feat(forgejo): Move to separate k8s namespace

2024-07-14 20:14:48 +02:00 · 2024-07-14 20:14:48 +02:00 · f606cb2f1c
commit f606cb2f1c
parent 17f507d277
6 changed files with 59 additions and 54 deletions
--- a/README.md
+++ b/README.md
@ -61,6 +61,7 @@ Currently, the applications being deployed like this are:
 - `nextcloud`
 - `hedgedoc`
 - `kitchenowl`
 - `forgejo`
 ## Known bugs
--- a/flake-parts/kubenix.nix
+++ b/flake-parts/kubenix.nix
@ -82,4 +82,6 @@
      "${self}/kubenix-modules/hedgedoc.nix" "hedgedoc" "hedgedoc";
    kubenix.kitchenowl = mkDeployScriptAndManifest
      "${self}/kubenix-modules/kitchenowl.nix" "kitchenowl" "kitchenowl";
    kubenix.forgejo = mkDeployScriptAndManifest
      "${self}/kubenix-modules/forgejo" "forgejo" "forgejo";
  })
--- a/kubenix-modules/all.nix
+++ b/kubenix-modules/all.nix
@ -4,7 +4,6 @@ let
    ./syncthing.nix
    ./pihole.nix
    ./paperless.nix
    ./forgejo
    ./media.nix
    ./bind9
    ./dnsmasq.nix
--- a/kubenix-modules/base.nix
+++ b/kubenix-modules/base.nix
@ -69,6 +69,7 @@
          nextcloud = { };
          hedgedoc = { };
          kitchenowl = { };
          forgejo = { };
        };
        nodes =
--- a/kubenix-modules/forgejo/default.nix
+++ b/kubenix-modules/forgejo/default.nix
@ -1,71 +1,68 @@
 { lib, myLib, ... }: {
  kubernetes.resources = {
    configMaps = {
-      forgejo-config.data = {
+      config.data = {
        config = lib.generators.toINI { } (import ./config.nix);
      };
      forgejo-env.data = {
        USER_UID = "1000";
        USER_GID = "1000";
      };
    };
-    deployments.forgejo = {
+    deployments.server.spec = {
-      metadata.labels = {
+      selector.matchLabels.app = "forgejo";
-        app = "forgejo";
+
-        component = "forgejo";
+      strategy = {
        type = "RollingUpdate";
        rollingUpdate = {
          maxSurge = 0;
          maxUnavailable = 1;
        };
      };
-      spec = {
+      template = {
-        selector.matchLabels.app = "forgejo";
+        metadata.labels.app = "forgejo";
-        strategy = {
+        spec = {
-          type = "RollingUpdate";
+          # This disables services from becoming environmental variables
          # to prevent SSH_PORT clashing with Forgejo config.
          enableServiceLinks = false;
-          rollingUpdate = {
+          containers.forgejo = {
-            maxSurge = 0;
+            image = "codeberg.org/forgejo/forgejo:7.0.5";
-            maxUnavailable = 1;
+            imagePullPolicy = "Always";
            env = {
              USER_UID.value = "1000";
              USER_GID.value = "1000";
            };
            ports = {
              web.containerPort = 3000;
              ssh.containerPort = 22;
            };
            volumeMounts = [
              {
                name = "data";
                mountPath = "/data";
              }
              {
                name = "config";
                mountPath = "/data/gitea/conf/app.ini";
                subPath = "config";
              }
            ];
          };
        };
-        template = {
+          volumes = {
-          metadata.labels.app = "forgejo";
+            data.persistentVolumeClaim.claimName = "data";
-
+            config.configMap.name = "config";
          spec = {
            containers.forgejo = {
              image = "codeberg.org/forgejo/forgejo:7.0.5";
              envFrom = [{ configMapRef.name = "forgejo-env"; }];
              ports = {
                web.containerPort = 3000;
                ssh.containerPort = 22;
              };
              volumeMounts = [
                {
                  name = "data";
                  mountPath = "/data";
                }
                {
                  name = "config";
                  mountPath = "/data/gitea/conf/app.ini";
                  subPath = "config";
                }
              ];
            };
            volumes = {
              data.persistentVolumeClaim.claimName = "forgejo";
              config.configMap.name = "forgejo-config";
            };
          };
        };
      };
    };
    services = {
-      forgejo-web.spec = {
+      web.spec = {
        selector.app = "forgejo";
        ports.web = {
@ -74,7 +71,7 @@
        };
      };
-      forgejo-ssh.spec = {
+      ssh.spec = {
        type = "LoadBalancer";
        loadBalancerIP = myLib.globals.gitIPv4;
        selector.app = "forgejo";
@ -88,13 +85,18 @@
  };
  lab = {
-    ingresses.forgejo = {
+    ingresses.web = {
      host = "git.kun.is";
      service = {
-        name = "forgejo-web";
+        name = "web";
        portName = "web";
      };
    };
    longhorn.persistentVolumeClaim.data = {
      volumeName = "forgejo";
      storage = "20Gi";
    };
  };
 }
--- a/kubenix-modules/volumes.nix
+++ b/kubenix-modules/volumes.nix
@ -17,7 +17,6 @@
      minecraft.storage = "1Gi";
      pihole-data.storage = "750Mi";
      pihole-dnsmasq.storage = "16Mi";
      forgejo.storage = "20Gi";
      syncthing.storage = "400Mi";
      paperless-data.storage = "10Gi";
      paperless-redisdata.storage = "20Mi";
@ -45,6 +44,7 @@
      hedgedoc-uploads.storage = "50Mi";
      hedgedoc-db.storage = "100Mi";
      kitchenowl.storage = "100Mi";
      forgejo.storage = "20Gi";
    };
    nfsVolumes = {