diff --git a/docs/data/scripts/kube/etc/generate-sealed-secret.sh b/docs/data/scripts/kube/etc/generate-sealed-secret.sh new file mode 100755 index 0000000000..54920b04df --- /dev/null +++ b/docs/data/scripts/kube/etc/generate-sealed-secret.sh @@ -0,0 +1,62 @@ +#!/bin/bash + +check_inputs() { + if [ -z "$NAMESPACE" ] || [ -z "$KEY_NAME" ] || [ -z "$SECRETS" ]; then + echo "Error: Missing required arguments." + echo "Usage: $0 " + exit 1 + fi +} + +check_dependencies() { + if ! command -v kubectl &> /dev/null; then + echo "Error: kubectl is not installed or not in PATH." + exit 1 + fi + if ! command -v kubeseal &> /dev/null; then + echo "Error: kubeseal is not installed or not in PATH." + exit 1 + fi +} + +create_temp_secret() { + SECRET_CMD="kubectl create secret generic $KEY_NAME --namespace $NAMESPACE" + + IFS='&' read -ra SECRETS_ARRAY <<< "$SECRETS" + for secret in "${SECRETS_ARRAY[@]}"; do + SECRET_CMD="$SECRET_CMD --from-literal=$secret" + done + + TEMP_SECRET_YAML="temp-secret.yaml" + $SECRET_CMD --dry-run=client -o yaml > $TEMP_SECRET_YAML + + echo "Temporary secret created: $TEMP_SECRET_YAML" +} + +seal_secret() { + SEALED_SECRET_YAML="sealed-temp-secret.yaml" + kubeseal --controller-name=sealed-secrets --controller-namespace=armada < $TEMP_SECRET_YAML > $SEALED_SECRET_YAML + + echo "Sealed secret created: $SEALED_SECRET_YAML" +} + +cleanup_temp_files() { + cat $SEALED_SECRET_YAML + rm -f $TEMP_SECRET_YAML + rm -f $SEALED_SECRET_YAML + echo "Temporary files cleaned up." +} + +main() { + check_inputs + check_dependencies + create_temp_secret + seal_secret + cleanup_temp_files +} + +NAMESPACE=$1 +KEY_NAME=$2 +SECRETS=$3 + +main \ No newline at end of file diff --git a/docs/index.html b/docs/index.html index 00c824abfe..b8ac0e702d 100644 --- a/docs/index.html +++ b/docs/index.html @@ -218,11 +218,11 @@

-->

Latest Commit by h0lybyte : -

"Merge pull request #2815 from KBVE/beta +

"Merge pull request #2829 from KBVE/beta Preparing Release Branch"

-On:

-View this commit on +On:

+View this commit on GitHub .

Stack of ScrewFast product boxes containing assorted hardware tools

KBVE Creations: Pioneering Digital Frontiers

Explore Our World of Groundbreaking Games, Dynamic Websites, and Innovative Applications

Rust icon docker + diff --git a/docs/journal/09-23/index.html b/docs/journal/09-23/index.html new file mode 100644 index 0000000000..17e1bfb03e --- /dev/null +++ b/docs/journal/09-23/index.html @@ -0,0 +1,276 @@ + +September: 23rd | KiloByte Virtual Engine + + +
Daily Post Image from Upsplash

September: 23rd

2024

+

KILO

+

Time to launch the big bad wolf! +I believe the Armada instance is good to go for now, with the sealed operator and the base internal redis. +We can wrap back around to usage and communication of that based redis for another project but for now, we can look at launching the kilobase instance.

+

Now we need to go back around and start to seal up more of the core secrets that we want to use. +For the sealed secrets, we want to start with the basic ones that we had built earlier from the docker swarm. +The first step in this process will be to deploy out the roles! +To avoid a bunch of failure and cpu usage of repeated deployment attempts, I believe it would make sense to disable all additional service. +We will focus on getting each of the core services up and running one at a time, with the kilobase fork of the database being the primary focus. +The cnpg operator is currently installed outside of this fleet and it operates within its own namespace, but will it be able to communicate with our supabase namespace?

+

Fleet

+

We will go ahead and delete the previous fleet deployment of supabase that we had and work on a new setup. +This new fleet will include the n8n integration but none of the hqplan / atlas images for now! +I believe for safety concerns, we will have those containers operate within their own closed system that we will be able to deploy through the supabase functions.

+

n8n

+

Adding the n8n chart will make our lives a bit easier to integrate and build around. +Now a bit of a crazier thing that we will be doing is directly having the n8n database integrate with our supabase postgres database. +The logic isnt too sound behind this decision but I have a couple cool concepts that I want to explore, including expanding the rust extension for Postgres to utilize the n8n. +Actually the errors that we are getting for this chart is starting to get a bit annoying, so we are going back off on it for now.

+

Seal

+

Now the fun of encrpyting all the secrets in bulk, then preparing to deploy them into the kilobase release. +We will use the command that we made earlier for armada.

+

+kubectl create secret generic supabase-secret-jwt --from-literal=redis-password=<new-password> --namespace supabase --dry-run=client -o yaml > temp-secret.yaml
+kubeseal --controller-name=sealed-secrets --controller-namespace=supabase < temp-secret.yaml > sealed-temp-secret.yaml
+
+
+

Instead of running this command multiple times, it would be wise to throw it all into a shell file for us to use. +We should split it into functions then have a main function that runs those nested functions that we create. +The first function would be to double check if the inputs are there, the second function should make sure that the commands kubectl and kubeseal are there. +The thrid would handle the kubectl dry run client and output the temp. The fourth function would handle the kubeseal and output the sealed-temp-secret.yaml +The fifth function would cleanup the two files that get made, hmm sounds like a good plan for now.

+

The sealed function will be in a new file called generate-sealed-secret.sh, which we will place inside of the tools/scripts/public/kube/etc/ folder. +For building out this function, I will just ask gpt to do the core of the function, then make changes to fit my needs! +Once the shell script works in the way that I like, I will extend the shell script into the nx run commands too, making it a bit easier to utilize in the future.

+

Minio

+

Looks like the current major failure is in our minio template.

+

2023

+
    +
  • 6:35am - The mornings are getting cold, yes! No more ac and I can finally blast some of my PCs to max! Using my computers as a source of heat will always be OP.
    • +
  • 7:00pm - I forgot to convert over my written notes to digital! I been trying to figure out the phaser engine for a bit and getting some luck in resolving some of the basic issues.
    • +
  • 8:35pm - I am super excited for the next season of one piece, which will most definitely be a couple years from now with all the strikes and what not, but it gives me time to catch up on the general one piece series.
    • +
  • 11:40pm - The new john wick series looks amazing! I enjoyed the first episode a lot and can not wait to see the next episode, it is a bit of a shame that they did not release all of them at once.
    • +
+

Quote

+
+

A prudent question is one half of wisdom. +— Francis Bacon

+
+
+

Tasks

+
    +
  • [ ]
    • +
\ No newline at end of file diff --git a/docs/journal/index.html b/docs/journal/index.html index 8df612be9b..8f79b98401 100644 --- a/docs/journal/index.html +++ b/docs/journal/index.html @@ -200,7 +200,10 @@ }); }); }); -

The Creator’s Diary: Adventures in Art, Tech, and Cinema

Explore daily dispatches from a modern-day Renaissance journey, spanning the realms of art, technology, and ancient wisdom. Dive into a world where algorithms meet aesthetics and every day is a new adventure in beta.

journalEntry.data.cardImageAlt

September 22nd.

journalEntry.data.authorImageAlt

KBVE Team

KBVE Member

Read More

The Creator’s Diary: Adventures in Art, Tech, and Cinema

Explore daily dispatches from a modern-day Renaissance journey, spanning the realms of art, technology, and ancient wisdom. Dive into a world where algorithms meet aesthetics and every day is a new adventure in beta.

journalEntry.data.cardImageAlt

September 23rd.

journalEntry.data.authorImageAlt

KBVE Team

KBVE Member

Read More
blogEntry.data.cardImageAlt
blogEntry.data.authorImageAlt

KBVE Team

Sep 22, 2024

September: 22nd

September 22nd.

blogEntry.data.cardImageAlt
blogEntry.data.authorImageAlt

KBVE Team

Sep 21, 2024

September: 21st

September 21st.