From 4b01eeadbba2efbf29f7ca344a637c177df40905 Mon Sep 17 00:00:00 2001 From: Pim Kunis Date: Sun, 14 Apr 2024 21:43:31 +0200 Subject: [PATCH] make use of named k8s ports --- kubenix-modules/bind9/default.nix | 10 +-- kubenix-modules/cyberchef.nix | 21 ++---- kubenix-modules/dnsmasq.nix | 10 +-- kubenix-modules/esrom.nix | 7 +- kubenix-modules/forgejo.nix | 29 +++----- kubenix-modules/freshrss.nix | 15 ++-- kubenix-modules/hedgedoc.nix | 15 ++-- kubenix-modules/inbucket.nix | 26 +++---- kubenix-modules/kitchenowl.nix | 28 +++---- kubenix-modules/kms.nix | 12 +-- kubenix-modules/media.nix | 120 ++++++++++-------------------- kubenix-modules/minecraft.nix | 13 +--- kubenix-modules/nextcloud.nix | 15 ++-- kubenix-modules/paperless-ngx.nix | 28 +++---- kubenix-modules/pihole.nix | 29 ++++---- kubenix-modules/radicale.nix | 15 ++-- kubenix-modules/syncthing.nix | 15 ++-- 17 files changed, 146 insertions(+), 262 deletions(-) diff --git a/kubenix-modules/bind9/default.nix b/kubenix-modules/bind9/default.nix index be2945a..25a9925 100644 --- a/kubenix-modules/bind9/default.nix +++ b/kubenix-modules/bind9/default.nix @@ -55,10 +55,10 @@ in image = "ubuntu/bind9:9.18-22.04_beta"; envFrom = [{ configMapRef.name = "bind9-env"; }]; - ports = [{ + ports.dns = { containerPort = 53; protocol = "UDP"; - }]; + }; volumeMounts = [ { @@ -88,11 +88,11 @@ in loadBalancerIP = myLib.globals.bind9IPv4; selector.app = "bind9"; - ports = [{ + ports.dns = { port = 53; - targetPort = 53; + targetPort = "dns"; protocol = "UDP"; - }]; + }; }; }; } diff --git a/kubenix-modules/cyberchef.nix b/kubenix-modules/cyberchef.nix index 86898db..fac46a0 100644 --- a/kubenix-modules/cyberchef.nix +++ b/kubenix-modules/cyberchef.nix @@ -7,15 +7,9 @@ template = { metadata.labels.app = "cyberchef"; - spec = { - containers.cyberchef = { - image = "mpepping/cyberchef"; - - ports = [{ - containerPort = 8000; - protocol = "TCP"; - }]; - }; + spec.containers.cyberchef = { + image = "mpepping/cyberchef"; + ports.web.containerPort = 8000; }; }; }; @@ -23,11 +17,10 @@ services.cyberchef.spec = { selector.app = "cyberchef"; - ports = [{ - protocol = "TCP"; + ports.web = { port = 80; - targetPort = 8000; - }]; + targetPort = "web"; + }; }; ingresses.cyberchef = { @@ -45,7 +38,7 @@ backend.service = { name = "cyberchef"; - port.number = 80; + port.name = "web"; }; }]; }]; diff --git a/kubenix-modules/dnsmasq.nix b/kubenix-modules/dnsmasq.nix index 8cabdde..27b761b 100644 --- a/kubenix-modules/dnsmasq.nix +++ b/kubenix-modules/dnsmasq.nix @@ -29,10 +29,10 @@ containers.dnsmasq = { image = "dockurr/dnsmasq:2.90"; - ports = [{ + ports.dns = { containerPort = 53; protocol = "UDP"; - }]; + }; volumeMounts = [{ name = "config"; @@ -52,11 +52,11 @@ loadBalancerIP = myLib.globals.dnsmasqIPv4; selector.app = "dnsmasq"; - ports = [{ + ports.dns = { port = 53; - targetPort = 53; + targetPort = "dns"; protocol = "UDP"; - }]; + }; }; }; } diff --git a/kubenix-modules/esrom.nix b/kubenix-modules/esrom.nix index 79cf4e3..1265098 100644 --- a/kubenix-modules/esrom.nix +++ b/kubenix-modules/esrom.nix @@ -3,10 +3,11 @@ services.esrom.spec = { type = "ExternalName"; externalName = "esrom.dmz"; - ports = [{ + + ports.web = { port = 80; targetPort = 80; - }]; + }; }; ingresses.esrom = { @@ -24,7 +25,7 @@ backend.service = { name = "esrom"; - port.number = 80; + port.name = "web"; }; }]; }]; diff --git a/kubenix-modules/forgejo.nix b/kubenix-modules/forgejo.nix index 76eda8e..49a77e4 100644 --- a/kubenix-modules/forgejo.nix +++ b/kubenix-modules/forgejo.nix @@ -131,16 +131,10 @@ image = "codeberg.org/forgejo/forgejo:1.20"; envFrom = [{ configMapRef.name = "forgejo-env"; }]; - ports = [ - { - containerPort = 3000; - protocol = "TCP"; - } - { - containerPort = 22; - protocol = "TCP"; - } - ]; + ports = { + web.containerPort = 3000; + ssh.containerPort = 22; + }; volumeMounts = [ { @@ -185,11 +179,10 @@ forgejo-web.spec = { selector.app = "forgejo"; - ports = [{ - protocol = "TCP"; + ports.web = { port = 80; - targetPort = 3000; - }]; + targetPort = "web"; + }; }; forgejo-ssh.spec = { @@ -197,10 +190,10 @@ loadBalancerIP = myLib.globals.gitIPv4; selector.app = "forgejo"; - ports = [{ + ports.ssh = { port = 56287; - targetPort = 22; - }]; + targetPort = "ssh"; + }; }; }; @@ -219,7 +212,7 @@ backend.service = { name = "forgejo-web"; - port.number = 80; + port.name = "web"; }; }]; }]; diff --git a/kubenix-modules/freshrss.nix b/kubenix-modules/freshrss.nix index ed574a6..c8a1358 100644 --- a/kubenix-modules/freshrss.nix +++ b/kubenix-modules/freshrss.nix @@ -24,11 +24,7 @@ containers.freshrss = { image = "freshrss/freshrss:edge"; envFrom = [{ configMapRef.name = "freshrss"; }]; - - ports = [{ - containerPort = 80; - protocol = "TCP"; - }]; + ports.web.containerPort = 80; env = { ADMIN_PASSWORD.valueFrom.secretKeyRef = { @@ -72,11 +68,10 @@ services.freshrss.spec = { selector.app = "freshrss"; - ports = [{ - protocol = "TCP"; + ports.web = { port = 80; - targetPort = 80; - }]; + targetPort = "web"; + }; }; ingresses.freshrss = { @@ -94,7 +89,7 @@ backend.service = { name = "freshrss"; - port.number = 80; + port.name = "web"; }; }]; }]; diff --git a/kubenix-modules/hedgedoc.nix b/kubenix-modules/hedgedoc.nix index 9ec49f2..23765a8 100644 --- a/kubenix-modules/hedgedoc.nix +++ b/kubenix-modules/hedgedoc.nix @@ -37,11 +37,7 @@ containers.hedgedoc = { image = "quay.io/hedgedoc/hedgedoc:1.9.7"; envFrom = [{ configMapRef.name = "hedgedoc-env"; }]; - - ports = [{ - containerPort = 3000; - protocol = "TCP"; - }]; + ports.web.containerPort = 3000; env = { CMD_DB_URL.valueFrom.secretKeyRef = { @@ -97,11 +93,10 @@ services.hedgedoc.spec = { selector.app = "hedgedoc"; - ports = [{ - protocol = "TCP"; + ports.web = { port = 80; - targetPort = 3000; - }]; + targetPort = "web"; + }; }; ingresses.hedgedoc = { @@ -119,7 +114,7 @@ backend.service = { name = "hedgedoc"; - port.number = 80; + port.name = "web"; }; }]; }]; diff --git a/kubenix-modules/inbucket.nix b/kubenix-modules/inbucket.nix index 22c24e4..db01542 100644 --- a/kubenix-modules/inbucket.nix +++ b/kubenix-modules/inbucket.nix @@ -13,17 +13,10 @@ containers.inbucket = { image = "inbucket/inbucket:edge"; - # TODO: investigate the use of named ports. - ports = [ - { - containerPort = 9000; - protocol = "TCP"; - } - { - containerPort = 2500; - protocol = "TCP"; - } - ]; + ports = { + web.containerPort = 9000; + smtp.containerPort = 2500; + }; }; }; }; @@ -34,11 +27,10 @@ inbucket-web.spec = { selector.app = "inbucket"; - ports = [{ - protocol = "TCP"; + ports.web = { port = 80; - targetPort = 9000; - }]; + targetPort = "web"; + }; }; inbucket-email.spec = { @@ -48,7 +40,7 @@ ports = [{ port = 25; - targetPort = 2500; + targetPort = "smtp"; }]; }; }; @@ -71,7 +63,7 @@ backend.service = { name = "inbucket-web"; - port.number = 80; + port.name = "web"; }; }]; }]; diff --git a/kubenix-modules/kitchenowl.nix b/kubenix-modules/kitchenowl.nix index 0657dde..5c9cf9b 100644 --- a/kubenix-modules/kitchenowl.nix +++ b/kubenix-modules/kitchenowl.nix @@ -30,11 +30,7 @@ spec.containers.kitchenowl-frontend = { image = "tombursch/kitchenowl-web:v0.4.20"; envFrom = [{ configMapRef.name = "kitchenowl"; }]; - - ports = [{ - containerPort = 80; - protocol = "TCP"; - }]; + ports.web.containerPort = 80; }; }; }; @@ -63,11 +59,7 @@ containers.kitchenowl-backend = { image = "tombursch/kitchenowl:v92"; - - ports = [{ - containerPort = 5000; - protocol = "TCP"; - }]; + ports.web.containerPort = 5000; volumeMounts = [{ name = "data"; @@ -104,11 +96,10 @@ component = "frontend"; }; - ports = [{ - protocol = "TCP"; + ports.web = { port = 80; - targetPort = 80; - }]; + targetPort = "web"; + }; }; kitchenowl-backend.spec = { @@ -117,11 +108,10 @@ component = "backend"; }; - ports = [{ - protocol = "TCP"; + ports.web = { port = 5000; - targetPort = 5000; - }]; + targetPort = "web"; + }; }; }; @@ -140,7 +130,7 @@ backend.service = { name = "kitchenowl-web"; - port.number = 80; + port.name = "web"; }; }]; }]; diff --git a/kubenix-modules/kms.nix b/kubenix-modules/kms.nix index c6b9301..48169c8 100644 --- a/kubenix-modules/kms.nix +++ b/kubenix-modules/kms.nix @@ -11,11 +11,7 @@ spec.containers.kms = { image = "teddysun/kms"; - - ports = [{ - containerPort = 1688; - protocol = "TCP"; - }]; + ports.kms.containerPort = 1688; }; }; }; @@ -26,10 +22,10 @@ loadBalancerIP = myLib.globals.kmsIPv4; selector.app = "kms"; - ports = [{ + ports.kms = { port = 1688; - targetPort = 1688; - }]; + targetPort = "kms"; + }; }; }; } diff --git a/kubenix-modules/media.nix b/kubenix-modules/media.nix index 7c7568f..62014f2 100644 --- a/kubenix-modules/media.nix +++ b/kubenix-modules/media.nix @@ -61,11 +61,7 @@ containers.jellyfin = { image = "jellyfin/jellyfin:10.8.13-1"; envFrom = [{ configMapRef.name = "jellyfin-env"; }]; - - ports = [{ - containerPort = 8096; - protocol = "TCP"; - }]; + ports.web.containerPort = 8096; volumeMounts = [ { @@ -111,16 +107,10 @@ image = "lscr.io/linuxserver/transmission:latest"; envFrom = [{ configMapRef.name = "transmission-env"; }]; - ports = [ - { - containerPort = 9091; - protocol = "TCP"; - } - { - containerPort = 31780; - protocol = "TCP"; - } - ]; + ports = { + web.containerPort = 9091; + bittorrent.containerPort = 31780; + }; volumeMounts = [ { @@ -167,11 +157,7 @@ containers.jellyseerr = { image = "fallenbagel/jellyseerr:1.7.0"; envFrom = [{ configMapRef.name = "jellyseerr-env"; }]; - - ports = [{ - containerPort = 5055; - protocol = "TCP"; - }]; + ports.web.containerPort = 5055; volumeMounts = [{ name = "config"; @@ -205,11 +191,7 @@ containers.radarr = { image = "lscr.io/linuxserver/radarr:latest"; envFrom = [{ configMapRef.name = "radarr-env"; }]; - - ports = [{ - containerPort = 7878; - protocol = "TCP"; - }]; + ports.web.containerPort = 7878; volumeMounts = [ { @@ -256,11 +238,7 @@ containers.prowlarr = { image = "lscr.io/linuxserver/prowlarr:latest"; envFrom = [{ configMapRef.name = "prowlarr-env"; }]; - - ports = [{ - containerPort = 9696; - protocol = "TCP"; - }]; + ports.web.containerPort = 9696; volumeMounts = [{ name = "config"; @@ -294,11 +272,7 @@ containers.sonarr = { image = "lscr.io/linuxserver/sonarr:latest"; envFrom = [{ configMapRef.name = "sonarr-env"; }]; - - ports = [{ - containerPort = 8989; - protocol = "TCP"; - }]; + ports.web.containerPort = 8989; volumeMounts = [ { @@ -343,11 +317,7 @@ containers.bazarr = { image = "lscr.io/linuxserver/bazarr:latest"; envFrom = [{ configMapRef.name = "bazarr-env"; }]; - - ports = [{ - containerPort = 6767; - protocol = "TCP"; - }]; + ports.web.containerPort = 6767; volumeMounts = [ { @@ -518,11 +488,10 @@ component = "jellyfin"; }; - ports = [{ - protocol = "TCP"; + ports.web = { port = 80; - targetPort = 8096; - }]; + targetPort = "web"; + }; }; transmission-web.spec = { @@ -531,11 +500,10 @@ component = "transmission"; }; - ports = [{ - protocol = "TCP"; + ports.web = { port = 80; - targetPort = 9091; - }]; + targetPort = "web"; + }; }; transmission-bittorrent.spec = { @@ -547,11 +515,10 @@ component = "transmission"; }; - ports = [{ - protocol = "TCP"; + ports.bittorrent = { port = 31780; - targetPort = 31780; - }]; + targetPort = "bittorrent"; + }; }; jellyseerr.spec = { @@ -560,11 +527,10 @@ component = "jellyseerr"; }; - ports = [{ - protocol = "TCP"; + ports.web = { port = 80; - targetPort = 5055; - }]; + targetPort = "web"; + }; }; radarr.spec = { @@ -573,11 +539,10 @@ component = "radarr"; }; - ports = [{ - protocol = "TCP"; + ports.web = { port = 80; - targetPort = 7878; - }]; + targetPort = "web"; + }; }; prowlarr.spec = { @@ -586,11 +551,10 @@ component = "prowlarr"; }; - ports = [{ - protocol = "TCP"; + ports.web = { port = 80; - targetPort = 9696; - }]; + targetPort = "web"; + }; }; sonarr.spec = { @@ -599,11 +563,10 @@ component = "sonarr"; }; - ports = [{ - protocol = "TCP"; + ports.web = { port = 80; - targetPort = 8989; - }]; + targetPort = "web"; + }; }; bazarr.spec = { @@ -612,11 +575,10 @@ component = "bazarr"; }; - ports = [{ - protocol = "TCP"; + ports.web = { port = 80; - targetPort = 6767; - }]; + targetPort = "web"; + }; }; }; @@ -636,7 +598,7 @@ backend.service = { name = "jellyfin"; - port.number = 80; + port.name = "web"; }; }]; }]; @@ -666,7 +628,7 @@ backend.service = { name = "transmission-web"; - port.number = 80; + port.name = "web"; }; }]; }]; @@ -696,7 +658,7 @@ backend.service = { name = "jellyseerr"; - port.number = 80; + port.name = "web"; }; }]; }]; @@ -726,7 +688,7 @@ backend.service = { name = "radarr"; - port.number = 80; + port.name = "web"; }; }]; }]; @@ -756,7 +718,7 @@ backend.service = { name = "prowlarr"; - port.number = 80; + port.name = "web"; }; }]; }]; @@ -786,7 +748,7 @@ backend.service = { name = "sonarr"; - port.number = 80; + port.name = "web"; }; }]; }]; @@ -815,7 +777,7 @@ backend.service = { name = "bazarr"; - port.number = 80; + port.name = "web"; }; }]; }]; diff --git a/kubenix-modules/minecraft.nix b/kubenix-modules/minecraft.nix index 073a346..eee0ee3 100644 --- a/kubenix-modules/minecraft.nix +++ b/kubenix-modules/minecraft.nix @@ -17,11 +17,7 @@ containers.minecraft = { image = "itzg/minecraft-server"; envFrom = [{ configMapRef.name = "minecraft-env"; }]; - - ports = [{ - containerPort = 25565; - protocol = "TCP"; - }]; + ports.minecraft.containerPort = 25565; volumeMounts = [{ name = "data"; @@ -55,11 +51,10 @@ loadBalancerIP = myLib.globals.minecraftIPv4; selector.app = "minecraft"; - ports = [{ + ports.minecraft = { port = 25565; - targetPort = 25565; - protocol = "TCP"; - }]; + targetPort = "minecraft"; + }; }; }; } diff --git a/kubenix-modules/nextcloud.nix b/kubenix-modules/nextcloud.nix index da12aeb..85a60e7 100644 --- a/kubenix-modules/nextcloud.nix +++ b/kubenix-modules/nextcloud.nix @@ -23,11 +23,7 @@ containers.nextcloud = { image = "nextcloud:27"; envFrom = [{ configMapRef.name = "nextcloud"; }]; - - ports = [{ - containerPort = 80; - protocol = "TCP"; - }]; + ports.web.containerPort = 80; env.POSTGRES_PASSWORD.valueFrom.secretKeyRef = { name = "nextcloud"; @@ -64,11 +60,10 @@ services.nextcloud.spec = { selector.app = "nextcloud"; - ports = [{ - protocol = "TCP"; + ports.web = { port = 80; - targetPort = 80; - }]; + targetPort = "web"; + }; }; ingresses.nextcloud = { @@ -86,7 +81,7 @@ backend.service = { name = "nextcloud"; - port.number = 80; + port.name = "web"; }; }]; }]; diff --git a/kubenix-modules/paperless-ngx.nix b/kubenix-modules/paperless-ngx.nix index 8b88c07..44236eb 100644 --- a/kubenix-modules/paperless-ngx.nix +++ b/kubenix-modules/paperless-ngx.nix @@ -46,11 +46,7 @@ containers.paperless-ngx = { image = "ghcr.io/paperless-ngx/paperless-ngx:2.3"; envFrom = [{ configMapRef.name = "paperless-ngx"; }]; - - ports = [{ - containerPort = 8000; - protocol = "TCP"; - }]; + ports.web.containerPort = 8000; env = { PAPERLESS_DBPASS.valueFrom.secretKeyRef = { @@ -96,11 +92,7 @@ containers.redis = { image = "docker.io/library/redis:7"; - - ports = [{ - containerPort = 6379; - protocol = "TCP"; - }]; + ports.redis.containerPort = 6379; volumeMounts = [{ name = "data"; @@ -158,11 +150,10 @@ component = "web"; }; - ports = [{ - protocol = "TCP"; + ports.web = { port = 80; - targetPort = 8000; - }]; + targetPort = "web"; + }; }; paperless-ngx-redis.spec = { @@ -171,11 +162,10 @@ component = "redis"; }; - ports = [{ - protocol = "TCP"; + ports.redis = { port = 6379; - targetPort = 6379; - }]; + targetPort = "redis"; + }; }; }; @@ -194,7 +184,7 @@ backend.service = { name = "paperless-ngx-web"; - port.number = 80; + port.name = "web"; }; }]; }]; diff --git a/kubenix-modules/pihole.nix b/kubenix-modules/pihole.nix index 61adfb6..2d213ef 100644 --- a/kubenix-modules/pihole.nix +++ b/kubenix-modules/pihole.nix @@ -21,16 +21,14 @@ image = "pihole/pihole:latest"; envFrom = [{ configMapRef.name = "pihole"; }]; - ports = [ - { - containerPort = 80; - protocol = "TCP"; - } - { + ports = { + web.containerPort = 80; + + dns = { containerPort = 53; protocol = "UDP"; - } - ]; + }; + }; env.WEBPASSWORD.valueFrom.secretKeyRef = { name = "pihole"; @@ -100,11 +98,10 @@ pihole-web.spec = { selector.app = "pihole"; - ports = [{ - protocol = "TCP"; + ports.web = { port = 80; - targetPort = 80; - }]; + targetPort = "web"; + }; }; pihole-dns.spec = { @@ -112,11 +109,11 @@ loadBalancerIP = myLib.globals.piholeIPv4; selector.app = "pihole"; - ports = [{ + ports.dns = { protocol = "UDP"; port = 53; - targetPort = 53; - }]; + targetPort = "dns"; + }; }; }; @@ -138,7 +135,7 @@ backend.service = { name = "pihole-web"; - port.number = 80; + port.name = "web"; }; }]; }]; diff --git a/kubenix-modules/radicale.nix b/kubenix-modules/radicale.nix index e7914db..5f660dd 100644 --- a/kubenix-modules/radicale.nix +++ b/kubenix-modules/radicale.nix @@ -44,11 +44,7 @@ spec = { containers.radicale = { image = "tomsquest/docker-radicale"; - - ports = [{ - containerPort = 5232; - protocol = "TCP"; - }]; + ports.web.containerPort = 5232; volumeMounts = [ { @@ -97,11 +93,10 @@ services.radicale.spec = { selector.app = "radicale"; - ports = [{ - protocol = "TCP"; + ports.web = { port = 80; - targetPort = 5232; - }]; + targetPort = "web"; + }; }; ingresses.radicale = { @@ -119,7 +114,7 @@ backend.service = { name = "radicale"; - port.number = 80; + port.name = "web"; }; }]; }]; diff --git a/kubenix-modules/syncthing.nix b/kubenix-modules/syncthing.nix index 231eed5..d682efd 100644 --- a/kubenix-modules/syncthing.nix +++ b/kubenix-modules/syncthing.nix @@ -19,11 +19,7 @@ containers.syncthing = { image = "lscr.io/linuxserver/syncthing:1.23.6"; envFrom = [{ configMapRef.name = "syncthing"; }]; - - ports = [{ - containerPort = 8384; - protocol = "TCP"; - }]; + ports.web.containerPort = 8384; volumeMounts = [ { @@ -66,11 +62,10 @@ services.syncthing.spec = { selector.app = "syncthing"; - ports = [{ - protocol = "TCP"; + ports.web = { port = 80; - targetPort = 8384; - }]; + targetPort = "web"; + }; }; ingresses.syncthing = { @@ -91,7 +86,7 @@ backend.service = { name = "syncthing"; - port.number = 80; + port.name = "web"; }; }]; }];