Created
August 23, 2021 07:54
-
-
Save nateinaction/79cc8254d1d3442afa92c0b404df6fb9 to your computer and use it in GitHub Desktop.
Raspberry Pi 4 NixOS Kubernetes cluster config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { config, pkgs, lib, ... }: | |
| let | |
| user = "YOUR_USER"; | |
| password = "YOUR_PASSWORD"; | |
| sshPubKey = "YOUR_PUBLIC_SSH_KEY"; | |
| SSID = "YOUR_WIFI_SSID"; | |
| SSIDpassword = "YOUR_WIFI_PASSWORD"; | |
| hostname = "HOSTNAME_FOR_YOUR_PI"; | |
| k8sApiServerAddr = "https://IP_FOR_YOUR_CONTROL_NODE:6443"; | |
| k8sApiServerToken = "TOKEN_FOR_YOUR_CONTROL_NODE"; | |
| in { | |
| imports = ["${fetchTarball "https://github.com/NixOS/nixos-hardware/archive/d2d9a58a5c03ea15b401c186508c171c07f9c4f1.tar.gz" }/raspberry-pi/4"]; | |
| fileSystems = { | |
| "/" = { | |
| device = "/dev/disk/by-label/NIXOS_SD"; | |
| fsType = "ext4"; | |
| options = [ "noatime" ]; | |
| }; | |
| }; | |
| networking = { | |
| firewall = { | |
| enable = true; | |
| trustedInterfaces = [ "cni0" ]; | |
| }; | |
| hostName = hostname; | |
| wireless = { | |
| enable = true; | |
| networks."${SSID}".psk = SSIDpassword; | |
| interfaces = [ "wlan0" ]; | |
| }; | |
| }; | |
| environment.systemPackages = with pkgs; [ | |
| k3s | |
| vim | |
| ]; | |
| boot.kernelParams = [ | |
| "cgroup_memory=1" | |
| "cgroup_enable=memory" | |
| ]; | |
| services.k3s = { | |
| enable = true; | |
| role = "agent"; | |
| serverAddr = k8sApiServerAddr; | |
| token = k8sApiServerToken; | |
| }; | |
| services.openssh = { | |
| enable = true; | |
| passwordAuthentication = false; | |
| }; | |
| users = { | |
| mutableUsers = false; | |
| users."${user}" = { | |
| openssh.authorizedKeys.keys = [ | |
| sshPubKey | |
| ]; | |
| isNormalUser = true; | |
| password = password; | |
| extraGroups = [ "wheel" ]; | |
| }; | |
| }; | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { config, pkgs, lib, ... }: | |
| let | |
| user = "YOUR_USER"; | |
| password = "YOUR_PASSWORD"; | |
| sshPubKey = "YOUR_PUBLIC_SSH_KEY"; | |
| SSID = "YOUR_WIFI_SSID"; | |
| SSIDpassword = "YOUR_WIFI_PASSWORD"; | |
| hostname = "HOSTNAME_FOR_YOUR_PI"; | |
| in { | |
| imports = ["${fetchTarball "https://github.com/NixOS/nixos-hardware/archive/d2d9a58a5c03ea15b401c186508c171c07f9c4f1.tar.gz" }/raspberry-pi/4"]; | |
| fileSystems = { | |
| "/" = { | |
| device = "/dev/disk/by-label/NIXOS_SD"; | |
| fsType = "ext4"; | |
| options = [ "noatime" ]; | |
| }; | |
| }; | |
| networking = { | |
| firewall = { | |
| allowedTCPPorts = [ 6443 ]; | |
| enable = true; | |
| trustedInterfaces = [ "cni0" ]; | |
| }; | |
| hostName = hostname; | |
| wireless = { | |
| enable = true; | |
| networks."${SSID}".psk = SSIDpassword; | |
| interfaces = [ "wlan0" ]; | |
| }; | |
| }; | |
| environment.systemPackages = with pkgs; [ | |
| k3s | |
| vim | |
| ]; | |
| boot.kernelParams = [ | |
| "cgroup_memory=1" | |
| "cgroup_enable=memory" | |
| ]; | |
| services.k3s.enable = true; | |
| services.openssh = { | |
| enable = true; | |
| passwordAuthentication = false; | |
| }; | |
| users = { | |
| mutableUsers = false; | |
| users."${user}" = { | |
| openssh.authorizedKeys.keys = [ | |
| sshPubKey | |
| ]; | |
| isNormalUser = true; | |
| password = password; | |
| extraGroups = [ "wheel" ]; | |
| }; | |
| }; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment