feat(forgejo): Move to separate k8s namespace

2024-07-14 20:14:48 +02:00 · 2024-07-14 20:14:48 +02:00 · f606cb2f1c
commit f606cb2f1c
parent 17f507d277
6 changed files with 59 additions and 54 deletions
--- a/kubenix-modules/forgejo/default.nix
+++ b/kubenix-modules/forgejo/default.nix
@ -1,71 +1,68 @@
 { lib, myLib, ... }: {
  kubernetes.resources = {
    configMaps = {
-      forgejo-config.data = {
+      config.data = {
        config = lib.generators.toINI { } (import ./config.nix);
      };
-
-      forgejo-env.data = {
-        USER_UID = "1000";
-        USER_GID = "1000";
-      };
    };

-    deployments.forgejo = {
-      metadata.labels = {
-        app = "forgejo";
-        component = "forgejo";
+    deployments.server.spec = {
+      selector.matchLabels.app = "forgejo";
+
+      strategy = {
+        type = "RollingUpdate";
+
+        rollingUpdate = {
+          maxSurge = 0;
+          maxUnavailable = 1;
+        };
      };

-      spec = {
-        selector.matchLabels.app = "forgejo";
+      template = {
+        metadata.labels.app = "forgejo";

-        strategy = {
-          type = "RollingUpdate";
+        spec = {
+          # This disables services from becoming environmental variables
+          # to prevent SSH_PORT clashing with Forgejo config.
+          enableServiceLinks = false;

-          rollingUpdate = {
-            maxSurge = 0;
-            maxUnavailable = 1;
+          containers.forgejo = {
+            image = "codeberg.org/forgejo/forgejo:7.0.5";
+            imagePullPolicy = "Always";
+
+            env = {
+              USER_UID.value = "1000";
+              USER_GID.value = "1000";
+            };
+
+            ports = {
+              web.containerPort = 3000;
+              ssh.containerPort = 22;
+            };
+
+            volumeMounts = [
+              {
+                name = "data";
+                mountPath = "/data";
+              }
+              {
+                name = "config";
+                mountPath = "/data/gitea/conf/app.ini";
+                subPath = "config";
+              }
+            ];
          };
-        };

-        template = {
-          metadata.labels.app = "forgejo";
-
-          spec = {
-            containers.forgejo = {
-              image = "codeberg.org/forgejo/forgejo:7.0.5";
-              envFrom = [{ configMapRef.name = "forgejo-env"; }];
-
-              ports = {
-                web.containerPort = 3000;
-                ssh.containerPort = 22;
-              };
-
-              volumeMounts = [
-                {
-                  name = "data";
-                  mountPath = "/data";
-                }
-                {
-                  name = "config";
-                  mountPath = "/data/gitea/conf/app.ini";
-                  subPath = "config";
-                }
-              ];
-            };
-
-            volumes = {
-              data.persistentVolumeClaim.claimName = "forgejo";
-              config.configMap.name = "forgejo-config";
-            };
+          volumes = {
+            data.persistentVolumeClaim.claimName = "data";
+            config.configMap.name = "config";
          };
        };
      };
    };

    services = {
-      forgejo-web.spec = {
+      web.spec = {
        selector.app = "forgejo";

        ports.web = {
@ -74,7 +71,7 @@
        };
      };

-      forgejo-ssh.spec = {
+      ssh.spec = {
        type = "LoadBalancer";
        loadBalancerIP = myLib.globals.gitIPv4;
        selector.app = "forgejo";
@ -88,13 +85,18 @@
  };

  lab = {
-    ingresses.forgejo = {
+    ingresses.web = {
      host = "git.kun.is";

      service = {
-        name = "forgejo-web";
+        name = "web";
        portName = "web";
      };
    };
+
+    longhorn.persistentVolumeClaim.data = {
+      volumeName = "forgejo";
+      storage = "20Gi";
+    };
  };
 }