implement k8s

add attic cache
2026-02-23 22:47:40 -05:00 · 2026-02-23 22:14:04 -05:00
2 changed files with 45 additions and 0 deletions
--- a/flake.nix
+++ b/flake.nix
@@ -1,6 +1,18 @@
 {
  description = "Black Start essential infrastructure for cloud operations";

+  nixConfig = {
+    substituters = [
+      "https://nix-cache.dubyatp.xyz/duby"
+      "https://cache.nixos.org/"
+    ];
+
+    trusted-public-keys = [
+      "duby:IUVsFbQu499JOaHmUpi/mwhZEVQK7soFn7H6lD2/2T4="
+      "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
+    ];
+  };
+
  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";

@@ -27,6 +39,7 @@
          ./security/security.nix
          ./disko/uefi-nosecure.nix
          ./users/users.nix
+          ./kubernetes/kubernetes.nix
          {
            config.boot = {
              loader = {
@@ -72,5 +85,7 @@
        };
      };
    };
+
+    packages.x86_64-linux.attic = nixpkgs.legacyPackages.x86_64-linux.attic-client;
  };
 }
--- a/kubernetes/kubernetes.nix
+++ b/kubernetes/kubernetes.nix
@@ -0,0 +1,30 @@
+{ config, pkgs, ... }:
+let
+  kubeMasterIP = "10.105.6.198";
+  kubeMasterHostname = "api.kube";
+  kubeMasterAPIServerPort = 6443;
+in
+{
+  networking.extraHosts = "${kubeMasterIP} ${kubeMasterHostname}";
+
+  environment.systemPackages = with pkgs; [
+    kompose
+    kubectl
+    kubernetes
+  ];
+
+  services.kubernetes = {
+    roles = ["master" "node"];
+    masterAddress = kubeMasterHostname;
+    apiserverAddress = "https://${kubeMasterHostname}:${toString kubeMasterAPIServerPort}";
+    easyCerts = true;
+    apiserver = {
+      securePort = kubeMasterAPIServerPort;
+      advertiseAddress = kubeMasterIP;
+    };
+
+    addons.dns.enable = true;
+
+    kubelet.extraOpts = "--fail-swap-on=false";
+  };
+}
Author	SHA1	Message	Date
William P	8e187a3ea6	implement k8s	2026-02-23 22:47:40 -05:00
William P	c85c68cf3a	add attic cache	2026-02-23 22:14:04 -05:00