From ebe4505a6f00924dcfb23a7ee9f743e19eb0cb62 Mon Sep 17 00:00:00 2001
From: Tom Alexander <tom@fizz.buzz>
Date: Tue, 23 Dec 2025 06:48:06 -0500
Subject: [PATCH] Add missing cidr declarations.

---
 nix/kubernetes/hosts/controller0/default.nix                | 3 ++-
 nix/kubernetes/hosts/controller1/default.nix                | 3 ++-
 nix/kubernetes/hosts/controller2/default.nix                | 3 ++-
 .../package/bootstrap-script/files/manifests/coredns.yaml   | 3 ++-
 nix/kubernetes/roles/kube_apiserver/default.nix             | 2 ++
 nix/kubernetes/roles/kube_proxy/default.nix                 | 1 +
 nix/kubernetes/roles/kubelet/files/kubelet-config.yaml      | 6 +++---
 7 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/nix/kubernetes/hosts/controller0/default.nix b/nix/kubernetes/hosts/controller0/default.nix
index 5361612..4521b7e 100644
--- a/nix/kubernetes/hosts/controller0/default.nix
+++ b/nix/kubernetes/hosts/controller0/default.nix
@@ -117,7 +117,8 @@
     ];
 
     me.kube_apiserver.internal_ip = "2620:11f:7001:7:ffff:ffff:0ad7:01dd";
-    me.kube_apiserver.external_ip = "74.80.180.138";
+    # me.kube_apiserver.external_ip = "74.80.180.138";
+    me.kube_apiserver.external_ip = "2620:11f:7001:7:ffff:ffff:0ad7:01dd";
     me.kube_apiserver.etcd_services = [
       "https://[2620:11f:7001:7:ffff:ffff:0ad7:01dd]:2379" # 10.215.1.221
       "https://[2620:11f:7001:7:ffff:ffff:0ad7:01de]:2379" # 10.215.1.222
diff --git a/nix/kubernetes/hosts/controller1/default.nix b/nix/kubernetes/hosts/controller1/default.nix
index d6571c0..3af358d 100644
--- a/nix/kubernetes/hosts/controller1/default.nix
+++ b/nix/kubernetes/hosts/controller1/default.nix
@@ -117,7 +117,8 @@
     ];
 
     me.kube_apiserver.internal_ip = "2620:11f:7001:7:ffff:ffff:0ad7:01de";
-    me.kube_apiserver.external_ip = "74.80.180.138";
+    # me.kube_apiserver.external_ip = "74.80.180.138";
+    me.kube_apiserver.external_ip = "2620:11f:7001:7:ffff:ffff:0ad7:01de";
     me.kube_apiserver.etcd_services = [
       "https://[2620:11f:7001:7:ffff:ffff:0ad7:01dd]:2379" # 10.215.1.221
       "https://[2620:11f:7001:7:ffff:ffff:0ad7:01de]:2379" # 10.215.1.222
diff --git a/nix/kubernetes/hosts/controller2/default.nix b/nix/kubernetes/hosts/controller2/default.nix
index c6c95c0..a25ddae 100644
--- a/nix/kubernetes/hosts/controller2/default.nix
+++ b/nix/kubernetes/hosts/controller2/default.nix
@@ -117,7 +117,8 @@
     ];
 
     me.kube_apiserver.internal_ip = "2620:11f:7001:7:ffff:ffff:0ad7:01df";
-    me.kube_apiserver.external_ip = "74.80.180.138";
+    # me.kube_apiserver.external_ip = "74.80.180.138";
+    me.kube_apiserver.external_ip = "2620:11f:7001:7:ffff:ffff:0ad7:01df";
     me.kube_apiserver.etcd_services = [
       "https://[2620:11f:7001:7:ffff:ffff:0ad7:01dd]:2379" # 10.215.1.221
       "https://[2620:11f:7001:7:ffff:ffff:0ad7:01de]:2379" # 10.215.1.222
diff --git a/nix/kubernetes/keys/package/bootstrap-script/files/manifests/coredns.yaml b/nix/kubernetes/keys/package/bootstrap-script/files/manifests/coredns.yaml
index 74698a6..1f12a63 100644
--- a/nix/kubernetes/keys/package/bootstrap-script/files/manifests/coredns.yaml
+++ b/nix/kubernetes/keys/package/bootstrap-script/files/manifests/coredns.yaml
@@ -201,7 +201,8 @@ metadata:
 spec:
   selector:
     k8s-app: kube-dns
-  clusterIP: 10.197.0.10
+  # clusterIP: 10.197.0.10
+  clusterIP: "fd00:3e42:e349::10"
   ports:
     - name: dns
       port: 53
diff --git a/nix/kubernetes/roles/kube_apiserver/default.nix b/nix/kubernetes/roles/kube_apiserver/default.nix
index 66b31aa..4bd798e 100644
--- a/nix/kubernetes/roles/kube_apiserver/default.nix
+++ b/nix/kubernetes/roles/kube_apiserver/default.nix
@@ -57,6 +57,7 @@ in
           shellCommand [
             # NEW:
             "${pkgs.kubernetes}/bin/kube-apiserver"
+            "--advertise-address=${config.me.kube_apiserver.external_ip}"
             "--allow-privileged=true"
             "--audit-log-maxage=30"
             "--audit-log-maxbackup=3"
@@ -83,6 +84,7 @@ in
             "--tls-cert-file=/.persist/keys/kube/kube-api-server.crt"
             "--tls-private-key-file=/.persist/keys/kube/kube-api-server.key"
             "--tls-min-version=VersionTLS13"
+            "--service-cluster-ip-range=fd00:3e42:e349::/48"
             "--v=2"
 
             # OLD:
diff --git a/nix/kubernetes/roles/kube_proxy/default.nix b/nix/kubernetes/roles/kube_proxy/default.nix
index 213aa3a..bd23e46 100644
--- a/nix/kubernetes/roles/kube_proxy/default.nix
+++ b/nix/kubernetes/roles/kube_proxy/default.nix
@@ -57,6 +57,7 @@ in
             "${pkgs.kubernetes}/bin/kube-proxy"
             "--config=${config_file}"
             "--nodeport-addresses=primary"
+            "--cluster-cidr=fd49:0595:2bba::/48"
           ]
         );
         Restart = "on-failure";
diff --git a/nix/kubernetes/roles/kubelet/files/kubelet-config.yaml b/nix/kubernetes/roles/kubelet/files/kubelet-config.yaml
index 05f5320..c790198 100644
--- a/nix/kubernetes/roles/kubelet/files/kubelet-config.yaml
+++ b/nix/kubernetes/roles/kubelet/files/kubelet-config.yaml
@@ -23,6 +23,6 @@ registerNode: true
 runtimeRequestTimeout: "15m"
 tlsCertFile: "/.persist/keys/kube/kubelet.crt"
 tlsPrivateKeyFile: "/.persist/keys/kube/kubelet.key"
-clusterDomain: "cluster.local"
-clusterDNS:
-  - "10.197.0.10"
+# clusterDomain: "cluster.local"
+# clusterDNS:
+#   - "10.197.0.10"