fix lab

2025-10-25 16:13:09 +05:00
parent 5438278058
commit b83f9521b0
4 changed files with 47 additions and 21 deletions
--- a/flake.lock
+++ b/flake.lock
@@ -56,11 +56,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1759417375,
-        "narHash": "sha256-O7eHcgkQXJNygY6AypkF9tFhsoDQjpNEojw3eFs73Ow=",
+        "lastModified": 1761236834,
+        "narHash": "sha256-+pthv6hrL5VLW2UqPdISGuLiUZ6SnAXdd2DdUE+fV2Q=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "dc704e6102e76aad573f63b74c742cd96f8f1e6c",
+        "rev": "d5faa84122bc0a1fd5d378492efce4e289f8eac1",
        "type": "github"
      },
      "original": {
--- a/helm/values/pihole.values.yaml
+++ b/helm/values/pihole.values.yaml
@@ -35,6 +35,7 @@ serviceWeb:
 serviceDns:
  annotations:
    metallb.universe.tf/allow-shared-ip: pihole-svc
+  mixedService: true
  type: LoadBalancer
  loadBalancerIP: 192.168.18.250
 serviceDhcp:
@@ -51,21 +52,22 @@ dnsmasq:
    - dhcp-host=B0:41:6F:0F:A0:CD,192.168.18.12,homelab-2
 hostNetwork: true
 hostname: pihole
+priviledged: true
+virtualHost: "pihole.dogar.dev"
 capabilities:
  add:
    - NET_ADMIN
 extraEnvVars:
  TZ: "Asia/Karachi"
  DNSSEC: "true"
-  FTLCONF_LOCAL_IPV4: "192.168.18.250"
+  FTLCONG_dhcp_active: "true"
+  FTLCONF_dhcp_start: "192.168.18.2"
+  FTLCONF_dhcp_end: "192.168.18.100"
+  FTLCONF_dhcp_leaseTime: "24h"
+  FTLCONF_dhcp_netmask: "255.255.255.0"
+  FTLCONF_dhcp_router: "192.168.18.1"
+  FTLCONF_dns_listeningMode: "all"
  INTERFACE: "enp1s0"
-  DNSMASQ_LISTENING: "single"
-  DHCP_ACTIVE: "true"
-  DHCP_START: "192.168.18.2"
-  DHCP_END: "192.168.18.20"
-  DHCP_ROUTER: "192.168.18.1"
-  PIHOLE_DOMAIN: "pihole.dogar.dev"
-  VIRTUAL_HOST: "pihole.dogar.dev"
 podAnnotations:
  prometheus.io/scrape: "true"
  prometheus.io/port: "9617"
--- a/main.ts
+++ b/main.ts
@@ -13,10 +13,10 @@ import { AuthentikServer } from "./authentik";
 import { ValkeyCluster } from "./valkey";
 import { CertManager } from "./cert-manager";
 import { Manifest } from "@cdktf/provider-kubernetes/lib/manifest";
-import { PiHole } from "./pihole";
 import { Nginx } from "./nginx";
 import { Prometheus } from "./prometheus";
 import { MetalLB } from "./metallb";
+import { PiHole } from "./pihole";

 dotenv.config();

@@ -148,16 +148,12 @@ class Homelab extends TerraformStack {
      backupR2EndpointURL: r2Endpoint,
    });

-    pg.node.addDependency(pihole);
-
    const valkey = new ValkeyCluster(this, "valkey-cluster", {
      provider: kubernetes,
      namespace,
      name: "valkey",
    });

-    valkey.node.addDependency(pihole);
-
    const authentik = new AuthentikServer(this, "authentik-server", {
      provider: helm,
      name: "authentik",
--- a/postgres/index.ts
+++ b/postgres/index.ts
@@ -375,15 +375,24 @@ export class PostgresCluster extends Construct {
              },
            },
          ],
-          enableSuperuserAccess: false,
+          enableSuperuserAccess: true,
+          // bootstrap: {
+          //   recovery: {
+          //     source: "clusterBackup",
+          //     database: "postgres",
+          //     owner: options.primaryUser,
+          //     secret: {
+          //       name: options.initSecretName,
+          //     },
+          //   },
+          // },
          bootstrap: {
-            recovery: {
-              source: "clusterBackup",
+            initdb: {
              database: "postgres",
-              owner: options.primaryUser,
              secret: {
                name: options.initSecretName,
              },
+              postInitSQL: [`CREATE USER ${options.primaryUser} SUPERUSER;`],
            },
          },
          externalClusters: [
@@ -392,7 +401,7 @@ export class PostgresCluster extends Construct {
              plugin: {
                name: "barman-cloud.cloudnative-pg.io",
                parameters: {
-                  barmanObjectName: "r2-postgres-backup-store",
+                  barmanObjectName: barmanStoreName,
                  serverName: "postgres-cluster",
                },
              },
@@ -431,5 +440,24 @@ export class PostgresCluster extends Construct {
        },
      },
    });
+
+    new Manifest(this, "postgres-backup-job", {
+      provider: kubernetes,
+      manifest: {
+        apiVersion: "postgresql.cnpg.io/v1",
+        kind: "ScheduledBackup",
+        metadata: {
+          name: "postgres-cluster",
+          namespace: options.namespace,
+        },
+        spec: {
+          schedule: "0 0 0 * * *", // daily at midnight
+          backupOwnerReference: "self",
+          cluster: {
+            name: options.name,
+          },
+        },
+      },
+    });
  }
 }