diff --git a/MODULE.bazel.lock b/MODULE.bazel.lock index fb59b2c..f921961 100644 --- a/MODULE.bazel.lock +++ b/MODULE.bazel.lock @@ -2309,6 +2309,64 @@ ] } }, + "@@rules_qt+//extension:qt.bzl%fetch": { + "general": { + "bzlTransitiveDigest": "+wmXAn/rrcsNKiW6OUivYSeVfd3AXW5c+xNYlBdh9q4=", + "usagesDigest": "PFPAf/n4+nciCmEXpgZADS3iYvQtMHuaonLOnItLs8Y=", + "recordedFileInputs": {}, + "recordedDirentsInputs": {}, + "envVariables": {}, + "generatedRepoSpecs": { + "qt_linux_x86_64": { + "repoRuleId": "@@rules_qt+//extension:download_qt.bzl%download_qt", + "attributes": { + "version": "6.8.3", + "os": "linux", + "target_sdk": "desktop", + "build_file": "@@rules_qt+//extension:qt/6.8.3/linux_x86_64.BUILD", + "windows_architecture": "" + } + }, + "qt_windows_x86_64": { + "repoRuleId": "@@rules_qt+//extension:download_qt.bzl%download_qt", + "attributes": { + "version": "6.8.3", + "os": "windows", + "target_sdk": "desktop", + "build_file": "@@rules_qt+//extension:qt/6.8.3/windows_x86_64.BUILD", + "windows_architecture": "win64_msvc2022" + } + }, + "qt_mac_aarch64": { + "repoRuleId": "@@rules_qt+//extension:download_qt.bzl%download_qt", + "attributes": { + "version": "6.8.3", + "os": "macos", + "target_sdk": "desktop", + "build_file": "@@rules_qt+//extension:qt/6.8.3/mac_aarch64.BUILD", + "windows_architecture": "" + } + } + }, + "recordedRepoMappingEntries": [ + [ + "", + "rules_qt", + "rules_qt+" + ], + [ + "rules_qt+", + "bazel_skylib", + "bazel_skylib+" + ], + [ + "rules_qt+", + "rules_qt", + "rules_qt+" + ] + ] + } + }, "@@rules_scala+//scala/extensions:config.bzl%scala_config": { "general": { "bzlTransitiveDigest": "TYEDBdoN7s4wE8er7JwzFt7+3iw57BHsTSLyWmxbgZo=", diff --git a/experimental/users/acmcarther/k8s/configs/environments/crossplane/BUILD.bazel b/experimental/users/acmcarther/k8s/configs/environments/crossplane/BUILD.bazel deleted file mode 100644 index c3f12b2..0000000 --- a/experimental/users/acmcarther/k8s/configs/environments/crossplane/BUILD.bazel +++ /dev/null @@ -1,22 +0,0 @@ -load("@rules_jsonnet//jsonnet:jsonnet.bzl", "jsonnet_to_json") -load("//tools:tanka.bzl", "tanka_environment") - -jsonnet_to_json( - name = "main", - src = "main.jsonnet", - outs = ["main.json"], - data = [ - "@helm_crossplane_crossplane//:chart", - ], - visibility = ["//visibility:public"], - deps = [ - "//k8s/configs/templates", - "//experimental/users/acmcarther/k8s/configs/templates", - ], -) - -tanka_environment( - name = "crossplane", - main = ":main", - spec = "spec.json", -) diff --git a/experimental/users/acmcarther/k8s/configs/environments/crossplane/main.jsonnet b/experimental/users/acmcarther/k8s/configs/environments/crossplane/main.jsonnet deleted file mode 100644 index 0cc4ee6..0000000 --- a/experimental/users/acmcarther/k8s/configs/environments/crossplane/main.jsonnet +++ /dev/null @@ -1,25 +0,0 @@ -local base = import "k8s/configs/base.libsonnet"; -local crossplane = import "experimental/users/acmcarther/k8s/configs/templates/crossplane.libsonnet"; - -local namespace = "crossplane-system"; -local ctx = base.NewContext(base.helm); - -{ - namespace: { - apiVersion: "v1", - kind: "Namespace", - metadata: { - name: namespace, - }, - }, - apps: { - crossplane: crossplane.App(crossplane.Params { - namespace: namespace, - name: "crossplane", - context: ctx, - values: { - # Add any specific values here - }, - }), - }, -} diff --git a/experimental/users/acmcarther/k8s/configs/environments/crossplane/spec.json b/experimental/users/acmcarther/k8s/configs/environments/crossplane/spec.json deleted file mode 100644 index 5eee3fa..0000000 --- a/experimental/users/acmcarther/k8s/configs/environments/crossplane/spec.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "apiVersion": "tanka.dev/v1alpha1", - "kind": "Environment", - "metadata": { - "name": "environments/crossplane", - "namespace": "environments/crossplane/main.jsonnet" - }, - "spec": { - "apiServer": "https://k8s.dominion.lan:6443", - "namespace": "crossplane-system", - "resourceDefaults": {}, - "expectVersions": {}, - "injectLabels": true - } -} diff --git a/experimental/users/acmcarther/k8s/configs/environments/dominion/BUILD.bazel b/experimental/users/acmcarther/k8s/configs/environments/dominion/BUILD.bazel deleted file mode 100644 index 4c07776..0000000 --- a/experimental/users/acmcarther/k8s/configs/environments/dominion/BUILD.bazel +++ /dev/null @@ -1,35 +0,0 @@ -load("@rules_jsonnet//jsonnet:jsonnet.bzl", "jsonnet_library", "jsonnet_to_json", "jsonnet_to_json_test") -load("//tools:tanka.bzl", "tanka_environment") -load("//tools:sops.bzl", "sops_decrypt") - -sops_decrypt( - name = "secrets", - src = "secrets.sops.yaml", - out = "secrets.json", -) - -jsonnet_library( - name = "secrets_lib", - srcs = [":secrets"], -) - -jsonnet_to_json( - name = "main", - src = "main.jsonnet", - outs = ["main.json"], - data = [ - "@helm_jetstack_cert_manager//:chart", - ], - visibility = ["//visibility:public"], - deps = [ - ":secrets_lib", - "//k8s/configs/templates", - "//experimental/users/acmcarther/k8s/configs/templates", - ], -) - -tanka_environment( - name = "dominion", - main = ":main", - spec = "spec.json", -) diff --git a/experimental/users/acmcarther/k8s/configs/environments/dominion/main.jsonnet b/experimental/users/acmcarther/k8s/configs/environments/dominion/main.jsonnet deleted file mode 100644 index a334df6..0000000 --- a/experimental/users/acmcarther/k8s/configs/environments/dominion/main.jsonnet +++ /dev/null @@ -1,159 +0,0 @@ -local base = import "k8s/configs/base.libsonnet"; -local secrets = import "experimental/users/acmcarther/k8s/configs/environments/dominion/secrets.json"; - -local freshrss = import "k8s/configs/templates/personal/media/freshrss.libsonnet"; -local monica = import "k8s/configs/templates/personal/home/monica.libsonnet"; -local jellyfin = import "k8s/configs/templates/personal/media/jellyfin.libsonnet"; -local transmission = import "k8s/configs/templates/personal/media/transmission.libsonnet"; - -local lanraragi = import "experimental/users/acmcarther/k8s/configs/templates/lanraragi.libsonnet"; - -local nginxIngress = import "k8s/configs/templates/core/network/nginx-ingress.libsonnet"; -local mariadb = import "k8s/configs/templates/core/storage/mariadb.libsonnet"; - -local namespace = "dominion"; -{ - namespace: { - apiVersion: "v1", - kind: "Namespace", - metadata: { - name: namespace, - }, - }, - secrets: { - monica: mariadb.Secret(mariadb.SecretParams{ - name: "monica", - namespace: "dominion", - rootPassword: secrets.monica_mariadb_root_db_pwd, - password: secrets.monica_mariadb_db_pwd, - }), - }, - apps: { - /* - jellyfin: { - app: jellyfin.App(jellyfin.Params { - namespace: namespace, - name: "jellyfin", - filePath: std.thisFile, - // Defined in "dominion" - configClaimName: "jellyfin-config", - // Defined in "dominion" - serialClaimName: "serial-lake", - // Defined in "dominion" - filmClaimName: "film-lake", - // Defined in "dominion" - transcodeClaimName: "jellyfin-transcode", - }), - ingress: nginxIngress.Ingress(nginxIngress.IngressParams { - namespace: namespace, - name: "jellyfin-ion", - hosts: [ - "ion.cheapassbox.com", - ], - serviceName: "jellyfin-vui", - }), - pvcs: { - pvcJellyfinConfig: kube.RecoverableSimpleManyPvc(namespace, "jellyfin-config", "nfs-client", "10Gi", { - volumeName: "pvc-287055fe-b436-11e9-bad8-b8aeed7dc356", - nfsPath: "/volume3/fs/dominion-jellyfin-config-pvc-287055fe-b436-11e9-bad8-b8aeed7dc356", - nfsServer: "apollo1.dominion.lan", - }), - pvcJellyfinTranscode: kube.RecoverableSimpleManyPvc(namespace, "jellyfin-transcode", "nfs-client", "200Gi", { - volumeName: "pvc-2871f840-b436-11e9-bad8-b8aeed7dc356", - nfsPath: "/volume3/fs/dominion-jellyfin-transcode-pvc-2871f840-b436-11e9-bad8-b8aeed7dc356", - nfsServer: "apollo1.dominion.lan", - }), - // NOTE: These are different! - pvcSerialLake: kube.RecoverableSimpleManyPvc(namespace, "serial-lake", "nfs-bulk", "160Gi", { - volumeName: "pvc-2873b76a-b436-11e9-bad8-b8aeed7dc356", - nfsPath: "/volume4/fs-bulk/dominion-serial-lake-pvc-2873b76a-b436-11e9-bad8-b8aeed7dc356", - nfsServer: "apollo2.dominion.lan", - }), - pvcFilmLake: kube.RecoverableSimpleManyPvc(namespace, "film-lake", "nfs-bulk", "80Gi", { - volumeName: "pvc-286ce6ea-b436-11e9-bad8-b8aeed7dc356", - nfsPath: "/volume4/fs-bulk/dominion-film-lake-pvc-286ce6ea-b436-11e9-bad8-b8aeed7dc356", - nfsServer: "apollo2.dominion.lan", - }), - }, - }, - */ - freshrss: { - configPvc: base.RecoverableSimplePvc(namespace, "freshrss-config", "nfs-client", "32Gi", { - volumeName: "pvc-26b893fc-c3bf-11e9-8ccb-b8aeed7dc356", - nfsPath: "/volume3/fs/dominion-freshrss-config-pvc-26b893fc-c3bf-11e9-8ccb-b8aeed7dc356", - nfsServer: "apollo1.dominion.lan", - }), - app: freshrss.App(freshrss.Params { - namespace: namespace, - name: "freshrss", - filePath: std.thisFile, - // Defined in "dominion" - configClaimName: "freshrss-config", - }), - ingress: nginxIngress.Ingress(nginxIngress.IngressParams { - namespace: namespace, - name: "freshrss", - hosts: [ - "rss.cheapassbox.com", - ], - serviceName: "freshrss-ui", - annotations: nginxIngress.KubeOauthProxyAnnotations, - }), - ingress2: nginxIngress.Ingress(nginxIngress.IngressParams { - namespace: namespace, - name: "freshrss-csbx", - hosts: [ - "rss.csbx.dev", - ], - serviceName: "freshrss-ui", - annotations: nginxIngress.KubeCsbxOauthProxyAnnotations, - }), - }, - transmission2: { - configPvc: base.RecoverableSimpleManyPvc(namespace, "transmission-config", "nfs-client", "50Mi", { - volumeName: "pvc-3d93c19b-c177-11e9-8ccb-b8aeed7dc356", - nfsPath: "/volume3/fs/dominion-transmission-config-pvc-3d93c19b-c177-11e9-8ccb-b8aeed7dc356", - nfsServer: "apollo1.dominion.lan", - }), - torrentFilesPvc: base.RecoverableSimpleManyPvc(namespace, "torrent-files", "nfs-client", "100Mi", { - volumeName: "pvc-73528d8b-c177-11e9-8ccb-b8aeed7dc356", - nfsPath: "/volume3/fs/dominion-torrent-files-pvc-73528d8b-c177-11e9-8ccb-b8aeed7dc356", - nfsServer: "apollo1.dominion.lan", - }), - incompleteDownloadsPvc: base.RecoverableSimpleManyPvc(namespace, "transmission-incomplete-downloads", "nfs-bulk", "100Gi", { - volumeName: "pvc-1c1a00ff-b9a8-4f92-b3a7-70f81752141d", - nfsPath: "/volume4/fs-bulk/dominion-transmission-incomplete-downloads-pvc-1c1a00ff-b9a8-4f92-b3a7-70f81752141d", - nfsServer: "apollo2.dominion.lan", - }), - app: transmission.App(transmission.Params { - namespace: namespace, - name: "transmission2", - filePath: std.thisFile, - configClaimName: "transmission-config", - incompleteDownloadsClaimName: "transmission-incomplete-downloads", - downloadsClaimName: "lanraragi-content", - torrentFilesClaimName: "torrent-files", - // TODO(acmcarther): Import from central location - dataNodePort: 32701, - }), - ingress: nginxIngress.Ingress(nginxIngress.IngressParams { - namespace: namespace, - name: "transmission", - hosts: [ - "ex-transmission.cheapassbox.com", - ], - serviceName: "transmission2-ui", - annotations: nginxIngress.DominionOauthProxyAnnotations, - }), - ingress2: nginxIngress.Ingress(nginxIngress.IngressParams { - namespace: namespace, - name: "transmission-csbx", - hosts: [ - "ex-transmission.csbx.dev", - ], - serviceName: "transmission2-ui", - annotations: nginxIngress.DominionCsbxOauthProxyAnnotations, - }), - }, - }, -} \ No newline at end of file diff --git a/experimental/users/acmcarther/k8s/configs/environments/dominion/spec.json b/experimental/users/acmcarther/k8s/configs/environments/dominion/spec.json deleted file mode 100644 index 39be0d0..0000000 --- a/experimental/users/acmcarther/k8s/configs/environments/dominion/spec.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "apiVersion": "tanka.dev/v1alpha1", - "kind": "Environment", - "metadata": { - "name": "environments/dominion", - "namespace": "environments/dominion/main.jsonnet" - }, - "spec": { - "apiServer": "https://k8s.dominion.lan:6443", - "namespace": "dominion", - "resourceDefaults": {}, - "expectVersions": {}, - "injectLabels": true - } -} diff --git a/experimental/users/acmcarther/k8s/configs/environments/semantic-search/BUILD.bazel b/experimental/users/acmcarther/k8s/configs/environments/semantic-search/BUILD.bazel deleted file mode 100644 index 0e23cb7..0000000 --- a/experimental/users/acmcarther/k8s/configs/environments/semantic-search/BUILD.bazel +++ /dev/null @@ -1,21 +0,0 @@ -load("@rules_jsonnet//jsonnet:jsonnet.bzl", "jsonnet_library", "jsonnet_to_json", "jsonnet_to_json_test") -load("//tools:tanka.bzl", "tanka_environment") - -jsonnet_to_json( - name = "main", - src = "main.jsonnet", - outs = ["main.json"], - data = [ - ], - visibility = ["//visibility:public"], - deps = [ - "//k8s/configs/templates", - "//experimental/users/acmcarther/k8s/configs/templates", - ], -) - -tanka_environment( - name = "semantic-search", - main = ":main", - spec = "spec.json", -) diff --git a/experimental/users/acmcarther/k8s/configs/environments/semantic-search/main.jsonnet b/experimental/users/acmcarther/k8s/configs/environments/semantic-search/main.jsonnet deleted file mode 100644 index 15aeeba..0000000 --- a/experimental/users/acmcarther/k8s/configs/environments/semantic-search/main.jsonnet +++ /dev/null @@ -1,37 +0,0 @@ -local base = import "k8s/configs/base.libsonnet"; -local semanticSearch = import "experimental/users/acmcarther/k8s/configs/templates/semantic-search.libsonnet"; -local nginxIngress = import "k8s/configs/templates/core/network/nginx-ingress.libsonnet"; - -local namespace = "semantic-search"; -local appName = "semantic-search-server"; - -{ - namespace: { - apiVersion: "v1", - kind: "Namespace", - metadata: { - name: namespace, - }, - }, - pvc: base.RecoverableSimpleManyPvc(namespace, appName + "-data", "nfs-client", "2Gi", { - volumeName: "pvc-a10eadb8-b2a3-45b2-a50b-83ab11ae7f39", - nfsPath: "/volume3/fs/semantic-search-semantic-search-server-data-pvc-a10eadb8-b2a3-45b2-a50b-83ab11ae7f39", - nfsServer: "apollo1.dominion.lan", - }), - apps: { - server: semanticSearch.App(semanticSearch.Params { - namespace: namespace, - name: appName, - filePath: std.thisFile, - dataClaimName: appName + "-data", - }), - ingress: nginxIngress.Ingress(nginxIngress.IngressParams { - namespace: namespace, - name: appName, - hosts: [ - "search.csbx.dev", - ], - serviceName: appName + "-ui", - }), - }, -} \ No newline at end of file diff --git a/experimental/users/acmcarther/k8s/configs/environments/semantic-search/spec.json b/experimental/users/acmcarther/k8s/configs/environments/semantic-search/spec.json deleted file mode 100644 index e23c880..0000000 --- a/experimental/users/acmcarther/k8s/configs/environments/semantic-search/spec.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "apiVersion": "tanka.dev/v1alpha1", - "kind": "Environment", - "metadata": { - "name": "environments/semantic-search" - }, - "spec": { - "apiServer": "https://k8s.dominion.lan:6443", - "namespace": "semantic-search", - "resourceDefaults": {}, - "expectVersions": {}, - "injectLabels": true - } -} diff --git a/experimental/users/acmcarther/k8s/configs/environments/vault/BUILD.bazel b/experimental/users/acmcarther/k8s/configs/environments/vault/BUILD.bazel deleted file mode 100644 index 10f401b..0000000 --- a/experimental/users/acmcarther/k8s/configs/environments/vault/BUILD.bazel +++ /dev/null @@ -1,21 +0,0 @@ -load("@rules_jsonnet//jsonnet:jsonnet.bzl", "jsonnet_library", "jsonnet_to_json", "jsonnet_to_json_test") -load("//tools:tanka.bzl", "tanka_environment") - -jsonnet_to_json( - name = "main", - src = "main.jsonnet", - outs = ["main.json"], - data = [ - "@helm_hashicorp_vault//:chart", - ], - visibility = ["//visibility:public"], - deps = [ - "//k8s/configs/templates", - ], -) - -tanka_environment( - name = "vault", - main = ":main", - spec = "spec.json", -) diff --git a/experimental/users/acmcarther/k8s/configs/environments/vault/main.jsonnet b/experimental/users/acmcarther/k8s/configs/environments/vault/main.jsonnet deleted file mode 100644 index 082696c..0000000 --- a/experimental/users/acmcarther/k8s/configs/environments/vault/main.jsonnet +++ /dev/null @@ -1,83 +0,0 @@ -local base = import "k8s/configs/base.libsonnet"; -local nginxIngress = import "k8s/configs/templates/core/network/nginx-ingress.libsonnet"; -local vault = import "k8s/configs/templates/core/security/vault.libsonnet"; - -local namespace = "vault"; -local ctx = base.NewContext(base.helm); -{ - namespace: { - apiVersion: "v1", - kind: "Namespace", - metadata: { - name: namespace, - }, - }, - apps: { - /* - consul: consul.App(consul.Params { - namespace: namespace, - context: ctx, - bootstrapTokenSecretName: "consul-bootstrap-acl-token", - }), - */ - vault: vault.App(vault.Params { - namespace: namespace, - context: ctx, - }), - /* - vaultIngress1: nginxIngress.Ingress(nginxIngress.IngressParams { - namespace: namespace, - name: "vault", - hosts: [ - "vault.cheapassbox.com", - ], - serviceName: "vault", # TODO - annotations: nginxIngress.KubeOauthProxyAnnotations, - }), - */ - vaultIngress2: nginxIngress.Ingress(nginxIngress.IngressParams { - namespace: namespace, - name: "vault-csbx", - hosts: [ - "vault.csbx.dev", - ], - serviceName: "vault-ui", # TODO - servicePort: 8200, - annotations: nginxIngress.KubeCsbxOauthProxyAnnotations, - }), - }, - volumes: { - data0: base.RecoverableSimplePvc(namespace, "data-vault-0", "nfs-client", "10Gi", { - volumeName: "pvc-0aa9f845-baef-476b-971f-8cd30932b874", - nfsPath: "/volume3/fs/vault-data-vault-0-pvc-0aa9f845-baef-476b-971f-8cd30932b874", - nfsServer: "apollo1.dominion.lan", - }), - data1: base.RecoverableSimplePvc(namespace, "data-vault-1", "nfs-client", "10Gi", { - volumeName: "pvc-90241eff-1ed4-49e0-87bb-8485cd0f6aca", - nfsPath: "/volume3/fs/vault-data-vault-1-pvc-90241eff-1ed4-49e0-87bb-8485cd0f6aca", - nfsServer: "apollo1.dominion.lan", - }), - data2: base.RecoverableSimplePvc(namespace, "data-vault-2", "nfs-client", "10Gi", { - volumeName: "pvc-5c23b9b5-3fbf-4898-9784-83d9bbef185c", - nfsPath: "/volume3/fs/vault-data-vault-2-pvc-5c23b9b5-3fbf-4898-9784-83d9bbef185c", - nfsServer: "apollo1.dominion.lan", - }), - audit0: base.RecoverableSimplePvc(namespace, "audit-vault-0", "nfs-client", "10Gi", { - volumeName: "pvc-1d037ee0-836c-4079-a96f-f61ed13c9626", - nfsPath: "/volume3/fs/vault-audit-vault-0-pvc-1d037ee0-836c-4079-a96f-f61ed13c9626", - nfsServer: "apollo1.dominion.lan", - }), - audit1: base.RecoverableSimplePvc(namespace, "audit-vault-1", "nfs-client", "10Gi", { - volumeName: "pvc-6f63b89d-b007-440a-adea-b503b885b914", - nfsPath: "/volume3/fs/vault-audit-vault-1-pvc-6f63b89d-b007-440a-adea-b503b885b914", - nfsServer: "apollo1.dominion.lan", - }), - audit2: base.RecoverableSimplePvc(namespace, "audit-vault-2", "nfs-client", "10Gi", { - volumeName: "pvc-44121280-3a8c-4252-abe2-95e177e78efc", - nfsPath: "/volume3/fs/vault-audit-vault-2-pvc-44121280-3a8c-4252-abe2-95e177e78efc", - nfsServer: "apollo1.dominion.lan", - }), - - }, - -} \ No newline at end of file diff --git a/experimental/users/acmcarther/k8s/configs/environments/vault/spec.json b/experimental/users/acmcarther/k8s/configs/environments/vault/spec.json deleted file mode 100644 index bcae0ea..0000000 --- a/experimental/users/acmcarther/k8s/configs/environments/vault/spec.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "apiVersion": "tanka.dev/v1alpha1", - "kind": "Environment", - "metadata": { - "name": "environments/vault", - "namespace": "environments/vault/main.jsonnet" - }, - "spec": { - "apiServer": "https://k8s.dominion.lan:6443", - "namespace": "vault", - "resourceDefaults": {}, - "expectVersions": {}, - "injectLabels": true - } -} diff --git a/experimental/users/acmcarther/k8s/configs/templates/BUILD.bazel b/experimental/users/acmcarther/k8s/configs/templates/BUILD.bazel deleted file mode 100644 index c40f224..0000000 --- a/experimental/users/acmcarther/k8s/configs/templates/BUILD.bazel +++ /dev/null @@ -1,12 +0,0 @@ -load("@rules_jsonnet//jsonnet:jsonnet.bzl", "jsonnet_library", "jsonnet_to_json", "jsonnet_to_json_test") - -jsonnet_library( - name = "templates", - srcs = glob(include = ["**/*.libsonnet"]), - visibility = ["//visibility:public"], - deps = [ - "//k8s/configs:base", - "//k8s/configs:images", - "//k8s/configs/templates", - ], -) diff --git a/experimental/users/acmcarther/k8s/configs/templates/crossplane.libsonnet b/experimental/users/acmcarther/k8s/configs/templates/crossplane.libsonnet deleted file mode 100644 index a2dafa1..0000000 --- a/experimental/users/acmcarther/k8s/configs/templates/crossplane.libsonnet +++ /dev/null @@ -1,29 +0,0 @@ -local base = import "k8s/configs/base.libsonnet"; - -local Params = base.SimpleFieldStruct([ - "namespace", - "name", - "context", - "values", -]); - -local App(params) = { - # The chart is provided by the @helm_crossplane_crossplane repository. - # Note: The path construction might need adjustment depending on how helm_deps handles the repo name. - # In chartfile.yaml, repo name is 'crossplane'. - local chartPath = "../../external/+helm_deps+helm_crossplane_crossplane", - - app: params.context.helm.template(params.name, chartPath, { - namespace: params.namespace, - values: params.values, - # Crossplane often needs includeCRDs: true or similar if it's not default in values. - # But for helm template, it's usually handled by includeCRDs option in the helm function if supported - # or just let helm handle it. Tanka's helm.template usually passes args to `helm template`. - includeCRDs: true, - }) -}; - -{ - Params: Params, - App: App, -} diff --git a/experimental/users/acmcarther/k8s/configs/templates/lanraragi.libsonnet b/experimental/users/acmcarther/k8s/configs/templates/lanraragi.libsonnet deleted file mode 100644 index 3ea74a2..0000000 --- a/experimental/users/acmcarther/k8s/configs/templates/lanraragi.libsonnet +++ /dev/null @@ -1,113 +0,0 @@ -local kube = import "k8s/configs/base.libsonnet"; -local images = import "k8s/configs/images.libsonnet"; -local templates = import "k8s/configs/templates/templates.libsonnet"; - -local WebPort = 3000; - -local Params = kube.simpleFieldStruct([ - "namespace", - "name", - "contentClaimName", - "databaseClaimName", - "thumbClaimName", - "filePath", -]) { - image: images.Prod["difegue/lanraragi"], - webPort: WebPort, - gatekeeperSidecar: null, - resources: { - requests: { - cpu: "1000m", - memory: "1000Mi", - }, - limits: { - cpu: "2000m", - memory: "2000Mi", - }, - }, -}; - -local App(params) = { - local nskube = kube.UsingNamespace(params.namespace), - local selector = { - name: params.name, - phase: "prod", - }, - local selectorMixin = { - selector: selector - }, - service: nskube.Service(params.name + '-ui') { - spec+: kube.SvcUtil.BasicHttpClusterIpSpec(WebPort) { - selector: selector - } - }, - deployment: nskube.Deployment(params.name) { - metadata+: { - annotations: templates.annotations(params.filePath, std.thisFile), - }, - spec+: { - strategy: kube.DeployUtil.SimpleRollingUpdate(), - replicas: 1, - selector: { - matchLabels: selector, - }, - template: { - metadata: { - labels: selector, - annotations: templates.annotations(params.filePath, std.thisFile), - }, - spec+: { - imagePullSecrets: [ - { - name: "docker-auth", - } - ], - containers: [ - { - image: params.image, - name: "lanraragi", - ports: [ - kube.DeployUtil.ContainerPort("http", params.webPort), - ], - resources: params.resources, - readinessProbe: { - httpGet: { - path: "/", - port: params.webPort, - }, - initialDelaySeconds: 30, - }, - - livenessProbe: { - httpGet: { - path: "/", - port: params.webPort, - }, - initialDelaySeconds: 30, - periodSeconds: 15, - failureThreshold: 10 - }, - args: [], - volumeMounts: [ - kube.DeployUtil.VolumeMount("content", "/home/koyomi/lanraragi/content"), - kube.DeployUtil.VolumeMount("database", "/home/koyomi/lanraragi/database"), - kube.DeployUtil.VolumeMount("thumb", "/home/koyomi/lanraragi/thumb"), - ] - }, - ], - volumes: [ - kube.DeployUtil.VolumeClaimRef("content", params.contentClaimName), - kube.DeployUtil.VolumeClaimRef("database", params.databaseClaimName), - kube.DeployUtil.VolumeClaimRef("thumb", params.thumbClaimName), - ], - } - }, - }, - } -}; - -{ - WebPort: WebPort, - Params: Params, - App(params): App(params), -} diff --git a/experimental/users/acmcarther/k8s/configs/templates/naifu2.libsonnet b/experimental/users/acmcarther/k8s/configs/templates/naifu2.libsonnet deleted file mode 100644 index 502a9db..0000000 --- a/experimental/users/acmcarther/k8s/configs/templates/naifu2.libsonnet +++ /dev/null @@ -1,126 +0,0 @@ -local kube = import "k8s/configs/base.libsonnet"; -local linuxserver = import "k8s/configs/templates/core/linuxserver.libsonnet"; -local images = import "k8s/configs/images.libsonnet"; - -local probe(delaySeconds) = { - initialDelaySeconds: delaySeconds, - periodSeconds: 20, - tcpSocket: { - port: "http", - }, -}; - -local WebPort = 7860; - -local Params = kube.simpleFieldStruct([ - "namespace", - "name", - "filePath", - "storageClaimName", - "outputClaimName", - //"ingressHost", -]) { - labels: {}, - gatekeeperSidecar: null, - lsParams: linuxserver.AppParams { - name: $.name, - namespace: $.namespace, - filePath: $.filePath, - templatePath: std.thisFile, - baseAppName: "naifu", - imageName: "naifu2", - imagePullSecrets: ["regcred"], - labels+: $.labels, - gatekeeperSidecar: $.gatekeeperSidecar, - isPrivileged: true, - services: [ - linuxserver.Service { - suffix: "ui", - spec: { - type: "ClusterIP", - ports: [ - kube.SvcUtil.TCPServicePort("http", 80) { - targetPort: WebPort - }, - ], - }, - }, - ], - nodeSelector: { - "gpu": "nvidia" - }, - ports: [ - kube.DeployUtil.ContainerPort("http", WebPort), - ], - env: linuxserver.Env { - others: [ - kube.NameVal("CLI_ARGS", "--allow-code --ui-config-file /stable-diffusion-webui/models/Stable-diffusion/ui-config.json --styles-file /stable-diffusion-webui/models/Stable-diffusion/styles.csv --deepdanbooru"), - kube.NameVal("NVIDIA_VISIBLE_DEVICES", "all"), - //kube.NameVal("CLI_FLAGS", "--extra-models-cpu --optimized-turbo"), - //--precision full --no-half - //kube.NameVal("CLI_FLAGS", "--no-half"), - //kube.NameVal("CUDA_VISIBLE_DEVICES", "0"), - #kube.NameVal("TOKEN", "example-token"), - ] - }, - args: [ - ], - pvcs: [ - linuxserver.Pvc{ - name: "naifu-storage", - mountPath: "/data", - bindName: $.storageClaimName, - }, - linuxserver.Pvc{ - name: "naifu-output", - mountPath: "/output", - bindName: $.outputClaimName, - }, - - ], - hostPaths: [ - linuxserver.HostPath{ - name: "nvidia-nvidia-uvm", - hostPath: "/dev/nvidia-uvm", - mountPath: "/dev/nvidia-uvm", - }, - linuxserver.HostPath{ - name: "nvidia-nvidia0", - hostPath: "/dev/nvidia0", - mountPath: "/dev/nvidia0", - }, - linuxserver.HostPath{ - name: "nvidia-nvidiactrl", - hostPath: "/dev/nvidiactrl", - mountPath: "/dev/nvidiactrl", - }, - linuxserver.HostPath{ - name: "nvidia-drivers", - hostPath: "/opt/drivers/nvidia", - mountPath: "/usr/local/nvidia", - }, - - ], - resources: { - requests: { - cpu: "1000m", - memory: "12000Mi", - }, - limits: { - cpu: "4000m", - memory: "24000Mi", - }, - }, - //livenessProbe: probe(/*delaySeconds=*/60), - //readinessProbe: probe(/*delaySeconds=*/60), - }, -}; - -local App(params) = linuxserver.App(params.lsParams) { -}; - -{ - WebPort: WebPort, - Params: Params, - App(params): App(params), -} diff --git a/experimental/users/acmcarther/k8s/configs/templates/semantic-search.libsonnet b/experimental/users/acmcarther/k8s/configs/templates/semantic-search.libsonnet deleted file mode 100644 index 44aed8f..0000000 --- a/experimental/users/acmcarther/k8s/configs/templates/semantic-search.libsonnet +++ /dev/null @@ -1,89 +0,0 @@ -local kube = import "k8s/configs/base.libsonnet"; -local linuxserver = import "k8s/configs/templates/core/linuxserver.libsonnet"; -local images = import "k8s/configs/images.libsonnet"; - -local searchProbe(delaySeconds) = { - initialDelaySeconds: delaySeconds, - periodSeconds: 30, - tcpSocket: { - port: "http", - }, -}; - -local WebPort = 8000; -local DataDir = "/app/ai/data/vectordb"; -local ModelCacheDir = DataDir + "/models"; - -local Params = kube.simpleFieldStruct([ - "namespace", - "name", - "filePath", - "dataClaimName", -]) { - labels: {}, - gatekeeperSidecar: null, - lsParams: linuxserver.AppParams { - name: $.name, - namespace: $.namespace, - filePath: $.filePath, - templatePath: std.thisFile, - baseAppName: "semantic-search", - imageName: "semantic-search-server", - labels+: $.labels, - gatekeeperSidecar: $.gatekeeperSidecar, - env+: linuxserver.Env { - others: [ - kube.NameVal("TRANSFORMERS_CACHE", ModelCacheDir), - ], - }, - services: [ - linuxserver.Service { - suffix: "ui", - spec: kube.SvcUtil.BasicHttpClusterIpSpec(WebPort) - }, - ], - ports: [ kube.DeployUtil.ContainerPort("http", WebPort), ], - pvcs: [ - linuxserver.Pvc { - name: "data", - mountPath: DataDir, - bindName: $.dataClaimName, - }, - ], - resources: { - requests: { - cpu: "100m", - memory: "512Mi", - }, - limits: { - cpu: "500m", - memory: "2Gi", - }, - }, - livenessProbe: searchProbe(/*delaySeconds=*/60), - readinessProbe: searchProbe(/*delaySeconds=*/60), - }, -}; - -local App(params) = - local baseApp = linuxserver.App(params.lsParams); - baseApp { - deployment+: { - spec+: { - template+: { - spec+: { - containers: [ - c { imagePullPolicy: "Always" } - for c in super.containers - ], - }, - }, - }, - }, - }; - -{ - Params: Params, - WebPort: WebPort, - App(params): App(params), -} diff --git a/experimental/users/acmcarther/k8s/configs/templates/static-site.libsonnet b/experimental/users/acmcarther/k8s/configs/templates/static-site.libsonnet deleted file mode 100644 index 821450b..0000000 --- a/experimental/users/acmcarther/k8s/configs/templates/static-site.libsonnet +++ /dev/null @@ -1,58 +0,0 @@ -// A template for deploying a generic static website with Nginx. -local kube = import "k8s/configs/base.libsonnet"; -local linuxserver = import "k8s/configs/templates/core/linuxserver.libsonnet"; -local images = import "k8s/configs/images.libsonnet"; - -local WebPort = 80; - -local Params = kube.simpleFieldStruct([ - "namespace", - "name", - "filePath", - "dataClaimName", -]) { - labels: {}, - gatekeeperSidecar: null, - lsParams: linuxserver.AppParams { - name: $.name, - namespace: $.namespace, - filePath: $.filePath, - templatePath: std.thisFile, - baseAppName: "static-site", - imageName: "nginx:1.29.1-alpine", - labels+: $.labels, - gatekeeperSidecar: $.gatekeeperSidecar, - services: [ - linuxserver.Service { - suffix: "ui", - spec: kube.SvcUtil.BasicHttpClusterIpSpec(WebPort) - }, - ], - ports: [ kube.DeployUtil.ContainerPort("http", WebPort), ], - pvcs: [ - linuxserver.Pvc{ - name: "static-content", - mountPath: "/usr/share/nginx/html", - bindName: $.dataClaimName, - }, - ], - resources: { - requests: { - cpu: "10m", - memory: "32Mi", - }, - limits: { - cpu: "50m", - memory: "64Mi", - }, - }, - }, -}; - -local App(params) = linuxserver.App(params.lsParams); - -{ - Params: Params, - WebPort: WebPort, - App(params): App(params), -} \ No newline at end of file diff --git a/k8s/configs/environments/sourcebot/main.jsonnet b/k8s/configs/environments/sourcebot/main.jsonnet index ba1708d..d081425 100644 --- a/k8s/configs/environments/sourcebot/main.jsonnet +++ b/k8s/configs/environments/sourcebot/main.jsonnet @@ -17,6 +17,7 @@ local params = linuxserver.AppParams { filePath: std.thisFile, templatePath: std.thisFile, authUrl: 'https://sourcebot.csbx.dev', + forceEnableAnonymousAccess: false, ports: [ base.DeployUtil.ContainerPort("http", WebPort), ], services: [ linuxserver.Service { @@ -53,6 +54,7 @@ local params = linuxserver.AppParams { base.NameVal('CONFIG_PATH', '/etc/sourcebot/config.json'), base.NameVal('AUTH_URL', $.authUrl), base.NameVal('SOURCEBOT_TELEMETRY_DISABLED', 'true'), + base.NameVal('FORCE_ENABLE_ANONYMOUS_ACCESS', if $.forceEnableAnonymousAccess then 'true' else 'false'), { name: 'GITEA_TOKEN', valueFrom: { @@ -74,11 +76,17 @@ local params = linuxserver.AppParams { name: namespaceName, }, }, + // This database might have been destroyed... pvc: base.RecoverableSimplePvc(namespaceName, appName + '-data', 'nfs-client', '10Gi', { volumeName: "pvc-55405f2b-f253-4e3e-a45f-2a1a18f75c89", nfsPath: "/volume3/fs/sourcebot-sourcebot-data-pvc-55405f2b-f253-4e3e-a45f-2a1a18f75c89", nfsServer: "apollo1.dominion.lan", }), + pvc1: base.RecoverableSimplePvc(namespaceName, appName + '-1-data', 'nfs-client', '10Gi', null/*{ + volumeName: "pvc-55405f2b-f253-4e3e-a45f-2a1a18f75c89", + nfsPath: "/volume3/fs/sourcebot-sourcebot-data-pvc-55405f2b-f253-4e3e-a45f-2a1a18f75c89", + nfsServer: "apollo1.dominion.lan", + }*/), pvc2: base.RecoverableSimplePvc(namespaceName, appName + '-2-data', 'nfs-client', '10Gi', { volumeName: "pvc-73d0ed19-562b-4bd9-a198-d8a5d21f0146", nfsPath: "/volume3/fs/sourcebot-sourcebot-2-data-pvc-73d0ed19-562b-4bd9-a198-d8a5d21f0146", @@ -134,12 +142,16 @@ local params = linuxserver.AppParams { ||| }, }, - app: linuxserver.App(params), + app: linuxserver.App(params { + imageName: "sourcebot-patched", + pvcName: appName + '-1-data', + }), app2: linuxserver.App(params { name: appName + '-2', authUrl: 'https://source-mirror.csbx.dev', configMapName: appName + '-2', pvcName: appName + '-2-data', + forceEnableAnonymousAccess: true, }), ingress1: nginxIngress.Ingress(nginxIngress.IngressParams { namespace: namespaceName, diff --git a/k8s/configs/images.libsonnet b/k8s/configs/images.libsonnet index 11d751b..5d47cf8 100644 --- a/k8s/configs/images.libsonnet +++ b/k8s/configs/images.libsonnet @@ -91,8 +91,8 @@ local ProdImages() = { # 2025-07-?? "ollama/ollama": "ollama/ollama:0.9.6", "ghcr.io/open-webui/open-webui": "ghcr.io/open-webui/open-webui:v0.6.18", - #"sourcebot": "ghcr.io/sourcebot-dev/sourcebot:v4.10.12", - "sourcebot": "forgejo.csbx.dev/acmcarther/sourcebot:v4.10.12-patched", + "sourcebot": "ghcr.io/sourcebot-dev/sourcebot:v4.10.12", + "sourcebot-patched": "forgejo.csbx.dev/acmcarther/sourcebot:v4.10.12-patched", # 2026-01-18 "linuxserver/jellyfin": "linuxserver/jellyfin:10.11.5", }; diff --git a/tools/copybara/yesod-mirror/copy.bara.sky b/tools/copybara/yesod-mirror/copy.bara.sky index c64d78d..88fd416 100644 --- a/tools/copybara/yesod-mirror/copy.bara.sky +++ b/tools/copybara/yesod-mirror/copy.bara.sky @@ -18,7 +18,7 @@ core.workflow( ), # Exclude notes and anything that looks secret-like for now. # The secrets are encrypted, but we don't need them in the mirror anyway. - origin_files = glob(["*", "**/*"], exclude=["notes/**", "**/*.sops.yaml"]), + origin_files = glob(["*", "**/*"], exclude=["notes/**", "**/*.sops.yaml", "experimental/users/acmcarther/k8s/**"]), authoring = authoring.pass_thru("Copybara "),