{ config, lib, nixhelm, system, globals, machines, ... }: { options.bootstrap-default.enable = lib.mkEnableOption "bootstrap-default"; config = lib.mkIf config.bootstrap-default.enable { kubernetes = { helm.releases = { metallb = { chart = nixhelm.chartsDerivations.${system}.metallb.metallb; includeCRDs = true; }; # argo-workflows = { # chart = nixhelm.chartsDerivations.${system}.argoproj.argo-workflows; # includeCRDs = true; # }; longhorn = { chart = nixhelm.chartsDerivations.${system}.longhorn.longhorn; includeCRDs = true; values = { persistence.defaultClassReplicaCount = 2; service.ui.type = "LoadBalancer"; defaultSettings = { defaultDataPath = "/mnt/longhorn"; storageMinimalAvailablePercentage = 0; allowRecurringJobWhileVolumeDetached = true; backupTarget = "nfs://lewis.dmz:/mnt/longhorn/persistent/longhorn-backup"; }; }; }; }; resources = { services.longhorn-frontend.spec.loadBalancerIP = globals.longhornIPv4; namespaces = { static-websites = {}; freshrss = {}; radicale = {}; kms = {}; atuin = {}; nextcloud = {}; hedgedoc = {}; kitchenowl = {}; forgejo = {}; paperless = {}; syncthing = {}; immich = {}; attic = {}; inbucket = {}; dns = {}; media = {}; minecraft = {}; tailscale = {}; ntfy = {}; }; nodes = let machinesWithKubernetesLabels = lib.filterAttrs (name: machine: machine.kubernetesNodeLabels != null) machines; in builtins.mapAttrs (name: machine: { metadata.labels = machine.kubernetesNodeLabels; }) machinesWithKubernetesLabels; recurringJobs.backup-nfs.spec = { cron = "0 1 * * *"; # One o'clock at night task = "backup"; retain = 2; # We don't need many, as we also make Borg backups. concurrency = 1; }; ipAddressPools.main.spec.addresses = ["192.168.30.128-192.168.30.200" "2a0d:6e00:1a77:30::2-2a0d:6e00:1a77:30:ffff:ffff:ffff:fffe"]; l2Advertisements.main.metadata = {}; persistentVolumes = { music-syncthing.spec = { capacity.storage = "1Gi"; accessModes = ["ReadWriteMany"]; nfs = { server = "lewis.dmz"; path = "/mnt/longhorn/persistent/media/music"; }; }; media-media.spec = { capacity.storage = "1Gi"; accessModes = ["ReadWriteMany"]; nfs = { server = "lewis.dmz"; path = "/mnt/longhorn/persistent/media"; }; }; }; }; }; lab = { longhorn.persistentVolume = { freshrss.storage = "1Gi"; radicale.storage = "200Mi"; atuin.storage = "300Mi"; atuin-db.storage = "300Mi"; nextcloud.storage = "50Gi"; nextcloud-db.storage = "400Mi"; hedgedoc-uploads.storage = "50Mi"; hedgedoc-db.storage = "100Mi"; kitchenowl.storage = "100Mi"; forgejo.storage = "20Gi"; paperless-data.storage = "10Gi"; paperless-redisdata.storage = "20Mi"; paperless-db.storage = "150Mi"; syncthing.storage = "400Mi"; pihole-data.storage = "750Mi"; pihole-dnsmasq.storage = "16Mi"; immich.storage = "50Gi"; immich-db.storage = "5Gi"; attic.storage = "15Gi"; attic-db.storage = "150Mi"; jellyfin.storage = "5Gi"; transmission.storage = "25Mi"; jellyseerr.storage = "75Mi"; radarr.storage = "300Mi"; prowlarr.storage = "150Mi"; sonarr.storage = "150Mi"; bazarr.storage = "25Mi"; minecraft.storage = "1Gi"; ntfy.storage = "300Mi"; deluge.storage = "500Mi"; }; tailscaleIngresses.tailscale-longhorn = { host = "longhorn"; service = { name = "longhorn-frontend"; portName = "http"; }; }; }; }; }