homelab/Taskfile.yaml

version: "3"

vars:
  ANSIBLE_DIR: infra/ansible
  K8S_DIR: infra/kubernetes

env:
  KUBECONFIG: "{{.HOME}}/.kube/homelab"

tasks:
  # Development
  dev:
    desc: Start all apps in dev mode
    cmds:
      - pnpm turbo dev

  build:
    desc: Build all apps
    cmds:
      - pnpm turbo build

  lint:
    desc: Lint everything
    cmds:
      - pnpm turbo lint
      - task: lint:ansible
      - task: lint:k8s

  test:
    desc: Run all tests
    cmds:
      - pnpm turbo test

  # Cluster operations
  cluster:bootstrap:
    desc: Provision all nodes and install k3s
    dir: "{{.ANSIBLE_DIR}}"
    cmds:
      - ansible-playbook playbooks/site.yaml

  cluster:bootstrap-check:
    desc: Dry-run cluster bootstrap
    dir: "{{.ANSIBLE_DIR}}"
    cmds:
      - ansible-playbook playbooks/site.yaml --check --diff

  cluster:kubeconfig:
    desc: Fetch kubeconfig from server node
    cmds:
      - ./scripts/kubeconfig-fetch.sh

  cluster:upgrade:
    desc: Rolling upgrade of k3s
    dir: "{{.ANSIBLE_DIR}}"
    cmds:
      - ansible-playbook playbooks/k3s-upgrade.yaml

  cluster:reset:
    desc: DESTRUCTIVE - Reset k3s cluster
    dir: "{{.ANSIBLE_DIR}}"
    cmds:
      - ansible-playbook playbooks/reset.yaml

  # Platform
  platform:install:
    desc: Bootstrap ArgoCD and platform components
    cmds:
      - kubectl apply -k {{.K8S_DIR}}/argocd/
      - echo "ArgoCD installed. It will sync remaining platform components."

  platform:status:
    desc: Check ArgoCD app sync status
    cmds:
      - kubectl get applications -n argocd

  # Secrets
  secrets:seal:
    desc: Seal a Kubernetes secret
    cmds:
      - ./scripts/seal-secret.sh {{.CLI_ARGS}}

  # Utilities
  port-forward:grafana:
    desc: Port-forward Grafana
    cmds:
      - kubectl port-forward -n observability svc/kube-prometheus-stack-grafana 3001:80

  port-forward:argocd:
    desc: Port-forward ArgoCD UI
    cmds:
      - kubectl port-forward -n argocd svc/argocd-server 8080:443

  port-forward:pg:
    desc: Port-forward PostgreSQL
    cmds:
      - kubectl port-forward -n platform svc/homelab-pg-rw 5432:5432

  # Gitea
  gitea:status:
    desc: Check Gitea runners and mirror sync status
    cmds:
      - |
        echo "=== Gitea Runners ==="
        curl -s -H "Authorization: token $(kubectl get secret argocd-gitea-token -n argocd -o jsonpath='{.data.token}' | base64 -d)" \
          https://gitea.coreworlds.io/api/v1/admin/runners | jq '.[] | {name, online, labels}'
        echo ""
        echo "=== Mirror Sync ==="
        curl -s -H "Authorization: token $(kubectl get secret argocd-gitea-token -n argocd -o jsonpath='{.data.token}' | base64 -d)" \
          https://gitea.coreworlds.io/api/v1/repos/julia/homelab | jq '{mirror: .mirror, mirror_updated: .mirror_updated}'

  gitea:runner:register:
    desc: Register an external Gitea Actions runner
    cmds:
      - |
        echo "Run on the target machine:"
        echo "  act_runner register --instance https://gitea.coreworlds.io --token <TOKEN> --labels '<labels>'"
        echo ""
        echo "Labels:"
        echo "  Mac:     macos-arm64:host,arm64:host,self-hosted:host"
        echo "  Windows: windows:host,wsl2:host,self-hosted:host"

  gitea:runner:mac:start:
    desc: Start Gitea runner on Mac (run on Mac)
    cmds:
      - act_runner daemon

  gitea:runner:mac:stop:
    desc: Stop Gitea runner on Mac (run on Mac)
    cmds:
      - pkill act_runner || true

  # Linting
  lint:ansible:
    desc: Lint Ansible playbooks
    dir: "{{.ANSIBLE_DIR}}"
    cmds:
      - ansible-lint playbooks/ roles/
    ignore_error: true

  lint:k8s:
    desc: Validate K8s manifests
    cmds:
      - |
        find {{.K8S_DIR}} -name 'kustomization.yaml' -exec dirname {} \; | while read dir; do
          echo "Validating $dir..."
          kustomize build "$dir" | kubectl apply --dry-run=client -f - 2>/dev/null || true
        done
    ignore_error: true