Migrate nextcloud database to kubernetes

Disable postgresql database on lewis
2024-05-25 18:05:44 +02:00 · 2024-05-25 18:05:44 +02:00 · 266d7d905c
commit 266d7d905c
parent c56a17fc4f
4 changed files with 127 additions and 93 deletions
--- a/kubenix-modules/nextcloud.nix
+++ b/kubenix-modules/nextcloud.nix
@ -1,18 +1,35 @@
 {
  kubernetes.resources = {
-    configMaps.nextcloud.data = {
+    configMaps = {
      nextcloud.data = {
        POSTGRES_USER = "nextcloud";
        POSTGRES_DB = "nextcloud";
        POSTGRES_HOST = "lewis.dmz";
      };
      nextcloud-db-env.data = {
        POSTGRES_DB = "nextcloud";
        POSTGRES_USER = "nextcloud";
        POSTGRES_PASSWORD = "ref+sops://secrets/sops.yaml#/nextcloud/databasePassword";
        PGDATA = "/pgdata/data";
      };
    };
    secrets.nextcloud.stringData.databasePassword = "ref+sops://secrets/sops.yaml#/nextcloud/databasePassword";
-    deployments.nextcloud = {
+    deployments = {
-      metadata.labels.app = "nextcloud";
+      nextcloud = {
        metadata.labels = {
          app = "nextcloud";
          component = "website";
        };
        spec = {
-        selector.matchLabels.app = "nextcloud";
+          selector.matchLabels = {
            app = "nextcloud";
            component = "website";
          };
          strategy = {
            type = "RollingUpdate";
@ -23,7 +40,10 @@
          };
          template = {
-          metadata.labels.app = "nextcloud";
+            metadata.labels = {
              app = "nextcloud";
              component = "website";
            };
            spec = {
              volumes.data.persistentVolumeClaim.claimName = "nextcloud";
@ -62,14 +82,69 @@
        };
      };
-    services.nextcloud.spec = {
+      nextcloud-db = {
-      selector.app = "nextcloud";
+        metadata.labels = {
          app = "nextcloud";
          component = "database";
        };
        spec = {
          selector.matchLabels = {
            app = "nextcloud";
            component = "database";
          };
          template = {
            metadata.labels = {
              app = "nextcloud";
              component = "database";
            };
            spec = {
              containers.postgres = {
                image = "postgres:15";
                imagePullPolicy = "IfNotPresent";
                ports.postgres.containerPort = 5432;
                envFrom = [{ configMapRef.name = "nextcloud-db-env"; }];
                volumeMounts = [{
                  name = "data";
                  mountPath = "/pgdata";
                }];
              };
              volumes.data.persistentVolumeClaim.claimName = "nextcloud-db";
            };
          };
        };
      };
    };
    services = {
      nextcloud.spec = {
        selector = {
          app = "nextcloud";
          component = "website";
        };
        ports.web = {
          port = 80;
          targetPort = "web";
        };
      };
      nextcloud-db.spec = {
        selector = {
          app = "nextcloud";
          component = "database";
        };
        ports.postgres = {
          port = 5432;
          targetPort = "postgres";
        };
      };
    };
  };
  lab = {
--- a/kubenix-modules/volumes.nix
+++ b/kubenix-modules/volumes.nix
@ -1,16 +1,4 @@
 {
  # kubernetes.resources.pods.testje.spec = {
  #   containers.testje = {
  #     image = "nginx";
  #     volumeMounts = [{
  #       name = "stuff";
  #       mountPath = "/stuff";
  #     }];
  #   };
  #   volumes.stuff.persistentVolumeClaim.claimName = "paperless-db";
  # };
  lab = {
    longhornVolumes = {
      hedgedoc-uploads.storage = "50Mi";
@ -19,6 +7,7 @@
      radicale.storage = "200Mi";
      minecraft.storage = "1Gi";
      nextcloud.storage = "50Gi";
      nextcloud-db.storage = "400Mi";
      pihole-data.storage = "750Mi";
      pihole-dnsmasq.storage = "16Mi";
      forgejo.storage = "20Gi";
--- a/nixos-modules/backups.nix
+++ b/nixos-modules/backups.nix
@ -35,15 +35,7 @@ let
      encryption_passcommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets."borg_passphrase".path}";
      before_everything = [ "${beforeEverything}/bin/beforeEverything" ];
-      postgresql_databases = [
+      postgresql_databases = [ ];
        {
          name = "nextcloud";
          hostname = "lewis.dmz";
          username = "nextcloud";
          password = "\${NEXTCLOUD_DATABASE_PASSWORD}";
          format = "tar";
        }
      ];
    };
  };
 in
--- a/nixos-modules/data-sharing.nix
+++ b/nixos-modules/data-sharing.nix
@ -1,4 +1,4 @@
-{ pkgs, lib, config, ... }:
+{ lib, config, ... }:
 let
  cfg = config.lab.data-sharing;
@ -36,14 +36,6 @@ in
        Root directory of NFS data.
      '';
    };
    postgresDir = lib.mkOption {
      default = "/mnt/data/postgresql/${config.services.postgresql.package.psqlSchema}";
      type = lib.types.str;
      description = ''
        Postgresql data directory.
      '';
    };
  };
  config = lib.mkIf cfg.enable {
@ -54,23 +46,9 @@ in
      20048 # NFS
    ];
-    services = {
+    services.nfs.server = {
      nfs.server = {
      enable = true;
      exports = nfsExports;
    };
      postgresql = {
        enable = true;
        package = pkgs.postgresql_15;
        enableTCPIP = true;
        dataDir = cfg.postgresDir;
        authentication = ''
          host	nextcloud	nextcloud	all	      md5
        '';
      };
    };
  };
 }