From fa0cc1cfb28727d625b601517f41054aa5ba595d Mon Sep 17 00:00:00 2001
From: Patrick Spek <p.spek@tyil.nl>
Date: Mon, 3 Apr 2023 10:07:48 +0200
Subject: Add new k3s-master playbook

---
 data.d/k3s-master/helm.d/nginx/ivdea.yaml    |  4 ++
 defaults                                     |  8 ++--
 hosts.d/ivdea.tyil.net                       |  4 ++
 playbooks.d/k3s-master/description.txt       |  1 +
 playbooks.d/k3s-master/etc/defaults          |  8 ++++
 playbooks.d/k3s-master/etc/os.d/linux-gentoo |  2 +
 playbooks.d/k3s-master/playbook.bash         | 65 ++++++++++++++++++++++++++++
 registry.d/ivdea.tyil.net                    |  1 +
 8 files changed, 88 insertions(+), 5 deletions(-)
 create mode 100644 data.d/k3s-master/helm.d/nginx/ivdea.yaml
 create mode 100644 playbooks.d/k3s-master/description.txt
 create mode 100644 playbooks.d/k3s-master/etc/defaults
 create mode 100644 playbooks.d/k3s-master/etc/os.d/linux-gentoo
 create mode 100644 playbooks.d/k3s-master/playbook.bash

diff --git a/data.d/k3s-master/helm.d/nginx/ivdea.yaml b/data.d/k3s-master/helm.d/nginx/ivdea.yaml
new file mode 100644
index 0000000..111b293
--- /dev/null
+++ b/data.d/k3s-master/helm.d/nginx/ivdea.yaml
@@ -0,0 +1,4 @@
+watchIngressWithoutClass: true
+controller:
+  metrics:
+    enabled: false
diff --git a/defaults b/defaults
index ed6b73a..054713f 100644
--- a/defaults
+++ b/defaults
@@ -1,17 +1,15 @@
 bashtard.backup.elements.0=filesystem
 bashtard.backup.fs.paths.0=/etc
 bashtard.backup.repositories.edephas=backup@edephas:{fqdn}
-k3s.network.cidr.pods=10.57.40.0/20
-k3s.network.cidr.svcs=10.57.48.0/20
-k3s.network.service.dns=10.57.48.53
-k3s.flux.repo.url=ssh://git@10.57.100.7/srv/git/tyilnet
 dns.domain=tyil.net
 dns.upstream.0=185.181.61.24
 dns.upstream.1=188.68.231.82
 dns.upstream.2=51.83.172.84
 dns.upstream.3=2a03:94e0:1804::1
 dns.upstream.4=2001:470:71:6dc::53
+k3s-master.helm.repos.ingress-nginx.url=https://kubernetes.github.io/ingress-nginx
+k3s-master.helm.repos.sealed-secrets.url=https://bitnami-labs.github.io/sealed-secrets
+vpn-tinc.name=tyilnet
 www-blog.generator=hugo
 www-blog.path=/var/www/nl.tyil.www
 www-blog.repository=https://git.tyil.nl/blog
-vpn-tinc.name=tyilnet
diff --git a/hosts.d/ivdea.tyil.net b/hosts.d/ivdea.tyil.net
index 2427d97..7dba35c 100644
--- a/hosts.d/ivdea.tyil.net
+++ b/hosts.d/ivdea.tyil.net
@@ -2,5 +2,9 @@ bashtard.backup.borg.remote_paths.1=borg1
 bashtard.backup.fs.paths.1=/etc
 bashtard.backup.fs.paths.2=/home/tyil
 bashtard.ssh.host=10.57.100.8
+k3s-master.helm.apps.ingress.chart=ingress-nginx
+k3s-master.helm.apps.ingress.namespace=ingress
+k3s-master.helm.apps.ingress.repo=ingress-nginx
+k3s-master.helm.apps.ingress.values=nginx/ivdea.yaml
 meta.provider=self
 vpn-tinc.ipv4=10.57.100.8
diff --git a/playbooks.d/k3s-master/description.txt b/playbooks.d/k3s-master/description.txt
new file mode 100644
index 0000000..bf1fbab
--- /dev/null
+++ b/playbooks.d/k3s-master/description.txt
@@ -0,0 +1 @@
+Playbook for a k3s node
diff --git a/playbooks.d/k3s-master/etc/defaults b/playbooks.d/k3s-master/etc/defaults
new file mode 100644
index 0000000..eab4aee
--- /dev/null
+++ b/playbooks.d/k3s-master/etc/defaults
@@ -0,0 +1,8 @@
+pkg.k3s=k3s
+pkg.helm=helm
+
+k3s.domain=cluster.local
+k3s.network.cidr.pods=172.19.0.0/16
+k3s.network.cidr.svcs=172.20.0.0/16
+k3s.network.service.dns=172.20.0.53
+k3s.flux.repo.branch=master
diff --git a/playbooks.d/k3s-master/etc/os.d/linux-gentoo b/playbooks.d/k3s-master/etc/os.d/linux-gentoo
new file mode 100644
index 0000000..4aaaabf
--- /dev/null
+++ b/playbooks.d/k3s-master/etc/os.d/linux-gentoo
@@ -0,0 +1,2 @@
+pkg.k3s=sys-cluster/k3s
+pkg.helm=app-admin/helm
diff --git a/playbooks.d/k3s-master/playbook.bash b/playbooks.d/k3s-master/playbook.bash
new file mode 100644
index 0000000..cc6cd29
--- /dev/null
+++ b/playbooks.d/k3s-master/playbook.bash
@@ -0,0 +1,65 @@
+#!/usr/bin/env bash
+
+playbook_add() {
+	# TODO: Install kubectl, helm!
+	info "$BASHTARD_PLAYBOOK" "Installing k3s"
+	curl -sfL https://get.k3s.io | sh -  # I hate this
+
+	notice "$BASHTARD_PLAYBOOK" "Creating data directories"
+	mkdir -pv -- "$(playbook_path "data")/manifests.d"
+	mkdir -pv -- "$(playbook_path "data")/helm.d"
+
+	notice "$BASHTARD_PLAYBOOK" "Waiting for node to become available"
+	{ grep -q -m 1 "${BASHTARD_PLATFORM[fqdn]}[[:space:]]\+Ready"; kill $!; } < <(k3s kubectl get node -w)
+
+	playbook_sync
+}
+
+playbook_sync() {
+	local data
+	local helm_cmd
+	local kubeconfig
+
+	data="$(playbook_path "data")"
+	kubeconfig="$(config "fs.etcdir")/rancher/k3s/k3s.yaml"
+
+	notice "$BASHTARD_PLAYBOOK/manifests" "Applying manifests.d"
+	kubectl --kubeconfig "$kubeconfig" apply --recursive --filename "$data/manifests.d"
+
+	notice "$BASHTARD_PLAYBOOK/helm" "Ensure all Helm repos exist"
+	while read -r repo
+	do
+		helm repo add "$repo" "$(config "$BASHTARD_PLAYBOOK.helm.repos.$repo.url")"
+	done < <(config_subkeys "$BASHTARD_PLAYBOOK.helm.repos")
+
+	notice "$BASHTARD_PLAYBOOK/helm" "Updating Helm repository contents"
+	helm repo update
+
+	notice "$BASHTARD_PLAYBOOK/helm" "Upgrading Helm charts"
+	while read -r app
+	do
+		helm_cmd=(
+			"helm" "upgrade"
+			"--install"
+			"--kubeconfig" "$kubeconfig"
+			"--timeout" "$(config "$BASHTARD_PLAYBOOK.helm.timeout" "30s")"
+			"--namespace" "$(config "$BASHTARD_PLAYBOOK.helm.apps.$app.namespace" "default")"
+		)
+
+		# Add values
+		helm_cmd+=("--values" "$data/helm.d/$(config "$BASHTARD_PLAYBOOK.helm.apps.$app.values")")
+
+		# Set which chart to upgrade
+		helm_cmd+=("$app")
+		helm_cmd+=("$(config "$BASHTARD_PLAYBOOK.helm.apps.$app.repo")/$(config "$BASHTARD_PLAYBOOK.helm.apps.$app.chart")")
+
+		notice "$BASHTARD_PLAYBOOK/helm/$app" "> ${helm_cmd[*]}"
+		${helm_cmd[@]}
+
+		unset helm_cmd
+	done < <(config_subkeys "$BASHTARD_PLAYBOOK.helm.apps")
+}
+
+playbook_del() {
+	/usr/local/bin/k3s-uninstall.sh
+}
diff --git a/registry.d/ivdea.tyil.net b/registry.d/ivdea.tyil.net
index c3910de..2e7ea04 100644
--- a/registry.d/ivdea.tyil.net
+++ b/registry.d/ivdea.tyil.net
@@ -1,3 +1,4 @@
+k3s-master
 ssh
 user-tyil
 vpn-tinc
-- 
cgit v1.1