arch/infra
arch/infra
1
0
Fork 0
Code Actions Packages Activity

Experimenting with kubenix

Browse source
This commit is contained in:
Gabriel Simmer 2023-10-19 12:47:18 +01:00
parent a73d60c4be
commit 86cfde1fce
Signed by: arch
SSH key fingerprint: SHA256:m3OEcdtrnBpMX+2BDGh/byv3hrCekCLzDYMdvGEKPPQ
4 changed files with 170 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

107
flake.lock
View file

@ -95,6 +95,22 @@
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"locked": {
"lastModified": 1688025799,
"narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=",
@ -148,7 +164,7 @@
},
"flake-utils_2": {
"inputs": {
"systems": "systems"
"systems": "systems_2"
},
"locked": {
"lastModified": 1694529238,
@ -220,6 +236,27 @@
"type": "github"
}
},
"kubenix": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": "nixpkgs_3",
"systems": "systems",
"treefmt": "treefmt"
},
"locked": {
"lastModified": 1697643920,
"narHash": "sha256-Ti/v3lWKNF2/5u3ARTDhhdr7ijUo/ZpefKAfr8OgsK4=",
"owner": "hall",
"repo": "kubenix",
"rev": "ea469ff77a49f6f3df420bfc6040c39e1b861d87",
"type": "github"
},
"original": {
"owner": "hall",
"repo": "kubenix",
"type": "github"
}
},
"lib-aggregate": {
"inputs": {
"flake-utils": "flake-utils_2",
@ -242,7 +279,7 @@
"nix-eval-jobs": {
"inputs": {
"flake-parts": "flake-parts",
"nixpkgs": "nixpkgs_5",
"nixpkgs": "nixpkgs_6",
"treefmt-nix": "treefmt-nix"
},
"locked": {
@ -261,7 +298,7 @@
},
"nixinate": {
"inputs": {
"nixpkgs": "nixpkgs_3"
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1688141737,
@ -346,7 +383,7 @@
},
"nixpkgs-wayland": {
"inputs": {
"flake-compat": "flake-compat",
"flake-compat": "flake-compat_2",
"lib-aggregate": "lib-aggregate",
"nix-eval-jobs": "nix-eval-jobs",
"nixpkgs": [
@ -384,6 +421,22 @@
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1686488075,
"narHash": "sha256-2otSBt2hbeD+5yY25NF3RhWx7l5SDt1aeU3cJ/9My4M=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9401a0c780b49faf6c28adf55764f230301d0dce",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1653060744,
"narHash": "sha256-kfRusllRumpt33J1hPV+CeCCylCXEU7e0gn2/cIM7cY=",
@ -399,7 +452,7 @@
"type": "github"
}
},
"nixpkgs_4": {
"nixpkgs_5": {
"locked": {
"lastModified": 1697379843,
"narHash": "sha256-RcnGuJgC2K/UpTy+d32piEoBXq2M+nVFzM3ah/ZdJzg=",
@ -415,7 +468,7 @@
"type": "github"
}
},
"nixpkgs_5": {
"nixpkgs_6": {
"locked": {
"lastModified": 1697417052,
"narHash": "sha256-QyFpNZ28H0IoWhbGxD4j2h3aYwap2l2rSWyoFue95sM=",
@ -431,7 +484,7 @@
"type": "github"
}
},
"nixpkgs_6": {
"nixpkgs_7": {
"locked": {
"lastModified": 1636823747,
"narHash": "sha256-oWo1nElRAOZqEf90Yek2ixdHyjD+gqtS/pAgwaQ9UhQ=",
@ -451,14 +504,29 @@
"agenix": "agenix",
"alertmanager-ntfy": "alertmanager-ntfy",
"home-manager": "home-manager_2",
"kubenix": "kubenix",
"nixinate": "nixinate",
"nixos-generators": "nixos-generators",
"nixpkgs": "nixpkgs_4",
"nixpkgs": "nixpkgs_5",
"nixpkgs-wayland": "nixpkgs-wayland",
"terranix": "terranix"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"id": "systems",
"type": "indirect"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
@ -478,7 +546,7 @@
"bats-assert": "bats-assert",
"bats-support": "bats-support",
"flake-utils": "flake-utils_3",
"nixpkgs": "nixpkgs_6",
"nixpkgs": "nixpkgs_7",
"terranix-examples": "terranix-examples"
},
"locked": {
@ -510,6 +578,27 @@
"type": "github"
}
},
"treefmt": {
"inputs": {
"nixpkgs": [
"kubenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1688026376,
"narHash": "sha256-qJmkr9BWDpqblk4E9/rCsAEl39y2n4Ycw6KRopvpUcY=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "df3f32b0cc253dfc7009b7317e8f0e7ccd70b1cf",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [

11
flake.nix
View file

@ -18,9 +18,10 @@
inputs.nixpkgs.follows = "nixpkgs";
};
alertmanager-ntfy.url = "github:alexbakker/alertmanager-ntfy";
kubenix.url = "github:hall/kubenix";
};
outputs = { self, nixpkgs, nixos-generators, nixinate, home-manager, agenix, terranix, alertmanager-ntfy, nixpkgs-wayland}:
outputs = { self, nixpkgs, nixos-generators, nixinate, home-manager, agenix, terranix, alertmanager-ntfy, nixpkgs-wayland, kubenix }@inputs:
let
pkgs = nixpkgs.legacyPackages.x86_64-linux;
tf = terranix.lib.terranixConfiguration {
@ -52,7 +53,13 @@
format = "sd-aarch64-installer";
};
};
packages.x86_64-linux = {
kubernetes = (kubenix.evalModules.x86_64-linux {
module = { kubenix, ... }: {
imports = [ kubenix.modules.k8s ./homelab/kubernetes.nix ];
};
}).config.kubernetes.result;
};
apps = nixinate.nixinate.x86_64-linux self // {
x86_64-linux = {
tf-plan = {

4
homelab/kubernetes.nix Normal file
View file

@ -0,0 +1,4 @@
{ config, kubenix, ... }: {
imports = [ kubenix.modules.k8s
(import ./tclip.nix) ];
}

59
homelab/tclip.nix Normal file
View file

@ -0,0 +1,59 @@
let
appName = "tclip";
litestreamImage = "litestream/litestream:sha-749bc0d";
tclipImage = "git.gmem.ca/arch/tclip:arm";
in
{
kubernetes.resources.statefulSets.tclip.spec = {
selector.matchLabels.app = appName;
serviceName = appName;
template = {
metadata.labels.app = appName;
spec = {
volumes = {
litestream.configMap.name = "tclip-litestream";
config.configMap.name = "tclip";
};
initContainers.init-litestream = {
image = litestreamImage;
args = ["restore" "-if-db-not-exists" "-if-replica-exists" "-v" "/data/data.db" ];
volumeMounts = [
{ name = "data"; mountPath = "/data"; }
{ name = "litestream"; mountPath = "/etc/litestream.yml"; subPath = "tclip.yml"; }
];
envFrom = [ { secretRef.name = "tclip-litestream-s3"; } ];
};
containers = {
tclip = {
image = tclipImage;
imagePullPolicy = "Always";
volumeMounts = [ { name = "data"; mountPath = "/data"; } ];
env = [
{ name = "DATA_DIR"; value = "/data"; }
{ name = "USE_FUNNEL"; value = "true"; }
];
};
litestream = {
image = litestreamImage;
args = [ "replicate" ];
volumeMounts = [
{ name = "data"; mountPath = "/data"; }
{ name = "litestream"; mountPath = "/etc/litestream.yml"; subPath = "tclip.yml"; }
];
envFrom = [ { secretRef.name = "tclip-litestream-s3"; } ];
ports.metrics.containerPort = 9090;
};
};
};
};
volumeClaimTemplates = [
{ metadata.name = "data";
spec = {
storageClassName = "nfs-client";
accessModes = [ "ReadWriteOnce" ];
resources.requests.storage = "1Gi";
};
}
];
};
}