diff --git a/DEPLOYMENT.md b/DEPLOYMENT.md new file mode 100644 index 0000000..d1c0b9e --- /dev/null +++ b/DEPLOYMENT.md @@ -0,0 +1,275 @@ +# Resume Site Deployment Guide + +## Overview + +Your resume site is now configured for automated deployment to your Kubernetes cluster via Flux CD. The site will be accessible at **https://resume.caffeinetux.com**. + +## What's Been Configured + +- HTML comment added to source: `` +- Helm chart configured for Kubernetes deployment +- Harbor registry: `images.caffeinetux.com/production/resume-site` +- Ingress configured with Let's Encrypt TLS +- Flux CD manifests for GitOps automation +- CI/CD workflow for Harbor image builds + +## Deployment Status + +✅ **Completed:** +- Resume site extracted and prepared +- HTML comment added to index.html +- Helm values updated with resume.caffeinetux.com domain +- Harbor registry configured at images.caffeinetux.com +- Flux manifests created and configured +- Git repository initialized with all changes committed +- Deployment script created (deploy.sh) + +⏳ **Next Steps Required:** + +### 1. Create Gitea Repository + +```bash +# Option A: Via Web UI +# Navigate to: http://192.168.1.49:13001 +# Click "+" → "New Repository" +# Repository name: resume-site +# Owner: admin + +# Option B: Via API (requires token) +curl -X POST "http://192.168.1.49:13001/api/v1/user/repos" \ + -H "Authorization: token YOUR_GITEA_TOKEN" \ + -H "Content-Type: application/json" \ + -d '{ + "name": "resume-site", + "description": "Nicholas Haven Resume Site", + "private": false + }' +``` + +### 2. Push Code to Gitea + +```bash +cd /data/data/com.termux/files/home/git/resume-site + +# Rename branch to main +git branch -M main + +# Add Gitea remote +git remote add origin http://192.168.1.49:13001/admin/resume-site.git + +# Push code +git push -u origin main +``` + +### 3. Build and Push Docker Image + +Since Docker isn't available in Termux, you'll need to build from a machine with Docker: + +```bash +# Login to Harbor +docker login images.caffeinetux.com + +# Build the image +docker build -t images.caffeinetux.com/production/resume-site:latest . + +# Push to Harbor +docker push images.caffeinetux.com/production/resume-site:latest +``` + +**Alternative:** Let your CI/CD handle the build: +- The `.github/workflows/ci.yaml` is configured for automated builds +- Just set `HARBOR_USERNAME` and `HARBOR_PASSWORD` secrets in Gitea +- Push to main branch and it will build automatically + +### 4. Apply Flux Manifests + +```bash +# Apply the Flux manifests to your cluster +kubectl apply -k /data/data/com.termux/files/home/git/resume-site/flux/ + +# Verify Flux resources +kubectl get gitrepository -n flux-system resume-site +kubectl get helmrelease -n default resume-site +``` + +### 5. Monitor Deployment + +```bash +# Check pods +kubectl get pods -n default -l app.kubernetes.io/name=resume-site + +# Watch logs +kubectl logs -n default -l app.kubernetes.io/name=resume-site -f + +# Check ingress +kubectl get ingress -n default + +# Verify Flux reconciliation +flux reconcile source git resume-site +flux reconcile helmrelease resume-site +``` + +## Quick Deployment + +Use the provided deployment script for interactive deployment: + +```bash +cd /data/data/com.termux/files/home/git/resume-site +./deploy.sh +``` + +The script will guide you through: +1. Creating the Gitea repository +2. Pushing code to Gitea +3. Building and pushing the Docker image (if Docker is available) +4. Applying Flux manifests +5. Verifying deployment + +## Architecture + +``` +┌─────────────────────────────────────────────────────┐ +│ │ +│ Gitea (http://192.168.1.49:13001/admin/resume-site)│ +│ │ +└────────────────┬────────────────────────────────────┘ + │ + │ Flux CD watches Git repo every 1 min + ▼ +┌─────────────────────────────────────────────────────┐ +│ │ +│ Flux GitRepository + HelmRelease (flux-system ns) │ +│ │ +└────────────────┬────────────────────────────────────┘ + │ + │ Deploys Helm chart + ▼ +┌─────────────────────────────────────────────────────┐ +│ │ +│ Kubernetes Deployment (default namespace) │ +│ - 2 replicas │ +│ - nginx:alpine based │ +│ - Pod anti-affinity for HA │ +│ - PodDisruptionBudget (minAvailable: 1) │ +│ │ +└────────────────┬────────────────────────────────────┘ + │ + │ Exposes via Ingress + ▼ +┌─────────────────────────────────────────────────────┐ +│ │ +│ nginx Ingress Controller │ +│ - TLS via Let's Encrypt (letsencrypt-prod) │ +│ - Certificate auto-renewal │ +│ │ +└────────────────┬────────────────────────────────────┘ + │ + ▼ + https://resume.caffeinetux.com +``` + +## Configuration Files + +- **index.html**: Resume site with special hiring comment +- **Dockerfile**: nginx:alpine based container +- **helm/**: Kubernetes Helm chart + - `values.yaml`: Configuration values + - `templates/`: Kubernetes resource templates +- **flux/**: Flux CD manifests + - `gitrepository.yaml`: Defines Git source + - `helmrelease.yaml`: Defines Helm deployment + - `kustomization.yaml`: Kustomize bundle +- **.github/workflows/ci.yaml**: CI pipeline for Harbor builds + +## Harbor Image Pull Secrets (if needed) + +If your Harbor registry requires authentication for pulling: + +```bash +kubectl create secret docker-registry harbor-creds \ + --docker-server=images.caffeinetux.com \ + --docker-username=YOUR_USERNAME \ + --docker-password=YOUR_PASSWORD \ + --namespace=default + +# Then update helm/values.yaml: +# imagePullSecrets: +# - name: harbor-creds +``` + +## Troubleshooting + +### Flux not reconciling + +```bash +# Force reconciliation +flux reconcile source git resume-site +flux reconcile helmrelease resume-site + +# Check Flux logs +kubectl logs -n flux-system deployment/source-controller +kubectl logs -n flux-system deployment/helm-controller +``` + +### Image pull errors + +```bash +# Check if Harbor is accessible from cluster +kubectl run test --rm -it --image=busybox --restart=Never -- wget -O- http://images.caffeinetux.com + +# Verify image exists in Harbor +curl -k https://images.caffeinetux.com/api/v2.0/projects/production/repositories/resume-site/artifacts +``` + +### Ingress not working + +```bash +# Check ingress controller +kubectl get pods -n ingress-nginx + +# Check certificate +kubectl get certificate -n default resume-tls +kubectl describe certificate -n default resume-tls + +# Check cert-manager +kubectl get certificaterequest -n default +``` + +### DNS resolution + +```bash +# Verify DNS points to your cluster +nslookup resume.caffeinetux.com + +# Check ingress external IP +kubectl get ingress -n default +``` + +## Updates and Changes + +After the initial deployment, any changes you push to the `helm/` directory in Git will be automatically deployed by Flux within 1 minute. + +```bash +# Make changes to helm chart +vim helm/values.yaml + +# Commit and push +git add helm/values.yaml +git commit -m "Update configuration" +git push + +# Flux will automatically sync (or force it) +flux reconcile source git resume-site +``` + +## Contact + +If you encounter issues: +1. Check the logs in each component (Flux, pods, ingress) +2. Verify network connectivity to Gitea and Harbor +3. Ensure DNS is properly configured for resume.caffeinetux.com +4. Check that cert-manager is issuing certificates correctly + +--- + +Generated with Claude Code