From dce3919f31f2b074d3b3aaab366c87a92705218e Mon Sep 17 00:00:00 2001 From: Pim Kunis Date: Sun, 14 Apr 2024 23:34:54 +0200 Subject: [PATCH] create custom nixos module for k8s nfs volumes --- kubenix-modules/all.nix | 1 + kubenix-modules/custom/ingress.nix | 1 - kubenix-modules/custom/nfs-volume.nix | 47 +++++ kubenix-modules/forgejo.nix | 31 +-- kubenix-modules/freshrss.nix | 31 +-- kubenix-modules/hedgedoc.nix | 31 +-- kubenix-modules/kitchenowl.nix | 31 +-- kubenix-modules/media.nix | 281 +++++++------------------- kubenix-modules/minecraft.nix | 19 +- kubenix-modules/nextcloud.nix | 31 +-- kubenix-modules/paperless-ngx.nix | 55 ++--- kubenix-modules/pihole.nix | 57 ++---- kubenix-modules/radicale.nix | 31 +-- kubenix-modules/syncthing.nix | 33 +-- 14 files changed, 216 insertions(+), 464 deletions(-) create mode 100644 kubenix-modules/custom/nfs-volume.nix diff --git a/kubenix-modules/all.nix b/kubenix-modules/all.nix index 08a3bef..bbebb1c 100644 --- a/kubenix-modules/all.nix +++ b/kubenix-modules/all.nix @@ -22,5 +22,6 @@ ./cert-manager.nix ./minecraft.nix ./custom/ingress.nix + ./custom/nfs-volume.nix ]; } diff --git a/kubenix-modules/custom/ingress.nix b/kubenix-modules/custom/ingress.nix index 501c6b3..99b2e78 100644 --- a/kubenix-modules/custom/ingress.nix +++ b/kubenix-modules/custom/ingress.nix @@ -27,7 +27,6 @@ in options = { lab.ingresses = lib.mkOption { type = with lib.types; attrsOf (submodule ingressOpts); - default = { }; }; }; diff --git a/kubenix-modules/custom/nfs-volume.nix b/kubenix-modules/custom/nfs-volume.nix new file mode 100644 index 0000000..b90c831 --- /dev/null +++ b/kubenix-modules/custom/nfs-volume.nix @@ -0,0 +1,47 @@ +{ lib, config, ... }: +let + nfsVolumeOpts = { name, ... }: { + options = { + path = lib.mkOption { + type = lib.types.str; + }; + }; + }; +in +{ + options = { + lab.nfsVolumes = lib.mkOption { + type = with lib.types; attrsOf (submodule nfsVolumeOpts); + default = { }; + }; + }; + + config = { + kubernetes.resources = { + persistentVolumes = builtins.mapAttrs + (name: nfsVolume: { + spec = { + capacity.storage = "1Mi"; + accessModes = [ "ReadWriteMany" ]; + + nfs = { + server = "lewis.dmz"; + path = "/mnt/data/nfs/${nfsVolume.path}"; + }; + }; + }) + config.lab.nfsVolumes; + + persistentVolumeClaims = builtins.mapAttrs + (name: nfsVolume: { + spec = { + accessModes = [ "ReadWriteMany" ]; + storageClassName = ""; + resources.requests.storage = "1Mi"; + volumeName = name; + }; + }) + config.lab.nfsVolumes; + }; + }; +} diff --git a/kubenix-modules/forgejo.nix b/kubenix-modules/forgejo.nix index 2012d1f..6375527 100644 --- a/kubenix-modules/forgejo.nix +++ b/kubenix-modules/forgejo.nix @@ -158,23 +158,6 @@ }; }; - persistentVolumes.forgejo.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/forgejo"; - }; - }; - - persistentVolumeClaims.forgejo.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "forgejo"; - }; - services = { forgejo-web.spec = { selector.app = "forgejo"; @@ -198,12 +181,16 @@ }; }; - lab.ingresses.forgejo = { - host = "git.kun.is"; + lab = { + nfsVolumes.forgejo.path = "forgejo"; - service = { - name = "forgejo-web"; - portName = "web"; + ingresses.forgejo = { + host = "git.kun.is"; + + service = { + name = "forgejo-web"; + portName = "web"; + }; }; }; } diff --git a/kubenix-modules/freshrss.nix b/kubenix-modules/freshrss.nix index f853da0..18817b8 100644 --- a/kubenix-modules/freshrss.nix +++ b/kubenix-modules/freshrss.nix @@ -48,23 +48,6 @@ }; }; - persistentVolumes.freshrss.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/freshrss/data"; - }; - }; - - persistentVolumeClaims.freshrss.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "freshrss"; - }; - services.freshrss.spec = { selector.app = "freshrss"; @@ -75,12 +58,16 @@ }; }; - lab.ingresses.freshrss = { - host = "rss.kun.is"; + lab = { + nfsVolumes.freshrss.path = "freshrss/data"; - service = { - name = "freshrss"; - portName = "web"; + ingresses.freshrss = { + host = "rss.kun.is"; + + service = { + name = "freshrss"; + portName = "web"; + }; }; }; } diff --git a/kubenix-modules/hedgedoc.nix b/kubenix-modules/hedgedoc.nix index 1c13a8b..82720cd 100644 --- a/kubenix-modules/hedgedoc.nix +++ b/kubenix-modules/hedgedoc.nix @@ -73,23 +73,6 @@ }; }; - persistentVolumes.hedgedoc.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/hedgedoc/uploads"; - }; - }; - - persistentVolumeClaims.hedgedoc.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "hedgedoc"; - }; - services.hedgedoc.spec = { selector.app = "hedgedoc"; @@ -100,12 +83,16 @@ }; }; - lab.ingresses.hedgedoc = { - host = "md.kun.is"; + lab = { + nfsVolumes.hedgedoc.path = "hedgedoc/uploads"; - service = { - name = "hedgedoc"; - portName = "web"; + ingresses.hedgedoc = { + host = "md.kun.is"; + + service = { + name = "hedgedoc"; + portName = "web"; + }; }; }; } diff --git a/kubenix-modules/kitchenowl.nix b/kubenix-modules/kitchenowl.nix index 5fea87f..b86876a 100644 --- a/kubenix-modules/kitchenowl.nix +++ b/kubenix-modules/kitchenowl.nix @@ -72,23 +72,6 @@ }; }; - persistentVolumes.kitchenowl.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/kitchenowl/data"; - }; - }; - - persistentVolumeClaims.kitchenowl.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "kitchenowl"; - }; - services = { kitchenowl-web.spec = { selector = { @@ -116,12 +99,16 @@ }; }; - lab.ingresses.kitchenowl = { - host = "boodschappen.kun.is"; + lab = { + nfsVolumes.kitchenowl.path = "kitchenowl/data"; - service = { - name = "kitchenowl-web"; - portName = "web"; + ingresses.kitchenowl = { + host = "boodschappen.kun.is"; + + service = { + name = "kitchenowl-web"; + portName = "web"; + }; }; }; } diff --git a/kubenix-modules/media.nix b/kubenix-modules/media.nix index 4dd5936..cc1b59f 100644 --- a/kubenix-modules/media.nix +++ b/kubenix-modules/media.nix @@ -341,146 +341,6 @@ }; }; - persistentVolumes = { - jellyfin-config.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/jellyfin/config"; - }; - }; - - media.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/media"; - }; - }; - - transmission-config.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/transmission/config"; - }; - }; - - jellyseerr-config.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/jellyseerr/config"; - }; - }; - - radarr-config.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/radarr/config"; - }; - }; - - prowlarr-config.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/prowlarr/config"; - }; - }; - - sonarr-config.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/sonarr/config"; - }; - }; - - bazarr-config.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/bazarr/config"; - }; - }; - }; - - persistentVolumeClaims = { - jellyfin-config.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "jellyfin-config"; - }; - - media.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "media"; - }; - - transmission-config.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "transmission-config"; - }; - - jellyseerr-config.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "jellyseerr-config"; - }; - - radarr-config.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "radarr-config"; - }; - - prowlarr-config.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "prowlarr-config"; - }; - - sonarr-config.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "sonarr-config"; - }; - - bazarr-config.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "bazarr-config"; - }; - }; - services = { jellyfin.spec = { selector = { @@ -583,74 +443,87 @@ }; }; - lab.ingresses = { - jellyfin = { - host = "media.kun.is"; + lab = { + ingresses = { + jellyfin = { + host = "media.kun.is"; - service = { - name = "jellyfin"; - portName = "web"; + service = { + name = "jellyfin"; + portName = "web"; + }; + }; + + transmission = { + host = "transmission.kun.is"; + entrypoint = "localsecure"; + + service = { + name = "transmission-web"; + portName = "web"; + }; + }; + + jellyseerr = { + host = "jellyseerr.kun.is"; + entrypoint = "localsecure"; + + service = { + name = "jellyseerr"; + portName = "web"; + }; + }; + + radarr = { + host = "radarr.kun.is"; + entrypoint = "localsecure"; + + service = { + name = "radarr"; + portName = "web"; + }; + }; + + prowlarr = { + host = "prowlarr.kun.is"; + entrypoint = "localsecure"; + + service = { + name = "prowlarr"; + portName = "web"; + }; + }; + + sonarr = { + host = "sonarr.kun.is"; + entrypoint = "localsecure"; + + service = { + name = "sonarr"; + portName = "web"; + }; + }; + + bazarr = { + host = "bazarr.kun.is"; + entrypoint = "localsecure"; + + service = { + name = "bazarr"; + portName = "web"; + }; }; }; - transmission = { - host = "transmission.kun.is"; - entrypoint = "localsecure"; - - service = { - name = "transmission-web"; - portName = "web"; - }; - }; - - jellyseerr = { - host = "jellyseerr.kun.is"; - entrypoint = "localsecure"; - - service = { - name = "jellyseerr"; - portName = "web"; - }; - }; - - radarr = { - host = "radarr.kun.is"; - entrypoint = "localsecure"; - - service = { - name = "radarr"; - portName = "web"; - }; - }; - - prowlarr = { - host = "prowlarr.kun.is"; - entrypoint = "localsecure"; - - service = { - name = "prowlarr"; - portName = "web"; - }; - }; - - sonarr = { - host = "sonarr.kun.is"; - entrypoint = "localsecure"; - - service = { - name = "sonarr"; - portName = "web"; - }; - }; - - bazarr = { - host = "bazarr.kun.is"; - entrypoint = "localsecure"; - - service = { - name = "bazarr"; - portName = "web"; - }; + nfsVolumes = { + jellyfin-config.path = "jellyfin/config"; + media.path = "media"; + transmission-config.path = "transmission/config"; + jellyseerr-config.path = "jellyseerr/config"; + radarr-config.path = "radarr/config"; + prowlarr-config.path = "prowlarr/config"; + sonarr-config.path = "sonarr/config"; + bazarr-config.path = "bazarr/config"; }; }; } diff --git a/kubenix-modules/minecraft.nix b/kubenix-modules/minecraft.nix index eee0ee3..bd7f4a4 100644 --- a/kubenix-modules/minecraft.nix +++ b/kubenix-modules/minecraft.nix @@ -29,23 +29,6 @@ }; }; - persistentVolumes.minecraft.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/minecraft"; - }; - }; - - persistentVolumeClaims.minecraft.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "minecraft"; - }; - services.minecraft.spec = { type = "LoadBalancer"; loadBalancerIP = myLib.globals.minecraftIPv4; @@ -57,4 +40,6 @@ }; }; }; + + lab.nfsVolumes.minecraft.path = "minecraft"; } diff --git a/kubenix-modules/nextcloud.nix b/kubenix-modules/nextcloud.nix index 8300cc7..7151836 100644 --- a/kubenix-modules/nextcloud.nix +++ b/kubenix-modules/nextcloud.nix @@ -40,23 +40,6 @@ }; }; - persistentVolumes.nextcloud.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/nextcloud/data"; - }; - }; - - persistentVolumeClaims.nextcloud.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "nextcloud"; - }; - services.nextcloud.spec = { selector.app = "nextcloud"; @@ -67,12 +50,16 @@ }; }; - lab.ingresses.nextcloud = { - host = "cloud.kun.is"; + lab = { + nfsVolumes.nextcloud.path = "nextcloud/data"; - service = { - name = "nextcloud"; - portName = "web"; + ingresses.nextcloud = { + host = "cloud.kun.is"; + + service = { + name = "nextcloud"; + portName = "web"; + }; }; }; } diff --git a/kubenix-modules/paperless-ngx.nix b/kubenix-modules/paperless-ngx.nix index aaa7f39..393e7f2 100644 --- a/kubenix-modules/paperless-ngx.nix +++ b/kubenix-modules/paperless-ngx.nix @@ -105,44 +105,6 @@ }; }; - persistentVolumes = { - paperless-ngx-redisdata.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/paperless-ngx/redisdata"; - }; - }; - - paperless-ngx-data.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/paperless-ngx/data"; - }; - }; - }; - - persistentVolumeClaims = { - paperless-ngx-redisdata.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "paperless-ngx-redisdata"; - }; - - paperless-ngx-data.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "paperless-ngx-data"; - }; - }; - services = { paperless-ngx-web.spec = { selector = { @@ -170,12 +132,19 @@ }; }; - lab.ingresses.paperless-ngx = { - host = "paperless.kun.is"; + lab = { + ingresses.paperless-ngx = { + host = "paperless.kun.is"; - service = { - name = "paperless-ngx-web"; - portName = "web"; + service = { + name = "paperless-ngx-web"; + portName = "web"; + }; + }; + + nfsVolumes = { + paperless-ngx-redisdata.path = "paperless-ngx/redisdata"; + paperless-ngx-data.path = "paperless-ngx/data"; }; }; } diff --git a/kubenix-modules/pihole.nix b/kubenix-modules/pihole.nix index df92b1b..2f190cb 100644 --- a/kubenix-modules/pihole.nix +++ b/kubenix-modules/pihole.nix @@ -56,44 +56,6 @@ }; }; - persistentVolumes = { - pihole-data.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/pihole/data"; - }; - }; - - pihole-dnsmasq.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/pihole/dnsmasq"; - }; - }; - }; - - persistentVolumeClaims = { - pihole-data.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "pihole-data"; - }; - - pihole-dnsmasq.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "pihole-dnsmasq"; - }; - }; - services = { pihole-web.spec = { selector.app = "pihole"; @@ -118,13 +80,20 @@ }; }; - lab.ingresses.pihole = { - host = "pihole.kun.is"; - entrypoint = "localsecure"; + lab = { + ingresses.pihole = { + host = "pihole.kun.is"; + entrypoint = "localsecure"; - service = { - name = "pihole-web"; - portName = "web"; + service = { + name = "pihole-web"; + portName = "web"; + }; + }; + + nfsVolumes = { + pihole-data.path = "pihole/data"; + pihole-dnsmasq.path = "pihole/dnsmasq"; }; }; } diff --git a/kubenix-modules/radicale.nix b/kubenix-modules/radicale.nix index a759aad..b5b531f 100644 --- a/kubenix-modules/radicale.nix +++ b/kubenix-modules/radicale.nix @@ -73,23 +73,6 @@ }; }; - persistentVolumes.radicale.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/radicale"; - }; - }; - - persistentVolumeClaims.radicale.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "radicale"; - }; - services.radicale.spec = { selector.app = "radicale"; @@ -100,12 +83,16 @@ }; }; - lab.ingresses.radicale = { - host = "dav.kun.is"; + lab = { + nfsVolumes.radicale.path = "radicale"; - service = { - name = "radicale"; - portName = "web"; + ingresses.radicale = { + host = "dav.kun.is"; + + service = { + name = "radicale"; + portName = "web"; + }; }; }; } diff --git a/kubenix-modules/syncthing.nix b/kubenix-modules/syncthing.nix index 3fc4122..422782b 100644 --- a/kubenix-modules/syncthing.nix +++ b/kubenix-modules/syncthing.nix @@ -42,23 +42,6 @@ }; }; - persistentVolumes.syncthing.spec = { - capacity.storage = "1Mi"; - accessModes = [ "ReadWriteMany" ]; - - nfs = { - server = "lewis.dmz"; - path = "/mnt/data/nfs/syncthing/config"; - }; - }; - - persistentVolumeClaims.syncthing.spec = { - accessModes = [ "ReadWriteMany" ]; - storageClassName = ""; - resources.requests.storage = "1Mi"; - volumeName = "syncthing"; - }; - services.syncthing.spec = { selector.app = "syncthing"; @@ -69,13 +52,17 @@ }; }; - lab.ingresses.syncthing = { - host = "sync.kun.is"; - entrypoint = "localsecure"; + lab = { + nfsVolumes.syncthing.path = "syncthing/config"; - service = { - name = "syncthing"; - portName = "web"; + ingresses.syncthing = { + host = "sync.kun.is"; + entrypoint = "localsecure"; + + service = { + name = "syncthing"; + portName = "web"; + }; }; }; }