diff --git a/1password/1password.ts b/1password/index.ts similarity index 100% rename from 1password/1password.ts rename to 1password/index.ts diff --git a/gitea/server.ts b/gitea/index.ts similarity index 100% rename from gitea/server.ts rename to gitea/index.ts diff --git a/helm/helmfile.yaml b/helm/helmfile.yaml index 32ae591..1ed86f3 100644 --- a/helm/helmfile.yaml +++ b/helm/helmfile.yaml @@ -1,6 +1,4 @@ repositories: - - name: longhorn - url: https://charts.longhorn.io - name: metallb url: https://metallb.github.io/metallb - name: mojo2600 @@ -17,14 +15,6 @@ repositories: url: https://charts.goauthentik.io --- releases: - # Distributed Storage - - name: longhorn - namespace: longhorn-system - chart: longhorn/longhorn - version: 1.7.0 - values: - - ./values/longhorn.values.yaml - # Load Balancer - name: metallb namespace: metallb-system diff --git a/longhorn/index.ts b/longhorn/index.ts new file mode 100644 index 0000000..8b8710a --- /dev/null +++ b/longhorn/index.ts @@ -0,0 +1,63 @@ +import * as fs from "fs"; +import { HelmProvider } from "@cdktf/provider-helm/lib/provider"; +import { Release } from "@cdktf/provider-helm/lib/release"; +import { Construct } from "constructs"; +import { Manifest } from "@cdktf/provider-kubernetes/lib/manifest"; +import { KubernetesProvider } from "@cdktf/provider-kubernetes/lib/provider"; + +type LonghornOptions = { + providers: { + kubernetes: KubernetesProvider; + helm: HelmProvider; + }; + version: string; + name: string; + namespace: string; +}; + +export class Longhorn extends Construct { + constructor(scope: Construct, id: string, options: LonghornOptions) { + super(scope, id); + + const { helm, kubernetes } = options.providers; + + new Release(this, id, { + name: options.name, + namespace: options.namespace, + version: options.version, + provider: helm, + repository: "https://charts.longhorn.io", + chart: "longhorn", + createNamespace: true, + values: [ + fs.readFileSync("helm/values/longhorn.values.yaml", { + encoding: "utf8", + }), + ], + }); + + new Manifest(this, "longhorn-crypto-storage-class", { + provider: kubernetes, + manifest: { + kind: "StorageClass", + apiVersion: "storage.k8s.io/v1", + metadata: { + name: "longhorn-crypto", + }, + provisioner: "driver.longhorn.io", + allowVolumeExpansion: true, + parameters: { + numberOfReplicas: "3", + staleReplicaTimeout: "2880", // 48 hours in minutes + encrypted: "true", + "csi.storage.k8s.io/provisioner-secret-name": "longhorn-encryption", + "csi.storage.k8s.io/provisioner-secret-namespace": options.namespace, + "csi.storage.k8s.io/node-publish-secret-name": "longhorn-encryption", + "csi.storage.k8s.io/node-publish-secret-namespace": options.namespace, + "csi.storage.k8s.io/node-stage-secret-name": "longhorn-encryption", + "csi.storage.k8s.io/node-stage-secret-namespace": options.namespace, + }, + }, + }); + } +} diff --git a/main.ts b/main.ts index c72acaf..27d10bb 100644 --- a/main.ts +++ b/main.ts @@ -5,9 +5,10 @@ import { App, TerraformStack, S3Backend } from "cdktf"; import { HelmProvider } from "@cdktf/provider-helm/lib/provider"; import { KubernetesProvider } from "@cdktf/provider-kubernetes/lib/provider"; -import { GiteaServer } from "./gitea/server"; -import { OnePassword } from "./1password/1password"; -import { PostgresCluster } from "./postgres/postgres"; +import { GiteaServer } from "./gitea"; +import { OnePassword } from "./1password"; +import { PostgresCluster } from "./postgres"; +import { Longhorn } from "./longhorn"; dotenv.config(); @@ -32,6 +33,16 @@ class Homelab extends TerraformStack { }, }); + new Longhorn(this, "longhorn", { + namespace: "longhorn-system", + name: "longhorn", + version: "1.7.0", + providers: { + kubernetes, + helm, + }, + }); + new PostgresCluster(this, "postgres-cluster", { name: "postgres-cluster", namespace: "postgres-system", diff --git a/postgres/postgres.ts b/postgres/index.ts similarity index 100% rename from postgres/postgres.ts rename to postgres/index.ts