8 changed files with 8 additions and 142 deletions
--- a/app-test-1/app-test-1.yaml
+++ b/app-test-1/app-test-1.yaml
@ -1,43 +0,0 @@
 apiVersion: v1
 kind: Namespace
 metadata:
  name: app-test-1
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: app-test-1-deploy
  namespace: app-test-1
 spec:
  replicas: 1
  selector:
    matchLabels: 
      app: app-test-1
  template:
    metadata:
      labels:
        app: app-test-1
    spec:
      containers:
      - name: app-test-1
        image: nginx
        ports:
        - name: web
          containerPort: 80
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: app-test-1-svc
  namespace: app-test-1
  labels:
    app: app-test-1
 spec:
  type: ClusterIP
  ports:
  - name:  http
    port:  80
    targetPort: 80
    protocol: TCP
  selector:
    app: app-test-1
--- a/applications/Chart.yaml
+++ b/applications/Chart.yaml
@ -1,23 +0,0 @@
 apiVersion: v2
 name: applications
 description: Applications
 # A chart can be either an 'application' or a 'library' chart.
 #
 # Application charts are a collection of templates that can be packaged into versioned archives
 # to be deployed.
 #
 # Library charts provide useful utilities or functions for the chart developer. They're included as
 # a dependency of application charts to inject those utilities and functions into the rendering
 # pipeline. Library charts do not define any templates and therefore cannot be deployed.
 type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
 version: 0.1.0
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 appVersion: "1.0"
--- a/applications/templates/app-test-1.yaml
+++ b/applications/templates/app-test-1.yaml
@ -1,16 +0,0 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: app-test-1
  namespace: argocd
  finalizers:
  - resources-finalizer.argocd.argoproj.io
 spec:
  destination:
    namespace: test-app
    server: {{ .Values.spec.destination.server }}
  project: default
  source:
    path: app-test-1
    repoURL: {{ .Values.spec.source.repoURL }}
    targetRevision: {{ .Values.spec.source.targetRevision }}
--- a/applications/values.yaml
+++ b/applications/values.yaml
@ -1,6 +0,0 @@
 spec:
  destination:
    server: https://kubernetes.default.svc
  source:
    repoURL: https://git.mvzijl.nl/marco/veda.git
    targetRevision: HEAD
--- a/readme.md
+++ b/readme.md
@ -43,25 +43,3 @@ TODO
 ## TODO
 - Remove secrets from config
 ## Misc
 ### Applying patches
 ```bash
 talosctl patch machineconfig -p @argocd.yaml -n 192.168.0.0
 ```
 ### Reset node
 ```bash
 talosctl reset --system-labels-to-wipe EPHEMERAL,STATE --reboot -n 192.168.0.0
 ```
 ### ArgoCD default login
 User: admin, password can be retrieved with (ignore the '%' at the end):
 ```bash
 kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
 ```
--- a/talos/patches/argocd.yaml
+++ b/talos/patches/argocd.yaml
@ -1,5 +1,6 @@
-cluster:
+- op: add
-  inlineManifests:
+  path: /cluster/inlineManifests
  value:
    - name: argocd-namespace
      contents: |
        apiVersion: v1
@ -16,9 +17,9 @@ cluster:
        spec:
          project: default
          source:
-            repoURL: https://git.mvzijl.nl/marco/veda.git
+            repoURL: https://github.com/argoproj/argo-cd-example-apps.git
            targetRevision: HEAD
-            path: applications
+            path: guestbook
          destination:
            server: https://kubernetes.default.svc
            namespace: default
--- a/talos/patches/cilium.sh
+++ b/talos/patches/cilium.sh
@ -1,37 +1,15 @@
 #!/usr/bin/env bash
 cat > template.yaml << 'EOF'
 cluster:
  network:
    cni:
      name: none
  proxy:
    disabled: true
  inlineManifests:
    - name: cilium
      contents: |
        __CILIUM_MANIFEST__
 EOF
 helm repo add cilium https://helm.cilium.io/
 helm template \
    cilium \
    cilium/cilium \
-    --version 1.17.3 \
+    --version 1.15.6 \
    --namespace kube-system \
    --set ipam.mode=kubernetes \
    --set hubble.relay.enabled=true \
    --set hubble.ui.enabled=true \
    --set l2announcements.enabled=true \
    --set kubeProxyReplacement=true \
    --set securityContext.capabilities.ciliumAgent="{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}" \
    --set securityContext.capabilities.cleanCiliumState="{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}" \
    --set cgroup.autoMount.enabled=false \
    --set cgroup.hostRoot=/sys/fs/cgroup \
    --set k8sServiceHost=localhost \
-    --set k8sServicePort=7445 | sed 's/^/        /' > manifest.tmp
+    --set k8sServicePort=7445 > cilium.yaml
 sed -e '/__CILIUM_MANIFEST__/r manifest.tmp' -e '/__CILIUM_MANIFEST__/d' template.yaml > cilium.yaml
 rm manifest.tmp
 rm template.yaml
--- a/talos/talosconfig
+++ b/talos/talosconfig
@ -1,10 +1,7 @@
 context: veda
 contexts:
    veda:
-        endpoints: 
+        endpoints: []
            - 192.168.0.10
            - 192.168.0.11
            - 192.168.0.12
        ca: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJQekNCOHFBREFnRUNBaEVBc2NKK2QydlFtaFRSZFZGdTBydzdoVEFGQmdNclpYQXdFREVPTUF3R0ExVUUKQ2hNRmRHRnNiM013SGhjTk1qVXdOVEF4TVRBeE16QTJXaGNOTXpVd05ESTVNVEF4TXpBMldqQVFNUTR3REFZRApWUVFLRXdWMFlXeHZjekFxTUFVR0F5dGxjQU1oQUIvZ3lFSHlMRDNJTzZTazdwaUZva0Jwc21obkxwckJMTll3Cno3K1pMbXdlbzJFd1h6QU9CZ05WSFE4QkFmOEVCQU1DQW9Rd0hRWURWUjBsQkJZd0ZBWUlLd1lCQlFVSEF3RUcKQ0NzR0FRVUZCd01DTUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3SFFZRFZSME9CQllFRkozUFM4YTR2NEtHd2srbQpOb0V0elpEcTlaYmFNQVVHQXl0bGNBTkJBTFo2SGZPS3A5c3kzbkcxL1Z1bVhuM2hWQjd1bGpZeW95Mkh3Qm5QClpLNFo3Sk1Yb3NEMVJOY05KdGUxQUp2Tm5NaElxbVMvamhXbjZQdCtLN1YxbWcwPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
        crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJLRENCMjZBREFnRUNBaEFjcmZWemFpb3JiUTM3Ym9IU2ZuSnFNQVVHQXl0bGNEQVFNUTR3REFZRFZRUUsKRXdWMFlXeHZjekFlRncweU5UQTFNREV4TURFek1EWmFGdzB5TmpBMU1ERXhNREV6TURaYU1CTXhFVEFQQmdOVgpCQW9UQ0c5ek9tRmtiV2x1TUNvd0JRWURLMlZ3QXlFQUpLZ1RVemtFSE1WTnRYS2k0b1ZwUE9zbVFjR2V0RFNqCjVwZjRNVG1FVmp1alNEQkdNQTRHQTFVZER3RUIvd1FFQXdJSGdEQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0QKQWpBZkJnTlZIU01FR0RBV2dCU2R6MHZHdUwrQ2hzSlBwamFCTGMyUTZ2V1cyakFGQmdNclpYQURRUUEyaHhtZwpRM3Z3a0tQNWFsc2dDb3I5eEFXUEtKUVpNcUdOWVJQVEo2cFZhbjYrWHdNVjhUekp3NUE3cXRWQ2tUcERyWm1PCkoxclMrZkdrSm5JaU1mRUUKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
        key: LS0tLS1CRUdJTiBFRDI1NTE5IFBSSVZBVEUgS0VZLS0tLS0KTUM0Q0FRQXdCUVlESzJWd0JDSUVJSWsxbEExZ3FEK0RqaXhCQUxPdEJxNFhtZ1FvelE1cEpaUktEeVpITmZxegotLS0tLUVORCBFRDI1NTE5IFBSSVZBVEUgS0VZLS0tLS0K