infra/homelab/irc.nix

let
  appName = "soju";
  sojuImage = "git.gmem.ca/arch/soju:latest";
  gamjaImage = "git.gmem.ca/arch/gamja:latest";
in
{
  kubernetes.resources.services.soju = {
    spec = {
      type = "NodePort";
      selector.app = appName;
      ports.tls = {
        port = 6697;
        targetPort = 6697;
      };
    };
  };
  kubernetes.resources.services.soju-ws = {
    spec = {
      selector.app = appName;
      ports.ws = {
        port = 80;
        targetPort = 80;
      };
    };
  };
  kubernetes.resources.services.gamja = {
    spec = {
      selector.app = "gamja";
      ports.http = {
        port = 80;
        targetPort = 80;
      };
    };
  };
  kubernetes.resources.deployments.soju.spec = {
    selector.matchLabels.app = appName;
    template = {
      metadata.labels.app = appName;
      spec = {
        volumes = {
          config.configMap.name = "soju";
          ssl.secret.secretName = "gmem-ca-wildcard";
        };
        containers = {
          soju = {
            image = sojuImage;
            imagePullPolicy = "Always";
            volumeMounts = [ { name = "config"; mountPath = "/etc/soju/config"; subPath = "config"; }
                             { name = "ssl"; mountPath = "/ssl"; } ];
            ports.tls.containerPort = 6697;
            ports.ws.containerPort = 80;

            env.PGHOST.valueFrom.secretKeyRef = {
              name = "hippo-pguser-soju";
              key = "host";
            };
            env.PGPASSWORD.valueFrom.secretKeyRef = {
              name = "hippo-pguser-soju";
              key = "password";
            };
            env.PGUSER.valueFrom.secretKeyRef = {
              name = "hippo-pguser-soju";
              key = "user";
            };
            env.PGDATABASE.valueFrom.secretKeyRef = {
              name = "hippo-pguser-soju";
              key = "dbname";
            };
          };
        };
      };
    };
  };
  kubernetes.resources.deployments.gamja.spec = {
    selector.matchLabels.app = "gamja";
    template = {
      metadata.labels.app = "gamja";
      spec = {
        containers = {
          gamja = {
            image = gamjaImage;
            imagePullPolicy = "Always";
            ports.http.containerPort = 80;
          };
        };
      };
    };
  };

  kubernetes.resources.ingresses.irc = {
    metadata.annotations = {
      "cert-manager.io/issuer" = "le-issuer";
    };
    spec = {
      tls = [ { hosts = [ "irc.gmem.ca" ]; secretName = "gmem-ca-wildcard"; } ];
      rules = [ { host = "irc.gmem.ca"; http.paths = [
        { path = "/"; pathType = "Prefix";
          backend.service = {
            name = "gamja";
            port.number = 80;
          };
        }
        { path = "/socket"; pathType = "Prefix";
          backend.service = {
            name = "soju-ws";
            port.number = 80;
          };
        }
      ];}];
    };
  };
  
  kubernetes.resources.configMaps.soju.data.config = ''
listen ircs://
listen unix+admin:///app/admin
listen ws+insecure://
hostname irc.gmem.ca
title irc.gmem.ca
db postgres "dbname=soju"
message-store db
tls /ssl/tls.crt /ssl/tls.key
  '';
}