27 lines
428 B
Nix
27 lines
428 B
Nix
{
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}: {
|
|
|
|
services.k3s = {
|
|
enable = true;
|
|
role = "server";
|
|
clusterInit = true;
|
|
token = "verysecrettoken";
|
|
extraFlags = toString ([
|
|
"--write-kubeconfig-mode \"0644\""
|
|
"--disable servicelb"
|
|
"--disable traefik"
|
|
"--disable local-storage"
|
|
]);
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
6443
|
|
];
|
|
networking.firewall.allowedUDPPorts = [
|
|
8472
|
|
];
|
|
|
|
}
|