26 lines
493 B
Nix
26 lines
493 B
Nix
{
|
|
config,
|
|
lib,
|
|
...
|
|
}: {
|
|
sops.secrets."k3s-token" = {
|
|
sopsFile = ../../../../secrets/k3s-token.txt;
|
|
format = "binary";
|
|
};
|
|
|
|
services.k3s = {
|
|
enable = true;
|
|
role = "server";
|
|
clusterInit = true;
|
|
tokenFile = config.sops.secrets."k3s-token".path;
|
|
|
|
extraFlags = lib.concatStringsSep " " [
|
|
"--disable=traefik"
|
|
"--disable=servicelb"
|
|
"--disable=local-storage"
|
|
"--disable=helm-controller"
|
|
"--tls-san=silver.int.min.rip"
|
|
];
|
|
};
|
|
}
|