Files
k3s-manifests/bootstrap.sh

230 lines
7.9 KiB
Bash
Executable File

#!/bin/bash
set -e
# =============================================================================
# k3s GitOps Bootstrap Script
# =============================================================================
# This script sets up Gitea + ArgoCD on the k3s cluster and configures
# GitOps with the App-of-Apps pattern.
#
# Prerequisites:
# - kubectl + kubeconfig access to the cluster
# - helm installed
# - git installed
# - DNS for *.mrt0rtikize.ru pointing to cluster nodes
# =============================================================================
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
REPO_DIR="$(dirname "$SCRIPT_DIR")"
KUBECONFIG="${REPO_DIR}/config"
KCTL="kubectl --kubeconfig ${KUBECONFIG}"
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m'
echo -e "${GREEN}==============================================${NC}"
echo -e "${GREEN} k3s GitOps Bootstrap${NC}"
echo -e "${GREEN}==============================================${NC}"
echo ""
# -----------------------------------------------------------------------------
# Step 1: Deploy Gitea
# -----------------------------------------------------------------------------
echo -e "${YELLOW}[1/6] Deploying Gitea...${NC}"
${KCTL} apply -f "${REPO_DIR}/bootstrap/gitea/"
echo " Waiting for Gitea pod to be ready..."
${KCTL} wait --for=condition=ready pod -l app=gitea -n gitea --timeout=120s 2>/dev/null || {
echo -e "${RED} Gitea pod not ready after 120s. Checking status...${NC}"
${KCTL} get pod -n gitea
exit 1
}
echo -e "${GREEN} Gitea deployed!${NC}"
echo ""
# -----------------------------------------------------------------------------
# Step 2: Gitea initial setup (manual)
# -----------------------------------------------------------------------------
echo -e "${YELLOW}[2/6] Gitea setup${NC}"
echo ""
echo " Gitea is running. Please open the install page in your browser:"
echo ""
echo -e " ${GREEN}https://git.mrt0rtikize.ru/${NC}"
echo ""
echo " Complete the install wizard with these settings:"
echo " - Database: SQLite3"
echo " - Admin Username: gitea"
echo " - Admin Password: <choose a strong password>"
echo " - Confirm Password: <same>"
echo " - Admin Email: admin@mrt0rtikize.ru"
echo ""
echo " After install, create a repository named:"
echo ""
echo -e " ${GREEN}k3s-manifests${NC}"
echo ""
echo " Make it PUBLIC (so ArgoCD can read it without auth)."
echo ""
GITEA_PASSWORD=""
read -p " Gitea admin password (from install wizard): " GITEA_PASSWORD
if [ -z "$GITEA_PASSWORD" ]; then
echo -e "${RED} Password is required. Exiting.${NC}"
exit 1
fi
# Save password for later use
GITEA_EXTERNAL="https://git.mrt0rtikize.ru"
GITEA_INTERNAL="http://gitea.gitea.svc.cluster.local:3000"
GITEA_USER="gitea"
GITEA_REPO="k3s-manifests"
GITEA_REPO_URL="${GITEA_EXTERNAL}/${GITEA_USER}/${GITEA_REPO}.git"
GITEA_INTERNAL_REPO="${GITEA_INTERNAL}/${GITEA_USER}/${GITEA_REPO}.git"
echo ""
# -----------------------------------------------------------------------------
# Step 3: Initialize git repo and push manifests
# -----------------------------------------------------------------------------
echo -e "${YELLOW}[3/6] Initializing git repo...${NC}"
# Create .gitignore
cat > "${REPO_DIR}/.gitignore" << 'GITIGNORE'
# Sensitive files
config
GITIGNORE
cd "${REPO_DIR}"
if [ ! -d ".git" ]; then
git init
git checkout -b main
fi
git add .
git commit -m "Initial commit: k3s GitOps manifests" 2>/dev/null || {
echo " Nothing to commit (already up to date)"
}
echo " Pushing to Gitea..."
GIT_TERMINAL_PROMPT=0 git push -u "${GITEA_REPO_URL}" main 2>/dev/null || {
echo ""
echo -e " ${RED}Push failed.${NC} Did you create the '${GITEA_REPO}' repo in Gitea?"
echo " You can retry manually:"
echo " cd ${REPO_DIR}"
echo " git push -u ${GITEA_REPO_URL} main"
echo ""
read -p " Press Enter after pushing... " -r
}
echo -e "${GREEN} Manifests pushed to Gitea!${NC}"
echo ""
# -----------------------------------------------------------------------------
# Step 4: Install ArgoCD
# -----------------------------------------------------------------------------
echo -e "${YELLOW}[4/6] Installing ArgoCD...${NC}"
helm repo add argo https://argoproj.github.io/argo-helm 2>/dev/null || true
helm repo update
helm upgrade --install argocd argo/argo-cd \
--namespace argocd \
--create-namespace \
--set server.extraArgs[0]="--insecure" \
--set configs.params."server\.insecure"=true \
--set configs.cm.timeout.reconciliation=180s \
--wait \
--timeout 300s
ARGOCD_PASSWORD=$(${KCTL} -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" 2>/dev/null | base64 -d)
echo -e "${GREEN} ArgoCD installed!${NC}"
echo ""
echo " ArgoCD UI (port-forward):"
echo " kubectl --kubeconfig ${KUBECONFIG} port-forward svc/argocd-server -n argocd 8080:80"
echo " Username: admin"
echo ""
if [ -n "$ARGOCD_PASSWORD" ]; then
echo " Password: ${ARGOCD_PASSWORD}"
fi
echo ""
# -----------------------------------------------------------------------------
# Step 5: Configure ArgoCD → Gitea connection
# -----------------------------------------------------------------------------
echo -e "${YELLOW}[5/6] Configuring ArgoCD → Gitea connection...${NC}"
# Add Gitea as a repository in ArgoCD
# Using argocd CLI if available, otherwise using creds + secret
if command -v argocd &> /dev/null; then
echo " Using argocd CLI..."
ARGOCD_SERVER="localhost:8080"
echo " Please port-forward ArgoCD in another terminal:"
echo " kubectl --kubeconfig ${KUBECONFIG} port-forward svc/argocd-server -n argocd 8080:80"
echo ""
read -p " Press Enter when ready..." -r
argocd login "${ARGOCD_SERVER}" --username admin --password "${ARGOCD_PASSWORD}" --insecure
argocd repo add "${GITEA_INTERNAL_REPO}" --name gitea-k3s --type git
else
# Fallback: create repository secret manually
echo " Creating repository secret manually..."
${KCTL} -n argocd create secret generic gitea-k3s-repo \
--from-literal=url="${GITEA_INTERNAL_REPO}" \
--from-literal=type=git \
--from-literal=name=gitea-k3s \
--dry-run=client -o yaml | \
sed 's/name: gitea-k3s-repo/name: gitea-k3s-repo\n labels:\n argocd.argoproj.io\/secret-type: repository/' | \
${KCTL} apply -f - 2>/dev/null
# For a public repo, ArgoCD can access it without credentials
# If the repo is private, uncomment and configure:
# ${KCTL} -n argocd create secret generic gitea-k3s-repo \
# --from-literal=url="${GITEA_INTERNAL_REPO}" \
# --from-literal=type=git \
# --from-literal=name=gitea-k3s \
# --from-literal=username="${GITEA_USER}" \
# --from-literal=password="${GITEA_PASSWORD}" \
# --dry-run=client -o yaml | \
# sed 's/name: gitea-k3s-repo/name: gitea-k3s-repo\n labels:\n argocd.argoproj.io\/secret-type: repository/' | \
# ${KCTL} apply -f -
fi
echo -e "${GREEN} Repository configured!${NC}"
echo ""
# -----------------------------------------------------------------------------
# Step 6: Apply the root app
# -----------------------------------------------------------------------------
echo -e "${YELLOW}[6/6] Applying root App-of-Apps...${NC}"
${KCTL} apply -f "${REPO_DIR}/argocd/app-of-apps.yaml"
echo ""
echo -e "${GREEN}==============================================${NC}"
echo -e "${GREEN} Bootstrap Complete!${NC}"
echo -e "${GREEN}==============================================${NC}"
echo ""
echo " Root app created. ArgoCD will now sync all child apps:"
echo ""
echo " - cert-manager"
echo " - metallb"
echo " - longhorn"
echo " - metrics (prometheus + victoria-metrics)"
echo " - llama"
echo " - sillytavern"
echo ""
echo " Monitor progress:"
echo " kubectl --kubeconfig ${KUBECONFIG} port-forward svc/argocd-server -n argocd 8080:80"
echo " Open http://localhost:8080"
echo " Login: admin / ${ARGOCD_PASSWORD}"
echo ""
echo " Check sync status:"
echo " kubectl --kubeconfig ${KUBECONFIG} get applications -n argocd"
echo ""