app-test-1/app-test-1.yaml

@@ -1,43 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: app-test-1
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: app-test-1-deploy
-  namespace: app-test-1
-spec:
-  replicas: 1
-  selector:
-    matchLabels: 
-      app: app-test-1
-  template:
-    metadata:
-      labels:
-        app: app-test-1
-    spec:
-      containers:
-      - name: app-test-1
-        image: nginx
-        ports:
-        - name: web
-          containerPort: 80
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: app-test-1-svc
-  namespace: app-test-1
-  labels:
-    app: app-test-1
-spec:
-  type: ClusterIP
-  ports:
-  - name:  http
-    port:  80
-    targetPort: 80
-    protocol: TCP
-  selector:
-    app: app-test-1

applications/Chart.yaml

@@ -1,23 +0,0 @@
-apiVersion: v2
-name: applications
-description: Applications
-
-# A chart can be either an 'application' or a 'library' chart.
-#
-# Application charts are a collection of templates that can be packaged into versioned archives
-# to be deployed.
-#
-# Library charts provide useful utilities or functions for the chart developer. They're included as
-# a dependency of application charts to inject those utilities and functions into the rendering
-# pipeline. Library charts do not define any templates and therefore cannot be deployed.
-type: application
-
-# This is the chart version. This version number should be incremented each time you make changes
-# to the chart and its templates, including the app version.
-# Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.0
-
-# This is the version number of the application being deployed. This version number should be
-# incremented each time you make changes to the application. Versions are not expected to
-# follow Semantic Versioning. They should reflect the version the application is using.
-appVersion: "1.0"

applications/templates/app-test-1.yaml

@@ -1,16 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: app-test-1
-  namespace: argocd
-  finalizers:
-  - resources-finalizer.argocd.argoproj.io
-spec:
-  destination:
-    namespace: test-app
-    server: {{ .Values.spec.destination.server }}
-  project: default
-  source:
-    path: app-test-1
-    repoURL: {{ .Values.spec.source.repoURL }}
-    targetRevision: {{ .Values.spec.source.targetRevision }}

applications/values.yaml

@@ -1,6 +0,0 @@
-spec:
-  destination:
-    server: https://kubernetes.default.svc
-  source:
-    repoURL: https://git.mvzijl.nl/marco/veda.git
-    targetRevision: HEAD

readme.md

@@ -43,25 +43,3 @@ TODO
 ## TODO
 
 - Remove secrets from config
-
-## Misc
-
-### Applying patches
-
-```bash
-talosctl patch machineconfig -p @argocd.yaml -n 192.168.0.0
-```
-
-### Reset node
-
-```bash
-talosctl reset --system-labels-to-wipe EPHEMERAL,STATE --reboot -n 192.168.0.0
-```
-
-### ArgoCD default login
-
-User: admin, password can be retrieved with (ignore the '%' at the end):
-
-```bash
-kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
-```

talos/patches/argocd.yaml

@@ -1,5 +1,6 @@
-cluster:
-  inlineManifests:
+- op: add
+  path: /cluster/inlineManifests
+  value:
     - name: argocd-namespace
       contents: |
         apiVersion: v1
@@ -16,9 +17,9 @@ cluster:
         spec:
           project: default
           source:
-            repoURL: https://git.mvzijl.nl/marco/veda.git
+            repoURL: https://github.com/argoproj/argo-cd-example-apps.git
             targetRevision: HEAD
-            path: applications
+            path: guestbook
           destination:
             server: https://kubernetes.default.svc
             namespace: default

talos/patches/cilium.sh

@@ -1,37 +1,15 @@
-#!/usr/bin/env bash
-
-cat > template.yaml << 'EOF'
-cluster:
-  network:
-    cni:
-      name: none
-  proxy:
-    disabled: true
-  inlineManifests:
-    - name: cilium
-      contents: |
-        __CILIUM_MANIFEST__
-EOF
-
-helm repo add cilium https://helm.cilium.io/
 helm template \
     cilium \
     cilium/cilium \
-    --version 1.17.3 \
+    --version 1.15.6 \
     --namespace kube-system \
     --set ipam.mode=kubernetes \
     --set hubble.relay.enabled=true \
     --set hubble.ui.enabled=true \
-    --set l2announcements.enabled=true \
     --set kubeProxyReplacement=true \
     --set securityContext.capabilities.ciliumAgent="{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}" \
     --set securityContext.capabilities.cleanCiliumState="{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}" \
     --set cgroup.autoMount.enabled=false \
     --set cgroup.hostRoot=/sys/fs/cgroup \
     --set k8sServiceHost=localhost \
-    --set k8sServicePort=7445 | sed 's/^/        /' > manifest.tmp
-
-sed -e '/__CILIUM_MANIFEST__/r manifest.tmp' -e '/__CILIUM_MANIFEST__/d' template.yaml > cilium.yaml
-
-rm manifest.tmp
-rm template.yaml
+    --set k8sServicePort=7445 > cilium.yaml

talos/talosconfig

@@ -1,10 +1,7 @@
 context: veda
 contexts:
     veda:
-        endpoints: 
-            - 192.168.0.10
-            - 192.168.0.11
-            - 192.168.0.12
+        endpoints: []
         ca: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJQekNCOHFBREFnRUNBaEVBc2NKK2QydlFtaFRSZFZGdTBydzdoVEFGQmdNclpYQXdFREVPTUF3R0ExVUUKQ2hNRmRHRnNiM013SGhjTk1qVXdOVEF4TVRBeE16QTJXaGNOTXpVd05ESTVNVEF4TXpBMldqQVFNUTR3REFZRApWUVFLRXdWMFlXeHZjekFxTUFVR0F5dGxjQU1oQUIvZ3lFSHlMRDNJTzZTazdwaUZva0Jwc21obkxwckJMTll3Cno3K1pMbXdlbzJFd1h6QU9CZ05WSFE4QkFmOEVCQU1DQW9Rd0hRWURWUjBsQkJZd0ZBWUlLd1lCQlFVSEF3RUcKQ0NzR0FRVUZCd01DTUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3SFFZRFZSME9CQllFRkozUFM4YTR2NEtHd2srbQpOb0V0elpEcTlaYmFNQVVHQXl0bGNBTkJBTFo2SGZPS3A5c3kzbkcxL1Z1bVhuM2hWQjd1bGpZeW95Mkh3Qm5QClpLNFo3Sk1Yb3NEMVJOY05KdGUxQUp2Tm5NaElxbVMvamhXbjZQdCtLN1YxbWcwPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
         crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJLRENCMjZBREFnRUNBaEFjcmZWemFpb3JiUTM3Ym9IU2ZuSnFNQVVHQXl0bGNEQVFNUTR3REFZRFZRUUsKRXdWMFlXeHZjekFlRncweU5UQTFNREV4TURFek1EWmFGdzB5TmpBMU1ERXhNREV6TURaYU1CTXhFVEFQQmdOVgpCQW9UQ0c5ek9tRmtiV2x1TUNvd0JRWURLMlZ3QXlFQUpLZ1RVemtFSE1WTnRYS2k0b1ZwUE9zbVFjR2V0RFNqCjVwZjRNVG1FVmp1alNEQkdNQTRHQTFVZER3RUIvd1FFQXdJSGdEQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0QKQWpBZkJnTlZIU01FR0RBV2dCU2R6MHZHdUwrQ2hzSlBwamFCTGMyUTZ2V1cyakFGQmdNclpYQURRUUEyaHhtZwpRM3Z3a0tQNWFsc2dDb3I5eEFXUEtKUVpNcUdOWVJQVEo2cFZhbjYrWHdNVjhUekp3NUE3cXRWQ2tUcERyWm1PCkoxclMrZkdrSm5JaU1mRUUKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
         key: LS0tLS1CRUdJTiBFRDI1NTE5IFBSSVZBVEUgS0VZLS0tLS0KTUM0Q0FRQXdCUVlESzJWd0JDSUVJSWsxbEExZ3FEK0RqaXhCQUxPdEJxNFhtZ1FvelE1cEpaUktEeVpITmZxegotLS0tLUVORCBFRDI1NTE5IFBSSVZBVEUgS0VZLS0tLS0K