upload gitops starter

apps/argocd-ingress/application.yaml

@@ -1,20 +1,18 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
-  name: whoami
+  name: argocd-ingress
   namespace: argocd
 spec:
   project: default
   source:
     repoURL: https://git.stabify.de/stabify/gitops.git
     targetRevision: HEAD
-    path: apps/whoami/overlays/production  # Zeigt auf das Overlay, nicht die Base!
+    path: apps/argocd-ingress
   destination:
     server: https://kubernetes.default.svc
-    namespace: default  # Ziel-Namespace der App
+    namespace: argocd
   syncPolicy:
     automated:
       prune: true
       selfHeal: true
-    syncOptions:
-      - CreateNamespace=true # Erstellt den Namespace 'default' falls nicht vorhanden (oder 'whoami-ns')

apps/argocd-ingress/ingress.yaml

@@ -0,0 +1,30 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: argocd-server-ingress
+  namespace: argocd
+  annotations:
+    traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
+    traefik.ingress.kubernetes.io/router.tls: "true"
+spec:
+  rules:
+    - host: argocd.k3s.stabify.de
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: argocd-server
+                port:
+                  name: http
+    - host: argocd.k3s.sys.stabify.de # Alternative Domain falls gewünscht
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: argocd-server
+                port:
+                  name: http

bootstrap/root.yaml

@@ -0,0 +1,45 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: infrastructure
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+  source:
+    repoURL: https://git.stabify.de/stabify/gitops.git
+    targetRevision: HEAD
+    path: infrastructure
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: default
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
+---
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: apps
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+  source:
+    repoURL: https://git.stabify.de/stabify/gitops.git
+    targetRevision: HEAD
+    path: apps
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: default
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true

infrastructure/traefik/application.yaml

@@ -0,0 +1,52 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: traefik
+  namespace: argocd
+  annotations:
+    argocd.argoproj.io/sync-wave: "-1"
+spec:
+  project: default
+  source:
+    repoURL: https://traefik.github.io/charts
+    chart: traefik
+    targetRevision: 26.0.0
+    helm:
+      values: |
+        deployment:
+          replicas: 2
+        service:
+          enabled: true
+          type: LoadBalancer
+          spec:
+            loadBalancerIP: "10.100.40.6" # Zwingt Kube-VIP diese IP zu nutzen
+        ports:
+          web:
+            port: 8000
+            expose: true
+            exposedPort: 80
+            protocol: TCP
+          websecure:
+            port: 8443
+            expose: true
+            exposedPort: 443
+            protocol: TCP
+        ingressRoute:
+          dashboard:
+            enabled: false
+        providers:
+          kubernetesCRD:
+            enabled: true
+            allowCrossNamespace: true
+          kubernetesIngress:
+            enabled: true
+            allowCrossNamespace: true
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: traefik-system
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true

repo-app-source/.gitea/workflows/docker-build.yaml

@@ -1,47 +0,0 @@
-name: Build and Push Docker Image
-run-name: ${{ gitea.actor }} is building Docker Image 🚀
-
-on:
-  push:
-    branches:
-      - main
-    tags:
-      - 'v*'
-
-jobs:
-  build-push:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check out repository code
-        uses: actions/checkout@v3
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-
-      - name: Login to Docker Registry
-        uses: docker/login-action@v2
-        with:
-          registry: ghcr.io  # Oder deine eigene Registry (z.B. harbor.stabify.de)
-          username: ${{ secrets.REGISTRY_USERNAME }}
-          password: ${{ secrets.REGISTRY_PASSWORD }}
-
-      - name: Extract metadata (tags, labels) for Docker
-        id: meta
-        uses: docker/metadata-action@v4
-        with:
-          images: ghcr.io/${{ gitea.repository }}
-          tags: |
-            type=ref,event=branch
-            type=ref,event=pr
-            type=semver,pattern={{version}}
-            type=sha
-
-      - name: Build and push Docker image
-        uses: docker/build-push-action@v4
-        with:
-          context: .
-          push: true
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max

repo-gitops/apps/whoami/base/deployment.yaml

@@ -1,33 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: whoami
-  labels:
-    app: whoami
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: whoami
-  template:
-    metadata:
-      labels:
-        app: whoami
-    spec:
-      containers:
-      - name: whoami
-        image: traefik/whoami:latest
-        ports:
-        - containerPort: 80
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: whoami
-spec:
-  selector:
-    app: whoami
-  ports:
-    - protocol: TCP
-      port: 80
-      targetPort: 80

repo-gitops/apps/whoami/base/kustomization.yaml

@@ -1,5 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-
-resources:
-  - deployment.yaml

repo-gitops/apps/whoami/overlays/production/kustomization.yaml

@@ -1,20 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-
-resources:
-  - ../../base
-
-# Patches für Produktion
-patches:
-  - target:
-      kind: Deployment
-      name: whoami
-    patch: |-
-      - op: replace
-        path: /spec/replicas
-        value: 2
-
-# Hier ändern wir das Image für Produktion (Das ist die Zeile, die wir beim Release anpassen!)
-images:
-  - name: traefik/whoami
-    newTag: v1.8.0

repo-gitops/bootstrap/root-app.yaml

@@ -1,20 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: production-cluster
-  namespace: argocd
-  finalizers:
-    - resources-finalizer.argocd.argoproj.io  # Löscht alle Apps, wenn diese App gelöscht wird (Vorsicht!)
-spec:
-  project: default
-  source:
-    repoURL: https://git.stabify.de/stabify/gitops.git  # URL DEINES GitOps Repos anpassen!
-    targetRevision: HEAD
-    path: cluster/production
-  destination:
-    server: https://kubernetes.default.svc
-    namespace: argocd
-  syncPolicy:
-    automated:
-      prune: true      # Löscht Ressourcen, die nicht mehr im Git sind
-      selfHeal: true   # Repariert manuelle Änderungen automatisch