feat(kitchenowl): Move to separate k8s namespace

This commit is contained in:
Pim Kunis 2024-07-14 19:59:49 +02:00
parent cfb9f1bb12
commit 17f507d277
6 changed files with 43 additions and 29 deletions

View file

@ -60,6 +60,7 @@ Currently, the applications being deployed like this are:
- `blog`
- `nextcloud`
- `hedgedoc`
- `kitchenowl`
## Known bugs

View file

@ -80,4 +80,6 @@
"${self}/kubenix-modules/nextcloud.nix" "nextcloud" "nextcloud";
kubenix.hedgedoc = mkDeployScriptAndManifest
"${self}/kubenix-modules/hedgedoc.nix" "hedgedoc" "hedgedoc";
kubenix.kitchenowl = mkDeployScriptAndManifest
"${self}/kubenix-modules/kitchenowl.nix" "kitchenowl" "kitchenowl";
})

View file

@ -4,7 +4,6 @@ let
./syncthing.nix
./pihole.nix
./paperless.nix
./kitchenowl.nix
./forgejo
./media.nix
./bind9

View file

@ -68,6 +68,7 @@
atuin = { };
nextcloud = { };
hedgedoc = { };
kitchenowl = { };
};
nodes =

View file

@ -1,44 +1,50 @@
{
kubernetes.resources = {
secrets.kitchenowl.stringData.jwtSecretKey = "ref+sops://secrets/kubernetes.yaml#/kitchenowl/jwtSecretKey";
secrets.server.stringData.jwtSecretKey = "ref+sops://secrets/kubernetes.yaml#/kitchenowl/jwtSecretKey";
deployments.kitchenowl = {
metadata.labels.app = "kitchenowl";
deployments.server.spec = {
selector.matchLabels.app = "kitchenowl";
spec = {
selector.matchLabels.app = "kitchenowl";
strategy = {
type = "RollingUpdate";
template = {
metadata.labels.app = "kitchenowl";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
spec = {
volumes.data.persistentVolumeClaim.claimName = "kitchenowl";
template = {
metadata.labels.app = "kitchenowl";
containers.kitchenowl = {
image = "tombursch/kitchenowl:v0.5.1";
ports.web.containerPort = 8080;
spec = {
volumes.data.persistentVolumeClaim.claimName = "data";
env.JWT_SECRET_KEY.valueFrom.secretKeyRef = {
name = "kitchenowl";
key = "jwtSecretKey";
};
containers.kitchenowl = {
image = "tombursch/kitchenowl:v0.5.1";
ports.web.containerPort = 8080;
imagePullPolicy = "Always";
volumeMounts = [{
name = "data";
mountPath = "/data";
}];
env.JWT_SECRET_KEY.valueFrom.secretKeyRef = {
name = "server";
key = "jwtSecretKey";
};
securityContext = {
fsGroup = 0;
fsGroupChangePolicy = "OnRootMismatch";
};
volumeMounts = [{
name = "data";
mountPath = "/data";
}];
};
securityContext = {
fsGroup = 0;
fsGroupChangePolicy = "OnRootMismatch";
};
};
};
};
services.kitchenowl.spec = {
services.server.spec = {
selector.app = "kitchenowl";
ports.web = {
@ -49,13 +55,18 @@
};
lab = {
ingresses.kitchenowl = {
ingresses.web = {
host = "boodschappen.kun.is";
service = {
name = "kitchenowl";
name = "server";
portName = "web";
};
};
longhorn.persistentVolumeClaim.data = {
volumeName = "kitchenowl";
storage = "100Mi";
};
};
}

View file

@ -18,7 +18,6 @@
pihole-data.storage = "750Mi";
pihole-dnsmasq.storage = "16Mi";
forgejo.storage = "20Gi";
kitchenowl.storage = "100Mi";
syncthing.storage = "400Mi";
paperless-data.storage = "10Gi";
paperless-redisdata.storage = "20Mi";
@ -45,6 +44,7 @@
nextcloud-db.storage = "400Mi";
hedgedoc-uploads.storage = "50Mi";
hedgedoc-db.storage = "100Mi";
kitchenowl.storage = "100Mi";
};
nfsVolumes = {