From 3223347964cc27b473a1f55fe690dbaa98cacc66 Mon Sep 17 00:00:00 2001 From: Pim Kunis Date: Sun, 14 Jul 2024 13:48:17 +0200 Subject: [PATCH] feat(radicale): Move to separate k8s namespace fix(freshrss): Use correct service name --- flake-parts/kubenix.nix | 2 + kubenix-modules/all.nix | 3 -- kubenix-modules/base.nix | 1 + kubenix-modules/freshrss.nix | 2 +- kubenix-modules/radicale.nix | 95 ++++++++++++++++++------------------ kubenix-modules/volumes.nix | 2 +- 6 files changed, 53 insertions(+), 52 deletions(-) diff --git a/flake-parts/kubenix.nix b/flake-parts/kubenix.nix index bbd2ace..cfecd91 100644 --- a/flake-parts/kubenix.nix +++ b/flake-parts/kubenix.nix @@ -68,4 +68,6 @@ "${self}/kubenix-modules/cyberchef.nix" "cyberchef" "cyberchef"; kubenix.freshrss = mkDeployScriptAndManifest "${self}/kubenix-modules/freshrss.nix" "freshrss" "freshrss"; + kubenix.radicale = mkDeployScriptAndManifest + "${self}/kubenix-modules/radicale.nix" "radicale" "radicale"; }) diff --git a/kubenix-modules/all.nix b/kubenix-modules/all.nix index ddf15ed..0b4ad20 100644 --- a/kubenix-modules/all.nix +++ b/kubenix-modules/all.nix @@ -1,10 +1,7 @@ let applications = [ - # ./freshrss.nix - # ./cyberchef.nix ./kms.nix ./inbucket.nix - ./radicale.nix ./syncthing.nix ./nextcloud.nix ./pihole.nix diff --git a/kubenix-modules/base.nix b/kubenix-modules/base.nix index 4ba88ef..e6595b2 100644 --- a/kubenix-modules/base.nix +++ b/kubenix-modules/base.nix @@ -63,6 +63,7 @@ namespaces = { cyberchef = { }; freshrss = { }; + radicale = { }; }; nodes = diff --git a/kubenix-modules/freshrss.nix b/kubenix-modules/freshrss.nix index c186cf5..0da1ce0 100644 --- a/kubenix-modules/freshrss.nix +++ b/kubenix-modules/freshrss.nix @@ -71,7 +71,7 @@ host = "rss.kun.is"; service = { - name = "web"; + name = "server"; portName = "web"; }; }; diff --git a/kubenix-modules/radicale.nix b/kubenix-modules/radicale.nix index 171714a..ab2301d 100644 --- a/kubenix-modules/radicale.nix +++ b/kubenix-modules/radicale.nix @@ -1,6 +1,6 @@ { lib, ... }: { kubernetes.resources = { - configMaps.radicale.data = { + configMaps.server.data = { users = "pim:$apr1$GUiTihkS$dDCkaUxFx/O86m6NCy/yQ."; config = lib.generators.toINI { } { @@ -33,63 +33,59 @@ }; }; - deployments.radicale = { - metadata.labels.app = "radicale"; + deployments.server.spec = { + selector.matchLabels.app = "radicale"; - spec = { - selector.matchLabels.app = "radicale"; + strategy = { + type = "RollingUpdate"; - strategy = { - type = "RollingUpdate"; - - rollingUpdate = { - maxSurge = 0; - maxUnavailable = 1; - }; + rollingUpdate = { + maxSurge = 0; + maxUnavailable = 1; }; + }; - template = { - metadata.labels.app = "radicale"; + template = { + metadata.labels.app = "radicale"; - spec = { - containers.radicale = { - image = "tomsquest/docker-radicale:3.2.2.0"; - ports.web.containerPort = 5232; - imagePullPolicy = "Always"; + spec = { + containers.radicale = { + image = "tomsquest/docker-radicale:3.2.2.0"; + ports.web.containerPort = 5232; + imagePullPolicy = "Always"; - volumeMounts = [ - { - name = "data"; - mountPath = "/data"; - } - { - name = "config"; - mountPath = "/config/config"; - subPath = "config"; - } - { - name = "config"; - mountPath = "/config/users"; - subPath = "users"; - } - ]; - }; + volumeMounts = [ + { + name = "data"; + mountPath = "/data"; + } + { + name = "config"; + mountPath = "/config/config"; + subPath = "config"; + } + { + name = "config"; + mountPath = "/config/users"; + subPath = "users"; + } + ]; + }; - volumes = { - data.persistentVolumeClaim.claimName = "radicale"; - config.configMap.name = "radicale"; - }; + volumes = { + data.persistentVolumeClaim.claimName = "data"; + config.configMap.name = "server"; + }; - securityContext = { - fsGroup = 2999; - fsGroupChangePolicy = "OnRootMismatch"; - }; + securityContext = { + fsGroup = 2999; + fsGroupChangePolicy = "OnRootMismatch"; }; }; }; }; - services.radicale.spec = { + services.server.spec = { selector.app = "radicale"; ports.web = { @@ -100,13 +96,18 @@ }; lab = { - ingresses.radicale = { + ingresses.web = { host = "dav.kun.is"; service = { - name = "radicale"; + name = "server"; portName = "web"; }; }; + + longhorn.persistentVolumeClaim.data = { + volumeName = "radicale"; + storage = "200Mi"; + }; }; } diff --git a/kubenix-modules/volumes.nix b/kubenix-modules/volumes.nix index f279db7..7ff68f0 100644 --- a/kubenix-modules/volumes.nix +++ b/kubenix-modules/volumes.nix @@ -16,7 +16,6 @@ longhornVolumes = { hedgedoc-uploads.storage = "50Mi"; hedgedoc-db.storage = "100Mi"; - radicale.storage = "200Mi"; minecraft.storage = "1Gi"; nextcloud.storage = "50Gi"; nextcloud-db.storage = "400Mi"; @@ -45,6 +44,7 @@ longhorn.persistentVolume = { freshrss.storage = "1Gi"; + radicale.storage = "200Mi"; }; nfsVolumes = {