create base kubernetes deployment with CRDs and charts
This commit is contained in:
parent
218bee6c17
commit
2350938f17
3 changed files with 53 additions and 29 deletions
|
@ -97,6 +97,7 @@
|
||||||
dmidecode
|
dmidecode
|
||||||
openssl
|
openssl
|
||||||
nfs-utils
|
nfs-utils
|
||||||
|
rsync
|
||||||
];
|
];
|
||||||
|
|
||||||
nixpkgs.overlays = [
|
nixpkgs.overlays = [
|
||||||
|
|
34
nix/flake/kubenix/base.nix
Normal file
34
nix/flake/kubenix/base.nix
Normal file
|
@ -0,0 +1,34 @@
|
||||||
|
# We deploy several resources that rely on "custom resource definitions".
|
||||||
|
# We must first import these resources definitions, before deploying resources that depend on them.
|
||||||
|
{ nixhelm, system, ... }: {
|
||||||
|
kubenix.project = "home";
|
||||||
|
|
||||||
|
kubernetes = {
|
||||||
|
kubeconfig = "~/.kube/config";
|
||||||
|
|
||||||
|
# TODO: These were copied from https://github.com/cert-manager/cert-manager/releases/download/v1.14.4/cert-manager.crds.yaml
|
||||||
|
# See https://cert-manager.io/docs/installation/helm/
|
||||||
|
# Seems kubenix cannot import a list of resources, but only individual resources.
|
||||||
|
# Might be good to create a PR for this.
|
||||||
|
imports = [
|
||||||
|
./certificaterequest.yaml
|
||||||
|
./certificate.yaml
|
||||||
|
./challenge.yaml
|
||||||
|
./clusterissuer.yaml
|
||||||
|
./issuer.yaml
|
||||||
|
./order.yaml
|
||||||
|
];
|
||||||
|
|
||||||
|
helm.releases = {
|
||||||
|
metallb = {
|
||||||
|
chart = nixhelm.chartsDerivations.${system}.metallb.metallb;
|
||||||
|
includeCRDs = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
cert-manager = {
|
||||||
|
chart = nixhelm.chartsDerivations.${system}.jetstack.cert-manager;
|
||||||
|
includeCRDs = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -4,12 +4,14 @@
|
||||||
{
|
{
|
||||||
specialArgs = {
|
specialArgs = {
|
||||||
flake = self;
|
flake = self;
|
||||||
|
inherit nixhelm system;
|
||||||
};
|
};
|
||||||
|
|
||||||
module = { kubenix, ... }: {
|
module = { kubenix, ... }: {
|
||||||
imports = [
|
imports = [
|
||||||
kubenix.modules.k8s
|
kubenix.modules.k8s
|
||||||
kubenix.modules.helm
|
kubenix.modules.helm
|
||||||
|
./base.nix
|
||||||
./freshrss.nix
|
./freshrss.nix
|
||||||
./cyberchef.nix
|
./cyberchef.nix
|
||||||
./kms.nix
|
./kms.nix
|
||||||
|
@ -26,23 +28,8 @@
|
||||||
./bind9.nix
|
./bind9.nix
|
||||||
./dnsmasq.nix
|
./dnsmasq.nix
|
||||||
];
|
];
|
||||||
kubernetes.kubeconfig = "~/.kube/config";
|
|
||||||
kubenix.project = "home";
|
|
||||||
|
|
||||||
kubernetes = {
|
kubernetes = {
|
||||||
# TODO: These were copied from https://github.com/cert-manager/cert-manager/releases/download/v1.14.4/cert-manager.crds.yaml
|
|
||||||
# See https://cert-manager.io/docs/installation/helm/
|
|
||||||
# Seems kubenix cannot import a list of resources, but only individual resources.
|
|
||||||
# Might be good to create PR for this.
|
|
||||||
imports = [
|
|
||||||
./certificaterequest.yaml
|
|
||||||
./certificate.yaml
|
|
||||||
./challenge.yaml
|
|
||||||
./clusterissuer.yaml
|
|
||||||
./issuer.yaml
|
|
||||||
./order.yaml
|
|
||||||
];
|
|
||||||
|
|
||||||
customTypes = {
|
customTypes = {
|
||||||
# HACK: These are dummy custom types.
|
# HACK: These are dummy custom types.
|
||||||
# This is needed, because the CRDs imported as a chart are not available as Nix modules.
|
# This is needed, because the CRDs imported as a chart are not available as Nix modules.
|
||||||
|
@ -160,21 +147,23 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
# TODO: These resources should probably exist within the kube-system namespace.
|
|
||||||
helm.releases = {
|
|
||||||
metallb = {
|
|
||||||
chart = nixhelm.chartsDerivations.${system}.metallb.metallb;
|
|
||||||
includeCRDs = true;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
cert-manager = {
|
kubenix-bootstrap = kubenix.packages.${system}.default.override
|
||||||
chart = nixhelm.chartsDerivations.${system}.jetstack.cert-manager;
|
{
|
||||||
includeCRDs = false;
|
specialArgs = {
|
||||||
};
|
flake = self;
|
||||||
};
|
inherit nixhelm system;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
module = { kubenix, ... }: {
|
||||||
|
imports = [
|
||||||
|
kubenix.modules.k8s
|
||||||
|
kubenix.modules.helm
|
||||||
|
./base.nix
|
||||||
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
|
|
Loading…
Reference in a new issue