checkpoint

2026-02-04 05:39:18 +01:00 · 2026-01-26 21:39:43 +01:00 · 2026-01-26 21:39:43 +01:00 · 38d26110e1
commit 38d26110e1
parent 376912c631
13 changed files with 547 additions and 82 deletions
--- a/vms/kube-vm/kubernetes.nix
+++ b/vms/kube-vm/kubernetes.nix
@ -1,72 +1,36 @@
-{ pkgs, ... }:
+{ config, pkgs, ... }:
 let
-  kubeMasterIP = "37.49.130.171";
-  kubeMasterHostname = "polycule.deprived";
+  kubeMasterIP = "176.23.63.215";
+  kubeMasterHostname = "clussy.deprived.dev";
  kubeMasterAPIServerPort = 6443;
-in {
-  nixpkgs.overlays = [
-    (final: prev: {
-      containerd = prev.containerd.overrideAttrs rec {
-        version = "1.7.29";
+in
+{
+  # resolve master hostname
+  networking.extraHosts = "${kubeMasterIP} ${kubeMasterHostname}";
+  networking.firewall.enable = false;

-        src = final.fetchFromGitHub {
-          owner = "containerd";
-          repo = "containerd";
-          rev = "v${version}";
-          sha256 = "sha256-aR0i+0v2t6vyI+QN30P1+t+pHU2Bw7/XPUYLjJm1rhw=";
-        };
+  # packages for administration tasks
+  environment.systemPackages = with pkgs; [ kompose kubectl kubernetes ];

-        installTargets = [ "install" ];
-        outputs = [ "out" ];
-      };
-    })
-  ];
+  services.kubernetes =
+    let
+      api = "https://${kubeMasterHostname}:${toString kubeMasterAPIServerPort}";
+    in
+    {
+      roles = [ "node" ];
+      masterAddress = kubeMasterHostname;
+      easyCerts = true;

-  virtualisation.containerd.enable = true;
-  environment.systemPackages = with pkgs; [
-    kompose
-    kubectl
-    kubernetes
-    argocd
-    openiscsi
-    nfs-utils
-  ];
+      # point kubelet and other services to kube-apiserver
+      kubelet.kubeconfig.server = api;
+      apiserverAddress = api;

-  networking.useNetworkd = true;
-  networking.extraHosts = ''
-    ${kubeMasterIP} ${kubeMasterHostname} 
-      192.168.50.82  botkube'';
-  services.kubernetes = let
-    api = "https://${kubeMasterHostname}:${toString kubeMasterAPIServerPort}";
-  in {
-    roles = [ "node" ];
-    masterAddress = kubeMasterHostname;
-    easyCerts = true;
-    apiserver.allowPrivileged = true;
+      # use coredns
+      addons.dns.enable = true;
+      flannel.enable = true;

-    # point kubelet and other services to kube-apiserver
-    kubelet.kubeconfig.server = api;
-    apiserverAddress = api;
-
-    # use coredns
-    addons.dns.enable = true;
-
-    # needed if you use swap
-    kubelet.extraOpts =
-      "--fail-swap-on=false --resolv-conf=/run/systemd/resolve/resolv.conf";
-  };
-
-  systemd.services."forward-argocd" = {
-    enable = true;
-    description =
-      "forwards argocd running on kubernetes to argocd.spoodythe.one";
-    after = [ "network-online.target" "kubelet.service" ];
-    wants = [ "network-online.target" ];
-    wantedBy = [ "multi-user.target" ];
-
-    script = ''
-      ${pkgs.kubernetes}/bin/kubectl port-forward svc/argocd-server -n argocd --address 0.0.0.0 4325:80 
-    '';
-    serviceConfig = { User = "botserver"; };
-  };
+      # needed if you use swap
+      kubelet.extraOpts = "--fail-swap-on=false";
+    };
 }
+