dvirlabs/infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' of https://git.dvirlabs.com/dvirlabs/infra

Browse Source
This commit is contained in:
dvirlabs 2025-06-06 18:55:36 +03:00
commit feb89d4a74
3 changed files with 51 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
argocd-apps/extra-resources.yaml Normal file
View File

@ -0,0 +1,20 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: extra-resources
namespace: argocd
spec:
project: infra
source:
repoURL: https://git.dvirlabs.com/dvirlabs/infra.git
targetRevision: HEAD
path: manifests/extra-resources
directory:
recurse: true
destination:
server: https://kubernetes.default.svc
namespace: infra
syncPolicy:
automated:
prune: true
selfHeal: true

24
manifests/extra-resources/minio/ingress-api.yaml Normal file
View File

@ -0,0 +1,24 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: minio-api
namespace: infra
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
spec:
ingressClassName: traefik
rules:
- host: s3.dvirlabs.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: minio
port:
number: 9000
tls:
- hosts:
- s3.dvirlabs.com

11
manifests/oidc-bootstrap/minio/minio-bootstrap-job.yaml
View File

@ -16,16 +16,19 @@ spec:
- | - |
set -e set -e
echo "🔐 Setting up mc alias..." echo "🔐 Waiting for MinIO readiness..."
mc alias set myminio http://minio-bitnami.infra.svc.cluster.local:9000 minioadmin minioadmin until mc alias set myminio http://minio-bitnami.infra.svc.cluster.local:9000 minioadmin minioadmin; do
echo "⏳ Retrying..."
sleep 5
done
echo "📜 Creating policies..." echo "📜 Creating policies..."
mc admin policy create myminio admin-policy /config/admin-policy.json || true mc admin policy create myminio admin-policy /config/admin-policy.json || true
mc admin policy create myminio user-policy /config/user-policy.json || true mc admin policy create myminio user-policy /config/user-policy.json || true
echo "🔗 Attaching policies to OIDC groups..." echo "🔗 Attaching policies to OIDC groups..."
mc admin policy set myminio admin-policy group=minio-admins || true mc admin policy attach myminio admin-policy --group minio-admins || true
mc admin policy set myminio user-policy group=minio-users || true mc admin policy attach myminio user-policy --group minio-users || true
echo "✅ MinIO OIDC bootstrap complete." echo "✅ MinIO OIDC bootstrap complete."
volumeMounts: volumeMounts: