# Cluster Setup
This document goes over the process of installing the GitOps files into a cluster

1. Install [cilium](https://docs.cilium.io/en/stable/gettingstarted/k8s-install-default/#install-the-cilium-cli) in the cluster
2. Install the [Flux CLI](https://fluxcd.io/flux/installation/#install-the-flux-cli)
3. Install [go-task](https://taskfile.dev/installation/)
4. Ensure you have a kubeconfig at `$HOME/.kube/config` and that you have the cluster sops GPG key imported.
5. Bootstrap flux
    ```sh
    task flux:bootstrap
    # namespace/flux-system configured
    # customresourcedefinition.apiextensions.k8s.io/alerts.notification.toolkit.fluxcd.io created
    # ...
    ```
6. Verify Flux components are running in the cluster

    ```sh
    kubectl -n flux-system get pods -o wide
    # NAME                                       READY   STATUS    RESTARTS   AGE
    # helm-controller-5bbd94c75-89sb4            1/1     Running   0          1h
    # kustomize-controller-7b67b6b77d-nqc67      1/1     Running   0          1h
    # notification-controller-7c46575844-k4bvr   1/1     Running   0          1h
    # source-controller-7d6875bcb4-zqw9f         1/1     Running   0          1h
    ```
7. After a while all the services should start to come up

# Uninstalling and removing all k3s data in NixOS
```shell
sudo systemctl stop k3s
sudo rm -rf /etc/rancher/k3s
sudo rm -rf /var/lib/rancher/k3s
sudo systemctl start k3s

sudo cp /etc/rancher/k3s/k3s.yaml ~/.kube/config
sudo chown $USER ~/.kube/config
sudo chmod 600 ~/.kube/config
```

## Finishing Service Setup

### SSO (Authentik)
Many services require SSO to be setup.

Proxy Providers:
* Bazarr
* Mylar3
* Prowlarr
* qBittorrent
* Radarr
* Readarr Audiobooks
* Readarr eBooks
* Sonarr
* Prometheus
* Alertmanager
* Traefik

OpenID Providers:
* Komga
* Apache Guacamole

An LDAP Provider is also required by services. Create an LDAP provider in authentik and just let it create the kubernetes resources.