let
  endpoints = {
    "proxmox" = {
      location = "100.100.75.80";
      host = "proxmox.gmem.ca";
      port = 8006;
      protocol = "HTTPS";
    };
    "austin" = {
      location = "192.168.50.237";
      host = "austin.gmem.ca";
      port = 8080;
      protocol = "HTTP";
    };
    "tokyo" = {
      location = "192.168.50.124";
      host = "tokyo.gmem.ca";
      port = 8000;
      protocol = "HTTP";
    };
    "ibiza" = {
      location = "192.168.50.182";
      host = "ibiza.gmem.ca";
      port = 8000;
      protocol = "HTTP";
    };
  };
in {
  kubernetes.resources.services =
    builtins.mapAttrs (name: endpoint: {
      spec = {
        ports.${name} = {
          port = endpoint.port;
          targetPort = endpoint.port;
        };
      };
    })
    endpoints;
  kubernetes.resources.endpoints =
    builtins.mapAttrs (name: endpoint: {
      subsets = [
        {
          addresses = [{ip = endpoint.location;}];
          ports = [
            {
              name = name;
              port = endpoint.port;
              protocol = "TCP";
            }
          ];
        }
      ];
    })
    endpoints;
  kubernetes.resources.ingresses =
    builtins.mapAttrs (name: endpoint: {
      metadata = {
        name = name;
        annotations = {
          "nginx.ingress.kubernetes.io/proxy-body-size" = "10g";
          "cert-manager.io/issuer" = "le-issuer";
          "nginx.ingress.kubernetes.io/backend-protocol" = endpoint.protocol;
        };
      };
      spec = {
        tls = [
          {
            hosts = [endpoint.host];
            secretName = "gmem-ca-wildcard";
          }
        ];
        rules = [
          {
            host = endpoint.host;
            http.paths = [
              {
                path = "/";
                pathType = "Prefix";
                backend.service = {
                  name = name;
                  port.number = endpoint.port;
                };
              }
            ];
          }
        ];
      };
    })
    endpoints;
}