set shell := ["bash", "-c"] set dotenv-load := false CURRENT_UID := `id -u` CURRENT_GID := `id -g` IPADR := `ip r g 1 | awk '{print$7;exit}'` LOADBAL := '172.23.53.58' edit: vim justfile ip: sudo printf "{{IPADR}}\t jjregistry.localhost" | sudo tee -a /etc/hosts # fire up localhost:5380 and change example zone to point to {{IPADR}} test: #!/usr/bin/env bash printf "uid is {{CURRENT_UID}} and gid is {{CURRENT_GID}}\n" printf "$PWD\n" printf "loadbalancer ip is {{LOADBAL}}\n" bootstrap: locpast purelb traefik cert-manager autocert ldap keycloak printf "kubes deployed: locpast purelb traefik cert-manager autocert ldap keycloak\n" alpine: kubectl apply -f alpine/alpine.yaml dashboard: kubectl apply -f dashboard/dashboard.yaml kubectl apply -f dashboard/dashboard-service-account.yaml k0s: sudo k0s install controller --single sudo service k0scontroller start sleep 5 rm ~/.kube/config sudo install -C -m 600 -o jj -g jj /var/lib/k0s/pki/admin.conf ~/.kube/config kubectl label ns default autocert.step.sm=enabled # check node status kc get nodes, when ready just bootstrap k3d name='hydra': k3d cluster create {{name}} -c k3d/k3d-{{name}}.yaml kubectl label ns default autocert.step.sm=enabled # if the cluster fails on host network stop the registry first # make sure the registry is pointing to 127.0.1.1 in /etc/hosts ldap: kubectl apply -f ldap/ echo: kubectl apply -f apps/echo/ git: helm upgrade --install gitea gitea/ --values gitea/values.yaml --wait cert-manager: helm upgrade --install cert-manager cert-manager/ --values cert-manager/values.yaml --namespace cert-manager --create-namespace --wait sleep 2 kubectl apply -f cert-manager/test-resources.yaml sleep 2 kubectl describe certificate -n cert-manager-test sleep 2 kubectl delete -f cert-manager/test-resources.yaml autocert: helm upgrade --install autocert autocert/ --values autocert/values.yaml --wait acert: helm upgrade --install autocert acert/autocert/ --values acert/autocert/values.yaml --wait # remember to annotate any new pods with autocert.step.sm/{name,duration} as {name}.{ns}.svc.cluster.local and time {namespaces too if you forgot} label name='-h': kubectl create namespace {{name}} kubectl label ns {{name}} autocert.step.sm=enabled ldaptest: ldapsearch -H "ldap://{{LOADBAL}}:1389" -x -b "dc=minotaur" ldapsearch -H "ldaps://{{LOADBAL}}:1636" -x -b "dc=minotaur" #if the previous command failed, check whether TLS_REQCERT allow and SASL_NOCANON on are in ldap.conf keycloak: helm upgrade --install keycloak keycloak/ --values keycloak/values.yaml --wait jup: helm upgrade --install jupyterhub jupyterhub/ --values jupyterhub/values.yaml --namespace jhub --create-namespace --cleanup-on-fail --wait jdown: helm uninstall jupyterhub --namespace jhub purelb: helm upgrade --install purelb purelb/ --values purelb/values.yaml --namespace purelb --create-namespace --wait kubectl apply -f purelb/default_servicegroup.yaml traefik: helm upgrade --install traefik traefik/ --values traefik/values.yaml --namespace traefik --create-namespace --wait kubectl apply -f traefik/dashboard-hook-ingressroute.yaml locpast: kubectl apply -f locpast/local-path-storage.yaml