HomeInfra/HetznerTerra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add kubeconfig refresh script and fix Ansible Finalize to use public IP
All checks were successful
Deploy Cluster / Terraform (push) Successful in 53s
Details
Deploy Cluster / Ansible (push) Successful in 5m25s
Details

Browse Source 
- scripts/refresh-kubeconfig.sh fetches a fresh kubeconfig from CP1
- Ansible site.yml Finalize step now uses public IP instead of Tailscale
  hostname for the kubeconfig server address
- Updated AGENTS.md with kubeconfig refresh instructions
This commit is contained in:
MichaelFisher1997
2026-03-29 03:31:36 +00:00
parent 905d069e91
commit 6e5b0518be
3 changed files with 41 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
AGENTS.md
View File

@@ -66,6 +66,13 @@ Repository guide for agentic contributors working in this repo.
- Prefer validating the exact directory you edited, not the whole repo, unless the change is cross-cutting.
- For Flux changes, verify the relevant `Kustomization`/`HelmRelease`/`ExternalSecret` manifests render cleanly before committing.
### Kubeconfig refresh
After a full cluster rebuild, the kubeconfig goes stale (new certs, new IPs). Refresh it with:
- `scripts/refresh-kubeconfig.sh <cp1-public-ip>` (preferred)
- Or manually: `ssh -i ~/.ssh/infra root@<cp1-ip> "cat /etc/rancher/k3s/k3s.yaml" | sed 's/127.0.0.1/<cp1-ip>/g' > outputs/kubeconfig`
- The Ansible `site.yml` Finalize step also rewrites the server address to the public IP during bootstrap.
## Code Style
### General