From 6ea6a63f0138135575d1023ec4c5e7079ab81679 Mon Sep 17 00:00:00 2001
From: Yadunand Prem <yadunand@yadunut.com>
Date: Mon, 15 Sep 2025 14:06:58 +0800
Subject: [PATCH] Add k3s module, and enable for penguin

---
 modules/nixos/my_k3s/default.nix         | 49 ++++++++++++++++++++++++
 systems/x86_64-linux/penguin/default.nix | 10 ++++-
 2 files changed, 57 insertions(+), 2 deletions(-)
 create mode 100644 modules/nixos/my_k3s/default.nix

diff --git a/modules/nixos/my_k3s/default.nix b/modules/nixos/my_k3s/default.nix
new file mode 100644
index 0000000..1366e47
--- /dev/null
+++ b/modules/nixos/my_k3s/default.nix
@@ -0,0 +1,49 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+let
+  cfg = config.my_k3s;
+  inherit (lib) mkEnableOption mkIf mkOption;
+  types = lib.types;
+in
+{
+  options.my_k3s = {
+    enable = mkEnableOption "My k3s cluster";
+    tokenFile = mkOption {
+      type = types.nonEmptyStr;
+    };
+    role = mkOption {
+      type = types.nonEmptyStr;
+      default = "server";
+    };
+    clusterInit = mkOption {
+      type = types.bool;
+      default = false;
+    };
+    serverAddr = mkOption {
+      type = types.nonEmptyStr;
+      default = "server";
+    };
+  };
+
+  config = mkIf cfg.enable {
+    services.k3s = {
+      enable = true;
+      role = cfg.role;
+      tokenFile = cfg.tokenFile;
+      clusterInit = cfg.clusterInit;
+      serverAddr = cfg.serverAddr;
+    };
+    environment.systemPackages = [ pkgs.nfs-utils ];
+    services.openiscsi = {
+      enable = true;
+      name = "iqn.2016-04.com.open-iscsi:${config.networking.hostName}";
+    };
+    systemd.tmpfiles.rules = [
+      "L+ /usr/local/bin - - - - /run/current-system/sw/bin/"
+    ];
+  };
+}
diff --git a/systems/x86_64-linux/penguin/default.nix b/systems/x86_64-linux/penguin/default.nix
index d84220b..5fd7e72 100644
--- a/systems/x86_64-linux/penguin/default.nix
+++ b/systems/x86_64-linux/penguin/default.nix
@@ -6,12 +6,11 @@
   ...
 }:
 let
-  inherit (inputs) disko agenix home-manager;
+  inherit (inputs) disko home-manager;
 in
 {
   imports = [
     disko.nixosModules.disko
-    agenix.nixosModules.default
     home-manager.nixosModules.home-manager
     ./disko-config.nix
     ./hardware-configuration.nix
@@ -21,6 +20,13 @@ in
     my_users.enable = true;
     my_nix.enable = true;
 
+    age.secrets.k3s.file = ../../../secrets/k3s.age;
+
+    my_k3s = {
+      enable = true;
+      tokenFile = config.age.secrets.k3s.path;
+      serverAddr = "10.222.0.13:6443";
+    };
     networking.hostName = "penguin";
 
     boot = {