Homelab/ansible/roles/k3s-server/tasks/flux.yml

---
- name: Check if flux is already installed
  command: k3s kubectl get namespace {{ flux_namespace }}
  register: flux_installed
  changed_when: false
  failed_when: false

- name: Download Flux CLI
  get_url:
    url: >-
      https://github.com/fluxcd/flux2/releases/download/
      {{- flux_version }}/
      {{- 'flux_' }}{{ flux_version | replace('v', '') }}_linux_amd64.tar.gz
    dest: /tmp/flux.tar.gz
    mode: '0644'
  when: flux_installed.rc != 0

- name: Extract Flux CLI
  unarchive:
    src: /tmp/flux.tar.gz
    dest: /usr/local/bin
    remote_src: true
    creates: /usr/local/bin/flux
  when: flux_installed.rc != 0

- name: Install FluxCD in cluster
  shell: |
    export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
    /usr/local/bin/flux install --namespace={{ flux_namespace }}
  when: flux_installed.rc != 0
  register: flux_install_result
  changed_when: "'installed' in flux_install_result.stdout"

- name: Wait for FluxCD to be ready
  shell: |
    export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
    /usr/local/bin/flux check
  register: flux_check
  until: flux_check.rc == 0
  retries: 30
  delay: 10
  changed_when: false
  when: flux_installed.rc != 0

- name: Load Forgejo token from environment
  set_fact:
    forgejo_token: "{{ lookup('env', 'FORGEJO_TOKEN') }}"
    forgejo_repo_url: "{{ lookup('env', 'REPO_URL') }}"

- name: Create Forgejo secret for FluxCD
  shell: |
    export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
    k3s kubectl create secret generic forgejo-auth \
      --namespace={{ flux_namespace }} \
      --from-literal=username=git \
      --from-literal=password={{ forgejo_token }} \
      --dry-run=client -o yaml | k3s kubectl apply -f -
  when: flux_installed.rc != 0

- name: Create GitRepository manifest
  copy:
    dest: /tmp/gitrepository.yaml
    content: |
      apiVersion: source.toolkit.fluxcd.io/v1
      kind: GitRepository
      metadata:
        name: infra
        namespace: {{ flux_namespace }}
      spec:
        interval: 1m
        url: {{ forgejo_repo_url }}
        ref:
          branch: main
        secretRef:
          name: forgejo-auth
    mode: '0644'
  when: flux_installed.rc != 0

- name: Apply GitRepository
  shell: |
    export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
    k3s kubectl apply -f /tmp/gitrepository.yaml
  when: flux_installed.rc != 0

- name: Create Kustomization manifest
  copy:
    dest: /tmp/kustomization.yaml
    content: |
      apiVersion: kustomize.toolkit.fluxcd.io/v1
      kind: Kustomization
      metadata:
        name: apps
        namespace: {{ flux_namespace }}
      spec:
        interval: 1m
        sourceRef:
          kind: GitRepository
          name: infra
        path: ./k8s
        prune: true
        wait: true
    mode: '0644'
  when: flux_installed.rc != 0

- name: Apply Kustomization
  shell: |
    export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
    k3s kubectl apply -f /tmp/kustomization.yaml
  when: flux_installed.rc != 0

- name: Display FluxCD installation status
  debug:
    msg: "FluxCD configured to sync from {{ forgejo_repo_url }}"
  when: flux_installed.rc != 0
fix(terraform): Downgrade provider Proxmox vers v2.9 stable The v3.0 provider is not yet available as a stable release in the OpenTofu/Terraform registry. Downgraded to v2.9 which is the latest stable version. Also fixed minor yamllint issues in flux.yml: - Added space after comment marker - Removed trailing blank line 2025-11-07 10:51:53 +01:00			`---`
feat: Commit initial 2025-11-07 09:33:38 +01:00			`- name: Check if flux is already installed`
			`command: k3s kubectl get namespace {{ flux_namespace }}`
			`register: flux_installed`
			`changed_when: false`
			`failed_when: false`

			`- name: Download Flux CLI`
			`get_url:`
fix(ansible): Résolution violations linting YAML Fixed yamllint errors and warnings across all Ansible files: - Reformatted long lines to stay within 80 character limit - Standardized boolean values to use true/false instead of yes/no - Fixed YAML folding syntax for multiline strings - Removed erroneous triple quotes in k3s-server tasks This resolves all yamllint issues reported by the CI pipeline. 2025-11-07 10:40:53 +01:00			`url: >-`
			`https://github.com/fluxcd/flux2/releases/download/`
			`{{- flux_version }}/`
			`{{- 'flux_' }}{{ flux_version \| replace('v', '') }}_linux_amd64.tar.gz`
feat: Commit initial 2025-11-07 09:33:38 +01:00			`dest: /tmp/flux.tar.gz`
			`mode: '0644'`
			`when: flux_installed.rc != 0`

			`- name: Extract Flux CLI`
			`unarchive:`
			`src: /tmp/flux.tar.gz`
			`dest: /usr/local/bin`
fix(ansible): Résolution violations linting YAML Fixed yamllint errors and warnings across all Ansible files: - Reformatted long lines to stay within 80 character limit - Standardized boolean values to use true/false instead of yes/no - Fixed YAML folding syntax for multiline strings - Removed erroneous triple quotes in k3s-server tasks This resolves all yamllint issues reported by the CI pipeline. 2025-11-07 10:40:53 +01:00			`remote_src: true`
feat: Commit initial 2025-11-07 09:33:38 +01:00			`creates: /usr/local/bin/flux`
			`when: flux_installed.rc != 0`

			`- name: Install FluxCD in cluster`
			`shell: \|`
			`export KUBECONFIG=/etc/rancher/k3s/k3s.yaml`
			`/usr/local/bin/flux install --namespace={{ flux_namespace }}`
			`when: flux_installed.rc != 0`
			`register: flux_install_result`
			`changed_when: "'installed' in flux_install_result.stdout"`

			`- name: Wait for FluxCD to be ready`
			`shell: \|`
			`export KUBECONFIG=/etc/rancher/k3s/k3s.yaml`
			`/usr/local/bin/flux check`
			`register: flux_check`
			`until: flux_check.rc == 0`
			`retries: 30`
			`delay: 10`
			`changed_when: false`
			`when: flux_installed.rc != 0`

feat: Configuration stockage local et token K3S partagé - Passage stockage local-nvme pour acemagician et elitedesk (40G) - Token K3S partagé via cloud-init pour cluster HA - Configuration FluxCD avec GitRepository Forgejo - Déploiement Hello World via FluxCD - Manifestes Kubernetes pour application demo 2025-12-09 11:55:19 +01:00			`- name: Load Forgejo token from environment`
			`set_fact:`
			`forgejo_token: "{{ lookup('env', 'FORGEJO_TOKEN') }}"`
			`forgejo_repo_url: "{{ lookup('env', 'REPO_URL') }}"`

			`- name: Create Forgejo secret for FluxCD`
			`shell: \|`
			`export KUBECONFIG=/etc/rancher/k3s/k3s.yaml`
			`k3s kubectl create secret generic forgejo-auth \`
			`--namespace={{ flux_namespace }} \`
			`--from-literal=username=git \`
			`--from-literal=password={{ forgejo_token }} \`
			`--dry-run=client -o yaml \| k3s kubectl apply -f -`
			`when: flux_installed.rc != 0`

			`- name: Create GitRepository manifest`
			`copy:`
			`dest: /tmp/gitrepository.yaml`
			`content: \|`
			`apiVersion: source.toolkit.fluxcd.io/v1`
			`kind: GitRepository`
			`metadata:`
			`name: infra`
			`namespace: {{ flux_namespace }}`
			`spec:`
			`interval: 1m`
			`url: {{ forgejo_repo_url }}`
			`ref:`
			`branch: main`
			`secretRef:`
			`name: forgejo-auth`
			`mode: '0644'`
			`when: flux_installed.rc != 0`

			`- name: Apply GitRepository`
			`shell: \|`
			`export KUBECONFIG=/etc/rancher/k3s/k3s.yaml`
			`k3s kubectl apply -f /tmp/gitrepository.yaml`
			`when: flux_installed.rc != 0`

			`- name: Create Kustomization manifest`
			`copy:`
			`dest: /tmp/kustomization.yaml`
			`content: \|`
			`apiVersion: kustomize.toolkit.fluxcd.io/v1`
			`kind: Kustomization`
			`metadata:`
			`name: apps`
			`namespace: {{ flux_namespace }}`
			`spec:`
			`interval: 1m`
			`sourceRef:`
			`kind: GitRepository`
			`name: infra`
			`path: ./k8s`
			`prune: true`
			`wait: true`
			`mode: '0644'`
			`when: flux_installed.rc != 0`

			`- name: Apply Kustomization`
			`shell: \|`
			`export KUBECONFIG=/etc/rancher/k3s/k3s.yaml`
			`k3s kubectl apply -f /tmp/kustomization.yaml`
			`when: flux_installed.rc != 0`

feat: Commit initial 2025-11-07 09:33:38 +01:00			`- name: Display FluxCD installation status`
			`debug:`
feat: Configuration stockage local et token K3S partagé - Passage stockage local-nvme pour acemagician et elitedesk (40G) - Token K3S partagé via cloud-init pour cluster HA - Configuration FluxCD avec GitRepository Forgejo - Déploiement Hello World via FluxCD - Manifestes Kubernetes pour application demo 2025-12-09 11:55:19 +01:00			`msg: "FluxCD configured to sync from {{ forgejo_repo_url }}"`
feat: Commit initial 2025-11-07 09:33:38 +01:00			`when: flux_installed.rc != 0`