From aeb9032d17f43f4adc983f6b5a57a903bc6419de Mon Sep 17 00:00:00 2001 From: Michael Thomson Date: Wed, 28 May 2025 12:26:11 -0400 Subject: [PATCH] plane --- .../helmrepository-plane.yaml | 8 ++ .../kustomizations/kustomization-plane.yaml | 18 +++++ bootstrap/namespaces/namespace-plane.yaml | 4 + plane/app_env_secret.yaml | 15 ++++ plane/dns-endpoint.yaml | 16 ++++ plane/doc_store_secret.yaml | 17 +++++ plane/helmrelease-plane.yaml | 75 +++++++++++++++++++ plane/pgdb_secret.yaml | 17 +++++ plane/rabbitmq_secret.yaml | 16 ++++ 9 files changed, 186 insertions(+) create mode 100644 bootstrap/helmrepositories/helmrepository-plane.yaml create mode 100644 bootstrap/kustomizations/kustomization-plane.yaml create mode 100644 bootstrap/namespaces/namespace-plane.yaml create mode 100644 plane/app_env_secret.yaml create mode 100644 plane/dns-endpoint.yaml create mode 100644 plane/doc_store_secret.yaml create mode 100644 plane/helmrelease-plane.yaml create mode 100644 plane/pgdb_secret.yaml create mode 100644 plane/rabbitmq_secret.yaml diff --git a/bootstrap/helmrepositories/helmrepository-plane.yaml b/bootstrap/helmrepositories/helmrepository-plane.yaml new file mode 100644 index 0000000..118fac9 --- /dev/null +++ b/bootstrap/helmrepositories/helmrepository-plane.yaml @@ -0,0 +1,8 @@ +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: HelmRepository +metadata: + name: plane + namespace: flux-system +spec: + interval: 15m + url: https://helm.plane.so/ diff --git a/bootstrap/kustomizations/kustomization-plane.yaml b/bootstrap/kustomizations/kustomization-plane.yaml new file mode 100644 index 0000000..b7a0a6f --- /dev/null +++ b/bootstrap/kustomizations/kustomization-plane.yaml @@ -0,0 +1,18 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: plane + namespace: flux-system +spec: + interval: 15m + path: ./plane + prune: true # remove any elements later removed from the above path + timeout: 2m # if not set, this defaults to interval duration, which is 1h + sourceRef: + kind: GitRepository + name: flux-system + healthChecks: + - apiVersion: helm.toolkit.fluxcd.io/v2beta2 + kind: HelmRelease + name: plane + namespace: plane diff --git a/bootstrap/namespaces/namespace-plane.yaml b/bootstrap/namespaces/namespace-plane.yaml new file mode 100644 index 0000000..02489a7 --- /dev/null +++ b/bootstrap/namespaces/namespace-plane.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: plane diff --git a/plane/app_env_secret.yaml b/plane/app_env_secret.yaml new file mode 100644 index 0000000..74670eb --- /dev/null +++ b/plane/app_env_secret.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: app_env_secret + namespace: plane +spec: + encryptedData: + SECRET_KEY: AgB7/hJ6aOpAoyYYWKomZMhyejcmPTjhMMyhRwnxrXfX3yWKJAhB0g7fszsMa5pYyAKdhu7ha1IPDHariajiJAuGhssJGdhiz8DP8tYL6BIoGc5I64yntlQezGNDtbM7ceUZEWVMx+lxXqsahfA2oz4ahPLvmBonyzIHsx5Xe36A3JyMyIPpz2sS/y7Ob02KSXVRxlN2hyOc+88W7e+RMNwh4HUAATN7hGu2LtbwrkK9HSPjM/stcwCnVPYm4jxeNz59WN8wC0pqNJySj/UXtJCLWc+f2QwFoVQSB+mBuSqHl0762jtf+Vi2jUyDAffjPFTgx5LWop/LWJfndi2z80Q7jcshuqNaRoltnm5cub8XTXy+rv4VeIa/f8rBx713nMGfVF2P6WE6UXpx7Z4G4gEK7+1OtLEIAvWJLb0FO5+wOdstr6vXaKupzoeI1Xi0/59boW8GNt1Tjk9aioJXsnS0n/V0XaXPqccUTh3up0YaqJrd2BXkRZNVjm6C99Bbbn+08g8SHT9n+jpXYRPE/S089NZaZOnrQ3HdS/WZY4k2i+ohEH1c1S6xcRwan76s14HSx5IWzkQ+twmRwSpiQnXkDoKD4Gw5SwoyPTevs16DSu4KVEdmv0oQ/l0o2htMzchXdqL4/WzyaCGVUF+FBVTIRAM0AGhrVbSETvFIn3A7qLqKyIa+kSFGuHcWQEd36VWBUUKFtZsUvgpGE9gsFwMm6D+fm6aiVoAylSJancmsMUKnchWJ6gwkNRZdiwykf5G8chyW6FCFsQ== + template: + metadata: + creationTimestamp: null + name: app_env_secret + namespace: plane diff --git a/plane/dns-endpoint.yaml b/plane/dns-endpoint.yaml new file mode 100644 index 0000000..fa822e2 --- /dev/null +++ b/plane/dns-endpoint.yaml @@ -0,0 +1,16 @@ +apiVersion: externaldns.k8s.io/v1alpha1 +kind: DNSEndpoint +metadata: + name: gitea.michaelthomson.dev + namespace: gitea +spec: + endpoints: + - dnsName: gitea.michaelthomson.dev + recordTTL: 180 + recordType: CNAME + targets: + - michaelthomson.ddns.net + providerSpecific: + - name: external-dns.alpha.kubernetes.io/cloudflare-proxied + value: "false" + diff --git a/plane/doc_store_secret.yaml b/plane/doc_store_secret.yaml new file mode 100644 index 0000000..c2b8153 --- /dev/null +++ b/plane/doc_store_secret.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: doc_store_secret + namespace: plane +spec: + encryptedData: + MINIO_ROOT_PASSWORD: AgCZ8S1OYumIpwKlvpOTDkfj+16f8jkfRwBvDUhn7wKKLtxf7e6n9CUucX4AgkteVXaQX1e0n6ZbG26+cs70DAEPpSJukskaMN9bSEUypByJFdTLj3ZB5lcnuOoecR70iZXpTsNRQQpWGO1xLQB0TsdY63zmNYTxpw7ixC3ZCclZo8190IOpyePueUR52tf1GOwkKf1EQEGODl+8ko1KpwMorOacEOBcaG9uERmWtF53pxMO5dzqdHwCdeKNtMyHyCLoMoujJ43qDF5V30rkYFbYITDiM7Yjl41LUEddUb9IpWLXsFy/8wTqJQXCH+Y8Fk4KnUucObu0+BgbwR+zBY4EWczoPgwMSF3jloCVzH8lOb0SdW5qnT6WsgCcjWSd2ZTSiG1KCLiUorBUnZlQ+cHGGDjqTZXZeMSWPp0ibJmPgbWd7O1UA3JioMdhzAnWZIEQZl0yb7S51PzpYnkwgi1V1HrAyRqF/LWTkAyZKk+PTvFHoQt7Y8KyU6w94p+475jvF/pAVxhV7FTQY0IlX4kS4c9mrpyuoJXTSN9vF0O0Ytmoqz1DEt2Khjbjp58PloaM1iOP1BnMUTeHgiCOGGnP5eGxZx1hCuZBNZ2QiuTNSN1tYy+E6cF8OcMaYEZrvSTsVD9XU1r1aOvmjs9m7iVTslaX82CPG+s36cGTA8xDi6qN1sQBgVH2YQdp5IrI78yQH6NjcthypdEg2cmEQ9TouuEMJHFDHxgtu/cmtcB5ly+5PA5O8tU66ZWjEYYwOz7irgbx5qWRKA== + MINIO_ROOT_USER: AgDGXuRC+QTo/yoSNGHnPEOgBHVPCo2qRkkQ16njhis7eNMvP8Kdgg0GYfoMc9ItsbbbJvOiUIQCMUww+fVEKFYcx4oJ70Flku2OPGcqyYK2epTeFxjMgHCufYi/I0A4EumG+im/FKWBmAQvMXnUWA0mThmwiepCT6xaCB7/p92GZdCqmKSYkCKaulLGE6PXbJAAAjrYPhEWGaADEnvedzKUheZlfPqKiefcoHU/M3f85BZkUv0yT6PSier2eQR9MD3OX9kMdprmdifoc3NvfwR8jHfPVPaAM8QdizUsodweNHZWg5qFWdRDNpmpYtjOs+hvzbqiCJD4gkd61YuwtC1uWTvDEwCzdUZ1losbf1mFHmbW4zcxQBdCLXI9NV1JKsUZEtV9wZi0+rkW1R/g8R5jV0h+UrHKJgdCjfQ2fkQ5WYOwZCB4voPLToxa5EA0HS1c9gqGPwugLekfBti/9bp3RPruk4NjxLmLnTC/MEEffElcftIwSCzcgY726b4m15Vu4+QCKoG0LLau3YDk9NlCZwr1SQ9sRsdtu4Z+XTi9MKwibwoc+ooV4fhqT0Z8lObTVcD7AwF2kAu69rphiIGhqTdNs5VEq4CDlmmM+gFjDl+wgV2LKK1wmBBlO6oxhllQLTsz5p70BZ92x3DsIOT4cyRwa6nCnAfqr9icXTa71TZXcIi0aXlR4DqzRxNL5Se+T4ywrA== + USE_MINIO: AgB95x5O3a9l8H2LZQsGFvGVljv63f4NUaMQ0dKQO0DAgmpOXX9zHvbJb05pkDjuWeD75/AE0RyXKbCchO4gLbouW5cnRg3fZKpveds8NJUw49r0K/TvH/JFbJzrqY9VvXxOp/PCnMKJrST2w06GdbQXBHFvhwcqw2N/YaXCSsEyZ5+1RW+dyLg56nQgAJjXcrTfcjjeYDDGOmOj8pqLe2YxlxrNQ/5fbvGN2+zEfyKceBHqLdvI4mh7tzYbipUjZ42SmVJx2kKro4FQqw8wU5l+OtfzjKs2hutKQR11IT91JxPXosYKF3EnXeoZ6ncPjsNiNgN5yboSd0XJhm/rXs6RbJ8IAe5Nv98ZzZSj39FKrEuvvEdaZ2M5LnOVGmZ4iAdhWcLKNosuc6PQ6FsmtTeVyAlmtmru3ua1OBaCg1vXS0nEdADswIgfzlbFXYPE8MtcIDXGQJ1Egd0ip9lHsciyLaZC9hBXT+HUs+sIJEHUaV3MVLxL0+7gGClG3dMCPalFKfUSeagqkcMjFMRRbKMV+bX6lN37ru4BcbDQ031nmYt7NNnKTL1040zsicHZDaxE6Ildjvx1BN8U22Btd2YtM+cTRcHUztuS4+pHq8HkEGCvuKFuISC5kNfXm2PQZmDatogA60/H4b60S+iZz6vybAXFWEuDiUfELz9pMh70Q7uodQyQDDg9FlMLvFDbO8Bw + template: + metadata: + creationTimestamp: null + name: doc_store_secret + namespace: plane diff --git a/plane/helmrelease-plane.yaml b/plane/helmrelease-plane.yaml new file mode 100644 index 0000000..418156a --- /dev/null +++ b/plane/helmrelease-plane.yaml @@ -0,0 +1,75 @@ +apiVersion: helm.toolkit.fluxcd.io/v2beta2 +kind: HelmRelease +metadata: + name: plane + namespace: plane +spec: + chart: + spec: + chart: plane-ce + version: 1.x + sourceRef: + kind: HelmRepository + name: plane + namespace: flux-system + interval: 15m + timeout: 5m + releaseName: plane + values: + ingress: + enabled: true + appHost: "plane.michaelthomson.dev" + ingressClass: "traefik" + + # SSL Configuration - Valid only if ingress.enabled is true + ssl: + tls_secret_name: "letsencrypt-wildcard-cert-michaelthomson.dev" # If you have a custom TLS secret name + annotations: { + "traefik.ingress.kubernetes.io/router.entrypoints": "websecure", + "traefik.ingress.kubernetes.io/router.tls": "true" + } + redis: + storageClass: "longhorn" + + postgres: + storageClass: "longhorn" + volumeSize: 8Gi + + rabbitmq: + storageClass: "longhorn" + volumeSize: 100Mi + + minio: + storageClass: "nfs-client" + volumeSize: 1Gi + + web: + replicas: 1 + + space: + replicas: 1 + + admin: + replicas: 1 + + live: + replicas: 1 + + api: + replicas: 1 + + worker: + replicas: 1 + + beatworker: + replicas: 1 + + external_secrets: + rabbitmq_existingSecret: 'rabbitmq_secret' + pgdb_existingSecret: 'pgdb_secret' + doc_store_existingSecret: 'doc_store_secret' + app_env_existingSecret: 'app_env_secret' + + env: + docstore_bucket: "uploads" + doc_upload_size_limit: "5242880" # 5MB diff --git a/plane/pgdb_secret.yaml b/plane/pgdb_secret.yaml new file mode 100644 index 0000000..d921026 --- /dev/null +++ b/plane/pgdb_secret.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: pgdb_secret + namespace: plane +spec: + encryptedData: + POSTGRES_DB: AgClw9V0/XJLA+VOHjcqeMNh4jAHfBKcsBKnMpTYOzNksXB3TpP2LkEC+4flVkPd1OhYZtuGtp+DgolO0oltuvQ5vghyl5I7b4K+0q4H09AHiPLRDj6UC9p8J1X63NY74D1Cs0ui7KdnZX4C0jVaZRFrVfHW2dj+P1VYYho3KqigvTAVj2kylbeuavCgUo9/bV5FRRVQ1Bs6MePiDMEjm8IUJ6V0Dl3xwApJBd9a6NOaph5S25Idkfr65aKrkfVoZsWMDu8Mt+V+dGzO9iRIABhD7XZi7afHpQlv2AqR4hfswnKjUxE13JXUHnrrRSWQDsel7R9J+WmZgAHMIIlp0ChHeANdD8G+cnpRUR7LqMQmGE7i0EVCMebH/sczd3F0ed0QIiY/vMpdNjiTgRQ/IqK4Tc+gPc6WYADVeemEq0znLS8TGXIukyS/fkWUZ1u9XjBWr0wamUbhh4T79vjEpThN4FHG4WljpLMbuNPnHCn/5ZgNSdz77kMjE5oMtfxGKSHAcvfAxlgWCfeXy0KhyoukGSrRrZE445VV5mvpzGQOMvpafV6aCrHPz0fYuKK1JAIltBTKwOnvaXYeGmdbJMok5J4PMc/HMS7m1G7t39DQO/jaiLgHiYEOv7+q3oIeMxLUaYTQCcsbCk9XCNOBxlbmF6DLQWID25oZ/SNWmuhhIFs3gC+UwUYwqKPmOpg3U7mMrEStAg== + POSTGRES_PASSWORD: AgAH9cjsT1llmWhTZKJNEcZfTVxq5WYsdxyaquedqOTSzW5me8nOEIY85D7EgHk8pygfp6FXlvsLBBjMynKzzLwjruNy33aPWnwwtrDTEho71AuKOvHUBLcLiGg7OWfP0ycW77rHbBjPSPmdKqrAiu01up/PwIh+bXz5WVbcHt5uGH5Fl6mPucG0f4kb2O6xXa8cIn8K7KGmuM5WyGlRxgyeI+N2uKNQwoyLSpUZe8elwmVycFgKF7U0tzDR5ZWFaIjxGGsCO2NG1eEOvyNZLCDvXp3Ey1OyEmHJVb2/Oejx7pJ1/f6LaIw3WRZ+xIKQSPXMTJpT9r/BxLxwMmHLOOpZgWk+xvoD3llkpghJ2wS+LMyL0+SlC68bis1qQDI/cGLwg3Ti4HPDtWgoN5sXMx6AzCT1aZy3P9bFEbmKR5adBQOA1AygdBx1y7x5PlPmCcu/C/NmgR8EmnIeqiLKE8uZ4sonDJQWM4RZ8USTQzPRCx71jacDfPl6pyrIJX+acuKOropNAufvftXlojFzkLmF7xk1u5OMZA2dWrjQtZivTeYFS1p2U+rzahucd90jIW1i/l0cS6y3EmDAzyLG4evz53W4DeSpwvR4u3sbAKC/NJkog9k3ZuKL6eoAp2xrb7bl5tKroYENDJNH4xnOlwwlTEA8v3kdEc7Qoh9Mpw7vXNHZnLCa63E8SpU0IUX7a9+QcT/VDQQ7sYltgMIZxrLwo9zNE54UiZxY35cLBxdaAjPh/snM8Hkq7FqUCfMH/XmeJGrKLSyo0Q== + POSTGRES_USER: AgBtULhS94Q/lS5bqQuDnC16AQPl034r+9u+dy/HFkkFePk9Bm3wJZ5iCeLhZJwH3PU0+VFEOufCuNlhcGjCZ4R1u/ICBq8eUqu9efABZF0yo3rRqe6xvdSZFRRmGzqTnja3tnBJpQDyPFiJ5fY8ABrjcuaRfgWOh5QSVZqR/Is97DFLso6hxqUQWC7oHiWomyQxBVxelYTksvex+dbxVutEyJyqUxJez3QcBmTOedjIPbbkSGyYFxok5of1PlJT2aKig0KpdAAL0xzoo1kWpVeYmip/gBnOwMtIe72EkiVpRCU3PLSTJuz8xOOZv+5OQxNINApFWUfzSfvz2bdxI6cd3axK101MzEuXbQ/IJdFrFdxWsv9+aCH+wJVWveXssecETCIC1TvdkTSKAn79rhYHrZ3XF8f5D5hQjZHn7Umze2UNGlAA2mCOgp3+hHMtx6scfy2WQKpTXw0WB3Z6G2/5dn/6u2OXTP/QM/VdvA4H+iZZEK4WKfcE6+7OakoHYCB3F4+69KPo3K7OOM9SQddGHsPWS2rZUYgfNTM6NFygZxYHoLvTezONadJ0GP3y1mhAC6p96bqp+SGYCyiIqoCxd+FjiWORim9xe/NfCoJ12QfO2dtGx96gcTmV/N3C2WxGw7v58xNW+jRS4xb48K5cPa9EYBGvb11A7zM7CST7jEt+l/z2mGa9LbRyX8CCZQyVoHJvOg== + template: + metadata: + creationTimestamp: null + name: pgdb_secret + namespace: plane diff --git a/plane/rabbitmq_secret.yaml b/plane/rabbitmq_secret.yaml new file mode 100644 index 0000000..7d55a23 --- /dev/null +++ b/plane/rabbitmq_secret.yaml @@ -0,0 +1,16 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: rabbitmq_secret + namespace: plane +spec: + encryptedData: + RABBITMQ_DEFAULT_PASS: AgCwDLFMeFOodk227sdD3+i4NMMCIhwNHS+gKYzB+g+N+30/JCQGy49W/wGbT2cjHnP3yzAI/fpIuKV6VcDjXKRna53vLEnoYSBRHqjAcmHCpfztn1zO4+nb5lNvViZacVxUG09nyGdZzCvIsrIVTQUOLkBSfCKH/FBrCBDjYNbRggayvrwVuG+PXZGOHgSHUoJPSlP9RhqYchplxwbFFvY05SbpMN++PsQ5BQ3gees34rGXs9kjGq+PQ2z4T19707eEmoUp9YZIWjcNMkfwulQtI6Q/vI2AMZ5A6kFPyAkfRuvCLB646z9fOIOEXI3YKQG3iYTR+cskOvZ+SwzRnkF6BoBYcccMmQIfrwuiv78+6d9sBb08XXrnH5DIe2wlObAK52UjGE+M2g1qJT+CYNplFjP0AWlc4IOi4iTgSlJSv8ZbxrnmubOzwiPdhJ5B/KPrXvAms8KggiPHY4y0NB6QjBympyfKD1eRyz+C6Qj50SFL5rproVMYBf6WEy6fsnPMxHLyiIRJaXxaTherEk+ie01goCNYKY+XnwMHf4WjGBoCC/x1vCe8haVExbDn/I9xpFXxQLxbvGtRUijJOxy85HV/XWboNWar2FuhyRaHouQke5KDC9nUIjVLV7g+tZtHWmxFEIG0nfssopCxJwk97UYprribsffw1C4qf+ppEKLI7lMNW2i+jX8MQspNh4gPTWhM8516Wn/tycN7K/HPUCbKvHO7Cs24iCmWZTjb96JM38GnTVtLKFQcIU5mKcuJ3gNDs/vFXg== + RABBITMQ_DEFAULT_USER: AgCIFZFJKhznciySJUegREMfSDretf8hlfGEa7DEQwCouEg0vfA+6ZnR9YRBlxqHOtddmZfGa6Bzhb6f+gs6LHREKPrUza2R3eNLvgxjarIJdgLq++RbTzQv1PbW2LuUOU9zInC07ynj0+m2mwsH5WT+udMnZhW8qS3mPexf9cQGqDDUcAx5G1Gi0N5EtJn7LfLeZw2B3wXxzL65hRjwGC8WW8BxmFuSOcL2aSagFnwJxaozaJjCNT5XZDg2Ahz7/QymyInMhxoz9zpUMdyEFl/TQqyW1HQ8936C/azLEBrR7Lob6j/02cp2S2jDQ+TjYBWr/MJs60Gy6DrTd/+82L90Z7Povoa6PuIM7iD2qfmOQs33Su9vr/9C1oJS+9wu9jHTy6m/vJd7AwEYoEQ/X9YN6iIJAqcUALkBAKVdfVbAzCQeWS8+ITIsQdGJRahjFGqDOeI2IRC8oiWlYe7b9z9+pHyfbAX+8/Of2JcxiM7BlK47uLbWdb4IxBtkHF1NZGOKd7T1Y4+vLaCbLrjd9F5CZlW9cG61IUekc0HQAgbAVUc7o3rsaFg/fhg8xPRB8lF8jb2Yu7JeKkDm7DvFJW4SJFpRIN6J/3GD95UhUH1NBqhLn7FKM0tk3Jgg3WNHtH//R1Ict0R1x9dB5jJW5twE7LN4hcCh/Om81BCo5MsSLzdenT7fRpOFNRwJ0/gcJ8jmVkCt9w== + template: + metadata: + creationTimestamp: null + name: rabbitmq_secret + namespace: plane