Add OneLab Helm chart, Argo CD Application, and GitOps values for k3s

Made-with: Cursor
2026-03-20 10:15:15 +01:00
commit 52847814e0
102 changed files with 4476 additions and 0 deletions
--- a/app/playbooks/tasks/check-ssl-files.yml
+++ b/app/playbooks/tasks/check-ssl-files.yml
@@ -0,0 +1,49 @@
+---
+# Check SSL files
+- name: Getting the list of Docker secrets
+  shell: docker secret ls | tail -n +2 | awk '{print $2}'
+  register: docker_secrets
+  become: true
+
+- name: Checking if dhparam.pem file exists in /onelab/ssl
+  stat:
+    path: "{{ onelab_path }}/ssl/dhparam.pem"
+  register: dhparam
+  failed_when: not dhparam.stat.exists
+
+- name: Checking if server.pem file exists in /onelab/ssl
+  stat:
+    path: "{{ onelab_path }}/ssl/server.pem"
+  register: serverpem
+  failed_when: not serverpem.stat.exists
+
+- name: Checking if server.key file exists in /onelab/ssl
+  stat:
+    path: "{{ onelab_path }}/ssl/server.key"
+  register: serverkey
+  failed_when: not serverkey.stat.exists
+
+- name: Checking if chain.pem file exists in /onelab/ssl
+  stat:
+    path: "{{ onelab_path }}/ssl/chain.pem"
+  register: chain
+  failed_when: not chain.stat.exists
+
+- name: Checking if certificate and key are matching (part 1/2)
+  shell: >
+    openssl rsa -noout -modulus -in {{ onelab_path }}/ssl/server.key | openssl md5
+  register: serverkey_modulus
+  become: true
+  when:
+    - "'ssl_passphrase' not in docker_secrets.stdout_lines"
+    - (onelab.deployment.skip_ssl is undefined) or (onelab.deployment.skip_ssl == false)
+
+- name: Checking if certificate and key are matching (part 2/2)
+  shell: >
+    openssl x509 -noout -modulus -in {{ onelab_path }}/ssl/server.pem | openssl md5
+  register: serverpem_modulus
+  failed_when: serverpem_modulus.stdout != serverkey_modulus.stdout
+  become: true
+  when:
+    - "'ssl_passphrase' not in docker_secrets.stdout_lines"
+    - (onelab.deployment.skip_ssl is undefined) or (onelab.deployment.skip_ssl == false)