cleanup modules

author: Max Audron <audron@cocaine.farm> 2023-08-11 16:51:35 +0200
committer: Max Audron <audron@cocaine.farm> 2023-08-11 16:51:35 +0200
commit: 40790797e111cec5ff682806998d50c38ed7bca9 (patch)
tree: 6db95b93f0797a62637845ea4bda5a3eedbc9306 /modules/kubernetes
parent: move nixinate to own flake (diff)
2 files changed, 42 insertions, 35 deletions
diff --git a/modules/kubernetes/cri-o.nix b/modules/kubernetes/cri-o.nix
new file mode 100644
index 0000000..cc32b26
--- /dev/null
+++ b/modules/kubernetes/cri-o.nix
@@ -0,0 +1,38 @@
+{ config, lib, pkgs, ... }:
+
+{
+  virtualisation.cri-o = {
+    enable = true;
+    settings = {
+      crio = {
+        network.plugin_dir = "/opt/cni/bin";
+        default_runtime = "crun";
+        runtime = {
+          allowed_devices = [ "/dev/fuse" ];
+          default_sysctls = [
+            "net.ipv4.ping_group_range=0 2147483647"
+          ];
+          workloads = {
+            gitlab = {
+              activation_annotation = "io.kubernetes.cri-o.workload/gitlab";
+              allowed_annotations = [
+                "io.kubernetes.cri-o.userns-mode"
+                "io.kubernetes.cri-o.Devices"
+                "io.kubernetes.cri-o.ShmSize"
+              ];
+            };
+          };
+          runtimes.crun = {
+            runtime_type = "oci";
+            runtime_root = "/run/crun";
+            allowed_annotations = [
+              "io.kubernetes.cri-o.userns-mode"
+              "io.kubernetes.cri-o.Devices"
+              "io.kubernetes.cri-o.ShmSize"
+            ];
+          };
+        };
+      };
+    };
+  };
+}
diff --git a/modules/kubernetes/default.nix b/modules/kubernetes/default.nix
index 1cf1f09..20b766f 100644
--- a/modules/kubernetes/default.nix
+++ b/modules/kubernetes/default.nix
@@ -21,6 +21,10 @@ let
     v6 = "${config.wireguard.v6.ula}::${config.wireguard.v6.address}";
   };
 in {
+  imports = [
+    ./cri-o.nix
+  ];
+
   options = {
     kubernetes = {
       role = mkOption {
@@ -109,40 +113,5 @@ in {
       configPath = "/etc/k3s/config.yaml";
       disableAgent = cfg.role == "agent";
     };
-
-    virtualisation.cri-o = {
-      enable = true;
-      settings = {
-        crio = {
-          network.plugin_dir = "/opt/cni/bin";
-          default_runtime = "crun";
-          runtime = {
-            allowed_devices = [ "/dev/fuse" ];
-            default_sysctls = [
-              "net.ipv4.ping_group_range=0 2147483647"
-            ];
-            workloads = {
-              gitlab = {
-                activation_annotation = "io.kubernetes.cri-o.workload/gitlab";
-                allowed_annotations = [
-                  "io.kubernetes.cri-o.userns-mode"
-                  "io.kubernetes.cri-o.Devices"
-                  "io.kubernetes.cri-o.ShmSize"
-                ];
-              };
-            };
-            runtimes.crun = {
-              runtime_type = "oci";
-              runtime_root = "/run/crun";
-              allowed_annotations = [
-                "io.kubernetes.cri-o.userns-mode"
-                "io.kubernetes.cri-o.Devices"
-                "io.kubernetes.cri-o.ShmSize"
-              ];
-            };
-          };
-        };
-      };
-    };
   };
 }
author	Max Audron <audron@cocaine.farm>	2023-08-11 16:51:35 +0200
committer	Max Audron <audron@cocaine.farm>	2023-08-11 16:51:35 +0200
commit	40790797e111cec5ff682806998d50c38ed7bca9 (patch)
tree	6db95b93f0797a62637845ea4bda5a3eedbc9306 /modules/kubernetes
parent	move nixinate to own flake (diff)