details

2026-04-22 22:26:57 +02:00
parent 9a7e03b794
commit a89f2f30ce
9 changed files with 96 additions and 98 deletions
--- a/clusters/aks-dev.yaml
+++ b/clusters/aks-dev.yaml
@@ -1,10 +1,12 @@
-clusterName: dev-aks                  # <- adjust to your AKS cluster name
+# Cluster config reference — values must match the corresponding overlay files.
-domain: example.com                   # <- adjust to your domain
+# Read by bootstrap.sh at install time; NOT auto-propagated to ArgoCD value files.
-argocdDomain: argocd.example.com
+clusterName: dev-aks                     # → infra/values/aks-dev/argocd-values.yaml (notifications.context.clusterName)
-grafanaDomain: grafana.example.com
+domain: example.com                      # → infra/values/base/gitea-values.yaml, renovate-values.yaml, keycloak-values.yaml (subdomains)
-keycloakDomain: id.example.com
+argocdDomain: argocd.example.com         # → infra/values/aks-dev/argocd-values.yaml (global.domain)
-dotaiDomain: kubemcp.example.com
+grafanaDomain: grafana.example.com       # → infra/values/aks-dev/grafana-values.yaml (ingress.hosts)
-dotaiUiDomain: kubemcpui.example.com
+keycloakDomain: id.example.com           # → infra/values/aks-dev/keycloak-values.yaml (ingress.hostname)
-letsencryptEmail: admin@example.com   # <- adjust
+dotaiDomain: kubemcp.example.com         # → infra/values/aks-dev/dot-ai-stack-values.yaml (dot-ai.ingress.host) — create if needed
-trustedIPs: "10.0.0.0/8,168.63.129.16/32"  # <- VNet CIDR + Azure health probe
+dotaiUiDomain: kubemcpui.example.com     # → infra/values/aks-dev/dot-ai-stack-values.yaml (dot-ai-ui.ingress.host) — create if needed
-cloudProvider: azure
+letsencryptEmail: admin@example.com      # → cluster-resources/letsencrypt-issuer.yaml (spec.acme.email)
 trustedIPs: "10.0.0.0/8,168.63.129.16/32" # → infra/values/aks-dev/traefik-values.yaml (ports.*.trustedIPs) — VNet CIDR + Azure health probe
 cloudProvider: azure                     # → determines overlay directory and cloud-specific LB/storage annotations
--- a/clusters/aks-prod.yaml
+++ b/clusters/aks-prod.yaml
@@ -1,10 +1,12 @@
-clusterName: prod-aks                 # <- adjust to your AKS cluster name
+# Cluster config reference — values must match the corresponding overlay files.
-domain: example.com                   # <- adjust to your domain
+# Read by bootstrap.sh at install time; NOT auto-propagated to ArgoCD value files.
-argocdDomain: argocd.example.com
+clusterName: prod-aks                    # → infra/values/aks-prod/argocd-values.yaml (notifications.context.clusterName)
-grafanaDomain: grafana.example.com
+domain: example.com                      # → infra/values/base/gitea-values.yaml, renovate-values.yaml, keycloak-values.yaml (subdomains)
-keycloakDomain: id.example.com
+argocdDomain: argocd.example.com         # → infra/values/aks-prod/argocd-values.yaml (global.domain)
-dotaiDomain: kubemcp.example.com
+grafanaDomain: grafana.example.com       # → infra/values/aks-prod/grafana-values.yaml (ingress.hosts)
-dotaiUiDomain: kubemcpui.example.com
+keycloakDomain: id.example.com           # → infra/values/aks-prod/keycloak-values.yaml (ingress.hostname)
-letsencryptEmail: admin@example.com   # <- adjust
+dotaiDomain: kubemcp.example.com         # → infra/values/aks-prod/dot-ai-stack-values.yaml (dot-ai.ingress.host) — create if needed
-trustedIPs: "10.0.0.0/8,168.63.129.16/32"  # <- VNet CIDR + Azure health probe
+dotaiUiDomain: kubemcpui.example.com     # → infra/values/aks-prod/dot-ai-stack-values.yaml (dot-ai-ui.ingress.host) — create if needed
-cloudProvider: azure
+letsencryptEmail: admin@example.com      # → cluster-resources/letsencrypt-issuer.yaml (spec.acme.email)
 trustedIPs: "10.0.0.0/8,168.63.129.16/32" # → infra/values/aks-prod/traefik-values.yaml (ports.*.trustedIPs) — VNet CIDR + Azure health probe
 cloudProvider: azure                     # → determines overlay directory and cloud-specific LB/storage annotations
--- a/clusters/eks-dev.yaml
+++ b/clusters/eks-dev.yaml
@@ -1,10 +1,12 @@
-clusterName: dev-eks                  # <- adjust to your EKS cluster name
+# Cluster config reference — values must match the corresponding overlay files.
-domain: example.com                   # <- adjust to your domain
+# Read by bootstrap.sh at install time; NOT auto-propagated to ArgoCD value files.
-argocdDomain: argocd.example.com
+clusterName: dev-eks                     # → infra/values/eks-dev/argocd-values.yaml (notifications.context.clusterName)
-grafanaDomain: grafana.example.com
+domain: example.com                      # → infra/values/base/gitea-values.yaml, renovate-values.yaml, keycloak-values.yaml (subdomains)
-keycloakDomain: id.example.com
+argocdDomain: argocd.example.com         # → infra/values/eks-dev/argocd-values.yaml (global.domain)
-dotaiDomain: kubemcp.example.com
+grafanaDomain: grafana.example.com       # → infra/values/eks-dev/grafana-values.yaml (ingress.hosts)
-dotaiUiDomain: kubemcpui.example.com
+keycloakDomain: id.example.com           # → infra/values/eks-dev/keycloak-values.yaml (ingress.hostname)
-letsencryptEmail: admin@example.com   # <- adjust
+dotaiDomain: kubemcp.example.com         # → infra/values/eks-dev/dot-ai-stack-values.yaml (dot-ai.ingress.host) — create if needed
-trustedIPs: "10.0.0.0/8"             # <- adjust to your VPC CIDR
+dotaiUiDomain: kubemcpui.example.com     # → infra/values/eks-dev/dot-ai-stack-values.yaml (dot-ai-ui.ingress.host) — create if needed
-cloudProvider: eks
+letsencryptEmail: admin@example.com      # → cluster-resources/letsencrypt-issuer.yaml (spec.acme.email)
 trustedIPs: "10.0.0.0/8"                # → infra/values/eks-dev/traefik-values.yaml (ports.*.trustedIPs) — VPC CIDR
 cloudProvider: eks                       # → determines overlay directory and cloud-specific LB/storage annotations
--- a/clusters/eks-prod.yaml
+++ b/clusters/eks-prod.yaml
@@ -1,10 +1,12 @@
-clusterName: prod-eks                 # <- adjust to your EKS cluster name
+# Cluster config reference — values must match the corresponding overlay files.
-domain: example.com                   # <- adjust to your domain
+# Read by bootstrap.sh at install time; NOT auto-propagated to ArgoCD value files.
-argocdDomain: argocd.example.com
+clusterName: prod-eks                    # → infra/values/eks-prod/argocd-values.yaml (notifications.context.clusterName)
-grafanaDomain: grafana.example.com
+domain: example.com                      # → infra/values/base/gitea-values.yaml, renovate-values.yaml, keycloak-values.yaml (subdomains)
-keycloakDomain: id.example.com
+argocdDomain: argocd.example.com         # → infra/values/eks-prod/argocd-values.yaml (global.domain)
-dotaiDomain: kubemcp.example.com
+grafanaDomain: grafana.example.com       # → infra/values/eks-prod/grafana-values.yaml (ingress.hosts)
-dotaiUiDomain: kubemcpui.example.com
+keycloakDomain: id.example.com           # → infra/values/eks-prod/keycloak-values.yaml (ingress.hostname)
-letsencryptEmail: admin@example.com   # <- adjust
+dotaiDomain: kubemcp.example.com         # → infra/values/eks-prod/dot-ai-stack-values.yaml (dot-ai.ingress.host) — create if needed
-trustedIPs: "10.0.0.0/8"             # <- adjust to your VPC CIDR
+dotaiUiDomain: kubemcpui.example.com     # → infra/values/eks-prod/dot-ai-stack-values.yaml (dot-ai-ui.ingress.host) — create if needed
-cloudProvider: eks
+letsencryptEmail: admin@example.com      # → cluster-resources/letsencrypt-issuer.yaml (spec.acme.email)
 trustedIPs: "10.0.0.0/8"                # → infra/values/eks-prod/traefik-values.yaml (ports.*.trustedIPs) — VPC CIDR
 cloudProvider: eks                       # → determines overlay directory and cloud-specific LB/storage annotations
--- a/clusters/gke-dev.yaml
+++ b/clusters/gke-dev.yaml
@@ -1,10 +1,12 @@
-clusterName: dev-gke                  # <- adjust to your GKE cluster name
+# Cluster config reference — values must match the corresponding overlay files.
-domain: example.com                   # <- adjust to your domain
+# Read by bootstrap.sh at install time; NOT auto-propagated to ArgoCD value files.
-argocdDomain: argocd.example.com
+clusterName: dev-gke                     # → infra/values/gke-dev/argocd-values.yaml (notifications.context.clusterName)
-grafanaDomain: grafana.example.com
+domain: example.com                      # → infra/values/base/gitea-values.yaml, renovate-values.yaml, keycloak-values.yaml (subdomains)
-keycloakDomain: id.example.com
+argocdDomain: argocd.example.com         # → infra/values/gke-dev/argocd-values.yaml (global.domain)
-dotaiDomain: kubemcp.example.com
+grafanaDomain: grafana.example.com       # → infra/values/gke-dev/grafana-values.yaml (ingress.hosts)
-dotaiUiDomain: kubemcpui.example.com
+keycloakDomain: id.example.com           # → infra/values/gke-dev/keycloak-values.yaml (ingress.hostname)
-letsencryptEmail: admin@example.com   # <- adjust
+dotaiDomain: kubemcp.example.com         # → infra/values/gke-dev/dot-ai-stack-values.yaml (dot-ai.ingress.host) — create if needed
-trustedIPs: "10.0.0.0/8,35.191.0.0/16,130.211.0.0/22"  # <- subnet CIDR + GCP health checks
+dotaiUiDomain: kubemcpui.example.com     # → infra/values/gke-dev/dot-ai-stack-values.yaml (dot-ai-ui.ingress.host) — create if needed
-cloudProvider: gke
+letsencryptEmail: admin@example.com      # → cluster-resources/letsencrypt-issuer.yaml (spec.acme.email)
 trustedIPs: "10.0.0.0/8,35.191.0.0/16,130.211.0.0/22" # → infra/values/gke-dev/traefik-values.yaml (ports.*.trustedIPs) — subnet + GCP health checks
 cloudProvider: gke                       # → determines overlay directory and cloud-specific LB/storage annotations
--- a/clusters/gke-prod.yaml
+++ b/clusters/gke-prod.yaml
@@ -1,10 +1,12 @@
-clusterName: prod-gke                 # <- adjust to your GKE cluster name
+# Cluster config reference — values must match the corresponding overlay files.
-domain: example.com                   # <- adjust to your domain
+# Read by bootstrap.sh at install time; NOT auto-propagated to ArgoCD value files.
-argocdDomain: argocd.example.com
+clusterName: prod-gke                    # → infra/values/gke-prod/argocd-values.yaml (notifications.context.clusterName)
-grafanaDomain: grafana.example.com
+domain: example.com                      # → infra/values/base/gitea-values.yaml, renovate-values.yaml, keycloak-values.yaml (subdomains)
-keycloakDomain: id.example.com
+argocdDomain: argocd.example.com         # → infra/values/gke-prod/argocd-values.yaml (global.domain)
-dotaiDomain: kubemcp.example.com
+grafanaDomain: grafana.example.com       # → infra/values/gke-prod/grafana-values.yaml (ingress.hosts)
-dotaiUiDomain: kubemcpui.example.com
+keycloakDomain: id.example.com           # → infra/values/gke-prod/keycloak-values.yaml (ingress.hostname)
-letsencryptEmail: admin@example.com   # <- adjust
+dotaiDomain: kubemcp.example.com         # → infra/values/gke-prod/dot-ai-stack-values.yaml (dot-ai.ingress.host) — create if needed
-trustedIPs: "10.0.0.0/8,35.191.0.0/16,130.211.0.0/22"  # <- subnet CIDR + GCP health checks
+dotaiUiDomain: kubemcpui.example.com     # → infra/values/gke-prod/dot-ai-stack-values.yaml (dot-ai-ui.ingress.host) — create if needed
-cloudProvider: gke
+letsencryptEmail: admin@example.com      # → cluster-resources/letsencrypt-issuer.yaml (spec.acme.email)
 trustedIPs: "10.0.0.0/8,35.191.0.0/16,130.211.0.0/22" # → infra/values/gke-prod/traefik-values.yaml (ports.*.trustedIPs) — subnet + GCP health checks
 cloudProvider: gke                       # → determines overlay directory and cloud-specific LB/storage annotations
--- a/clusters/upc-dev.yaml
+++ b/clusters/upc-dev.yaml
@@ -1,10 +1,12 @@
-clusterName: dev-fd-no-svg1
+# Cluster config reference — values must match the corresponding overlay files.
-domain: forteapps.net
+# Read by bootstrap.sh at install time; NOT auto-propagated to ArgoCD value files.
-argocdDomain: argocd.127.0.0.1.nip.io
+clusterName: dev-fd-no-svg1              # → infra/values/upc-dev/argocd-values.yaml (notifications.context.clusterName)
-grafanaDomain: grafana.forteapps.net
+domain: forteapps.net                    # → infra/values/base/gitea-values.yaml, renovate-values.yaml, keycloak-values.yaml (subdomains)
-keycloakDomain: id.forteapps.net
+argocdDomain: argocd.127.0.0.1.nip.io   # → infra/values/upc-dev/argocd-values.yaml (global.domain)
-dotaiDomain: kubemcp.forteapps.net
+grafanaDomain: grafana.forteapps.net     # → infra/values/upc-dev/grafana-values.yaml (ingress.hosts)
-dotaiUiDomain: kubemcpui.forteapps.net
+keycloakDomain: id.forteapps.net         # → infra/values/upc-dev/keycloak-values.yaml (ingress.hostname)
-letsencryptEmail: danijels@gmail.com
+dotaiDomain: kubemcp.forteapps.net       # → infra/values/upc-dev/dot-ai-stack-values.yaml (dot-ai.ingress.host)
-trustedIPs: "172.16.1.0/24"
+dotaiUiDomain: kubemcpui.forteapps.net   # → infra/values/upc-dev/dot-ai-stack-values.yaml (dot-ai-ui.ingress.host)
-cloudProvider: upcloud
+letsencryptEmail: danijels@gmail.com     # → cluster-resources/letsencrypt-issuer.yaml (spec.acme.email)
 trustedIPs: "172.16.1.0/24"             # → infra/values/upc-dev/traefik-values.yaml (ports.*.trustedIPs)
 cloudProvider: upcloud                   # → determines overlay directory and cloud-specific LB/storage annotations
--- a/clusters/upc-prod.yaml
+++ b/clusters/upc-prod.yaml
@@ -1,10 +1,12 @@
-clusterName: prod-fd-no-svg1
+# Cluster config reference — values must match the corresponding overlay files.
-domain: fortedigital.com
+# Read by bootstrap.sh at install time; NOT auto-propagated to ArgoCD value files.
-argocdDomain: argocd.127.0.0.1.nip.io
+clusterName: prod-fd-no-svg1             # → infra/values/upc-prod/argocd-values.yaml (notifications.context.clusterName)
-grafanaDomain: grafana.fortedigital.com
+domain: fortedigital.com                 # → infra/values/base/gitea-values.yaml, renovate-values.yaml, keycloak-values.yaml (subdomains)
-keycloakDomain: id.fortedigital.com
+argocdDomain: argocd.127.0.0.1.nip.io   # → infra/values/upc-prod/argocd-values.yaml (global.domain)
-dotaiDomain: kubemcp.fortedigital.com
+grafanaDomain: grafana.fortedigital.com  # → infra/values/upc-prod/grafana-values.yaml (ingress.hosts)
-dotaiUiDomain: kubemcpui.fortedigital.com
+keycloakDomain: id.fortedigital.com      # → infra/values/upc-prod/keycloak-values.yaml (ingress.hostname)
-letsencryptEmail: danijel.simeunovic@fortedigital.com
+dotaiDomain: kubemcp.fortedigital.com    # → infra/values/upc-prod/dot-ai-stack-values.yaml (dot-ai.ingress.host)
-trustedIPs: "172.16.1.0/24"
+dotaiUiDomain: kubemcpui.fortedigital.com # → infra/values/upc-prod/dot-ai-stack-values.yaml (dot-ai-ui.ingress.host)
-cloudProvider: upcloud
+letsencryptEmail: danijel.simeunovic@fortedigital.com # → cluster-resources/letsencrypt-issuer.yaml (spec.acme.email)
 trustedIPs: "172.16.1.0/24"             # → infra/values/upc-prod/traefik-values.yaml (ports.*.trustedIPs)
 cloudProvider: upcloud                   # → determines overlay directory and cloud-specific LB/storage annotations
--- a/infra/overlays/upc-prod/kustomization.yaml
+++ b/infra/overlays/upc-prod/kustomization.yaml
@@ -66,21 +66,3 @@ patches:
    - op: replace
      path: /spec/source/path
      value: apps/overlays/upc-prod
 # Gitea: swap upc-dev → upc-prod
 - target:
    kind: Application
    name: gitea
  patch: |
    - op: replace
      path: /spec/sources/0/helm/valueFiles/1
      value: $values/infra/values/upc-prod/gitea-values.yaml
 # OpenCost: swap upc-dev → upc-prod
 - target:
    kind: Application
    name: opencost
  patch: |
    - op: replace
      path: /spec/sources/0/helm/valueFiles/1
      value: $values/infra/values/upc-prod/opencost-values.yaml