szymiserver/k8s/deploy-infrastructure.sh

#!/bin/bash
set -e

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
cd "$SCRIPT_DIR/.."

echo "=== Deploying Infrastructure ==="

echo "0. Fixing kind container DNS (prevents ImagePullBackOff on IPv6-only DNS)..."
docker exec szymicluster-control-plane bash -c 'echo "nameserver 8.8.8.8" > /etc/resolv.conf'

echo "1. Creating required host data directories..."
mkdir -p /media/ssd/forgejo/forgejo-data
mkdir -p /media/ssd/forgejo/runner-data
mkdir -p /media/ssd/registry

echo "2. Applying main infrastructure (coredns, ingress-nginx, cert-manager, registry, argocd, forgejo)..."
kubectl apply -k k8s/infrastructure/

echo "3. Waiting for cert-manager to be ready..."
kubectl wait --namespace cert-manager \
  --for=condition=ready pod \
  --selector=app.kubernetes.io/instance=cert-manager \
  --timeout=120s

echo "4. Applying ClusterIssuer for Let's Encrypt..."
kubectl apply -f k8s/infrastructure/cert-manager/cluster-issuer.yaml

echo "5. Waiting for ingress-nginx to be ready..."
kubectl wait --namespace ingress-nginx \
  --for=condition=ready pod \
  --selector=app.kubernetes.io/component=controller \
  --timeout=120s

echo "6. Restarting CoreDNS to pick up internal DNS config..."
kubectl rollout restart deployment coredns -n kube-system
kubectl rollout status deployment coredns -n kube-system --timeout=60s

echo "7. Applying ArgoCD applications..."
kubectl apply -f k8s/argocd-apps/

echo "=== Infrastructure deployment complete ==="
echo ""
echo "Checking certificate status (may take a few minutes to issue):"
kubectl get certificates -A
echo ""
echo "To check challenge status: kubectl get challenges -A"
echo "To check pods: kubectl get pods -A"
echo ""
echo "Services accessible at:"
echo "  - https://git.szymi.ddns.net (Forgejo)"
echo "  - https://argocd.szymi.ddns.net (ArgoCD)"
echo "  - https://registry.szymi.ddns.net (Docker Registry)"