#!/bin/bash set -e # ============================================================================= # k3s GitOps Bootstrap Script # ============================================================================= # This script sets up Gitea + ArgoCD on the k3s cluster and configures # GitOps with the App-of-Apps pattern. # # Prerequisites: # - kubectl + kubeconfig access to the cluster # - helm installed # - git installed # - DNS for *.mrt0rtikize.ru pointing to cluster nodes # ============================================================================= SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)" REPO_DIR="$(dirname "$SCRIPT_DIR")" KUBECONFIG="${REPO_DIR}/config" KCTL="kubectl --kubeconfig ${KUBECONFIG}" RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' NC='\033[0m' echo -e "${GREEN}==============================================${NC}" echo -e "${GREEN} k3s GitOps Bootstrap${NC}" echo -e "${GREEN}==============================================${NC}" echo "" # ----------------------------------------------------------------------------- # Step 1: Deploy Gitea # ----------------------------------------------------------------------------- echo -e "${YELLOW}[1/6] Deploying Gitea...${NC}" ${KCTL} apply -f "${REPO_DIR}/bootstrap/gitea/" echo " Waiting for Gitea pod to be ready..." ${KCTL} wait --for=condition=ready pod -l app=gitea -n gitea --timeout=120s 2>/dev/null || { echo -e "${RED} Gitea pod not ready after 120s. Checking status...${NC}" ${KCTL} get pod -n gitea exit 1 } echo -e "${GREEN} Gitea deployed!${NC}" echo "" # ----------------------------------------------------------------------------- # Step 2: Gitea initial setup (manual) # ----------------------------------------------------------------------------- echo -e "${YELLOW}[2/6] Gitea setup${NC}" echo "" echo " Gitea is running. Please open the install page in your browser:" echo "" echo -e " ${GREEN}https://git.mrt0rtikize.ru/${NC}" echo "" echo " Complete the install wizard with these settings:" echo " - Database: SQLite3" echo " - Admin Username: gitea" echo " - Admin Password: " echo " - Confirm Password: " echo " - Admin Email: admin@mrt0rtikize.ru" echo "" echo " After install, create a repository named:" echo "" echo -e " ${GREEN}k3s-manifests${NC}" echo "" echo " Make it PUBLIC (so ArgoCD can read it without auth)." echo "" GITEA_PASSWORD="" read -p " Gitea admin password (from install wizard): " GITEA_PASSWORD if [ -z "$GITEA_PASSWORD" ]; then echo -e "${RED} Password is required. Exiting.${NC}" exit 1 fi # Save password for later use GITEA_EXTERNAL="https://git.mrt0rtikize.ru" GITEA_INTERNAL="http://gitea.gitea.svc.cluster.local:3000" GITEA_USER="gitea" GITEA_REPO="k3s-manifests" GITEA_REPO_URL="${GITEA_EXTERNAL}/${GITEA_USER}/${GITEA_REPO}.git" GITEA_INTERNAL_REPO="${GITEA_INTERNAL}/${GITEA_USER}/${GITEA_REPO}.git" echo "" # ----------------------------------------------------------------------------- # Step 3: Initialize git repo and push manifests # ----------------------------------------------------------------------------- echo -e "${YELLOW}[3/6] Initializing git repo...${NC}" # Create .gitignore cat > "${REPO_DIR}/.gitignore" << 'GITIGNORE' # Sensitive files config GITIGNORE cd "${REPO_DIR}" if [ ! -d ".git" ]; then git init git checkout -b main fi git add . git commit -m "Initial commit: k3s GitOps manifests" 2>/dev/null || { echo " Nothing to commit (already up to date)" } echo " Pushing to Gitea..." GIT_TERMINAL_PROMPT=0 git push -u "${GITEA_REPO_URL}" main 2>/dev/null || { echo "" echo -e " ${RED}Push failed.${NC} Did you create the '${GITEA_REPO}' repo in Gitea?" echo " You can retry manually:" echo " cd ${REPO_DIR}" echo " git push -u ${GITEA_REPO_URL} main" echo "" read -p " Press Enter after pushing... " -r } echo -e "${GREEN} Manifests pushed to Gitea!${NC}" echo "" # ----------------------------------------------------------------------------- # Step 4: Install ArgoCD # ----------------------------------------------------------------------------- echo -e "${YELLOW}[4/6] Installing ArgoCD...${NC}" helm repo add argo https://argoproj.github.io/argo-helm 2>/dev/null || true helm repo update helm upgrade --install argocd argo/argo-cd \ --namespace argocd \ --create-namespace \ --set server.extraArgs[0]="--insecure" \ --set configs.params."server\.insecure"=true \ --set configs.cm.timeout.reconciliation=180s \ --wait \ --timeout 300s ARGOCD_PASSWORD=$(${KCTL} -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" 2>/dev/null | base64 -d) echo -e "${GREEN} ArgoCD installed!${NC}" echo "" echo " ArgoCD UI (port-forward):" echo " kubectl --kubeconfig ${KUBECONFIG} port-forward svc/argocd-server -n argocd 8080:80" echo " Username: admin" echo "" if [ -n "$ARGOCD_PASSWORD" ]; then echo " Password: ${ARGOCD_PASSWORD}" fi echo "" # ----------------------------------------------------------------------------- # Step 5: Configure ArgoCD → Gitea connection # ----------------------------------------------------------------------------- echo -e "${YELLOW}[5/6] Configuring ArgoCD → Gitea connection...${NC}" # Add Gitea as a repository in ArgoCD # Using argocd CLI if available, otherwise using creds + secret if command -v argocd &> /dev/null; then echo " Using argocd CLI..." ARGOCD_SERVER="localhost:8080" echo " Please port-forward ArgoCD in another terminal:" echo " kubectl --kubeconfig ${KUBECONFIG} port-forward svc/argocd-server -n argocd 8080:80" echo "" read -p " Press Enter when ready..." -r argocd login "${ARGOCD_SERVER}" --username admin --password "${ARGOCD_PASSWORD}" --insecure argocd repo add "${GITEA_INTERNAL_REPO}" --name gitea-k3s --type git else # Fallback: create repository secret manually echo " Creating repository secret manually..." ${KCTL} -n argocd create secret generic gitea-k3s-repo \ --from-literal=url="${GITEA_INTERNAL_REPO}" \ --from-literal=type=git \ --from-literal=name=gitea-k3s \ --dry-run=client -o yaml | \ sed 's/name: gitea-k3s-repo/name: gitea-k3s-repo\n labels:\n argocd.argoproj.io\/secret-type: repository/' | \ ${KCTL} apply -f - 2>/dev/null # For a public repo, ArgoCD can access it without credentials # If the repo is private, uncomment and configure: # ${KCTL} -n argocd create secret generic gitea-k3s-repo \ # --from-literal=url="${GITEA_INTERNAL_REPO}" \ # --from-literal=type=git \ # --from-literal=name=gitea-k3s \ # --from-literal=username="${GITEA_USER}" \ # --from-literal=password="${GITEA_PASSWORD}" \ # --dry-run=client -o yaml | \ # sed 's/name: gitea-k3s-repo/name: gitea-k3s-repo\n labels:\n argocd.argoproj.io\/secret-type: repository/' | \ # ${KCTL} apply -f - fi echo -e "${GREEN} Repository configured!${NC}" echo "" # ----------------------------------------------------------------------------- # Step 6: Apply the root app # ----------------------------------------------------------------------------- echo -e "${YELLOW}[6/6] Applying root App-of-Apps...${NC}" ${KCTL} apply -f "${REPO_DIR}/argocd/app-of-apps.yaml" echo "" echo -e "${GREEN}==============================================${NC}" echo -e "${GREEN} Bootstrap Complete!${NC}" echo -e "${GREEN}==============================================${NC}" echo "" echo " Root app created. ArgoCD will now sync all child apps:" echo "" echo " - cert-manager" echo " - metallb" echo " - longhorn" echo " - metrics (prometheus + victoria-metrics)" echo " - llama" echo " - sillytavern" echo "" echo " Monitor progress:" echo " kubectl --kubeconfig ${KUBECONFIG} port-forward svc/argocd-server -n argocd 8080:80" echo " Open http://localhost:8080" echo " Login: admin / ${ARGOCD_PASSWORD}" echo "" echo " Check sync status:" echo " kubectl --kubeconfig ${KUBECONFIG} get applications -n argocd" echo ""