Compare commits
16 Commits
feature/ho
...
3e590e4a19
| Author | SHA1 | Date | |
|---|---|---|---|
| 3e590e4a19 | |||
| 00128b6beb | |||
| a4599fdf91 | |||
| c76bb562a4 | |||
| 53b43da813 | |||
| 0ac7f94c26 | |||
| 6ab8cad193 | |||
| 9b91b5a26e | |||
| d8d0b2e1dd | |||
| 5653036f5d | |||
| caf14c90a8 | |||
| 3880ba843a | |||
| 27843f3786 | |||
| 1783c76a2d | |||
| e9513da92b | |||
| f5486a9210 |
@@ -28,7 +28,6 @@ Bootstrap()
|
|||||||
Gitea()
|
Gitea()
|
||||||
{
|
{
|
||||||
echo "Installing secret..."
|
echo "Installing secret..."
|
||||||
kubectl apply -f "secrets/"
|
|
||||||
kubectl apply -f "private/${CLUSTER}/gitea-repo-main.yaml"
|
kubectl apply -f "private/${CLUSTER}/gitea-repo-main.yaml"
|
||||||
kubectl apply -f "private/${CLUSTER}/main.key"
|
kubectl apply -f "private/${CLUSTER}/main.key"
|
||||||
}
|
}
|
||||||
|
|||||||
21
infra/base/homepage/homepage-extra-rbac.yaml
Normal file
21
infra/base/homepage/homepage-extra-rbac.yaml
Normal file
@@ -0,0 +1,21 @@
|
|||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: ClusterRole
|
||||||
|
metadata:
|
||||||
|
name: homepage-services-reader
|
||||||
|
rules:
|
||||||
|
- apiGroups: [""]
|
||||||
|
resources: ["services"]
|
||||||
|
verbs: ["get", "list", "watch"]
|
||||||
|
---
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: ClusterRoleBinding
|
||||||
|
metadata:
|
||||||
|
name: homepage-services-reader
|
||||||
|
roleRef:
|
||||||
|
apiGroup: rbac.authorization.k8s.io
|
||||||
|
kind: ClusterRole
|
||||||
|
name: homepage-services-reader
|
||||||
|
subjects:
|
||||||
|
- kind: ServiceAccount
|
||||||
|
name: homepage
|
||||||
|
namespace: homepage
|
||||||
16
infra/base/homepage/homepage-widget-credentials-sealed.yaml
Normal file
16
infra/base/homepage/homepage-widget-credentials-sealed.yaml
Normal file
@@ -0,0 +1,16 @@
|
|||||||
|
---
|
||||||
|
apiVersion: bitnami.com/v1alpha1
|
||||||
|
kind: SealedSecret
|
||||||
|
metadata:
|
||||||
|
creationTimestamp: null
|
||||||
|
name: homepage-widget-credentials
|
||||||
|
namespace: homepage
|
||||||
|
spec:
|
||||||
|
encryptedData:
|
||||||
|
HOMEPAGE_VAR_GITEA_TOKEN: AgAVN1C931EQpn+sodr3CpjlhORfJVTW8aUr+pGZQb+65Pb8QLGeVGVa7Jv60gDJUX3r+93/jMrEbCOeDL6I4qCz/V35wMCxFZLnXIdkmto0W4MKt6cK8To1/OP7EhQJOGBlSuOFsrwoy+HDtvLIqmyF0nrxhTusm9/NHrw+gCVwSTPhiAX1MCuSOSRWpbXvyNphW8j7aqUaV6ixDt424Fe4alEIShYELcS3EX/VPgsf2p2bhvBRCQOh3LEprkuxSFMuPfCBk06TPTbIN4saNVm0Ke0zW/pxkVNSiIxEnKjOmpPJtacsfWN7du+nQbx276G2qvWrf+iawJVq0Z/SLikA/NUFBL6EjSRfgE3cSOri8sbxsd0AycsFGyp98EM29wE+WOQl52M/lwl02EmCivqkICSO7Jp9pM1ScbmRMa5vcnupsGbVDxhRKLqxhAskt/BXDkRzvHN31gH3YmelES3JuqNMHV0urFxmX2oOX9Pxbtv63csc+zhy1Ui5aoex7TPnLdk7kYLSAE2MSrzT6wHvVhBC5kNnDYVrLehvJrT+eNh0MOLx2wkuJmIOxRAGUyNi5DfDnP6qnvj2aefEymLuOXAIUXH8DbeBtrjsd74HX2hhIfBlPkXvhJR3ks7i5RXjK2/YYHkgJ+nJoW80S9N7ciaRy103g74TNJZt6QzzL5Vb80qZ6yQOD4G081KmTLDmhHjJVIIv9M3nLh2s0IeBV3/Z5qHZmtjN7sSaKAn4MIr5FaH9quhx
|
||||||
|
HOMEPAGE_VAR_GRAFANA_TOKEN: AgBloBlOlP+R/4VizE1CGpj0wyiwU14BemAnuUpld7OvOGc67dwfDPyponkQXjAZg3UU2cZ70A51WUAuVlAr+25Ktlf/FW2OBqj+1BJOCqMMyu+kv026yjX2aB8dKGzlTxgF8aji+j1mC8vP3vvmgI4Zf2HQAH7uFwLfeo8+QnV5EyhcExSS0xDne+VtOP9jNXbPRayry0DdyRVtaeKAiZacO+45oAJWszWOwmoMTg9FZQkLjER6Q0tyI6NnoNObsFCnh56chZTdzBOYtmPnwld1bP2FjoJDqn8AfRwbPTIj7t0eFP7WLUO7GQKpxVl+pFwJLb5xCOw2+HNtp1BhNCu7icuc0P88IlvwzkbN0lXJbYigVOzyjEo8f/al1DXPM4WaB/Nqmr7Mtt8KTRh2WMVTgiX5jsu25D0rGDvY9gqfBBqswkRhCLsG0v0EN32zXj1/52KYdmB7pk/+2lMwSaGMS11MOenHeU1Z95fGxm9f3EGF0E8xlFr4FowgsNwr+tJQqpM0bT/4mZnaQbGWtKPFizMtsfQFm+rHFcNCrGaOuecslmiIJs8lTm18KlrncsGfxNS64tVXk+LvydU0rwybvpg2rQjEWtAl1IQsaaiz96OAlYxxK1MGxN7KE6F8R4kfnWTZ5Fs1KMmd/DOIVBXyCbqXxk8pbekmaIeNSfv92JNZ0QNJWsBa2vgQ24WI2pb4XiR0BvtLpt3BVlZUcSK92SzUblWmYWVMwHYCJkEeEUV1PhYEmyiN+V/Kq5Qb
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
creationTimestamp: null
|
||||||
|
name: homepage-widget-credentials
|
||||||
|
namespace: homepage
|
||||||
@@ -2,3 +2,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
|||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
- homepage.yaml
|
- homepage.yaml
|
||||||
|
- homepage-widget-credentials-sealed.yaml
|
||||||
|
- homepage-extra-rbac.yaml
|
||||||
|
|||||||
@@ -39,11 +39,8 @@ server:
|
|||||||
gethomepage.dev/name: "ArgoCD"
|
gethomepage.dev/name: "ArgoCD"
|
||||||
gethomepage.dev/description: "GitOps continuous delivery"
|
gethomepage.dev/description: "GitOps continuous delivery"
|
||||||
gethomepage.dev/group: "DevOps"
|
gethomepage.dev/group: "DevOps"
|
||||||
gethomepage.dev/icon: "argocd"
|
gethomepage.dev/icon: "argo-cd"
|
||||||
gethomepage.dev/href: "https://argocd.forteapps.net"
|
gethomepage.dev/href: "https://argocd.forteapps.net"
|
||||||
gethomepage.dev/widget.type: "argocd"
|
|
||||||
gethomepage.dev/widget.url: "https://argocd.forteapps.net"
|
|
||||||
# gethomepage.dev/widget.key: "{{HOMEPAGE_VAR_ARGOCD_TOKEN}}"
|
|
||||||
tls: true
|
tls: true
|
||||||
extraArgs:
|
extraArgs:
|
||||||
- --insecure
|
- --insecure
|
||||||
|
|||||||
@@ -122,7 +122,7 @@ ingress:
|
|||||||
gethomepage.dev/href: "https://git.forteapps.net"
|
gethomepage.dev/href: "https://git.forteapps.net"
|
||||||
gethomepage.dev/widget.type: "gitea"
|
gethomepage.dev/widget.type: "gitea"
|
||||||
gethomepage.dev/widget.url: "https://git.forteapps.net"
|
gethomepage.dev/widget.url: "https://git.forteapps.net"
|
||||||
# gethomepage.dev/widget.key: "{{HOMEPAGE_VAR_GITEA_TOKEN}}"
|
gethomepage.dev/widget.key: "{{HOMEPAGE_VAR_GITEA_TOKEN}}"
|
||||||
hosts:
|
hosts:
|
||||||
- host: git.forteapps.net
|
- host: git.forteapps.net
|
||||||
paths:
|
paths:
|
||||||
|
|||||||
@@ -9,15 +9,15 @@ ingress:
|
|||||||
gethomepage.dev/group: "Monitoring"
|
gethomepage.dev/group: "Monitoring"
|
||||||
gethomepage.dev/icon: "grafana"
|
gethomepage.dev/icon: "grafana"
|
||||||
gethomepage.dev/href: "https://grafana.forteapps.net"
|
gethomepage.dev/href: "https://grafana.forteapps.net"
|
||||||
gethomepage.dev/widget.type: "grafana"
|
|
||||||
gethomepage.dev/widget.url: "https://grafana.forteapps.net"
|
|
||||||
# gethomepage.dev/widget.username: "{{HOMEPAGE_VAR_GRAFANA_USER}}"
|
|
||||||
# gethomepage.dev/widget.password: "{{HOMEPAGE_VAR_GRAFANA_PASSWORD}}"
|
|
||||||
tls:
|
tls:
|
||||||
- secretName: grafana-tls
|
- secretName: grafana-tls
|
||||||
hosts:
|
hosts:
|
||||||
- grafana.forteapps.net
|
- grafana.forteapps.net
|
||||||
|
|
||||||
|
persistence:
|
||||||
|
enabled: true
|
||||||
|
size: 1Gi
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
cpu: 50m
|
cpu: 50m
|
||||||
|
|||||||
@@ -14,17 +14,21 @@ config:
|
|||||||
# Scan all namespaces for services with gethomepage.dev/enabled: "true"
|
# Scan all namespaces for services with gethomepage.dev/enabled: "true"
|
||||||
kubernetes:
|
kubernetes:
|
||||||
mode: cluster
|
mode: cluster
|
||||||
|
traefik: true
|
||||||
|
|
||||||
settings:
|
settings:
|
||||||
title: "Forte Platform"
|
title: "Forte Platform"
|
||||||
headerStyle: clean
|
headerStyle: clean
|
||||||
layout:
|
layout:
|
||||||
DevOps:
|
Apps:
|
||||||
style: row
|
style: row
|
||||||
columns: 4
|
columns: 4
|
||||||
Identity:
|
Identity:
|
||||||
style: row
|
style: row
|
||||||
columns: 4
|
columns: 4
|
||||||
|
DevOps:
|
||||||
|
style: row
|
||||||
|
columns: 4
|
||||||
Monitoring:
|
Monitoring:
|
||||||
style: row
|
style: row
|
||||||
columns: 4
|
columns: 4
|
||||||
@@ -39,14 +43,19 @@ config:
|
|||||||
showLabel: true
|
showLabel: true
|
||||||
label: "Cluster"
|
label: "Cluster"
|
||||||
nodes:
|
nodes:
|
||||||
show: false
|
show: true
|
||||||
# Both empty — all entries come from K8s service annotations
|
cpu: true
|
||||||
|
memory: true
|
||||||
|
showLabel: true
|
||||||
|
# In-cluster entries come from K8s service annotations.
|
||||||
|
# External (out-of-cluster) services are listed here statically.
|
||||||
bookmarks: []
|
bookmarks: []
|
||||||
services: []
|
services:
|
||||||
# Widget API credentials (optional — add via SealedSecret + envFrom below)
|
- Apps:
|
||||||
# Homepage reads HOMEPAGE_VAR_* env vars and substitutes them in widget annotations.
|
- Forte Feedback:
|
||||||
# Example: gethomepage.dev/widget.key: "{{HOMEPAGE_VAR_GRAFANA_TOKEN}}"
|
href: https://feedback.forteapps.net
|
||||||
# To enable: create a sealed secret and add envFrom to load it.
|
description: Fortes internal feedback app
|
||||||
|
icon: forte
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
@@ -55,3 +64,10 @@ resources:
|
|||||||
limits:
|
limits:
|
||||||
cpu: 100m
|
cpu: 100m
|
||||||
memory: 256Mi
|
memory: 256Mi
|
||||||
|
|
||||||
|
env:
|
||||||
|
- name: HOMEPAGE_ALLOWED_HOSTS
|
||||||
|
value: start.forteapps.net
|
||||||
|
envFrom:
|
||||||
|
- secretRef:
|
||||||
|
name: homepage-widget-credentials
|
||||||
|
|||||||
@@ -1,3 +1,10 @@
|
|||||||
ingress:
|
ingress:
|
||||||
enabled: true
|
enabled: true
|
||||||
host: databunker.forteapps.net
|
host: databunker.forteapps.net
|
||||||
|
annotations:
|
||||||
|
gethomepage.dev/enabled: "true"
|
||||||
|
gethomepage.dev/name: "Databunker"
|
||||||
|
gethomepage.dev/description: "Secure Database for PII and PCI Records"
|
||||||
|
gethomepage.dev/group: "Identity"
|
||||||
|
gethomepage.dev/icon: "adminer"
|
||||||
|
gethomepage.dev/href: "https://databunker.forteapps.net"
|
||||||
|
|||||||
Reference in New Issue
Block a user