rpi: configure k3s

2024-01-18 08:03:00 -05:00 · 2024-01-18 08:03:00 -05:00 · 941391e897
parent d98c8e0e6d
commit 941391e897
1 changed files with 68 additions and 0 deletions
--- a/nixos-rpi/configuration.nix
+++ b/nixos-rpi/configuration.nix
@ -11,11 +11,15 @@
      ./hardware-configuration.nix
    ];

+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+  nixpkgs.config.allowUnfree = true;
+
  # Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
  boot.loader.grub.enable = false;
  # Enables the generation of /boot/extlinux/extlinux.conf
  boot.loader.generic-extlinux-compatible.enable = true;

+  # For k3s
  boot.kernel.sysctl = { "net.ipv4.ip_forward" = 1; };

  networking.hostName = "nixos-rpi"; # Define your hostname.
@ -30,6 +34,69 @@
  # networking.proxy.default = "http://user:password@proxy:port/";
  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";

+  # [Unit]
+  # Description=Lightweight Kubernetes
+  # Documentation=https://k3s.io
+  # Wants=network-online.target
+  # After=network-online.target
+
+  # [Install]
+  # WantedBy=multi-user.target
+
+  # [Service]
+  # Type=${SYSTEMD_TYPE}
+  # EnvironmentFile=-/etc/default/%N
+  # EnvironmentFile=-/etc/sysconfig/%N
+  # EnvironmentFile=-${FILE_K3S_ENV}
+  # KillMode=process
+  # Delegate=yes
+  # # Having non-zero Limit*s causes performance problems due to accounting overhead
+  # # in the kernel. We recommend using cgroups to do container-local accounting.
+  # LimitNOFILE=1048576
+  # LimitNPROC=infinity
+  # LimitCORE=infinity
+  # TasksMax=infinity
+  # TimeoutStartSec=0
+  # Restart=always
+  # RestartSec=5s
+  # ExecStartPre=/bin/sh -xc '! /usr/bin/systemctl is-enabled --quiet nm-cloud-setup.service 2>/dev/null'
+  # ExecStartPre=-/sbin/modprobe br_netfilter
+  # ExecStartPre=-/sbin/modprobe overlay
+  # ExecStart=${BIN_DIR}/k3s \\
+  #     ${CMD_K3S_EXEC}
+
+  # Adapted from https://get.k3s.io/
+  systemd.services.k3s = {
+    description = "Lightweight Kubernetes";
+    documentation = [ "https://k3s.io" ];
+    serviceConfig = {
+      Type = "notify";
+      # EnvironmentFile = "-/etc/default/%N";
+      # EnvironmentFile = "-/etc/sysconfig/%N";
+      # EnvironmentFile = -${FILE_K3S_ENV};
+      KillMode = "process";
+      Delegate = "yes";
+      # Having non-zero Limit*s causes performance problems due to accounting overhead
+      # in the kernel. We recommend using cgroups to do container-local accounting.
+      LimitNOFILE = 1048576;
+      LimitNPROC = "infinity";
+      LimitCORE = "infinity";
+      TasksMax = "infinity";
+      TimeoutStartSec = 0;
+      Restart = "always";
+      RestartSec = "5 s";
+      # ExecStartPre = /bin/sh - xc '! /usr/bin/systemctl is-enabled --quiet nm-cloud-setup.service 2>/dev/null';
+      # ExecStartPre = -/sbin/modprobe br_netfilter;
+      # ExecStartPre = -/sbin/modprobe overlay;
+      ExecStart = "k3s server";
+    };
+    after = [ "network-online.target" ];
+    wants = [ "network-online.target" ];
+    wantedBy = [ "multi-user.target" ];
+  };
+
+  systemd.services.k3s.enable = true;
+
  # Define a user account. Don't forget to set a password with ‘passwd’.
  users.users.nixos = {
    isNormalUser = true;
@ -47,6 +114,7 @@
    nodePackages.pnpm
    pulumi
    pulumiPackages.pulumi-language-nodejs
+    slirp4netns # required by k3s
    vim
    wget
  ];