ops(k8s): create app of apps project, deploy flannel with it

devShell.nix

@@ -1,6 +1,8 @@
-{ inputs, system }:
-let
-  meta = import ./meta.nix { inherit inputs system; };
+{
+  inputs,
+  system,
+}: let
+  meta = import ./meta.nix {inherit inputs system;};
   inherit (meta) pkgs;
   nf-actions = pkgs.writeShellScriptBin "nf-actions" ''
     NF_CONFIG_FILES=($NF_CONFIG_ROOT/ci/{nodes,flake-cron}.nix)
@@ -29,26 +31,33 @@ let
     cd "$NF_CONFIG_ROOT/tf"
     exec nix run ''${FLAKE_OPTS-} "$NF_CONFIG_ROOT#nf-lint-tf" -- "$@"
   '';
-in
-pkgs.mkShell {
-  nativeBuildInputs = with pkgs; [
-    inetutils
-    sops
-    nf-actions
-    nf-actions-test
-    nf-update
-    nf-deploy
-    nf-tf
-    nf-lint-tf
-  ];
-  shellHook = ''
-    export NIX_BIN_DIR=$(dirname $(readlink -f $(type -P nix)))
-    export HOME_UID=$(id -u)
-    export HOME_USER=$(id -un)
-    export CI_PLATFORM="impure"
-    export NF_CONFIG_ROOT=''${NF_CONFIG_ROOT-${toString ./.}}
-    export NIX_PATH="$NIX_PATH:home=$NF_CONFIG_ROOT"
-    export NIX_SSHOPTS="''${NIX_SSHOPTS--p62954}"
+  nf-kustomize = pkgs.writeShellScriptBin "kustomize" ''
+    exec nix run ''${FLAKE_OPTS-} "$NF_CONFIG_ROOT#pkgs.kustomize" -- "$@"
   '';
-}
-
+  nf-argocd = pkgs.writeShellScriptBin "argocd" ''
+    exec nix run ''${FLAKE_OPTS-} "$NF_CONFIG_ROOT#pkgs.argocd" -- "$@"
+  '';
+in
+  pkgs.mkShell {
+    nativeBuildInputs = with pkgs; [
+      inetutils
+      sops
+      nf-actions
+      nf-actions-test
+      nf-update
+      nf-deploy
+      nf-tf
+      nf-lint-tf
+      nf-kustomize
+      nf-argocd
+    ];
+    shellHook = ''
+      export NIX_BIN_DIR=$(dirname $(readlink -f $(type -P nix)))
+      export HOME_UID=$(id -u)
+      export HOME_USER=$(id -un)
+      export CI_PLATFORM="impure"
+      export NF_CONFIG_ROOT=''${NF_CONFIG_ROOT-${toString ./.}}
+      export NIX_PATH="$NIX_PATH:home=$NF_CONFIG_ROOT"
+      export NIX_SSHOPTS="''${NIX_SSHOPTS--p62954}"
+    '';
+  }

k8s/application.yaml

@@ -0,0 +1,17 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: system
+  namespace: argocd
+spec:
+  destination:
+    namespace: default
+    server: https://10.1.1.173:6443
+  project: default
+  source:
+    repoURL: 'https://github.com/gensokyo-zone/infrastructure'
+    path: k8s/system
+    targetRevision: main
+  syncPolicy:
+    automated:
+      selfHeal: true

k8s/kustomization.yaml

@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+- application.yaml

k8s/system/flannel/application.yaml

@@ -0,0 +1,21 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: flannel
+  namespace: argocd
+spec:
+  project: system
+  source:
+    repoURL: 'https://flannel-io.github.io/flannel/'
+    targetRevision: v0.24.x
+    helm:
+      valuesObject:
+        podCidr: 10.42.0.0/16
+    chart: flannel
+  destination:
+    namespace: kube-flannel
+    server: https://10.1.1.173:6443
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+      - ServerSideApply=true

k8s/system/project.yaml

@@ -0,0 +1,18 @@
+apiVersion: argoproj.io/v1alpha1
+kind: AppProject
+metadata:
+  name: system
+  namespace: argocd
+spec:
+  description: "Underlying services and controllers required for the operation of the cluster"
+  destinations:
+    - namespace: "*"
+      server: https://10.1.1.173:6443
+  clusterResourceWhitelist:
+    - group: "*"
+      kind: "*"
+  namespaceResourceWhitelist:
+    - group: "*"
+      kind: "*"
+  sourceRepos:
+    - "*"

nixos/k3s.nix

@@ -13,6 +13,7 @@
     disableAgent = false; # single node server+agent
     extraFlags = toString [
       "--disable=servicelb" # we want to use metallb
+      # i guess it's kind of ok to keep the local path provisioner, even though i used to have the yaml files for deploying it on regular k8s
     ];
   };
 

systems/kuwubernetes/nixos.nix

@@ -23,7 +23,7 @@
   };
 
   fileSystems."/" = {
-    device = "/dev/disk/by-uuid/efb3698c-2471-4b44-b82a-4b9d4a070da6";
+    device = "/dev/disk/by-uuid/5ab5efe2-0250-4bf1-8fd6-3725cdd15031";
     fsType = "ext4";
   };