home/kubernetes-deployments
2
0
Fork 0
Code Issues 3 Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: home:8bc63131128d7f132e1b4ff9ac974b62bb0face2
Branches Tags
home:master
home:generic-device-plugin
..
compare: home:9ae4ff3ca32f497c4f508c572a64ccdf05deaea6
Branches Tags
home:master
home:generic-device-plugin

No commits in common. "8bc63131128d7f132e1b4ff9ac974b62bb0face2" and "9ae4ff3ca32f497c4f508c572a64ccdf05deaea6" have entirely different histories.
8bc6313112 ... 9ae4ff3ca3

3 changed files with 19 additions and 16 deletions
Show stats Expand all files Collapse all files

29
applyset-deploy.sh
View file

@ -3,10 +3,9 @@
set -euo pipefail set -euo pipefail
first_server="${SERVERS%% *}" first_server="${SERVERS%% *}"
previous_manifest=$( previous_manifest=$(ssh -T "root@$first_server" << EOF
envsubst <<EOF | ssh -T "root@$first_server" if [[ -f "$GCROOTDIR/${NAME}.yml" ]]; then
if [[ -f "$GCROOTDIR/$NAME.yml" ]]; then cat "$GCROOTDIR/${NAME}.yml"
cat "$GCROOTDIR/$NAME.yml"
fi fi
EOF EOF
) )
@ -15,26 +14,30 @@ set +e
if [ -z "$previous_manifest" ]; then if [ -z "$previous_manifest" ]; then
echo No previous manifest found! echo No previous manifest found!
else else
$DYFF between <(echo "$previous_manifest") "$MANIFEST" \ $DYFF between <(echo $previous_manifest) $MANIFEST \
--exclude-regexp metadata.labels.kubenix/hash \ --exclude-regexp metadata.labels.kubenix/hash \
--exclude-regexp labels.kubenix/hash \ --exclude-regexp labels.kubenix/hash \
--set-exit-code --set-exit-code
if [ $? -eq 0 ]; then
exit 0
fi
fi fi
set -e set -e
read -r -p "Continue? " _ read -r -p "Continue? " response
echo Uploading closure... echo Uploading closure...
for server in $SERVERS; do for server in $SERVERS; do
echo Uploading closure to "$server"... echo Uploading closure to $server...
nix copy --to "ssh://root@$server.dmz" "$MANIFEST" nix copy --to "ssh://root@$server.dmz" $MANIFEST
ssh "root@$server.dmz" "mkdir -p $GCROOTDIR && ln -sf $MANIFEST $GCROOTDIR/${NAME}.yml" ssh "root@$server.dmz" "mkdir -p $GCROOTDIR && ln -sf $MANIFEST $GCROOTDIR/${NAME}.yml"
done done
echo Applying Kubernetes manifest... echo Applying Kubernetes manifest...
export KUBECTL_APPLYSET=true export KUBECTL_APPLYSET=true
vals eval -fail-on-missing-key-in-map <"$MANIFEST" | vals eval -fail-on-missing-key-in-map <$MANIFEST | \
kubectl apply -f - \ kubectl apply -f - \
--prune \ --prune \
--applyset applyset-"$NAME" \ --applyset applyset-$NAME \
--namespace "$NAMESPACE" --namespace $NAMESPACE

2
globals.nix
View file

@ -20,7 +20,7 @@
immich-postgres = "docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0"; immich-postgres = "docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0";
kitchenowl = "tombursch/kitchenowl:v0.6.4"; kitchenowl = "tombursch/kitchenowl:v0.6.4";
cyberchef = "mpepping/cyberchef:latest"; cyberchef = "mpepping/cyberchef:latest";
freshrss = "freshrss/freshrss:1.25.0"; freshrss = "freshrss/freshrss:1.24.3";
bind9 = "ubuntu/bind9:9.18-22.04_beta"; bind9 = "ubuntu/bind9:9.18-22.04_beta";
hedgedoc = "quay.io/hedgedoc/hedgedoc:1.10.0"; hedgedoc = "quay.io/hedgedoc/hedgedoc:1.10.0";
minecraft = "itzg/minecraft-server:latest"; minecraft = "itzg/minecraft-server:latest";

2
kubenix.nix
View file

@ -64,7 +64,7 @@ flake-utils.lib.eachDefaultSystem
pkgs.symlinkJoin pkgs.symlinkJoin
{ {
name = "applyset-deploy.sh"; name = "applyset-deploy.sh";
paths = [deployScript pkgs.vals pkgs.kubectl pkgs.gettext]; paths = [deployScript pkgs.vals pkgs.kubectl];
buildInputs = [pkgs.makeWrapper]; buildInputs = [pkgs.makeWrapper];
passthru.manifest = result; passthru.manifest = result;
meta.mainProgram = "applyset-deploy.sh"; meta.mainProgram = "applyset-deploy.sh";