depaula/workshop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(aula-10): corrigir certificados e ingress do GitLab

Browse Source 
- Mesclar seções global duplicadas no gitlab-values.yaml
  (a segunda sobrescrevia ingress.class: nginx, causando 404)
- Adicionar etapa de DNS antes da instalação no setup.sh
  (HTTP-01 challenge requer DNS configurado previamente)
This commit is contained in:
ArgoCD Setup
2026-01-24 00:23:09 -03:00
parent 4ef121ba96
commit 35523a1c1b
2 changed files with 57 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
aula-10/gitlab-values.yaml
View File

@@ -52,6 +52,17 @@ global:
seccompProfile: seccompProfile:
type: RuntimeDefault type: RuntimeDefault
# Object Storage - Hetzner S3 (em vez de MinIO)
minio:
enabled: false
appConfig:
object_store:
enabled: true
proxy_download: true
connection:
secret: gitlab-object-storage
key: connection
# Email (opcional - configurar depois) # Email (opcional - configurar depois)
# email: # email:
# from: gitlab@kube.quest # from: gitlab@kube.quest
@@ -234,17 +245,6 @@ redis:
minio: minio:
install: false install: false
global:
minio:
enabled: false
appConfig:
object_store:
enabled: true
proxy_download: true
connection:
secret: gitlab-object-storage
key: connection
# ============================================================================= # =============================================================================
# REGISTRY (Container Registry) # REGISTRY (Container Registry)
# ============================================================================= # =============================================================================

55
aula-10/setup.sh
View File

@@ -463,7 +463,41 @@ collect_user_input
echo "" echo ""
# ============================================================================= # =============================================================================
# 3. INSTALAR CERT-MANAGER (se Let's Encrypt) # 3. MOSTRAR DNS E AGUARDAR CONFIGURAÇÃO (ANTES DO GITLAB!)
# =============================================================================
# IMPORTANTE: Para Let's Encrypt funcionar, o DNS precisa estar configurado
# ANTES da instalação do GitLab. O HTTP-01 challenge requer que:
# 1. O DNS aponte para o LoadBalancer
# 2. O cert-manager crie o pod acme-http-solver
# 3. Let's Encrypt acesse http://dominio/.well-known/acme-challenge/token
log_info "=== Configuração de DNS ==="
show_dns_instructions
echo ""
echo -e "${YELLOW}════════════════════════════════════════════════════════════════${NC}"
echo -e "${YELLOW} IMPORTANTE: Configure o DNS AGORA antes de continuar!${NC}"
echo -e "${YELLOW}════════════════════════════════════════════════════════════════${NC}"
echo ""
if [[ "$USE_LETSENCRYPT" == "true" ]]; then
echo -e "O Let's Encrypt precisa que o DNS já esteja configurado para"
echo -e "validar o domínio via HTTP-01 challenge."
echo ""
fi
echo -n "Pressione ENTER após configurar o DNS (ou 's' para pular): "
read -r dns_confirm
if [[ "$dns_confirm" == "s" || "$dns_confirm" == "S" ]]; then
log_warn "DNS não configurado - certificados podem falhar!"
else
log_success "DNS confirmado pelo usuário"
fi
echo ""
# =============================================================================
# 4. INSTALAR CERT-MANAGER (se Let's Encrypt)
# ============================================================================= # =============================================================================
if [[ "$USE_LETSENCRYPT" == "true" ]]; then if [[ "$USE_LETSENCRYPT" == "true" ]]; then
@@ -474,7 +508,7 @@ if [[ "$USE_LETSENCRYPT" == "true" ]]; then
fi fi
# ============================================================================= # =============================================================================
# 4. ADICIONAR REPOSITÓRIO HELM # 5. ADICIONAR REPOSITÓRIO HELM
# ============================================================================= # =============================================================================
log_info "=== Preparando instalação do GitLab ===" log_info "=== Preparando instalação do GitLab ==="
@@ -484,7 +518,7 @@ helm repo add gitlab https://charts.gitlab.io/ 2>/dev/null || true
helm repo update helm repo update
# ============================================================================= # =============================================================================
# 5. CRIAR NAMESPACE # 6. CRIAR NAMESPACE
# ============================================================================= # =============================================================================
log_info "Criando namespace gitlab..." log_info "Criando namespace gitlab..."
@@ -493,7 +527,7 @@ kubectl create namespace gitlab --dry-run=client -o yaml | kubectl apply -f -
echo "" echo ""
# ============================================================================= # =============================================================================
# 6. CRIAR SECRETS DO OBJECT STORAGE # 7. CRIAR SECRETS DO OBJECT STORAGE
# ============================================================================= # =============================================================================
create_object_storage_secrets create_object_storage_secrets
@@ -501,7 +535,7 @@ create_object_storage_secrets
echo "" echo ""
# ============================================================================= # =============================================================================
# 7. INSTALAR GITLAB VIA HELM # 8. INSTALAR GITLAB VIA HELM
# ============================================================================= # =============================================================================
log_info "=== Instalando GitLab (isso pode levar 10-15 minutos) ===" log_info "=== Instalando GitLab (isso pode levar 10-15 minutos) ==="
@@ -573,7 +607,7 @@ fi
echo "" echo ""
# ============================================================================= # =============================================================================
# 7. CONFIGURAR TCP PASSTHROUGH PARA SSH # 9. CONFIGURAR TCP PASSTHROUGH PARA SSH
# ============================================================================= # =============================================================================
log_info "=== Configurando TCP passthrough para SSH ===" log_info "=== Configurando TCP passthrough para SSH ==="
@@ -598,7 +632,7 @@ log_success "TCP passthrough configurado (porta 22 → GitLab Shell)"
echo "" echo ""
# ============================================================================= # =============================================================================
# 8. OBTER SENHA INICIAL # 10. OBTER SENHA INICIAL
# ============================================================================= # =============================================================================
log_info "Obtendo senha inicial do root..." log_info "Obtendo senha inicial do root..."
@@ -676,8 +710,11 @@ else
echo " -o jsonpath='{.data.password}' | base64 -d; echo" echo " -o jsonpath='{.data.password}' | base64 -d; echo"
fi fi
# Mostrar instruções de DNS # Lembrete de DNS (referência)
show_dns_instructions echo ""
echo -e "${CYAN}Lembrete DNS:${NC}"
echo " ${GITLAB_HOST} → LoadBalancer IP"
echo " ${REGISTRY_HOST} → LoadBalancer IP"
echo "" echo ""
echo "Comandos úteis:" echo "Comandos úteis:"