67 lines
2.1 KiB
Nix
67 lines
2.1 KiB
Nix
{ self, flake-utils, kubenix, nixhelm, ... }: flake-utils.lib.eachDefaultSystem
|
|
(system: {
|
|
kubenix = kubenix.packages.${system}.default.override {
|
|
specialArgs.flake = self;
|
|
|
|
module = { kubenix, ... }: {
|
|
imports = [
|
|
kubenix.modules.k8s
|
|
kubenix.modules.helm
|
|
./freshrss.nix
|
|
./cyberchef.nix
|
|
];
|
|
kubernetes.kubeconfig = "~/.kube/config";
|
|
kubenix.project = "home";
|
|
|
|
kubernetes = {
|
|
# namespace = "kubenix";
|
|
|
|
customTypes = {
|
|
# HACK: These are dummy custom types.
|
|
# This is needed, because the CRDs imported as a chart are not available as Nix modules.
|
|
# There is no nix-based validation on resources defined using these types!
|
|
# See: https://github.com/hall/kubenix/issues/34
|
|
ipAddressPool = {
|
|
attrName = "ipAddressPools";
|
|
group = "metallb.io";
|
|
version = "v1beta1";
|
|
kind = "IPAddressPool";
|
|
};
|
|
|
|
l2Advertisement = {
|
|
attrName = "l2Advertisements";
|
|
group = "metallb.io";
|
|
version = "v1beta1";
|
|
kind = "L2Advertisement";
|
|
};
|
|
};
|
|
|
|
resources = {
|
|
# namespaces = {
|
|
# kubenix = { };
|
|
|
|
# metallb-system.metadata.labels = {
|
|
# "pod-security.kubernetes.io/enforce" = "privileged";
|
|
# "pod-security.kubernetes.io/audit" = "privileged";
|
|
# "pod-security.kubernetes.io/warn" = "privileged";
|
|
# };
|
|
# };
|
|
|
|
ipAddressPools.main = {
|
|
# metadata.namespace = "metallb-system";
|
|
spec.addresses = [ "192.168.30.128-192.168.30.200" ];
|
|
};
|
|
|
|
# l2Advertisements.main.metadata.namespace = "metallb-system";
|
|
l2Advertisements.main.metadata = { };
|
|
};
|
|
|
|
helm.releases.metallb = {
|
|
chart = nixhelm.chartsDerivations.${system}.metallb.metallb;
|
|
# namespace = "metallb-system";
|
|
includeCRDs = true;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
})
|