nixos-servers/kubenix-modules/kitchenowl.nix

{
  kubernetes.resources = {
    configMaps.kitchenowl.data = {
      BACK_URL = "kitchenowl-backend.default.svc.cluster.local:5000";
    };

    secrets.kitchenowl.stringData.jwtSecretKey = "ref+sops://secrets/sops.yaml#/kitchenowl/jwtSecretKey";

    deployments = {
      # TODO: this is quite a lot of boilerplate to create these deployments
      # Create custom nixos module for this?
      kitchenowl-frontend = {
        metadata.labels = {
          app = "kitchenowl";
          component = "frontend";
        };

        spec = {
          selector.matchLabels = {
            app = "kitchenowl";
            component = "frontend";
          };

          template = {
            metadata.labels = {
              app = "kitchenowl";
              component = "frontend";
            };

            spec.containers.kitchenowl-frontend = {
              image = "tombursch/kitchenowl-web:v0.4.20";
              envFrom = [{ configMapRef.name = "kitchenowl"; }];

              ports = [{
                containerPort = 80;
                protocol = "TCP";
              }];
            };
          };
        };
      };

      kitchenowl-backend = {
        metadata.labels = {
          app = "kitchenowl";
          component = "backend";
        };

        spec = {
          selector.matchLabels = {
            app = "kitchenowl";
            component = "backend";
          };

          template = {
            metadata.labels = {
              app = "kitchenowl";
              component = "backend";
            };

            spec = {
              containers.kitchenowl-backend = {
                image = "tombursch/kitchenowl:v92";

                ports = [{
                  containerPort = 5000;
                  protocol = "TCP";
                }];

                volumeMounts = [{
                  name = "data";
                  mountPath = "/data";
                }];
              };

              volumes = [{
                name = "data";
                persistentVolumeClaim.claimName = "kitchenowl";
              }];
            };
          };
        };
      };
    };

    persistentVolumes.kitchenowl.spec = {
      capacity.storage = "1Mi";
      accessModes = [ "ReadWriteMany" ];

      nfs = {
        server = "lewis.dmz";
        path = "/mnt/data/nfs/kitchenowl/data";
      };
    };

    persistentVolumeClaims.kitchenowl.spec = {
      accessModes = [ "ReadWriteMany" ];
      storageClassName = "";
      resources.requests.storage = "1Mi";
      volumeName = "kitchenowl";
    };

    services = {
      kitchenowl-web.spec = {
        selector = {
          app = "kitchenowl";
          component = "frontend";
        };

        ports = [{
          protocol = "TCP";
          port = 80;
          targetPort = 80;
        }];
      };

      kitchenowl-backend.spec = {
        selector = {
          app = "kitchenowl";
          component = "backend";
        };

        ports = [{
          protocol = "TCP";
          port = 5000;
          targetPort = 5000;
        }];
      };
    };

    ingresses.kitchenowl = {
      metadata.annotations."cert-manager.io/cluster-issuer" = "letsencrypt";

      spec = {
        ingressClassName = "traefik";

        rules = [{
          host = "boodschappen.kun.is";

          http.paths = [{
            path = "/";
            pathType = "Prefix";

            backend.service = {
              name = "kitchenowl-web";
              port.number = 80;
            };
          }];
        }];

        tls = [{
          secretName = "kitchenowl-tls";
          hosts = [ "boodschappen.kun.is" ];
        }];
      };
    };
  };
}