feat: CDKTF | migrate longhorn to cdktf

helm/helmfile.yaml

@@ -1,6 +1,4 @@
 repositories:
-  - name: longhorn
-    url: https://charts.longhorn.io
   - name: metallb
     url: https://metallb.github.io/metallb
   - name: mojo2600
@@ -17,14 +15,6 @@ repositories:
     url: https://charts.goauthentik.io
 ---
 releases:
-  # Distributed Storage
-  - name: longhorn
-    namespace: longhorn-system
-    chart: longhorn/longhorn
-    version: 1.7.0
-    values:
-      - ./values/longhorn.values.yaml
-
   # Load Balancer
   - name: metallb
     namespace: metallb-system

longhorn/index.ts

@@ -0,0 +1,63 @@
+import * as fs from "fs";
+import { HelmProvider } from "@cdktf/provider-helm/lib/provider";
+import { Release } from "@cdktf/provider-helm/lib/release";
+import { Construct } from "constructs";
+import { Manifest } from "@cdktf/provider-kubernetes/lib/manifest";
+import { KubernetesProvider } from "@cdktf/provider-kubernetes/lib/provider";
+
+type LonghornOptions = {
+  providers: {
+    kubernetes: KubernetesProvider;
+    helm: HelmProvider;
+  };
+  version: string;
+  name: string;
+  namespace: string;
+};
+
+export class Longhorn extends Construct {
+  constructor(scope: Construct, id: string, options: LonghornOptions) {
+    super(scope, id);
+
+    const { helm, kubernetes } = options.providers;
+
+    new Release(this, id, {
+      name: options.name,
+      namespace: options.namespace,
+      version: options.version,
+      provider: helm,
+      repository: "https://charts.longhorn.io",
+      chart: "longhorn",
+      createNamespace: true,
+      values: [
+        fs.readFileSync("helm/values/longhorn.values.yaml", {
+          encoding: "utf8",
+        }),
+      ],
+    });
+
+    new Manifest(this, "longhorn-crypto-storage-class", {
+      provider: kubernetes,
+      manifest: {
+        kind: "StorageClass",
+        apiVersion: "storage.k8s.io/v1",
+        metadata: {
+          name: "longhorn-crypto",
+        },
+        provisioner: "driver.longhorn.io",
+        allowVolumeExpansion: true,
+        parameters: {
+          numberOfReplicas: "3",
+          staleReplicaTimeout: "2880", // 48 hours in minutes
+          encrypted: "true",
+          "csi.storage.k8s.io/provisioner-secret-name": "longhorn-encryption",
+          "csi.storage.k8s.io/provisioner-secret-namespace": options.namespace,
+          "csi.storage.k8s.io/node-publish-secret-name": "longhorn-encryption",
+          "csi.storage.k8s.io/node-publish-secret-namespace": options.namespace,
+          "csi.storage.k8s.io/node-stage-secret-name": "longhorn-encryption",
+          "csi.storage.k8s.io/node-stage-secret-namespace": options.namespace,
+        },
+      },
+    });
+  }
+}

main.ts

@@ -5,9 +5,10 @@ import { App, TerraformStack, S3Backend } from "cdktf";
 import { HelmProvider } from "@cdktf/provider-helm/lib/provider";
 import { KubernetesProvider } from "@cdktf/provider-kubernetes/lib/provider";
 
-import { GiteaServer } from "./gitea/server";
-import { OnePassword } from "./1password/1password";
-import { PostgresCluster } from "./postgres/postgres";
+import { GiteaServer } from "./gitea";
+import { OnePassword } from "./1password";
+import { PostgresCluster } from "./postgres";
+import { Longhorn } from "./longhorn";
 
 dotenv.config();
 
@@ -32,6 +33,16 @@ class Homelab extends TerraformStack {
       },
     });
 
+    new Longhorn(this, "longhorn", {
+      namespace: "longhorn-system",
+      name: "longhorn",
+      version: "1.7.0",
+      providers: {
+        kubernetes,
+        helm,
+      },
+    });
+
     new PostgresCluster(this, "postgres-cluster", {
       name: "postgres-cluster",
       namespace: "postgres-system",