Apply the git repo to the cluster.

nix/kubernetes/keys/package/bootstrap-script/files/manifests/flux_apply_git.yaml

@@ -0,0 +1,34 @@
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: GitRepository
+metadata:
+  name: kubernetes
+  namespace: flux-system
+spec:
+  interval: 5m0s
+  ref:
+    branch: nix
+  secretRef:
+    name: kubernetes-deploy-key
+  # url: ssh://git@74.80.180.138:65099/repos/mrmanager
+  url: ssh://git@10.215.1.210:22/repos/mrmanager
+  ignore: |
+    bootstrap
+    .sops.yaml
+    secrets/
+---
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: backend
+  namespace: flux-system
+spec:
+  interval: 5m0s
+  path: "./k8s"
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: kubernetes
+  decryption:
+    provider: sops
+    secretRef:
+      name: sops-gpg

nix/kubernetes/keys/package/k8s-keys/package.nix

@@ -1,11 +1,20 @@
 {
   k8s,
+  runCommand,
   symlinkJoin,
   ...
 }:
+let
+  scripts = runCommand "scripts" { } ''
+    mkdir $out
+    cp ${k8s.deploy_script} $out/deploy_script
+    cp ${k8s.bootstrap_script} $out/bootstrap_script
+  '';
+in
 symlinkJoin {
   name = "k8s-keys";
   paths = [
+    scripts
     k8s.ca
     k8s.encryption_config
   ]