Add experimental nix-snapshotter stuff
This commit is contained in:
parent
211caada8a
commit
c89209f1df
9 changed files with 55 additions and 32 deletions
|
|
@ -1,2 +0,0 @@
|
|||
{ cyberchef = { cyberchef = { finalImageName = "mpepping/cyberchef"; finalImageTag = "latest"; imageDigest = "sha256:5044c72dd8070fb6e0595e720fc4440bf6168493b2433db06a1c966406398ba2"; imageName = "mpepping/cyberchef"; sha256 = "177yjfbz0ijc8lfqfr50fhqqmjk72373c0igyrxv3wwg0pyrgpv4"; }; }; }
|
||||
|
||||
2
container-images/image-definitions.nix
Normal file
2
container-images/image-definitions.nix
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
{ cyberchef = { cyberchef = { finalImageName = "mpepping/cyberchef"; finalImageTag = "v10.18.9"; imageDigest = "sha256:4b06936cbeff92cfebf86fdcfbb4bad7807d6a5f99b8affa114bd84f81461fe3"; imageName = "mpepping/cyberchef"; sha256 = "019wr9vrpjg6kq4sqkf9d9xr5w86hn4d93pkk57sliqwyjjn13x8"; }; }; inbucket = { inbucket = { finalImageName = "inbucket/inbucket"; finalImageTag = "edge"; imageDigest = "sha256:e39238af6ac485c406ead9cf411ca7d6bad5dd6e1bca2a02af87273db5f53c8e"; imageName = "inbucket/inbucket"; sha256 = "1z9gywpr3i5048k39dflqlp9k6227b7kdipwk790x711iga2jqpk"; }; }; }
|
||||
|
||||
13
container-images/pulled-images.nix
Normal file
13
container-images/pulled-images.nix
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
pkgs: lib:
|
||||
let
|
||||
imageDefs = import ./image-definitions.nix;
|
||||
in
|
||||
lib.attrsets.mapAttrs
|
||||
(projectName: project:
|
||||
lib.attrsets.mapAttrs
|
||||
(imageName: imageDef:
|
||||
pkgs.dockerTools.pullImage imageDef
|
||||
)
|
||||
project
|
||||
)
|
||||
imageDefs
|
||||
|
|
@ -1,9 +1,11 @@
|
|||
{ self, machines, dns, myLib, flake-utils, kubenix, nixhelm, blog-pim, ... }: flake-utils.lib.eachDefaultSystem
|
||||
{ self, nixpkgs, machines, dns, myLib, flake-utils, kubenix, nixhelm, blog-pim, ... }: flake-utils.lib.eachDefaultSystem
|
||||
(system:
|
||||
let
|
||||
pkgs = nixpkgs.legacyPackages.${system};
|
||||
pulledImages = (import "${self}/container-images/pulled-images.nix") pkgs pkgs.lib;
|
||||
mkKubenixPackage = module: kubenix.packages.${system}.default.override
|
||||
{
|
||||
specialArgs = { inherit myLib kubenix nixhelm system dns blog-pim machines; };
|
||||
specialArgs = { inherit myLib kubenix nixhelm system dns blog-pim machines pulledImages; };
|
||||
module = { imports = [ module ]; };
|
||||
};
|
||||
in
|
||||
|
|
|
|||
|
|
@ -32,7 +32,14 @@ in
|
|||
cyberchef = {
|
||||
cyberchef = {
|
||||
image-name = "mpepping/cyberchef";
|
||||
image-tag = "latest";
|
||||
image-tag = "v10.18.9";
|
||||
};
|
||||
};
|
||||
|
||||
inbucket = {
|
||||
inbucket = {
|
||||
image-name = "inbucket/inbucket";
|
||||
image-tag = "edge";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -24,26 +24,6 @@ let
|
|||
];
|
||||
in
|
||||
{
|
||||
kubernetes.resources.pods.testje.spec = {
|
||||
containers.redis = {
|
||||
image = "nix:0/nix/store/5nmh9qawhbwinzxidafjlfw68wfkh0pj-nix-image-redis.tar";
|
||||
args = [ "--protected-mode" "no" ];
|
||||
|
||||
ports = [{
|
||||
name = "redis";
|
||||
containerPort = 6379;
|
||||
}];
|
||||
};
|
||||
|
||||
affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms = [{
|
||||
matchExpressions = [{
|
||||
key = "kubernetes.io/hostname";
|
||||
operator = "In";
|
||||
values = [ "atlas" ];
|
||||
}];
|
||||
}];
|
||||
};
|
||||
|
||||
imports = [
|
||||
./base.nix
|
||||
./longhorn.nix
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{
|
||||
{ pulledImages, ... }: {
|
||||
kubernetes.resources = {
|
||||
deployments.cyberchef.spec = {
|
||||
replicas = 3;
|
||||
|
|
@ -8,7 +8,7 @@
|
|||
metadata.labels.app = "cyberchef";
|
||||
|
||||
spec.containers.cyberchef = {
|
||||
image = "mpepping/cyberchef";
|
||||
image = "mpepping/cyberchef:latest";
|
||||
ports.web.containerPort = 8000;
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{ lib, myLib, ... }: {
|
||||
{ pulledImages, myLib, ... }: {
|
||||
kubernetes.resources = {
|
||||
deployments.inbucket = {
|
||||
metadata.labels.app = "inbucket";
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{ inputs, pkgs, lib, config, ... }:
|
||||
{ self, inputs, pkgs, lib, config, ... }:
|
||||
let
|
||||
cfg = config.lab.k3s;
|
||||
|
||||
|
|
@ -167,9 +167,30 @@ in
|
|||
cp -f ${./k3s-ca/etcd/server-ca.crt} /var/lib/rancher/k3s/server/tls/etcd/server-ca.crt
|
||||
'';
|
||||
|
||||
nix-snapshotter-image = ''
|
||||
ln -sf ${image} /root/image.tar
|
||||
docker-images =
|
||||
let
|
||||
pulledImages = (import "${self}/container-images/pulled-images.nix") pkgs lib;
|
||||
basePath = "/var/docker_images";
|
||||
linesForImage = projectName: imageName: pulledImage:
|
||||
let
|
||||
projectPath = "${basePath}/${projectName}";
|
||||
in
|
||||
''
|
||||
mkdir -p ${projectPath}
|
||||
ln -sf ${pulledImage} ${projectPath}/${imageName}.tar
|
||||
'';
|
||||
linesForProject = projectName: project:
|
||||
let
|
||||
lines = lib.attrsets.mapAttrsToList (linesForImage projectName) project;
|
||||
in
|
||||
builtins.concatStringsSep "\n" lines;
|
||||
generateLines = projects:
|
||||
let
|
||||
lines = lib.attrsets.mapAttrsToList linesForProject projects;
|
||||
in
|
||||
builtins.concatStringsSep "\n" lines;
|
||||
in
|
||||
generateLines pulledImages;
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue