all repos — infra @ a9dae339c442c7fd11cfb2bfb0901a274fe71925

infrastructure manifests and setup notes 

misc: update
Anirudh Oppiliappan x@icyphox.sh
Thu, 04 Jul 2024 22:25:05 +0300
commit

a9dae339c442c7fd11cfb2bfb0901a274fe71925

parent

e63b77bec0f29374d2a54f288d0ecaa8d3b906ad

3 files changed, 37 insertions(+), 6 deletions(-)

jump to
M cert-manager/koti-lan.yamlcert-manager/dav.koti.lan.yaml 
@@ -1,13 +1,13 @@
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
-  name: koti-lan
+  name: dav-koti-lan
   namespace: default
 spec:
-  secretName: koti-lan-tls
+  secretName: dav-koti-lan
   isCA: false
+  commonName: "dav.koti.lan"
   dnsNames:
-  - "koti.lan"
-  - "*.koti.lan"
+  - "dav.koti.lan"
   issuerRef:
     name: koti-ca-issuer
M flake.nixflake.nix 
@@ -7,12 +7,37 @@ , nixpkgs
     ,
     }:
     let
-      supportedSystems = [ "x86_64-linux" "x86_64-darwin" "aarch64-linux" "aarch64-darwin" ];
+      supportedSystems = [ "x86_64-linux" "aarch64-linux" ];
       forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
       nixpkgsFor = forAllSystems (system: import nixpkgs { inherit system; });
     in
     {
-      defaultPackage = forAllSystems (system: self.packages.${system}.legit);
+      packages = forAllSystems (system:
+        let
+          pkgs = nixpkgsFor.${system};
+          fsrv = self.packages.${system}.fsrv;
+          files = pkgs.lib.fileset.toSource {
+            root = ./.;
+            fileset = pkgs.lib.fileset.unions [
+              ./index.html
+            ];
+          };
+        in
+        {
+          yarrContainer = pkgs.dockerTools.buildLayeredImage {
+            name = "sini:5000/yarr";
+            tag = "latest";
+            contents = [
+              pkgs.yarr
+            ];
+            config = {
+              Entrypoint = [ "${pkgs.yarr}/bin/yarr" ];
+              ExposedPorts = { "7070/tcp" = { }; };
+            };
+          };
+        });
+
+      defaultPackage = forAllSystems (system: self.packages.${system}.fsrv);
       devShells = forAllSystems (system:
         let
           pkgs = nixpkgsFor.${system};

@@ -21,6 +46,8 @@ {
           default = pkgs.mkShell {
             nativeBuildInputs = with pkgs; [
               kubectl
+              kubectx
+              go
             ];
           };
         });
M readmereadme 
@@ -17,6 +17,7 @@
 • k3s: Kubernetes distribution
 • tailscale: mesh network 
 • metallb: bare metal LoadBalancer provider
+• coredns: DNS server
 
 
 APPLICATIONS

@@ -24,4 +25,7 @@
 • radicale: CardDAV/CalDAV server (dav.koti.lan)
 • yarr: RSS reader (rss.koti.lan)
 • fsrv: file host service (x.icyphox.sh)
+• site: my personal website (icyphox.sh, anirudh.fi)
 • legit: git web frontend (git.icyphox.sh)
+• imaginary: image manipuation service (x.icyphox.sh, cdn.icyphox.sh)
+• pixelfed: private image hosting