{
config,
utils,
globals,
lib,
...
}: {
options.atuin.enable = lib.mkEnableOption "atuin";
config = lib.mkIf config.atuin.enable {
kubernetes.resources = {
secrets.database.stringData = {
databasePassword = "ref+sops://secrets.yml#/atuin/databasePassword";
databaseURL = "ref+sops://secrets.yml#/atuin/databaseURL";
};
deployments.server.spec = {
selector.matchLabels.app = "atuin";
strategy = {
type = "RollingUpdate";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
template = {
metadata.labels.app = "atuin";
spec = {
volumes.database.persistentVolumeClaim.claimName = "database";
containers = {
atuin = {
image = utils.mkNixNGImage "atuin";
ports.web.containerPort = 8888;
env.ATUIN_DB_URI.valueFrom.secretKeyRef = {
name = "database";
key = "databaseURL";
};
};
database = {
image = globals.images.postgres14;
ports.web.containerPort = 5432;
env = {
POSTGRES_DB.value = "atuin";
POSTGRES_USER.value = "atuin";
POSTGRES_PASSWORD.valueFrom.secretKeyRef = {
name = "database";
key = "databasePassword";
};
};
volumeMounts = [
{
name = "database";
mountPath = "/var/lib/postgresql/data";
}
];
};
};
};
};
};
services.server.spec = {
selector.app = "atuin";
ports.web = {
port = 80;
targetPort = "web";
};
};
};
lab = {
ingresses.server = {
host = "atuin.kun.is";
service = {
name = "server";
portName = "web";
};
};
longhorn.persistentVolumeClaim.database = {
volumeName = "atuin-db";
storage = "300Mi";
};
};
};
}