From b38bda266424e70c20b9444afdc489fe6876ab62 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Tue, 6 Dec 2022 16:29:03 +0000
Subject: [PATCH] feat(rook): Add initial rook operator deployment

This patch creates a deployment for the rook operator, since longhorn has
caused various issues once again, taking down the entire mail, nextcloud
and monitoring setup with it, by just simply updating and rebooting a
node.

This is inacceptable. Therefore this switch towards rook which will
hopefully solve this and other problems.
---
 infrastructure/kustomization.yaml      |  1 +
 infrastructure/rook/kustomization.yaml |  7 +++++
 infrastructure/rook/namespace.yaml     | 11 +++++++
 infrastructure/rook/operator.yaml      | 42 ++++++++++++++++++++++++++
 infrastructure/rook/repository.yaml    |  8 +++++
 5 files changed, 69 insertions(+)
 create mode 100644 infrastructure/rook/kustomization.yaml
 create mode 100644 infrastructure/rook/namespace.yaml
 create mode 100644 infrastructure/rook/operator.yaml
 create mode 100644 infrastructure/rook/repository.yaml

diff --git a/infrastructure/kustomization.yaml b/infrastructure/kustomization.yaml
index 4b9b4c54f..12b3b6749 100644
--- a/infrastructure/kustomization.yaml
+++ b/infrastructure/kustomization.yaml
@@ -9,6 +9,7 @@ resources:
   - metallb
   - cert-manager
   - nginx-system
+  - rook
   - longhorn
   - monitoring
   - loki
diff --git a/infrastructure/rook/kustomization.yaml b/infrastructure/rook/kustomization.yaml
new file mode 100644
index 000000000..877a4982b
--- /dev/null
+++ b/infrastructure/rook/kustomization.yaml
@@ -0,0 +1,7 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: rook-ceph
+resources:
+  - namespace.yaml
+  - repository.yaml
+  - operator.yaml
diff --git a/infrastructure/rook/namespace.yaml b/infrastructure/rook/namespace.yaml
new file mode 100644
index 000000000..2386bc141
--- /dev/null
+++ b/infrastructure/rook/namespace.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: rook-ceph
+  labels:
+    pod-security.kubernetes.io/audit: privileged
+    pod-security.kubernetes.io/enforce: privileged
+    pod-security.kubernetes.io/warn: privileged
+    pod-security.kubernetes.io/audit-version: v1.23
+    pod-security.kubernetes.io/enforce-version: v1.23
+    pod-security.kubernetes.io/warn-version: v1.23
diff --git a/infrastructure/rook/operator.yaml b/infrastructure/rook/operator.yaml
new file mode 100644
index 000000000..cacab63df
--- /dev/null
+++ b/infrastructure/rook/operator.yaml
@@ -0,0 +1,42 @@
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: rook-ceph
+  namespace: rook-ceph
+spec:
+  releaseName: rook-ceph
+  chart:
+    spec:
+      chart: postgres-operator
+      sourceRef:
+        kind: HelmRepository
+        name: rook-ceph
+        namespace: rook-ceph
+      version: v1.10.6
+  interval: 5m
+  install:
+    crds: CreateReplace
+  upgrade:
+    crds: CreateReplace
+  valuesFrom:
+    - kind: ConfigMap
+      name: rook-ceph-base-values
+      valuesKey: values.yaml
+    - kind: Secret
+      name: rook-ceph-overwrite
+      valuesKey: values-overwrite.yaml
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: rook-ceph-base-values
+  namespace: rook-ceph
+data:
+  values.yaml: |
+    csi:
+      topology:
+        enabled: true
+        domainLabels:
+          - kubernetes.io/hostname
+    monitoring:
+      enabled: true
\ No newline at end of file
diff --git a/infrastructure/rook/repository.yaml b/infrastructure/rook/repository.yaml
new file mode 100644
index 000000000..2a6d5e5d5
--- /dev/null
+++ b/infrastructure/rook/repository.yaml
@@ -0,0 +1,8 @@
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: HelmRepository
+metadata:
+  name: rook-release 
+  namespace: rook-ceph
+spec:
+  interval: 30m
+  url: https://charts.rook.io/release
-- 
GitLab