{ config, lib, nixhelm, system, globals, ... }: { options.bootstrap-default.enable = lib.mkEnableOption "bootstrap-default"; config = lib.mkIf config.bootstrap-default.enable { kubernetes = { helm.releases = { metallb = { chart = nixhelm.chartsDerivations.${system}.metallb.metallb; includeCRDs = true; }; longhorn = { chart = nixhelm.chartsDerivations.${system}.longhorn.longhorn; includeCRDs = true; values = { persistence.defaultClassReplicaCount = 2; service.ui.type = "LoadBalancer"; defaultSettings = { defaultDataPath = "/mnt/longhorn"; storageMinimalAvailablePercentage = 0; allowRecurringJobWhileVolumeDetached = true; backupTarget = "nfs://lewis.dmz:/mnt/longhorn/persistent/longhorn-backup"; }; }; }; }; resources = { services.longhorn-frontend.spec.loadBalancerIP = globals.longhornIPv4; namespaces = { static-websites = {}; freshrss = {}; radicale = {}; kms = {}; atuin = {}; nextcloud = {}; hedgedoc = {}; kitchenowl = {}; forgejo = {}; paperless = {}; syncthing = {}; immich = {}; attic = {}; inbucket = {}; dns = {}; media = {}; minecraft = {}; tailscale = {}; ntfy = {}; authentik = {}; mealie = {}; }; nodes = builtins.mapAttrs (_name: labels: { metadata.labels = labels; }) globals.nodeLabels; recurringJobs.backup-nfs.spec = { cron = "0 1 * * *"; # One o'clock at night task = "backup"; retain = 2; # We don't need many, as we also make Borg backups. concurrency = 1; }; backuptargets.backup.spec = { backupTargetURL = "nfs://lewis.dmz:/mnt/longhorn/persistent/longhorn-backup"; pollInterval = "5m0s"; }; ipAddressPools.main.spec.addresses = ["192.168.30.128-192.168.30.200" "2a0d:6e00:1a77:30::2-2a0d:6e00:1a77:30:ffff:ffff:ffff:fffe"]; l2Advertisements.main.metadata = {}; }; }; lab = { longhorn.persistentVolume = { kitchenowl.storage = "100Mi"; minecraft.storage = "1Gi"; authentik-db.storage = "10Gi"; authentik-redis.storage = "5Gi"; mealie.storage = "3Gi"; }; tailscaleIngresses.tailscale-longhorn = { host = "longhorn"; service = { name = "longhorn-frontend"; portName = "http"; }; }; }; }; }