infra/nix/os/snippets/k3s-w-nix-snapshotter.nix

# experiment with k3s, nix-snapshotter, and nixos images
{
  nodeFlake,
  pkgs,
  lib,
  system,
  config,
  ...
}:
let
  cfg = config.steveej.k3s;

in
# TODO: make this configurable
{
  options.steveej.k3s = {
    enable = lib.mkOption {
      description = "steveej's k3s distro";
      type = lib.types.bool;
      default = true;
    };
  };

  # (1) Import nixos module.
  imports = [ nodeFlake.inputs.nix-snapshotter.nixosModules.default ];

  config = lib.mkIf cfg.enable {
    # (2) Add overlay.
    nixpkgs.overlays = [ nodeFlake.inputs.nix-snapshotter.overlays.default ];

    # (3) Enable service.
    virtualisation.containerd = {
      enable = true;
      nixSnapshotterIntegration = true;

      # TODO: understand if this has an influence on the systemd LoadCredential issue
      # settings.plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options.SystemdCgroup = lib.mkForce true;
    };
    services.nix-snapshotter = {
      enable = true;
    };

    # (4) Add a containerd CLI like nerdctl.
    environment.systemPackages = [
      pkgs.nerdctl
      nodeFlake.inputs.nix-snapshotter.packages.${system}.default
    ];

    services.k3s = {
      enable = false;
      setKubeConfig = true;
    };

    # home-manager.users."${homeUser}" = _: {
    #   home.sessionVariables.CONTAINERD_ADDRESS = "/run/user/1000/containerd/containerd.sock";
    # };
  };
}
feat: experimental k3s + nix-snapshotter snippet 2024-06-13 16:42:55 +02:00			`# experiment with k3s, nix-snapshotter, and nixos images`
			`{`
			`nodeFlake,`
			`pkgs,`
			`lib,`
			`system,`
WIP k3s 2024-10-16 18:28:17 +02:00			`config,`
feat: experimental k3s + nix-snapshotter snippet 2024-06-13 16:42:55 +02:00			`...`
feat: introduce treefmt and fmt all 2024-11-15 10:17:56 +01:00			`}:`
			`let`
WIP k3s 2024-10-16 18:28:17 +02:00			`cfg = config.steveej.k3s;`

feat: introduce treefmt and fmt all 2024-11-15 10:17:56 +01:00			`in`
			`# TODO: make this configurable`
			`{`
WIP k3s 2024-10-16 18:28:17 +02:00			`options.steveej.k3s = {`
			`enable = lib.mkOption {`
			`description = "steveej's k3s distro";`
			`type = lib.types.bool;`
			`default = true;`
			`};`
			`};`

feat: experimental k3s + nix-snapshotter snippet 2024-06-13 16:42:55 +02:00			`# (1) Import nixos module.`
feat: introduce treefmt and fmt all 2024-11-15 10:17:56 +01:00			`imports = [ nodeFlake.inputs.nix-snapshotter.nixosModules.default ];`
feat: experimental k3s + nix-snapshotter snippet 2024-06-13 16:42:55 +02:00
WIP k3s 2024-10-16 18:28:17 +02:00			`config = lib.mkIf cfg.enable {`
			`# (2) Add overlay.`
feat: introduce treefmt and fmt all 2024-11-15 10:17:56 +01:00			`nixpkgs.overlays = [ nodeFlake.inputs.nix-snapshotter.overlays.default ];`
feat: experimental k3s + nix-snapshotter snippet 2024-06-13 16:42:55 +02:00
WIP k3s 2024-10-16 18:28:17 +02:00			`# (3) Enable service.`
			`virtualisation.containerd = {`
			`enable = true;`
			`nixSnapshotterIntegration = true;`
feat: experimental k3s + nix-snapshotter snippet 2024-06-13 16:42:55 +02:00
WIP k3s 2024-10-16 18:28:17 +02:00			`# TODO: understand if this has an influence on the systemd LoadCredential issue`
			`# settings.plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options.SystemdCgroup = lib.mkForce true;`
			`};`
			`services.nix-snapshotter = {`
			`enable = true;`
			`};`
feat: experimental k3s + nix-snapshotter snippet 2024-06-13 16:42:55 +02:00
WIP k3s 2024-10-16 18:28:17 +02:00			`# (4) Add a containerd CLI like nerdctl.`
			`environment.systemPackages = [`
			`pkgs.nerdctl`
			`nodeFlake.inputs.nix-snapshotter.packages.${system}.default`
			`];`

			`services.k3s = {`
			`enable = false;`
			`setKubeConfig = true;`
			`};`
feat: experimental k3s + nix-snapshotter snippet 2024-06-13 16:42:55 +02:00
WIP k3s 2024-10-16 18:28:17 +02:00			`# home-manager.users."${homeUser}" = _: {`
			`# home.sessionVariables.CONTAINERD_ADDRESS = "/run/user/1000/containerd/containerd.sock";`
			`# };`
feat: experimental k3s + nix-snapshotter snippet 2024-06-13 16:42:55 +02:00			`};`
			`}`