k3s-cluster/docs/setup.md

Cluster Setup

This document goes over the process of installing the GitOps files into a cluster

1. Install cilium in the cluster

2. Install the Flux CLI

3. Install go-task

4. Ensure you have a kubeconfig at $HOME/.kube/config and that you have the cluster sops GPG key imported.

5. Bootstrap flux

   task flux:bootstrap
   # namespace/flux-system configured
   # customresourcedefinition.apiextensions.k8s.io/alerts.notification.toolkit.fluxcd.io created
   # ...
   

6. Verify Flux components are running in the cluster

   kubectl -n flux-system get pods -o wide
   # NAME                                       READY   STATUS    RESTARTS   AGE
   # helm-controller-5bbd94c75-89sb4            1/1     Running   0          1h
   # kustomize-controller-7b67b6b77d-nqc67      1/1     Running   0          1h
   # notification-controller-7c46575844-k4bvr   1/1     Running   0          1h
   # source-controller-7d6875bcb4-zqw9f         1/1     Running   0          1h
   

7. After a while all the services should start to come up

Uninstalling and removing all k3s data in NixOS

sudo systemctl stop k3s
sudo rm -rf /etc/rancher/k3s
sudo rm -rf /var/lib/rancher/k3s
sudo systemctl start k3s

sudo cp /etc/rancher/k3s/k3s.yaml ~/.kube/config
sudo chown $USER ~/.kube/config
sudo chmod 600 ~/.kube/config

Finishing Service Setup

SSO (Authentik)

Many services require SSO to be setup.

Proxy Providers:

• Bazarr
• Mylar3
• Prowlarr
• qBittorrent
• Radarr
• Readarr Audiobooks
• Readarr eBooks
• Sonarr
• Prometheus
• Alertmanager
• Traefik

OpenID Providers:

• Komga
• Apache Guacamole

An LDAP Provider is also required by services. Create an LDAP provider in authentik and just let it create the kubernetes resources.