pub-solar-os/modules/home-controller/k3s.nix

78 lines
2.3 KiB
Nix
Raw Normal View History

{ lib, config, pkgs, ... }:
with lib;
let
psCfg = config.pub-solar;
cfg = config.pub-solar.home-controller;
in
{
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
kubernetes-helm
];
environment.sessionVariables = lib.mkIf (cfg.role == "server") rec {
KUBECONFIG = "/etc/rancher/k3s/k3s.yaml";
};
networking.firewall.enable = lib.mkForce false;
services.k3s = {
enable = true;
role = cfg.role;
serverAddr = lib.mkIf (cfg.k3s.serverAddr != "") cfg.k3s.serverAddr;
tokenFile = lib.mkIf (cfg.k3s.tokenFile != "") cfg.k3s.tokenFile;
extraFlags = concatStringsSep " " (
[
"--node-ip ${cfg.ownIp}"
"--container-runtime-endpoint unix:///run/containerd/containerd.sock"
"${optionalString (cfg.role == "server") "--disable servicelb"}"
"${optionalString (cfg.role == "server") "--disable traefik"}"
"${optionalString (cfg.role == "server") "--bind-address ${cfg.ownIp}"}"
"${optionalString (cfg.role == "server" && cfg.k3s.flannelBackend != "") "--flannel-backend=${cfg.k3s.flannelBackend}"}"
"${optionalString (cfg.role == "server" && !cfg.k3s.enableLocalStorage) "--disable local-storage"}"
"${optionalString (cfg.role == "server" && cfg.k3s.enableLocalStorage) "--default-local-storage-path ${cfg.k3s.defaultLocalStoragePath}"}"
"${optionalString cfg.k3s.enableZfs "--snapshotter=zfs"}"
]
);
};
systemd.services.containerd = mkIf cfg.k3s.enableZfs {
serviceConfig = {
ExecStartPre = [
"-${pkgs.zfs}/bin/zfs create -o mountpoint=/var/lib/containerd/io.containerd.snapshotter.v1.zfs ${cfg.k3s.zfsPool}/containerd"
];
};
};
systemd.services.k3s = {
after = [ "containerd.service" ];
requisite = [ "containerd.service" ];
};
virtualisation.containerd = {
enable = true;
settings =
let
fullCNIPlugins = pkgs.buildEnv {
name = "full-cni";
paths = with pkgs; [
cni-plugins
cni-plugin-flannel
];
};
in
{
plugins."io.containerd.grpc.v1.cri".cni = {
bin_dir = "${fullCNIPlugins}/bin";
conf_dir = "/var/lib/rancher/k3s/agent/etc/cni/net.d/";
};
};
};
};
}