From 8a0c448d1d39aa7419c93f68ad066a2840577c3e Mon Sep 17 00:00:00 2001
From: Matt Kaar <66427159+sei-mkaar@users.noreply.github.com>
Date: Fri, 3 Feb 2023 09:46:31 -0500
Subject: [PATCH] Consolidate into 'foundry' namespace (#46)

---
 foundry/certs/generate-certs                  |   2 +-
 foundry/{common => }/code-server.values.yaml  |   0
 foundry/common/install.sh                     |  69 ------------
 foundry/{topomojo => }/console-ingress.yaml   |   0
 foundry/{topomojo => content}/import-content  |   0
 foundry/{topomojo => }/content/pc2-d01.json   |   0
 foundry/{topomojo => }/content/pc2-d01.md     |   0
 foundry/{topomojo => }/gameboard.values.yaml  |   2 +-
 foundry/{common => }/gitea.values.yaml        |   0
 foundry/{common => }/identity.values.yaml     |   0
 .../{common => }/ingress-nginx.values.yaml    |   0
 foundry/install.sh                            | 106 ++++++++++++++++--
 .../kubernetes-dashboard.values.yaml          |   0
 .../{common => }/mkdocs-material.values.yaml  |   0
 foundry/{common => }/namespace.yaml           |   4 +-
 .../nfs-server-provisioner.values.yaml        |   0
 foundry/{common => }/pgadmin4.values.yaml     |   0
 foundry/{common => }/postgresql.values.yaml   |   0
 foundry/{ => scripts}/configure-nic           |   0
 .../display-banner}                           |   0
 foundry/{ => scripts}/expand-volume           |   0
 foundry/{topomojo => scripts}/setup-esxi      |  11 +-
 foundry/{common => scripts}/setup-gitea       |   0
 foundry/{topomojo => }/topomojo-pvc.yaml      |   0
 foundry/{topomojo => }/topomojo.values.yaml   |   2 +-
 foundry/topomojo/install.sh                   |  59 ----------
 foundry/topomojo/namespace.yaml               |   6 -
 mkdocs/docs/index.md                          |   4 +-
 setup-appliance                               |   8 +-
 29 files changed, 114 insertions(+), 159 deletions(-)
 rename foundry/{common => }/code-server.values.yaml (100%)
 delete mode 100755 foundry/common/install.sh
 rename foundry/{topomojo => }/console-ingress.yaml (100%)
 rename foundry/{topomojo => content}/import-content (100%)
 rename foundry/{topomojo => }/content/pc2-d01.json (100%)
 rename foundry/{topomojo => }/content/pc2-d01.md (100%)
 rename foundry/{topomojo => }/gameboard.values.yaml (97%)
 rename foundry/{common => }/gitea.values.yaml (100%)
 rename foundry/{common => }/identity.values.yaml (100%)
 rename foundry/{common => }/ingress-nginx.values.yaml (100%)
 rename foundry/{common => }/kubernetes-dashboard.values.yaml (100%)
 rename foundry/{common => }/mkdocs-material.values.yaml (100%)
 rename foundry/{common => }/namespace.yaml (60%)
 rename foundry/{common => }/nfs-server-provisioner.values.yaml (100%)
 rename foundry/{common => }/pgadmin4.values.yaml (100%)
 rename foundry/{common => }/postgresql.values.yaml (100%)
 rename foundry/{ => scripts}/configure-nic (100%)
 rename foundry/{foundry-banner => scripts/display-banner} (100%)
 rename foundry/{ => scripts}/expand-volume (100%)
 rename foundry/{topomojo => scripts}/setup-esxi (88%)
 rename foundry/{common => scripts}/setup-gitea (100%)
 rename foundry/{topomojo => }/topomojo-pvc.yaml (100%)
 rename foundry/{topomojo => }/topomojo.values.yaml (97%)
 delete mode 100755 foundry/topomojo/install.sh
 delete mode 100644 foundry/topomojo/namespace.yaml

diff --git a/foundry/certs/generate-certs b/foundry/certs/generate-certs
index 6b9858f..53ec3ff 100755
--- a/foundry/certs/generate-certs
+++ b/foundry/certs/generate-certs
@@ -21,4 +21,4 @@ cfssl gencert $ARGS -ca int-ca.pem -ca-key int-ca-key.pem -config config.json \
 # Create pkcs12 host bundle for identity signing key
 openssl pkcs12 -export -out host.pfx -inkey host-key.pem -in host.pem \
                -passin pass:foundry -passout pass:foundry
-sed -ri "s|(signer:) \"\"|\1 $(base64 -w0 host.pfx)|" ../common/identity.values.yaml
+sed -ri "s|(signer:) \"\"|\1 $(base64 -w0 host.pfx)|" ~/foundry/identity.values.yaml
diff --git a/foundry/common/code-server.values.yaml b/foundry/code-server.values.yaml
similarity index 100%
rename from foundry/common/code-server.values.yaml
rename to foundry/code-server.values.yaml
diff --git a/foundry/common/install.sh b/foundry/common/install.sh
deleted file mode 100755
index 166e422..0000000
--- a/foundry/common/install.sh
+++ /dev/null
@@ -1,69 +0,0 @@
-#!/bin/bash -e
-#
-# Copyright 2022 Carnegie Mellon University.
-# Released under a BSD (SEI)-style license, please see LICENSE.md in the
-# project root or contact permission@sei.cmu.edu for full terms.
-
-############################
-#   Common Stack Install   #
-############################
-
-GITEA_OAUTH_CLIENT_SECRET=$(openssl rand -hex 16)
-GITEA_ADMIN_PASSWORD=$(pwgen 12)
-
-# Change to the current directory
-cd "$(dirname "${BASH_SOURCE[0]}")"
-
-# Create common namespace and switch to it
-kubectl apply -f namespace.yaml
-kubectl config set-context --current --namespace=common
-
-# Add host certificate
-kubectl create secret tls appliance-cert --key ../certs/host-key.pem --cert <( cat ../certs/host.pem ../certs/int-ca.pem )
-
-# Install NFS server
-helm repo add kvaps https://kvaps.github.io/charts
-helm install -f nfs-server-provisioner.values.yaml nfs-server-provisioner kvaps/nfs-server-provisioner
-
-# Install ingress-nginx
-helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
-helm install --wait ingress-nginx ingress-nginx/ingress-nginx --values ingress-nginx.values.yaml
-
-# Install PostgreSQL
-helm repo add bitnami https://charts.bitnami.com/bitnami
-helm install --wait -f postgresql.values.yaml postgresql bitnami/postgresql
-
-# Install pgAdmin4
-helm repo add runix https://helm.runix.net/
-kubectl create secret generic pgpassfile --from-literal=pgpassfile=postgresql:5432:\*:postgres:foundry
-helm install -f pgadmin4.values.yaml pgadmin4 runix/pgadmin4
-
-# Install code-server (browser-based VS Code)
-helm repo add nicholaswilde https://nicholaswilde.github.io/helm-charts/
-helm install -f code-server.values.yaml code-server nicholaswilde/code-server
-
-# Kubernetes Dashboard
-helm repo add kubernetes-dashboard https://kubernetes.github.io/dashboard/
-helm install -f kubernetes-dashboard.values.yaml kubernetes-dashboard kubernetes-dashboard/kubernetes-dashboard
-
-# Add root CA to chart values
-cat ../certs/root-ca.pem | sed 's/^/  /' | sed -i -re 's/(cacert:).*/\1 |-/' -e '/cacert:/ r /dev/stdin' mkdocs-material.values.yaml
-cp ../certs/root-ca.pem ../../mkdocs/docs/root-ca.crt
-
-# Install Identity
-sed -i -r "s/<GITEA_OAUTH_CLIENT_SECRET>/$GITEA_OAUTH_CLIENT_SECRET/" identity.values.yaml
-helm repo add sei https://helm.cyberforce.site/charts
-helm install --wait -f identity.values.yaml identity sei/identity
-
-# Install Gitea
-git config --global init.defaultBranch main
-helm repo add gitea https://dl.gitea.io/charts/
-kubectl exec postgresql-0 -- psql 'postgresql://postgres:foundry@localhost' -c 'CREATE DATABASE gitea;'
-kubectl create secret generic gitea-oauth-client --from-literal=key=gitea-client --from-literal=secret=$GITEA_OAUTH_CLIENT_SECRET
-kubectl create secret generic gitea-admin-creds --from-literal=username=administrator --from-literal=password=$GITEA_ADMIN_PASSWORD
-helm install -f gitea.values.yaml gitea gitea/gitea
-timeout 5m bash -c 'while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' https://foundry.local/gitea)" != "200" ]]; do sleep 5; done' || false
-./setup-gitea
-
-# Install Material for MkDocs
-helm install -f mkdocs-material.values.yaml mkdocs-material sei/mkdocs-material
diff --git a/foundry/topomojo/console-ingress.yaml b/foundry/console-ingress.yaml
similarity index 100%
rename from foundry/topomojo/console-ingress.yaml
rename to foundry/console-ingress.yaml
diff --git a/foundry/topomojo/import-content b/foundry/content/import-content
similarity index 100%
rename from foundry/topomojo/import-content
rename to foundry/content/import-content
diff --git a/foundry/topomojo/content/pc2-d01.json b/foundry/content/pc2-d01.json
similarity index 100%
rename from foundry/topomojo/content/pc2-d01.json
rename to foundry/content/pc2-d01.json
diff --git a/foundry/topomojo/content/pc2-d01.md b/foundry/content/pc2-d01.md
similarity index 100%
rename from foundry/topomojo/content/pc2-d01.md
rename to foundry/content/pc2-d01.md
diff --git a/foundry/topomojo/gameboard.values.yaml b/foundry/gameboard.values.yaml
similarity index 97%
rename from foundry/topomojo/gameboard.values.yaml
rename to foundry/gameboard.values.yaml
index 76ce0dc..93e3173 100644
--- a/foundry/topomojo/gameboard.values.yaml
+++ b/foundry/gameboard.values.yaml
@@ -103,7 +103,7 @@ gameboard-api:
   env:
     PathBase: "/gameboard"
     Database__Provider: PostgreSQL
-    Database__ConnectionString: "Server=postgresql.common.svc.cluster.local;Port=5432;Database=gameboard;Username=postgres;Password=foundry;SSL Mode=Prefer;Trust Server Certificate=true;"
+    Database__ConnectionString: "Server=postgresql;Port=5432;Database=gameboard;Username=postgres;Password=foundry;SSL Mode=Prefer;Trust Server Certificate=true;"
     # Cache__SharedFolder: ""
     Oidc__Audience: gameboard-api
     Oidc__Authority: https://foundry.local/identity
diff --git a/foundry/common/gitea.values.yaml b/foundry/gitea.values.yaml
similarity index 100%
rename from foundry/common/gitea.values.yaml
rename to foundry/gitea.values.yaml
diff --git a/foundry/common/identity.values.yaml b/foundry/identity.values.yaml
similarity index 100%
rename from foundry/common/identity.values.yaml
rename to foundry/identity.values.yaml
diff --git a/foundry/common/ingress-nginx.values.yaml b/foundry/ingress-nginx.values.yaml
similarity index 100%
rename from foundry/common/ingress-nginx.values.yaml
rename to foundry/ingress-nginx.values.yaml
diff --git a/foundry/install.sh b/foundry/install.sh
index 9310747..186bff7 100755
--- a/foundry/install.sh
+++ b/foundry/install.sh
@@ -4,19 +4,109 @@
 # Released under a BSD (SEI)-style license, please see LICENSE.md in the
 # project root or contact permission@sei.cmu.edu for full terms.
 
-##############################
-#   Foundry Stacks Install   #
-##############################
+#############################
+#   Foundry Stack Install   #
+#############################
+
+GITEA_OAUTH_CLIENT_SECRET=$(openssl rand -hex 16)
+GITEA_ADMIN_PASSWORD=$(pwgen 12)
 
 # Change to the current directory
 cd "$(dirname "${BASH_SOURCE[0]}")"
 
-# Install stacks
-common/install.sh
-topomojo/install.sh
+# Create foundry namespace and switch to it
+kubectl apply -f namespace.yaml
+kubectl config set-context --current --namespace=foundry
+
+# Add host certificate
+kubectl create secret tls appliance-cert --key certs/host-key.pem --cert <( cat certs/host.pem certs/int-ca.pem )
+
+# Install NFS server
+helm repo add kvaps https://kvaps.github.io/charts
+helm install -f nfs-server-provisioner.values.yaml nfs-server-provisioner kvaps/nfs-server-provisioner
+
+# Install ingress-nginx
+helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
+helm install --wait ingress-nginx ingress-nginx/ingress-nginx --values ingress-nginx.values.yaml
+
+# Install PostgreSQL
+helm repo add bitnami https://charts.bitnami.com/bitnami
+helm install --wait -f postgresql.values.yaml postgresql bitnami/postgresql
+
+# Install pgAdmin4
+helm repo add runix https://helm.runix.net/
+kubectl create secret generic pgpassfile --from-literal=pgpassfile=postgresql:5432:\*:postgres:foundry
+helm install -f pgadmin4.values.yaml pgadmin4 runix/pgadmin4
+
+# Install code-server (browser-based VS Code)
+helm repo add nicholaswilde https://nicholaswilde.github.io/helm-charts/
+helm install -f code-server.values.yaml code-server nicholaswilde/code-server
+
+# Kubernetes Dashboard
+helm repo add kubernetes-dashboard https://kubernetes.github.io/dashboard/
+helm install -f kubernetes-dashboard.values.yaml kubernetes-dashboard kubernetes-dashboard/kubernetes-dashboard
+
+# Add root CA to chart values
+cat certs/root-ca.pem | sed 's/^/  /' | sed -i -re 's/(cacert:).*/\1 |-/' -e '/cacert:/ r /dev/stdin' mkdocs-material.values.yaml
+cp certs/root-ca.pem ../mkdocs/docs/root-ca.crt
+
+# Install Identity
+sed -i -r "s/<GITEA_OAUTH_CLIENT_SECRET>/$GITEA_OAUTH_CLIENT_SECRET/" identity.values.yaml
+helm repo add sei https://helm.cyberforce.site/charts
+helm install --wait -f identity.values.yaml identity sei/identity
+
+# Install Gitea
+git config --global init.defaultBranch main
+helm repo add gitea https://dl.gitea.io/charts/
+kubectl exec postgresql-0 -- psql 'postgresql://postgres:foundry@localhost' -c 'CREATE DATABASE gitea;'
+kubectl create secret generic gitea-oauth-client --from-literal=key=gitea-client --from-literal=secret=$GITEA_OAUTH_CLIENT_SECRET
+kubectl create secret generic gitea-admin-creds --from-literal=username=administrator --from-literal=password=$GITEA_ADMIN_PASSWORD
+helm install -f gitea.values.yaml gitea gitea/gitea
+timeout 5m bash -c 'while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' https://foundry.local/gitea)" != "200" ]]; do sleep 5; done' || false
+./scripts/setup-gitea
+
+# Install Material for MkDocs
+helm install -f mkdocs-material.values.yaml mkdocs-material sei/mkdocs-material
+
+# Add root CA to chart values
+cat certs/root-ca.pem | sed 's/^/    /' | sed -i -re 's/(cacert:).*/\1 |-/' -e '/cacert:/ r /dev/stdin' gameboard.values.yaml
+cat certs/root-ca.pem | sed 's/^/        /' | sed -i -re 's/(cacert.crt:).*/\1 |-/' -e '/cacert.crt:/ r /dev/stdin' topomojo.values.yaml
+
+# Install TopoMojo
+kubectl apply -f topomojo-pvc.yaml
+helm install --wait -f topomojo.values.yaml topomojo sei/topomojo
+kubectl apply -f console-ingress.yaml
+sleep 60
+
+# Add bot user to TopoMojo
+TOPOMOJO_ACCESS_TOKEN=$(curl --silent --request POST \
+  --url 'https://foundry.local/identity/connect/token' \
+  --data grant_type=password \
+  --data client_id=bootstrap-client \
+  --data client_secret=foundry \
+  --data username=administrator@foundry.local \
+  --data password=foundry | jq -r '.access_token')
+
+USER_ID=$(curl -X POST --silent \
+  --url "https://foundry.local/topomojo/api/user" \
+  -H "Authorization: Bearer $TOPOMOJO_ACCESS_TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{ "name": "bot-gameboard", "role": "user", "scope": "gameboard" }' | jq -r '.id')
+
+API_KEY=$(curl -X POST --silent \
+  --url "https://foundry.local/topomojo/api/apikey/$USER_ID" \
+  -H "Authorization: Bearer $TOPOMOJO_ACCESS_TOKEN" \
+  -H "Content-Type: application/json" \
+  -d "{}" | jq -r '.value')
+
+# Install Gameboard
+sed -i -r "s/(Core__GameEngineClientSecret:).*/\1 $API_KEY/" gameboard.values.yaml
+helm install --wait -f gameboard.values.yaml gameboard sei/gameboard
 
-# Switch to common namespace
-kubectl config set-context --current --namespace=common
+# Add administrator user to Gameboard
+timeout 5m bash -c 'until kubectl exec postgresql-0 -n foundry -- env PGPASSWORD=foundry psql -lqt -U postgres | cut -d \| -f 1 | grep -qw gameboard; do sleep 5; done' || false
+sleep 5
+kubectl exec postgresql-0 -n foundry -- psql 'postgresql://postgres:foundry@localhost/gameboard' -c "INSERT INTO \"Users\" (\"Id\",\"Name\",\"ApprovedName\",\"Role\") VALUES ('dee684c5-2eaf-401a-915b-d3d4320fe5d5', 'Administrator', 'Administrator', 63);"
 
 # Create git repo to track changes
 git init
diff --git a/foundry/common/kubernetes-dashboard.values.yaml b/foundry/kubernetes-dashboard.values.yaml
similarity index 100%
rename from foundry/common/kubernetes-dashboard.values.yaml
rename to foundry/kubernetes-dashboard.values.yaml
diff --git a/foundry/common/mkdocs-material.values.yaml b/foundry/mkdocs-material.values.yaml
similarity index 100%
rename from foundry/common/mkdocs-material.values.yaml
rename to foundry/mkdocs-material.values.yaml
diff --git a/foundry/common/namespace.yaml b/foundry/namespace.yaml
similarity index 60%
rename from foundry/common/namespace.yaml
rename to foundry/namespace.yaml
index 53f3762..97344a7 100644
--- a/foundry/common/namespace.yaml
+++ b/foundry/namespace.yaml
@@ -1,6 +1,6 @@
 kind: Namespace
 apiVersion: v1
 metadata:
-  name: common
+  name: foundry
   labels:
-    name: common
+    name: foundry
diff --git a/foundry/common/nfs-server-provisioner.values.yaml b/foundry/nfs-server-provisioner.values.yaml
similarity index 100%
rename from foundry/common/nfs-server-provisioner.values.yaml
rename to foundry/nfs-server-provisioner.values.yaml
diff --git a/foundry/common/pgadmin4.values.yaml b/foundry/pgadmin4.values.yaml
similarity index 100%
rename from foundry/common/pgadmin4.values.yaml
rename to foundry/pgadmin4.values.yaml
diff --git a/foundry/common/postgresql.values.yaml b/foundry/postgresql.values.yaml
similarity index 100%
rename from foundry/common/postgresql.values.yaml
rename to foundry/postgresql.values.yaml
diff --git a/foundry/configure-nic b/foundry/scripts/configure-nic
similarity index 100%
rename from foundry/configure-nic
rename to foundry/scripts/configure-nic
diff --git a/foundry/foundry-banner b/foundry/scripts/display-banner
similarity index 100%
rename from foundry/foundry-banner
rename to foundry/scripts/display-banner
diff --git a/foundry/expand-volume b/foundry/scripts/expand-volume
similarity index 100%
rename from foundry/expand-volume
rename to foundry/scripts/expand-volume
diff --git a/foundry/topomojo/setup-esxi b/foundry/scripts/setup-esxi
similarity index 88%
rename from foundry/topomojo/setup-esxi
rename to foundry/scripts/setup-esxi
index 1f51fd9..5a633ee 100755
--- a/foundry/topomojo/setup-esxi
+++ b/foundry/scripts/setup-esxi
@@ -15,10 +15,9 @@ ESXI_USER=root
 ESXI_HOSTNAME=esxi.foundry.local
 ESXI_CERTDIR=/etc/vmware/ssl
 RUI_CRT=$(cat ../certs/host.pem ../certs/int-ca.pem)
-RUI_KEY=$(<../certs/host-key.pem)
+RUI_KEY=$(<certs/host-key.pem)
 APPLIANCE_IP=$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')
-TOPOMOJO_NAMESPACE=topomojo
-TOPOMOJO_NFS_PV=$(kubectl get pvc topomojo-nfs -n $TOPOMOJO_NAMESPACE --output=jsonpath='{.spec.volumeName}')
+TOPOMOJO_NFS_PV=$(kubectl get pvc topomojo-nfs -n foundry --output=jsonpath='{.spec.volumeName}')
 TOPOMOJO_STOCK_PATH=/vmfs/volumes/datastore1/topomojo/00000000-0000-0000-0000-000000000000
 TOPOMOJO_ACCESS_TOKEN=$(curl --silent --request POST \
                              --url 'https://foundry.local/identity/connect/token' \
@@ -96,8 +95,8 @@ EOF
 fi
 
 # Configure topomojo-api
-sed -i -r "s/(Pod__Url:).*/\1 https:\/\/$ESXI_HOSTNAME/" topomojo.values.yaml 
-helm upgrade --install --wait -n $TOPOMOJO_NAMESPACE -f topomojo.values.yaml topomojo sei/topomojo
-kubectl rollout restart -n $TOPOMOJO_NAMESPACE deployment.apps/topomojo-topomojo-api
+sed -i -r "s/(Pod__Url:).*/\1 https:\/\/$ESXI_HOSTNAME/" ~/foundry/topomojo.values.yaml
+helm upgrade --install --wait -n foundry -f ~/foundry/topomojo.values.yaml topomojo sei/topomojo
+kubectl rollout restart -n foundry deployment.apps/topomojo-topomojo-api
 
 echo -e "\nESXi setup completed for $ESXI_HOSTNAME\n"
diff --git a/foundry/common/setup-gitea b/foundry/scripts/setup-gitea
similarity index 100%
rename from foundry/common/setup-gitea
rename to foundry/scripts/setup-gitea
diff --git a/foundry/topomojo/topomojo-pvc.yaml b/foundry/topomojo-pvc.yaml
similarity index 100%
rename from foundry/topomojo/topomojo-pvc.yaml
rename to foundry/topomojo-pvc.yaml
diff --git a/foundry/topomojo/topomojo.values.yaml b/foundry/topomojo.values.yaml
similarity index 97%
rename from foundry/topomojo/topomojo.values.yaml
rename to foundry/topomojo.values.yaml
index 4c5e165..e9c9581 100644
--- a/foundry/topomojo/topomojo.values.yaml
+++ b/foundry/topomojo.values.yaml
@@ -109,7 +109,7 @@ topomojo-api:
   env:
     PathBase: "/topomojo"
     Database__Provider: PostgreSQL
-    Database__ConnectionString: Server=postgresql.common.svc.cluster.local;Port=5432;Database=topomojo;Username=postgres;Password=foundry;SSL Mode=Prefer;Trust Server Certificate=true;
+    Database__ConnectionString: Server=postgresql;Port=5432;Database=topomojo;Username=postgres;Password=foundry;SSL Mode=Prefer;Trust Server Certificate=true;
     Database__AdminId: dee684c5-2eaf-401a-915b-d3d4320fe5d5
     Database__AdminName: Administrator
     Cache__SharedFolder: ""
diff --git a/foundry/topomojo/install.sh b/foundry/topomojo/install.sh
deleted file mode 100755
index 69c4005..0000000
--- a/foundry/topomojo/install.sh
+++ /dev/null
@@ -1,59 +0,0 @@
-#!/bin/bash -e
-#
-# Copyright 2022 Carnegie Mellon University.
-# Released under a BSD (SEI)-style license, please see LICENSE.md in the
-# project root or contact permission@sei.cmu.edu for full terms.
-
-##############################
-#   TopoMojo Stack Install   #
-##############################
-
-# Change to the current directory
-cd "$(dirname "${BASH_SOURCE[0]}")"
-
-# Create topomojo namespace and switch to it
-kubectl apply -f namespace.yaml
-kubectl config set-context --current --namespace=topomojo
-
-# Add host certificate
-kubectl create secret tls appliance-cert --key ../certs/host-key.pem --cert <( cat ../certs/host.pem ../certs/int-ca.pem )
-
-# Add root CA to chart values
-cat ../certs/root-ca.pem | sed 's/^/    /' | sed -i -re 's/(cacert:).*/\1 |-/' -e '/cacert:/ r /dev/stdin' gameboard.values.yaml
-cat ../certs/root-ca.pem | sed 's/^/        /' | sed -i -re 's/(cacert.crt:).*/\1 |-/' -e '/cacert.crt:/ r /dev/stdin' topomojo.values.yaml
-
-# Install TopoMojo
-kubectl apply -f topomojo-pvc.yaml
-helm install --wait -f topomojo.values.yaml topomojo sei/topomojo
-kubectl apply -f console-ingress.yaml
-sleep 60
-
-# Add bot user to TopoMojo
-TOPOMOJO_ACCESS_TOKEN=$(curl --silent --request POST \
-  --url 'https://foundry.local/identity/connect/token' \
-  --data grant_type=password \
-  --data client_id=bootstrap-client \
-  --data client_secret=foundry \
-  --data username=administrator@foundry.local \
-  --data password=foundry | jq -r '.access_token')
-
-USER_ID=$(curl -X POST --silent \
-  --url "https://foundry.local/topomojo/api/user" \
-  -H "Authorization: Bearer $TOPOMOJO_ACCESS_TOKEN" \
-  -H "Content-Type: application/json" \
-  -d '{ "name": "bot-gameboard", "role": "user", "scope": "gameboard" }' | jq -r '.id')
-
-API_KEY=$(curl -X POST --silent \
-  --url "https://foundry.local/topomojo/api/apikey/$USER_ID" \
-  -H "Authorization: Bearer $TOPOMOJO_ACCESS_TOKEN" \
-  -H "Content-Type: application/json" \
-  -d "{}" | jq -r '.value')
-
-# Install Gameboard
-sed -i -r "s/(Core__GameEngineClientSecret:).*/\1 $API_KEY/" gameboard.values.yaml
-helm install --wait -f gameboard.values.yaml gameboard sei/gameboard
-
-# Add administrator user to Gameboard
-timeout 5m bash -c 'until kubectl exec postgresql-0 -n common -- env PGPASSWORD=foundry psql -lqt -U postgres | cut -d \| -f 1 | grep -qw gameboard; do sleep 5; done' || false
-sleep 5
-kubectl exec postgresql-0 -n common -- psql 'postgresql://postgres:foundry@localhost/gameboard' -c "INSERT INTO \"Users\" (\"Id\",\"Name\",\"ApprovedName\",\"Role\") VALUES ('dee684c5-2eaf-401a-915b-d3d4320fe5d5', 'Administrator', 'Administrator', 63);"
diff --git a/foundry/topomojo/namespace.yaml b/foundry/topomojo/namespace.yaml
deleted file mode 100644
index 587bd38..0000000
--- a/foundry/topomojo/namespace.yaml
+++ /dev/null
@@ -1,6 +0,0 @@
-kind: Namespace
-apiVersion: v1
-metadata:
-  name: topomojo
-  labels:
-    name: topomojo
diff --git a/mkdocs/docs/index.md b/mkdocs/docs/index.md
index f91460c..a7b13fc 100644
--- a/mkdocs/docs/index.md
+++ b/mkdocs/docs/index.md
@@ -45,8 +45,8 @@ The following third-party applications are loaded on this appliance:
 The appliance comes preloaded with a sample challenge from _President's Cup 2020_. Run the following commands to download the virtual machine images (~20 GB) to ESXi and load the challenge into TopoMojo.
 
 ```
-cd ~/foundry/topomojo
-./content-import content/pc2-d01.json
+cd ~/foundry/content
+./content-import pc2-d01.json
 ```
 
 ## Under the hood
diff --git a/setup-appliance b/setup-appliance
index 79cf5bc..3f4bc66 100644
--- a/setup-appliance
+++ b/setup-appliance
@@ -10,7 +10,7 @@
 echo "$APPLIANCE_VERSION" > /etc/appliance_version
 
 # Expand LVM volume to use full drive capacity
-~/foundry/expand-volume
+~/foundry/scripts/expand-volume
 
 # Disable swap for Kubernetes
 swapoff -a
@@ -82,13 +82,13 @@ sudo -u $SSH_USERNAME git clone https://github.com/jaggedmountain/k-alias.git
 chmod -x /etc/update-motd.d/00-header
 chmod -x /etc/update-motd.d/10-help-text
 sed -i -r 's/(ENABLED=)1/\10/' /etc/default/motd-news
-cp ~/foundry/foundry-banner /etc/update-motd.d/05-foundry-banner
-rm ~/foundry/foundry-banner
+cp ~/foundry/scripts/display-banner /etc/update-motd.d/05-display-banner
+rm ~/foundry/scripts/display-banner
 sed -i "s/{version}/$APPLIANCE_VERSION/" ~/mkdocs/docs/index.md
 echo -e "Foundry Appliance $APPLIANCE_VERSION \\\n \l \n" > /etc/issue
 
 # Create systemd service to configure netplan primary interface
-mv /home/foundry/foundry/configure-nic /usr/local/bin
+mv /home/foundry/foundry/scripts/configure-nic /usr/local/bin
 cat <<EOF > /etc/systemd/system/configure-nic.service
 [Unit]
 Description=Configure Netplan primary Ethernet interface