Add kube-scheduler.

2025-12-15 20:09:46 -05:00
parent efa1e3247a
commit 5c58e30709
10 changed files with 95 additions and 73 deletions
--- a/nix/kubernetes/keys/package/deploy-script/package.nix
+++ b/nix/kubernetes/keys/package/deploy-script/package.nix
@@ -142,70 +142,13 @@ let
          group = 10024;
          mode = "0600";
        }
-        # {
-        #   dest_dir = "/vm/${vm_name}/persist/keys/kube";
-        #   file = "${self.kubernetes}/kubernetes.pem";
-        #   owner = 10024;
-        #   group = 10024;
-        #   mode = "0640";
-        # }
-        # {
-        #   dest_dir = "/vm/${vm_name}/persist/keys/kube";
-        #   file = "${self.kubernetes}/kubernetes-key.pem";
-        #   owner = 10024;
-        #   group = 10024;
-        #   mode = "0640";
-        # }
-        # {
-        #   dest_dir = "/vm/${vm_name}/persist/keys/kube";
-        #   file = "${self.ca}/ca.pem";
-        #   owner = 10024;
-        #   group = 10024;
-        #   mode = "0600";
-        # }
-        # {
-        #   dest_dir = "/vm/${vm_name}/persist/keys/kube";
-        #   file = (writeText "encryption-config.yaml" (lib.generators.toYAML { } kube_encryption_config));
-        #   name = "encryption-config.yaml";
-        #   owner = 10024;
-        #   group = 10024;
-        #   mode = "0600";
-        # }
-        # {
-        #   dest_dir = "/vm/${vm_name}/persist/keys/kube";
-        #   file = "${self.service_account}/service-account.pem";
-        #   owner = 10024;
-        #   group = 10024;
-        #   mode = "0600";
-        # }
-        # {
-        #   dest_dir = "/vm/${vm_name}/persist/keys/kube";
-        #   file = "${self.service_account}/service-account-key.pem";
-        #   owner = 10024;
-        #   group = 10024;
-        #   mode = "0600";
-        # }
-        # {
-        #   dest_dir = "/vm/${vm_name}/persist/keys/kube";
-        #   file = "${self.requestheader-client-ca}/requestheader-client-ca.pem";
-        #   owner = 10024;
-        #   group = 10024;
-        #   mode = "0600";
-        # }
-        # {
-        #   dest_dir = "/vm/${vm_name}/persist/keys/kube";
-        #   file = "${self.controller-proxy}/${vm_name_to_hostname vm_name}-proxy.pem";
-        #   owner = 10024;
-        #   group = 10024;
-        #   mode = "0600";
-        # }
-        # {
-        #   dest_dir = "/vm/${vm_name}/persist/keys/kube";
-        #   file = "${self.controller-proxy}/${vm_name_to_hostname vm_name}-proxy-key.pem";
-        #   owner = 10024;
-        #   group = 10024;
-        #   mode = "0600";
-        # }
+        {
+          dest_dir = "/vm/${vm_name}/persist/keys/kube";
+          file = "${k8s.client-configs.kube-scheduler}/kube-scheduler.kubeconfig";
+          owner = 10024;
+          group = 10024;
+          mode = "0600";
+        }
      ])
    )
  );
--- a/nix/kubernetes/keys/package/k8s-client-config/package.nix
+++ b/nix/kubernetes/keys/package/k8s-client-config/package.nix
@@ -8,6 +8,7 @@
 # installCheckPhase
 # distPhase
 {
+  lib,
  stdenv,
  k8s,
  kubectl,
@@ -27,7 +28,7 @@ stdenv.mkDerivation (finalAttrs: {
    kubectl config set-cluster kubernetes-the-hard-way \
      --certificate-authority=${k8s.ca}/ca.crt \
      --embed-certs=true \
-      --server=${config_server} \
+      --server=${lib.strings.escapeShellArg config_server} \
      --kubeconfig=${config_name}.kubeconfig

    kubectl config set-credentials ${config_user} \