add fluxcd

content/_data/works/realworld.md

@@ -12,4 +12,7 @@ Main purpose of this projects is to have personal extensive API training on mult
 * Proper seeder / faker for quick starting with filled DB
 * Separated RW / RO database connections for maximizing performance between these 2 contexts
 * Proper suited QA + production Dockerfile
-* Complete CI/CD deployment on Kubernetes with [Concourse](https://concourse.okami101.io/)
+* Complete CI on Kubernetes with [Concourse](https://concourse.okami101.io/)
+* Automatic CD on Kubernetes using [Flux](https://fluxcd.io/)
+
+See complete production deployment manifests [here](https://gitea.okami101.io/adr1enbe4udou1n/flux-source/src/branch/main/conduit), allowing **GitOps** management.

content/_data/works/vue-ts.md

@@ -1,4 +1,4 @@
-[`Vue 3 TS`](https://vuejs.org/) implementation written with Composition API. Instead of using outdated [Bootstrap v4 alpha 2 theme](https://github.com/gothinkster/conduit-bootstrap-template), I rewrite it on [UnoCSS](https://github.com/unocss/unocss), an awesome efficient Tailwind-like utility-first CSS framework.
+[`Vue 3 TS`](https://vuejs.org/) implementation written with Composition API. Instead of using outdated [Bootstrap v4 alpha 2 theme](https://github.com/gothinkster/conduit-bootstrap-template), I rewrite it on [UnoCSS](https://github.com/unocss/unocss), an awesome efficient Tailwind-like utility-first CSS framework, with Dark Mode support.
 
 For API communication, as we have full proper OpenAPI spec, it's a real benefit to have a generated Typescript client for full autocompletion feature. I generally hate generated boilerplate code and the well known [OpenAPI Generator](https://github.com/OpenAPITools/openapi-generator) is not very nice to use.
 

content/_index.md

@@ -32,12 +32,14 @@ Mastering installations and maintenance of `Docker Swarm` or bare metal `Kuberne
 
 * [`HAProxy`] for **high-availability** across multiple frontend workers
 * [`Traefik`](https://traefik.io/traefik/) as main automatic service discovery / ingress controller
+* [`cert-manager`](https://cert-manager.io/) as central certificate solution for Kubernetes cluster
 * [`Portainer`](https://www.portainer.io/) as simple GUI for containers management
 * [`Loki`](https://grafana.com/oss/loki/), [`Prometheus`](https://prometheus.io) and [`Jaeger`](https://www.jaegertracing.io/) as respective *logging*, *metrics* and *tracing* tools
 * [`Grafana`](https://grafana.com) as GUI dashboard builder, designed for *Ops*
 * [`Gitea`](https://gitea.io/) or [`GitLab`](https://about.gitlab.com/) as self-hosted *VCS*
-* [`Drone CI`](https://www.drone.io/) or [`Concourse`](https://concourse-ci.org/) as both *CI/CD* solutions
 * [`SonarQube`](https://www.sonarqube.org/) for automatic quality code scan
+* [`Drone`](https://www.drone.io/) or [`Concourse`](https://concourse-ci.org/) as *CI* solutions
+* [`Flux CD v2`](https://fluxcd.io/) as main *CD* solution for Kubernetes, allowing **GitOps** cluster management
 
 I can install and manage primary-replica databases clusters, mainly [`PostgreSQL`](https://www.postgresql.org/) and [`MySQL`](https://www.mysql.com/fr/), whether bare-metal or cloud managed with Kubernetes (statefulsets), with Prometheus metrics exporters.
 
@@ -47,12 +49,20 @@ Have some experiences with many mid-range cloud providers as [Digital Ocean](htt
 
 Some notes of this blog :
 
-* Hosted on Hetzner Cloud
 * Powered by [`Hugo`](https://gohugo.io/)
+* Using **Hetzner Cloud** as cloud provider
+* Hosted on bare-metal `Kubernetes` multi-nodes cluster, installed with `Terraform` and [`k0s`](https://k0sproject.io/) distribution
+* **HA** setup using **Hetzner LB** and 2 worker nodes
+* `Traefik` as reverse proxy, configured for HA 🛣️
+* `cert-manager` with wildcard certificate 📜
 * Source code on my own [`Gitea`](https://gitea.okami101.io/adr1enbe4udou1n/blog)
-* Automatically deployed through my own [`Concourse`](https://concourse.okami101.io) instance
+* Compiled by my own [`Concourse`](https://concourse.okami101.io) instance as a final docker container image into private registry (**CI** 🏗️)
+* Automatically deployed by `Flux CD v2` to the Kubernetes cluster from [central Git source](https://gitea.okami101.io/adr1enbe4udou1n/flux-source/) (**CD** 🚀)
+* Fully monitored by self-hosted Kube Prometheus Stack 📊
 * Tracked with [`Matomo`](https://matomo.okami101.io/)
 
-All the above tools are **self-hosted** on custom multi-nodes **bare metal** `Kubernetes` installed with [`k0s`](https://k0sproject.io/).
+All above tools are 💯% self-hosted ! Just sadly missing my own Homelab with Proxmox because no fiber 😿
+
+Seems [overkill](https://twitter.com/memenetes/status/1559208569588912132) ? Yeah, but why not ? I'm not able to write a single post without all that 😿
 
 See some of [my open sourced works]({{< ref "works" >}} "Okami101 Works").

layouts/partials/footer.html

@@ -17,8 +17,8 @@
       <img src="/kube.png" width="30" height="30" alt="Kubernetes"
         title="Run on bare metal Kubernetes on Hetzner Cloud" />
 
-      <a href="https://concourse.okami101.io/teams/main/pipelines/blog" target="_blank">
-        <img src="https://concourse.okami101.io/api/v1/teams/main/pipelines/blog/badge" />
+      <a href="https://concourse.okami101.io/teams/main/pipelines/okami-blog" target="_blank">
+        <img src="https://concourse.okami101.io/api/v1/teams/main/pipelines/okami-blog/badge" />
       </a>
 
       {{/* Copyright */}}

package.json

@@ -10,7 +10,7 @@
   "license": "MIT",
   "devDependencies": {
     "autoprefixer": "^10.4.8",
-    "postcss": "^8.4.14",
-    "tailwindcss": "^3.1.7"
+    "postcss": "^8.4.16",
+    "tailwindcss": "^3.1.8"
   }
 }

pnpm-lock.yaml

@@ -2,13 +2,13 @@ lockfileVersion: 5.4
 
 specifiers:
   autoprefixer: ^10.4.8
-  postcss: ^8.4.14
-  tailwindcss: ^3.1.7
+  postcss: ^8.4.16
+  tailwindcss: ^3.1.8
 
 devDependencies:
-  autoprefixer: 10.4.8_postcss@8.4.14
-  postcss: 8.4.14
-  tailwindcss: 3.1.7
+  autoprefixer: 10.4.8_postcss@8.4.16
+  postcss: 8.4.16
+  tailwindcss: 3.1.8
 
 packages:
 
@@ -64,7 +64,7 @@ packages:
     resolution: {integrity: sha512-PYjyFOLKQ9y57JvQ6QLo8dAgNqswh8M1RMJYdQduT6xbWSgK36P/Z/v+p888pM69jMMfS8Xd8F6I1kQ/I9HUGg==}
     dev: true
 
-  /autoprefixer/10.4.8_postcss@8.4.14:
+  /autoprefixer/10.4.8_postcss@8.4.16:
     resolution: {integrity: sha512-75Jr6Q/XpTqEf6D2ltS5uMewJIx5irCU1oBYJrWjFenq/m12WRRrz6g15L1EIoYvPLXTbEry7rDOwrcYNj77xw==}
     engines: {node: ^10 || ^12 || >=14}
     hasBin: true
@@ -72,11 +72,11 @@ packages:
       postcss: ^8.1.0
     dependencies:
       browserslist: 4.21.3
-      caniuse-lite: 1.0.30001373
+      caniuse-lite: 1.0.30001378
       fraction.js: 4.2.0
       normalize-range: 0.1.2
       picocolors: 1.0.0
-      postcss: 8.4.14
+      postcss: 8.4.16
       postcss-value-parser: 4.2.0
     dev: true
 
@@ -97,8 +97,8 @@ packages:
     engines: {node: ^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7}
     hasBin: true
     dependencies:
-      caniuse-lite: 1.0.30001373
-      electron-to-chromium: 1.4.208
+      caniuse-lite: 1.0.30001378
+      electron-to-chromium: 1.4.222
       node-releases: 2.0.6
       update-browserslist-db: 1.0.5_browserslist@4.21.3
     dev: true
@@ -108,8 +108,8 @@ packages:
     engines: {node: '>= 6'}
     dev: true
 
-  /caniuse-lite/1.0.30001373:
-    resolution: {integrity: sha512-pJYArGHrPp3TUqQzFYRmP/lwJlj8RCbVe3Gd3eJQkAV8SAC6b19XS9BjMvRdvaS8RMkaTN8ZhoHP6S1y8zzwEQ==}
+  /caniuse-lite/1.0.30001378:
+    resolution: {integrity: sha512-JVQnfoO7FK7WvU4ZkBRbPjaot4+YqxogSDosHv0Hv5mWpUESmN+UubMU6L/hGz8QlQ2aY5U0vR6MOs6j/CXpNA==}
     dev: true
 
   /chokidar/3.5.3:
@@ -159,8 +159,8 @@ packages:
     resolution: {integrity: sha512-+HlytyjlPKnIG8XuRG8WvmBP8xs8P71y+SKKS6ZXWoEgLuePxtDoUEiH7WkdePWrQ5JBpE6aoVqfZfJUQkjXwA==}
     dev: true
 
-  /electron-to-chromium/1.4.208:
-    resolution: {integrity: sha512-diMr4t69FigAGUk2KovP0bygEtN/9AkqEVkzjEp0cu+zFFbZMVvwACpTTfuj1mAmFR5kNoSW8wGKDFWIvmThiQ==}
+  /electron-to-chromium/1.4.222:
+    resolution: {integrity: sha512-gEM2awN5HZknWdLbngk4uQCVfhucFAfFzuchP3wM3NN6eow1eDU0dFy2kts43FB20ZfhVFF0jmFSTb1h5OhyIg==}
     dev: true
 
   /escalade/3.1.1:
@@ -236,8 +236,8 @@ packages:
       binary-extensions: 2.2.0
     dev: true
 
-  /is-core-module/2.9.0:
-    resolution: {integrity: sha512-+5FPy5PnwmO3lvfMb0AsoPaBG+5KHUI0wYFXOtYPnVVVspTFUuMZNfNaNVRt3FZadstu2c8x23vykRW/NBoU6A==}
+  /is-core-module/2.10.0:
+    resolution: {integrity: sha512-Erxj2n/LDAZ7H8WNJXd9tw38GYM3dv8rk8Zcs+jJuxYTW7sozH+SS8NtrSjVL1/vpLvWi1hxy96IzjJ3EHTJJg==}
     dependencies:
       has: 1.0.3
     dev: true
@@ -324,29 +324,29 @@ packages:
     engines: {node: '>=0.10.0'}
     dev: true
 
-  /postcss-import/14.1.0_postcss@8.4.14:
+  /postcss-import/14.1.0_postcss@8.4.16:
     resolution: {integrity: sha512-flwI+Vgm4SElObFVPpTIT7SU7R3qk2L7PyduMcokiaVKuWv9d/U+Gm/QAd8NDLuykTWTkcrjOeD2Pp1rMeBTGw==}
     engines: {node: '>=10.0.0'}
     peerDependencies:
       postcss: ^8.0.0
     dependencies:
-      postcss: 8.4.14
+      postcss: 8.4.16
       postcss-value-parser: 4.2.0
       read-cache: 1.0.0
       resolve: 1.22.1
     dev: true
 
-  /postcss-js/4.0.0_postcss@8.4.14:
+  /postcss-js/4.0.0_postcss@8.4.16:
     resolution: {integrity: sha512-77QESFBwgX4irogGVPgQ5s07vLvFqWr228qZY+w6lW599cRlK/HmnlivnnVUxkjHnCu4J16PDMHcH+e+2HbvTQ==}
     engines: {node: ^12 || ^14 || >= 16}
     peerDependencies:
       postcss: ^8.3.3
     dependencies:
       camelcase-css: 2.0.1
-      postcss: 8.4.14
+      postcss: 8.4.16
     dev: true
 
-  /postcss-load-config/3.1.4_postcss@8.4.14:
+  /postcss-load-config/3.1.4_postcss@8.4.16:
     resolution: {integrity: sha512-6DiM4E7v4coTE4uzA8U//WhtPwyhiim3eyjEMFCnUpzbrkK9wJHgKDT2mR+HbtSrd/NubVaYTOpSpjUl8NQeRg==}
     engines: {node: '>= 10'}
     peerDependencies:
@@ -359,17 +359,17 @@ packages:
         optional: true
     dependencies:
       lilconfig: 2.0.6
-      postcss: 8.4.14
+      postcss: 8.4.16
       yaml: 1.10.2
     dev: true
 
-  /postcss-nested/5.0.6_postcss@8.4.14:
+  /postcss-nested/5.0.6_postcss@8.4.16:
     resolution: {integrity: sha512-rKqm2Fk0KbA8Vt3AdGN0FB9OBOMDVajMG6ZCf/GoHgdxUJ4sBFp0A/uMIRm+MJUdo33YXEtjqIz8u7DAp8B7DA==}
     engines: {node: '>=12.0'}
     peerDependencies:
       postcss: ^8.2.14
     dependencies:
-      postcss: 8.4.14
+      postcss: 8.4.16
       postcss-selector-parser: 6.0.10
     dev: true
 
@@ -385,8 +385,8 @@ packages:
     resolution: {integrity: sha512-1NNCs6uurfkVbeXG4S8JFT9t19m45ICnif8zWLd5oPSZ50QnwMfK+H3jv408d4jw/7Bttv5axS5IiHoLaVNHeQ==}
     dev: true
 
-  /postcss/8.4.14:
-    resolution: {integrity: sha512-E398TUmfAYFPBSdzgeieK2Y1+1cpdxJx8yXbK/m57nRhKSmk1GB2tO4lbLBtlkfPQTDKfe4Xqv1ASWPpayPEig==}
+  /postcss/8.4.16:
+    resolution: {integrity: sha512-ipHE1XBvKzm5xI7hiHCZJCSugxvsdq2mPnsq5+UF+VHCjiBvtDrlxJfMBToWaP9D5XlgNmcFGqoHmUn0EYEaRQ==}
     engines: {node: ^10 || ^12 || >=14}
     dependencies:
       nanoid: 3.3.4
@@ -420,7 +420,7 @@ packages:
     resolution: {integrity: sha512-nBpuuYuY5jFsli/JIs1oldw6fOQCBioohqWZg/2hiaOybXOft4lonv85uDOKXdf8rhyK159cxU5cDcK/NKk8zw==}
     hasBin: true
     dependencies:
-      is-core-module: 2.9.0
+      is-core-module: 2.10.0
       path-parse: 1.0.7
       supports-preserve-symlinks-flag: 1.0.0
     dev: true
@@ -446,8 +446,8 @@ packages:
     engines: {node: '>= 0.4'}
     dev: true
 
-  /tailwindcss/3.1.7:
-    resolution: {integrity: sha512-r7mgumZ3k0InfVPpGWcX8X/Ut4xBfv+1O/+C73ar/m01LxGVzWvPxF/w6xIUPEztrCoz7axfx0SMdh8FH8ZvRQ==}
+  /tailwindcss/3.1.8:
+    resolution: {integrity: sha512-YSneUCZSFDYMwk+TGq8qYFdCA3yfBRdBlS7txSq0LUmzyeqRe3a8fBQzbz9M3WS/iFT4BNf/nmw9mEzrnSaC0g==}
     engines: {node: '>=12.13.0'}
     hasBin: true
     dependencies:
@@ -464,11 +464,11 @@ packages:
       normalize-path: 3.0.0
       object-hash: 3.0.0
       picocolors: 1.0.0
-      postcss: 8.4.14
-      postcss-import: 14.1.0_postcss@8.4.14
-      postcss-js: 4.0.0_postcss@8.4.14
-      postcss-load-config: 3.1.4_postcss@8.4.14
-      postcss-nested: 5.0.6_postcss@8.4.14
+      postcss: 8.4.16
+      postcss-import: 14.1.0_postcss@8.4.16
+      postcss-js: 4.0.0_postcss@8.4.16
+      postcss-load-config: 3.1.4_postcss@8.4.16
+      postcss-nested: 5.0.6_postcss@8.4.16
       postcss-selector-parser: 6.0.10
       postcss-value-parser: 4.2.0
       quick-lru: 5.1.1