From f34cd7f5cc1a7cfe0a11df4f7201f4d0c8a099c7 Mon Sep 17 00:00:00 2001 From: Sean Buckley Date: Sun, 6 Nov 2022 18:53:46 -0500 Subject: [PATCH] levi: Get NetworkPolicy working --- hosts/levi/kube.nix | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/hosts/levi/kube.nix b/hosts/levi/kube.nix index cb3ee66..8f3470a 100644 --- a/hosts/levi/kube.nix +++ b/hosts/levi/kube.nix @@ -1,14 +1,13 @@ { pkgs, ... }: { networking.firewall.allowedTCPPorts = [ 6443 ]; - environment.systemPackages = [ - pkgs.kubectl - pkgs.kubernetes-helm - ]; + environment.systemPackages = [ pkgs.kubectl ]; services.k3s.enable = true; - services.k3s.extraFlags = toString [ - # flags for using Calico instead of Flannel - "--disable-network-policy" - "--flannel-backend=none" - ]; + + # Get NetworkPolicy working + networking.firewall.enable = false; + systemd.services.k3s.path = [ pkgs.ipset ]; + services.k3s.package = pkgs.k3s.overrideAttrs (prev: { + buildInputs = prev.buildInputs ++ [ pkgs.ipset ]; + }); }