From f606cb2f1c7d21c43181ea7e64edb97a9ab92091 Mon Sep 17 00:00:00 2001 From: Pim Kunis Date: Sun, 14 Jul 2024 20:14:48 +0200 Subject: [PATCH] feat(forgejo): Move to separate k8s namespace --- README.md | 1 + flake-parts/kubenix.nix | 2 + kubenix-modules/all.nix | 1 - kubenix-modules/base.nix | 1 + kubenix-modules/forgejo/default.nix | 106 ++++++++++++++-------------- kubenix-modules/volumes.nix | 2 +- 6 files changed, 59 insertions(+), 54 deletions(-) diff --git a/README.md b/README.md index 578cf99..b513cc6 100644 --- a/README.md +++ b/README.md @@ -61,6 +61,7 @@ Currently, the applications being deployed like this are: - `nextcloud` - `hedgedoc` - `kitchenowl` +- `forgejo` ## Known bugs diff --git a/flake-parts/kubenix.nix b/flake-parts/kubenix.nix index 9906434..967fa02 100644 --- a/flake-parts/kubenix.nix +++ b/flake-parts/kubenix.nix @@ -82,4 +82,6 @@ "${self}/kubenix-modules/hedgedoc.nix" "hedgedoc" "hedgedoc"; kubenix.kitchenowl = mkDeployScriptAndManifest "${self}/kubenix-modules/kitchenowl.nix" "kitchenowl" "kitchenowl"; + kubenix.forgejo = mkDeployScriptAndManifest + "${self}/kubenix-modules/forgejo" "forgejo" "forgejo"; }) diff --git a/kubenix-modules/all.nix b/kubenix-modules/all.nix index 033e366..d090f6c 100644 --- a/kubenix-modules/all.nix +++ b/kubenix-modules/all.nix @@ -4,7 +4,6 @@ let ./syncthing.nix ./pihole.nix ./paperless.nix - ./forgejo ./media.nix ./bind9 ./dnsmasq.nix diff --git a/kubenix-modules/base.nix b/kubenix-modules/base.nix index 968a3a6..a26bf78 100644 --- a/kubenix-modules/base.nix +++ b/kubenix-modules/base.nix @@ -69,6 +69,7 @@ nextcloud = { }; hedgedoc = { }; kitchenowl = { }; + forgejo = { }; }; nodes = diff --git a/kubenix-modules/forgejo/default.nix b/kubenix-modules/forgejo/default.nix index 0fca6d7..2dc1cf8 100644 --- a/kubenix-modules/forgejo/default.nix +++ b/kubenix-modules/forgejo/default.nix @@ -1,71 +1,68 @@ { lib, myLib, ... }: { kubernetes.resources = { configMaps = { - forgejo-config.data = { + config.data = { config = lib.generators.toINI { } (import ./config.nix); }; - - forgejo-env.data = { - USER_UID = "1000"; - USER_GID = "1000"; - }; }; - deployments.forgejo = { - metadata.labels = { - app = "forgejo"; - component = "forgejo"; + deployments.server.spec = { + selector.matchLabels.app = "forgejo"; + + strategy = { + type = "RollingUpdate"; + + rollingUpdate = { + maxSurge = 0; + maxUnavailable = 1; + }; }; - spec = { - selector.matchLabels.app = "forgejo"; + template = { + metadata.labels.app = "forgejo"; - strategy = { - type = "RollingUpdate"; + spec = { + # This disables services from becoming environmental variables + # to prevent SSH_PORT clashing with Forgejo config. + enableServiceLinks = false; - rollingUpdate = { - maxSurge = 0; - maxUnavailable = 1; + containers.forgejo = { + image = "codeberg.org/forgejo/forgejo:7.0.5"; + imagePullPolicy = "Always"; + + env = { + USER_UID.value = "1000"; + USER_GID.value = "1000"; + }; + + ports = { + web.containerPort = 3000; + ssh.containerPort = 22; + }; + + volumeMounts = [ + { + name = "data"; + mountPath = "/data"; + } + { + name = "config"; + mountPath = "/data/gitea/conf/app.ini"; + subPath = "config"; + } + ]; }; - }; - template = { - metadata.labels.app = "forgejo"; - - spec = { - containers.forgejo = { - image = "codeberg.org/forgejo/forgejo:7.0.5"; - envFrom = [{ configMapRef.name = "forgejo-env"; }]; - - ports = { - web.containerPort = 3000; - ssh.containerPort = 22; - }; - - volumeMounts = [ - { - name = "data"; - mountPath = "/data"; - } - { - name = "config"; - mountPath = "/data/gitea/conf/app.ini"; - subPath = "config"; - } - ]; - }; - - volumes = { - data.persistentVolumeClaim.claimName = "forgejo"; - config.configMap.name = "forgejo-config"; - }; + volumes = { + data.persistentVolumeClaim.claimName = "data"; + config.configMap.name = "config"; }; }; }; }; services = { - forgejo-web.spec = { + web.spec = { selector.app = "forgejo"; ports.web = { @@ -74,7 +71,7 @@ }; }; - forgejo-ssh.spec = { + ssh.spec = { type = "LoadBalancer"; loadBalancerIP = myLib.globals.gitIPv4; selector.app = "forgejo"; @@ -88,13 +85,18 @@ }; lab = { - ingresses.forgejo = { + ingresses.web = { host = "git.kun.is"; service = { - name = "forgejo-web"; + name = "web"; portName = "web"; }; }; + + longhorn.persistentVolumeClaim.data = { + volumeName = "forgejo"; + storage = "20Gi"; + }; }; } diff --git a/kubenix-modules/volumes.nix b/kubenix-modules/volumes.nix index 1747d59..f178c5c 100644 --- a/kubenix-modules/volumes.nix +++ b/kubenix-modules/volumes.nix @@ -17,7 +17,6 @@ minecraft.storage = "1Gi"; pihole-data.storage = "750Mi"; pihole-dnsmasq.storage = "16Mi"; - forgejo.storage = "20Gi"; syncthing.storage = "400Mi"; paperless-data.storage = "10Gi"; paperless-redisdata.storage = "20Mi"; @@ -45,6 +44,7 @@ hedgedoc-uploads.storage = "50Mi"; hedgedoc-db.storage = "100Mi"; kitchenowl.storage = "100Mi"; + forgejo.storage = "20Gi"; }; nfsVolumes = {