Lillecarl · August 29, 2025 08:48
diff --git a/gistfile1.txt b/gistfile1.txt
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  annotations:
    kubenix/k8s-version: '1.33'
    kubenix/project-name: kubenix
  name: expressions.cknix.cool
 spec:
  conversion:
    strategy: None
  group: cknix.cool
  names:
    kind: Expression
    listKind: ExpressionList
    plural: expressions
    shortNames:
      - expr
      - kx
    singular: expression
  scope: Namespaced
  versions:
    - additionalPrinterColumns:
        - jsonPath: .data.expr
          name: Expression
          type: string
        - jsonPath: .status.phase
          name: Status
          type: string
      name: v1
      schema:
        openAPIV3Schema:
          properties:
            data:
              properties:
                expr:
                  description: Expression to be evaluated
                  type: string
              required:
                - expr
              type: object
            status:
              properties:
                gcRoots:
                  description: List of GC root objects produced by the expression
                    evaluation
                  items:
                    properties:
                      packageName:
                        description: Name (with hash) of package
                        type: string
                      pathHash:
                        description: Hash of the mount location on the node
                        type: string
                    type: object
                  type: array
                message:
                  description: Human-readable message indicating details about the
                    current status
                  type: string
                phase:
                  description: Current phase of the resource (Pending, Running, Succeeded,
                    Failed)
                  type: string
                result:
                  description: Result (storePath) of the expression evaluation
                  type: string
              type: object
          type: object
      served: true
      storage: true
      subresources:
        status: {}
 ---
 apiVersion: v1
 kind: Namespace
 metadata:
  annotations:
    kubenix/k8s-version: '1.33'
    kubenix/project-name: kubenix
  labels:
    app.kubernetes.io/component: namespace
    app.kubernetes.io/managed-by: kubenix
    app.kubernetes.io/name: cknix
  name: cknix
 ---
 apiVersion: apps/v1
 kind: DaemonSet
 metadata:
  annotations:
    kubenix/k8s-version: '1.33'
    kubenix/project-name: kubenix
  name: cknix-csi-node
  namespace: default
 spec:
  selector:
    matchLabels:
      app: cknix-csi-node
  template:
    metadata:
      labels:
        app: cknix-csi-node
    spec:
      containers:
        - command:
            - sleep
            - infinity
          env:
            - name: CSI_ENDPOINT
              value: unix:///csi/csi.sock
            - name: KUBE_NODE_NAME
              valueFrom:
                fieldRef:
                  fieldPath: spec.nodeName
          image: rg.nl-ams.scw.cloud/lillecarl/knix:latest
          name: cknix-csi-node
          securityContext:
            privileged: true
          volumeMounts:
            - mountPath: /csi
              name: socket-dir
            - mountPath: /var/lib/kubelet
              mountPropagation: Bidirectional
              name: kubelet-dir
            - mountPath: /nix
              mountPropagation: HostToContainer
              name: cknix-store
            - mountPath: /registration
              name: registration-dir
            - mountPath: /cknix
              name: cknixdev
        - args:
            - --v=5
            - --csi-address=/csi/csi.sock
            - --kubelet-registration-path=/var/lib/kubelet/plugins/cknix.csi.nixstore/csi.sock
          env:
            - name: KUBE_NODE_NAME
              valueFrom:
                fieldRef:
                  fieldPath: spec.nodeName
          image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.0
          name: cknix-csi-registrar
          volumeMounts:
            - mountPath: /csi
              name: socket-dir
            - mountPath: /var/lib/kubelet
              name: kubelet-dir
            - mountPath: /registration
              name: registration-dir
        - args:
            - --csi-address=/csi/csi.sock
            - --v=5
          image: registry.k8s.io/sig-storage/livenessprobe:v2.12.0
          name: cknix-csi-liveness
          volumeMounts:
            - mountPath: /csi
              name: socket-dir
            - mountPath: /registration
              name: registration-dir
      hostNetwork: true
      initContainers:
        - command:
            - fish
            - -c
            - echo asdf && sleep 5 && cp --verbose --archive --update=none /nix/*
              /nix2/
          image: rg.nl-ams.scw.cloud/lillecarl/knix:latest
          imagePullPolicy: Always
          name: init
          volumeMounts:
            - mountPath: /nix2
              name: cknix-store
      serviceAccountName: cknix
      volumes:
        - hostPath:
            path: /var/lib/cknix/nix
            type: DirectoryOrCreate
          name: cknix-store
        - hostPath:
            path: /var/lib/kubelet/plugins/cknix.csi.nixstore/
            type: DirectoryOrCreate
          name: socket-dir
        - hostPath:
            path: /var/lib/kubelet
            type: Directory
          name: kubelet-dir
        - hostPath:
            path: /var/lib/kubelet/plugins_registry
          name: registration-dir
        - hostPath:
            path: /home/lillecarl/Code/cknix
            type: Directory
          name: cknixdev
 ---
 apiVersion: v1
 kind: Pod
 metadata:
  annotations:
    cknix-expr: hello
    kubenix/k8s-version: '1.33'
    kubenix/project-name: kubenix
  labels:
    run: ubuntu
  name: ubuntu1
 spec:
  containers:
    - command:
        - sleep
        - infinity
      image: ubuntu:22.04
      name: ubuntu
      volumeMounts:
        - mountPath: /nix
          name: cknix-volume
          readOnly: false
  hostNetwork: true
  volumes:
    - csi:
        driver: cknix.csi.store
        volumeAttributes:
          expr: "let\n  cknix = (import /cknix/default.nix);\n  pkgs = cknix.spkgs;\n\
            in\n  pkgs.buildEnv {\n    name = \"testEnv\";\n    paths = [\n      pkgs.hello\n\
            \      pkgs.lix\n      pkgs.cacert\n    ];\n  }\n"
      name: cknix-volume
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  annotations:
    kubenix/k8s-version: '1.33'
    kubenix/project-name: kubenix
  name: cknix
  namespace: default
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
  annotations:
    kubenix/k8s-version: '1.33'
    kubenix/project-name: kubenix
  name: cknix-binding
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cknix
 subjects:
  - kind: ServiceAccount
    name: cknix
    namespace: default
 ---
 apiVersion: storage.k8s.io/v1
 kind: CSIDriver
 metadata:
  annotations:
    kubenix/k8s-version: '1.33'
    kubenix/project-name: kubenix
  name: cknix.csi.store
 spec:
  attachRequired: false
  fsGroupPolicy: File
  podInfoOnMount: true
  requiresRepublish: false
  storageCapacity: false
  volumeLifecycleModes:
    - Persistent
    - Ephemeral
 ---
 allowVolumeExpansion: false
 apiVersion: storage.k8s.io/v1
 kind: StorageClass
 metadata:
  annotations:
    kubenix/k8s-version: '1.33'
    kubenix/project-name: kubenix
  name: cknix-csi
 provisioner: cknix.csi.store
 reclaimPolicy: Delete
 volumeBindingMode: WaitForFirstConsumer
	apiVersion: apiextensions.k8s.io/v1
	kind: CustomResourceDefinition
	metadata:
	annotations:
	kubenix/k8s-version: '1.33'
	kubenix/project-name: kubenix
	name: expressions.cknix.cool
	spec:
	conversion:
	strategy: None
	group: cknix.cool
	names:
	kind: Expression
	listKind: ExpressionList
	plural: expressions
	shortNames:
	- expr
	- kx
	singular: expression
	scope: Namespaced
	versions:
	- additionalPrinterColumns:
	- jsonPath: .data.expr
	name: Expression
	type: string
	- jsonPath: .status.phase
	name: Status
	type: string
	name: v1
	schema:
	openAPIV3Schema:
	properties:
	data:
	properties:
	expr:
	description: Expression to be evaluated
	type: string
	required:
	- expr
	type: object
	status:
	properties:
	gcRoots:
	description: List of GC root objects produced by the expression
	evaluation
	items:
	properties:
	packageName:
	description: Name (with hash) of package
	type: string
	pathHash:
	description: Hash of the mount location on the node
	type: string
	type: object
	type: array
	message:
	description: Human-readable message indicating details about the
	current status
	type: string
	phase:
	description: Current phase of the resource (Pending, Running, Succeeded,
	Failed)
	type: string
	result:
	description: Result (storePath) of the expression evaluation
	type: string
	type: object
	type: object
	served: true
	storage: true
	subresources:
	status: {}
	---
	apiVersion: v1
	kind: Namespace
	metadata:
	annotations:
	kubenix/k8s-version: '1.33'
	kubenix/project-name: kubenix
	labels:
	app.kubernetes.io/component: namespace
	app.kubernetes.io/managed-by: kubenix
	app.kubernetes.io/name: cknix
	name: cknix
	---
	apiVersion: apps/v1
	kind: DaemonSet
	metadata:
	annotations:
	kubenix/k8s-version: '1.33'
	kubenix/project-name: kubenix
	name: cknix-csi-node
	namespace: default
	spec:
	selector:
	matchLabels:
	app: cknix-csi-node
	template:
	metadata:
	labels:
	app: cknix-csi-node
	spec:
	containers:
	- command:
	- sleep
	- infinity
	env:
	- name: CSI_ENDPOINT
	value: unix:///csi/csi.sock
	- name: KUBE_NODE_NAME
	valueFrom:
	fieldRef:
	fieldPath: spec.nodeName
	image: rg.nl-ams.scw.cloud/lillecarl/knix:latest
	name: cknix-csi-node
	securityContext:
	privileged: true
	volumeMounts:
	- mountPath: /csi
	name: socket-dir
	- mountPath: /var/lib/kubelet
	mountPropagation: Bidirectional
	name: kubelet-dir
	- mountPath: /nix
	mountPropagation: HostToContainer
	name: cknix-store
	- mountPath: /registration
	name: registration-dir
	- mountPath: /cknix
	name: cknixdev
	- args:
	- --v=5
	- --csi-address=/csi/csi.sock
	- --kubelet-registration-path=/var/lib/kubelet/plugins/cknix.csi.nixstore/csi.sock
	env:
	- name: KUBE_NODE_NAME
	valueFrom:
	fieldRef:
	fieldPath: spec.nodeName
	image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.0
	name: cknix-csi-registrar
	volumeMounts:
	- mountPath: /csi
	name: socket-dir
	- mountPath: /var/lib/kubelet
	name: kubelet-dir
	- mountPath: /registration
	name: registration-dir
	- args:
	- --csi-address=/csi/csi.sock
	- --v=5
	image: registry.k8s.io/sig-storage/livenessprobe:v2.12.0
	name: cknix-csi-liveness
	volumeMounts:
	- mountPath: /csi
	name: socket-dir
	- mountPath: /registration
	name: registration-dir
	hostNetwork: true
	initContainers:
	- command:
	- fish
	- -c
	- echo asdf && sleep 5 && cp --verbose --archive --update=none /nix/*
	/nix2/
	image: rg.nl-ams.scw.cloud/lillecarl/knix:latest
	imagePullPolicy: Always
	name: init
	volumeMounts:
	- mountPath: /nix2
	name: cknix-store
	serviceAccountName: cknix
	volumes:
	- hostPath:
	path: /var/lib/cknix/nix
	type: DirectoryOrCreate
	name: cknix-store
	- hostPath:
	path: /var/lib/kubelet/plugins/cknix.csi.nixstore/
	type: DirectoryOrCreate
	name: socket-dir
	- hostPath:
	path: /var/lib/kubelet
	type: Directory
	name: kubelet-dir
	- hostPath:
	path: /var/lib/kubelet/plugins_registry
	name: registration-dir
	- hostPath:
	path: /home/lillecarl/Code/cknix
	type: Directory
	name: cknixdev
	---
	apiVersion: v1
	kind: Pod
	metadata:
	annotations:
	cknix-expr: hello
	kubenix/k8s-version: '1.33'
	kubenix/project-name: kubenix
	labels:
	run: ubuntu
	name: ubuntu1
	spec:
	containers:
	- command:
	- sleep
	- infinity
	image: ubuntu:22.04
	name: ubuntu
	volumeMounts:
	- mountPath: /nix
	name: cknix-volume
	readOnly: false
	hostNetwork: true
	volumes:
	- csi:
	driver: cknix.csi.store
	volumeAttributes:
	expr: "let\n cknix = (import /cknix/default.nix);\n pkgs = cknix.spkgs;\n\
	in\n pkgs.buildEnv {\n name = \"testEnv\";\n paths = [\n pkgs.hello\n\
	\ pkgs.lix\n pkgs.cacert\n ];\n }\n"
	name: cknix-volume
	---
	apiVersion: v1
	kind: ServiceAccount
	metadata:
	annotations:
	kubenix/k8s-version: '1.33'
	kubenix/project-name: kubenix
	name: cknix
	namespace: default
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: ClusterRoleBinding
	metadata:
	annotations:
	kubenix/k8s-version: '1.33'
	kubenix/project-name: kubenix
	name: cknix-binding
	roleRef:
	apiGroup: rbac.authorization.k8s.io
	kind: ClusterRole
	name: cknix
	subjects:
	- kind: ServiceAccount
	name: cknix
	namespace: default
	---
	apiVersion: storage.k8s.io/v1
	kind: CSIDriver
	metadata:
	annotations:
	kubenix/k8s-version: '1.33'
	kubenix/project-name: kubenix
	name: cknix.csi.store
	spec:
	attachRequired: false
	fsGroupPolicy: File
	podInfoOnMount: true
	requiresRepublish: false
	storageCapacity: false
	volumeLifecycleModes:
	- Persistent
	- Ephemeral
	---
	allowVolumeExpansion: false
	apiVersion: storage.k8s.io/v1
	kind: StorageClass
	metadata:
	annotations:
	kubenix/k8s-version: '1.33'
	kubenix/project-name: kubenix
	name: cknix-csi
	provisioner: cknix.csi.store
	reclaimPolicy: Delete
	volumeBindingMode: WaitForFirstConsumer