This is the infrastructure as code repository to deploy OpenDesk on a haven compliant kubernetes cluster. It is deployed to namespace tn-openbsw-opendesk
There are several ways to install opendesk. The easiest is to directly use helmfile in the opendesk cloned repo. Unfortunately our Kubernetes requires us to use flux to deploy workloads. Since time was limited we choose to do a simple generating op yamls and deploy that with flux.
prerequisite:
- helmfile installed.
- python 3 installed
To generate your own yaml manifests you can do the following:
- clone opendesk
- checkout the latest release (git tag, git checkout 'tag')
- set a master password export MASTER_PASSWORD=xxx
- change the script generate-by-apps.sh to point OPENDESK_REPO_PATH to the directory where you checked out the opendesk repo
- in the cloned opendesk repo change the /helmfile/environments/dev/sample.yaml.gotmpl to your desired config. we used the sample.yaml.gotmpl from this repo.
- install requirements.txt
- run generate-by-app.sh
- run split.py and fix any errors
- run kubectl apply -k . (or let flux deploy it for you by committing the changes)
Secrets are managed with SOPS. Read the documentation on how to use it. We use the Age variant.
sops --encrypt -i <file>
sops --decrypt -i <file>To get access you need a pleio account with the correct permissions and pinniped installed. to install pinniped follow pinniped install tutorial. To get correct access from your pleio account ask a collegue.