kubernetes-deployments/modules/ingress.nix

{
  lib,
  config,
  ...
}: let
  ingressOpts = {name, ...}: {
    options = {
      host = lib.mkOption {
        type = lib.types.str;
      };

      entrypoint = lib.mkOption {
        type = lib.types.str;
        default = "websecure";
      };

      service = {
        name = lib.mkOption {
          type = lib.types.str;
        };

        portName = lib.mkOption {
          type = lib.types.str;
        };
      };
    };
  };
in {
  options = {
    lab.ingresses = lib.mkOption {
      type = with lib.types; attrsOf (submodule ingressOpts);
      default = {};
    };
  };

  config = {
    kubernetes.resources.ingresses =
      builtins.mapAttrs
      (name: ingress: {
        metadata.annotations = {
          "cert-manager.io/cluster-issuer" = "letsencrypt";
          "traefik.ingress.kubernetes.io/router.entrypoints" = ingress.entrypoint;
        };

        spec = {
          ingressClassName = "traefik";

          rules = [
            {
              host = ingress.host;

              http.paths = [
                {
                  path = "/";
                  pathType = "Prefix";

                  backend.service = {
                    name = ingress.service.name;
                    port.name = ingress.service.portName;
                  };
                }
              ];
            }
          ];

          tls = [
            {
              secretName = "${name}-tls";
              hosts = [ingress.host];
            }
          ];
        };
      })
      config.lab.ingresses;
  };
}
Format repo 2024-10-28 15:05:06 +00:00			`{`
			`lib,`
			`config,`
			`...`
			`}: let`
			`ingressOpts = {name, ...}: {`
Init 2024-09-07 10:35:02 +00:00			`options = {`
			`host = lib.mkOption {`
			`type = lib.types.str;`
			`};`

			`entrypoint = lib.mkOption {`
			`type = lib.types.str;`
			`default = "websecure";`
			`};`

			`service = {`
			`name = lib.mkOption {`
			`type = lib.types.str;`
			`};`

			`portName = lib.mkOption {`
			`type = lib.types.str;`
			`};`
			`};`
			`};`
			`};`
Format repo 2024-10-28 15:05:06 +00:00			`in {`
Init 2024-09-07 10:35:02 +00:00			`options = {`
			`lab.ingresses = lib.mkOption {`
			`type = with lib.types; attrsOf (submodule ingressOpts);`
Format repo 2024-10-28 15:05:06 +00:00			`default = {};`
Init 2024-09-07 10:35:02 +00:00			`};`
			`};`

			`config = {`
Format repo 2024-10-28 15:05:06 +00:00			`kubernetes.resources.ingresses =`
			`builtins.mapAttrs`
Init 2024-09-07 10:35:02 +00:00			`(name: ingress: {`
			`metadata.annotations = {`
			`"cert-manager.io/cluster-issuer" = "letsencrypt";`
			`"traefik.ingress.kubernetes.io/router.entrypoints" = ingress.entrypoint;`
			`};`

			`spec = {`
			`ingressClassName = "traefik";`

Format repo 2024-10-28 15:05:06 +00:00			`rules = [`
			`{`
			`host = ingress.host;`
Init 2024-09-07 10:35:02 +00:00
Format repo 2024-10-28 15:05:06 +00:00			`http.paths = [`
			`{`
			`path = "/";`
			`pathType = "Prefix";`
Init 2024-09-07 10:35:02 +00:00
Format repo 2024-10-28 15:05:06 +00:00			`backend.service = {`
			`name = ingress.service.name;`
			`port.name = ingress.service.portName;`
			`};`
			`}`
			`];`
			`}`
			`];`
Init 2024-09-07 10:35:02 +00:00
Format repo 2024-10-28 15:05:06 +00:00			`tls = [`
			`{`
			`secretName = "${name}-tls";`
			`hosts = [ingress.host];`
			`}`
			`];`
Init 2024-09-07 10:35:02 +00:00			`};`
			`})`
			`config.lab.ingresses;`
			`};`
			`}`