{ self, pkgs, machines, dns, myLib, flake-utils, kubenix, nixhelm, blog-pim, ... }: flake-utils.lib.eachDefaultSystem (system: let deployScript = (pkgs.writeScriptBin "applyset-deploy.sh" (builtins.readFile ./applyset-deploy.sh)).overrideAttrs (old: { buildCommand = "${old.buildCommand}\npatchShebangs $out"; }); mkKubernetes = name: module: namespace: (kubenix.evalModules.${system} { specialArgs = { inherit namespace myLib blog-pim dns nixhelm system machines; }; module = { kubenix, ... }: { imports = [ kubenix.modules.k8s kubenix.modules.helm "${self}/kubenix-modules/custom" "${self}/kubenix-modules/custom-types.nix" module ]; config = { kubenix.project = name; kubernetes.namespace = namespace; }; }; }).config.kubernetes; mkManifest = name: { module, namespace }: { manifest = (mkKubernetes name module namespace).result; }; mkDeployApp = name: { module, namespace }: let kubernetes = mkKubernetes name module namespace; kubeconfig = kubernetes.kubeconfig or ""; result = kubernetes.result or ""; wrappedDeployScript = pkgs.symlinkJoin { name = "applyset-deploy.sh"; paths = [ deployScript pkgs.vals pkgs.kubectl ]; buildInputs = [ pkgs.makeWrapper ]; passthru.manifest = result; meta.mainProgram = "applyset-deploy.sh"; postBuild = '' wrapProgram $out/bin/applyset-deploy.sh \ --suffix PATH : "$out/bin" \ --run 'export KUBECONFIG=''${KUBECONFIG:-${toString kubeconfig}}' \ --set MANIFEST '${result}' \ --set APPLYSET 'applyset-${name}' \ --set NAMESPACE '${namespace}' ''; }; in { deploy = { type = "app"; program = "${pkgs.lib.getExe wrappedDeployScript}"; }; }; deployers = { bootstrap-default = { module = "${self}/kubenix-modules/bootstrap-default.nix"; namespace = "default"; }; bootstrap-kube-system = { module = "${self}/kubenix-modules/bootstrap-kube-system.nix"; namespace = "kube-system"; }; cyberchef = { module = "${self}/kubenix-modules/cyberchef.nix"; namespace = "static-websites"; }; freshrss = { module = "${self}/kubenix-modules/freshrss.nix"; namespace = "freshrss"; }; radicale = { module = "${self}/kubenix-modules/radicale.nix"; namespace = "radicale"; }; kms = { module = "${self}/kubenix-modules/kms.nix"; namespace = "kms"; }; atuin = { module = "${self}/kubenix-modules/atuin.nix"; namespace = "atuin"; }; blog = { module = "${self}/kubenix-modules/blog.nix"; namespace = "static-websites"; }; nextcloud = { module = "${self}/kubenix-modules/nextcloud.nix"; namespace = "nextcloud"; }; hedgedoc = { module = "${self}/kubenix-modules/hedgedoc.nix"; namespace = "hedgedoc"; }; kitchenowl = { module = "${self}/kubenix-modules/kitchenowl.nix"; namespace = "kitchenowl"; }; forgejo = { module = "${self}/kubenix-modules/forgejo"; namespace = "forgejo"; }; paperless = { module = "${self}/kubenix-modules/paperless.nix"; namespace = "paperless"; }; syncthing = { module = "${self}/kubenix-modules/syncthing.nix"; namespace = "syncthing"; }; pihole = { module = "${self}/kubenix-modules/pihole.nix"; namespace = "dns"; }; immich = { module = "${self}/kubenix-modules/immich.nix"; namespace = "immich"; }; attic = { module = "${self}/kubenix-modules/attic.nix"; namespace = "attic"; }; inbucket = { module = "${self}/kubenix-modules/inbucket.nix"; namespace = "inbucket"; }; dnsmasq = { module = "${self}/kubenix-modules/dnsmasq.nix"; namespace = "dns"; }; bind9 = { module = "${self}/kubenix-modules/bind9"; namespace = "dns"; }; media = { module = "${self}/kubenix-modules/media.nix"; namespace = "media"; }; traefik = { module = "${self}/kubenix-modules/traefik.nix"; namespace = "kube-system"; }; minecraft = { module = "${self}/kubenix-modules/minecraft.nix"; namespace = "minecraft"; }; }; in { apps = builtins.mapAttrs mkDeployApp deployers; packages = builtins.mapAttrs mkManifest deployers; })