Argo CD Bootstrap for K3s Cluster
This repository bootstraps a GitOps-based deployment for a K3s cluster using Argo CD. It includes:
- Ansible playbook to install and configure Argo CD.
- GitOps folder structure to manage cluster applications declaratively.
- Initial setup of core infrastructure apps like NGINX Ingress Controller and Sealed Secrets.
π Repository Structure
.
βββ ansible
β βββ ansible.cfg # Local Ansible config
β βββ playbooks
β β βββ setup-argocd.yml # Entry point to install Argo CD
β βββ roles
β βββ argocd
β βββ tasks
β βββ main.yml # Tasks to install Argo CD via kubectl
βββ bootstrap
β βββ root-application.yaml # Argo CD root Application to manage everything
βββ clusters
βββ k3s # Folder for the 'k3s' cluster
βββ infra
βββ argocd
β βββ application.yaml
β βββ values.yaml # Self managed ArgoCD
βββ sealed-secrets
βββ application.yaml
βββ values.yaml # Sealed Secrets controller via Helm
π Getting Started
- Provision your cluster (separate Terraform repo)
- Set up an OCI VM and install K3s (already handled separately).
- Install Argo CD
- Run the Ansible playbook:
ansible-playbook -i <inventory> ansible/playbooks/setup-argocd.yml - Bootstrap GitOps
- Once Argo CD is running, it will automatically sync
bootstrap/root-application.yaml. - This sets up core infrastructure via Helm-based Argo CD Applications.
- Once Argo CD is running, it will automatically sync
π TODO
- Add ExternalDNS + DuckDNS for dynamic subdomain mapping.
- Add Dex for SSO login to Argo CD.
- Configure Argo CD Ingress with HTTPS via Letβs Encrypt.
- Add app layer (e.g., whoami, jobwinner).
- Enable RBAC policies if needed for multi-user environments.
π§ Notes
- This repo assumes a single cluster named
k3s. - All cluster resources (infra/apps) are defined declaratively under
clusters/k3s. - Secrets should be encrypted using Sealed Secrets.
