{ self, flake-utils, kubenix, nixhelm, ... }: flake-utils.lib.eachDefaultSystem (system: { kubenix = kubenix.packages.${system}.default.override { specialArgs.flake = self; module = { kubenix, ... }: { imports = [ kubenix.modules.k8s kubenix.modules.helm ./freshrss.nix ./cyberchef.nix ./kms.nix ./inbucket.nix ./radicale.nix ./syncthing.nix ./nextcloud.nix ./pihole.nix ]; kubernetes.kubeconfig = "~/.kube/config"; kubenix.project = "home"; kubernetes = { customTypes = { # HACK: These are dummy custom types. # This is needed, because the CRDs imported as a chart are not available as Nix modules. # There is no nix-based validation on resources defined using these types! # See: https://github.com/hall/kubenix/issues/34 ipAddressPool = { attrName = "ipAddressPools"; group = "metallb.io"; version = "v1beta1"; kind = "IPAddressPool"; }; l2Advertisement = { attrName = "l2Advertisements"; group = "metallb.io"; version = "v1beta1"; kind = "L2Advertisement"; }; helmChartConfig = { attrName = "helmChartConfigs"; group = "helm.cattle.io"; version = "v1"; kind = "HelmChartConfig"; }; }; resources = { ipAddressPools.main.spec.addresses = [ "192.168.30.128-192.168.30.200" ]; l2Advertisements.main.metadata = { }; # Override Traefik's service with a static load balancer IP. helmChartConfigs.traefik = { metadata.namespace = "kube-system"; spec.valuesContent = '' service: spec: loadBalancerIP: "192.168.30.128" ''; }; }; helm.releases.metallb = { chart = nixhelm.chartsDerivations.${system}.metallb.metallb; includeCRDs = true; }; }; }; }; })