Added Kubernetes resources for TLS setup, updated docs

2026-01-11 10:03:59 +01:00
parent f9b22430f2
commit f8314c84fa
15 changed files with 270 additions and 18 deletions
--- a/argocd/cluster-resources/cilium-load-balancer-ip-pool.yaml
+++ b/argocd/cluster-resources/cilium-load-balancer-ip-pool.yaml
@@ -0,0 +1,11 @@
+apiVersion: cilium.io/v2
+kind: CiliumLoadBalancerIPPool
+metadata:
+  name: default
+  annotations:
+    argocd.argoproj.io/sync-wave: "-1000"
+spec:
+  blocks:
+    # Configure your IP pool here
+    - start: "192.168.10.95"
+      stop: "192.168.10.99"
--- a/argocd/cluster-resources/cluster-issuers.yaml
+++ b/argocd/cluster-resources/cluster-issuers.yaml
@@ -0,0 +1,23 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-http01
+  annotations:
+    argocd.argoproj.io/sync-wave: "20"
+    argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
+spec:
+  acme:
+    server: https://acme-v02.api.letsencrypt.org/directory
+    # Add your email address here
+    email: you@yourdomain.com
+    privateKeySecretRef:
+      name: letsencrypt-http01-cluster-issuer-account-key
+    solvers:
+      - http01:
+          gatewayHTTPRoute:
+            parentRefs:
+              - name: acme
+                namespace: network
+                sectionName: http
+                kind: Gateway
+---
--- a/argocd/cluster-resources/storageclasses.yaml
+++ b/argocd/cluster-resources/storageclasses.yaml
@@ -0,0 +1,18 @@
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: csi-nfs
+  annotations:
+    argocd.argoproj.io/sync-wave: "-700"
+    storageclass.kubernetes.io/is-default-class: "true"
+provisioner: nfs.csi.k8s.io
+parameters:
+  # Configure you NFS server here
+  server: "your-nfs-server.com"
+  share: "/mnt/big-storage-pool/nfs"
+reclaimPolicy: Delete
+volumeBindingMode: Immediate
+allowVolumeExpansion: true
+mountOptions:
+  - nfsvers=4.1
+---