Migrate nextcloud database to kubernetes

Disable postgresql database on lewis
This commit is contained in:
Pim Kunis 2024-05-25 18:05:44 +02:00
parent c56a17fc4f
commit 266d7d905c
4 changed files with 127 additions and 93 deletions

View file

@ -1,73 +1,148 @@
{
kubernetes.resources = {
configMaps.nextcloud.data = {
POSTGRES_USER = "nextcloud";
POSTGRES_DB = "nextcloud";
POSTGRES_HOST = "lewis.dmz";
configMaps = {
nextcloud.data = {
POSTGRES_USER = "nextcloud";
POSTGRES_DB = "nextcloud";
POSTGRES_HOST = "lewis.dmz";
};
nextcloud-db-env.data = {
POSTGRES_DB = "nextcloud";
POSTGRES_USER = "nextcloud";
POSTGRES_PASSWORD = "ref+sops://secrets/sops.yaml#/nextcloud/databasePassword";
PGDATA = "/pgdata/data";
};
};
secrets.nextcloud.stringData.databasePassword = "ref+sops://secrets/sops.yaml#/nextcloud/databasePassword";
deployments.nextcloud = {
metadata.labels.app = "nextcloud";
spec = {
selector.matchLabels.app = "nextcloud";
strategy = {
type = "RollingUpdate";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
deployments = {
nextcloud = {
metadata.labels = {
app = "nextcloud";
component = "website";
};
template = {
metadata.labels.app = "nextcloud";
spec = {
selector.matchLabels = {
app = "nextcloud";
component = "website";
};
spec = {
volumes.data.persistentVolumeClaim.claimName = "nextcloud";
strategy = {
type = "RollingUpdate";
containers.nextcloud = {
image = "nextcloud:28";
envFrom = [{ configMapRef.name = "nextcloud"; }];
ports.web.containerPort = 80;
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
env.POSTGRES_PASSWORD.valueFrom.secretKeyRef = {
name = "nextcloud";
key = "databasePassword";
template = {
metadata.labels = {
app = "nextcloud";
component = "website";
};
spec = {
volumes.data.persistentVolumeClaim.claimName = "nextcloud";
containers.nextcloud = {
image = "nextcloud:28";
envFrom = [{ configMapRef.name = "nextcloud"; }];
ports.web.containerPort = 80;
env.POSTGRES_PASSWORD.valueFrom.secretKeyRef = {
name = "nextcloud";
key = "databasePassword";
};
volumeMounts = [{
name = "data";
mountPath = "/var/www/html";
}];
};
volumeMounts = [{
name = "data";
mountPath = "/var/www/html";
securityContext = {
fsGroup = 33;
fsGroupChangePolicy = "OnRootMismatch";
};
affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution = [{
weight = 1;
preference.matchExpressions = [{
key = "storageType";
operator = "In";
values = [ "fast" ];
}];
}];
};
};
};
};
securityContext = {
fsGroup = 33;
fsGroupChangePolicy = "OnRootMismatch";
nextcloud-db = {
metadata.labels = {
app = "nextcloud";
component = "database";
};
spec = {
selector.matchLabels = {
app = "nextcloud";
component = "database";
};
template = {
metadata.labels = {
app = "nextcloud";
component = "database";
};
affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution = [{
weight = 1;
preference.matchExpressions = [{
key = "storageType";
operator = "In";
values = [ "fast" ];
}];
}];
spec = {
containers.postgres = {
image = "postgres:15";
imagePullPolicy = "IfNotPresent";
ports.postgres.containerPort = 5432;
envFrom = [{ configMapRef.name = "nextcloud-db-env"; }];
volumeMounts = [{
name = "data";
mountPath = "/pgdata";
}];
};
volumes.data.persistentVolumeClaim.claimName = "nextcloud-db";
};
};
};
};
};
services.nextcloud.spec = {
selector.app = "nextcloud";
services = {
nextcloud.spec = {
selector = {
app = "nextcloud";
component = "website";
};
ports.web = {
port = 80;
targetPort = "web";
ports.web = {
port = 80;
targetPort = "web";
};
};
nextcloud-db.spec = {
selector = {
app = "nextcloud";
component = "database";
};
ports.postgres = {
port = 5432;
targetPort = "postgres";
};
};
};
};

View file

@ -1,16 +1,4 @@
{
# kubernetes.resources.pods.testje.spec = {
# containers.testje = {
# image = "nginx";
# volumeMounts = [{
# name = "stuff";
# mountPath = "/stuff";
# }];
# };
# volumes.stuff.persistentVolumeClaim.claimName = "paperless-db";
# };
lab = {
longhornVolumes = {
hedgedoc-uploads.storage = "50Mi";
@ -19,6 +7,7 @@
radicale.storage = "200Mi";
minecraft.storage = "1Gi";
nextcloud.storage = "50Gi";
nextcloud-db.storage = "400Mi";
pihole-data.storage = "750Mi";
pihole-dnsmasq.storage = "16Mi";
forgejo.storage = "20Gi";

View file

@ -35,15 +35,7 @@ let
encryption_passcommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets."borg_passphrase".path}";
before_everything = [ "${beforeEverything}/bin/beforeEverything" ];
postgresql_databases = [
{
name = "nextcloud";
hostname = "lewis.dmz";
username = "nextcloud";
password = "\${NEXTCLOUD_DATABASE_PASSWORD}";
format = "tar";
}
];
postgresql_databases = [ ];
};
};
in

View file

@ -1,4 +1,4 @@
{ pkgs, lib, config, ... }:
{ lib, config, ... }:
let
cfg = config.lab.data-sharing;
@ -36,14 +36,6 @@ in
Root directory of NFS data.
'';
};
postgresDir = lib.mkOption {
default = "/mnt/data/postgresql/${config.services.postgresql.package.psqlSchema}";
type = lib.types.str;
description = ''
Postgresql data directory.
'';
};
};
config = lib.mkIf cfg.enable {
@ -54,23 +46,9 @@ in
20048 # NFS
];
services = {
nfs.server = {
enable = true;
exports = nfsExports;
};
postgresql = {
enable = true;
package = pkgs.postgresql_15;
enableTCPIP = true;
dataDir = cfg.postgresDir;
authentication = ''
host nextcloud nextcloud all md5
'';
};
services.nfs.server = {
enable = true;
exports = nfsExports;
};
};
}