viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
1249 commits 2 branches 0 tags 2.3 GiB
Find a file
Viktor Barzin 9bcdb9e59f [ci skip] Implement multi-user Kubernetes access with OIDC 
- Add RBAC module (modules/kubernetes/rbac/) with admin, power-user,
  and namespace-owner roles, API server OIDC flags, and audit logging
- Add self-service portal (modules/kubernetes/k8s-portal/) SvelteKit app
  with kubeconfig download and setup instructions
- Configure Alloy to collect audit logs from kube-apiserver
- Add Grafana dashboard for Kubernetes audit log visualization
- Configure Authentik OIDC provider with groups scope mapping
- Wire up k8s_users and ssh_private_key variables through module chain
2026-02-17 21:42:39 +00:00
.claude [ci skip] Add Authentik API management knowledge 2026-02-17 21:10:40 +00:00
.git-crypt Add 1 git-crypt collaborator [ci skip] 2025-10-24 18:00:00 +00:00
cli update @ record as well 2024-12-02 21:51:05 +00:00
diagram add link to diagramms lib [ci skip] 2024-01-07 02:38:27 +00:00
docs/plans [ci skip] Add multi-user Kubernetes access implementation plan 2026-02-17 20:49:14 +00:00
modules [ci skip] Implement multi-user Kubernetes access with OIDC 2026-02-17 21:42:39 +00:00
playbooks add pve exporter playbook + pve exporter in k8s [ci skip] 2025-12-26 16:23:17 +00:00
scripts Add Uptime Kuma monitor check to cluster health script [ci skip] 2026-02-15 17:49:40 +00:00
secrets Cluster health remediation: cleanup CronJob, disable Collabora, fix GPU probe, add NFS exports [ci skip] 2026-02-15 17:20:47 +00:00
.drone.yml touch empty private key to enable tfa in drone 2025-11-29 12:06:10 +00:00
.gitattributes add git-crypt terraform 2021-02-14 18:17:40 +00:00
.gitignore add claude files to gitignore [ci skip] 2026-01-18 13:40:31 +00:00
.terraform.lock.hcl [ci skip] Deploy health dashboard service 2026-02-08 01:54:24 +00:00
corefils.yaml disable coredns logs as we dont need them in prod[ci skip] 2025-01-25 17:22:38 +00:00
LICENSE.txt Drone CI Update TLS Certificates Commit 2025-10-12 00:13:18 +00:00
main.tf [ci skip] Implement multi-user Kubernetes access with OIDC 2026-02-17 21:42:39 +00:00
migrate_tfstate.txt initial 2021-02-08 20:02:17 +00:00
README.md add git-crypt setup instructions [ci skip] 2025-10-24 18:09:57 +00:00
versions.tf upgrade proxmox provider and some other tf [ci skip] 2025-12-18 11:41:33 +00:00

README.md

Build Status

This repo contains my infra-as-code sources.

My infrastructure is built using Terraform, Kubernetes and CI/CD is done using Drone CI.

Read more by visiting my website: https://viktorbarzin.me

git-crypt setup

To decrypt the secrets, you need to setup git-crypt.

  1. Install git-crypt.
  2. Setup gpg keys on the machine
  3. git-crypt unlock

This will unlock the secrets and will lock them on commit