Init

2024-09-07 12:35:02 +02:00 · 2024-09-07 12:35:02 +02:00 · cdec5a64aa
commit cdec5a64aa
44 changed files with 9802 additions and 0 deletions
--- a/modules/ingress.nix
+++ b/modules/ingress.nix
@ -0,0 +1,67 @@
+{ lib, config, ... }:
+let
+  ingressOpts = { name, ... }: {
+    options = {
+      host = lib.mkOption {
+        type = lib.types.str;
+      };
+
+      entrypoint = lib.mkOption {
+        type = lib.types.str;
+        default = "websecure";
+      };
+
+      service = {
+        name = lib.mkOption {
+          type = lib.types.str;
+        };
+
+        portName = lib.mkOption {
+          type = lib.types.str;
+        };
+      };
+    };
+  };
+in
+{
+  options = {
+    lab.ingresses = lib.mkOption {
+      type = with lib.types; attrsOf (submodule ingressOpts);
+      default = { };
+    };
+  };
+
+  config = {
+    kubernetes.resources.ingresses = builtins.mapAttrs
+      (name: ingress: {
+        metadata.annotations = {
+          "cert-manager.io/cluster-issuer" = "letsencrypt";
+          "traefik.ingress.kubernetes.io/router.entrypoints" = ingress.entrypoint;
+        };
+
+        spec = {
+          ingressClassName = "traefik";
+
+          rules = [{
+            host = ingress.host;
+
+            http.paths = [{
+              path = "/";
+              pathType = "Prefix";
+
+              backend.service = {
+                name = ingress.service.name;
+                port.name = ingress.service.portName;
+              };
+            }];
+          }];
+
+          tls = [{
+            secretName = "${name}-tls";
+            hosts = [ ingress.host ];
+          }];
+        };
+      })
+      config.lab.ingresses;
+  };
+}