feat(nextcloud): Move to separate k8s namespace
This commit is contained in:
parent
0d2b2b90f7
commit
2fbc150912
6 changed files with 90 additions and 89 deletions
|
@ -58,6 +58,7 @@ Currently, the applications being deployed like this are:
|
|||
- `kms`
|
||||
- `atuin`
|
||||
- `blog`
|
||||
- `nextcloud`
|
||||
|
||||
## Known bugs
|
||||
|
||||
|
|
|
@ -76,4 +76,6 @@
|
|||
"${self}/kubenix-modules/atuin.nix" "atuin" "atuin";
|
||||
kubenix.blog = mkDeployScriptAndManifest
|
||||
"${self}/kubenix-modules/blog.nix" "blog" "static-websites";
|
||||
kubenix.nextcloud = mkDeployScriptAndManifest
|
||||
"${self}/kubenix-modules/nextcloud.nix" "nextcloud" "nextcloud";
|
||||
})
|
||||
|
|
|
@ -2,7 +2,6 @@ let
|
|||
applications = [
|
||||
./inbucket.nix
|
||||
./syncthing.nix
|
||||
./nextcloud.nix
|
||||
./pihole.nix
|
||||
./hedgedoc.nix
|
||||
./paperless.nix
|
||||
|
|
|
@ -66,6 +66,7 @@
|
|||
radicale = { };
|
||||
kms = { };
|
||||
atuin = { };
|
||||
nextcloud = { };
|
||||
};
|
||||
|
||||
nodes =
|
||||
|
|
|
@ -1,33 +1,12 @@
|
|||
{
|
||||
kubernetes.resources = {
|
||||
configMaps = {
|
||||
nextcloud.data = {
|
||||
POSTGRES_USER = "nextcloud";
|
||||
POSTGRES_DB = "nextcloud";
|
||||
POSTGRES_HOST = "lewis.dmz";
|
||||
};
|
||||
|
||||
nextcloud-db-env.data = {
|
||||
POSTGRES_DB = "nextcloud";
|
||||
POSTGRES_USER = "nextcloud";
|
||||
POSTGRES_PASSWORD = "ref+sops://secrets/kubernetes.yaml#/nextcloud/databasePassword";
|
||||
PGDATA = "/pgdata/data";
|
||||
};
|
||||
};
|
||||
|
||||
secrets.nextcloud.stringData.databasePassword = "ref+sops://secrets/kubernetes.yaml#/nextcloud/databasePassword";
|
||||
secrets.database.stringData.databasePassword = "ref+sops://secrets/kubernetes.yaml#/nextcloud/databasePassword";
|
||||
|
||||
deployments = {
|
||||
nextcloud = {
|
||||
metadata.labels = {
|
||||
app = "nextcloud";
|
||||
component = "website";
|
||||
};
|
||||
|
||||
spec = {
|
||||
server.spec = {
|
||||
selector.matchLabels = {
|
||||
app = "nextcloud";
|
||||
component = "website";
|
||||
component = "server";
|
||||
};
|
||||
|
||||
strategy = {
|
||||
|
@ -42,21 +21,26 @@
|
|||
template = {
|
||||
metadata.labels = {
|
||||
app = "nextcloud";
|
||||
component = "website";
|
||||
component = "server";
|
||||
};
|
||||
|
||||
spec = {
|
||||
volumes.data.persistentVolumeClaim.claimName = "nextcloud";
|
||||
volumes.data.persistentVolumeClaim.claimName = "data";
|
||||
|
||||
containers.nextcloud = {
|
||||
image = "nextcloud:28";
|
||||
envFrom = [{ configMapRef.name = "nextcloud"; }];
|
||||
ports.web.containerPort = 80;
|
||||
|
||||
env.POSTGRES_PASSWORD.valueFrom.secretKeyRef = {
|
||||
name = "nextcloud";
|
||||
env = {
|
||||
POSTGRES_USER.value = "nextcloud";
|
||||
POSTGRES_DB.value = "nextcloud";
|
||||
POSTGRES_HOST.value = "lewis.dmz";
|
||||
|
||||
POSTGRES_PASSWORD.valueFrom.secretKeyRef = {
|
||||
name = "database";
|
||||
key = "databasePassword";
|
||||
};
|
||||
};
|
||||
|
||||
volumeMounts = [{
|
||||
name = "data";
|
||||
|
@ -80,15 +64,8 @@
|
|||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
nextcloud-db = {
|
||||
metadata.labels = {
|
||||
app = "nextcloud";
|
||||
component = "database";
|
||||
};
|
||||
|
||||
spec = {
|
||||
database.spec = {
|
||||
selector.matchLabels = {
|
||||
app = "nextcloud";
|
||||
component = "database";
|
||||
|
@ -105,26 +82,35 @@
|
|||
image = "postgres:15";
|
||||
imagePullPolicy = "IfNotPresent";
|
||||
ports.postgres.containerPort = 5432;
|
||||
envFrom = [{ configMapRef.name = "nextcloud-db-env"; }];
|
||||
|
||||
env = {
|
||||
POSTGRES_DB.value = "nextcloud";
|
||||
POSTGRES_USER.value = "nextcloud";
|
||||
PGDATA.value = "/pgdata/data";
|
||||
|
||||
POSTGRES_PASSWORD.valueFrom.secretKeyRef = {
|
||||
name = "database";
|
||||
key = "databasePassword";
|
||||
};
|
||||
};
|
||||
|
||||
volumeMounts = [{
|
||||
name = "data";
|
||||
name = "database";
|
||||
mountPath = "/pgdata";
|
||||
}];
|
||||
};
|
||||
|
||||
volumes.data.persistentVolumeClaim.claimName = "nextcloud-db";
|
||||
};
|
||||
volumes.database.persistentVolumeClaim.claimName = "database";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
services = {
|
||||
nextcloud.spec = {
|
||||
server.spec = {
|
||||
selector = {
|
||||
app = "nextcloud";
|
||||
component = "website";
|
||||
component = "server";
|
||||
};
|
||||
|
||||
ports.web = {
|
||||
|
@ -133,7 +119,7 @@
|
|||
};
|
||||
};
|
||||
|
||||
nextcloud-db.spec = {
|
||||
database.spec = {
|
||||
selector = {
|
||||
app = "nextcloud";
|
||||
component = "database";
|
||||
|
@ -148,13 +134,25 @@
|
|||
};
|
||||
|
||||
lab = {
|
||||
ingresses.nextcloud = {
|
||||
ingresses.web = {
|
||||
host = "cloud.kun.is";
|
||||
|
||||
service = {
|
||||
name = "nextcloud";
|
||||
name = "server";
|
||||
portName = "web";
|
||||
};
|
||||
};
|
||||
|
||||
longhorn.persistentVolumeClaim = {
|
||||
data = {
|
||||
volumeName = "nextcloud";
|
||||
storage = "50Gi";
|
||||
};
|
||||
|
||||
database = {
|
||||
volumeName = "nextcloud-db";
|
||||
storage = "400Mi";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -17,8 +17,6 @@
|
|||
hedgedoc-uploads.storage = "50Mi";
|
||||
hedgedoc-db.storage = "100Mi";
|
||||
minecraft.storage = "1Gi";
|
||||
nextcloud.storage = "50Gi";
|
||||
nextcloud-db.storage = "400Mi";
|
||||
pihole-data.storage = "750Mi";
|
||||
pihole-dnsmasq.storage = "16Mi";
|
||||
forgejo.storage = "20Gi";
|
||||
|
@ -45,6 +43,8 @@
|
|||
radicale.storage = "200Mi";
|
||||
atuin.storage = "300Mi";
|
||||
atuin-db.storage = "300Mi";
|
||||
nextcloud.storage = "50Gi";
|
||||
nextcloud-db.storage = "400Mi";
|
||||
};
|
||||
|
||||
nfsVolumes = {
|
||||
|
|
Loading…
Reference in a new issue