hewei
/
jitsi-deploy
mirror of https://github.com/shanghailug/jitsi-deploy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

route /argocd to argocd-server (#6)

Browse Source
pull/7/head
Wei He 4 years ago committed by GitHub
parent 8db8cd7d9a
commit 6fc2437487
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 10 additions and 22 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 10
      INSTALL.md
  2. 1
      argocd/cmd-params-cm.yaml
  3. 8
      argocd/ingressroute-server.yaml.sh
  4. 13
      deploy_jitsi.sh

10
INSTALL.md
Unescape View File

@ -25,18 +25,11 @@ curl -sL https://raw.githubusercontent.com/shanghailug/jitsi-deploy/main/deploy_
bash -s - <PROD_HOSTNAME> <ACME_EMAIL>
```
Alternatively, an additional environment variable `ARGOCD_FQDN` can be provided to enable ArgoCD web server's ingress, so that it can be accessed post installation, for future operations:
```bash
curl -sL https://raw.githubusercontent.com/shanghailug/jitsi-deploy/main/deploy_jitsi.sh |
ARGOCD_FQDN=<CD_HOSTNAME> bash -s - <PROD_HOSTNAME> <ACME_EMAIL>
```
Before committing to a prod installation, the whole setup can be tested by using a test hostname, only requesting certificates from staging instance of Let's Encrypt, and installing into `test` k8s namespace. This can be done by setting `TEST_INSTALL` and `STAGING_CERT` environment variable and giving test hostname as command argument, like this:
```bash
curl -sL https://raw.githubusercontent.com/shanghailug/jitsi-deploy/main/deploy_jitsi.sh |
TEST_INSTALL=1 STAGING_CERT=1 ARGOCD_FQDN=<CD_HOSTNAME> bash -s - <TEST_HOSTNAME> <ACME_EMAIL>
TEST_INSTALL=1 STAGING_CERT=1 bash -s - <TEST_HOSTNAME> <ACME_EMAIL>
```
The installed applications can then be updated/upgraded by rerunning exactly the same command, when the git repo is updated or it's desirable to enable ArgoCD web after initial installation is done. The already installed components will usually be kept as-is if their versions match, or be upgraded otherwise. If k3s needs to be upgraded, however, it's probably a better idea to [tear down](#tear-down) the whole setup before-hand.
@ -56,7 +49,6 @@ The following list of environment variables can be used to customize or alter th
Environment Variable | Description | Default Value | Default behaviour
--- | --- | --- | ---
`ARGOCD_FQDN` | fully-qualified hostname for accessing ArgoCD web UI | "" | don't enable web ingress for ArgoCD server
`ARGOCD_VERSION` | argocd release to install | "v2.3.3" |
`DEPLOY_GIT_REPO` | the git repo url for retrieving artifacts | `https://github.com/shanghailug/jitsi-deploy.git` |
`DEPLOY_GIT_VERSION` | the revision of artifacts to checkout and use from the repo | "" | use the default branch when git repo is cloned locally

1
argocd/cmd-params-cm.yaml
Unescape View File

@ -8,3 +8,4 @@ metadata:
app.kubernetes.io/part-of: argocd
data:
server.insecure: "true"
server.rootpath: "/argocd"

8
argocd/ingressroute-server.yaml.sh
Unescape View File

@ -9,18 +9,16 @@ spec:
- websecure
routes:
- kind: Rule
match: Host(\`${ARGOCD_FQDN}\`)
priority: 10
match: Host(\`${FQDN}\`) && PathPrefix(\`/argocd\`)
services:
- name: argocd-server
port: 80
- kind: Rule
match: Host(\`${ARGOCD_FQDN}\`) && Headers(\`Content-Type\`, \`application/grpc\`)
priority: 11
match: Host(\`${FQDN}\`) && PathPrefix(\`/argocd\`) && Headers(\`Content-Type\`, \`application/grpc\`)
services:
- name: argocd-server
port: 80
scheme: h2c
tls:
certResolver: le-prod
certResolver: ${CERT_RESOLVER}
EOF

13
deploy_jitsi.sh
Unescape View File

@ -122,14 +122,11 @@ function do_argocd {
cd ${SRC_DIR}/
kubectl create ns argocd --dry-run=client -o yaml | kubectl apply -f -
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
if [ -n "${ARGOCD_FQDN}" ]; then
export ARGOCD_FQDN
kubectl apply -f argocd/cmd-params-cm.yaml
kubectl -n argocd rollout restart deploy/argocd-server
argocd/ingressroute-server.yaml.sh | kubectl apply -f -
# ARGOCD_PASSWD=$(kubectl -n argocd get secret/argocd-initial-admin-secret -o jsonpath='{.data.password}' | base64 -d)
fi
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/${ARGOCD_VERSION}/manifests/install.yaml
kubectl apply -f argocd/cmd-params-cm.yaml
kubectl -n argocd rollout restart deploy/argocd-server
argocd/ingressroute-server.yaml.sh | kubectl apply -f -
# ARGOCD_PASSWD=$(kubectl -n argocd get secret/argocd-initial-admin-secret -o jsonpath='{.data.password}' | base64 -d)
echo -n "waiting for argocd to become ready ."
while [ $(kubectl -n argocd get pods | grep -c '1/1') -ne 7 ]; do

Write Preview
Loading…
Cancel
Save