init dump
This commit is contained in:
46
iac/src/js/k8/csi-drivers/hetzner.js
Normal file
46
iac/src/js/k8/csi-drivers/hetzner.js
Normal file
@@ -0,0 +1,46 @@
|
||||
const pulumi = require("@pulumi/pulumi");
|
||||
const k8s = require("@pulumi/kubernetes");
|
||||
|
||||
/**
|
||||
* Deploys the Hetzner CSI driver to the cluster.
|
||||
* @param {k8s.Provider} provider - The Kubernetes provider to deploy resources with.
|
||||
*/
|
||||
exports.deployCsiDriver = function(provider) {
|
||||
const hcloudConfig = new pulumi.Config("hcloud");
|
||||
const hcloudToken = hcloudConfig.requireSecret("token");
|
||||
const csiSecret = new k8s.core.v1.Secret("hcloud-csi-secret", {
|
||||
metadata: {
|
||||
name: "hcloud",
|
||||
namespace: "kube-system",
|
||||
},
|
||||
stringData: {
|
||||
token: hcloudToken,
|
||||
},
|
||||
}, { provider });
|
||||
|
||||
const csiChart = new k8s.helm.v3.Chart("hcloud-csi", {
|
||||
chart: "hcloud-csi",
|
||||
fetchOpts: { repo: "https://charts.hetzner.cloud" },
|
||||
namespace: "kube-system",
|
||||
values: {
|
||||
controller: {
|
||||
secret: {
|
||||
enabled: false,
|
||||
},
|
||||
existingSecret: {
|
||||
name: csiSecret.metadata.name,
|
||||
}
|
||||
},
|
||||
node: {
|
||||
existingSecret: {
|
||||
name: csiSecret.metadata.name,
|
||||
}
|
||||
}
|
||||
},
|
||||
}, {
|
||||
provider,
|
||||
dependsOn: [csiSecret],
|
||||
});
|
||||
|
||||
return { csiChart };
|
||||
};
|
||||
30
iac/src/js/k8/openbao/openbao.js
Normal file
30
iac/src/js/k8/openbao/openbao.js
Normal file
@@ -0,0 +1,30 @@
|
||||
const k8s = require("@pulumi/kubernetes");
|
||||
const fs = require("fs");
|
||||
const path = require("path");
|
||||
const yaml = require("js-yaml");
|
||||
|
||||
/**
|
||||
* Deploys HashiCorp Vault using the official Helm chart.
|
||||
* @param {k8s.Provider} provider - The Kubernetes provider to deploy resources with.
|
||||
*/
|
||||
exports.deployVault = function(provider) {
|
||||
const ns = new k8s.core.v1.Namespace("vault-ns", {
|
||||
metadata: { name: "vault" }
|
||||
}, { provider });
|
||||
|
||||
const valuesYamlPath = path.join(__dirname, 'values.yaml');
|
||||
const valuesYaml = fs.readFileSync(valuesYamlPath, "utf8");
|
||||
const helmValues = yaml.load(valuesYaml);
|
||||
|
||||
const vaultChart = new k8s.helm.v3.Chart("openbao", {
|
||||
chart: "openbao",
|
||||
fetchOpts: { repo: "https://openbao.github.io/openbao-helm" },
|
||||
namespace: ns.metadata.name,
|
||||
values: helmValues,
|
||||
}, {
|
||||
provider,
|
||||
dependsOn: [ns],
|
||||
});
|
||||
|
||||
return { vaultNamespace: ns.metadata.name };
|
||||
};
|
||||
17
iac/src/js/k8/openbao/values.yaml
Normal file
17
iac/src/js/k8/openbao/values.yaml
Normal file
@@ -0,0 +1,17 @@
|
||||
ui:
|
||||
enabled: true
|
||||
|
||||
server:
|
||||
standalone:
|
||||
enabled: true
|
||||
|
||||
ha:
|
||||
enabled: false
|
||||
|
||||
dataStorage:
|
||||
enabled: true
|
||||
size: 2Gi
|
||||
storageClass: "hcloud-volumes"
|
||||
|
||||
nodeSelector:
|
||||
location: "de"
|
||||
Reference in New Issue
Block a user