{"id":18465550,"url":"https://github.com/numtide/nixos-rke2","last_synced_at":"2025-04-08T08:31:54.433Z","repository":{"id":239161884,"uuid":"798685844","full_name":"numtide/nixos-rke2","owner":"numtide","description":"NixOS modules for RKE2","archived":false,"fork":false,"pushed_at":"2025-03-24T16:59:28.000Z","size":11,"stargazers_count":21,"open_issues_count":1,"forks_count":2,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-04-02T23:55:51.123Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Nix","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/numtide.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-05-10T09:24:22.000Z","updated_at":"2025-03-24T16:59:32.000Z","dependencies_parsed_at":null,"dependency_job_id":"6c322a2a-2617-4321-9653-9d6627fb68ed","html_url":"https://github.com/numtide/nixos-rke2","commit_stats":null,"previous_names":["numtide/nixos-rke2"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/numtide%2Fnixos-rke2","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/numtide%2Fnixos-rke2/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/numtide%2Fnixos-rke2/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/numtide%2Fnixos-rke2/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/numtide","download_url":"https://codeload.github.com/numtide/nixos-rke2/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247804587,"owners_count":20999017,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-06T09:13:31.363Z","updated_at":"2025-04-08T08:31:54.427Z","avatar_url":"https://github.com/numtide.png","language":"Nix","funding_links":[],"categories":[],"sub_categories":[],"readme":"# NixOS RKE2\n\nRKE2 is Rancher's next-generation Kubernetes distribution. It is a fully conformant Kubernetes distribution that focuses on security and compliance within the U.S. Federal Government and other regulated industries.\n\nNixOS is a Linux distribution that is declaratively configured using the Nix package manager. It is a great fit for running Kubernetes clusters, as it allows for easy and reproducible cluster deployments.\n\nThis repository contains a NixOS module for deploying RKE2 on NixOS. We are using it in a couple of places and it's stable, but not yet fully tested and documented.\n\n## Quick usage\n\nFirst, add this project to your flake inputs:\n\n```nix\ninputs = {\n  rke2.url = \"github:numtide/nixos-rke2\";\n}\n```\n\nThen configure your master node like this (single-node deployment):\n\n```nix\n{ config, pkgs, inputs, ... }:\n{\n  imports = [\n    inputs.rke2.nixosModules.default\n  ];\n\n  # Don't interfere with k8s\n  networking.firewall.enable = lib.mkForce false;\n\n  services.numtide-rke2 = {\n    enable = true;\n    role = \"server\";\n    extraFlags = [\n      \"--disable\"\n      \"rke2-ingress-nginx\"\n    ];\n    settings.kube-apiserver-arg = [ \"anonymous-auth=false\" ];\n    settings.tls-san = [ \"\u003cTODO\u003e\" ];\n    settings.write-kubeconfig-mode = \"0644\";\n  };\n}\n```\n\nOnce deployed, get the RKE2 join token by SSH-into to the master node and running:\n\n```sh\nrke2 token create\n```\n\nStick the token in a file and encrypt it with SOPS. Then deploy your workers:\n\n```nix\n{ config, pkgs, inputs, ... }:\n{\n  imports = [\n    inputs.rke2.nixosModules.default\n  ];\n\n  # Don't interfere with k8s\n  networking.firewall.enable = lib.mkForce false;\n\n  services.numtide-rke2 = {  \n    enable = true;                                                         \n    role = \"agent\";                                                           \n    serverAddr = \"https://\u003cTODO\u003e:9345\";                                    \n    tokenFile = config.sops.secrets.rke2-worker-token.path;                   \n  };\n```\n\n## Supported platforms\n\n* x86_64-linux\n\n## Missing features\n\nThe module is still very barebones.\n\n* Add more documentation and use-cases.\n* Add NixOS VM test\n* Add airgap/offline mode\n\n## Copyright\n\nMIT\n\nBrought to you by Numtide, the open-source specialists. [Ping us](https://numtide.com/contact) if you need feature development or help.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnumtide%2Fnixos-rke2","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnumtide%2Fnixos-rke2","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnumtide%2Fnixos-rke2/lists"}