8 changed files with 0 additions and 384 deletions
--- a/bootstrap/cluster-resources/in-cluster/machineregistration.elemental.yaml
+++ b/bootstrap/cluster-resources/in-cluster/machineregistration.elemental.yaml
@ -1,56 +0,0 @@
 apiVersion: elemental.cattle.io/v1beta1
 kind: MachineRegistration
 metadata:
  name: elemental-registration-1
  namespace: fleet-default
 #  annotations:  key: string
 #  labels:  key: string
 spec:
  machineName: "s-${System Information/SKU Number}"
  machineInventoryLabels:
    elemental.cattle.io/manufacturer: "${System Information/Manufacturer}"
    elemental.cattle.io/productName: "${System Information/Product Name}"
    elemental.cattle.io/serialNumber: "${System Information/Serial Number}"
    elemental.cattle.io/machineUUID: "${System Information/UUID}"
    elemental.cattle.io/cpuTotalCores: "${System Data/CPU/TotalCores}"
    elemental.cattle.io/cpuTotalThreads: "${System Data/CPU/TotalThreads}"
    elemental.cattle.io/totalMemoryBytes: "${System Data/Memory/TotalPhysicalBytes}"
    elemental.cattle.io/numDisks: "${System Data/Storage/TotalDisks}"
    elemental.cattle.io/cpuFamily: "${System Data/Processor Information/Family}"
  config:
    cloud-config:
      users:
        - name: root
          passwd: $6$rounds=4096$eiYhELdUc5UdA3uR$0PnKGqB6yE1eO9Y7VjcClgF0Ew.u4vuCWcXG/J9TXo6zEGht2zy74wzJ0/FTNuFwNeOOfsx2J3L1ENsdHTNFa1
        - name: davad
          passwd: "$6$rounds=4096$aGOOJFIH3nPaWmMD$d6qPla9cmX4kHIPLDK79QnQGUtipxHqWzuXfykWpVJLOy7vpcg8DqHhGS/C6qFKGjlQi1z9Jkj6Nwmd9ANcG61"
          sudo: ["ALL=(ALL) NOPASSWD:ALL"]
          ssh_authorized_keys:
            - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAoxe01++NcPfnk5809M0mL+76Qn6CwPHCxpWX5yhepM david@tyr
            - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEqPa07VmSLavCX7+Mh9RhGjUu5q90FF4IA0U0k+Wj5Z davad@eir
    elemental:
      install:
        device-selector:
          - key: Name
            operator: In
            values:
              - /dev/sda
              - /dev/vda
              - /dev/nvme0
          - key: Size
            operator: Gt
            values:
              - 25Gi
        reboot: true
        poweroff: false
        eject-cd: true
        snapshotter:
          type: btrfs
      reset:
        enabled: true
        reset-oem: true
        reset-persistent: true
        poweroff: false
        reboot: true
--- a/bootstrap/crossplane.yaml
+++ b/bootstrap/crossplane.yaml
@ -1,35 +0,0 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  creationTimestamp: null
  name: crossplane
  namespace: argocd
 spec:
  destination:
    namespace: argocd
    server: https://kubernetes.default.svc
  ignoreDifferences:
    - group: argoproj.io
      jsonPointers:
        - /status
      kind: Application
  project: default
  source:
    path: bootstrap/crossplane
    repoURL: ssh://git@gitea-ssh.gitops.svc.cluster.local:2222/davad/argo.git
  syncPolicy:
    automated:
      allowEmpty: true
      prune: true
      selfHeal: true
    syncOptions:
      - allowEmpty=true
 status:
  health: {}
  summary: {}
  sync:
    comparedTo:
      destination: {}
      source:
        repoURL: ""
    status: ""
--- a/bootstrap/crossplane/helm-values.yaml
+++ b/bootstrap/crossplane/helm-values.yaml
@ -1,214 +0,0 @@
 # helm-docs renders these comments into markdown. Use markdown formatting where
 # appropiate.
 #
 # -- The number of Crossplane pod `replicas` to deploy.
 replicas: 1
 # -- The number of Crossplane ReplicaSets to retain.
 revisionHistoryLimit: null
 # -- The deployment strategy for the Crossplane and RBAC Manager pods.
 deploymentStrategy: RollingUpdate
 image:
  # -- Repository for the Crossplane pod image.
  repository: xpkg.upbound.io/crossplane/crossplane
  # -- The Crossplane image tag. Defaults to the value of `appVersion` in `Chart.yaml`.
  tag: ""
  # -- The image pull policy used for Crossplane and RBAC Manager pods.
  pullPolicy: IfNotPresent
 # -- Add `nodeSelectors` to the Crossplane pod deployment.
 nodeSelector: {}
 # -- Add `tolerations` to the Crossplane pod deployment.
 tolerations: []
 # -- Add `affinities` to the Crossplane pod deployment.
 affinity: {}
 # -- Add `topologySpreadConstraints` to the Crossplane pod deployment.
 topologySpreadConstraints: []
 # -- Enable `hostNetwork` for the Crossplane deployment. Caution: enabling `hostNetwork` grants the Crossplane Pod access to the host network namespace. Consider setting `dnsPolicy` to `ClusterFirstWithHostNet`.
 hostNetwork: false
 # -- Specify the `dnsPolicy` to be used by the Crossplane pod.
 dnsPolicy: ""
 # -- Add custom `labels` to the Crossplane pod deployment.
 customLabels: {}
 # -- Add custom `annotations` to the Crossplane pod deployment.
 customAnnotations: {}
 serviceAccount:
  # -- Specifies whether Crossplane ServiceAccount should be created
  create: true
  # -- Provide the name of an already created Crossplane ServiceAccount. Required when `serviceAccount.create` is `false`
  name: ""
  # -- Add custom `annotations` to the Crossplane ServiceAccount.
  customAnnotations: {}
 # -- Enable [leader election](https://docs.crossplane.io/latest/concepts/pods/#leader-election) for the Crossplane pod.
 leaderElection: true
 # -- Add custom arguments to the Crossplane pod.
 args: []
 provider:
  # -- A list of Provider packages to install.
  packages:
    # - ghcr.io/crossplane-contrib/provider-aws-iam:v1.20.1
    - ghcr.io/crossplane-contrib/provider-aws-route53:v1.20.1
    - ghcr.io/crossplane-contrib/provider-aws-s3:v1.20.1
 configuration:
  # -- A list of Configuration packages to install.
  packages: []
 function:
  # -- A list of Function packages to install
  packages: []
 # -- The imagePullSecret names to add to the Crossplane ServiceAccount.
 imagePullSecrets: []
 registryCaBundleConfig:
  # -- The ConfigMap name containing a custom CA bundle to enable fetching packages from registries with unknown or untrusted certificates.
  name: ""
  # -- The ConfigMap key containing a custom CA bundle to enable fetching packages from registries with unknown or untrusted certificates.
  key: ""
 service:
  # -- Configure annotations on the service object. Only enabled when webhooks.enabled = true
  customAnnotations: {}
 webhooks:
  # -- Enable webhooks for Crossplane and installed Provider packages.
  enabled: true
  # -- The port the webhook server listens on.
  port: ""
 rbacManager:
  # -- Deploy the RBAC Manager pod and its required roles.
  deploy: true
  # -- Don't install aggregated Crossplane ClusterRoles.
  skipAggregatedClusterRoles: false
  # -- The number of RBAC Manager pod `replicas` to deploy.
  replicas: 1
  # -- The number of RBAC Manager ReplicaSets to retain.
  revisionHistoryLimit: null
  # -- Enable [leader election](https://docs.crossplane.io/latest/concepts/pods/#leader-election) for the RBAC Manager pod.
  leaderElection: true
  # -- Add custom arguments to the RBAC Manager pod.
  args: []
  # -- Add `nodeSelectors` to the RBAC Manager pod deployment.
  nodeSelector: {}
  # -- Add `tolerations` to the RBAC Manager pod deployment.
  tolerations: []
  # -- Add `affinities` to the RBAC Manager pod deployment.
  affinity: {}
  # -- Add `topologySpreadConstraints` to the RBAC Manager pod deployment.
  topologySpreadConstraints: []
 packageManager:
  # -- Enable automatic dependency version downgrades. This configuration is only used when `--enable-dependency-version-upgrades` flag is passed.
  enableAutomaticDependencyDowngrade: false
 # -- The PriorityClass name to apply to the Crossplane and RBAC Manager pods.
 priorityClassName: ""
 resourcesCrossplane:
  limits:
    # -- CPU resource limits for the Crossplane pod.
    cpu: 500m
    # -- Memory resource limits for the Crossplane pod.
    memory: 1024Mi
  requests:
    # -- CPU resource requests for the Crossplane pod.
    cpu: 100m
    # -- Memory resource requests for the Crossplane pod.
    memory: 256Mi
 securityContextCrossplane:
  # -- The user ID used by the Crossplane pod.
  runAsUser: 65532
  # -- The group ID used by the Crossplane pod.
  runAsGroup: 65532
  # -- Enable `allowPrivilegeEscalation` for the Crossplane pod.
  allowPrivilegeEscalation: false
  # -- Set the Crossplane pod root file system as read-only.
  readOnlyRootFilesystem: true
 packageCache:
  # -- Set to `Memory` to hold the package cache in a RAM backed file system. Useful for Crossplane development.
  medium: ""
  # -- The size limit for the package cache. If medium is `Memory` the `sizeLimit` can't exceed Node memory.
  sizeLimit: 20Mi
  # -- The name of a PersistentVolumeClaim to use as the package cache. Disables the default package cache `emptyDir` Volume.
  pvc: ""
  # -- The name of a ConfigMap to use as the package cache. Disables the default package cache `emptyDir` Volume.
  configMap: ""
 resourcesRBACManager:
  limits:
    # -- CPU resource limits for the RBAC Manager pod.
    cpu: 100m
    # -- Memory resource limits for the RBAC Manager pod.
    memory: 512Mi
  requests:
    # -- CPU resource requests for the RBAC Manager pod.
    cpu: 100m
    # -- Memory resource requests for the RBAC Manager pod.
    memory: 256Mi
 securityContextRBACManager:
  # -- The user ID used by the RBAC Manager pod.
  runAsUser: 65532
  # -- The group ID used by the RBAC Manager pod.
  runAsGroup: 65532
  # -- Enable `allowPrivilegeEscalation` for the RBAC Manager pod.
  allowPrivilegeEscalation: false
  # -- Set the RBAC Manager pod root file system as read-only.
  readOnlyRootFilesystem: true
 metrics:
  # -- Enable Prometheus path, port and scrape annotations and expose port 8080 for both the Crossplane and RBAC Manager pods.
  enabled: false
  # -- The port the metrics server listens on.
  port: ""
 readiness:
  # -- The port the readyz server listens on.
  port: ""
 # -- Add custom environmental variables to the Crossplane pod deployment.
 # Replaces any `.` in a variable name with `_`. For example, `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`.
 extraEnvVarsCrossplane: {}
 # -- Add custom environmental variables to the RBAC Manager pod deployment.
 # Replaces any `.` in a variable name with `_`. For example, `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`.
 extraEnvVarsRBACManager: {}
 # -- Add a custom `securityContext` to the Crossplane pod.
 podSecurityContextCrossplane: {}
 # -- Add a custom `securityContext` to the RBAC Manager pod.
 podSecurityContextRBACManager: {}
 # -- Add custom `volumes` to the Crossplane pod.
 extraVolumesCrossplane: {}
 # -- Add custom `volumeMounts` to the Crossplane pod.
 extraVolumeMountsCrossplane: {}
 # -- To add arbitrary Kubernetes Objects during a Helm Install
 extraObjects: []
  # - apiVersion: pkg.crossplane.io/v1alpha1
  #   kind: ControllerConfig
  #   metadata:
  #     name: aws-config
  #     annotations:
  #       eks.amazonaws.com/role-arn: arn:aws:iam::123456789101:role/example
  #       helm.sh/hook: post-install
  #   spec:
  #     podSecurityContext:
  #       fsGroup: 2000
--- a/bootstrap/crossplane/kustomization.yaml
+++ b/bootstrap/crossplane/kustomization.yaml
@ -1,15 +0,0 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 helmCharts:
  - name: crossplane
    repo: https://charts.crossplane.io/stable
    version: 1.19.0
    namespace: crossplane-system
    releaseName: crossplane
    valuesFile: helm-values.yaml
 resources:
  - ns.yaml
  - secret-generator.yaml
  - providerconfig.yaml
--- a/bootstrap/crossplane/ns.yaml
+++ b/bootstrap/crossplane/ns.yaml
@ -1,7 +0,0 @@
 apiVersion: v1
 kind: Namespace
 metadata:
  name: crossplane-system
  labels:
    name: crossplane-system
--- a/bootstrap/crossplane/providerconfig.yaml
+++ b/bootstrap/crossplane/providerconfig.yaml
@ -1,15 +0,0 @@
 apiVersion: aws.upbound.io/v1beta1
 kind: ProviderConfig
 metadata:
  name: default
 spec:
  credentials:
    source: Secret
    secretRef:
      namespace: crossplane-system
      name: aws-secret
      key: creds
  assumeRole:
    roleARN: "arn:aws:iam::000654387266:role/crossplane"
--- a/bootstrap/crossplane/secret-generator.yaml
+++ b/bootstrap/crossplane/secret-generator.yaml
@ -1,14 +0,0 @@
 apiVersion: viaduct.ai/v1
 kind: ksops
 metadata:
  # Specify a name
  name: crossplane-secrets
  annotations:
    config.kubernetes.io/function: |
        exec:
          # if the binary is in your PATH, you can do
          path: ksops
          # otherwise, path should be relative to manifest files, like
          # path: ../../../ksops
 files:
  - ./secret.aws.enc.yaml
--- a/bootstrap/crossplane/secret.aws.enc.yaml
+++ b/bootstrap/crossplane/secret.aws.enc.yaml
@ -1,28 +0,0 @@
 apiVersion: v1
 kind: Secret
 type: Opaque
 metadata:
    name: aws-secret
    namespace: crossplane-system
 data:
    creds: ENC[AES256_GCM,data:/O+OEz7rayPa7zoDbmU8fIrhfQDmDjGpwGZ6TC0+xabwYURlsGRKzPL55vAB2eOhO1yfTCGLFEEm9GMI9niukOqf4O3c31bYXSY4roFna1fpv/fCDimyAQ77vGlYOgKw9agw0xEsqzBvbZdXqTCCVbRbVkWG6zLPkVYEEW12mS0rP3IaavIT+bO/oZSW9IDfA45/RcSXdhxnBe4GWYYYXs0tvLs=,iv:VbBQ1fMe7+wNyTQXTi4yjSBxDMu+EJnuzsNwFOteUso=,tag:pmSkRDxRxcf66miw9w7ypg==,type:str]
 sops:
    kms: []
    gcp_kms: []
    azure_kv: []
    hc_vault: []
    age:
        - recipient: age1y26vr5qt6th3wu92rnsgkqcpxxah3pqkqa4khcjjycm3kg40aqyqjgfzx9
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvaFZEY2NwZVJOLzRrUEtx
            andUa2NBQkhlVE5Xd3hmclBkV1Jadkc1RGtjCjVsSWdMSjlNYWNPWmdxZUN2VWVx
            eXI5OWtGb0kvRENkNW0xVWZCUEVhdmsKLS0tIG1YUkdUSFBSN3BnRHZYbCtoUTJu
            WE04a1llSndObHBEUFVkZldNZ1VPdkkK+BqNrTGwJL7+694cU6hIzh8rBSF2iIKf
            btmDLQdRpRglPN4eMKMR/rb00uMF5RHKm8YycTCHfzSOx6ZAEsFQ+w==
            -----END AGE ENCRYPTED FILE-----
    lastmodified: "2025-03-01T17:13:29Z"
    mac: ENC[AES256_GCM,data:5+iGPT8W9I0GJ3ZEwkVtBDm9EbrYEXQCGwijR5GJUU6HETSS7hvZ7SwEXZmBQ/BGKpPG7nLbggUl4oE8VVD5JeUfMnHs1MzL6RabSRuHZXd3UfrYE7bGxwb0kmosa5/2uvYBz/IR7T1Y6mCG0LY8+CMGw02VdKcyTsvvmex9bmc=,iv:NYB6gLjawUUeV7u0eaScD2eVgPedPpc2bB5KuWR7cxQ=,tag:SKINL/5pZiq3o/qywbuE8Q==,type:str]
    pgp: []
    encrypted_regex: ^(data|stringData)$
    version: 3.9.2