gilgamezh
69 lines
1.7 KiB
YAML
69 lines
1.7 KiB
YAML
# ArgoCD configuration for TuringPi K3s cluster
|
|
# Simplified setup - no RBAC restrictions for single-user environment
|
|
|
|
global:
|
|
# Set domain for your LAN access
|
|
domain: argocd.turing.lan
|
|
|
|
# Server configuration
|
|
server:
|
|
# Enable ingress for web UI access
|
|
ingress:
|
|
enabled: true
|
|
controller: generic
|
|
ingressClassName: nginx
|
|
hostname: argocd.turing.lan
|
|
annotations:
|
|
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
|
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
|
|
# Restrict to LAN access (matching your existing pattern)
|
|
nginx.ingress.kubernetes.io/whitelist-source-range: "192.168.0.0/16,10.0.0.0/8,172.16.0.0/12"
|
|
|
|
# Use LoadBalancer service for direct access via MetalLB
|
|
service:
|
|
type: LoadBalancer
|
|
servicePortHttp: 80
|
|
servicePortHttps: 443
|
|
|
|
# Enable insecure mode since this is a homelab (simpler setup)
|
|
extraArgs:
|
|
- --insecure
|
|
|
|
# ApplicationSet controller (for managing multiple apps)
|
|
applicationSet:
|
|
enabled: true
|
|
|
|
# Image updater will be installed separately
|
|
# This is just the base ArgoCD installation
|
|
|
|
# Disable HA components for single-node simplicity
|
|
redis-ha:
|
|
enabled: false
|
|
|
|
# Use single Redis instance
|
|
redis:
|
|
enabled: true
|
|
|
|
# Disable RBAC since you're the only user
|
|
rbac:
|
|
create: true
|
|
# Allow admin access without restrictions
|
|
policy.default: role:admin
|
|
|
|
# No authentication complexity needed for homelab
|
|
configs:
|
|
secret:
|
|
createSecret: true
|
|
params:
|
|
applicationsetcontroller.policy: sync
|
|
|
|
# Storage for repo data (using your NFS setup)
|
|
repoServer:
|
|
volumes:
|
|
- name: custom-tools
|
|
emptyDir: {}
|
|
|
|
# Monitoring (since you have Prometheus)
|
|
prometheus:
|
|
enabled: false # Set to true if you want ArgoCD metrics in Prometheus
|