colonelpanic/dotfiles
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[NixOS] Get kubelet partially working

Browse Source
This commit is contained in:
Ivan Malison 2024-09-28 21:45:25 -06:00
parent fd033ba72c
commit cdd8ed60e9
6 changed files with 49 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
nixos/configuration.nix
View File

@ -21,6 +21,7 @@
./internet-computer.nix ./internet-computer.nix
./kat.nix ./kat.nix
./keybase.nix ./keybase.nix
./kubelet.nix
./nix.nix ./nix.nix
./nixified.ai.nix ./nixified.ai.nix
./nvidia.nix ./nvidia.nix

21
nixos/kubelet.nix Normal file
View File

@ -0,0 +1,21 @@
{ config, pkgs, makeEnable, ... }:
makeEnable config "myModules.kubelet" false {
age.secrets."api_service_account_key.json.age".file = ./secrets/api_service_account_key.json.age;
services.kubernetes.kubelet = {
enable = true;
kubeconfig = {
server = "https://34.31.205.230";
caFile = ./railbird-kubernetes.crt;
keyFile = config.age.secrets."api_service_account_key.json.age".path;
};
registerNode = true;
cni = {
packages = [ pkgs.cni-plugins ];
};
extraOpts = ''
--fail-swap-on=false
--container-runtime=remote
--container-runtime-endpoint=unix:///run/containerd/containerd.sock
'';
};
}

1
nixos/machines/ryzen-shine.nix
View File

@ -6,6 +6,7 @@
]; ];
features.full.enable = true; features.full.enable = true;
myModules.kubelet.enable = true;
myModules.nvidia.enable = true; myModules.nvidia.enable = true;
# Needed for now because monitors have different refresh rates # Needed for now because monitors have different refresh rates
myModules.xmonad.picom.vSync.enable = false; myModules.xmonad.picom.vSync.enable = false;

25
nixos/railbird-kubernetes.crt Normal file
View File

@ -0,0 +1,25 @@
-----BEGIN CERTIFICATE-----
MIIELTCCApWgAwIBAgIRALNxOT7J7N/eK6edp9LbKAIwDQYJKoZIhvcNAQELBQAw
LzEtMCsGA1UEAxMkM2I2N2M2NzgtNzI5My00YTIzLTg3ZWItY2NiMTZjYWFkMzFm
MCAXDTIzMTIyOTE5NTQ0MloYDzIwNTMxMjIxMjA1NDQyWjAvMS0wKwYDVQQDEyQz
YjY3YzY3OC03MjkzLTRhMjMtODdlYi1jY2IxNmNhYWQzMWYwggGiMA0GCSqGSIb3
DQEBAQUAA4IBjwAwggGKAoIBgQCUYUuTrpDbwUS2B3SYUoa7LI5mi8NNr0lDe1w4
3yPpVnu6ubvnTNm2j/v88HYwEjlppEg4HjhP7YEJ8gsGdgUCpIaPWTpifVmA7E4o
2DbJDiePkkUGkNL0whCClOOcO0hyxdk9Pol5wRzci0l6zSalE6DB4rJrmB5Ppl/A
t2KAVVqpwbynmbijr4yZh7Bp7LfaIrFthlv2ZPEjLfPLz7YthBw9/iUt94mLMyWZ
BpygA5y/CocQQnnFMnU1o0eUd37YL7zErfIxx/AmL10Sq0qdFXiYOJJqubURbdS8
DZ6dyHdX+UlxPls2Rlx9nDaiNGFJdzqHJzDdOlzN3kkdDQoO8xUdH9ekFU7rOwkP
5NpubSwrd1FOGHh+EknugnEQD4Oip/YQ7IUj3Afm5Ag2la9k4WJRgjACbkQ2+k9I
sFmPmmMVHn9nepCMiYQMjX7ApZw0isDPeVK5EuQeImgu7uNoV8R5VwG0XoBCXz4S
UqYv11uEsMqFu07Zwlznsxnm0uECAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgIEMA8G
A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI73GznmeECJOdxJAEzmjhYgGVKtMA0G
CSqGSIb3DQEBCwUAA4IBgQAm19zlm3WVePflA6Zh/FxvE8MirrJF6jmJzRrBCEM5
DwkSmY3dvONqCYeeNb4+xWXWQ8eVKVlPdkoW3V7H5xnJ63dXRNN2lQ3JpSTG3+yP
Omp6XGY9mmatdHwyV7N4h10aKEWAuRhy148sdJZLYj0LbR42pCVYhEP4D3Qj7KjN
PJe+cR8NSpiYmDH5y88Jqubztj5NVcDj/iN9h/7/GajbU6lCgN/SxZgi9cNGjxSb
JHFHE2Mp3z9sjsieTXMplLqK045TQ2IBqnJyMdKkvSNkRUCbz2yXdiIOKtvU4ly0
h884z9P5JQ9bxe+6cwYC4ky3G5WYMn++RUsuCk4ScsrbZtM9jpKnz/TygMdVTC5w
Siq6OHKtAnh8Ax1LEKicg9FLd6ODxR3OVKu+fUPV4XHAWJnmvElGlivjneHiE+OL
dzgb/CfBEGHYBVc2PDIhwBmUdoEZ/t3UjvmSI46ZblYpWodJvLFwge2HxSivRlLW
Uh/oPWX5N/CH9I34HTAhI48=
-----END CERTIFICATE-----

BIN
nixos/secrets/api_service_account_key.json.age Normal file
View File

Binary file not shown.

1
nixos/secrets/secrets.nix
View File

@ -13,4 +13,5 @@ in
"gitea-runner-token.mac-demarco-mini.age".publicKeys = keys.agenixKeys ++ keys.railbird-sf; "gitea-runner-token.mac-demarco-mini.age".publicKeys = keys.agenixKeys ++ keys.railbird-sf;
"nextcloud-admin.age".publicKeys = keys.agenixKeys; "nextcloud-admin.age".publicKeys = keys.agenixKeys;
"ryzen-shine-kubernetes-token.age".publicKeys = keys.agenixKeys; "ryzen-shine-kubernetes-token.age".publicKeys = keys.agenixKeys;
"api_service_account_key.json.age".publicKeys = keys.agenixKeys;
} }