From 5a6b9f203ae9f35221cd4c1782d88d28b6255f2c Mon Sep 17 00:00:00 2001 From: Pim Kunis Date: Tue, 30 Jul 2024 21:28:35 +0200 Subject: [PATCH] refactor: Extract all image names --- kubenix-modules/attic.nix | 6 +- kubenix-modules/atuin.nix | 6 +- kubenix-modules/bind9/default.nix | 4 +- kubenix-modules/cyberchef.nix | 4 +- kubenix-modules/dnsmasq.nix | 2 +- kubenix-modules/forgejo/default.nix | 2 +- kubenix-modules/freshrss.nix | 2 +- kubenix-modules/hedgedoc.nix | 6 +- kubenix-modules/immich.nix | 8 +-- kubenix-modules/inbucket.nix | 2 +- kubenix-modules/kitchenowl.nix | 4 +- kubenix-modules/kms.nix | 2 +- kubenix-modules/media.nix | 14 ++--- kubenix-modules/minecraft.nix | 2 +- kubenix-modules/nextcloud.nix | 4 +- kubenix-modules/ntfy.nix | 4 +- kubenix-modules/paperless.nix | 6 +- kubenix-modules/pihole.nix | 2 +- kubenix-modules/radicale.nix | 2 +- kubenix-modules/syncthing.nix | 2 +- my-lib/globals.nix | 38 ++++++++++++ nixos-modules/globals.nix | 89 ----------------------------- 22 files changed, 80 insertions(+), 131 deletions(-) delete mode 100644 nixos-modules/globals.nix diff --git a/kubenix-modules/attic.nix b/kubenix-modules/attic.nix index b8fe530..c4e4cf9 100644 --- a/kubenix-modules/attic.nix +++ b/kubenix-modules/attic.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: { +{ pkgs, myLib, ... }: { kubernetes.resources = let atticSettings = { @@ -62,7 +62,7 @@ spec = { containers.attic = { - image = "git.kun.is/home/atticd:fd910d91c2143295e959d2c903e9ea25cf94ba27"; + image = myLib.globals.images.attic; ports.web.containerPort = 8080; args = [ "-f" "/etc/atticd/config.toml" ]; @@ -111,7 +111,7 @@ spec = { containers.postgres = { - image = "postgres:15"; + image = myLib.globals.images.atticPostgres; imagePullPolicy = "IfNotPresent"; ports.postgres.containerPort = 5432; diff --git a/kubenix-modules/atuin.nix b/kubenix-modules/atuin.nix index 198384e..96a1002 100644 --- a/kubenix-modules/atuin.nix +++ b/kubenix-modules/atuin.nix @@ -1,4 +1,4 @@ -{ +{ myLib, ... }: { kubernetes.resources = { secrets.database.stringData = { databasePassword = "ref+sops://secrets/kubernetes.yaml#/atuin/databasePassword"; @@ -28,7 +28,7 @@ containers = { atuin = { - image = "ghcr.io/atuinsh/atuin:18.3.0"; + image = myLib.globals.images.atuin; imagePullPolicy = "IfNotPresent"; ports.web.containerPort = 8888; args = [ "server" "start" ]; @@ -51,7 +51,7 @@ }; database = { - image = "postgres:14"; + image = myLib.globals.images.atuinPostgres; ports.web.containerPort = 5432; env = { diff --git a/kubenix-modules/bind9/default.nix b/kubenix-modules/bind9/default.nix index 50aaefc..a5411f0 100644 --- a/kubenix-modules/bind9/default.nix +++ b/kubenix-modules/bind9/default.nix @@ -50,7 +50,7 @@ in spec = { containers = { bind9-udp = { - image = "ubuntu/bind9:9.18-22.04_beta"; + image = myLib.globals.images.bind9; envFrom = [{ configMapRef.name = "bind9-env"; }]; ports.dns-udp = { @@ -73,7 +73,7 @@ in }; bind9-tcp = { - image = "ubuntu/bind9:9.18-22.04_beta"; + image = myLib.globals.images.bind9; envFrom = [{ configMapRef.name = "bind9-env"; }]; ports.dns-tcp = { diff --git a/kubenix-modules/cyberchef.nix b/kubenix-modules/cyberchef.nix index 19c2578..d7ab260 100644 --- a/kubenix-modules/cyberchef.nix +++ b/kubenix-modules/cyberchef.nix @@ -1,4 +1,4 @@ -{ +{ myLib, ... }: { kubernetes.resources = { deployments.cyberchef.spec = { replicas = 3; @@ -8,7 +8,7 @@ metadata.labels.app = "cyberchef"; spec.containers.cyberchef = { - image = "mpepping/cyberchef"; + image = myLib.globals.images.cyberchef; ports.web.containerPort = 8000; }; }; diff --git a/kubenix-modules/dnsmasq.nix b/kubenix-modules/dnsmasq.nix index bc29d61..90655ea 100644 --- a/kubenix-modules/dnsmasq.nix +++ b/kubenix-modules/dnsmasq.nix @@ -23,7 +23,7 @@ spec = { containers.dnsmasq = { - image = "dockurr/dnsmasq:2.90"; + image = myLib.globals.images.dnsmasq; ports.dns = { containerPort = 53; diff --git a/kubenix-modules/forgejo/default.nix b/kubenix-modules/forgejo/default.nix index 6b9a123..ea98aaf 100644 --- a/kubenix-modules/forgejo/default.nix +++ b/kubenix-modules/forgejo/default.nix @@ -27,7 +27,7 @@ enableServiceLinks = false; containers.forgejo = { - image = "codeberg.org/forgejo/forgejo:7.0.5"; + image = myLib.globals.images.forgejo; imagePullPolicy = "IfNotPresent"; env = { diff --git a/kubenix-modules/freshrss.nix b/kubenix-modules/freshrss.nix index 525e4b4..614847e 100644 --- a/kubenix-modules/freshrss.nix +++ b/kubenix-modules/freshrss.nix @@ -19,7 +19,7 @@ spec = { containers.freshrss = { - image = "freshrss/freshrss:1.24.1"; + image = myLib.globals.images.freshrss; imagePullPolicy = "IfNotPresent"; ports.web.containerPort = 80; diff --git a/kubenix-modules/hedgedoc.nix b/kubenix-modules/hedgedoc.nix index 1ba013b..b91c0de 100644 --- a/kubenix-modules/hedgedoc.nix +++ b/kubenix-modules/hedgedoc.nix @@ -1,4 +1,4 @@ -{ lib, ... }: { +{ lib, myLib, ... }: { kubernetes.resources = { configMaps.hedgedoc-config.data.config = lib.generators.toJSON { } { useSSL = false; @@ -24,7 +24,7 @@ spec = { containers.hedgedoc = { - image = "quay.io/hedgedoc/hedgedoc:1.9.9"; + image = myLib.globals.images.hedgedoc; ports.web.containerPort = 3000; env = { @@ -87,7 +87,7 @@ spec = { containers.postgres = { - image = "postgres:15"; + image = myLib.globals.images.hedgedocPostgres; imagePullPolicy = "IfNotPresent"; ports.postgres.containerPort = 5432; diff --git a/kubenix-modules/immich.nix b/kubenix-modules/immich.nix index 8051944..19d5e14 100644 --- a/kubenix-modules/immich.nix +++ b/kubenix-modules/immich.nix @@ -28,7 +28,7 @@ enableServiceLinks = false; containers.immich = { - image = "ghcr.io/immich-app/immich-server:v1.108.0"; + image = myLib.globals.images.immich; imagePullPolicy = "IfNotPresent"; ports.web.containerPort = 3001; @@ -67,7 +67,7 @@ volumes.cache.persistentVolumeClaim.claimName = "cache"; containers.machine-learning = { - image = "ghcr.io/immich-app/immich-machine-learning:v1.108.0"; + image = myLib.globals.images.immichML; imagePullPolicy = "IfNotPresent"; ports.ml.containerPort = 3003; env.MACHINE_LEARNING_WORKER_TIMEOUT.value = "600"; @@ -104,7 +104,7 @@ spec = { containers.redis = { - image = "docker.io/redis:6.2-alpine@sha256:d6c2911ac51b289db208767581a5d154544f2b2fe4914ea5056443f62dc6e900"; + image = myLib.globals.images.immichRedis; ports.redis.containerPort = 6379; imagePullPolicy = "IfNotPresent"; }; @@ -137,7 +137,7 @@ volumes.data.persistentVolumeClaim.claimName = "database"; containers.postgres = { - image = "docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0"; + image = myLib.globals.images.immichPostgres; imagePullPolicy = "IfNotPresent"; command = [ "postgres" ]; args = [ "-c" "shared_preload_libraries=vectors.so" "-c" "search_path=\"$$user\", public, vectors" "-c" "logging_collector=on" "-c" "max_wal_size=2GB" "-c" "shared_buffers=512MB" "-c" "wal_compression=on" ]; diff --git a/kubenix-modules/inbucket.nix b/kubenix-modules/inbucket.nix index 909c236..63f8852 100644 --- a/kubenix-modules/inbucket.nix +++ b/kubenix-modules/inbucket.nix @@ -13,7 +13,7 @@ containers = { inbucket = { - image = "inbucket/inbucket:edge"; + image = myLib.globals.images.inbucket; ports = { web.containerPort = 9000; diff --git a/kubenix-modules/kitchenowl.nix b/kubenix-modules/kitchenowl.nix index ff62a14..9e5e14d 100644 --- a/kubenix-modules/kitchenowl.nix +++ b/kubenix-modules/kitchenowl.nix @@ -1,4 +1,4 @@ -{ +{ myLib, ... }: { kubernetes.resources = { secrets.server.stringData.jwtSecretKey = "ref+sops://secrets/kubernetes.yaml#/kitchenowl/jwtSecretKey"; @@ -21,7 +21,7 @@ volumes.data.persistentVolumeClaim.claimName = "data"; containers.kitchenowl = { - image = "tombursch/kitchenowl:v0.5.1"; + image = myLib.globals.images.kitchenowl; ports.web.containerPort = 8080; imagePullPolicy = "IfNotPresent"; diff --git a/kubenix-modules/kms.nix b/kubenix-modules/kms.nix index 151c8df..8dc37b5 100644 --- a/kubenix-modules/kms.nix +++ b/kubenix-modules/kms.nix @@ -7,7 +7,7 @@ metadata.labels.app = "kms"; spec.containers.kms = { - image = "teddysun/kms"; + image = myLib.globals.images.kms; ports.kms.containerPort = 1688; }; }; diff --git a/kubenix-modules/media.nix b/kubenix-modules/media.nix index 98e41a4..8e5a7c0 100644 --- a/kubenix-modules/media.nix +++ b/kubenix-modules/media.nix @@ -24,7 +24,7 @@ spec = { containers.jellyfin = { - image = "jellyfin/jellyfin:10.9.8"; + image = myLib.globals.images.jellyfin; ports.web.containerPort = 8096; imagePullPolicy = "IfNotPresent"; @@ -95,7 +95,7 @@ spec = { containers.deluge = { - image = "linuxserver/deluge:2.1.1"; + image = myLib.globals.images.deluge; imagePullPolicy = "IfNotPresent"; env = { @@ -155,7 +155,7 @@ volumes.config.persistentVolumeClaim.claimName = "jellyseerr"; containers.jellyseerr = { - image = "fallenbagel/jellyseerr:1.9.2"; + image = myLib.globals.images.jellyseerr; ports.web.containerPort = 5055; imagePullPolicy = "IfNotPresent"; @@ -201,7 +201,7 @@ spec = { containers.radarr = { - image = "lscr.io/linuxserver/radarr:5.8.3"; + image = myLib.globals.images.radarr; ports.web.containerPort = 7878; imagePullPolicy = "IfNotPresent"; @@ -261,7 +261,7 @@ volumes.config.persistentVolumeClaim.claimName = "prowlarr"; containers.prowlarr = { - image = "lscr.io/linuxserver/prowlarr:1.21.2"; + image = myLib.globals.images.prowlarr; ports.web.containerPort = 9696; imagePullPolicy = "IfNotPresent"; @@ -308,7 +308,7 @@ spec = { containers.sonarr = { - image = "lscr.io/linuxserver/sonarr:4.0.8"; + image = myLib.globals.images.sonarr; ports.web.containerPort = 8989; imagePullPolicy = "IfNotPresent"; @@ -366,7 +366,7 @@ spec = { containers.bazarr = { - image = "lscr.io/linuxserver/bazarr:1.4.3"; + image = myLib.globals.images.bazarr; ports.web.containerPort = 6767; imagePullPolicy = "IfNotPresent"; diff --git a/kubenix-modules/minecraft.nix b/kubenix-modules/minecraft.nix index a3157eb..acf855a 100644 --- a/kubenix-modules/minecraft.nix +++ b/kubenix-modules/minecraft.nix @@ -10,7 +10,7 @@ # volumes.data.persistentVolumeClaim.claimName = "data"; # containers.minecraft = { - # image = "itzg/minecraft-server"; + # image = myLib.globals.images.minecraft; # ports.minecraft.containerPort = 25565; # env.EULA.value = "TRUE"; diff --git a/kubenix-modules/nextcloud.nix b/kubenix-modules/nextcloud.nix index f499734..11f5aef 100644 --- a/kubenix-modules/nextcloud.nix +++ b/kubenix-modules/nextcloud.nix @@ -28,7 +28,7 @@ volumes.data.persistentVolumeClaim.claimName = "data"; containers.nextcloud = { - image = "nextcloud:28"; + image = myLib.globals.images.nextcloud; ports.web.containerPort = 80; env = { @@ -79,7 +79,7 @@ spec = { containers.postgres = { - image = "postgres:15"; + image = myLib.globals.images.nextcloudPostgres; imagePullPolicy = "IfNotPresent"; ports.postgres.containerPort = 5432; diff --git a/kubenix-modules/ntfy.nix b/kubenix-modules/ntfy.nix index 36009ff..a1c3a27 100644 --- a/kubenix-modules/ntfy.nix +++ b/kubenix-modules/ntfy.nix @@ -1,4 +1,4 @@ -{ lib, ... }: { +{ lib, myLib, ... }: { kubernetes.resources = { configMaps.ntfy.data.config = lib.generators.toYAML { } { base-url = "https://ntfy.kun.is"; @@ -29,7 +29,7 @@ spec = { containers.ntfy = { - image = "binwiederhier/ntfy:v2.11.0"; + image = myLib.globals.images.ntfy; ports.web.containerPort = 80; env.TZ.value = "Europe/Amsterdam"; args = [ "serve" ]; diff --git a/kubenix-modules/paperless.nix b/kubenix-modules/paperless.nix index 054362b..f883782 100644 --- a/kubenix-modules/paperless.nix +++ b/kubenix-modules/paperless.nix @@ -31,7 +31,7 @@ volumes.data.persistentVolumeClaim.claimName = "data"; containers.paperless = { - image = "ghcr.io/paperless-ngx/paperless-ngx:2.3"; + image = myLib.globals.images.paperless; imagePullPolicy = "IfNotPresent"; ports.web.containerPort = 8000; @@ -100,7 +100,7 @@ volumes.data.persistentVolumeClaim.claimName = "redisdata"; containers.redis = { - image = "docker.io/library/redis:7"; + image = myLib.globals.images.paperlessRedis; ports.redis.containerPort = 6379; imagePullPolicy = "IfNotPresent"; @@ -141,7 +141,7 @@ spec = { containers.postgres = { - image = "postgres:15"; + image = myLib.globals.images.paperlessPostgres; ports.postgres.containerPort = 5432; imagePullPolicy = "IfNotPresent"; diff --git a/kubenix-modules/pihole.nix b/kubenix-modules/pihole.nix index b640519..0139b6f 100644 --- a/kubenix-modules/pihole.nix +++ b/kubenix-modules/pihole.nix @@ -19,7 +19,7 @@ spec = { containers.pihole = { - image = "pihole/pihole:latest"; + image = myLib.globals.images.pihole; env = { TZ.value = "Europe/Amsterdam"; diff --git a/kubenix-modules/radicale.nix b/kubenix-modules/radicale.nix index 7fcc6f8..9e8701d 100644 --- a/kubenix-modules/radicale.nix +++ b/kubenix-modules/radicale.nix @@ -50,7 +50,7 @@ spec = { containers.radicale = { - image = "tomsquest/docker-radicale:3.2.2.0"; + image = myLib.globals.images.radicale; ports.web.containerPort = 5232; imagePullPolicy = "IfNotPresent"; diff --git a/kubenix-modules/syncthing.nix b/kubenix-modules/syncthing.nix index c5e2304..f68841e 100644 --- a/kubenix-modules/syncthing.nix +++ b/kubenix-modules/syncthing.nix @@ -21,7 +21,7 @@ serviceAccountName = "syncthing"; containers.syncthing = { - image = "lscr.io/linuxserver/syncthing:1.23.6"; + image = myLib.globals.images.syncthing; ports.web.containerPort = 8384; imagePullPolicy = "IfNotPresent"; diff --git a/my-lib/globals.nix b/my-lib/globals.nix index 28a2163..3f524a7 100644 --- a/my-lib/globals.nix +++ b/my-lib/globals.nix @@ -25,4 +25,42 @@ freshrssIPv4 = "192.168.30.146"; immichIPv4 = "192.168.30.147"; nextcloudIPv4 = "192.168.30.148"; + + images = { + jellyfin = "jellyfin/jellyfin:10.9.8"; + deluge = "linuxserver/deluge:2.1.1"; + jellyseerr = "fallenbagel/jellyseerr:1.9.2"; + radarr = "lscr.io/linuxserver/radarr:5.8.3"; + prowlarr = "lscr.io/linuxserver/prowlarr:1.21.2"; + sonarr = "lscr.io/linuxserver/sonarr:4.0.8"; + bazarr = "lscr.io/linuxserver/bazarr:1.4.3"; + atuin = "ghcr.io/atuinsh/atuin:18.3.0"; + atuinPostgres = "postgres:14"; + kms = "teddysun/kms"; + paperless = "ghcr.io/paperless-ngx/paperless-ngx:2.3"; + paperlessRedis = "docker.io/library/redis:7"; + paperlessPostgres = "postgres:15"; + nextcloud = "nextcloud:28"; + nextcloudPostgres = "postgres:15"; + inbucket = "inbucket/inbucket:edge"; + syncthing = "lscr.io/linuxserver/syncthing:1.23.6"; + radicale = "tomsquest/docker-radicale:3.2.2.0"; + ntfy = "binwiederhier/ntfy:v2.11.0"; + forgejo = "codeberg.org/forgejo/forgejo:7.0.5"; + pihole = "pihole/pihole:latest"; + immich = "ghcr.io/immich-app/immich-server:v1.108.0"; + immichML = "ghcr.io/immich-app/immich-machine-learning:v1.108.0"; + immichRedis = "docker.io/redis:6.2-alpine@sha256:d6c2911ac51b289db208767581a5d154544f2b2fe4914ea5056443f62dc6e900"; + immichPostgres = "docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0"; + kitchenowl = "tombursch/kitchenowl:v0.5.1"; + cyberchef = "mpepping/cyberchef"; + freshrss = "freshrss/freshrss:1.24.1"; + bind9 = "ubuntu/bind9:9.18-22.04_beta"; + dnsmasq = "dockurr/dnsmasq:2.90"; + attic = "git.kun.is/home/atticd:fd910d91c2143295e959d2c903e9ea25cf94ba27"; + atticPostgres = "postgres:15"; + hedgedoc = "quay.io/hedgedoc/hedgedoc:1.9.9"; + hedgedocPostgres = "postgres:15"; + minecraft = "itzg/minecraft-server"; + }; } diff --git a/nixos-modules/globals.nix b/nixos-modules/globals.nix deleted file mode 100644 index 3f62be2..0000000 --- a/nixos-modules/globals.nix +++ /dev/null @@ -1,89 +0,0 @@ -{ lib, ... }: { - options.lab = { - - networking = { - public = { - ipv4 = { - router = lib.mkOption { - type = lib.types.str; - description = '' - Public IPv4 address of the router. - ''; - }; - }; - - ipv6 = { - router = lib.mkOption { - type = lib.types.str; - description = '' - Publicly routable IPv6 address of the router. - ''; - }; - }; - }; - - dmz = { - ipv4 = { - prefixLength = lib.mkOption { - type = lib.types.str; - description = '' - IPv4 prefix length of DMZ network. - ''; - }; - - dockerSwarm = lib.mkOption { - type = lib.types.str; - description = '' - IPv4 address of the Docker Swarm in the DMZ. - ''; - }; - - - router = lib.mkOption { - type = lib.types.str; - description = '' - The router's IPv4 address on the DMZ network. - ''; - }; - - services = lib.mkOption { - type = lib.types.str; - description = '' - The IPv4 address of the interface serving DHCP and DNS on the DMZ network. - ''; - }; - }; - - ipv6 = { - prefixLength = lib.mkOption { - type = lib.types.str; - description = '' - IPv6 prefix length of DMZ network. - ''; - }; - - dockerSwarm = lib.mkOption { - type = lib.types.str; - description = '' - Globally routable IPv6 address of the Docker Swarm. - ''; - }; - - router = lib.mkOption { - type = lib.types.str; - description = '' - The router's IPv6 address on the DMZ network. - ''; - }; - - services = lib.mkOption { - type = lib.types.str; - description = '' - The IPv6 address of the interface serving DHCP and DNS on the DMZ network. - ''; - }; - }; - }; - }; - }; -}