feat(longhorn): Reference PV from PVC

refactor(freshrss): Rename k8s resources
This commit is contained in:
Pim Kunis 2024-07-14 12:25:20 +02:00
parent 07bd2e1e01
commit e724ff94a9
3 changed files with 129 additions and 53 deletions

View file

@ -12,6 +12,28 @@ let
}; };
}; };
}; };
longhornPVOpts = { name, ... }: {
options = {
storage = lib.mkOption {
type = lib.types.str;
};
};
};
longhornPVCOpts = { name, ... }: {
options = {
volumeName = lib.mkOption {
type = lib.types.str;
default = name;
};
# TODO: ideally we take this from the longhornPV so we don't duplicate this information.
storage = lib.mkOption {
type = lib.types.str;
};
};
};
in in
{ {
options = { options = {
@ -19,55 +41,109 @@ in
type = with lib.types; attrsOf (submodule longhornVolumeOpts); type = with lib.types; attrsOf (submodule longhornVolumeOpts);
default = { }; default = { };
}; };
lab.longhorn = {
persistentVolume = lib.mkOption {
type = with lib.types; attrsOf (submodule longhornPVOpts);
default = { };
};
persistentVolumeClaim = lib.mkOption {
type = with lib.types; attrsOf (submodule longhornPVCOpts);
default = { };
};
};
}; };
config = { config = {
kubernetes.resources = { kubernetes.resources = {
persistentVolumes = builtins.mapAttrs persistentVolumes = lib.mergeAttrs
(name: longhornVolume: { (builtins.mapAttrs
spec = { (name: longhornVolume: {
accessModes = [ "ReadWriteOnce" ]; spec = {
capacity.storage = longhornVolume.storage; accessModes = [ "ReadWriteOnce" ];
persistentVolumeReclaimPolicy = "Delete"; capacity.storage = longhornVolume.storage;
volumeMode = "Filesystem"; persistentVolumeReclaimPolicy = "Delete";
volumeMode = "Filesystem";
claimRef = { claimRef = {
inherit name; inherit name;
namespace = longhornVolume.namespace; namespace = longhornVolume.namespace;
}; };
csi = { csi = {
driver = "driver.longhorn.io"; driver = "driver.longhorn.io";
fsType = "ext4";
volumeHandle = name;
volumeAttributes = {
dataLocality = "disabled";
fromBackup = "";
fsType = "ext4"; fsType = "ext4";
numberOfReplicas = "2"; volumeHandle = name;
staleReplicaTimeout = "30";
unmapMarkSnapChainRemoved = "ignored";
recurringJobSelector = lib.generators.toYAML { } [{ volumeAttributes = {
name = "backup-nfs"; dataLocality = "disabled";
isGroup = false; fromBackup = "";
}]; fsType = "ext4";
numberOfReplicas = "2";
staleReplicaTimeout = "30";
unmapMarkSnapChainRemoved = "ignored";
recurringJobSelector = lib.generators.toYAML { } [{
name = "backup-nfs";
isGroup = false;
}];
};
}; };
}; };
}; })
}) config.lab.longhornVolumes)
config.lab.longhornVolumes; (builtins.mapAttrs
(name: longhornPV: {
spec = {
accessModes = [ "ReadWriteOnce" ];
capacity.storage = longhornPV.storage;
persistentVolumeReclaimPolicy = "Delete";
volumeMode = "Filesystem";
persistentVolumeClaims = builtins.mapAttrs csi = {
(name: longhornVolume: { driver = "driver.longhorn.io";
spec = { fsType = "ext4";
accessModes = [ "ReadWriteOnce" ]; volumeHandle = name;
resources.requests.storage = longhornVolume.storage;
storageClassName = ""; volumeAttributes = {
}; dataLocality = "disabled";
}) fromBackup = "";
config.lab.longhornVolumes; fsType = "ext4";
numberOfReplicas = "2";
staleReplicaTimeout = "30";
unmapMarkSnapChainRemoved = "ignored";
recurringJobSelector = lib.generators.toYAML { } [{
name = "backup-nfs";
isGroup = false;
}];
};
};
};
})
config.lab.longhorn.persistentVolume);
persistentVolumeClaims = lib.mergeAttrs
(builtins.mapAttrs
(name: longhornVolume: {
spec = {
accessModes = [ "ReadWriteOnce" ];
resources.requests.storage = longhornVolume.storage;
storageClassName = "";
};
})
config.lab.longhornVolumes)
(builtins.mapAttrs
(name: longhornPVC: {
spec = {
accessModes = [ "ReadWriteOnce" ];
resources.requests.storage = longhornPVC.storage;
storageClassName = "";
volumeName = longhornPVC.volumeName;
};
})
config.lab.longhorn.persistentVolumeClaim);
}; };
}; };
} }

View file

@ -1,8 +1,8 @@
{ namespace, ... }: { {
kubernetes.resources = { kubernetes.resources = {
secrets.freshrss.stringData.adminPassword = "ref+sops://secrets/kubernetes.yaml#/freshrss/password"; secrets.server.stringData.adminPassword = "ref+sops://secrets/kubernetes.yaml#/freshrss/password";
deployments.freshrss = { deployments.server = {
metadata.labels.app = "freshrss"; metadata.labels.app = "freshrss";
spec = { spec = {
@ -33,12 +33,12 @@
PUBLISHED_PORT.value = "443"; PUBLISHED_PORT.value = "443";
ADMIN_PASSWORD.valueFrom.secretKeyRef = { ADMIN_PASSWORD.valueFrom.secretKeyRef = {
name = "freshrss"; name = "server";
key = "adminPassword"; key = "adminPassword";
}; };
ADMIN_API_PASSWORD.valueFrom.secretKeyRef = { ADMIN_API_PASSWORD.valueFrom.secretKeyRef = {
name = "freshrss"; name = "server";
key = "adminPassword"; key = "adminPassword";
}; };
}; };
@ -49,7 +49,7 @@
}]; }];
}; };
volumes.data.persistentVolumeClaim.claimName = "freshrss"; volumes.data.persistentVolumeClaim.claimName = "data";
securityContext = { securityContext = {
fsGroup = 33; fsGroup = 33;
@ -60,7 +60,7 @@
}; };
}; };
services.freshrss.spec = { services.web.spec = {
selector.app = "freshrss"; selector.app = "freshrss";
ports.web = { ports.web = {
@ -71,21 +71,18 @@
}; };
lab = { lab = {
ingresses.freshrss = { ingresses.web = {
host = "rss.kun.is"; host = "rss.kun.is";
service = { service = {
name = "freshrss"; name = "web";
portName = "web"; portName = "web";
}; };
}; };
# TODO: Maybe we should revisit this architecture? longhorn.persistentVolumeClaim.data = {
# The PVs are cluster-wide and should probably be defined elsewhere. volumeName = "freshrss";
# Then the PVC should reference the PV probably.
longhornVolumes.freshrss = {
storage = "1Gi"; storage = "1Gi";
inherit namespace;
}; };
}; };
} }

View file

@ -16,7 +16,6 @@
longhornVolumes = { longhornVolumes = {
hedgedoc-uploads.storage = "50Mi"; hedgedoc-uploads.storage = "50Mi";
hedgedoc-db.storage = "100Mi"; hedgedoc-db.storage = "100Mi";
# freshrss.storage = "1Gi";
radicale.storage = "200Mi"; radicale.storage = "200Mi";
minecraft.storage = "1Gi"; minecraft.storage = "1Gi";
nextcloud.storage = "50Gi"; nextcloud.storage = "50Gi";
@ -44,6 +43,10 @@
immich-db.storage = "5Gi"; immich-db.storage = "5Gi";
}; };
longhorn.persistentVolume = {
freshrss.storage = "1Gi";
};
nfsVolumes = { nfsVolumes = {
media.path = "media"; media.path = "media";
music.path = "media/music"; music.path = "media/music";