ghndrx/homelab-gitops
1
0
Fork 0
mirror of https://github.com/ghndrx/homelab-gitops.git synced 2026-02-10 06:44:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
124a29a0a9f7bebe65c9ec2ebf8f5fdbef48af8b
homelab-gitops/docs/BOOTSTRAP.md
Greg Hendrickson 124a29a0a9 feat: add ArgoCD bootstrap with ApplicationSet pattern 
- Add root ApplicationSet using Git Directory Generator
- Configure AppProjects for infrastructure and apps separation
- Add cert-manager with Let's Encrypt ClusterIssuers (staging/prod)
- Add SOPS configuration for age-encrypted secrets
- Add bootstrap documentation (docs/BOOTSTRAP.md)
- Scaffold infrastructure dirs (networking, storage, monitoring)
- Update README with quick start and architecture

GitOps pattern: directories auto-discovered by ArgoCD ApplicationSets
Reference: CNCF App-of-Apps best practices 2025
2026-02-02 18:02:42 +00:00

103 lines
2.4 KiB
Markdown
Raw Blame History

# Cluster Bootstrap Guide
This guide walks through bootstrapping a new k3s cluster with ArgoCD GitOps.
## Prerequisites
- k3s cluster running
- `kubectl` configured with cluster access
- `age` installed for SOPS encryption
- GitHub repo access configured
## 1. Install ArgoCD
```bash
# Create namespace
kubectl create namespace argocd
# Install ArgoCD
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
# Wait for pods
kubectl wait --for=condition=available deployment/argocd-server -n argocd --timeout=300s
```
## 2. Configure SOPS
```bash
# Generate age key (one-time)
age-keygen -o ~/.config/sops/age/keys.txt
# Get public key
cat ~/.config/sops/age/keys.txt | grep "public key"
# Update .sops.yaml with your public key
# Create k8s secret for ArgoCD to decrypt
kubectl create secret generic sops-age \
--namespace=argocd \
--from-file=key.txt=~/.config/sops/age/keys.txt
```
## 3. Bootstrap the Cluster
```bash
# Apply root kustomization
kubectl apply -k clusters/defiant/
# This creates:
# - ArgoCD namespace with PSS labels
# - AppProjects (infrastructure, apps)
# - Root ApplicationSets that auto-discover components
```
## 4. Access ArgoCD UI
```bash
# Get initial admin password
kubectl -n argocd get secret argocd-initial-admin-secret \
-o jsonpath="{.data.password}" | base64 -d
# Port forward
kubectl port-forward svc/argocd-server -n argocd 8080:443
# Open https://localhost:8080
# Username: admin
```
## 5. Verify Infrastructure
After bootstrap, ArgoCD will automatically sync:
- **cert-manager** - TLS certificate management with Let's Encrypt
- **networking** - Istio gateway (when configured)
- **storage** - NFS StorageClass (when configured)
- **monitoring** - Prometheus/Grafana (when configured)
## Adding New Infrastructure
1. Create directory under `infrastructure/<component>/`
2. Add `kustomization.yaml` (required)
3. Add manifests or helmCharts
4. Commit and push
5. ArgoCD auto-discovers via Git Directory Generator
## Adding Applications
1. Create base in `apps/base/<app>/`
2. Create overlay in `apps/overlays/prod/<app>/`
3. Commit and push
4. ArgoCD creates Application automatically
## Troubleshooting
```bash
# Check ApplicationSet status
kubectl get applicationsets -n argocd
# Check Application sync status
kubectl get applications -n argocd
# View ArgoCD logs
kubectl logs -n argocd deployment/argocd-applicationset-controller
```
Reference in New Issue View Git Blame Copy Permalink