From e455ee0ad43a3866b8a3bc65a4e2595e6340208c Mon Sep 17 00:00:00 2001
From: Gabriel Arazas <foodogsquared@foodogsquared.one>
Date: Wed, 11 Dec 2024 10:57:43 +0800
Subject: [PATCH] hosts/ni/setups/development: add k3s server

---
 .../nixos/ni/modules/setups/development.nix   | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/configs/nixos/ni/modules/setups/development.nix b/configs/nixos/ni/modules/setups/development.nix
index d164713c..35b323d7 100644
--- a/configs/nixos/ni/modules/setups/development.nix
+++ b/configs/nixos/ni/modules/setups/development.nix
@@ -64,6 +64,25 @@ in
       ];
     }
 
+    (lib.mkIf config.suites.dev.containers.enable {
+      # Setting up a single-node k3s cluster for learning purposes.
+      services.k3s = {
+        enable = true;
+        role = "server";
+        extraFlags = [ "--debug" ];
+      };
+
+      networking.firewall.allowedTCPPorts = [
+        6443 # required so that pods can reach the API server (running on port 6443 by default)
+        2379 # etcd clients: required if using a "High Availability Embedded etcd" configuration
+        2380 # etcd peers: required if using a "High Availability Embedded etcd" configuration
+      ];
+
+      networking.firewall.allowedUDPPorts = [
+        8472 # flannel: required if using multi-node for inter-node networking
+      ];
+    })
+
     # You'll be most likely having these anyways and even if this is disabled,
     # you most likely cannot use the system at all so WHY IS IT HERE?
     (lib.mkIf hostCfg.networking.enable {