Port endpoints to nix

2023-12-24 01:10:36 +00:00 · 2023-12-24 01:10:36 +00:00 · 4a27c0b178
parent 681d6b6d34
commit 4a27c0b178
3 changed files with 51 additions and 48 deletions
--- a/homelab/endpoints.nix
+++ b/homelab/endpoints.nix
@ -0,0 +1,48 @@
+let
+  endpoints = {
+    "proxmox" = {
+      location = "100.100.75.80";
+      host = "proxmox.gmem.ca";
+      port = 8006;
+      protocol = "HTTPS";
+    };
+    "austin" = {
+      location = "192.168.50.237";
+      host = "austin.gmem.ca";
+      port = 8080;
+      protocol = "HTTP"; 
+    };
+  };
+in {
+  kubernetes.resources.services = builtins.mapAttrs (name: endpoint: {
+    spec = {
+      ports.${name} = {
+        port = endpoint.port;
+        targetPort = endpoint.port;
+      };
+    };
+  }) endpoints;
+  kubernetes.resources.endpoints = builtins.mapAttrs (name: endpoint: {
+    subsets = [ {
+      addresses = [ { ip = endpoint.location; } ];
+      ports = [ { name = name; port = endpoint.port; protocol = "TCP"; } ];
+    } ];
+  }) endpoints;
+  kubernetes.resources.ingresses = builtins.mapAttrs (name: endpoint: {
+    metadata = { name = name; annotations = {
+      "cert-manager.io/issuer" = "le-issuer";
+      "nginx.ingress.kubernetes.io/backend-protocol" = endpoint.protocol;
+    }; };
+    spec = {
+      tls = [ { hosts = [ endpoint.host ]; secretName = "gmem-ca-wildcard"; } ];
+      rules = [ { host = endpoint.host; http.paths = [
+        { path = "/"; pathType = "Prefix";
+          backend.service = {
+            name = name;
+            port.number = endpoint.port;
+          };
+        }
+      ];}];
+    };
+  }) endpoints;
+}
--- a/homelab/endpoints.yml
+++ b/homelab/endpoints.yml
@ -1,47 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: flood
-spec:
-  ports:
-  - name: http
-    port: 3000
-    targetPort: 3000
-  clusterIP: None
-  type: ClusterIP
---
-apiVersion: v1
-kind: Endpoints
-metadata:
-  name: flood
-subsets:
- addresses:
-  - ip: 192.168.50.205
-  ports:
-  - name: flood
-    port: 3000
-    protocol: TCP
---
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: request-media
-  annotations:
-    cert-manager.io/issuer: "le-issuer"
-  namespace: default
-spec:
-  tls:
-  - hosts:
-    - flood.gmem.ca
-    secretName: gmem-ca-wildcard
-  rules:
-    - host: flood.gmem.ca
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name:  flood
-                port:
-                  number: 3000
--- a/homelab/kubernetes.nix
+++ b/homelab/kubernetes.nix
@ -6,5 +6,7 @@
              (import ./vrchat-prometheus-exporter.nix)
              (import ./overseerr.nix)
              (import ./immich.nix)
-              (import ./homepage.nix) ];
+              (import ./endpoints.nix)
+              (import ./homepage.nix)
+            ];
 }