summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPatrick Spek <p.spek@tyil.nl>2024-02-29 15:08:02 +0100
committerPatrick Spek <p.spek@tyil.nl>2024-02-29 15:08:02 +0100
commit0a9e511a84fd84fe0dcc22780e33b5e6f6a2015d (patch)
tree39127b680be6521f71f1ebc756074084dfddbcc7
parent2a4636568d8c33d466076bfd13ca350513c655b5 (diff)
Add k8s-master to qohrei
Diffstat
-rw-r--r--defaults24
-rw-r--r--hosts.d/qohrei.tyil.net12
-rw-r--r--registry.d/qohrei.tyil.net1
3 files changed, 27 insertions, 10 deletions
diff --git a/defaults b/defaults
index bbba50e..df0aca9 100644
--- a/defaults
+++ b/defaults
@@ -9,6 +9,19 @@ dns.upstream.3=2a03:94e0:1804::1
dns.upstream.4=2001:470:71:6dc::53
etc-nixos.path=/etc/nixos
etc-portage.path=/etc/portage
+k3s-master.cluster-domain=k3s.tyil.nl
+k3s-master.helm.apps.certmanager.chart=jetstack/cert-manager
+k3s-master.helm.apps.certmanager.namespace=base-system
+k3s-master.helm.apps.certmanager.values=certmanager.yaml
+k3s-master.helm.repos.jetstack.url=https://charts.jetstack.io
+k3s-master.service-node-port-min=1025
+k3s-node.cluster-domain=k3s.tyil.nl
+k3s-node.entry.host=10.57.101.1
+k3s-node.service-node-port-min=1025
+k8s-master.flags.control-plane-endpoint=k8s.tyil.nl
+k8s-master.flags.pod-network-cidr=fd68:1058:1992:8888::/64
+k8s-master.flags.service-cidr=fd68:1058:1992:3381::80:0/108
+k8s-master.flags.service-dns-domain=k8s.tyil.nl
nftables.input.icmp.ipv4.policy=accept
nftables.input.icmp.ipv4.rate=2/second
nftables.input.icmp.ipv6.policy=accept
@@ -32,17 +45,8 @@ nftables.input.rules.wireguard.proto=udp
nftables.input.state.established.policy=accept
nftables.input.state.invalid.policy=drop
nftables.input.state.related.policy=accept
-k3s-master.cluster-domain=k3s.tyil.nl
-k3s-master.helm.apps.certmanager.chart=jetstack/cert-manager
-k3s-master.helm.apps.certmanager.namespace=base-system
-k3s-master.helm.apps.certmanager.values=certmanager.yaml
-k3s-master.helm.repos.jetstack.url=https://charts.jetstack.io
-k3s-master.service-node-port-min=1025
-k3s-node.entry.host=10.57.101.1
-k3s-node.cluster-domain=k3s.tyil.nl
-k3s-node.service-node-port-min=1025
vpn-tinc.name=tyilnet
+vpn-wireguard.interface=tyilnet1058
www-blog.generator=hugo
www-blog.path=/var/www/nl.tyil.www
www-blog.repository=https://git.tyil.nl/blog
-vpn-wireguard.interface=tyilnet1058
diff --git a/hosts.d/qohrei.tyil.net b/hosts.d/qohrei.tyil.net
index 21e69df..ceca7d9 100644
--- a/hosts.d/qohrei.tyil.net
+++ b/hosts.d/qohrei.tyil.net
@@ -1,4 +1,16 @@
+k8s-master.flags.apiserver-advertise-address=fd68:1058:1992:3381:0:1:1:1
meta.provider=hetzner
+nftables.input.interfaces.cilium*.policy=accept
+nftables.input.interfaces.lxc*.policy=accept
+nftables.input.rules.etcd.policy=accept
+nftables.input.rules.etcd.port=2379-2381
+nftables.input.rules.etcd.proto=tcp
+nftables.input.rules.kubeapi.policy=accept
+nftables.input.rules.kubeapi.port=6443
+nftables.input.rules.kubeapi.proto=tcp
+nftables.input.rules.kubelet.policy=accept
+nftables.input.rules.kubelet.port=10250
+nftables.input.rules.kubelet.proto=tcp
vpn-tinc.ipv4=10.57.250.250
vpn-tinc.ipv6=fd68:1057:1992:3381:0:1:1:1
vpn-wireguard.endpoint=2a01:4f9:c012:6273::1
diff --git a/registry.d/qohrei.tyil.net b/registry.d/qohrei.tyil.net
index 1fa2dc8..31a595e 100644
--- a/registry.d/qohrei.tyil.net
+++ b/registry.d/qohrei.tyil.net
@@ -1,3 +1,4 @@
+k8s-master
nftables
vpn-tinc
vpn-wireguard
generated by cgit v1.1 at 2024-05-04 12:21:27 +0000