@highstate/library 0.9.9 → 0.9.11

package/dist/index.js

@@ -571,7 +571,8 @@ var clusterEntity = defineEntity5({
     defaultNodeName: Type6.String(),
     defaultDatastoreId: Type6.String(),
     password: Type6.Optional(Type6.String()),
-    apiToken: Type6.Optional(Type6.String())
+    apiToken: Type6.Optional(Type6.String()),
+    sshKeyPair: Type6.Optional(keyPairEntity.schema)
   }),
   meta: {
     color: "#e56901"
@@ -599,6 +600,12 @@ var connection = defineUnit4({
     password: Type6.Optional(Type6.String()),
     apiToken: Type6.Optional(Type6.String())
   },
+  inputs: {
+    sshKeyPair: {
+      entity: keyPairEntity,
+      required: false
+    }
+  },
   outputs: {
     proxmoxCluster: clusterEntity
   },
@@ -669,19 +676,20 @@ var virtualMachine = defineUnit4({
   type: "proxmox.virtual-machine",
   args: {
     nodeName: Type6.Optional(Type6.String()),
-    cpuType: Type6.Optional(Type6.String({ default: "host" })),
-    cores: Type6.Optional(Type6.Number({ default: 1 })),
-    sockets: Type6.Optional(Type6.Number({ default: 1 })),
-    memory: Type6.Optional(Type6.Number({ default: 512 })),
+    cpuType: Type6.Default(Type6.String(), "host"),
+    cores: Type6.Default(Type6.Number(), 1),
+    sockets: Type6.Default(Type6.Number(), 1),
+    memory: Type6.Default(Type6.Number(), 512),
     ipv4: Type6.Optional(Type6.String()),
     ipv4Gateway: Type6.Optional(Type6.String()),
     dns: Type6.Optional(Type6.Array(Type6.String())),
     datastoreId: Type6.Optional(Type6.String()),
-    diskSize: Type6.Optional(Type6.Number({ default: 8 })),
-    bridge: Type6.Optional(Type6.String({ default: "vmbr0" })),
-    sshPort: Type6.Optional(Type6.Number({ default: 22 })),
-    sshUser: Type6.Optional(Type6.String({ default: "root" })),
-    waitForAgent: Type6.Optional(Type6.Boolean({ default: true }))
+    diskSize: Type6.Default(Type6.Number(), 8),
+    bridge: Type6.Default(Type6.String(), "vmbr0"),
+    sshPort: Type6.Default(Type6.Number(), 22),
+    sshUser: Type6.Default(Type6.String(), "root"),
+    waitForAgent: Type6.Default(Type6.Boolean(), true),
+    vendorData: Type6.Optional(Type6.String({ language: "yaml" }))
   },
   secrets: {
     sshPassword: Type6.Optional(Type6.String())
@@ -715,6 +723,7 @@ __export(k8s_exports, {
   accessPoint: () => accessPoint,
   accessPointEntity: () => accessPointEntity,
   certManager: () => certManager,
+  cilium: () => cilium,
   clusterDns: () => clusterDns,
   clusterEntity: () => clusterEntity2,
   clusterInfoProperties: () => clusterInfoProperties,
@@ -890,6 +899,15 @@ var clusterInfoProperties = {
   quirks: {
     ...Type7.Optional(clusterQuirksSchema),
     description: `The extra quirks of the cluster to improve compatibility.`
+  },
+  /**
+   * The extra metadata to attach to the cluster.
+   *
+   * @schema
+   */
+  metadata: {
+    ...Type7.Optional(Type7.Record(Type7.String(), Type7.Unknown())),
+    description: `The extra metadata to attach to the cluster.`
   }
 };
 var serviceTypeSchema = Type7.StringEnum(["NodePort", "LoadBalancer", "ClusterIP"]);
@@ -1115,7 +1133,7 @@ var clusterPatch = defineUnit5({
   }
 });
 var clusterDns = defineUnit5({
-  type: "cluster-dns",
+  type: "k8s.cluster-dns",
   args: {
     ...createArgs(),
     ...createArgs("api")
@@ -1324,6 +1342,36 @@ var gatewayApi = defineUnit5({
     path: "units/gateway-api"
   }
 });
+var cilium = defineUnit5({
+  type: "k8s.cilium",
+  args: {
+    /**
+     * If set to `true`, the generated network policy will allow
+     * all DNS queries to be resolved, even if they are
+     * for forbidden (non-allowed) FQDNs.
+     *
+     * By default, is `false`.
+     */
+    allowForbiddenFqdnResolution: Type7.Default(Type7.Boolean(), false)
+  },
+  inputs: {
+    k8sCluster: clusterEntity2
+  },
+  outputs: {
+    k8sCluster: clusterEntity2
+  },
+  meta: {
+    displayName: "Cilium",
+    description: "The Cilium CNI deployed on Kubernetes.",
+    primaryIcon: "simple-icons:cilium",
+    secondaryIcon: "devicon:kubernetes",
+    category: "Kubernetes"
+  },
+  source: {
+    package: "@highstate/cilium",
+    path: "unit"
+  }
+});
 
 // src/talos.ts
 var talos_exports = {};
@@ -2197,6 +2245,7 @@ __export(apps_exports, {
   endpointFilter: () => endpointFilter,
   explicitEndpointFilterSchema: () => explicitEndpointFilterSchema,
   grocy: () => grocy,
+  hubble: () => hubble,
   kubernetesDashboard: () => kubernetesDashboard,
   mariadb: () => mariadb,
   mariadbDatabase: () => mariadbDatabase,
@@ -2455,7 +2504,11 @@ var mariadb = defineUnit9({
   inputs: createInputs(["resticRepo"]),
   outputs: {
     mariadb: mariadbEntity,
-    service: serviceEntity
+    service: serviceEntity,
+    endpoints: {
+      entity: l4EndpointEntity,
+      multiple: true
+    }
   },
   meta: {
     displayName: "MariaDB",
@@ -2506,7 +2559,11 @@ var postgresql = defineUnit10({
   inputs: createInputs(["resticRepo", "dnsProviders"]),
   outputs: {
     postgresql: postgresqlEntity,
-    service: serviceEntity
+    service: serviceEntity,
+    endpoints: {
+      entity: l4EndpointEntity,
+      multiple: true
+    }
   },
   meta: {
     displayName: "PostgreSQL",
@@ -2575,7 +2632,11 @@ var mongodb = defineUnit12({
   inputs: createInputs(["resticRepo"]),
   outputs: {
     mongodb: mongodbEntity,
-    service: serviceEntity
+    service: serviceEntity,
+    endpoints: {
+      entity: l4EndpointEntity,
+      multiple: true
+    }
   },
   meta: {
     displayName: "MongoDB",
@@ -2888,7 +2949,7 @@ var backupModeSchema = Type21.StringEnum(["state", "full"]);
 var syncthing = defineUnit20({
   type: "apps.syncthing",
   args: {
-    ...createArgs2("syncthing", ["fqdn"]),
+    ...createArgs2("syncthing", ["fqdn", "external"]),
     /**
      * The FQDN of the Syncthing instance used to sync with other devices.
      *
@@ -2908,10 +2969,14 @@ var syncthing = defineUnit20({
     backupMode: Type21.Default(backupModeSchema, "state")
   },
   secrets: createSecrets(["backupPassword"]),
-  inputs: createInputs(["accessPoint", "resticRepo", "dnsProviders", "volume"]),
+  inputs: createInputs(["accessPoint", "resticRepo", "volume"]),
   outputs: {
+    volume: persistentVolumeClaimEntity,
     service: serviceEntity,
-    volume: persistentVolumeClaimEntity
+    endpoints: {
+      entity: l4EndpointEntity,
+      multiple: true
+    }
   },
   meta: {
     displayName: "Syncthing",
@@ -2949,13 +3014,29 @@ var codeServer = defineUnit21({
   }
 });
 
+// src/apps/hubble.ts
+import { defineUnit as defineUnit22 } from "@highstate/contract";
+var hubble = defineUnit22({
+  type: "apps.hubble",
+  args: createArgs2("hubble", ["fqdn"]),
+  inputs: createInputs(["accessPoint"]),
+  meta: {
+    displayName: "Hubble",
+    description: "Exposes Hubble UI to the user. It must be already installed in the cluster as part of the Cilium.",
+    primaryIcon: "mdi:eye",
+    secondaryIcon: "simple-icons:cilium",
+    category: "Observability"
+  },
+  source: createSource("hubble")
+});
+
 // src/cloudflare.ts
 var cloudflare_exports = {};
 __export(cloudflare_exports, {
   connection: () => connection2
 });
-import { defineUnit as defineUnit22, Type as Type23 } from "@highstate/contract";
-var connection2 = defineUnit22({
+import { defineUnit as defineUnit23, Type as Type23 } from "@highstate/contract";
+var connection2 = defineUnit23({
   type: "cloudflare.connection",
   secrets: {
     apiToken: Type23.String()
@@ -2978,12 +3059,57 @@ var connection2 = defineUnit22({
 // src/k3s.ts
 var k3s_exports = {};
 __export(k3s_exports, {
-  cluster: () => cluster2
-});
-import { defineUnit as defineUnit23, Type as Type24 } from "@highstate/contract";
-var cluster2 = defineUnit23({
+  cluster: () => cluster2,
+  cniSchema: () => cniSchema3,
+  componentSchema: () => componentSchema,
+  internalComponents: () => internalComponents,
+  packagedComponents: () => packagedComponents
+});
+import { defineUnit as defineUnit24, Type as Type24 } from "@highstate/contract";
+var packagedComponents = [
+  "coredns",
+  "servicelb",
+  "traefik",
+  "local-storage",
+  "metrics-server",
+  "runtimes"
+];
+var internalComponents = [
+  "scheduler",
+  "cloud-controller",
+  "kube-proxy",
+  "network-policy",
+  "helm-controller"
+];
+var componentSchema = Type24.StringEnum([...packagedComponents, ...internalComponents]);
+var cniSchema3 = Type24.StringEnum(["none", "flannel"]);
+var cluster2 = defineUnit24({
   type: "k3s.cluster",
   args: {
+    /**
+     * The components to disable in the K3S cluster.
+     *
+     * @schema
+     */
+    disabledComponents: {
+      ...Type24.Default(Type24.Array(componentSchema), []),
+      description: `The components to disable in the K3S cluster.`
+    },
+    /**
+     * The CNI to use in the K3S cluster.
+     *
+     * Setting this to "none" will disable default Flannel CNI, but will not disable network policy controller and kube-proxy.
+     * If needed, you can disable them using `disabledComponents` argument.
+     *
+     * @schema
+     */
+    cni: {
+      ...Type24.Default(cniSchema3, "flannel"),
+      description: `The CNI to use in the K3S cluster.
+
+ Setting this to "none" will disable default Flannel CNI, but will not disable network policy controller and kube-proxy.
+ If needed, you can disable them using \`disabledComponents\` argument.`
+    },
     /**
      * The K3S configuration to pass to each server or agent in the cluster.
      *
@@ -3031,8 +3157,8 @@ var mullvad_exports = {};
 __export(mullvad_exports, {
   peer: () => peer2
 });
-import { defineUnit as defineUnit24, Type as Type25 } from "@highstate/contract";
-var peer2 = defineUnit24({
+import { defineUnit as defineUnit25, Type as Type25 } from "@highstate/contract";
+var peer2 = defineUnit25({
   type: "mullvad.peer",
   args: {
     hostname: Type25.Optional(Type25.String()),
@@ -3092,7 +3218,7 @@ __export(timeweb_exports, {
   connectionEntity: () => connectionEntity,
   virtualMachine: () => virtualMachine2
 });
-import { defineEntity as defineEntity13, defineUnit as defineUnit25, Type as Type26 } from "@highstate/contract";
+import { defineEntity as defineEntity13, defineUnit as defineUnit26, Type as Type26 } from "@highstate/contract";
 var connectionEntity = defineEntity13({
   type: "timeweb.connection",
   schema: Type26.Object({
@@ -3100,7 +3226,7 @@ var connectionEntity = defineEntity13({
     apiToken: Type26.String()
   })
 });
-var connection3 = defineUnit25({
+var connection3 = defineUnit26({
   type: "timeweb.connection",
   secrets: {
     apiToken: Type26.String()
@@ -3119,7 +3245,7 @@ var connection3 = defineUnit25({
     path: "connection"
   }
 });
-var virtualMachine2 = defineUnit25({
+var virtualMachine2 = defineUnit26({
   type: "timeweb.virtual-machine",
   args: {
     presetId: Type26.Optional(Type26.Number()),
@@ -3162,7 +3288,7 @@ __export(nixos_exports, {
   remoteFlake: () => remoteFlake,
   system: () => system
 });
-import { defineEntity as defineEntity14, defineUnit as defineUnit26, Type as Type27 } from "@highstate/contract";
+import { defineEntity as defineEntity14, defineUnit as defineUnit27, Type as Type27 } from "@highstate/contract";
 var inlineModuleEntity = defineEntity14({
   type: "nixos.inline-module",
   schema: Type27.Object({
@@ -3174,7 +3300,7 @@ var inlineModuleEntity = defineEntity14({
     color: "#5277c3"
   }
 });
-var inlineModule = defineUnit26({
+var inlineModule = defineUnit27({
   type: "nixos.inline-module",
   args: {
     code: Type27.String({ language: "nix" })
@@ -3213,7 +3339,7 @@ var flakeEntity = defineEntity14({
     color: "#5277c3"
   }
 });
-var remoteFlake = defineUnit26({
+var remoteFlake = defineUnit27({
   type: "nixos.remote-flake",
   args: {
     url: Type27.String()
@@ -3235,7 +3361,7 @@ var remoteFlake = defineUnit26({
     path: "flake"
   }
 });
-var inlineFlake = defineUnit26({
+var inlineFlake = defineUnit27({
   type: "nixos.inline-flake",
   args: {
     code: Type27.String({ language: "nix" })
@@ -3273,7 +3399,7 @@ var inlineFlake = defineUnit26({
     path: "inline-flake"
   }
 });
-var system = defineUnit26({
+var system = defineUnit27({
   type: "nixos.system",
   args: {
     system: Type27.Optional(Type27.String())
@@ -3309,8 +3435,8 @@ var sops_exports = {};
 __export(sops_exports, {
   secrets: () => secrets
 });
-import { defineUnit as defineUnit27, Type as Type28 } from "@highstate/contract";
-var secrets = defineUnit27({
+import { defineUnit as defineUnit28, Type as Type28 } from "@highstate/contract";
+var secrets = defineUnit28({
   type: "sops.secrets",
   args: {
     secrets: Type28.Record(Type28.String(), Type28.Any())
@@ -3511,8 +3637,8 @@ __export(phantun_exports, {
   deobfuscator: () => deobfuscator,
   obfuscator: () => obfuscator
 });
-import { defineUnit as defineUnit28 } from "@highstate/contract";
-var deobfuscator = defineUnit28({
+import { defineUnit as defineUnit29 } from "@highstate/contract";
+var deobfuscator = defineUnit29({
   type: "obfuscators.phantun.deobfuscator",
   ...deobfuscatorSpec,
   meta: {
@@ -3527,7 +3653,7 @@ var deobfuscator = defineUnit28({
     path: "phantun/deobfuscator"
   }
 });
-var obfuscator = defineUnit28({
+var obfuscator = defineUnit29({
   type: "obfuscators.phantun.obfuscator",
   ...obfuscatorSpec,
   meta: {