230 lines
7.9 KiB
Bash
Executable File
230 lines
7.9 KiB
Bash
Executable File
#!/bin/bash
|
|
set -e
|
|
|
|
# =============================================================================
|
|
# k3s GitOps Bootstrap Script
|
|
# =============================================================================
|
|
# This script sets up Gitea + ArgoCD on the k3s cluster and configures
|
|
# GitOps with the App-of-Apps pattern.
|
|
#
|
|
# Prerequisites:
|
|
# - kubectl + kubeconfig access to the cluster
|
|
# - helm installed
|
|
# - git installed
|
|
# - DNS for *.mrt0rtikize.ru pointing to cluster nodes
|
|
# =============================================================================
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
|
|
REPO_DIR="$(dirname "$SCRIPT_DIR")"
|
|
KUBECONFIG="${REPO_DIR}/config"
|
|
KCTL="kubectl --kubeconfig ${KUBECONFIG}"
|
|
|
|
RED='\033[0;31m'
|
|
GREEN='\033[0;32m'
|
|
YELLOW='\033[1;33m'
|
|
NC='\033[0m'
|
|
|
|
echo -e "${GREEN}==============================================${NC}"
|
|
echo -e "${GREEN} k3s GitOps Bootstrap${NC}"
|
|
echo -e "${GREEN}==============================================${NC}"
|
|
echo ""
|
|
|
|
# -----------------------------------------------------------------------------
|
|
# Step 1: Deploy Gitea
|
|
# -----------------------------------------------------------------------------
|
|
echo -e "${YELLOW}[1/6] Deploying Gitea...${NC}"
|
|
|
|
${KCTL} apply -f "${REPO_DIR}/bootstrap/gitea/"
|
|
|
|
echo " Waiting for Gitea pod to be ready..."
|
|
${KCTL} wait --for=condition=ready pod -l app=gitea -n gitea --timeout=120s 2>/dev/null || {
|
|
echo -e "${RED} Gitea pod not ready after 120s. Checking status...${NC}"
|
|
${KCTL} get pod -n gitea
|
|
exit 1
|
|
}
|
|
|
|
echo -e "${GREEN} Gitea deployed!${NC}"
|
|
echo ""
|
|
|
|
# -----------------------------------------------------------------------------
|
|
# Step 2: Gitea initial setup (manual)
|
|
# -----------------------------------------------------------------------------
|
|
echo -e "${YELLOW}[2/6] Gitea setup${NC}"
|
|
echo ""
|
|
echo " Gitea is running. Please open the install page in your browser:"
|
|
echo ""
|
|
echo -e " ${GREEN}https://git.mrt0rtikize.ru/${NC}"
|
|
echo ""
|
|
echo " Complete the install wizard with these settings:"
|
|
echo " - Database: SQLite3"
|
|
echo " - Admin Username: gitea"
|
|
echo " - Admin Password: <choose a strong password>"
|
|
echo " - Confirm Password: <same>"
|
|
echo " - Admin Email: admin@mrt0rtikize.ru"
|
|
echo ""
|
|
echo " After install, create a repository named:"
|
|
echo ""
|
|
echo -e " ${GREEN}k3s-manifests${NC}"
|
|
echo ""
|
|
echo " Make it PUBLIC (so ArgoCD can read it without auth)."
|
|
echo ""
|
|
|
|
GITEA_PASSWORD=""
|
|
read -p " Gitea admin password (from install wizard): " GITEA_PASSWORD
|
|
|
|
if [ -z "$GITEA_PASSWORD" ]; then
|
|
echo -e "${RED} Password is required. Exiting.${NC}"
|
|
exit 1
|
|
fi
|
|
|
|
# Save password for later use
|
|
GITEA_EXTERNAL="https://git.mrt0rtikize.ru"
|
|
GITEA_INTERNAL="http://gitea.gitea.svc.cluster.local:3000"
|
|
GITEA_USER="gitea"
|
|
GITEA_REPO="k3s-manifests"
|
|
GITEA_REPO_URL="${GITEA_EXTERNAL}/${GITEA_USER}/${GITEA_REPO}.git"
|
|
GITEA_INTERNAL_REPO="${GITEA_INTERNAL}/${GITEA_USER}/${GITEA_REPO}.git"
|
|
|
|
echo ""
|
|
|
|
# -----------------------------------------------------------------------------
|
|
# Step 3: Initialize git repo and push manifests
|
|
# -----------------------------------------------------------------------------
|
|
echo -e "${YELLOW}[3/6] Initializing git repo...${NC}"
|
|
|
|
# Create .gitignore
|
|
cat > "${REPO_DIR}/.gitignore" << 'GITIGNORE'
|
|
# Sensitive files
|
|
config
|
|
GITIGNORE
|
|
|
|
cd "${REPO_DIR}"
|
|
|
|
if [ ! -d ".git" ]; then
|
|
git init
|
|
git checkout -b main
|
|
fi
|
|
|
|
git add .
|
|
git commit -m "Initial commit: k3s GitOps manifests" 2>/dev/null || {
|
|
echo " Nothing to commit (already up to date)"
|
|
}
|
|
|
|
echo " Pushing to Gitea..."
|
|
GIT_TERMINAL_PROMPT=0 git push -u "${GITEA_REPO_URL}" main 2>/dev/null || {
|
|
echo ""
|
|
echo -e " ${RED}Push failed.${NC} Did you create the '${GITEA_REPO}' repo in Gitea?"
|
|
echo " You can retry manually:"
|
|
echo " cd ${REPO_DIR}"
|
|
echo " git push -u ${GITEA_REPO_URL} main"
|
|
echo ""
|
|
read -p " Press Enter after pushing... " -r
|
|
}
|
|
|
|
echo -e "${GREEN} Manifests pushed to Gitea!${NC}"
|
|
echo ""
|
|
|
|
# -----------------------------------------------------------------------------
|
|
# Step 4: Install ArgoCD
|
|
# -----------------------------------------------------------------------------
|
|
echo -e "${YELLOW}[4/6] Installing ArgoCD...${NC}"
|
|
|
|
helm repo add argo https://argoproj.github.io/argo-helm 2>/dev/null || true
|
|
helm repo update
|
|
|
|
helm upgrade --install argocd argo/argo-cd \
|
|
--namespace argocd \
|
|
--create-namespace \
|
|
--set server.extraArgs[0]="--insecure" \
|
|
--set configs.params."server\.insecure"=true \
|
|
--set configs.cm.timeout.reconciliation=180s \
|
|
--wait \
|
|
--timeout 300s
|
|
|
|
ARGOCD_PASSWORD=$(${KCTL} -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" 2>/dev/null | base64 -d)
|
|
|
|
echo -e "${GREEN} ArgoCD installed!${NC}"
|
|
echo ""
|
|
echo " ArgoCD UI (port-forward):"
|
|
echo " kubectl --kubeconfig ${KUBECONFIG} port-forward svc/argocd-server -n argocd 8080:80"
|
|
echo " Username: admin"
|
|
echo ""
|
|
if [ -n "$ARGOCD_PASSWORD" ]; then
|
|
echo " Password: ${ARGOCD_PASSWORD}"
|
|
fi
|
|
echo ""
|
|
|
|
# -----------------------------------------------------------------------------
|
|
# Step 5: Configure ArgoCD → Gitea connection
|
|
# -----------------------------------------------------------------------------
|
|
echo -e "${YELLOW}[5/6] Configuring ArgoCD → Gitea connection...${NC}"
|
|
|
|
# Add Gitea as a repository in ArgoCD
|
|
# Using argocd CLI if available, otherwise using creds + secret
|
|
if command -v argocd &> /dev/null; then
|
|
echo " Using argocd CLI..."
|
|
ARGOCD_SERVER="localhost:8080"
|
|
echo " Please port-forward ArgoCD in another terminal:"
|
|
echo " kubectl --kubeconfig ${KUBECONFIG} port-forward svc/argocd-server -n argocd 8080:80"
|
|
echo ""
|
|
read -p " Press Enter when ready..." -r
|
|
|
|
argocd login "${ARGOCD_SERVER}" --username admin --password "${ARGOCD_PASSWORD}" --insecure
|
|
argocd repo add "${GITEA_INTERNAL_REPO}" --name gitea-k3s --type git
|
|
else
|
|
# Fallback: create repository secret manually
|
|
echo " Creating repository secret manually..."
|
|
${KCTL} -n argocd create secret generic gitea-k3s-repo \
|
|
--from-literal=url="${GITEA_INTERNAL_REPO}" \
|
|
--from-literal=type=git \
|
|
--from-literal=name=gitea-k3s \
|
|
--dry-run=client -o yaml | \
|
|
sed 's/name: gitea-k3s-repo/name: gitea-k3s-repo\n labels:\n argocd.argoproj.io\/secret-type: repository/' | \
|
|
${KCTL} apply -f - 2>/dev/null
|
|
|
|
# For a public repo, ArgoCD can access it without credentials
|
|
# If the repo is private, uncomment and configure:
|
|
# ${KCTL} -n argocd create secret generic gitea-k3s-repo \
|
|
# --from-literal=url="${GITEA_INTERNAL_REPO}" \
|
|
# --from-literal=type=git \
|
|
# --from-literal=name=gitea-k3s \
|
|
# --from-literal=username="${GITEA_USER}" \
|
|
# --from-literal=password="${GITEA_PASSWORD}" \
|
|
# --dry-run=client -o yaml | \
|
|
# sed 's/name: gitea-k3s-repo/name: gitea-k3s-repo\n labels:\n argocd.argoproj.io\/secret-type: repository/' | \
|
|
# ${KCTL} apply -f -
|
|
fi
|
|
|
|
echo -e "${GREEN} Repository configured!${NC}"
|
|
echo ""
|
|
|
|
# -----------------------------------------------------------------------------
|
|
# Step 6: Apply the root app
|
|
# -----------------------------------------------------------------------------
|
|
echo -e "${YELLOW}[6/6] Applying root App-of-Apps...${NC}"
|
|
|
|
${KCTL} apply -f "${REPO_DIR}/argocd/app-of-apps.yaml"
|
|
|
|
echo ""
|
|
echo -e "${GREEN}==============================================${NC}"
|
|
echo -e "${GREEN} Bootstrap Complete!${NC}"
|
|
echo -e "${GREEN}==============================================${NC}"
|
|
echo ""
|
|
echo " Root app created. ArgoCD will now sync all child apps:"
|
|
echo ""
|
|
echo " - cert-manager"
|
|
echo " - metallb"
|
|
echo " - longhorn"
|
|
echo " - metrics (prometheus + victoria-metrics)"
|
|
echo " - llama"
|
|
echo " - sillytavern"
|
|
echo ""
|
|
echo " Monitor progress:"
|
|
echo " kubectl --kubeconfig ${KUBECONFIG} port-forward svc/argocd-server -n argocd 8080:80"
|
|
echo " Open http://localhost:8080"
|
|
echo " Login: admin / ${ARGOCD_PASSWORD}"
|
|
echo ""
|
|
echo " Check sync status:"
|
|
echo " kubectl --kubeconfig ${KUBECONFIG} get applications -n argocd"
|
|
echo ""
|