feat(homelab): setup kube node, add gitea, nfs-utils

nix/homelab/helm/helmfile.yaml

@@ -5,6 +5,8 @@ repositories:
     url: https://jellyfin.github.io/jellyfin-helm
   - name: minecraft-charts
     url: https://itzg.github.io/minecraft-server-charts
+  - name: gitea-charts
+    url: https://dl.gitea.com/charts
 
 releases:
   # Load Balancer
@@ -30,6 +32,14 @@ releases:
     values:
       - values/jellyfin.yaml
 
+  # Git
+  - name: gitea
+    namespace: git
+    chart: gitea-charts/gitea
+    version: 12.4.0
+    values:
+      - values/gitea.yaml
+
   # Minecraft
   - name: minecraft-main
     namespace: minecraft

nix/homelab/helm/values/gitea.yaml

@@ -0,0 +1,43 @@
+persistence:
+  size: 8Gi
+
+resources:
+  requests:
+    cpu: 500m
+    memory: 128Mi
+  limits:
+    cpu: 1
+    memory: 512Mi
+
+gitea:
+  config:
+    repository:
+      ROOT: /git-data/git/repositories
+    database:
+      DB_TYPE: sqlite3
+    session:
+      PROVIDER: memory
+    cache:
+      ADAPTER: memory
+    queue:
+      TYPE: level
+nodeSelector:
+  kubernetes.io/hostname: kube
+      
+postgresql:
+  enabled: false
+postgresql-ha:
+  enabled: false
+valkey-cluster:
+  enabled: false
+valkey:
+  enabled: false
+
+extraVolumes:
+  - name: git-nfs
+    nfs:
+      server: 192.168.27.2
+      path: /data
+extraContainerVolumeMounts:
+  - name: git-nfs
+    mountPath: /git-data

nix/homelab/kustomize/kustomization.yaml

@@ -7,3 +7,5 @@ resources:
   - ./cert-manager/config.yaml
   - ./routes/media.yaml
   - ./routes/minecraft/main.yaml
+  - ./routes/gitea/ssh.yaml
+  - ./routes/gitea/http.yaml

nix/homelab/kustomize/metallb/pool.yaml

@@ -5,7 +5,7 @@ metadata:
   namespace: metallb-system
 spec:
   addresses:
-    - 192.168.122.132/26
+    - 192.168.18.31-192.168.18.61
 ---
 apiVersion: metallb.io/v1beta1
 kind: L2Advertisement

nix/homelab/kustomize/routes/gitea/http.yaml

@@ -0,0 +1,15 @@
+apiVersion: gateway.networking.k8s.io/v1
+kind: HTTPRoute
+metadata:
+  name: gitea
+  namespace: git
+spec:
+  parentRefs:
+    - name: traefik-gateway
+      namespace: kube-system
+  hostnames:
+    - "git-new.lucalise.ca"
+  rules:
+    - backendRefs:
+        - name: gitea-http
+          port: 3000

nix/homelab/kustomize/routes/gitea/ssh.yaml

@@ -0,0 +1,13 @@
+apiVersion: traefik.io/v1alpha1
+kind: IngressRouteTCP
+metadata:
+  name: gitea-ssh
+  namespace: git
+spec:
+  entryPoints:
+    - ssh
+  routes:
+    - match: HostSNI(`*`)
+      services:
+        - name: gitea-ssh
+          port: 22

nix/homelab/kustomize/traefik/config.yaml

@@ -23,7 +23,7 @@ spec:
           default: true
         exposedPort: 22
         protocol: TCP
-      minecraft-main:
+      minecraft:
         port: 25565
         expose:
           default: true

nix/homelab/nodes/kube/configuration.nix

@@ -63,6 +63,7 @@
     git
     helmfile
     kubernetes-helm
+    nfs-utils
   ];
 
   services.openssh.enable = true;

nix/homelab/nodes/kube/hardware-configuration.nix

@@ -9,7 +9,7 @@
     ];
 
   boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "sd_mod" ];
-  boot.initrd.kernelModules = [ ];
+  boot.initrd.kernelModules = [ "dm-snapshot" ];
   boot.kernelModules = [ "kvm-amd" ];
   boot.extraModulePackages = [ ];
 

nix/modules/dns.nix

@@ -17,6 +17,11 @@
       enable = true;
       dns = "systemd-resolved";
     };
+    networking.extraHosts = ''
+      192.168.18.31 traefik.lucalise.ca 
+      192.168.18.31 media.lucalise.ca 
+      192.168.18.31 git.lucalise.ca 
+    '';
 
     services.resolved = {
       enable = true;