talexander/machine_setup
1
0
Fork 0
Code Issues Pull Requests Releases Activity
1,284 Commits 9 Branches 0 Tags
7619c482efad8ff320dc9169fcc823c6693a00ed
Commit Graph

31 Commits

Author SHA1 Message Date
Tom Alexander
3ea1b59d59 Update packages in kubernetes/keys. 2026-05-05 22:43:42 -04:00
Tom Alexander
9751784e76 Generate certificates for the aggregation layer. 2026-05-05 22:43:42 -04:00
Tom Alexander
b6b5d5bd0f Temporarily disable the firewall for debugging. 2026-05-05 22:43:41 -04:00
Tom Alexander
893922959a Enable gateway support. 2026-05-05 22:43:41 -04:00
Tom Alexander
1fc4dd8f72 Enable hubble. 2026-05-05 22:43:41 -04:00
Tom Alexander
c89b5031c7 Enable the firewall. 
Now that we have networking working, I can enable the firewall and confirm nothing breaks.
 2026-05-05 22:43:41 -04:00
Tom Alexander
9378bc3343 Fix CoreDNS IPv4 connectivity. 2026-05-05 22:43:40 -04:00
Tom Alexander
61cd0acc5e Increase timeout for coredns cache. 2026-05-05 22:43:40 -04:00
Tom Alexander
646fc44d8f More changes to try to fix coredns. 2026-05-05 22:43:40 -04:00
Tom Alexander
5d094246de Move the kubelet yaml config into nix. 2026-05-05 22:43:40 -04:00
Tom Alexander
8158b06e2d Implement a generic helm templater package. 2026-05-05 22:43:40 -04:00
Tom Alexander
423d429d0e Switch to generating the coredns manifests via nix. 2026-05-05 22:43:40 -04:00
Tom Alexander
ab179f2f49 Build the cilium manifest automatically in nix. 2026-05-05 22:43:39 -04:00
Tom Alexander
45cc48b3b5 Apply the git repo to the cluster. 2026-05-05 22:43:38 -04:00
Tom Alexander
3b3f27bd59 Generic secrets for ssh keys. 2026-05-05 22:43:37 -04:00
Tom Alexander
f19d018a34 Generic secrets for pgp keys. 2026-05-05 22:43:37 -04:00
Tom Alexander
d277ca5634 Generate kubernetes secrets for ssh keys. 2026-05-05 22:43:37 -04:00
Tom Alexander
9382057b47 Generate pgp keys for sops. 2026-05-05 22:43:37 -04:00
Tom Alexander
586198586b Generate ssh keys for flux bootstrap. 2026-05-05 22:43:36 -04:00
Tom Alexander
2efe37993a Move the cluster bootstrap into the keys flake. 
Bootstrapping the cluster needs access to secrets, so I am moving it into the keys flake.
 2026-05-05 22:43:36 -04:00
Tom Alexander
a389547117 Add kube-proxy. 2026-05-05 22:43:35 -04:00
Tom Alexander
3cb65e76c0 Add kubelet. 2026-05-05 22:43:35 -04:00
Tom Alexander
d302ac96e2 Add kube-scheduler. 2026-05-05 22:43:34 -04:00
Tom Alexander
df9f526f9e Move the encryption config into a package. 2026-05-05 22:43:34 -04:00
Tom Alexander
d8b7319348 Switch to generating certs with openssl. 2026-05-05 22:43:34 -04:00
Tom Alexander
2ac3cff2a1 Add controller proxy certs. 2026-05-05 22:43:33 -04:00
Tom Alexander
f31260eb00 Add requestheader-client-ca. 2026-05-05 22:43:33 -04:00
Tom Alexander
38f6d3abf9 Add service account. 2026-05-05 22:43:33 -04:00
Tom Alexander
2522803300 Install kubernetes. 2026-05-05 22:43:33 -04:00
Tom Alexander
f8a40ca20e Add additional controllers. 2026-05-05 22:43:33 -04:00
Tom Alexander
9fc2e682f4 Add configs for a new kubernetes cluster on NixOS. 2026-05-05 22:43:32 -04:00