{ self, flake-utils, kubenix, nixhelm, ... }: flake-utils.lib.eachDefaultSystem (system: { kubenix = kubenix.packages.${system}.default.override { specialArgs.flake = self; module = { kubenix, ... }: { imports = [ kubenix.modules.k8s kubenix.modules.helm # ./freshrss.nix ./cyberchef.nix ]; kubernetes.kubeconfig = "~/.kube/config"; kubenix.project = "home"; kubernetes = { # namespace = "kubenix"; customTypes = { # HACK: These are dummy custom types. # This is needed, because the CRDs imported as a chart are not available as Nix modules. # There is no nix-based validation on resources defined using these types! # See: https://github.com/hall/kubenix/issues/34 ipAddressPool = { attrName = "ipAddressPools"; group = "metallb.io"; version = "v1beta1"; kind = "IPAddressPool"; }; l2Advertisement = { attrName = "l2Advertisements"; group = "metallb.io"; version = "v1beta1"; kind = "L2Advertisement"; }; }; resources = { # namespaces = { # kubenix = { }; # metallb-system.metadata.labels = { # "pod-security.kubernetes.io/enforce" = "privileged"; # "pod-security.kubernetes.io/audit" = "privileged"; # "pod-security.kubernetes.io/warn" = "privileged"; # }; # }; ipAddressPools.main = { # metadata.namespace = "metallb-system"; spec.addresses = [ "192.168.30.128-192.168.30.200" ]; }; # l2Advertisements.main.metadata.namespace = "metallb-system"; l2Advertisements.main.metadata = { }; }; helm.releases.metallb = { chart = nixhelm.chartsDerivations.${system}.metallb.metallb; # namespace = "metallb-system"; includeCRDs = true; }; }; }; }; })