chore: cleanup

2026-01-27 10:18:27 +00:00 · 2023-11-29 12:33:58 +08:00
parent 16b9fe1f12
commit c3f8d375e1
8 changed files with 194 additions and 14 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -7,7 +7,9 @@ talosconfig
 clusterconfig/
 **/clusterconfig
 **/clusterconfig/*
+**/charts/cilium/*
 **/cilium*/app/bootstrap-install/charts/*
+**/cilium*/app/bootstrap-install/base-values.yaml
 .pem
 .key
 .pub
--- a/.taskfiles/k8s/Taskfile.dist.yaml
+++ b/.taskfiles/k8s/Taskfile.dist.yaml
@@ -94,24 +94,30 @@ tasks:
      - kubectl delete configmap -n kube-system cilium-config || true
      - kubectl delete daemonset -n kube-system cilium || true
      - kubectl delete deployment -n kube-system cilium-operator || true
-      - cp /{{.ROOT_DIR}}/kube/deploy/core/_networking/cilium/clusters/{{.C}}/helm-values.yaml /{{.ROOT_DIR}}/kube/deploy/core/_networking/cilium/app/bootstrap-install/base-values.yaml
+      #- cp /{{.ROOT_DIR}}/kube/deploy/core/_networking/cilium/clusters/{{.C}}/helm-values.yaml /{{.ROOT_DIR}}/kube/deploy/core/_networking/cilium/app/bootstrap-install/base-values.yaml
      - task: sops-apply
        vars:
          C: '{{.C | default "admin@biohazard"}}'
-          F: "/{{.ROOT_DIR}}/kube/deploy/core/_networking/cilium/app/bootstrap-install"
+          F: "/{{.ROOT_DIR}}/kube/deploy/core/_networking/cilium/clusters/{{.C}}/"
          FCMD: "kustomize build --enable-helm"
-      - defer: rm -rf /{{.ROOT_DIR}}/kube/deploy/core/_networking/cilium/app/bootstrap-install/base-values.yaml
+      #- defer: rm -rf /{{.ROOT_DIR}}/kube/deploy/core/_networking/cilium/app/bootstrap-install/base-values.yaml

  newapp:
    desc: Copy app folder structure template, substitute APPNAME, and (TODO) prompt user for variables values such as DNS, UID etc.
    vars:
      APP: &app-fail '{{ or .APP (fail "Missing `app` variable!") }}'
    cmds:
-      - cp -r ./kube/templates/test ./kube/deploy/apps/{{.app}}
+      - cp -r ./kube/templates/test ./kube/deploy/apps/{{.APP}}
      # lowercase, used for resource names etc
-      - grep -lR 'APPNAME' ./kube/deploy/apps/{{.app}}/ | xargs -I% sed -i 's/${APPNAME}/{{.app}}/g' %
+      - grep -lR 'APPNAME' ./kube/deploy/apps/{{.APP}}/ | xargs -I% sed -i 's/${APPNAME}/{{.APP}}/g' %
      # uppercase, for variable substitution references e.g. ${APP_DNS_AUTHENTIK}
-      - grep -lR 'APPNAME' ./kube/deploy/apps/{{.app}}/ | xargs -I% sed -i 's/_APPNAME}/_{{.app}}}/g;s/\(_{{.app}}}\)/\U\1/g' %
+      - grep -lR 'APPNAME' ./kube/deploy/apps/{{.APP}}/ | xargs -I% sed -i 's/_APPNAME}/_{{.APP}}}/g;s/\(_{{.APP}}}\)/\U\1/g' %
+
+  shortnames:
+    desc: List all installed CRDs and their short names.
+    cmds:
+      - |-
+        kubectl get crds -o jsonpath='{range .items[*]}{.spec.names.kind}: {.spec.names.shortNames}{"\n"}{end}'

  iperf2:
    desc: Start a iperf2 server on one node, and iperf2 client on another node, to benchmark network performance.
--- a/.vscode/extensions.json
+++ b/.vscode/extensions.json
@@ -0,0 +1,28 @@
+{
+    "recommendations": [
+        "2gua.rainbow-brackets",
+        "albert.TabOut",
+        "bierner.markdown-preview-github-styles",
+        "christian-kohler.path-intellisense",
+        "codezombiech.gitignore",
+        "donjayamanne.githistory",
+        "enkia.tokyo-night",
+        "formulahendry.auto-close-tag",
+        "formulahendry.auto-rename-tag",
+        "GitHub.vscode-pull-request-github",
+        "golang.go",
+        "ms-kubernetes-tools.vscode-kubernetes-tools",
+        "ms-vsliveshare.vsliveshare",
+        "oderwat.indent-rainbow",
+        "redhat.fabric8-analytics",
+        "redhat.vscode-xml",
+        "redhat.vscode-yaml",
+        "streetsidesoftware.code-spell-checker",
+        "VisualStudioExptTeam.intellicode-api-usage-examples",
+        "VisualStudioExptTeam.vscodeintellicode",
+        "waderyan.gitblame",
+        "weaveworks.vscode-gitops-tools",
+        "wraith13.zoombar-vscode",
+        "zh9528.file-size",
+    ]
+}
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -1,9 +1,118 @@
 {
-    "yaml.schemas": {
-        "https://raw.githubusercontent.com/JJGadgets/flux2-schemas/main/kustomization-kustomize-v1beta2.json": ["kustomization.yaml", "kustomization.yml", "*-fKt.yaml", "*-fKt.yml"],
-        "https://raw.githubusercontent.com/JJGadgets/flux2-schemas/main/helmrelease-helm-v2beta1.json": ["helm-release.yaml", "helm-release.yml", "*-fHr.yaml", "*-fHr.yml"],
-        "https://raw.githubusercontent.com/JJGadgets/flux2-schemas/main/helmrepository-helm-v1beta2.json": ["charts/*", "charts/*/*", "*-charts.yaml", "*-charts.yml"],
+  "yaml.schemas": {
+    "https://raw.githubusercontent.com/JJGadgets/flux2-schemas/main/kustomization-kustomize-v1.json": [
+      "kube/**/ks.yaml",
+      "kube/**/ks.yml",
+      "kube/**/*crd*.yaml",
+      "kube/**/*crd*.yml"
+    ],
+    "https://raw.githubusercontent.com/JJGadgets/flux2-schemas/main/helmrelease-helm-v2beta1.json": [
+      "kube/**/helm-release.yaml",
+      "kube/**/helm-release.yml",
+      "kube/**/hr.yaml",
+      "kube/**/hr.yml"
+    ],
+    "https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/kyverno.io/clusterpolicy_v1.json": "file:///home/jj-void/GitRepos/JJGadgets/Biohazard/kube/deploy/core/flux-system/misc/kyverno.yaml",
+    "kubernetes://schema/postgres-operator.crunchydata.com/v1beta1@postgrescluster": [
+      "file:///home/jj-void/GitRepos/JJGadgets/Biohazard/kube/deploy/core/db/pg/clusters/default/crunchydata.yaml",
+      "file:///home/jj-void/GitRepos/JJGadgets/Biohazard/kube/deploy/core/db/pg/clusters/template/crunchy.yaml",
+      "file:///home/jj-void/GitRepos/JJGadgets/Biohazard/kube/deploy/core/db/pg/clusters/default/crunchy.yaml"
+    ]
+  },
+  "git.autofetch": false,
+  "git.autoStash": true,
+  "editor.mouseWheelZoom": false,
+  "files.autoSave": "afterDelay",
+  "editor.formatOnSave": true,
+  "editor.bracketPairColorization.enabled": true,
+  "editor.bracketPairColorization.independentColorPoolPerBracketType": true,
+  "editor.guides.bracketPairs": true,
+  "editor.matchBrackets": "always",
+  "editor.autoClosingDelete": "auto",
+  "editor.autoClosingOvertype": "auto",
+  "editor.autoSurround": "quotes",
+  "terminal.integrated.enableMultiLinePasteWarning": true,
+  "editor.autoClosingBrackets": "languageDefined",
+  "editor.guides.bracketPairsHorizontal": "active",
+  "editor.fontFamily": "'Iosevka NF', 'monospace', monospace",
+  "editor.fontLigatures": true,
+  "git.alwaysShowStagedChangesResourceGroup": false,
+  "git.autofetchPeriod": 10,
+  "git.autorefresh": true,
+  "git.autoRepositoryDetection": true,
+  "git.branchProtectionPrompt": "alwaysPrompt",
+  "git.countBadge": "all",
+  "git.enableCommitSigning": true,
+  "git.inputValidation": "warn",
+  "git.mergeEditor": true,
+  "git.terminalGitEditor": true,
+  "git.terminalAuthentication": true,
+  "git.supportCancellation": true,
+  "git.showPushSuccessNotification": true,
+  "git.showProgress": true,
+  "git.showInlineOpenFileAction": true,
+  "git.untrackedChanges": "mixed",
+  "terminal.integrated.confirmOnKill": "always",
+  "search.useParentIgnoreFiles": true,
+  "editor.fontSize": 12,
+  "zoombar.defaultZoom": 100,
+  "gitblame.inlineMessageEnabled": true,
+  "scm.diffDecorationsGutterPattern": {
+    "added": true
+  },
+  "githubPullRequests.quickDiff": true,
+  "better-comments.highlightPlainText": true,
+  "todo-tree.ripgrep.ripgrep": "/usr/bin/rg",
+  "terminal.integrated.cursorStyle": "line",
+  "terminal.integrated.enableFileLinks": "notRemote",
+  "terminal.integrated.fontSize": 12,
+  "terminal.integrated.smoothScrolling": true,
+  "editor.minimap.showSlider": "always",
+  "editor.minimap.size": "fill",
+  "terminal.integrated.env.linux": {
+    "EDITOR": "code-oss",
+    "VISUAL": "code-oss"
+  },
+  "terminal.integrated.sendKeybindingsToShell": true,
+  "terminal.integrated.allowChords": false,
+  "hungryDelete.enableSmartBackspace": true,
+  "hungryDelete.languageConfigurations": [
+    {
+      "languageId": "go",
+      "indentationRules": {
+        "increaseIndentPattern": "^.*(\\bcase\\b.*:|\\bdefault\\b:|(\\b(func|if|else|switch|select|for|struct)\\b.*)?{[^}\"'`]*|\\([^)\"'`]*)$",
+        "decreaseIndentPattern": "^\\s*(\\bcase\\b.*:|\\bdefault\\b:|}[)}]*[),]?|\\)[,]?)$"
+      }
    },
-    "git.autofetch": "all",
-    "git.autoStash": true
-}
+    {
+      "languageId": "json",
+      "indentationRules": {
+        "increaseIndentPattern": "^.*(\\{[^}]*|\\[[^\\]]*)$",
+        "decreaseIndentPattern": "^\\s*[}\\]],?\\s*$"
+      }
+    },
+    {
+      "languageId": "less",
+      "indentationRules": {
+        "increaseIndentPattern": "(^.*\\{[^}]*$)",
+        "decreaseIndentPattern": "^\\s*\\}"
+      }
+    },
+    {
+      "languageId": "yaml",
+      "indentationRules": {
+        "increaseIndentPattern": "^\\s*.*(:|-) ?(&amp;\\w+)?(\\{[^}\"']*|\\([^)\"']*)?$",
+        "decreaseIndentPattern": "^\\s+\\}$"
+      }
+    }
+  ],
+  "editor.lineNumbers": "relative",
+  "zenMode.hideLineNumbers": false,
+  "git.enableSmartCommit": false,
+  "editor.multiCursorModifier": "ctrlCmd",
+  "terminal.integrated.tabs.focusMode": "singleClick",
+  // "editor.tokenColorCustomizations": {
+  //   "comments": "",
+  //   "textMateRules": []
+  // }
+}
--- a/Taskfile.dist.yaml
+++ b/Taskfile.dist.yaml
@@ -92,7 +92,7 @@ tasks:
      KUBECONFIGSOPS: '{{ .KUBECONFIG | default "~/.kube/config.sops.yaml" }}'
      KCMD:
        sh: |-
-          [[ -n "{{.KUBECTL_CMD}}" ]] && echo "{{.KUBECTL_CMD}}" || [[ -n $(command -v kubecolor) ]] && command -v kubecolor && exit || [[ -n $(command -v kubectl) ]] && command -v kubectl && exit || exit 1
+          [[ -n "{{.KCMD}}" ]] && echo "{{.KCMD}}" || [[ -n $(command -v kubecolor) ]] && command -v kubecolor && exit || [[ -n $(command -v kubectl) ]] && command -v kubectl && exit || exit 1
      KUBETMPDIR:
        sh: "mktemp -d"
      KUBECONFIG: "{{.KUBETMPDIR}}/decrypted.yaml"
--- a/archive/kube/deploy/core/_networking/cilium/app/bootstrap-install/install.sh
+++ b/archive/kube/deploy/core/_networking/cilium/app/bootstrap-install/install.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+## one of these days, I'll learn and switch to Taskfiles
+set -euo pipefail
+GITROOT=$(git rev-parse --show-toplevel)
+source <(sops -d $1 | yq .data | sed -re 's/^/export /g' | sed -e 's/: /="/g' | sed -re 's/$/"/g')
+kustomize build $2 --enable-helm | envsubst
--- a/archive/kube/deploy/core/_networking/cilium/app/bootstrap-install/kustomization.yaml
+++ b/archive/kube/deploy/core/_networking/cilium/app/bootstrap-install/kustomization.yaml
@@ -0,0 +1,28 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+helmCharts:
+  - name: cilium
+    repo: https://helm.cilium.io/
+    # version: 1.14.2
+    version: 1.13.4
+    releaseName: cilium
+    namespace: kube-system
+    valuesFile: base-values.yaml
+    # valuesMerge: override
+    # valuesInline:
+    #   hubble:
+    #     enabled: false
+    #     relay:
+    #       enabled: false
+    #     ui:
+    #       enabled: false
+    #     tls:
+    #       enabled: false
+    #       auto:
+    #         enabled: false
+commonAnnotations:
+  meta.helm.sh/release-name: cilium
+  meta.helm.sh/release-namespace: kube-system
+commonLabels:
+  app.kubernetes.io/managed-by: Helm
--- a/kube/deploy/apps/whoogle/app/netpol.yaml
+++ b/kube/deploy/apps/whoogle/app/netpol.yaml
@@ -35,6 +35,7 @@ spec:
        - world
      toPorts:
        - ports:
+            - port: "80"
            - port: "443"
    # allow querying $IP_HOME_DNS
    - toCIDRSet: