Configuration yaml for Argo CD deployments
/usr/local/bin/k3s-uninstall.sh
curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="--disable=traefik" sh -
sudo chgrp -R adm /etc/rancher/k3s
sudo chmod -R g+rw /etc/rancher/k3s
istioctl install --set profile=demo
kubectl create ns argocd
cd ~/src/argocd-config/kustomize/istio-overlay
kubectl apply -k .
kubectl -n argocd get pods
kubectl create ns argocd
kubectl create ns development
kubectl create ns staging
kubectl label namespace default istio-injection=enabled
kubectl label namespace development istio-injection=enabled
kubectl label namespace staging istio-injection=enabled
cd ~/src/argocd-config/kustomize/istio-overlay/argocd
EDIT authpolicy.yaml ---- change HOME_IP
kubectl apply -f authpolicy.yaml
git checkout authpolicy.yaml # so you don't check in the IP
kubectl create ns cert-manager
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.12.0/cert-manager.yaml
kubectl get pods --namespace cert-manager
export CLOUDFLARE_API_TOKEN=xxxxxxxxx
echo "
apiVersion: v1
kind: Secret
metadata:
name: cloudflare-api-token-secret
namespace: istio-system
type: Opaque
stringData:
api-token: $CLOUDFLARE_API_TOKEN
" | kubectl apply -f -
cd ~/src/argocd-config/kustomize/istio-overlay/argocd
EDIT certmanager.yaml and change the email field
kubectl apply -f certmanager.yaml
git checkout certmanager.yaml # so you don't check in your real email
cd ~/src/argocd-config/kustomize/istio-overlay/argocd
kubectl apply -f certs.yaml
kubectl get certs -A
kubectl describe -n istio-system certs argocd-n9oh-com
kubectl -n argocd get secret argocd-initial-admin-secret -o yaml | grep password: | awk -F: '{print $2}' | sed 's/ //g' | base64 -d
https://argocd.n9oh.com
SYNC all the things