ops(k8s): create app of apps project, deploy flannel with it

devShell.nix

@@ -1,5 +1,7 @@
-{ inputs, system }:
+{
-let
+  inputs,
+  system,
+}: let
   meta = import ./meta.nix {inherit inputs system;};
   inherit (meta) pkgs;
   nf-actions = pkgs.writeShellScriptBin "nf-actions" ''
@@ -29,6 +31,12 @@ let
     cd "$NF_CONFIG_ROOT/tf"
     exec nix run ''${FLAKE_OPTS-} "$NF_CONFIG_ROOT#nf-lint-tf" -- "$@"
   '';
+  nf-kustomize = pkgs.writeShellScriptBin "kustomize" ''
+    exec nix run ''${FLAKE_OPTS-} "$NF_CONFIG_ROOT#pkgs.kustomize" -- "$@"
+  '';
+  nf-argocd = pkgs.writeShellScriptBin "argocd" ''
+    exec nix run ''${FLAKE_OPTS-} "$NF_CONFIG_ROOT#pkgs.argocd" -- "$@"
+  '';
 in
   pkgs.mkShell {
     nativeBuildInputs = with pkgs; [
@@ -40,6 +48,8 @@ pkgs.mkShell {
       nf-deploy
       nf-tf
       nf-lint-tf
+      nf-kustomize
+      nf-argocd
     ];
     shellHook = ''
       export NIX_BIN_DIR=$(dirname $(readlink -f $(type -P nix)))
@@ -51,4 +61,3 @@ pkgs.mkShell {
       export NIX_SSHOPTS="''${NIX_SSHOPTS--p62954}"
     '';
   }
-

k8s/application.yaml

@@ -0,0 +1,17 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: system
+  namespace: argocd
+spec:
+  destination:
+    namespace: default
+    server: https://10.1.1.173:6443
+  project: default
+  source:
+    repoURL: 'https://github.com/gensokyo-zone/infrastructure'
+    path: k8s/system
+    targetRevision: main
+  syncPolicy:
+    automated:
+      selfHeal: true

k8s/kustomization.yaml

@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+- application.yaml

k8s/system/flannel/application.yaml

@@ -0,0 +1,21 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: flannel
+  namespace: argocd
+spec:
+  project: system
+  source:
+    repoURL: 'https://flannel-io.github.io/flannel/'
+    targetRevision: v0.24.x
+    helm:
+      valuesObject:
+        podCidr: 10.42.0.0/16
+    chart: flannel
+  destination:
+    namespace: kube-flannel
+    server: https://10.1.1.173:6443
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+      - ServerSideApply=true

k8s/system/project.yaml

@@ -0,0 +1,18 @@
+apiVersion: argoproj.io/v1alpha1
+kind: AppProject
+metadata:
+  name: system
+  namespace: argocd
+spec:
+  description: "Underlying services and controllers required for the operation of the cluster"
+  destinations:
+    - namespace: "*"
+      server: https://10.1.1.173:6443
+  clusterResourceWhitelist:
+    - group: "*"
+      kind: "*"
+  namespaceResourceWhitelist:
+    - group: "*"
+      kind: "*"
+  sourceRepos:
+    - "*"

nixos/k3s.nix

@@ -13,6 +13,7 @@
     disableAgent = false; # single node server+agent
     extraFlags = toString [
       "--disable=servicelb" # we want to use metallb
+      # i guess it's kind of ok to keep the local path provisioner, even though i used to have the yaml files for deploying it on regular k8s
     ];
   };
 

systems/kuwubernetes/nixos.nix

@@ -23,7 +23,7 @@
   };
 
   fileSystems."/" = {
-    device = "/dev/disk/by-uuid/efb3698c-2471-4b44-b82a-4b9d4a070da6";
+    device = "/dev/disk/by-uuid/5ab5efe2-0250-4bf1-8fd6-3725cdd15031";
     fsType = "ext4";
   };