talexander/machine_setup
1
0
Fork 0
Code Issues Pull Requests Releases Activity
1,294 Commits 9 Branches 0 Tags
2a70d2460387e25f74a0e6c3e47096c8a83d9442
Commit Graph

59 Commits

Author SHA1 Message Date
Tom Alexander
2a70d24603 Fix proxy auth tls 2026-06-14 08:47:16 -04:00
Tom Alexander
8054db8cfb Generate certificates for the aggregation layer. 2026-06-14 08:47:16 -04:00
Tom Alexander
4b4934b4c4 Add a note for the cilium connectivity test. 2026-06-14 08:47:16 -04:00
Tom Alexander
d611f0fe5a Temporarily disable the firewall for debugging. 2026-06-14 08:47:16 -04:00
Tom Alexander
a665cae379 Enable gateway support. 2026-06-14 08:47:16 -04:00
Tom Alexander
4c59dfd8b2 Enable hubble. 2026-06-14 08:47:15 -04:00
Tom Alexander
8a08714522 Temporarily drop flux interval to 1 minute during early development. 
This is to reduce waiting time.
 2026-06-14 08:47:15 -04:00
Tom Alexander
8c35971357 Install deferred manifests. 2026-06-14 08:47:15 -04:00
Tom Alexander
53fe030d97 Add a custom nftables firewall config. 2026-06-14 08:47:15 -04:00
Tom Alexander
724c05f03a Enable the firewall. 
Now that we have networking working, I can enable the firewall and confirm nothing breaks.
 2026-06-14 08:47:15 -04:00
Tom Alexander
8b2916189b Fix CoreDNS IPv4 connectivity. 2026-06-14 08:47:15 -04:00
Tom Alexander
a95f24af0d Increase timeout for coredns cache. 2026-06-14 08:47:14 -04:00
Tom Alexander
1528ae0764 More changes to try to fix coredns. 2026-06-14 08:47:14 -04:00
Tom Alexander
30f817dfe8 Move the kubelet yaml config into nix. 2026-06-14 08:47:14 -04:00
Tom Alexander
efd21f715f Implement a generic helm templater package. 2026-06-14 08:47:14 -04:00
Tom Alexander
23372d763f Switch to generating the coredns manifests via nix. 2026-06-14 08:47:14 -04:00
Tom Alexander
e55ece9dad Use CoreDNS for in-cluster DNS requests and caching. 2026-06-14 08:47:14 -04:00
Tom Alexander
05f1c518fd Enable native routing. 2026-06-14 08:47:13 -04:00
Tom Alexander
43633597fc Build the cilium manifest automatically in nix. 2026-06-14 08:47:13 -04:00
Tom Alexander
90c88adb73 Allow pods to directly speak to the public internet on their own public IPv6 addresses. 2026-06-14 08:47:13 -04:00
Tom Alexander
cd78dc4680 Enable ipv4 and tunnel routing. 2026-06-14 08:47:13 -04:00
Tom Alexander
c37723ca81 Switch to kubernetes ipam mode. 2026-06-14 08:47:13 -04:00
Tom Alexander
1da8e20d5b Fix service cluster ip range. 
Kubernetes only allows a /112 for service ip range.
 2026-06-14 08:47:13 -04:00
Tom Alexander
8584577327 Fix trailing line break in kubernetes encryption config. 2026-06-14 08:47:13 -04:00
Tom Alexander
a3afb104cd Move the yaml functions to their own file. 2026-06-14 08:47:12 -04:00
Tom Alexander
d4620e8ac9 Introduce functions to generate yaml. 
The toYAML function is just an alias to toJSON which is technically fine since YAML is a superset of JSON, but these new functions will generate actual YAML.
 2026-06-14 08:47:12 -04:00
Tom Alexander
ebe4505a6f Add missing cidr declarations. 2026-06-14 08:47:12 -04:00
Tom Alexander
f962c679ca Fix DNS resolution. 2026-06-14 08:47:12 -04:00
Tom Alexander
4fe58c4d6c Apply the git repo to the cluster. 2026-06-14 08:47:12 -04:00
Tom Alexander
570424f5b1 Trust flux's ssh key in the yaml git repo. 2026-06-14 08:47:12 -04:00
Tom Alexander
3a5ada6049 Generic secrets for ssh keys. 2026-06-14 08:47:11 -04:00
Tom Alexander
8d572a5cce Generic secrets for pgp keys. 2026-06-14 08:47:11 -04:00
Tom Alexander
c26fa59408 Generate kubernetes secrets for ssh keys. 2026-06-14 08:47:11 -04:00
Tom Alexander
2e0c97bbf9 Install CoreDNS. 2026-06-14 08:47:11 -04:00
Tom Alexander
3197868a7b Generate pgp keys for sops. 2026-06-14 08:47:11 -04:00
Tom Alexander
c9f483dd98 Generate ssh keys for flux bootstrap. 2026-06-14 08:47:11 -04:00
Tom Alexander
dbeb98112b Move the cluster bootstrap into the keys flake. 
Bootstrapping the cluster needs access to secrets, so I am moving it into the keys flake.
 2026-06-14 08:47:10 -04:00
Tom Alexander
958ae2b694 Set up flux. 2026-06-14 08:47:10 -04:00
Tom Alexander
925eb99406 Add a bootstrap role. 2026-06-14 08:47:10 -04:00
Tom Alexander
3cdaf980b5 Add a bootstrap role to load manifests into the cluster. 2026-06-14 08:47:10 -04:00
Tom Alexander
c4caf5d103 Fix launching of containers. 2026-06-14 08:47:10 -04:00
Tom Alexander
eab42023a9 Create a debugging role. 2026-06-14 08:47:10 -04:00
Tom Alexander
fe6056cee7 Some networking fixes. 2026-06-14 08:47:10 -04:00
Tom Alexander
64ad4430bb Add cilium bootstrap. 2026-06-14 08:47:09 -04:00
Tom Alexander
dd2d0b23e4 Installing the cni plugins. 2026-06-14 08:47:09 -04:00
Tom Alexander
eb82e8e5e3 Add kube-proxy. 2026-06-14 08:47:09 -04:00
Tom Alexander
f1382cfbb7 Add kubelet. 2026-06-14 08:47:09 -04:00
Tom Alexander
43df118e4f Add worker nodes. 2026-06-14 08:47:09 -04:00
Tom Alexander
f3797b5c42 Add kube-scheduler. 2026-06-14 08:47:09 -04:00
Tom Alexander
593929598a Add kube-controller-manager. 2026-06-14 08:47:08 -04:00