22 lines
700 B
Nix
22 lines
700 B
Nix
{
|
|
config,
|
|
pkgs,
|
|
...
|
|
}: {
|
|
networking.firewall.allowedTCPPorts = [
|
|
6443 # k3s: required so that pods can reach the API server (running on port 6443 by default)
|
|
# 2379 # k3s, etcd clients: required if using a "High Availability Embedded etcd" configuration
|
|
# 2380 # k3s, etcd peers: required if using a "High Availability Embedded etcd" configuration
|
|
];
|
|
networking.firewall.allowedUDPPorts = [
|
|
# 8472 # k3s, flannel: required if using multi-node for inter-node networking
|
|
];
|
|
services.k3s = {
|
|
enable = true;
|
|
role = "agent";
|
|
# token = "jakeginesin12345678910";
|
|
tokenFile = config.age.secrets.kube.path;
|
|
serverAddr = "https://172.24.233.22:6443";
|
|
};
|
|
}
|