122 lines
2.9 KiB
Nix
122 lines
2.9 KiB
Nix
let
|
|
appName = "netbootxyz";
|
|
netbootxyzImage = "ghcr.io/netbootxyz/netbootxyz";
|
|
in {
|
|
kubernetes.resources.services.netbootxyz = {
|
|
spec = {
|
|
selector.app = appName;
|
|
ports.http = {
|
|
port = 80;
|
|
targetPort = 80;
|
|
};
|
|
ports.interface = {
|
|
port = 3000;
|
|
targetPort = 3000;
|
|
};
|
|
};
|
|
};
|
|
kubernetes.resources.services.netbootxyz-tftp = {
|
|
spec = {
|
|
externalTrafficPolicy = "Local";
|
|
sessionAffinity = "None";
|
|
type = "NodePort";
|
|
selector.app = appName;
|
|
ports.tftp = {
|
|
port = 69;
|
|
protocol = "UDP";
|
|
targetPort = 69;
|
|
};
|
|
};
|
|
};
|
|
kubernetes.resources.deployments.netbootxyz.spec = {
|
|
selector.matchLabels.app = appName;
|
|
template = {
|
|
metadata.labels.app = appName;
|
|
spec = {
|
|
volumes = [
|
|
{
|
|
name = "config";
|
|
persistentVolumeClaim.claimName = "netbootxyz-config";
|
|
}
|
|
{
|
|
name = "assets";
|
|
persistentVolumeClaim.claimName = "netbootxyz-assets";
|
|
}
|
|
];
|
|
containers = {
|
|
netbootxyz = {
|
|
image = netbootxyzImage;
|
|
imagePullPolicy = "Always";
|
|
volumeMounts = [
|
|
{
|
|
mountPath = "/config";
|
|
name = "config";
|
|
}
|
|
{
|
|
mountPath = "/assets";
|
|
name = "assets";
|
|
}
|
|
];
|
|
env.SUBFOLDER.value = "/ui/";
|
|
ports.http.containerPort = 80;
|
|
ports.interface.containerPort = 3000;
|
|
ports.tftp = {
|
|
containerPort = 69;
|
|
protocol = "UDP";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
kubernetes.resources.persistentVolumeClaims.netbootxyz-config.spec = {
|
|
resources.requests.storage = "1Gi";
|
|
volumeMode = "Filesystem";
|
|
accessModes = ["ReadWriteMany"];
|
|
};
|
|
kubernetes.resources.persistentVolumeClaims.netbootxyz-assets.spec = {
|
|
resources.requests.storage = "10Gi";
|
|
volumeMode = "Filesystem";
|
|
accessModes = ["ReadWriteMany"];
|
|
};
|
|
|
|
kubernetes.resources.ingresses.netbootxyz = {
|
|
metadata.annotations = {
|
|
"cert-manager.io/issuer" = "le-issuer";
|
|
"nginx.ingress.kubernetes.io/ssl-redirect" = "false";
|
|
};
|
|
spec = {
|
|
tls = [
|
|
{
|
|
hosts = ["netboot.gmem.ca"];
|
|
secretName = "gmem-ca-wildcard";
|
|
}
|
|
];
|
|
rules = [
|
|
{
|
|
host = "netboot.gmem.ca";
|
|
http.paths = [
|
|
{
|
|
path = "/ui";
|
|
pathType = "Prefix";
|
|
backend.service = {
|
|
name = "netbootxyz";
|
|
port.number = 3000;
|
|
};
|
|
}
|
|
{
|
|
path = "/";
|
|
pathType = "Prefix";
|
|
backend.service = {
|
|
name = "netbootxyz";
|
|
port.number = 80;
|
|
};
|
|
}
|
|
];
|
|
}
|
|
];
|
|
};
|
|
};
|
|
}
|