From 2af46d10c9784c6bcc367095743f1d02f1257270 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 12:09:32 +0930 Subject: [PATCH 01/36] feat(bind9): Add bind acl directory ref: #21 --- manifests/bind9/base/Deployment.yaml | 3 +++ manifests/bind9/overlays/production/kustomization.yaml | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/manifests/bind9/base/Deployment.yaml b/manifests/bind9/base/Deployment.yaml index 5490995..ea2e00a 100644 --- a/manifests/bind9/base/Deployment.yaml +++ b/manifests/bind9/base/Deployment.yaml @@ -46,6 +46,9 @@ spec: - name: data mountPath: /etc/bind/conf.d/external subPath: /git/conf/conf.d/external + - name: data + mountPath: /etc/bind/conf.d/acl + subPath: /git/conf/conf.d/acl - name: /git/conf/conf.d/internal mountPath: /etc/bind/conf.d/internal subPath: /git/conf/conf.d/internal diff --git a/manifests/bind9/overlays/production/kustomization.yaml b/manifests/bind9/overlays/production/kustomization.yaml index d2fb801..ed2a30e 100644 --- a/manifests/bind9/overlays/production/kustomization.yaml +++ b/manifests/bind9/overlays/production/kustomization.yaml @@ -13,4 +13,4 @@ namespace: dns images: - name: nofusscomputing/bind - newTag: '1.0.0' + newTag: '1.0.0-rc2' From 8f37be93ab5a85f5b411d880c3be371dff2d7cc3 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 12:11:32 +0930 Subject: [PATCH 02/36] feat(bind9): Make git-ops container part of pod and not init ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index 240fbd9..006cb63 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -9,7 +9,7 @@ spec: spec: - initContainers: + containers: - name: git image: alpine:3.23.2 From 029f45e75c9eb0887c7e4f278b22f4d4b17c6db0 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 12:12:32 +0930 Subject: [PATCH 03/36] fix(bind9): Correct git-ops vole mount path for git ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index 006cb63..451a820 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -69,7 +69,7 @@ spec: cpu: 1 memory: 500Mi requests: - cpu: 400m + cpu: 50m memory: 800Mi ports: @@ -82,5 +82,5 @@ spec: volumeMounts: - name: data - mountPath: /etc/bind/conf.d/external + mountPath: /git subPath: git/ From 183c951a51e5acca534dd571a24cab06db39605f Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 12:14:26 +0930 Subject: [PATCH 04/36] feat(bind9): Make git-ops task be within loop ref: #21 --- .../bind9/components/git-ops/Deployment.yaml | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index 451a820..fa89491 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -29,19 +29,23 @@ spec: export GIT_SSH_COMMAND="ssh -i ${KEY_FILE_NAME}"; - if [ -d /data/git/.git ] then + while :; do - git clone -b master ${SSH_REPOSITORY_HOST}/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}.git /data/git; + if [ -d /git/.git ] then - else + git clone -b master ${SSH_REPOSITORY_HOST}/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}.git /git; - cd /data/git; + else - git fetch -fpvt; + cd /git; - git pull --rebase + git fetch -fpvt; - fi + git pull --rebase + + fi + + done; env: - name: SSH_PRIVATE_KEY @@ -64,6 +68,7 @@ spec: secretKeyRef: name: bind-config key: SSH_REPOSITORY_NAME + resources: limits: cpu: 1 From a4222b4881531bac3c37db632addb2a7e46fd7be Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 12:15:15 +0930 Subject: [PATCH 05/36] fix(bind9): Correct git-ops deployment patch key ref: #21 --- manifests/bind9/components/git-ops/kustomization.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/bind9/components/git-ops/kustomization.yaml b/manifests/bind9/components/git-ops/kustomization.yaml index 5a6938d..e3d7d60 100644 --- a/manifests/bind9/components/git-ops/kustomization.yaml +++ b/manifests/bind9/components/git-ops/kustomization.yaml @@ -5,5 +5,5 @@ kind: Component patches: - - patch: Deployment.yaml + - path: Deployment.yaml \ No newline at end of file From 70acb0cc52e7b7fb802c8d85b8a4970902c36a69 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 12:39:44 +0930 Subject: [PATCH 06/36] fix(bind9): typo on protocol names ref: #21 --- manifests/bind9/base/Deployment.yaml | 4 ++-- manifests/bind9/base/Service-bind.yaml | 4 ++-- manifests/bind9/overlays/production/kustomization.yaml | 1 + 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/manifests/bind9/base/Deployment.yaml b/manifests/bind9/base/Deployment.yaml index ea2e00a..33b87e3 100644 --- a/manifests/bind9/base/Deployment.yaml +++ b/manifests/bind9/base/Deployment.yaml @@ -37,10 +37,10 @@ spec: ports: - containerPort: 53 name: dns-tcp - protocol: tcp + protocol: TCP - containerPort: 53 name: dns-udp - protocol: udp + protocol: UDP volumeMounts: - name: data diff --git a/manifests/bind9/base/Service-bind.yaml b/manifests/bind9/base/Service-bind.yaml index 824ba2f..b5ecc4d 100644 --- a/manifests/bind9/base/Service-bind.yaml +++ b/manifests/bind9/base/Service-bind.yaml @@ -13,9 +13,9 @@ spec: ports: - name: tcp port: 53 - protcol: tcp + protocol: TCP targetPort: dns-tcp - name: udp port: 53 - protocol: udp + protocol: UDP targetPort: dns-udp diff --git a/manifests/bind9/overlays/production/kustomization.yaml b/manifests/bind9/overlays/production/kustomization.yaml index ed2a30e..a7f937d 100644 --- a/manifests/bind9/overlays/production/kustomization.yaml +++ b/manifests/bind9/overlays/production/kustomization.yaml @@ -13,4 +13,5 @@ namespace: dns images: - name: nofusscomputing/bind + newName: harbor.earth.nww/docker/nofusscomputing/bind newTag: '1.0.0-rc2' From 581e1e11f15cdd3d8fbbe69a30d53c6b32d95f94 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 12:43:07 +0930 Subject: [PATCH 07/36] fix(bind9): volume subpaths must be relative ref: #21 --- manifests/bind9/base/Deployment.yaml | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/manifests/bind9/base/Deployment.yaml b/manifests/bind9/base/Deployment.yaml index 33b87e3..1c2c8c0 100644 --- a/manifests/bind9/base/Deployment.yaml +++ b/manifests/bind9/base/Deployment.yaml @@ -45,27 +45,30 @@ spec: volumeMounts: - name: data mountPath: /etc/bind/conf.d/external - subPath: /git/conf/conf.d/external + subPath: git/conf/conf.d/external - name: data mountPath: /etc/bind/conf.d/acl - subPath: /git/conf/conf.d/acl + subPath: git/conf/conf.d/acl - name: /git/conf/conf.d/internal mountPath: /etc/bind/conf.d/internal - subPath: /git/conf/conf.d/internal + subPath: git/conf/conf.d/internal + + - name: run + mountPath: /run - name: data mountPath: /var/bind/dyn - subPath: /git/zones/dyn + subPath: git/zones/dyn - name: data mountPath: /var/bind/pri - subPath: /git/zones/pri + subPath: git/zones/pri - name: data mountPath: /var/bind/sec - subPath: /git/zones/sec + subPath: git/zones/sec - mountPath: /var/log name: data - subPath: /logs + subPath: logs priorityClassName: cluster-low tolerations: [] From 0f5aa729e745329629d579784528d50a55083e98 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 12:44:11 +0930 Subject: [PATCH 08/36] fix(bind9): correct vm name ref: #21 --- manifests/bind9/base/Deployment.yaml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/manifests/bind9/base/Deployment.yaml b/manifests/bind9/base/Deployment.yaml index 1c2c8c0..ae849de 100644 --- a/manifests/bind9/base/Deployment.yaml +++ b/manifests/bind9/base/Deployment.yaml @@ -49,13 +49,10 @@ spec: - name: data mountPath: /etc/bind/conf.d/acl subPath: git/conf/conf.d/acl - - name: /git/conf/conf.d/internal + - name: data mountPath: /etc/bind/conf.d/internal subPath: git/conf/conf.d/internal - - name: run - mountPath: /run - - name: data mountPath: /var/bind/dyn subPath: git/zones/dyn From 1ec677889d563090515d29e9fced8d201625c2f7 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 12:51:54 +0930 Subject: [PATCH 09/36] fix(bind9): remove ports decl from comp git-ops ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 8 -------- 1 file changed, 8 deletions(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index fa89491..5277639 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -77,14 +77,6 @@ spec: cpu: 50m memory: 800Mi - ports: - - containerPort: 53 - name: dns-tcp - protocol: tcp - - containerPort: 53 - name: dns-udp - protocol: udp - volumeMounts: - name: data mountPath: /git From f13b7efebef0174673acd959c246ab29066a5c66 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 12:53:15 +0930 Subject: [PATCH 10/36] fix(bind9): Correct git-ops mem req ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index 5277639..5518cdb 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -75,8 +75,7 @@ spec: memory: 500Mi requests: cpu: 50m - memory: 800Mi - + memory: 150Mi volumeMounts: - name: data mountPath: /git From a2b7f0149e6d0fbe43a2fb914fb6489c756aa83d Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 12:54:54 +0930 Subject: [PATCH 11/36] fix(bind9): git-ops cont requires apk update to install ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index 5518cdb..3a2b7b8 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -17,6 +17,7 @@ spec: - sh - -c - | + apk update; apk add \ git \ openssh-client-default; From 6799d469c6941c20ac36cb1a30154f292983b56d Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 12:58:08 +0930 Subject: [PATCH 12/36] refactor(bind9): RM nl from apk add within git-ops script ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index 3a2b7b8..dee6f44 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -18,9 +18,7 @@ spec: - -c - | apk update; - apk add \ - git \ - openssh-client-default; + apk add git openssh-client-default; KEY_FILE_NAME="~/.ssh/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}/deploy"; From 4afb496c6e1b0f3e60ad7b81ff7ff7693a3745e5 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 12:59:11 +0930 Subject: [PATCH 13/36] refactor(bind9): correct git-ops script 'if' ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index dee6f44..a9d30f1 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -30,7 +30,7 @@ spec: while :; do - if [ -d /git/.git ] then + if [ -d /git/.git ]; then git clone -b master ${SSH_REPOSITORY_HOST}/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}.git /git; From 73d100d2a2005c94246dc6a7b4ae0809ae86d9cf Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 13:01:23 +0930 Subject: [PATCH 14/36] refactor(bind9): correct git-ops script 'add missing sleep' ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index a9d30f1..3cf5267 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -44,6 +44,9 @@ spec: fi + + sleep 300 + done; env: From 37e74aea3e01d43d6983845ad24cd45cba632b1d Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 13:06:31 +0930 Subject: [PATCH 15/36] feat(bind9): Add trace to git-ops script ref: #21 --- .../bind9/components/git-ops/Deployment.yaml | 23 ++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index 3cf5267..05292de 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -17,11 +17,15 @@ spec: - sh - -c - | + echo "Installing pre-reqs....."; + apk update; apk add git openssh-client-default; KEY_FILE_NAME="~/.ssh/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}/deploy"; + echo "Env var KEY_FILE_NAME=[${KEY_FILE_NAME}] setup"; + echo ${SSH_PRIVATE_KEY} > ${SSH_REPOSITORY_NAME}; chmod 600 ${SSH_REPOSITORY_NAME}; @@ -30,16 +34,33 @@ spec: while :; do + echo "Loop Start......"; + if [ -d /git/.git ]; then - git clone -b master ${SSH_REPOSITORY_HOST}/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}.git /git; + REPO_NAME_FULL="${SSH_REPOSITORY_HOST}/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}.git" + + echo "Env var REPO_NAME_FULL=[${REPO_NAME_FULL}] setup"; + + echo "Clonning repo"; + + git clone -b master ${REPO_NAME_FULL} /git; else + echo "********************************************"; + + git status; + + echo "********************************************"; cd /git; + echo "Checking for repo updates"; + git fetch -fpvt; + echo "Pulling any changes...."; + git pull --rebase fi From 499e80e8f8feb6de4914e1761a3746e5b4477395 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 13:08:22 +0930 Subject: [PATCH 16/36] refactor(bind9): correct git-ops script 'if' ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index 05292de..36da44f 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -36,7 +36,7 @@ spec: echo "Loop Start......"; - if [ -d /git/.git ]; then + if [ ! -d /git/.git ]; then REPO_NAME_FULL="${SSH_REPOSITORY_HOST}/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}.git" From acc89703c6b6c4594d69a65d4a4e73a990efc12f Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 13:12:50 +0930 Subject: [PATCH 17/36] refactor(bind9): correct git-ops script 'clone empty dir' ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index 36da44f..a663be5 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -36,7 +36,7 @@ spec: echo "Loop Start......"; - if [ ! -d /git/.git ]; then + if [ ! -d /git/source/.git ]; then REPO_NAME_FULL="${SSH_REPOSITORY_HOST}/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}.git" @@ -44,7 +44,7 @@ spec: echo "Clonning repo"; - git clone -b master ${REPO_NAME_FULL} /git; + git clone -b master ${REPO_NAME_FULL} /git/source; else @@ -53,7 +53,7 @@ spec: git status; echo "********************************************"; - cd /git; + cd /git/source; echo "Checking for repo updates"; From 47212a515a9057f166fe88b5f13b45aefa6d5da3 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 13:20:46 +0930 Subject: [PATCH 18/36] refactor(bind9): correct git-ops script 'ssh key file name' ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index a663be5..835c506 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -26,9 +26,9 @@ spec: echo "Env var KEY_FILE_NAME=[${KEY_FILE_NAME}] setup"; - echo ${SSH_PRIVATE_KEY} > ${SSH_REPOSITORY_NAME}; + echo ${SSH_PRIVATE_KEY} > ${KEY_FILE_NAME}; - chmod 600 ${SSH_REPOSITORY_NAME}; + chmod 600 ${KEY_FILE_NAME}; export GIT_SSH_COMMAND="ssh -i ${KEY_FILE_NAME}"; From 10631bca4d9f298f36a16485efd1b7f783d2e5e3 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 13:22:20 +0930 Subject: [PATCH 19/36] refactor(bind9): correct git-ops script 'create key dir' ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index 835c506..9f4eab3 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -22,15 +22,17 @@ spec: apk update; apk add git openssh-client-default; - KEY_FILE_NAME="~/.ssh/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}/deploy"; + KEY_FILE_PATH="~/.ssh/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}"; - echo "Env var KEY_FILE_NAME=[${KEY_FILE_NAME}] setup"; + mkdir -p ${KEY_FILE_PATH}; - echo ${SSH_PRIVATE_KEY} > ${KEY_FILE_NAME}; + echo "Env var KEY_FILE_PATH=[${KEY_FILE_PATH}] setup"; - chmod 600 ${KEY_FILE_NAME}; + echo ${SSH_PRIVATE_KEY} > ${KEY_FILE_PATH}/deploy; - export GIT_SSH_COMMAND="ssh -i ${KEY_FILE_NAME}"; + chmod 600 ${KEY_FILE_PATH}/deploy; + + export GIT_SSH_COMMAND="ssh -i ${KEY_FILE_PATH}/deploy"; while :; do From 88f3b0d72fea072b17291b288e68ddcf0aff0de9 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 13:26:56 +0930 Subject: [PATCH 20/36] fix(bind9): Add home dir to git-ops cont ref: #21 --- manifests/bind9/base/Deployment.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/manifests/bind9/base/Deployment.yaml b/manifests/bind9/base/Deployment.yaml index ae849de..bfc1335 100644 --- a/manifests/bind9/base/Deployment.yaml +++ b/manifests/bind9/base/Deployment.yaml @@ -67,6 +67,9 @@ spec: name: data subPath: logs + - mountPath: /root + name: home + priorityClassName: cluster-low tolerations: [] volumes: @@ -74,3 +77,7 @@ spec: - name: data persistentVolumeClaim: claimName: bind + + - name: home + emptyDir: + medium: Memory From c258990ee5b6f404d7fddd1088524e77f93102dd Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 13:30:08 +0930 Subject: [PATCH 21/36] fix(bind9): correct git-ops script 'path var' ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index 9f4eab3..557ec43 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -22,9 +22,9 @@ spec: apk update; apk add git openssh-client-default; - KEY_FILE_PATH="~/.ssh/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}"; + KEY_FILE_PATH=~/.ssh/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}; - mkdir -p ${KEY_FILE_PATH}; + mkdir -p "${KEY_FILE_PATH}"; echo "Env var KEY_FILE_PATH=[${KEY_FILE_PATH}] setup"; From f7d51c69f8f9074ad1851bbeade70f0e1c14b745 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 13:54:55 +0930 Subject: [PATCH 22/36] fix(bind9): correct git-ops script 'more var fixes' ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index 557ec43..0176956 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -22,7 +22,7 @@ spec: apk update; apk add git openssh-client-default; - KEY_FILE_PATH=~/.ssh/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}; + export KEY_FILE_PATH=~/.ssh/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}; mkdir -p "${KEY_FILE_PATH}"; @@ -32,7 +32,7 @@ spec: chmod 600 ${KEY_FILE_PATH}/deploy; - export GIT_SSH_COMMAND="ssh -i ${KEY_FILE_PATH}/deploy"; + export GIT_SSH_COMMAND="ssh -i $KEY_FILE_PATH/deploy"; while :; do From 8a929f50b990ce3986c8bd2654a6599fff793fe8 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 13:56:04 +0930 Subject: [PATCH 23/36] fix(bind9): correct git-ops script 'add protocol to git' ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index 0176956..6be7893 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -46,7 +46,7 @@ spec: echo "Clonning repo"; - git clone -b master ${REPO_NAME_FULL} /git/source; + git clone -b master ssh://${REPO_NAME_FULL} /git/source; else From fb58188e840a44696b85a5c5fb68a2057876dec8 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 14:05:05 +0930 Subject: [PATCH 24/36] fix(bind9): correct git-ops script 'ssh repo is divided by :' ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index 6be7893..e996a51 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -40,7 +40,7 @@ spec: if [ ! -d /git/source/.git ]; then - REPO_NAME_FULL="${SSH_REPOSITORY_HOST}/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}.git" + REPO_NAME_FULL="${SSH_REPOSITORY_HOST}:${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}.git" echo "Env var REPO_NAME_FULL=[${REPO_NAME_FULL}] setup"; From 542453cf7bfb1c95b533186bb4b186c585fa7364 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 14:05:17 +0930 Subject: [PATCH 25/36] fix(bind9): correct git-ops script 'add host key' ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index e996a51..cb6a2e6 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -34,6 +34,8 @@ spec: export GIT_SSH_COMMAND="ssh -i $KEY_FILE_PATH/deploy"; + ssh-keyscan "${SSH_REPOSITORY_HOST}" >> ~/.ssh/known_hosts + while :; do echo "Loop Start......"; From ef386662ae4e459c30318f7164d826afabd0c0e4 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 14:32:31 +0930 Subject: [PATCH 26/36] fix(bind9): correct git-ops script 'ssh path sep is colon' ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index cb6a2e6..99af731 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -42,7 +42,7 @@ spec: if [ ! -d /git/source/.git ]; then - REPO_NAME_FULL="${SSH_REPOSITORY_HOST}:${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}.git" + export REPO_NAME_FULL="${SSH_REPOSITORY_HOST}:${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}.git" echo "Env var REPO_NAME_FULL=[${REPO_NAME_FULL}] setup"; From 3cc0b1840be1f9e56a00417139014407e76fc8cf Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 14:33:31 +0930 Subject: [PATCH 27/36] fix(bind9): correct git-ops script 'add uname git to clone' ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index 99af731..0f51f2c 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -48,7 +48,7 @@ spec: echo "Clonning repo"; - git clone -b master ssh://${REPO_NAME_FULL} /git/source; + git clone -b master git@${REPO_NAME_FULL} /git/source; else From 7eb3089fb43e1e54561c57e545c313d87db99932 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 14:38:34 +0930 Subject: [PATCH 28/36] fix(bind9): correct git-ops script 'cat cert var' ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index 0f51f2c..5f32bae 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -28,7 +28,9 @@ spec: echo "Env var KEY_FILE_PATH=[${KEY_FILE_PATH}] setup"; - echo ${SSH_PRIVATE_KEY} > ${KEY_FILE_PATH}/deploy; + cat > ${KEY_FILE_PATH}/deploy < Date: Fri, 9 Jan 2026 14:40:28 +0930 Subject: [PATCH 29/36] feat(bind9): git-ops script 'auth check' ref: #21 --- .../bind9/components/git-ops/Deployment.yaml | 38 ++++++++++++++----- 1 file changed, 28 insertions(+), 10 deletions(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index 5f32bae..d7aa494 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -48,29 +48,47 @@ spec: echo "Env var REPO_NAME_FULL=[${REPO_NAME_FULL}] setup"; - echo "Clonning repo"; + if ssh -T "git@$SSH_REPOSITORY_HOST" -i $KEY_FILE_PATH/deploy; then - git clone -b master git@${REPO_NAME_FULL} /git/source; + echo "Clonning repo"; - else + git clone -b master git@${REPO_NAME_FULL} /git/source; + + else - echo "********************************************"; + echo "Not Authenticated, check ssh key. RC=[${?}]"; - git status; + fi + + else - echo "********************************************"; cd /git/source; - echo "Checking for repo updates"; + if ssh -T "git@$SSH_REPOSITORY_HOST" -i $KEY_FILE_PATH/deploy; then + + echo "********************************************"; + + git status; + + echo "********************************************"; + + echo "Checking for repo updates"; + + git fetch -fpvt; + + echo "Pulling any changes...."; + + git pull --rebase - git fetch -fpvt; + else - echo "Pulling any changes...."; + echo "Not Authenticated, check ssh key. RC=[${?}]"; - git pull --rebase + fi fi + echo "Loop Finish."; sleep 300 From af6a9b4cfe42ec6d8e84a7ecacf61211be5ab142 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 14:47:10 +0930 Subject: [PATCH 30/36] feat(bind9): git-ops script 'add bind logs mount' ref: #21 --- manifests/bind9/components/git-ops/Deployment.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index d7aa494..bf40c9a 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -127,3 +127,7 @@ spec: - name: data mountPath: /git subPath: git/ + + - mountPath: /var/dns-log + name: data + subPath: logs From f809d7b86841121870ea69cf77d71360f31aeca9 Mon Sep 17 00:00:00 2001 From: Jon Date: Fri, 9 Jan 2026 14:56:35 +0930 Subject: [PATCH 31/36] refactor(bind9): git-ops to contain init cont ref: #21 --- manifests/bind9/base/Deployment.yaml | 7 - .../bind9/components/git-ops/Deployment.yaml | 188 ++++++++++++++---- .../overlays/production/kustomization.yaml | 2 +- 3 files changed, 154 insertions(+), 43 deletions(-) diff --git a/manifests/bind9/base/Deployment.yaml b/manifests/bind9/base/Deployment.yaml index bfc1335..ae849de 100644 --- a/manifests/bind9/base/Deployment.yaml +++ b/manifests/bind9/base/Deployment.yaml @@ -67,9 +67,6 @@ spec: name: data subPath: logs - - mountPath: /root - name: home - priorityClassName: cluster-low tolerations: [] volumes: @@ -77,7 +74,3 @@ spec: - name: data persistentVolumeClaim: claimName: bind - - - name: home - emptyDir: - medium: Memory diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index bf40c9a..3f38705 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -17,6 +17,116 @@ spec: - sh - -c - | + echo "Installing pre-reqs....."; + + apk update; + apk add git openssh-client-default; + + export KEY_FILE_PATH=~/.ssh/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}; + + chmod 600 ${KEY_FILE_PATH}/deploy; + + export GIT_SSH_COMMAND="ssh -i $KEY_FILE_PATH/deploy"; + + while :; do + + echo "Loop Start......"; + + + cd /git; + + if ssh -T "git@$SSH_REPOSITORY_HOST" -i $KEY_FILE_PATH/deploy; then + + echo "********************************************"; + + git status; + + echo "********************************************"; + + echo "Checking for repo updates"; + + git fetch -fpvt; + + echo "Git reset...."; + + git reset --hard; + + echo "Pulling any changes...."; + + git pull --rebase + + else + + echo "Not Authenticated, check ssh key. RC=[${?}]"; + + fi + + + + echo "Loop Finish."; + + sleep 300 + + done; + + env: + - name: SSH_PRIVATE_KEY + valueFrom: + secretKeyRef: + name: bind-config + key: SSH_PRIVATE_KEY + - name: SSH_REPOSITORY_HOST + valueFrom: + secretKeyRef: + name: bind-config + key: SSH_REPOSITORY_HOST + - name: SSH_REPOSITORY_OWNER + valueFrom: + secretKeyRef: + name: bind-config + key: SSH_REPOSITORY_OWNER + - name: SSH_REPOSITORY_NAME + valueFrom: + secretKeyRef: + name: bind-config + key: SSH_REPOSITORY_NAME + - name: SSH_REPOSITORY_REF + valueFrom: + secretKeyRef: + name: bind-config + key: SSH_REPOSITORY_REF + + resources: + limits: + cpu: 1 + memory: 500Mi + requests: + cpu: 50m + memory: 150Mi + volumeMounts: + - name: data + mountPath: /git + subPath: git/ + + - name: data + mountPath: /root + subPath: home + + - mountPath: /var/dns-log + name: data + subPath: logs + + initContainers: + + - name: clone + image: alpine:3.23.2 + command: + - sh + - -c + - | + echo "Start init"; + + echo "Installing pre-reqs....."; apk update; @@ -28,9 +138,8 @@ spec: echo "Env var KEY_FILE_PATH=[${KEY_FILE_PATH}] setup"; - cat > ${KEY_FILE_PATH}/deploy < ${KEY_FILE_PATH}/deploy + chmod 600 ${KEY_FILE_PATH}/deploy; @@ -38,61 +147,64 @@ spec: ssh-keyscan "${SSH_REPOSITORY_HOST}" >> ~/.ssh/known_hosts - while :; do - echo "Loop Start......"; + export REPO_NAME_FULL="${SSH_REPOSITORY_HOST}:${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}.git" + + echo "Env var REPO_NAME_FULL=[${REPO_NAME_FULL}] setup"; - if [ ! -d /git/source/.git ]; then - export REPO_NAME_FULL="${SSH_REPOSITORY_HOST}:${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}.git" + if [ ! -d /git/.git ]; then - echo "Env var REPO_NAME_FULL=[${REPO_NAME_FULL}] setup"; - if ssh -T "git@$SSH_REPOSITORY_HOST" -i $KEY_FILE_PATH/deploy; then + if ssh -T "git@$SSH_REPOSITORY_HOST" -i $KEY_FILE_PATH/deploy; then - echo "Clonning repo"; + echo "Clonning repo on branch=[${SSH_REPOSITORY_REF}]"; - git clone -b master git@${REPO_NAME_FULL} /git/source; + git clone -b "${SSH_REPOSITORY_REF}" git@${REPO_NAME_FULL} /git; - else + else - echo "Not Authenticated, check ssh key. RC=[${?}]"; + echo "Not Authenticated, check ssh key. RC=[${?}]"; - fi + exit 1; + + fi + + else - else - cd /git/source; + cd /git; - if ssh -T "git@$SSH_REPOSITORY_HOST" -i $KEY_FILE_PATH/deploy; then + if ssh -T "git@$SSH_REPOSITORY_HOST" -i $KEY_FILE_PATH/deploy; then - echo "********************************************"; + echo "********************************************"; - git status; + git status; - echo "********************************************"; - - echo "Checking for repo updates"; + echo "********************************************"; + + echo "Checking for repo updates"; - git fetch -fpvt; + git fetch -fpvt; - echo "Pulling any changes...."; + echo "Git reset...."; - git pull --rebase + git reset --hard; - else + echo "Pulling any changes...."; - echo "Not Authenticated, check ssh key. RC=[${?}]"; + git pull --rebase - fi + else + + echo "Not Authenticated, check ssh key. RC=[${?}]"; fi - echo "Loop Finish."; - sleep 300 + fi - done; + echo "Finish init"; env: - name: SSH_PRIVATE_KEY @@ -115,6 +227,11 @@ spec: secretKeyRef: name: bind-config key: SSH_REPOSITORY_NAME + - name: SSH_REPOSITORY_REF + valueFrom: + secretKeyRef: + name: bind-config + key: SSH_REPOSITORY_REF resources: limits: @@ -123,11 +240,12 @@ spec: requests: cpu: 50m memory: 150Mi + volumeMounts: - name: data mountPath: /git - subPath: git/ + subPath: git - - mountPath: /var/dns-log - name: data - subPath: logs + - name: data + mountPath: /root + subPath: home diff --git a/manifests/bind9/overlays/production/kustomization.yaml b/manifests/bind9/overlays/production/kustomization.yaml index a7f937d..8d433ef 100644 --- a/manifests/bind9/overlays/production/kustomization.yaml +++ b/manifests/bind9/overlays/production/kustomization.yaml @@ -14,4 +14,4 @@ namespace: dns images: - name: nofusscomputing/bind newName: harbor.earth.nww/docker/nofusscomputing/bind - newTag: '1.0.0-rc2' + newTag: '1.0.0-rc3' From 7e740f4a3f249b95f439423919a70d6cad6d8675 Mon Sep 17 00:00:00 2001 From: Jon Date: Sat, 10 Jan 2026 11:37:56 +0930 Subject: [PATCH 32/36] feat(bind9): git-ops Add support for specifying tags to fetch latest tag always ref: #21 --- .../bind9/components/git-ops/Deployment.yaml | 57 +++++++++++++++++-- 1 file changed, 53 insertions(+), 4 deletions(-) diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index 3f38705..b4ac60a 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -37,6 +37,8 @@ spec: if ssh -T "git@$SSH_REPOSITORY_HOST" -i $KEY_FILE_PATH/deploy; then + echo "Updating repo on SSH_REPOSITORY_REF=[${SSH_REPOSITORY_REF}]"; + echo "********************************************"; git status; @@ -51,9 +53,26 @@ spec: git reset --hard; - echo "Pulling any changes...."; + if [ "${SSH_REPOSITORY_REF:-}" = "tag" ]; then + + echo "'tag' or nothing supplied for variable SSH_REPOSITORY_REF, fetching latest git tag to use."; + + SSH_REPOSITORY_REF=$(git ls-remote --tags --sort=-v:refname git@${REPO_NAME_FULL} | sed 's#.*/##' | grep -v '\^{}' | head -n 1); + + echo "Using SSH_REPOSITORY_REF=[${SSH_REPOSITORY_REF}]"; + + git checkout "${SSH_REPOSITORY_REF}" + + else + + git checkout "${SSH_REPOSITORY_REF}" + + echo "Pulling any changes...."; + + git pull --rebase + + fi - git pull --rebase else @@ -160,6 +179,15 @@ spec: echo "Clonning repo on branch=[${SSH_REPOSITORY_REF}]"; + if [ "${SSH_REPOSITORY_REF}"=="tag" ]; then + + echo "'tag' or nothing supplied for variable SSH_REPOSITORY_REF, fetching latest git tag to use."; + + SSH_REPOSITORY_REF=$(git ls-remote --tags --sort=-v:refname git@${REPO_NAME_FULL} | sed 's#.*/##' | grep -v '\^{}' | head -n 1) + + fi + + git clone -b "${SSH_REPOSITORY_REF}" git@${REPO_NAME_FULL} /git; else @@ -177,6 +205,8 @@ spec: if ssh -T "git@$SSH_REPOSITORY_HOST" -i $KEY_FILE_PATH/deploy; then + echo "Updating repo on SSH_REPOSITORY_REF=[${SSH_REPOSITORY_REF}]"; + echo "********************************************"; git status; @@ -191,9 +221,27 @@ spec: git reset --hard; - echo "Pulling any changes...."; - git pull --rebase + if [ "${SSH_REPOSITORY_REF:-}" = "tag" ]; then + + echo "'tag' or nothing supplied for variable SSH_REPOSITORY_REF, fetching latest git tag to use."; + + SSH_REPOSITORY_REF=$(git ls-remote --tags --sort=-v:refname git@${REPO_NAME_FULL} | sed 's#.*/##' | grep -v '\^{}' | head -n 1) + + echo "Using SSH_REPOSITORY_REF=[${SSH_REPOSITORY_REF}]"; + + git checkout "${SSH_REPOSITORY_REF}" + + else + + git checkout "${SSH_REPOSITORY_REF}" + + echo "Pulling any changes...."; + + git pull --rebase + + fi + else @@ -204,6 +252,7 @@ spec: fi + echo "Finish init"; env: From fa0e6abd01f9b57c562bf01a7bbb16a7df5aaa07 Mon Sep 17 00:00:00 2001 From: Jon Date: Sat, 10 Jan 2026 12:18:10 +0930 Subject: [PATCH 33/36] feat(bind9): Add component rndc ref: #21 --- .../bind9/components/git-ops/Deployment.yaml | 82 ++++++++++++++++--- .../bind9/components/rndc/ConfigMap.yaml | 17 ++++ .../rndc/Deployment-git-config.yaml | 20 +++++ .../bind9/components/rndc/Deployment.yaml | 30 +++++++ .../bind9/components/rndc/Service-bind.yaml | 12 +++ .../bind9/components/rndc/kustomization.yaml | 16 ++++ .../overlays/production/kustomization.yaml | 2 +- 7 files changed, 167 insertions(+), 12 deletions(-) create mode 100644 manifests/bind9/components/rndc/ConfigMap.yaml create mode 100644 manifests/bind9/components/rndc/Deployment-git-config.yaml create mode 100644 manifests/bind9/components/rndc/Deployment.yaml create mode 100644 manifests/bind9/components/rndc/Service-bind.yaml create mode 100644 manifests/bind9/components/rndc/kustomization.yaml diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index b4ac60a..8505531 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -20,7 +20,7 @@ spec: echo "Installing pre-reqs....."; apk update; - apk add git openssh-client-default; + apk add bind git openssh-client-default; export KEY_FILE_PATH=~/.ssh/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}; @@ -35,6 +35,8 @@ spec: cd /git; + chown 0:0 -R /git/.git + if ssh -T "git@$SSH_REPOSITORY_HOST" -i $KEY_FILE_PATH/deploy; then echo "Updating repo on SSH_REPOSITORY_REF=[${SSH_REPOSITORY_REF}]"; @@ -57,21 +59,19 @@ spec: echo "'tag' or nothing supplied for variable SSH_REPOSITORY_REF, fetching latest git tag to use."; - SSH_REPOSITORY_REF=$(git ls-remote --tags --sort=-v:refname git@${REPO_NAME_FULL} | sed 's#.*/##' | grep -v '\^{}' | head -n 1); - - echo "Using SSH_REPOSITORY_REF=[${SSH_REPOSITORY_REF}]"; + export REPO_NAME_FULL="${SSH_REPOSITORY_HOST}:${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}.git" - git checkout "${SSH_REPOSITORY_REF}" + export SSH_REPOSITORY_REF=$(git ls-remote --tags --sort=-v:refname git@${REPO_NAME_FULL} | sed 's#.*/##' | grep -v '\^{}' | head -n 1); - else + echo "Using SSH_REPOSITORY_REF=[${SSH_REPOSITORY_REF}]"; - git checkout "${SSH_REPOSITORY_REF}" + fi - echo "Pulling any changes...."; + git checkout "${SSH_REPOSITORY_REF}"; - git pull --rebase + echo "Pulling any changes...."; - fi + git pull --rebase else @@ -81,6 +81,27 @@ spec: fi + chown 53:53 -R /etc/bind + + chown 53:53 -R /var/bind + + if [ -d /etc/bind/conf.d/extra ]; then + + if [ -f /etc/bind/conf.d/extra/rndc.conf ]; then + + echo "********************************************"; + + echo "Reloading zones....."; + + rndc -4 -k /etc/bind/keys/rndc.key -s 127.0.0.1 -r reload + + echo "********************************************"; + + + fi + + fi + echo "Loop Finish."; @@ -123,6 +144,15 @@ spec: cpu: 50m memory: 150Mi volumeMounts: + + - name: data + mountPath: /etc/bind/conf.d/extra + subPath: extra/ + + - name: data + mountPath: /etc/bind/keys + subPath: keys/ + - name: data mountPath: /git subPath: git/ @@ -149,7 +179,28 @@ spec: echo "Installing pre-reqs....."; apk update; - apk add git openssh-client-default; + apk add bind git openssh-client-default; + + + echo "Generating rndc key..."; + + if [ -d /etc/bind/conf.d/extra ]; then + + if [ -f /etc/bind/conf.d/extra/rndc.conf ]; then + + + echo "********************************************"; + + echo "Generating rndc key...."; + + rndc-confgen -a -c /etc/bind/keys/rndc.key; + + echo "********************************************"; + + fi + + fi + export KEY_FILE_PATH=~/.ssh/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}; @@ -291,6 +342,15 @@ spec: memory: 150Mi volumeMounts: + + - name: data + mountPath: /etc/bind/conf.d/extra + subPath: extra/ + + - name: data + mountPath: /etc/bind/keys + subPath: keys/ + - name: data mountPath: /git subPath: git diff --git a/manifests/bind9/components/rndc/ConfigMap.yaml b/manifests/bind9/components/rndc/ConfigMap.yaml new file mode 100644 index 0000000..e078094 --- /dev/null +++ b/manifests/bind9/components/rndc/ConfigMap.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/component: rndc-conf + app.kubernetes.io/name: dns + app.kubernetes.io/part-of: bind9 + name: rndc-conf +data: + rndc.conf: | + include "/etc/bind/keys/rndc.key"; + + controls { + inet 127.0.0.1 port 953 + allow { 127.0.0.1; } keys { "rndc-key"; }; + }; diff --git a/manifests/bind9/components/rndc/Deployment-git-config.yaml b/manifests/bind9/components/rndc/Deployment-git-config.yaml new file mode 100644 index 0000000..6ccd207 --- /dev/null +++ b/manifests/bind9/components/rndc/Deployment-git-config.yaml @@ -0,0 +1,20 @@ +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dns +spec: + template: + + spec: + + containers: + + - name: git + + volumeMounts: + + - name: data + mountPath: /etc/bind/conf.d/extra + subPath: extra/ diff --git a/manifests/bind9/components/rndc/Deployment.yaml b/manifests/bind9/components/rndc/Deployment.yaml new file mode 100644 index 0000000..83d41bf --- /dev/null +++ b/manifests/bind9/components/rndc/Deployment.yaml @@ -0,0 +1,30 @@ +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dns +spec: + + template: + + spec: + + containers: + + - name: dns + + ports: + - containerPort: 953 + name: rndc + protocol: TCP + + volumeMounts: + + - name: data + mountPath: /etc/bind/keys + subPath: keys/ + + - name: data + mountPath: /etc/bind/conf.d/extra + subPath: extra/ diff --git a/manifests/bind9/components/rndc/Service-bind.yaml b/manifests/bind9/components/rndc/Service-bind.yaml new file mode 100644 index 0000000..743c62a --- /dev/null +++ b/manifests/bind9/components/rndc/Service-bind.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: bind +spec: + + ports: + - name: rndc + port: 953 + protocol: TCP + targetPort: rndc \ No newline at end of file diff --git a/manifests/bind9/components/rndc/kustomization.yaml b/manifests/bind9/components/rndc/kustomization.yaml new file mode 100644 index 0000000..714fbce --- /dev/null +++ b/manifests/bind9/components/rndc/kustomization.yaml @@ -0,0 +1,16 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + + +resources: + - ConfigMap.yaml + + +patches: + + - path: Deployment.yaml + + - path: Deployment-git-config.yaml + + - path: Service-bind.yaml diff --git a/manifests/bind9/overlays/production/kustomization.yaml b/manifests/bind9/overlays/production/kustomization.yaml index 8d433ef..f9fdc0b 100644 --- a/manifests/bind9/overlays/production/kustomization.yaml +++ b/manifests/bind9/overlays/production/kustomization.yaml @@ -14,4 +14,4 @@ namespace: dns images: - name: nofusscomputing/bind newName: harbor.earth.nww/docker/nofusscomputing/bind - newTag: '1.0.0-rc3' + newTag: '1.0.0-rc4' From 5da10da1680b53519aa20a1b5f8d4fc4bb7988a0 Mon Sep 17 00:00:00 2001 From: Jon Date: Sat, 10 Jan 2026 14:16:11 +0930 Subject: [PATCH 34/36] feat(bind9): Add component extra-conf ref: #21 --- .../components/extra-conf/Deployment.yaml | 48 +++++++++++++++++++ .../components/extra-conf/kustomization.yaml | 8 ++++ 2 files changed, 56 insertions(+) create mode 100644 manifests/bind9/components/extra-conf/Deployment.yaml create mode 100644 manifests/bind9/components/extra-conf/kustomization.yaml diff --git a/manifests/bind9/components/extra-conf/Deployment.yaml b/manifests/bind9/components/extra-conf/Deployment.yaml new file mode 100644 index 0000000..9ab0d44 --- /dev/null +++ b/manifests/bind9/components/extra-conf/Deployment.yaml @@ -0,0 +1,48 @@ +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dns +spec: + template: + + spec: + + initContainers: + + - name: extra-conf + image: alpine:3.23.2 + command: + - sh + - -c + - | + echo "Start init"; + rm -frv /etc/bind/conf.d/extra/*; + cp -frv /etc-bind-extra/* /etc/bind/conf.d/extra/; + + resources: + limits: + cpu: 150m + memory: 500Mi + requests: + cpu: 50m + memory: 150Mi + + volumeMounts: + + - name: data + mountPath: /etc/bind/conf.d/extra + subPath: extra/ + + - name: rndc + mountPath: "/etc-bind-extra/rndc.conf" + subPath: rndc.conf + + volumes: + - name: rndc + configMap: + name: rndc-conf + items: + - key: "rndc.conf" + path: "rndc.conf" \ No newline at end of file diff --git a/manifests/bind9/components/extra-conf/kustomization.yaml b/manifests/bind9/components/extra-conf/kustomization.yaml new file mode 100644 index 0000000..86ef7d6 --- /dev/null +++ b/manifests/bind9/components/extra-conf/kustomization.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + + +patches: + + - path: Deployment.yaml From 61f413e3eb7712e9acaaf8f35aa55cbf17f25b41 Mon Sep 17 00:00:00 2001 From: Jon Date: Sat, 10 Jan 2026 14:28:28 +0930 Subject: [PATCH 35/36] chore(bind9): Label and name cleanup ref: #21 --- manifests/bind9/base/Deployment.yaml | 16 ++++++++-------- manifests/bind9/base/PVC-bind.yaml | 4 ++-- manifests/bind9/base/Service-bind.yaml | 8 ++++---- .../bind9/components/extra-conf/Deployment.yaml | 2 +- .../bind9/components/git-ops/Deployment.yaml | 5 +---- manifests/bind9/components/rndc/ConfigMap.yaml | 4 ++-- .../components/rndc/Deployment-git-config.yaml | 2 +- manifests/bind9/components/rndc/Deployment.yaml | 4 ++-- .../bind9/overlays/production/kustomization.yaml | 4 ++++ 9 files changed, 25 insertions(+), 24 deletions(-) diff --git a/manifests/bind9/base/Deployment.yaml b/manifests/bind9/base/Deployment.yaml index ae849de..70cd92f 100644 --- a/manifests/bind9/base/Deployment.yaml +++ b/manifests/bind9/base/Deployment.yaml @@ -4,27 +4,27 @@ apiVersion: apps/v1 kind: Deployment metadata: labels: - app.kubernetes.io/component: bind9 - app.kubernetes.io/name: dns - name: dns + app.kubernetes.io/name: bind + app.kubernetes.io/part-of: bind + name: bind spec: selector: matchLabels: - app.kubernetes.io/component: bind9 - app.kubernetes.io/name: dns + app.kubernetes.io/name: bind + app.kubernetes.io/part-of: bind replicas: 1 minReadySeconds: 10 template: metadata: labels: - app.kubernetes.io/component: bind9 - app.kubernetes.io/name: dns + app.kubernetes.io/name: bind + app.kubernetes.io/part-of: bind spec: terminationGracePeriodSeconds: 10 affinity: {} containers: - - name: dns + - name: bind image: nofusscomputing/bind:dev resources: limits: diff --git a/manifests/bind9/base/PVC-bind.yaml b/manifests/bind9/base/PVC-bind.yaml index d055243..f48a728 100644 --- a/manifests/bind9/base/PVC-bind.yaml +++ b/manifests/bind9/base/PVC-bind.yaml @@ -3,8 +3,8 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: labels: - app.kubernetes.io/component: bind9 - app.kubernetes.io/name: dns + app.kubernetes.io/name: bind + app.kubernetes.io/part-of: bind name: bind spec: volumeMode: Filesystem diff --git a/manifests/bind9/base/Service-bind.yaml b/manifests/bind9/base/Service-bind.yaml index b5ecc4d..b92fa91 100644 --- a/manifests/bind9/base/Service-bind.yaml +++ b/manifests/bind9/base/Service-bind.yaml @@ -4,12 +4,12 @@ kind: Service metadata: name: bind labels: - app.kubernetes.io/component: bind9 - app.kubernetes.io/name: dns + app.kubernetes.io/name: bind + app.kubernetes.io/part-of: bind spec: selector: - app.kubernetes.io/component: bind9 - app.kubernetes.io/name: dns + app.kubernetes.io/name: bind + app.kubernetes.io/part-of: bind ports: - name: tcp port: 53 diff --git a/manifests/bind9/components/extra-conf/Deployment.yaml b/manifests/bind9/components/extra-conf/Deployment.yaml index 9ab0d44..eeb3915 100644 --- a/manifests/bind9/components/extra-conf/Deployment.yaml +++ b/manifests/bind9/components/extra-conf/Deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: dns + name: bind spec: template: diff --git a/manifests/bind9/components/git-ops/Deployment.yaml b/manifests/bind9/components/git-ops/Deployment.yaml index 8505531..5825564 100644 --- a/manifests/bind9/components/git-ops/Deployment.yaml +++ b/manifests/bind9/components/git-ops/Deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: dns + name: bind spec: template: @@ -181,9 +181,6 @@ spec: apk update; apk add bind git openssh-client-default; - - echo "Generating rndc key..."; - if [ -d /etc/bind/conf.d/extra ]; then if [ -f /etc/bind/conf.d/extra/rndc.conf ]; then diff --git a/manifests/bind9/components/rndc/ConfigMap.yaml b/manifests/bind9/components/rndc/ConfigMap.yaml index e078094..acb8c76 100644 --- a/manifests/bind9/components/rndc/ConfigMap.yaml +++ b/manifests/bind9/components/rndc/ConfigMap.yaml @@ -4,8 +4,8 @@ kind: ConfigMap metadata: labels: app.kubernetes.io/component: rndc-conf - app.kubernetes.io/name: dns - app.kubernetes.io/part-of: bind9 + app.kubernetes.io/name: bind + app.kubernetes.io/part-of: bind name: rndc-conf data: rndc.conf: | diff --git a/manifests/bind9/components/rndc/Deployment-git-config.yaml b/manifests/bind9/components/rndc/Deployment-git-config.yaml index 6ccd207..ec25fa2 100644 --- a/manifests/bind9/components/rndc/Deployment-git-config.yaml +++ b/manifests/bind9/components/rndc/Deployment-git-config.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: dns + name: bind spec: template: diff --git a/manifests/bind9/components/rndc/Deployment.yaml b/manifests/bind9/components/rndc/Deployment.yaml index 83d41bf..8e1a8b9 100644 --- a/manifests/bind9/components/rndc/Deployment.yaml +++ b/manifests/bind9/components/rndc/Deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: dns + name: bind spec: template: @@ -12,7 +12,7 @@ spec: containers: - - name: dns + - name: bind ports: - containerPort: 953 diff --git a/manifests/bind9/overlays/production/kustomization.yaml b/manifests/bind9/overlays/production/kustomization.yaml index f9fdc0b..fb40880 100644 --- a/manifests/bind9/overlays/production/kustomization.yaml +++ b/manifests/bind9/overlays/production/kustomization.yaml @@ -7,6 +7,10 @@ kind: Kustomization resources: - ../../base +# components: +# - ../../components/extra-conf +# - ../../components/git-ops +# - ../../components/rndc namespace: dns From e9dacaaa20d4173dd4374fa73faee4cbddfdfb67 Mon Sep 17 00:00:00 2001 From: Jon Date: Sat, 10 Jan 2026 15:16:52 +0930 Subject: [PATCH 36/36] feat(bind9): update image 1.0.0-rc4 -> 1.0.0 ref: #21 --- manifests/bind9/overlays/production/kustomization.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/manifests/bind9/overlays/production/kustomization.yaml b/manifests/bind9/overlays/production/kustomization.yaml index fb40880..511c6c2 100644 --- a/manifests/bind9/overlays/production/kustomization.yaml +++ b/manifests/bind9/overlays/production/kustomization.yaml @@ -11,11 +11,12 @@ resources: # - ../../components/extra-conf # - ../../components/git-ops # - ../../components/rndc +# - ../../components/dns-over-http +# - ../../components/dns-over-tls namespace: dns images: - name: nofusscomputing/bind - newName: harbor.earth.nww/docker/nofusscomputing/bind - newTag: '1.0.0-rc4' + newTag: '1.0.0'