first commit
This commit is contained in:
commit
5907008f2b
|
@ -0,0 +1 @@
|
|||
kubtoken
|
|
@ -0,0 +1 @@
|
|||
{"apiVersion":"v1","clusters":[{"cluster":{"certificate-authority":"/var/lib/kubernetes/secrets/ca.pem","server":"https://10.243.29.174:8443"},"name":"local"}],"contexts":[{"context":{"cluster":"local","user":"cluster-admin"},"current-context":"local"}],"kind":"Config","users":[{"name":"cluster-admin","user":{"client-certificate":"/var/lib/kubernetes/secrets/cluster-admin.pem","client-key":"/var/lib/kubernetes/secrets/cluster-admin-key.pem"}}]}
|
|
@ -0,0 +1,8 @@
|
|||
{
|
||||
"default": [{ "type": "insecureAcceptAnything" }],
|
||||
"transports": {
|
||||
"docker-daemon": {
|
||||
"": [{ "type": "insecureAcceptAnything" }]
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,18 @@
|
|||
{ kubenix, registry ? "docker.io/mic92" }:
|
||||
|
||||
rec {
|
||||
# evaluated configuration
|
||||
inherit (kubenix.evalModules {
|
||||
modules = [
|
||||
./module.nix
|
||||
{ docker.registry.url = registry; }
|
||||
];
|
||||
}) config;
|
||||
|
||||
# generated: kubernetes List object
|
||||
# result: JSON file you can deploy to kubernetes
|
||||
inherit (config.kubernetes) generated result;
|
||||
# export: Exported docker images
|
||||
# copyScript: script to push docker images to registry
|
||||
inherit (config.docker) export copyScript;
|
||||
}
|
|
@ -0,0 +1,93 @@
|
|||
{
|
||||
"nodes": {
|
||||
"flake-utils": {
|
||||
"locked": {
|
||||
"lastModified": 1610051610,
|
||||
"narHash": "sha256-U9rPz/usA1/Aohhk7Cmc2gBrEEKRzcW4nwPWMPwja4Y=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "3982c9903e93927c2164caa727cd3f6a0e6d14cc",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_2": {
|
||||
"locked": {
|
||||
"lastModified": 1605370193,
|
||||
"narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "5021eac20303a61fafe17224c087f5519baed54d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"kubenix": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils_2",
|
||||
"nixpkgs": "nixpkgs"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1609236987,
|
||||
"narHash": "sha256-XluRu59pnTxLgTmKSIsb60quYF2n06H0Q+0iHdD7dUg=",
|
||||
"owner": "Mic92",
|
||||
"repo": "kubenix",
|
||||
"rev": "cba0fd941094e79c8a10a529cc6e2a1514886a48",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "Mic92",
|
||||
"ref": "flake",
|
||||
"repo": "kubenix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1609233094,
|
||||
"narHash": "sha256-Ltzng3h4LDNjYAvmoX0kQ3023TvdupwuMvm1D7hZkyY=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "2b556ea6712cd4fa76a433093df0cb375a267e3d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1610091690,
|
||||
"narHash": "sha256-roNY/PYNMzqCnyusT0AQwCWvKDXahZxxf/m7A03VNOM=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "4786388803d0a44c53749163550857eab26a92cd",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils",
|
||||
"kubenix": "kubenix",
|
||||
"nixpkgs": "nixpkgs_2"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
"version": 7
|
||||
}
|
|
@ -0,0 +1,27 @@
|
|||
{
|
||||
description = "Kubernetes resource builder using nix";
|
||||
|
||||
# $ kubectl apply -f <(nix eval --json .#mumble-web.generated)
|
||||
# $ kubectl destroy -f <(nix eval --json .#mumble-web.generated)
|
||||
# $ nix run .#mumble-web.copyScript
|
||||
|
||||
inputs.flake-utils.url = "github:numtide/flake-utils";
|
||||
inputs.nixpkgs.url = "github:NixOS/nixpkgs";
|
||||
inputs.kubenix.url = "github:Mic92/kubenix/flake";
|
||||
|
||||
outputs = { self
|
||||
, nixpkgs
|
||||
, flake-utils
|
||||
, kubenix
|
||||
}:
|
||||
flake-utils.lib.eachDefaultSystem (system:
|
||||
let
|
||||
pkgs = nixpkgs.legacyPackages.${system};
|
||||
in rec {
|
||||
packages.mumble-web = pkgs.callPackage ./default.nix {
|
||||
kubenix = kubenix.defaultPackage.${system};
|
||||
};
|
||||
defaultPackage = packages.mumble-web;
|
||||
devShell = pkgs.callPackage ./shell.nix {};
|
||||
});
|
||||
}
|
|
@ -0,0 +1,18 @@
|
|||
{ dockerTools, nginx }:
|
||||
|
||||
dockerTools.buildLayeredImage {
|
||||
name = "nginx";
|
||||
contents = [ nginx ];
|
||||
extraCommands = ''
|
||||
mkdir -p etc
|
||||
chmod u+w etc
|
||||
echo "nginx:x:1000:1000::/:" > etc/passwd
|
||||
echo "nginx:x:1000:nginx" > etc/group
|
||||
'';
|
||||
config = {
|
||||
Cmd = ["nginx" "-c" "/etc/nginx/nginx.conf"];
|
||||
ExposedPorts = {
|
||||
"8383/tcp" = {};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,68 @@
|
|||
{ config, lib, pkgs, kubenix, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
nginx = pkgs.callPackage ./image.nix { };
|
||||
in {
|
||||
imports = with kubenix.modules; [ k8s docker ];
|
||||
|
||||
docker.images.nginx.image = nginx;
|
||||
|
||||
kubernetes.resources.deployments.nginx = {
|
||||
spec = {
|
||||
replicas = 10;
|
||||
selector.matchLabels.app = "nginx";
|
||||
template = {
|
||||
metadata.labels.app = "nginx";
|
||||
spec = {
|
||||
securityContext.fsGroup = 1000;
|
||||
containers.nginx = {
|
||||
image = config.docker.images.nginx.path;
|
||||
imagePullPolicy = "IfNotPresent";
|
||||
volumeMounts."/etc/nginx".name = "config";
|
||||
volumeMounts."/var/lib/html".name = "static";
|
||||
volumeMounts."/var/log/nginx".name = "logs";
|
||||
volumeMounts."/var/log/cache".name = "cache";
|
||||
};
|
||||
volumes.config.configMap.name = "nginx-config";
|
||||
volumes.static.configMap.name = "nginx-static";
|
||||
volumes.logs.configMap.name = "nginx-logs";
|
||||
volumes.cache.configMap.name = "nginx-cache";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
kubernetes.resources.configMaps.nginx-config.data."nginx.conf" = ''
|
||||
user nginx nginx;
|
||||
daemon off;
|
||||
error_log /dev/stdout info;
|
||||
pid /dev/null;
|
||||
events {}
|
||||
http {
|
||||
access_log /dev/stdout;
|
||||
server {
|
||||
listen 8383;
|
||||
index index.html;
|
||||
location / {
|
||||
root /var/lib/html;
|
||||
}
|
||||
}
|
||||
}
|
||||
'';
|
||||
|
||||
kubernetes.resources.configMaps.nginx-static.data."index.html" = ''
|
||||
<html><body><h1>Hello from NGINX</h1></body></html>
|
||||
'';
|
||||
|
||||
kubernetes.resources.services.nginx = {
|
||||
spec = {
|
||||
ports = [{
|
||||
name = "http";
|
||||
port = 8383;
|
||||
}];
|
||||
selector.app = "nginx";
|
||||
};
|
||||
};
|
||||
}
|
Loading…
Reference in New Issue