add k3s

This commit is contained in:
James Walker 2025-03-08 17:50:32 -05:00
parent 72198292ab
commit defc49c48a
Signed by: walkah
SSH Key Fingerprint: SHA256:f7Gn4jO4BFHZxWfKTTzEAfWz+cLW51IyGFl9MjDyZGI
7 changed files with 41 additions and 12 deletions

18
flake.lock generated
View File

@ -137,11 +137,11 @@
]
},
"locked": {
"lastModified": 1741217763,
"narHash": "sha256-g/TrltIjFHIjtzKY5CJpoPANfHQWDD43G5U1a/v5oVg=",
"lastModified": 1741461731,
"narHash": "sha256-BBQfGvO3GWOV+5tmqH14gNcZrRaQ7Q3tQx31Frzoip8=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "486b066025dccd8af7fbe5dd2cc79e46b88c80da",
"rev": "7f4c60a3d6e548dbc13666565c22cb3f8dcdad44",
"type": "github"
},
"original": {
@ -222,11 +222,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1741037377,
"narHash": "sha256-SvtvVKHaUX4Owb+PasySwZsoc5VUeTf1px34BByiOxw=",
"lastModified": 1741310760,
"narHash": "sha256-aizILFrPgq/W53Jw8i0a1h1GZAAKtlYOrG/A5r46gVM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "02032da4af073d0f6110540c8677f16d4be0117f",
"rev": "de0fe301211c267807afd11b12613f5511ff7433",
"type": "github"
},
"original": {
@ -261,11 +261,11 @@
]
},
"locked": {
"lastModified": 1740915799,
"narHash": "sha256-JvQvtaphZNmeeV+IpHgNdiNePsIpHD5U/7QN5AeY44A=",
"lastModified": 1741379162,
"narHash": "sha256-srpAbmJapkaqGRE3ytf3bj4XshspVR5964OX5LfjDWc=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "42b1ba089d2034d910566bf6b40830af6b8ec732",
"rev": "b5a62751225b2f62ff3147d0a334055ebadcd5cc",
"type": "github"
},
"original": {

View File

@ -7,6 +7,7 @@
../../modules/base/nixos.nix
raspberry-pi-nix.nixosModules.raspberry-pi
../../modules/ipfs/cluster.nix
../../modules/k3s/agent.nix
../../modules/sops
];

View File

@ -13,6 +13,7 @@ in
../../modules/drone
../../modules/drone/runner-docker.nix
../../modules/gitea
../../modules/k3s/server.nix
../../modules/matrix
../../modules/minecraft
../../modules/postgresql

View File

@ -0,0 +1,8 @@
{
imports = [ ./common.nix ];
services.k3s = {
role = "agent";
serverAddr = "https://<ip of first node>:6443";
};
}

View File

@ -0,0 +1,11 @@
{ config, ... }:
{
services.k3s = {
enable = true;
tokenFile = config.sops.secrets.k3s-token.path;
};
sops.secrets.k3s-token = {
owner = "root";
mode = "0400";
};
}

View File

@ -0,0 +1,7 @@
{
imports = [ ./common.nix ];
services.k3s = {
role = "server";
clusterInit = true;
};
}

View File

@ -9,6 +9,7 @@ akkoma-vapid-public-key: ENC[AES256_GCM,data:HnUAyTq7dwa+A9L1X3YyxkiJ71BoZis5TdE
akkoma-joken-signer: ENC[AES256_GCM,data:6GbXC7teDXxr0z7eBLm9EvJv59Bvd1FqRuBGntAH9YzM79MVUMsx4JnCZ+bPR9hLiIVgITeAc5djk2tiJewh6w==,iv:q7A8f7kocb1Go7acFkVSxdmhObPxpGlfbPgfrOXHEjg=,tag:lS4UNS1ivVZdmm8AMS/1MQ==,type:str]
filesystems-parthenon: ENC[AES256_GCM,data:dYO+QjvWhR3oXrDfAEaUvTLx147NIDFcPUa7p3Jv558ynqmmEnVZ3+fVMUQVIw==,iv:ASmXqNA8/TZvSRo31CFAzt6StsZzZpVFvz15LN5+QmQ=,tag:Wx6kDCXqZ1iSmxpggBKVxA==,type:str]
upsmon: ENC[AES256_GCM,data:Rlqkhh7w8S9jD3mwUdkt3g==,iv:hiMkbAhea1f6r5gGTRw49ebepMtTYBVyH+bHwp/T61Q=,tag:cbaxIDuD4JNeCC5MiMGl6w==,type:str]
k3s-token: ENC[AES256_GCM,data:dyyFY/ruyCfAdQmmdD1eDPKhBWkbgElbFQgMjGALrM8OeTXRiiV18AwG1ZGtw+j3CBmladwBf0+gcfC0ojKHlA==,iv:j4IOIZegDMJik6shOhUZGyI0N8TD1yMDcOacArgM05Q=,tag:t91uRzF8RgxLF/f2M+9Wgg==,type:str]
sops:
kms: []
gcp_kms: []
@ -78,8 +79,8 @@ sops:
WlZuY2ExWWJ1VzBpY2kzaUZCcVJMZHcKoqKBQEe+3UnAhqbc7Nq8zgEVoFFjryaY
c8ALKqMIaMjAeA8ZU4ZTIu13pMYcJ+gAlPATt0vmsTn0Q0XIiudpJQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-10-23T18:44:27Z"
mac: ENC[AES256_GCM,data:YYZtoxIlW761FEPSBKig6OO+9Vu74m96mFC8zP0uoXnz4VGZdaAAVz5zrTnHq8/HkfKYJu12qzfkua1ptcYzlQY6pBy0OgEQMjMLw4N3p6AYntWmBu40YvzsIukQH9qmUHVqKHIGq2AOrwA3Bb+LVZcQcJWaoLhBkU7qXhiRB9U=,iv:B0QMKjp8q9jm18pP1qJqSMQpjxVPIQhJQjeAqkuOAxQ=,tag:1CmAbnpDywlZPcWjDDG6CA==,type:str]
lastmodified: "2025-03-08T22:11:05Z"
mac: ENC[AES256_GCM,data:CC4S0Hyd9y9McI9nrK6syQfLdrIUmmdzjldDwY/f+X2pjQhQrA/qikU/si4jrz44Zbew4Byu0add2MF4Yb1zM4q3Nbj2RYTyvkO+An5Vmajp/rHXfdbadrqGMPB9iai4jIoDzJtCIeB+p3W6I1ZbkaSJJ7aXqdgy2eJufDmglns=,iv:uDoS/bRsPhEv/TGqGnMB2E9+QBv104qANJFcZG6a/LI=,tag:+vihdtQ3rdH1glVnmr5N1Q==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.1
version: 3.9.4