mass update and migrate to networking.k8s.io/v1 api
This commit is contained in:
parent
6db00394ad
commit
3d09476cce
46
contrib/networking-api-fix.sh
Executable file
46
contrib/networking-api-fix.sh
Executable file
@ -0,0 +1,46 @@
|
||||
#!/bin/bash
|
||||
|
||||
while getopts n:r:c: flag
|
||||
do
|
||||
case "${flag}" in
|
||||
n) namespace=${OPTARG};;
|
||||
r) release=${OPTARG};;
|
||||
esac
|
||||
done
|
||||
|
||||
if [ -z ${release+x} ] || [ -z ${namespace+x} ]; then echo "namespace and release must be defined"; exit 0; fi
|
||||
|
||||
echo "Get release object"
|
||||
releaseObject=$(kubectl get secret -l owner=helm,status=deployed,name=$release --namespace $namespace | awk '{print $1}' | grep -v NAME)
|
||||
|
||||
echo "Export secret to $release.release.yaml"
|
||||
kubectl get secret $releaseObject -n $namespace -o yaml > $release.release.yaml
|
||||
|
||||
echo "Create backup"
|
||||
cp $release.release.yaml $release.release.bak
|
||||
|
||||
echo "Decode"
|
||||
cat $release.release.yaml | grep -oP '(?<=release: ).*' | base64 -d | base64 -d | gzip -d > $release.release.data.decoded
|
||||
|
||||
echo "Replace api"
|
||||
sed -i -e 's/extensions\/v1beta1/networking.k8s.io\/v1/' $release.release.data.decoded
|
||||
sed -i -e 's/networking.k8s.io\/v1beta1/networking.k8s.io\/v1/' $release.release.data.decoded
|
||||
|
||||
echo "Encode"
|
||||
cat $release.release.data.decoded | gzip | base64 | base64 > $release.release.data.encoded
|
||||
|
||||
echo "Remove newlines"
|
||||
tr -d "\n" < $release.release.data.encoded > $release.release.data.encoded.final
|
||||
releaseData=$(cat $release.release.data.encoded.final)
|
||||
|
||||
echo "Replace data.release"
|
||||
sed 's/^\(\s*release\s*:\s*\).*/\1'$releaseData'/' $release.release.yaml > $release.final.release.yaml
|
||||
|
||||
echo "Applying to kubernetes"
|
||||
kubectl apply -f $release.final.release.yaml -n $namespace
|
||||
|
||||
rm $release.release.yaml
|
||||
rm $release.release.data.decoded
|
||||
rm $release.release.data.encoded
|
||||
rm $release.release.data.encoded.final
|
||||
rm $release.final.release.yaml
|
||||
@ -27,10 +27,10 @@ postgres_operator_version: 1.8.2
|
||||
openldap_version: 1.2.7
|
||||
|
||||
# Adguard Home
|
||||
adguard_version: 2.2.13
|
||||
adguard_version: 2.3.0
|
||||
|
||||
# Bitwarden (aka Vaultwarden)
|
||||
bitwarden_version: 2.0.13
|
||||
bitwarden_version: 2.0.15
|
||||
|
||||
# Drone
|
||||
drone_version: 0.4.0
|
||||
@ -42,10 +42,10 @@ gitea_dns_version: 6.7.1
|
||||
gitea_version: 5.0.8
|
||||
|
||||
# Docker and Helm chart registries
|
||||
harbor_version: 1.7.5
|
||||
harbor_version: 1.9.3
|
||||
|
||||
# Mastodon
|
||||
mastodon_version: 0.2.7
|
||||
mastodon_version: 0.3.0
|
||||
|
||||
# Nextcloud
|
||||
nextcloud_version: 2.14.2
|
||||
@ -53,17 +53,18 @@ nextcloud_version: 2.14.2
|
||||
# Email
|
||||
dovecot_version: 0.1.3
|
||||
postfix_version: 0.1.2
|
||||
roundcube_version: 0.2.7
|
||||
roundcube_version: 0.2.9
|
||||
rspamd_version: 0.2.0
|
||||
|
||||
# Pypi server
|
||||
pypiserver_version: 2.3.0
|
||||
pypiserver_version: 2.4.0
|
||||
|
||||
# WikiJS
|
||||
wikijs_version: 2.2.22
|
||||
wikijs_version: 2.3.0
|
||||
|
||||
# PeerTube
|
||||
peertube_version: 0.1.11
|
||||
peertube_version: 0.1.13
|
||||
|
||||
# Playmaker android APK repository
|
||||
playmaker_version: 0.1.1
|
||||
playmaker_version: 0.1.3
|
||||
|
||||
|
||||
@ -3,3 +3,5 @@
|
||||
connection: local
|
||||
roles:
|
||||
- roundcube
|
||||
tags:
|
||||
- roundcude
|
||||
|
||||
@ -171,18 +171,19 @@ adguard_default_values:
|
||||
timezone: "UTC"
|
||||
ingress:
|
||||
enabled: true
|
||||
className: "{{ external_ingress_class if adguard_publish else internal_ingress_class }}"
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||
kubernetes.io/ingress.class: "{{ external_ingress_class if adguard_publish else internal_ingress_class }}"
|
||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||
kubernetes.io/tls-acme: "true"
|
||||
path: /
|
||||
hosts:
|
||||
- "{{ adguard_short_name }}.{{ domain }}"
|
||||
- host: "{{ adguard_short_name }}.{{ domain }}"
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls:
|
||||
- secretName: "{{ adguard_short_name }}.{{ domain }}-tls"
|
||||
hosts:
|
||||
- "{{ adguard_short_name }}adguard.{{ domain }}"
|
||||
|
||||
- "{{ adguard_short_name }}.{{ domain }}"
|
||||
service:
|
||||
type: ClusterIP
|
||||
# externalTrafficPolicy: Local
|
||||
|
||||
@ -79,13 +79,15 @@ bitwarden_default_values:
|
||||
type: deployment
|
||||
ingress:
|
||||
enabled: true
|
||||
className: "{{ external_ingress_class if bitwarden_publish else internal_ingress_class }}"
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: "{{ external_ingress_class if bitwarden_publish else internal_ingress_class }}"
|
||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||
kubernetes.io/tls-acme: "true"
|
||||
hosts:
|
||||
- host: "{{ bitwarden_short_name }}.{{ domain }}"
|
||||
paths: ["/"]
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls:
|
||||
- secretName: "{{ bitwarden_short_name }}.{{ domain }}-tls"
|
||||
hosts:
|
||||
|
||||
@ -8,8 +8,8 @@ drone_default_values:
|
||||
port: 80
|
||||
ingress:
|
||||
enabled: true
|
||||
className: "{{ external_ingress_class if drone_publish else internal_ingress_class }}"
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: "{{ external_ingress_class if drone_publish else internal_ingress_class }}"
|
||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||
hosts:
|
||||
- host: "{{ drone_short_name }}.{{ domain }}"
|
||||
|
||||
@ -12,12 +12,12 @@ gitea_default_values:
|
||||
clusterIP:
|
||||
ingress:
|
||||
enabled: true
|
||||
className: "{{ gitea_ingress_class }}"
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
||||
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
|
||||
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
|
||||
kubernetes.io/ingress.class: "{{ gitea_ingress_class }}"
|
||||
kubernetes.io/tls-acme: "true"
|
||||
hosts:
|
||||
- host: "{{ gitea_short_name }}.{{ domain }}"
|
||||
|
||||
@ -10,11 +10,11 @@ harbor_default_values:
|
||||
secretName: "{{ harbor_short_name }}.{{ domain }}-tls"
|
||||
notarySecretName: "notary.{{ harbor_short_name }}.{{ domain }}-tls"
|
||||
ingress:
|
||||
className: "{{ external_ingress_class if harbor_publish else internal_ingress_class }}"
|
||||
hosts:
|
||||
core: "{{ harbor_short_name }}.{{ domain }}"
|
||||
notary: "notary.{{ harbor_short_name }}.{{ domain }}"
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: "{{ external_ingress_class if harbor_publish else internal_ingress_class }}"
|
||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
||||
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
|
||||
@ -123,12 +123,11 @@ harbor_default_values:
|
||||
notarySignerDatabase: "harbor_notary_signer"
|
||||
|
||||
harbor_readonly_ingress_definition: |
|
||||
apiVersion: extensions/v1beta1
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||
kubernetes.io/ingress.class: "{{ external_ingress_class }}"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
||||
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
|
||||
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
|
||||
@ -136,22 +135,30 @@ harbor_readonly_ingress_definition: |
|
||||
name: harbor-public-ingress
|
||||
namespace: "{{ harbor_namespace | default(namespace) }}"
|
||||
spec:
|
||||
ingressClassName: "{{ external_ingress_class }}"
|
||||
rules:
|
||||
- host: "{{ harbor_readonly_ingress }}"
|
||||
http:
|
||||
paths:
|
||||
- backend:
|
||||
serviceName: harbor-core
|
||||
servicePort: 80
|
||||
service:
|
||||
name: harbor-core
|
||||
port:
|
||||
number: 80
|
||||
path: /v2
|
||||
pathType: ImplementationSpecific
|
||||
- backend:
|
||||
serviceName: harbor-core
|
||||
servicePort: 80
|
||||
service:
|
||||
name: harbor-core
|
||||
port:
|
||||
number: 80
|
||||
path: /chartrepo
|
||||
pathType: ImplementationSpecific
|
||||
- backend:
|
||||
serviceName: harbor-core
|
||||
servicePort: 80
|
||||
service:
|
||||
name: harbor-core
|
||||
port:
|
||||
number: 80
|
||||
path: /api
|
||||
pathType: ImplementationSpecific
|
||||
tls:
|
||||
|
||||
@ -7,17 +7,18 @@ mastodon_admin_email: "mastodon@{{ mail_domain | default(domain) }}"
|
||||
mastodon_default_values:
|
||||
ingress:
|
||||
enabled: true
|
||||
className: "{{ external_ingress_class if mastodon_publish else internal_ingress_class }}"
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||
kubernetes.io/tls-acme: "true"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
||||
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
|
||||
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
|
||||
kubernetes.io/ingress.class: "{{ external_ingress_class if mastodon_publish else internal_ingress_class }}"
|
||||
kubernetes.io/tls-acme: "true"
|
||||
hosts:
|
||||
- host: "{{ mastodon_short_name }}.{{ domain }}"
|
||||
paths:
|
||||
- path: '/'
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls:
|
||||
- secretName: "{{ mastodon_short_name }}.{{ domain }}-tls"
|
||||
hosts:
|
||||
|
||||
@ -5,9 +5,9 @@ nextcloud_short_name: "nextcloud"
|
||||
nextcloud_default_values:
|
||||
ingress:
|
||||
enabled: true
|
||||
className: "{{ external_ingress_class if nextcloud_publish else internal_ingress_class }}"
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||
kubernetes.io/ingress.class: "{{ external_ingress_class if nextcloud_publish else internal_ingress_class }}"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
||||
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
|
||||
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
|
||||
|
||||
@ -97,16 +97,18 @@ peertube_default_values:
|
||||
value: "{{ peertube_admin_password }}"
|
||||
ingress:
|
||||
enabled: true
|
||||
className: "{{ external_ingress_class if peertube_publish else internal_ingress_class }}"
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||
kubernetes.io/ingress.class: "{{ external_ingress_class if peertube_publish else internal_ingress_class }}"
|
||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||
kubernetes.io/tls-acme: "true"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
||||
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
|
||||
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
|
||||
hosts:
|
||||
- host: "{{ peertube_short_name }}.{{ domain }}"
|
||||
paths: ["/"]
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls:
|
||||
- secretName: "{{ peertube_short_name }}.{{ domain }}-tls"
|
||||
hosts:
|
||||
|
||||
@ -55,17 +55,20 @@ playmaker_default_values:
|
||||
|
||||
ingress:
|
||||
enabled: true
|
||||
className: "{{ external_ingress_class if playmaker_publish else internal_ingress_class }}"
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: "{{ external_ingress_class if playmaker_publish else internal_ingress_class }}"
|
||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||
kubernetes.io/tls-acme: "true"
|
||||
hosts:
|
||||
- host: "{{ playmaker_short_name }}.{{ domain }}"
|
||||
paths: ["/"]
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls:
|
||||
- secretName: "{{ playmaker_short_name }}.{{ domain }}-tls"
|
||||
hosts:
|
||||
- "{{ playmaker_short_name }}.{{ domain }}"
|
||||
|
||||
persistence:
|
||||
enabled: true
|
||||
storageClass: "{{ playmaker_storage | default('nfs-hdd') }}"
|
||||
|
||||
@ -19,9 +19,9 @@ postgres_operator_ui_default_values:
|
||||
# configure UI ingress. If needed: "enabled: true"
|
||||
ingress:
|
||||
enabled: true
|
||||
ingressClassName: "{{ postgres_operator_ui_ingress_class | default(internal_ingress_class) }}"
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||
kubernetes.io/ingress.class: "{{ postgres_operator_ui_ingress_class | default(internal_ingress_class) }}"
|
||||
hosts:
|
||||
- host: "{{ postgres_operator_ui_short_name }}.{{ domain }}"
|
||||
paths: [""]
|
||||
|
||||
@ -15,20 +15,22 @@ pypiserver_default_values:
|
||||
pypiserver_admin: "{{ pypiserver_admin_htpasswd_hash }}"
|
||||
ingress:
|
||||
enabled: true
|
||||
labels: {}
|
||||
className: "{{ external_ingress_class if pypiserver_publish else internal_ingress_class }}"
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: "{{ external_ingress_class if pypiserver_publish else internal_ingress_class }}"
|
||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||
kubernetes.io/tls-acme: "true"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
||||
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
|
||||
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
|
||||
path: "/"
|
||||
hosts:
|
||||
- "{{ pypiserver_short_name }}.{{ domain }}"
|
||||
- host: "{{ pypiserver_short_name }}.{{ domain }}"
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls:
|
||||
- secretName: "{{ pypiserver_short_name }}.{{ domain }}-tls"
|
||||
hosts:
|
||||
- "{{ pypiserver_short_name }}.{{ domain }}"
|
||||
- secretName: "{{ pypiserver_short_name }}.{{ domain }}-tls"
|
||||
hosts:
|
||||
- "{{ pypiserver_short_name }}.{{ domain }}"
|
||||
persistence:
|
||||
enabled: true
|
||||
storageClass: "{{ pypiserver_storage | default('nfs-hdd') }}"
|
||||
|
||||
@ -30,16 +30,18 @@ roundcube_default_values:
|
||||
value: "archive,zipdownload,managesieve"
|
||||
ingress:
|
||||
enabled: true
|
||||
className: "{{ external_ingress_class if roundcube_publish else internal_ingress_class }}"
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||
kubernetes.io/ingress.class: "{{ external_ingress_class if roundcube_publish else internal_ingress_class }}"
|
||||
kubernetes.io/tls-acme: "true"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
||||
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
|
||||
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
|
||||
path: /
|
||||
hosts:
|
||||
- "{{ roundcube_short_name }}.{{ domain }}"
|
||||
- host: "{{ roundcube_short_name }}.{{ domain }}"
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls:
|
||||
- secretName: "{{ roundcube_short_name }}.{{ domain }}-tls"
|
||||
hosts:
|
||||
|
||||
@ -6,12 +6,18 @@ wikijs_default_values:
|
||||
fullnameOverride: "wikijs"
|
||||
ingress:
|
||||
enabled: true
|
||||
className: "{{ external_ingress_class if wikijs_publish else internal_ingress_class }}"
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||
kubernetes.io/ingress.class: "{{ external_ingress_class if wikijs_publish else internal_ingress_class }}"
|
||||
kubernetes.io/tls-acme: "true"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
||||
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
|
||||
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
|
||||
hosts:
|
||||
- host: "{{ wikijs_short_name }}.{{ domain }}"
|
||||
paths: ["/"]
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls:
|
||||
- secretName: "{{ wikijs_short_name }}.{{ domain }}-tls"
|
||||
hosts:
|
||||
@ -25,28 +31,32 @@ wikijs_default_values:
|
||||
postgresqlDatabase: "{{ wikijs_db_name | default('wikijs') }}"
|
||||
|
||||
wikijs_readonly_ingress_definition: |
|
||||
apiVersion: extensions/v1beta1
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||
kubernetes.io/ingress.class: "{{ external_ingress_class }}"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
||||
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
|
||||
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
|
||||
name: wikijs-public
|
||||
namespace: "{{ wikijs_namespace | default(namespace) }}"
|
||||
spec:
|
||||
ingressClassName: "{{ external_ingress_class }}"
|
||||
rules:
|
||||
- host: "{{ wikijs_readonly_ingress }}"
|
||||
http:
|
||||
paths:
|
||||
- backend:
|
||||
serviceName: wikijs
|
||||
servicePort: 80
|
||||
service:
|
||||
name: wikijs
|
||||
port:
|
||||
number: 80
|
||||
path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls:
|
||||
- hosts:
|
||||
- "{{ wikijs_readonly_ingress }}"
|
||||
secretName: "{{ wikijs_readonly_ingress }}-tls"
|
||||
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user