refactor(traefik): Deploy resources in kube-system namespace
This commit is contained in:
parent
c7624baa78
commit
dfe457c894
7 changed files with 77 additions and 74 deletions
|
@ -71,6 +71,7 @@ Currently, the applications being deployed like this are:
|
|||
- `dnsmasq`
|
||||
- `bind9`
|
||||
- `media`
|
||||
- `traefik`
|
||||
|
||||
## Known bugs
|
||||
|
||||
|
|
|
@ -44,7 +44,9 @@
|
|||
{
|
||||
imports = [
|
||||
kubenix.modules.k8s
|
||||
kubenix.modules.helm
|
||||
"${self}/kubenix-modules/custom"
|
||||
"${self}/kubenix-modules/custom-types.nix"
|
||||
module
|
||||
];
|
||||
|
||||
|
@ -102,4 +104,6 @@
|
|||
"${self}/kubenix-modules/bind9" "bind9" "dns";
|
||||
kubenix.media = mkDeployScriptAndManifest
|
||||
"${self}/kubenix-modules/media.nix" "media" "media";
|
||||
kubenix.traefik = mkDeployScriptAndManifest
|
||||
"${self}/kubenix-modules/traefik.nix" "traefik" "kube-system";
|
||||
})
|
||||
|
|
|
@ -4,12 +4,9 @@
|
|||
# ./minecraft.nix
|
||||
./base.nix
|
||||
./longhorn.nix
|
||||
./esrom.nix
|
||||
./ek2024.nix
|
||||
./metallb.nix
|
||||
./cert-manager.nix
|
||||
./custom
|
||||
./traefik.nix
|
||||
./volumes.nix
|
||||
./custom-types.nix
|
||||
];
|
||||
|
|
|
@ -36,10 +36,10 @@
|
|||
includeCRDs = false;
|
||||
};
|
||||
|
||||
argo-workflows = {
|
||||
chart = nixhelm.chartsDerivations.${system}.argoproj.argo-workflows;
|
||||
includeCRDs = true;
|
||||
};
|
||||
# argo-workflows = {
|
||||
# chart = nixhelm.chartsDerivations.${system}.argoproj.argo-workflows;
|
||||
# includeCRDs = true;
|
||||
# };
|
||||
|
||||
longhorn = {
|
||||
chart = nixhelm.chartsDerivations.${system}.longhorn.longhorn;
|
||||
|
@ -76,6 +76,7 @@
|
|||
inbucket = { };
|
||||
dns = { };
|
||||
media = { };
|
||||
traefik = { };
|
||||
};
|
||||
|
||||
nodes =
|
||||
|
|
|
@ -1,22 +0,0 @@
|
|||
{
|
||||
kubernetes.resources = {
|
||||
services.ek2024.spec = {
|
||||
type = "ExternalName";
|
||||
externalName = "ek2024.dmz";
|
||||
|
||||
ports.web = {
|
||||
port = 80;
|
||||
targetPort = 80;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
lab.ingresses.ek2024 = {
|
||||
host = "ek2024.kun.is";
|
||||
|
||||
service = {
|
||||
name = "ek2024";
|
||||
portName = "web";
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,22 +0,0 @@
|
|||
{
|
||||
kubernetes.resources = {
|
||||
services.esrom.spec = {
|
||||
type = "ExternalName";
|
||||
externalName = "esrom.dmz";
|
||||
|
||||
ports.web = {
|
||||
port = 80;
|
||||
targetPort = 80;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
lab.ingresses.esrom = {
|
||||
host = "esrom.kun.is";
|
||||
|
||||
service = {
|
||||
name = "esrom";
|
||||
portName = "web";
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,34 +1,78 @@
|
|||
{ lib, myLib, ... }: {
|
||||
kubernetes.resources.helmChartConfigs = {
|
||||
traefik = {
|
||||
metadata.namespace = "kube-system";
|
||||
kubernetes.resources = {
|
||||
helmChartConfigs = {
|
||||
traefik = {
|
||||
metadata.namespace = lib.mkForce "kube-system";
|
||||
|
||||
# Override Traefik's service with a static load balancer IP.
|
||||
# Create endpoint for HTTPS on port 444.
|
||||
# Allow external name services for esrom.
|
||||
spec.valuesContent = lib.generators.toYAML { } {
|
||||
# service.annotations."metallb.universe.tf/loadBalancerIPs" = myLib.globals.traefikIPv4;
|
||||
providers.kubernetesIngress.allowExternalNameServices = true;
|
||||
service.loadBalancerIP = myLib.globals.traefikIPv4;
|
||||
# Override Traefik's service with a static load balancer IP.
|
||||
# Create endpoint for HTTPS on port 444.
|
||||
# Allow external name services for servers in LAN.
|
||||
spec.valuesContent = lib.generators.toYAML { } {
|
||||
# service.annotations."metallb.universe.tf/loadBalancerIPs" = myLib.globals.traefikIPv4;
|
||||
providers.kubernetesIngress.allowExternalNameServices = true;
|
||||
service.loadBalancerIP = myLib.globals.traefikIPv4;
|
||||
|
||||
ports = {
|
||||
localsecure = {
|
||||
port = 8444;
|
||||
expose = true;
|
||||
exposedPort = 444;
|
||||
protocol = "TCP";
|
||||
ports = {
|
||||
localsecure = {
|
||||
port = 8444;
|
||||
expose = true;
|
||||
exposedPort = 444;
|
||||
protocol = "TCP";
|
||||
|
||||
tls = {
|
||||
enabled = true;
|
||||
options = "";
|
||||
certResolver = "";
|
||||
domains = [ ];
|
||||
tls = {
|
||||
enabled = true;
|
||||
options = "";
|
||||
certResolver = "";
|
||||
domains = [ ];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
web.redirectTo = "websecure";
|
||||
web.redirectTo = "websecure";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
services = {
|
||||
ek2024.spec = {
|
||||
type = "ExternalName";
|
||||
externalName = "ek2024.dmz";
|
||||
|
||||
ports.web = {
|
||||
port = 80;
|
||||
targetPort = 80;
|
||||
};
|
||||
};
|
||||
|
||||
esrom.spec = {
|
||||
type = "ExternalName";
|
||||
externalName = "esrom.dmz";
|
||||
|
||||
ports.web = {
|
||||
port = 80;
|
||||
targetPort = 80;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
lab.ingresses = {
|
||||
ek2024 = {
|
||||
host = "ek2024.kun.is";
|
||||
|
||||
service = {
|
||||
name = "ek2024";
|
||||
portName = "web";
|
||||
};
|
||||
};
|
||||
|
||||
esrom = {
|
||||
host = "esrom.kun.is";
|
||||
|
||||
service = {
|
||||
name = "esrom";
|
||||
portName = "web";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue