From 31b95c9a4949af4bedccf354a5e71fbfdfcc5b11 Mon Sep 17 00:00:00 2001
From: Pim Kunis <pim@kunis.nl>
Date: Fri, 29 Mar 2024 14:26:05 +0100
Subject: [PATCH] migrate kitchenowl to kubernetes

---
 docker_swarm/playbooks/stacks.yml             |  1 -
 .../roles/traefik/docker-stack.yml.j2         |  6 ++
 nix/flake/kubenix/default.nix                 |  1 +
 nix/flake/kubenix/kitchenowl.nix              | 94 +++++++++++++++++++
 nix/flake/kubenix/paperless-ngx.nix           |  4 -
 5 files changed, 101 insertions(+), 5 deletions(-)
 create mode 100644 nix/flake/kubenix/kitchenowl.nix

diff --git a/docker_swarm/playbooks/stacks.yml b/docker_swarm/playbooks/stacks.yml
index ec6a498..3b2fd9e 100644
--- a/docker_swarm/playbooks/stacks.yml
+++ b/docker_swarm/playbooks/stacks.yml
@@ -5,5 +5,4 @@
     - {role: traefik, tags: traefik}
     - {role: forgejo, tags: forgejo}
     - {role: swarm_dashboard, tags: swarm_dashboard}
-    - {role: kitchenowl, tags: kitchenowl}
     - {role: media, tags: media}
diff --git a/docker_swarm/roles/traefik/docker-stack.yml.j2 b/docker_swarm/roles/traefik/docker-stack.yml.j2
index 3441eb1..679b8d4 100644
--- a/docker_swarm/roles/traefik/docker-stack.yml.j2
+++ b/docker_swarm/roles/traefik/docker-stack.yml.j2
@@ -108,6 +108,12 @@ services:
         - traefik.http.routers.paperless-ngx.rule=Host(`paperless.kun.is`)
         - traefik.http.routers.paperless-ngx.tls=true
         - traefik.http.routers.paperless-ngx.tls.certresolver=letsencrypt
+
+        - traefik.http.routers.kitchenowl.entrypoints=websecure
+        - traefik.http.routers.kitchenowl.service=k3s@file
+        - traefik.http.routers.kitchenowl.rule=Host(`boodschappen.kun.is`)
+        - traefik.http.routers.kitchenowl.tls=true
+        - traefik.http.routers.kitchenowl.tls.certresolver=letsencrypt
     volumes:
       - type: bind
         source: /var/run/docker.sock
diff --git a/nix/flake/kubenix/default.nix b/nix/flake/kubenix/default.nix
index 182a659..54c9a1a 100644
--- a/nix/flake/kubenix/default.nix
+++ b/nix/flake/kubenix/default.nix
@@ -17,6 +17,7 @@
           ./pihole.nix
           # ./hedgedoc.nix
           ./paperless-ngx.nix
+          ./kitchenowl.nix
         ];
         kubernetes.kubeconfig = "~/.kube/config";
         kubenix.project = "home";
diff --git a/nix/flake/kubenix/kitchenowl.nix b/nix/flake/kubenix/kitchenowl.nix
new file mode 100644
index 0000000..5fd823f
--- /dev/null
+++ b/nix/flake/kubenix/kitchenowl.nix
@@ -0,0 +1,94 @@
+{
+  kubernetes.resources = {
+    configMaps.kitchenowl.data = {
+      BACK_URL = "localhost:5000";
+    };
+
+    secrets.kitchenowl.stringData.jwtSecretKey = "ref+file:///home/pim/.config/home/vals.yaml#/kitchenowl/jwtSecretKey";
+
+    deployments.kitchenowl = {
+      metadata.labels.app = "kitchenowl";
+
+      spec = {
+        selector.matchLabels.app = "kitchenowl";
+
+        template = {
+          metadata.labels.app = "kitchenowl";
+
+          spec = {
+            containers = {
+              kitchenowl-frontend = {
+                image = "tombursch/kitchenowl-web:v0.4.20";
+                envFrom = [{ configMapRef.name = "kitchenowl"; }];
+
+                ports = [{
+                  containerPort = 80;
+                  protocol = "TCP";
+                }];
+              };
+
+              kitchenowl-backend = {
+                image = "tombursch/kitchenowl:v92";
+
+                volumeMounts = [{
+                  name = "data";
+                  mountPath = "/data";
+                }];
+              };
+            };
+
+            volumes = [{
+              name = "data";
+              persistentVolumeClaim.claimName = "kitchenowl";
+            }];
+          };
+        };
+      };
+    };
+
+    persistentVolumes.kitchenowl.spec = {
+      capacity.storage = "1Mi";
+      accessModes = [ "ReadWriteMany" ];
+
+      nfs = {
+        server = "lewis.hyp";
+        path = "/mnt/data/nfs/kitchenowl/data";
+      };
+    };
+
+    persistentVolumeClaims.kitchenowl.spec = {
+      accessModes = [ "ReadWriteMany" ];
+      storageClassName = "";
+      resources.requests.storage = "1Mi";
+      volumeName = "kitchenowl";
+    };
+
+    services.kitchenowl.spec = {
+      selector.app = "kitchenowl";
+
+      ports = [{
+        protocol = "TCP";
+        port = 80;
+        targetPort = 80;
+      }];
+    };
+
+    ingresses.kitchenowl.spec = {
+      ingressClassName = "traefik";
+
+      rules = [{
+        host = "boodschappen.kun.is";
+
+        http.paths = [{
+          path = "/";
+          pathType = "Prefix";
+
+          backend.service = {
+            name = "kitchenowl";
+            port.number = 80;
+          };
+        }];
+      }];
+    };
+  };
+}
diff --git a/nix/flake/kubenix/paperless-ngx.nix b/nix/flake/kubenix/paperless-ngx.nix
index f6dc6e3..a92eab4 100644
--- a/nix/flake/kubenix/paperless-ngx.nix
+++ b/nix/flake/kubenix/paperless-ngx.nix
@@ -6,16 +6,12 @@
       PAPERLESS_DBHOST = "lewis.dmz";
       PAPERLESS_DBNAME = "paperless";
       PAPERLESS_DBUSER = "paperless";
-      # PAPERLESS_DBPASS = "{{ paperless_db_password }}";
-      # PAPERLESS_CONSUMPTION_DIR = "/nextcloud/data/pim/files/paperless-ngx/consumption/";
       PAPERLESS_DATA_DIR = "/data/";
       PAPERLESS_MEDIA_ROOT = "/data/";
-      # PAPERLESS_CONSUMER_POLLING = "10";
       PAPERLESS_OCR_LANGUAGES = "nld eng";
       PAPERLESS_URL = "https://paperless.kun.is";
       PAPERLESS_TIME_ZONE = "Europe/Amsterdam";
       PAPERLESS_OCR_LANGUAGE = "nld";
-      # PAPERLESS_SECRET_KEY = "{{ paperless_secret_key }}";
       USERMAP_UID = "33";
       USERMAP_GID = "33";
     };