diff --git a/modules/k8s.nix b/modules/k8s.nix index ba4b558..6b15a12 100644 --- a/modules/k8s.nix +++ b/modules/k8s.nix @@ -29,13 +29,118 @@ let ''; }; - cluster-scripts = pkgs.stdenv.mkDerivation { - name = "cluster-scripts"; - src = ../scripts; - buildCommand = '' - mkdir -p $out/bin - cp $src/* $out/bin - ''; + cluster-scripts = + let + ingressNodes = builtins.foldl' (a: x: + a + ",${x}") "${cfg.k8s.master.name}" + cfg.k8s.extraIngressNodes; + ingressReplicaCount = + builtins.toString (1 + builtins.length cfg.k8s.extraIngressNodes); + show-kubernetes-charts-config = '' + #!/usr/bin/env bash + cat << EOF + # Generated by show-kubernetes-charts-config + # $(date) + # Charts in ${kubernetes-charts}/share/kubernetes-charts + + + vars=( + initca="${pki.initca}" + apiserver="${cfg.k8s.master.name}" + cluster="${cfg.clusterName}" + ingress_nodes="${ingressNodes}" + ingress_replica_count="${ingressReplicaCount}" + fileserver="${cfg.k8s.fileserver}" + acme_email="${cfg.k8s.charts.acme_email}" + grafana_smtp_user="$(echo -n ${cfg.k8s.charts.grafana_smtp_user} | base64 -w0)" + grafana_smtp_password="$(echo -n ${cfg.k8s.charts.grafana_smtp_password} | base64 -w0)" + ) + + EOF + cat << '"'"'EOF'"'"' + substitute_all () { + local x i k v subs + x="$(/dev/null 2>&1 || kubectl create ns $namespace + } + + export_vars () { + local i + for i in "''${vars[@]}"; do eval "$i"; done + } + + kubectl_apply () { + local x namespace + namespace="$1"; shift + x="$( \$dest/config.sh + ''; + in + pkgs.stdenv.mkDerivation { + name = "cluster-scripts"; + src = ../scripts; + buildCommand = '' + mkdir -p $out/bin + cp $src/* $out/bin + echo '${show-kubernetes-charts-config}' > $out/bin/show-kubernetes-charts-config + chmod a+x $out/bin/show-kubernetes-charts-config + echo "${copy-kubernetes-charts}" > $out/bin/copy-kubernetes-charts + chmod a+x $out/bin/copy-kubernetes-charts + ''; }; kubernetes-charts = pkgs.stdenv.mkDerivation rec { @@ -43,72 +148,10 @@ let src = ../charts; buildCommand = '' mkdir -p $out/share/${name} - cp -r $src/* $out/share${name} + cp -r $src/* $out/share/${name} ''; }; - show-kubernetes-charts-config = - let - ingressNodes = builtins.foldl' (a: x: - a + ", ${x}") "${cfg.k8s.master.name}" - cfg.k8s.extraIngressNodes; - ingressReplicaCount = - builtins.toString (1 + builtins.length cfg.k8s.extraIngressNodes); - in - pkgs.writeScriptBin "show-kubernetes-charts-config" - '' - #!${pkgs.stdenv.shell} - cat << EOF - # Generated by show-kubernetes-charts-config - # $(date) - # Charts in ${kubernetes-charts} - - vars=( - initca="${pki.initca}" - apiserver="${cfg.k8s.master.name}" - cluster="${cfg.clusterName}" - ingress_nodes="[ ${ingressNodes} ]" - ingress_replica_count="${ingressReplicaCount}" - filseserver="${cfg.k8s.fileserver}" - acme_email="${cfg.k8s.charts.acme_email}" - grafana_smtp_user="$(echo -n ${cfg.k8s.charts.grafana_smtp_user} | base64 -w0)" - grafana_smtp_password="$(echo -n ${cfg.k8s.charts.grafana_smtp_password} | base64 -w0)" - ) - - EOF - cat << 'EOF' - substitute_all () { - read x - subs=("$@") - for i in "''${subs[@]}"; do - k=$(echo "$i" | cut -d= -f1) - v=$(echo "$i" | cut -d= -f2) - echo "$x" | sed "s/@$k@/$v/g" - done - } - - substitute_defaults () { - substitute_all "''${vars[@]}" - } - - kubectl_apply () { - read x - namespace=$1; shift - kubectl get ns $namespace 2>&1 >/dev/null || kubectl create ns $namespace - cat $x | substitute_defaults | kubectl -n $namespace apply -f - - } - - kubectl_apply_files () { - namespace=$1; shift - charts=("$@") - for i in "''${charts[@]}"; do - cat $i | kubectl_apply $namespace - done - } - EOF - ''; - - install-apitoken = '' #!${pkgs.bash}/bin/bash set -e @@ -182,7 +225,6 @@ let pkgs.kubectl cluster-scripts kubernetes-charts - show-kubernetes-charts-config ]; systemd.services.kube-certmgr-apitoken-bootstrap = {