dotfiles/terranix/prepare/kubernetes.nix
magic_rb eed771ad4d
uk3s updates
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-07-16 21:49:22 +02:00

92 lines
2.2 KiB
Nix

{
inputs,
pkgs,
paths,
elib,
lib,
config,
...
}: let
inherit
(lib)
mkMerge
filterAttrs
mapAttrs
recursiveUpdate
;
inherit
(inputs.uk3s-nix.lib)
sanitizeKubernetesManifest
yqManifestSanitizerFilter
;
inherit
(inputs.uk3s-nix.legacyPackages.${pkgs.stdenv.system})
kubernetesManifestsToTerraformModule
splitYamlDoc
helm2nix2terraform
;
in {
resource."kubernetes_namespace"."metallb-system" = {
metadata = {
name = "metallb-system";
};
};
resource."kubernetes_namespace"."istio-system" = {
metadata = {
name = "istio-system";
# has to be kept in sync with `main` profile
labels = {
"istio.io/rev" = config.uk3s.istio.revision;
};
};
};
module."gateway-api" = {
source = inputs.uk3s-nix.legacyPackages.${pkgs.stdenv.system}.kubernetesManifestsToTerraformModule {
name = "gateway-crds";
splitJson = inputs.uk3s-nix.legacyPackages.${pkgs.stdenv.system}.splitYamlDoc {
name = "gateway-crds-manifests";
yamlDocument = pkgs.fetchurl {
url = "https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/experimental-install.yaml";
hash = "sha256-EPMidEoAXU5z4rBn6V/s1M/sYZ3HVkkwtIjClr+jvsE=";
curlOptsList = ["-L"];
};
outputFormat = "json";
yqFilter = yqManifestSanitizerFilter;
};
};
};
module."istio-api" = {
source = kubernetesManifestsToTerraformModule {
name = "istio-crds";
extraAttrs = {
field_manager.force_conflicts = true;
};
splitJson = splitYamlDoc {
name = "istio-crds-manifests";
yamlDocument = pkgs.fetchurl {
url = "https://raw.githubusercontent.com/istio/api/${pkgs.istioctl.version}/kubernetes/customresourcedefinitions.gen.yaml";
hash = "sha256-cPMT2On0i0ltbePd8xiMpvoM5P/CZhgf8OlaeUcxgoo=";
};
outputFormat = "json";
yqFilter = yqManifestSanitizerFilter;
};
};
};
uk3s.istio = {
enable = true;
istiod.enable = true;
operator.enable = true;
mode = "crd";
};
uk3s.metallb = {
enable = true;
mode = "crd";
};
}