update: new urls, and 1 master 1 agent

README.md

@@ -5,9 +5,9 @@
 ```sh
 cd <path to flake>
 
-nix run github:nix-community/nixos-anywhere -- --build-on-remote --generate-hardware-config nixos-generate-config ./hosts/patrick/hardware-configuration.nix --flake .#patrick root@192.168.2.100
+nix run github:nix-community/nixos-anywhere -- --build-on-remote --generate-hardware-config nixos-generate-config ./hosts/patrick/hardware-configuration.nix --flake .#patrick root@192.168.18.100
 
-nix run github:nix-community/nixos-anywhere -- --build-on-remote --generate-hardware-config nixos-generate-config ./hosts/spongebob/hardware-configuration.nix --flake .#spongebob root@192.168.2.101
+nix run github:nix-community/nixos-anywhere -- --build-on-remote --generate-hardware-config nixos-generate-config ./hosts/spongebob/hardware-configuration.nix --flake .#spongebob root@192.168.18.101
 
-nix run github:nix-community/nixos-anywhere -- --build-on-remote --generate-hardware-config nixos-generate-config ./hosts/larry/hardware-configuration.nix --flake .#larry root@192.168.2.42
+nix run github:nix-community/nixos-anywhere -- --build-on-remote --generate-hardware-config nixos-generate-config ./hosts/larry/hardware-configuration.nix --flake .#larry root@192.168.18.102
 ```

hosts/larry/configuration.nix

@@ -12,6 +12,7 @@
     ../../modules/k3s.nix
     ../../modules/nfs.nix
     ../../modules/longhorn.nix
+    ../../modules/tailscale.nix
     ../../modules/nvidia.nix
   ];
 }

hosts/larry/hardware-configuration.nix

@@ -8,9 +8,9 @@
     [ (modulesPath + "/installer/scan/not-detected.nix")
     ];
 
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ];
+  boot.initrd.availableKernelModules = [ "nvme" "ahci" "xhci_pci" ];
   boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" ];
+  boot.kernelModules = [ "kvm-amd" ];
   boot.extraModulePackages = [ ];
 
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
@@ -18,8 +18,8 @@
   # still possible to use this option, but it's recommended to use it in conjunction
   # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
   networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp38s0.useDHCP = lib.mkDefault true;
 
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }

hosts/patrick/configuration.nix

@@ -12,6 +12,7 @@
     ../../modules/k3s.nix
     ../../modules/nfs.nix
     ../../modules/longhorn.nix
+    ../../modules/tailscale.nix
   ];
 
   k3s = {

hosts/spongebob/configuration.nix

@@ -12,5 +12,10 @@
     ../../modules/k3s.nix
     ../../modules/nfs.nix
     ../../modules/longhorn.nix
+    ../../modules/tailscale.nix
   ];
+
+  k3s = {
+    role = "agent";
+  };
 }

hosts/spongebob/hardware-configuration.nix

@@ -8,9 +8,9 @@
     [ (modulesPath + "/installer/scan/not-detected.nix")
     ];
 
-  boot.initrd.availableKernelModules = [ "nvme" "ahci" "xhci_pci" "usb_storage" "usbhid" "sd_mod" ];
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ];
   boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-amd" ];
+  boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];
 
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
@@ -18,9 +18,8 @@
   # still possible to use this option, but it's recommended to use it in conjunction
   # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
   networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp38s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
-  # networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
 
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }

modules/k3s.nix

@@ -13,13 +13,20 @@ in {
       default = false;
       description = "Initialize cluster when set to true";
     };
+    role = mkOption {
+      type = types.str;
+      default = "server";
+    };
   };
 
   config = {
     services = {
       k3s = {
         enable = true;
-        role = "server";
+        role =
+          if cfg.init
+          then "server"
+          else cfg.role;
         clusterInit = cfg.init;
         serverAddr =
           if cfg.init
@@ -29,11 +36,17 @@ in {
           if cfg.init
           then ""
           else meta.k3sToken;
-        disable = ["traefik" "servicelb" "local-storage"];
+        disable =
-        extraFlags = [
+          if cfg.init
+          then ["traefik" "servicelb" "local-storage"]
+          else [];
+        extraFlags =
+          if cfg.init
+          then [
             "--kubelet-arg=allowed-unsafe-sysctls=net.ipv4.*"
             "--write-kubeconfig-mode \"0644\""
-        ];
+          ]
+          else [];
       };
     };
   };

modules/tailscale.nix

@@ -0,0 +1,12 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  services.tailscale = {
+    enable = true;
+    useRoutingFeatures = "server";
+    extraSetFlags = [ "--advertise-exit-node" "--advertise-routes=10.0.0.0/8,192.168.18.0/24" ];
+    extraUpFlags = [ "--advertise-exit-node" "--advertise-routes=10.0.0.0/8,192.168.18.0/24" ];
+  };
+}

redeploy.sh

@@ -4,12 +4,12 @@ set -euo pipefail
 SSH_USER="root"
 
 declare -A HOSTS=(
-  ["patrick"]="192.168.2.100"
+  ["spongebob"]="192.168.18.101"
-  ["spongebob"]="192.168.2.101"
-  ["larry"]="192.168.2.42"
 )
 
-for HOSTNAME in "${!HOSTS[@]}"; do
+ORDER=("spongebob")
+
+for HOSTNAME in "${ORDER[@]}"; do
   IP="${HOSTS[$HOSTNAME]}"
 
   echo "========================================"