Initial commit: loc_az_hci (smom-dbis-138 excluded via .gitignore)

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-08 09:04:46 -08:00
commit c39465c2bd
386 changed files with 50649 additions and 0 deletions
--- a/scripts/deploy/configure-gitops-workflows.sh
+++ b/scripts/deploy/configure-gitops-workflows.sh
@@ -0,0 +1,230 @@
+#!/bin/bash
+source ~/.bashrc
+# Configure GitOps Workflows (Flux) on K3s Cluster
+
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
+
+# Load environment variables
+if [ -f "$PROJECT_ROOT/.env" ]; then
+    set -a
+    source <(grep -v '^#' "$PROJECT_ROOT/.env" | grep -v '^$' | sed 's/#.*$//' | grep '=')
+    set +a
+fi
+
+# Colors
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m'
+
+log_info() {
+    echo -e "${GREEN}[INFO]${NC} $1"
+}
+
+log_warn() {
+    echo -e "${YELLOW}[WARN]${NC} $1"
+}
+
+log_error() {
+    echo -e "${RED}[ERROR]${NC} $1"
+}
+
+VM_USER="${VM_USER:-ubuntu}"
+SSH_KEY="${SSH_KEY:-$HOME/.ssh/id_ed25519_proxmox}"
+VMID=101
+VM_NAME="k3s-master"
+GIT_REPO="${GIT_REPO:-http://192.168.1.121:3000/hc-stack/gitops.git}"
+GIT_BRANCH="${GIT_BRANCH:-main}"
+GIT_PATH="${GIT_PATH:-gitops/}"
+
+# Import helper library
+if [ -f "$PROJECT_ROOT/scripts/lib/proxmox_vm_helpers.sh" ]; then
+    source "$PROJECT_ROOT/scripts/lib/proxmox_vm_helpers.sh"
+else
+    log_error "Helper library not found"
+    exit 1
+fi
+
+main() {
+    log_info "Configuring GitOps Workflows on VM $VMID ($VM_NAME)"
+    echo ""
+
+    # Get IP using guest agent
+    local ip
+    ip="$(get_vm_ip_or_warn "$VMID" "$VM_NAME" || true)"
+    
+    if [[ -z "$ip" ]]; then
+        log_error "Cannot get IP for VM $VMID. Ensure SSH is working and QEMU Guest Agent is installed."
+        exit 1
+    fi
+
+    log_info "Using IP: $ip"
+    echo ""
+
+    # Check K3s installation
+    log_info "Checking K3s installation..."
+    if ! ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no "${VM_USER}@${ip}" "sudo kubectl version --client" &>/dev/null; then
+        log_error "K3s/kubectl not found. Please install K3s first."
+        exit 1
+    fi
+    log_info "K3s is installed"
+
+    # Install Flux CLI
+    log_info "Installing Flux CLI..."
+    ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no "${VM_USER}@${ip}" <<'EOF'
+set -e
+if ! command -v flux &>/dev/null; then
+    curl -s https://fluxcd.io/install.sh | sudo bash
+    flux --version
+else
+    echo "Flux CLI already installed"
+    flux --version
+fi
+EOF
+
+    # Check if Flux is already installed
+    log_info "Checking if Flux is already installed..."
+    if ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no "${VM_USER}@${ip}" "sudo kubectl get namespace flux-system" &>/dev/null; then
+        log_warn "Flux is already installed. Skipping installation."
+    else
+        # Install Flux
+        log_info "Installing Flux in K3s cluster..."
+        ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no "${VM_USER}@${ip}" <<'EOF'
+set -e
+export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
+sudo flux install --components=source-controller,kustomize-controller,helm-controller,notification-controller
+EOF
+        log_info "Waiting for Flux to be ready..."
+        sleep 10
+    fi
+
+    # Create Git repository secret (if using HTTPS with token)
+    log_info "Configuring Git repository access..."
+    log_warn "Note: For Gitea, you may need to create a token and configure authentication"
+    
+    # For now, we'll set up a basic GitRepository source
+    # User will need to configure authentication based on their setup
+    ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no "${VM_USER}@${ip}" <<EOF
+set -e
+export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
+
+# Create namespace for applications if it doesn't exist
+sudo kubectl create namespace blockchain --dry-run=client -o yaml | sudo kubectl apply -f -
+sudo kubectl create namespace monitoring --dry-run=client -o yaml | sudo kubectl apply -f -
+sudo kubectl create namespace hc-stack --dry-run=client -o yaml | sudo kubectl apply -f -
+
+# Create GitRepository source
+cat <<'GITREPO' | sudo kubectl apply -f -
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: GitRepository
+metadata:
+  name: gitops-repo
+  namespace: flux-system
+spec:
+  interval: 1m
+  url: $GIT_REPO
+  ref:
+    branch: $GIT_BRANCH
+  ignore: |
+    # Exclude certain paths
+    .git/
+    .github/
+    docs/
+    scripts/
+GITREPO
+EOF
+
+    log_info "GitRepository source created"
+    log_warn "If your Git repository requires authentication, you'll need to:"
+    log_info "1. Create a Git token in Gitea"
+    log_info "2. Create a secret: kubectl create secret generic gitops-repo-auth \\"
+    log_info "     --from-literal=username=<username> \\"
+    log_info "     --from-literal=password=<token> \\"
+    log_info "     -n flux-system"
+    log_info "3. Update GitRepository to reference the secret"
+    echo ""
+
+    # Create Kustomization for infrastructure
+    log_info "Creating Kustomization for infrastructure..."
+    ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no "${VM_USER}@${ip}" <<'EOF'
+set -e
+export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
+
+cat <<'KUSTOMIZATION' | sudo kubectl apply -f -
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: infrastructure
+  namespace: flux-system
+spec:
+  interval: 5m
+  path: ./gitops/infrastructure
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: gitops-repo
+  validation: client
+KUSTOMIZATION
+EOF
+
+    # Create Kustomization for applications
+    log_info "Creating Kustomization for applications..."
+    ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no "${VM_USER}@${ip}" <<'EOF'
+set -e
+export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
+
+cat <<'KUSTOMIZATION' | sudo kubectl apply -f -
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: applications
+  namespace: flux-system
+spec:
+  interval: 5m
+  path: ./gitops/apps
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: gitops-repo
+  validation: client
+KUSTOMIZATION
+EOF
+
+    # Wait for reconciliation
+    log_info "Waiting for Flux to reconcile..."
+    sleep 10
+
+    # Check Flux status
+    log_info "Checking Flux status..."
+    ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no "${VM_USER}@${ip}" <<'EOF'
+set -e
+export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
+
+echo "=== Flux Components ==="
+sudo kubectl get pods -n flux-system
+
+echo ""
+echo "=== GitRepository Status ==="
+sudo kubectl get gitrepository -n flux-system
+
+echo ""
+echo "=== Kustomization Status ==="
+sudo kubectl get kustomization -n flux-system
+EOF
+
+    log_info "✓ GitOps workflows configured!"
+    echo ""
+    log_info "Next steps:"
+    log_info "1. Ensure your Git repository is accessible from the cluster"
+    log_info "2. Configure authentication if required (see warnings above)"
+    log_info "3. Push your GitOps manifests to: $GIT_REPO"
+    log_info "4. Monitor reconciliation: kubectl get kustomization -n flux-system"
+    log_info "5. View logs: kubectl logs -n flux-system -l app=kustomize-controller"
+}
+
+main "$@"
+