nix shell 'nixpkgs#fluxcd'
flux bootstrap git \
--url=ssh://git@<host>/<org>/<repository> \
--branch=main \
--private-key-file=<path/to/private.key> \
--password=<key-passphrase> \
--path=clusters/my-cluster
nix shell 'nixpkgs#kubernetes-helm'
helm template --dry-run=server flux-operator oci://ghcr.io/controlplaneio-fluxcd/charts/flux-operator \
--namespace flux-system \
--create-namespace
apiVersion: fluxcd.controlplane.io/v1
kind: FluxInstance
metadata:
name: flux
namespace: flux-system
annotations:
fluxcd.controlplane.io/reconcileEvery: "1h"
fluxcd.controlplane.io/reconcileTimeout: "5m"
spec:
distribution:
version: "2.x"
registry: "ghcr.io/fluxcd"
artifact: "oci://ghcr.io/controlplaneio-fluxcd/flux-operator-manifests"
components:
- source-controller
- kustomize-controller
- helm-controller
- notification-controller
- image-reflector-controller
- image-automation-controller
cluster:
type: kubernetes
size: medium
multitenant: false
networkPolicy: true
domain: "cluster.local"
kustomize:
patches:
- target:
kind: Deployment
patch: |
- op: replace
path: /spec/template/spec/nodeSelector
value:
kubernetes.io/os: linux
- op: add
path: /spec/template/spec/tolerations
value:
- key: "CriticalAddonsOnly"
operator: "Exists"
sync:
kind: OCIRepository
url: "oci://ghcr.io/my-org/my-fleet-manifests"
ref: "latest"
path: "clusters/my-cluster"
pullSecret: "ghcr-auth"
apiVersion: fluxcd.controlplane.io/v1
kind: FluxInstance
metadata:
name: flux
namespace: flux-system
spec:
distribution:
version: "2.7.x"
registry: "ghcr.io/fluxcd"
sync:
kind: GitRepository
url: "ssh://git@10.215.1.210:22/repos/mrmanager"
ref: "refs/heads/nix"
path: "clusters/my-cluster"
pullSecret: "flux-system"
flux create secret git flux-system \
--url=https://gitlab.com/my-org/my-fleet.git \
--username=git \
--password=$GITLAB_TOKEN
72084f1a7e
