swap eu → us +- target: + kind: Application + name: keycloak + patch: | + - op: replace + path: /spec/sources/0/helm/valueFiles/1 + value: $values/infra/values/us/keycloak-values.yaml + +# Grafana: swap eu → us +- target: + kind: Application + name: grafana + patch: | + - op: replace + path: /spec/sources/0/helm/valueFiles/1 + value: $values/infra/values/us/grafana-values.yaml + +# Secrets: change path to us +- target: + kind: Application + name: secrets + patch: | + - op: replace + path: /spec/source/path + value: secrets/us + +# Enterprise-apps: point to us overlay +- target: + kind: Application + name: enterprise-apps + patch: | + - op: replace + path: /spec/source/path + value: apps/overlays/us diff --git a/infra/traefik-application.yaml b/infra/traefik-application.yaml deleted file mode 100644 index 5369608..0000000 --- a/infra/traefik-application.yaml +++ /dev/null @@ -1,130 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: traefik-system - annotations: - argocd.argoproj.io/sync-wave: "-1" ---- -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: traefik - namespace: argocd - annotations: - argocd.argoproj.io/sync-wave: "1" - labels: - app.kubernetes.io/name: traefik - app.kubernetes.io/part-of: platform - app.kubernetes.io/managed-by: argocd - finalizers: - - resources-finalizer.argocd.argoproj.io -spec: - project: default - - source: - repoURL: https://traefik.github.io/charts - chart: traefik - targetRevision: "28.0.0" - - helm: - values: | - providers: - kubernetesIngress: - publishedService: # Fixes ArgoCD health checks for LoadBalancer services - enabled: true - deployment: - replicas: 2 - - ingressRoute: - dashboard: - enabled: true - # Optional: specify entrypoint - entrypoint: traefik - - api: - dashboard: true - debug: false - - service: - type: LoadBalancer - annotations: - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.priority: "42" - traefik.ingress.kubernetes.io/router.tls: "true" - service.beta.kubernetes.io/upcloud-load-balancer-config: | - { - "frontends": [ - { - "name": "web", - "mode": "tcp" - }, - { - "name": "websecure", - "mode": "tcp" - } - ], - "backends": [ - { - "name": "web", - "properties": { - "outbound_proxy_protocol": "v2" - } - }, - { - "name": "websecure", - "properties": { - "outbound_proxy_protocol": "v2" - } - } - ] - } - - ingressClass: - enabled: true - isDefaultClass: true - - # Configure entry points - ports: - metrics: - expose: - default: true - observability: - accessLogs: true - metrics: true - tracing: true - traceVerbosity: detailed - web: - proxyProtocol: - trustedIPs: "172.16.1.0/24" - forwardedHeaders: - trustedIPs: "172.16.1.0/24" - http: - redirections: - entrypoint: - to: websecure - scheme: https - - websecure: - proxyProtocol: - trustedIPs: "172.16.1.0/24" - forwardedHeaders: - trustedIPs: "172.16.1.0/24" - observability: - accessLogs: true - metrics: true - tracing: true - - destination: - server: https://kubernetes.default.svc - namespace: traefik-system - - syncPolicy: - automated: - prune: true - selfHeal: true - allowEmpty: false - - syncOptions: - - CreateNamespace=true - - Validate=true - - ServerSideApply=true diff --git a/infra/values/argocd-values.yaml b/infra/values/base/argocd-values.yaml similarity index 94% rename from infra/values/argocd-values.yaml rename to infra/values/base/argocd-values.yaml index fe5976e..f9a65f9 100644 --- a/infra/values/argocd-values.yaml +++ b/infra/values/base/argocd-values.yaml @@ -1,5 +1,3 @@ -global: - domain: argocd.127.0.0.1.nip.io configs: secret: createSecret: true @@ -26,10 +24,6 @@ notifications: secret: create: false - # Shared context variables available in all templates - context: - clusterName: "dev-fd-no-svg1" - # Define notification templates templates: template.app-syncing: | diff --git a/infra/values/base/dot-ai-stack-values.yaml b/infra/values/base/dot-ai-stack-values.yaml new file mode 100644 index 0000000..1d64e0a --- /dev/null +++ b/infra/values/base/dot-ai-stack-values.yaml @@ -0,0 +1,11 @@ +dot-ai: + ingress: + enabled: true + className: traefik +dot-ai-ui: + uiAuth: + secretRef: + name: dot-ai-secrets + ingress: + enabled: true + className: traefik diff --git a/infra/values/fluent-bit-values.yaml b/infra/values/base/fluent-bit-values.yaml similarity index 100% rename from infra/values/fluent-bit-values.yaml rename to infra/values/base/fluent-bit-values.yaml diff --git a/infra/values/grafana-values.yaml b/infra/values/base/grafana-values.yaml similarity index 99% rename from infra/values/grafana-values.yaml rename to infra/values/base/grafana-values.yaml index a83bff9..b2c8f48 100644 --- a/infra/values/grafana-values.yaml +++ b/infra/values/base/grafana-values.yaml @@ -1,7 +1,5 @@ ingress: enabled: true - hosts: - - grafana.127.0.0.1.nip.io resources: requests: cpu: 100m diff --git a/infra/values/keycloak-values.yaml b/infra/values/base/keycloak-values.yaml similarity index 95% rename from infra/values/keycloak-values.yaml rename to infra/values/base/keycloak-values.yaml index 4e0e61f..5047ee5 100644 --- a/infra/values/keycloak-values.yaml +++ b/infra/values/base/keycloak-values.yaml @@ -1,5 +1,4 @@ # Bitnami Keycloak Helm Chart Values -# Host: id.forteapps.net # Chart version: 25.2.0 image: @@ -15,7 +14,6 @@ auth: ingress: enabled: true - hostname: id.forteapps.net tls: true ingressClassName: traefik annotations: diff --git a/infra/values/loki-values.yaml b/infra/values/base/loki-values.yaml similarity index 100% rename from infra/values/loki-values.yaml rename to infra/values/base/loki-values.yaml diff --git a/infra/values/prometheus-values.yaml b/infra/values/base/prometheus-values.yaml similarity index 100% rename from infra/values/prometheus-values.yaml rename to infra/values/base/prometheus-values.yaml diff --git a/infra/values/base/traefik-values.yaml b/infra/values/base/traefik-values.yaml new file mode 100644 index 0000000..0df67ba --- /dev/null +++ b/infra/values/base/traefik-values.yaml @@ -0,0 +1,50 @@ +providers: + kubernetesIngress: + publishedService: # Fixes ArgoCD health checks for LoadBalancer services + enabled: true +deployment: + replicas: 2 + +ingressRoute: + dashboard: + enabled: true + # Optional: specify entrypoint + entrypoint: traefik + +api: + dashboard: true + debug: false + +service: + type: LoadBalancer + annotations: + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.priority: "42" + traefik.ingress.kubernetes.io/router.tls: "true" + +ingressClass: + enabled: true + isDefaultClass: true + +# Configure entry points +ports: + metrics: + expose: + default: true + observability: + accessLogs: true + metrics: true + tracing: true + traceVerbosity: detailed + web: + http: + redirections: + entrypoint: + to: websecure + scheme: https + + websecure: + observability: + accessLogs: true + metrics: true + tracing: true diff --git a/infra/values/eu/argocd-values.yaml b/infra/values/eu/argocd-values.yaml new file mode 100644 index 0000000..6ed9cea --- /dev/null +++ b/infra/values/eu/argocd-values.yaml @@ -0,0 +1,5 @@ +global: + domain: argocd.127.0.0.1.nip.io +notifications: + context: + clusterName: "dev-fd-eu-no-svg1" diff --git a/infra/values/eu/dot-ai-stack-values.yaml b/infra/values/eu/dot-ai-stack-values.yaml new file mode 100644 index 0000000..f96ad02 --- /dev/null +++ b/infra/values/eu/dot-ai-stack-values.yaml @@ -0,0 +1,8 @@ +dot-ai: + ingress: + host: kubemcp.forteapps.net + webUI: + baseUrl: http://kubemcpui.forteapps.net +dot-ai-ui: + ingress: + host: kubemcpui.forteapps.net diff --git a/infra/values/eu/grafana-values.yaml b/infra/values/eu/grafana-values.yaml new file mode 100644 index 0000000..fbbe9fd --- /dev/null +++ b/infra/values/eu/grafana-values.yaml @@ -0,0 +1,3 @@ +ingress: + hosts: + - grafana.forteapps.net diff --git a/infra/values/eu/keycloak-values.yaml b/infra/values/eu/keycloak-values.yaml new file mode 100644 index 0000000..ecc2905 --- /dev/null +++ b/infra/values/eu/keycloak-values.yaml @@ -0,0 +1,2 @@ +ingress: + hostname: id.forteapps.net diff --git a/infra/values/eu/traefik-values.yaml b/infra/values/eu/traefik-values.yaml new file mode 100644 index 0000000..31f07f4 --- /dev/null +++ b/infra/values/eu/traefik-values.yaml @@ -0,0 +1,40 @@ +service: + annotations: + service.beta.kubernetes.io/upcloud-load-balancer-config: | + { + "frontends": [ + { + "name": "web", + "mode": "tcp" + }, + { + "name": "websecure", + "mode": "tcp" + } + ], + "backends": [ + { + "name": "web", + "properties": { + "outbound_proxy_protocol": "v2" + } + }, + { + "name": "websecure", + "properties": { + "outbound_proxy_protocol": "v2" + } + } + ] + } +ports: + web: + proxyProtocol: + trustedIPs: "172.16.1.0/24" + forwardedHeaders: + trustedIPs: "172.16.1.0/24" + websecure: + proxyProtocol: + trustedIPs: "172.16.1.0/24" + forwardedHeaders: + trustedIPs: "172.16.1.0/24" diff --git a/infra/values/us/argocd-values.yaml b/infra/values/us/argocd-values.yaml new file mode 100644 index 0000000..e183032 --- /dev/null +++ b/infra/values/us/argocd-values.yaml @@ -0,0 +1,5 @@ +global: + domain: argocd.us.forteapps.net +notifications: + context: + clusterName: "dev-fd-us-east1" diff --git a/infra/values/us/dot-ai-stack-values.yaml b/infra/values/us/dot-ai-stack-values.yaml new file mode 100644 index 0000000..c429d3b --- /dev/null +++ b/infra/values/us/dot-ai-stack-values.yaml @@ -0,0 +1,8 @@ +dot-ai: + ingress: + host: kubemcp.us.forteapps.net + webUI: + baseUrl: http://kubemcpui.us.forteapps.net +dot-ai-ui: + ingress: + host: kubemcpui.us.forteapps.net diff --git a/infra/values/us/grafana-values.yaml b/infra/values/us/grafana-values.yaml new file mode 100644 index 0000000..417c8c4 --- /dev/null +++ b/infra/values/us/grafana-values.yaml @@ -0,0 +1,3 @@ +ingress: + hosts: + - grafana.us.forteapps.net diff --git a/infra/values/us/keycloak-values.yaml b/infra/values/us/keycloak-values.yaml new file mode 100644 index 0000000..df05358 --- /dev/null +++ b/infra/values/us/keycloak-values.yaml @@ -0,0 +1,2 @@ +ingress: + hostname: id.us.forteapps.net diff --git a/infra/values/us/traefik-values.yaml b/infra/values/us/traefik-values.yaml new file mode 100644 index 0000000..06a9076 --- /dev/null +++ b/infra/values/us/traefik-values.yaml @@ -0,0 +1,13 @@ +service: + annotations: {} +ports: + web: + proxyProtocol: + trustedIPs: "10.0.0.0/16" + forwardedHeaders: + trustedIPs: "10.0.0.0/16" + websecure: + proxyProtocol: + trustedIPs: "10.0.0.0/16" + forwardedHeaders: + trustedIPs: "10.0.0.0/16" diff --git a/secrets/argocd-mcp-credentials.yaml b/secrets/eu/argocd-mcp-credentials.yaml similarity index 100% rename from secrets/argocd-mcp-credentials.yaml rename to secrets/eu/argocd-mcp-credentials.yaml diff --git a/secrets/argocdmcp-auth-oidc-sealed.yaml b/secrets/eu/argocdmcp-auth-oidc-sealed.yaml similarity index 100% rename from secrets/argocdmcp-auth-oidc-sealed.yaml rename to secrets/eu/argocdmcp-auth-oidc-sealed.yaml diff --git a/secrets/dot-ai-secrets.yaml b/secrets/eu/dot-ai-secrets.yaml similarity index 100% rename from secrets/dot-ai-secrets.yaml rename to secrets/eu/dot-ai-secrets.yaml diff --git a/secrets/forte10x-app-credentials-sealed.yaml b/secrets/eu/forte10x-app-credentials-sealed.yaml similarity index 100% rename from secrets/forte10x-app-credentials-sealed.yaml rename to secrets/eu/forte10x-app-credentials-sealed.yaml diff --git a/secrets/keycloak-credentials-sealed.yaml b/secrets/eu/keycloak-credentials-sealed.yaml similarity index 100% rename from secrets/keycloak-credentials-sealed.yaml rename to secrets/eu/keycloak-credentials-sealed.yaml diff --git a/secrets/musicman-credentials.yaml b/secrets/eu/musicman-credentials.yaml similarity index 100% rename from secrets/musicman-credentials.yaml rename to secrets/eu/musicman-credentials.yaml