* To-do
** Perhaps use overlay for /etc for speedup
#+begin_src nix
  system.etc.overlay.enable = true;
#+end_src
** read https://nixos.org/manual/nixos/stable/
** Performance for mini pc
#+begin_src nix
  security.pam.loginLimits = [
    { domain = "@users"; item = "rtprio"; type = "-"; value = 1; }
  ];
#+end_src
* Bootstrap
** Install cilium
#+begin_src bash
  helm repo add cilium https://helm.cilium.io/
  helm template --dry-run=server cilium cilium/cilium --version 1.18.4 --namespace kube-system \
       --set kubeProxyReplacement=true \
       --set k8sServiceHost="2620:11f:7001:7:ffff:ffff:ad7:1dd" \
       --set k8sServicePort=6443 \
       --set ipv6.enabled=true

  kubectl -n kube-system exec ds/cilium -- cilium-dbg status --verbose
  kubectl -n kube-system exec ds/cilium -- cilium-dbg status | grep KubeProxyReplacement

  #      --set hostFirewall.enabled=true
  # routingMode=native
#+end_src