From b258608deb104298fa81e1206300fe59a9e511bf Mon Sep 17 00:00:00 2001
From: Schubert Anselme <schubert@anselm.es>
Date: Mon, 30 Dec 2024 14:08:47 -0500
Subject: [PATCH] chore: Update cluster config

Signed-off-by: Schubert Anselme <schubert@anselm.es>
---
 .commitlintrc              |  2 +-
 config/cluster/config.yaml | 92 +++++++++++++++++++++++++++++++-------
 config/site.yaml           | 43 ------------------
 3 files changed, 77 insertions(+), 60 deletions(-)
 delete mode 100644 config/site.yaml

diff --git a/.commitlintrc b/.commitlintrc
index 270ba79..cfa4fcb 120000
--- a/.commitlintrc
+++ b/.commitlintrc
@@ -1 +1 @@
-modules/dotfiles/.commitlintrc
\ No newline at end of file
+modules/config/.commitlintrc
\ No newline at end of file
diff --git a/config/cluster/config.yaml b/config/cluster/config.yaml
index 586cc2f..6378f69 100644
--- a/config/cluster/config.yaml
+++ b/config/cluster/config.yaml
@@ -15,23 +15,76 @@ spec:
   extensions:
     helm:
       charts:
+        - name: k8s-monitoring
+          chartname: oci://registry-1.docker.io/sanselmechart/k8s-monitoring
+          namespace: observability
+          order: 1
+          version: 1.6.11
+          values: |
+            cluster:
+              name: sandbox
+            metrics:
+              enabled: false
+            logs:
+              enabled: false
+              pod_logs:
+                enabled: false
+              cluster_events:
+                enabled: false
+            traces:
+              enabled: false
+            profiles:
+              enabled: false
+            configAnalysis:
+              enabled: false
+            kube-state-metrics:
+              enabled: true
+            prometheus-node-exporter:
+              enabled: true
+            prometheus-operator-crds:
+              enabled: true
+            opencost:
+              enabled: false
+            alloy:
+              enabled: false
+            configAnalysis:
+              enabled: false
         - name: cilium
-          chartname: cilium/cilium
+          chartname: oci://registry-1.docker.io/sanselmechart/cilium
           namespace: kube-system
           order: 1
-          version: 1.16.2
+          version: 1.16.4
           values: |
             kubeProxyReplacement: true
-            l2announcements:
-              enabled: true
             gatewayAPI:
               enabled: true
+              gatewayClass:
+                create: "'true'"
             operator:
               replicas: 1
-        - name: openebs
-          chartname: openebs/openebs
+        - name: cni-resource
+          chartname: oci://registry-1.docker.io/sanselmechart/cni-resource
           namespace: kube-system
           order: 1
+          version: 0.1.0
+          values: |
+            cilium:
+              pool:
+                allowFirstLastIPs: "'No'"
+              advert:
+                l2:
+                  enabled: true
+                bgp:
+                  enabled: false
+              config:
+                cluster:
+                  enabled: false
+                peer:
+                  enabled: false
+        - name: openebs
+          chartname: oci://registry-1.docker.io/sanselmechart/openebs
+          namespace: kube-system
+          order: 2
           version: 3.10.0
           values: |
             analytics:
@@ -40,19 +93,26 @@ spec:
               hostpathClass:
                 isDefaultClass: true
         - name: cert-manager
-          chartname: jetstack/cert-manager
+          chartname: oci://registry-1.docker.io/sanselmechart/cert-manager
           namespace: cert-manager
-          order: 2
-          version: v1.16.0
+          order: 3
+          version: v1.16.2
           values: |
             crds:
               enabled: true
-      repositories:
-        - name: cilium
-          url: https://helm.cilium.io/
-        - name: jetstack
-          url: https://charts.jetstack.io/
-        - name: openebs
-          url: https://openebs.github.io/charts/
+        - name: trust-manager
+          chartname: oci://registry-1.docker.io/sanselmechart/trust-manager
+          namespace: cert-manager
+          order: 3
+          version: v0.13.0
+        - name: ca-clusterissuer
+          chartname: oci://registry-1.docker.io/sanselmechart/ca-clusterissuer
+          namespace: cert-manager
+          order: 3
+          version: 0.2.0
+          values: |
+            manifests:
+              clusterissuer: false
+              selfsigned: true
   telemetry:
     enabled: false
diff --git a/config/site.yaml b/config/site.yaml
deleted file mode 100644
index 3e79b8c..0000000
--- a/config/site.yaml
+++ /dev/null
@@ -1,43 +0,0 @@
----
-metadata:
-  name: skiff
-site:
-  domain: labos.local
-  config:
-    pki:
-      ca:
-        days: 3065
-        subj: /CN=skiff-root-ca
-  service:
-    libvirt:
-      enabled: true
-  vm:
-    - name: skiff
-      osinfo: ${os_url}/${os_name}/${os_version}
-      arch: ${arch}
-      cpu: ${cpu}
-      image: ${image}
-      memory: ${memory}
-      cloudinit:
-        enabled: true
-      networks:
-        interfaces:
-          oam:
-            address:
-              mac: ba:be:fa:ce:00:00
-              ipv4:
-                dhcp: true
-              ipv6:
-                dhcpv6: true
-status:
-  gpg_dir: ${site_dir}/.gnupg
-  libvirt_cloudinit_dir: ${libvirt_dir}/boot
-  libvirt_emulator: $(command -v ${qemu-system-${arch})
-  libvirt_firmware_file: ${firmware_dir}/edk2-${arch}-code.fd
-  libvirt_image_dir: ${libvirt_dir}/images
-  pki_ca_bundle: ${site_dir}/ca.pfx
-  pki_ca_cert_file: ${site_dir}/pki/ca.crt
-  pki_ca_key_file: ${site_dir}/pki/ca.key
-  pki_dir: ${site_dir}/pki
-  site_dir: /tmp/skiff
-  ssh_key_file: ${site_dir}/id_ed25519