home/nixos-servers
home/nixos-servers
2
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

refactor(traefik): Deploy resources in kube-system namespace

Browse source
This commit is contained in:
Pim Kunis 2024-07-17 14:26:17 +02:00
parent c7624baa78
commit dfe457c894
7 changed files with 77 additions and 74 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
README.md
View file

@ -71,6 +71,7 @@ Currently, the applications being deployed like this are:
- `dnsmasq`
- `bind9`
- `media`
- `traefik`
## Known bugs

4
flake-parts/kubenix.nix
View file

@ -44,7 +44,9 @@
{
imports = [
kubenix.modules.k8s
kubenix.modules.helm
"${self}/kubenix-modules/custom"
"${self}/kubenix-modules/custom-types.nix"
module
];
@ -102,4 +104,6 @@
"${self}/kubenix-modules/bind9" "bind9" "dns";
kubenix.media = mkDeployScriptAndManifest
"${self}/kubenix-modules/media.nix" "media" "media";
kubenix.traefik = mkDeployScriptAndManifest
"${self}/kubenix-modules/traefik.nix" "traefik" "kube-system";
})

3
kubenix-modules/all.nix
View file

@ -4,12 +4,9 @@
# ./minecraft.nix
./base.nix
./longhorn.nix
./esrom.nix
./ek2024.nix
./metallb.nix
./cert-manager.nix
./custom
./traefik.nix
./volumes.nix
./custom-types.nix
];

9
kubenix-modules/base.nix
View file

@ -36,10 +36,10 @@
includeCRDs = false;
};
argo-workflows = {
chart = nixhelm.chartsDerivations.${system}.argoproj.argo-workflows;
includeCRDs = true;
};
# argo-workflows = {
# chart = nixhelm.chartsDerivations.${system}.argoproj.argo-workflows;
# includeCRDs = true;
# };
longhorn = {
chart = nixhelm.chartsDerivations.${system}.longhorn.longhorn;
@ -76,6 +76,7 @@
inbucket = { };
dns = { };
media = { };
traefik = { };
};
nodes =

22
kubenix-modules/ek2024.nix
View file

@ -1,22 +0,0 @@
{
kubernetes.resources = {
services.ek2024.spec = {
type = "ExternalName";
externalName = "ek2024.dmz";
ports.web = {
port = 80;
targetPort = 80;
};
};
};
lab.ingresses.ek2024 = {
host = "ek2024.kun.is";
service = {
name = "ek2024";
portName = "web";
};
};
}

22
kubenix-modules/esrom.nix
View file

@ -1,22 +0,0 @@
{
kubernetes.resources = {
services.esrom.spec = {
type = "ExternalName";
externalName = "esrom.dmz";
ports.web = {
port = 80;
targetPort = 80;
};
};
};
lab.ingresses.esrom = {
host = "esrom.kun.is";
service = {
name = "esrom";
portName = "web";
};
};
}

50
kubenix-modules/traefik.nix
View file

@ -1,11 +1,12 @@
{ lib, myLib, ... }: {
kubernetes.resources.helmChartConfigs = {
kubernetes.resources = {
helmChartConfigs = {
traefik = {
metadata.namespace = "kube-system";
metadata.namespace = lib.mkForce "kube-system";
# Override Traefik's service with a static load balancer IP.
# Create endpoint for HTTPS on port 444.
# Allow external name services for esrom.
# Allow external name services for servers in LAN.
spec.valuesContent = lib.generators.toYAML { } {
# service.annotations."metallb.universe.tf/loadBalancerIPs" = myLib.globals.traefikIPv4;
providers.kubernetesIngress.allowExternalNameServices = true;
@ -31,4 +32,47 @@
};
};
};
services = {
ek2024.spec = {
type = "ExternalName";
externalName = "ek2024.dmz";
ports.web = {
port = 80;
targetPort = 80;
};
};
esrom.spec = {
type = "ExternalName";
externalName = "esrom.dmz";
ports.web = {
port = 80;
targetPort = 80;
};
};
};
};
lab.ingresses = {
ek2024 = {
host = "ek2024.kun.is";
service = {
name = "ek2024";
portName = "web";
};
};
esrom = {
host = "esrom.kun.is";
service = {
name = "esrom";
portName = "web";
};
};
};
}