talexander/machine_setup
1
0
Fork 0
Code Issues Pull Requests Releases Activity
1,268 Commits 8 Branches 0 Tags
Commit Graph

31 Commits

Author SHA1 Message Date
Tom Alexander
6bc2ca2ce6
Update packages in kubernetes/keys. 2026-03-08 13:02:09 -04:00
Tom Alexander
7f6ca85cac
Generate certificates for the aggregation layer. 2026-03-08 13:02:08 -04:00
Tom Alexander
993a80fbe6
Temporarily disable the firewall for debugging. 2026-03-08 13:02:08 -04:00
Tom Alexander
8a3c08ec65
Enable gateway support. 2026-03-08 13:02:08 -04:00
Tom Alexander
b3d7df32bf
Enable hubble. 2026-03-08 13:02:08 -04:00
Tom Alexander
173aef447e
Enable the firewall. 
Now that we have networking working, I can enable the firewall and confirm nothing breaks.
 2026-03-08 13:02:07 -04:00
Tom Alexander
cd893a359f
Fix CoreDNS IPv4 connectivity. 2026-03-08 13:02:07 -04:00
Tom Alexander
ef1f2f53b9
Increase timeout for coredns cache. 2026-03-08 13:02:07 -04:00
Tom Alexander
1ee403874e
More changes to try to fix coredns. 2026-03-08 13:02:07 -04:00
Tom Alexander
117d3aeaea
Move the kubelet yaml config into nix. 2026-03-08 13:02:07 -04:00
Tom Alexander
46bb908310
Implement a generic helm templater package. 2026-03-08 13:02:06 -04:00
Tom Alexander
427739a84c
Switch to generating the coredns manifests via nix. 2026-03-08 13:02:06 -04:00
Tom Alexander
1350101810
Build the cilium manifest automatically in nix. 2026-03-08 13:02:06 -04:00
Tom Alexander
2749b830d2
Apply the git repo to the cluster. 2026-03-08 13:02:04 -04:00
Tom Alexander
865b1d3fa4
Generic secrets for ssh keys. 2026-03-08 13:02:04 -04:00
Tom Alexander
08978eb11d
Generic secrets for pgp keys. 2026-03-08 13:02:04 -04:00
Tom Alexander
d3cfd7909b
Generate kubernetes secrets for ssh keys. 2026-03-08 13:02:04 -04:00
Tom Alexander
4e22a04d65
Generate pgp keys for sops. 2026-03-08 13:02:03 -04:00
Tom Alexander
b1ff824bc5
Generate ssh keys for flux bootstrap. 2026-03-08 13:02:03 -04:00
Tom Alexander
477b527a48
Move the cluster bootstrap into the keys flake. 
Bootstrapping the cluster needs access to secrets, so I am moving it into the keys flake.
 2026-03-08 13:02:03 -04:00
Tom Alexander
73d2d0447b
Add kube-proxy. 2026-03-08 13:02:02 -04:00
Tom Alexander
77000f77b6
Add kubelet. 2026-03-08 13:02:02 -04:00
Tom Alexander
eb05ed8b46
Add kube-scheduler. 2026-03-08 13:02:01 -04:00
Tom Alexander
33773c7b1c
Move the encryption config into a package. 2026-03-08 13:02:01 -04:00
Tom Alexander
04545fbd2f
Switch to generating certs with openssl. 2026-03-08 13:02:01 -04:00
Tom Alexander
6ae493efc0
Add controller proxy certs. 2026-03-08 13:02:00 -04:00
Tom Alexander
e133424ac0
Add requestheader-client-ca. 2026-03-08 13:02:00 -04:00
Tom Alexander
6ee3c20764
Add service account. 2026-03-08 13:02:00 -04:00
Tom Alexander
376211786e
Install kubernetes. 2026-03-08 13:02:00 -04:00
Tom Alexander
85250d00db
Add additional controllers. 2026-03-08 13:02:00 -04:00
Tom Alexander
33e0293bdc
Add configs for a new kubernetes cluster on NixOS. 2026-03-08 13:02:00 -04:00