Update ghcr.io/tailscale/tailscale Docker tag to v1.56

Added proxies to new scaleway
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2023-12-15 21:02:50 +00:00 · 2023-12-15 19:41:51 +00:00 · 2023-12-15 19:33:45 +00:00 · 2023-12-15 19:00:22 +00:00 · 2023-12-15 18:50:28 +00:00
5 changed files with 115 additions and 200 deletions
--- a/manifests/_apps/auth-proxy.yaml
+++ b/manifests/_apps/auth-proxy.yaml
@ -23,3 +23,28 @@ spec:
    jsonPointers:
    - /data
 ---
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: auth-proxy-scaleway
+  namespace: argocd
+  finalizers:
+  - resources-finalizer.argocd.argoproj.io
+spec:
+  project: cluster.fun
+  destination:
+    namespace: auth-proxy
+    name: scaleway
+  source:
+    path: manifests/auth-proxy
+    repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
+    targetRevision: HEAD
+  syncPolicy:
+    # automated: {}
+    syncOptions:
+      - CreateNamespace=true
+  ignoreDifferences:
+  - kind: Secret
+    jsonPointers:
+    - /data
+---
--- a/manifests/_apps/tailscale-operator.yaml
+++ b/manifests/_apps/tailscale-operator.yaml
@ -14,9 +14,36 @@ spec:
    path: manifests/tailscale-operator
    repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
    targetRevision: HEAD
-    kustomize:
-      commonLabels:
-        app.kubernetes.io/instance: scaleway-cluster
+  syncPolicy:
+    automated: {}
+    syncOptions:
+      - CreateNamespace=true
+  ignoreDifferences:
+  - kind: Secret
+    jsonPointers:
+    - /data
+---
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: tailscale-operator-chart-scaleway
+  namespace: argocd
+  finalizers:
+  - resources-finalizer.argocd.argoproj.io
+spec:
+  project: cluster.fun
+  destination:
+    namespace: tailscale
+    name: scaleway
+  source:
+    repoURL: 'https://pkgs.tailscale.com/helmcharts'
+    targetRevision: 1.56.0
+    chart: tailscale-operator
+    helm:
+      version: v3
+      values: |-
+        operatorConfig:
+          hostname: scaleway-cluster
  syncPolicy:
    automated: {}
    syncOptions:
@ -42,9 +69,36 @@ spec:
    path: manifests/tailscale-operator
    repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
    targetRevision: HEAD
-    kustomize:
-      commonLabels:
-        app.kubernetes.io/instance: civo-cluster
+  syncPolicy:
+    automated: {}
+    syncOptions:
+      - CreateNamespace=true
+  ignoreDifferences:
+  - kind: Secret
+    jsonPointers:
+    - /data
+---
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: tailscale-operator-chart-civo
+  namespace: argocd
+  finalizers:
+  - resources-finalizer.argocd.argoproj.io
+spec:
+  project: cluster.fun
+  destination:
+    namespace: tailscale
+    name: civo
+  source:
+    repoURL: 'https://pkgs.tailscale.com/helmcharts'
+    targetRevision: 1.56.0
+    chart: tailscale-operator
+    helm:
+      version: v3
+      values: |-
+        operatorConfig:
+          hostname: civo-cluster
  syncPolicy:
    automated: {}
    syncOptions:
@ -70,9 +124,36 @@ spec:
    path: manifests/tailscale-operator
    repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
    targetRevision: HEAD
-    kustomize:
-      commonLabels:
-        app.kubernetes.io/instance: scaleway-old-cluster
+  syncPolicy:
+    automated: {}
+    syncOptions:
+      - CreateNamespace=true
+  ignoreDifferences:
+  - kind: Secret
+    jsonPointers:
+    - /data
+---
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: tailscale-operator-chart-scaleway-old
+  namespace: argocd
+  finalizers:
+  - resources-finalizer.argocd.argoproj.io
+spec:
+  project: cluster.fun
+  destination:
+    namespace: tailscale
+    name: cluster-fun (scaleway)
+  source:
+    repoURL: 'https://pkgs.tailscale.com/helmcharts'
+    targetRevision: 1.56.0
+    chart: tailscale-operator
+    helm:
+      version: v3
+      values: |-
+        operatorConfig:
+          hostname: scaleway-old-cluster
  syncPolicy:
    automated: {}
    syncOptions:
--- a/manifests/tailscale-operator/kustomization.yaml
+++ b/manifests/tailscale-operator/kustomization.yaml
@ -1,11 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-metadata:
-  name: tailscale-operator
-
-commonLabels:
-  app.kubernetes.io/name: tailscale-operator
-
-resources:
- rbac.yaml
- manifest.yaml
--- a/manifests/tailscale-operator/manifest.yaml
+++ b/manifests/tailscale-operator/manifest.yaml
@ -1,9 +1,4 @@
 apiVersion: v1
-kind: Namespace
-metadata:
-  name: tailscale
---
-apiVersion: v1
 kind: Secret
 metadata:
  name: operator-oauth
@ -13,61 +8,3 @@ metadata:
    kube-1password/vault: Kubernetes
    kube-1password/secret-text-parse: "true"
 type: Opaque
---
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-    name: tailscale-operator
-    namespace: tailscale
-spec:
-    replicas: 1
-    selector:
-        matchLabels:
-            app: tailscale-operator
-    strategy:
-        type: Recreate
-    template:
-        metadata:
-            labels:
-                app: tailscale-operator
-        spec:
-            containers:
-                - env:
-                    - name: OPERATOR_HOSTNAME
-                      valueFrom:
-                        fieldRef:
-                          fieldPath: metadata.labels['app.kubernetes.io/instance']
-                    - name: OPERATOR_SECRET
-                      value: operator
-                    - name: OPERATOR_LOGGING
-                      value: info
-                    - name: OPERATOR_NAMESPACE
-                      valueFrom:
-                        fieldRef:
-                            fieldPath: metadata.namespace
-                    - name: ENABLE_CONNECTOR
-                      value: "false"
-                    - name: CLIENT_ID_FILE
-                      value: /oauth/client_id
-                    - name: CLIENT_SECRET_FILE
-                      value: /oauth/client_secret
-                    - name: PROXY_IMAGE
-                      value: tailscale/tailscale:unstable
-                    - name: PROXY_TAGS
-                      value: tag:k8s
-                    - name: APISERVER_PROXY
-                      value: "false"
-                    - name: PROXY_FIREWALL_MODE
-                      value: auto
-                  image: tailscale/k8s-operator:unstable
-                  imagePullPolicy: Always
-                  name: operator
-                  volumeMounts:
-                    - mountPath: /oauth
-                      name: oauth
-                      readOnly: true
-            serviceAccountName: operator
-            volumes:
-                - name: oauth
-                  secret:
-                    secretName: operator-oauth
--- a/manifests/tailscale-operator/rbac.yaml
+++ b/manifests/tailscale-operator/rbac.yaml
@ -1,117 +0,0 @@
-
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-    name: operator
-    namespace: tailscale
---
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-    name: proxies
-    namespace: tailscale
---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-    name: tailscale-operator
-rules:
-    - apiGroups:
-        - ""
-      resources:
-        - events
-        - services
-        - services/status
-      verbs:
-        - '*'
-    - apiGroups:
-        - networking.k8s.io
-      resources:
-        - ingresses
-        - ingresses/status
-      verbs:
-        - '*'
-    - apiGroups:
-        - tailscale.com
-      resources:
-        - connectors
-        - connectors/status
-      verbs:
-        - get
-        - list
-        - watch
-        - update
---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-    name: tailscale-operator
-roleRef:
-    apiGroup: rbac.authorization.k8s.io
-    kind: ClusterRole
-    name: tailscale-operator
-subjects:
-    - kind: ServiceAccount
-      name: operator
-      namespace: tailscale
---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-    name: operator
-    namespace: tailscale
-rules:
-    - apiGroups:
-        - ""
-      resources:
-        - secrets
-      verbs:
-        - '*'
-    - apiGroups:
-        - apps
-      resources:
-        - statefulsets
-      verbs:
-        - '*'
---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-    name: proxies
-    namespace: tailscale
-rules:
-    - apiGroups:
-        - ""
-      resources:
-        - secrets
-      verbs:
-        - '*'
---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-    name: operator
-    namespace: tailscale
-roleRef:
-    apiGroup: rbac.authorization.k8s.io
-    kind: Role
-    name: operator
-subjects:
-    - kind: ServiceAccount
-      name: operator
-      namespace: tailscale
---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-    name: proxies
-    namespace: tailscale
-roleRef:
-    apiGroup: rbac.authorization.k8s.io
-    kind: Role
-    name: proxies
-subjects:
-    - kind: ServiceAccount
-      name: proxies
-      namespace: tailscale
---
Author	SHA1	Message	Date
Renovate Bot	4516184e57	Update ghcr.io/tailscale/tailscale Docker tag to v1.56	2023-12-15 21:02:50 +00:00
Marcus Noble	ec48552dd1	Added proxies to new scaleway Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>	2023-12-15 19:41:51 +00:00
Marcus Noble	31efb5d8e0	Added loki service via tailscale Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>	2023-12-15 19:33:45 +00:00
Marcus Noble	d248e5f28e	Remove kustomize params Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>	2023-12-15 19:00:22 +00:00
Marcus Noble	b0c4beb211	Switch to using the tailscale helm chart Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>	2023-12-15 18:50:28 +00:00