From 885a92f4940cd0018f8a8cc325018f9416407c56 Mon Sep 17 00:00:00 2001
From: MichaelFisher1997 <contact@michaelfisher.tech>
Date: Sat, 28 Feb 2026 16:19:37 +0000
Subject: [PATCH] chore: add lightweight flake checks for kubeadm configs

---
 nixos/kubeadm/flake.nix              | 49 +++++++++++++++++++++++++---
 nixos/kubeadm/modules/k8s-common.nix |  1 +
 2 files changed, 45 insertions(+), 5 deletions(-)

diff --git a/nixos/kubeadm/flake.nix b/nixos/kubeadm/flake.nix
index eca29ac..e88ee5c 100644
--- a/nixos/kubeadm/flake.nix
+++ b/nixos/kubeadm/flake.nix
@@ -9,8 +9,14 @@
     let
       system = "x86_64-linux";
       lib = nixpkgs.lib;
+      pkgs = nixpkgs.legacyPackages.${system};
+      nodeNames = [ "cp-1" "cp-2" "cp-3" "wk-1" "wk-2" "wk-3" ];
 
-      mkNode = { name, role }:
+      mkNode = {
+        name,
+        role,
+        extraModules ? [ ],
+      }:
         let
           roleModule = if role == "control-plane" then ./modules/k8s-control-plane.nix else ./modules/k8s-worker.nix;
           hardwarePath = ./hosts/hardware + "/${name}.nix";
@@ -25,14 +31,47 @@
               imports = lib.optional (builtins.pathExists hardwarePath) hardwarePath;
               networking.hostName = name;
               system.stateVersion = "25.05";
+              boot.loader.grub.devices = lib.mkDefault [ "/dev/sda" ];
+              fileSystems."/" = lib.mkDefault {
+                device = "/dev/disk/by-label/nixos";
+                fsType = "ext4";
+              };
             })
-          ];
+          ] ++ extraModules;
         };
-    in {
-      nixosConfigurations = lib.genAttrs [ "cp-1" "cp-2" "cp-3" "wk-1" "wk-2" "wk-3" ] (name:
+
+      mkNodeByName = name:
         mkNode {
           inherit name;
           role = if lib.hasPrefix "cp-" name then "control-plane" else "worker";
-        });
+        };
+
+      mkEvalCheck = name:
+        let
+          cfg = mkNode {
+            inherit name;
+            role = if lib.hasPrefix "cp-" name then "control-plane" else "worker";
+            extraModules = [
+              ({ lib, ... }: {
+                boot.loader.grub.devices = lib.mkDefault [ "/dev/sda" ];
+                fileSystems."/" = lib.mkDefault {
+                  device = "/dev/disk/by-label/nixos";
+                  fsType = "ext4";
+                };
+              })
+            ];
+          };
+        in
+        pkgs.runCommand "eval-${name}" { } ''
+          cat > "$out" <<'EOF'
+          host=${cfg.config.networking.hostName}
+          role=${if lib.hasPrefix "cp-" name then "control-plane" else "worker"}
+          stateVersion=${cfg.config.system.stateVersion}
+          EOF
+        '';
+    in {
+      nixosConfigurations = lib.genAttrs nodeNames mkNodeByName;
+
+      checks.${system} = lib.genAttrs nodeNames mkEvalCheck;
     };
 }
diff --git a/nixos/kubeadm/modules/k8s-common.nix b/nixos/kubeadm/modules/k8s-common.nix
index 9b80c01..57fea49 100644
--- a/nixos/kubeadm/modules/k8s-common.nix
+++ b/nixos/kubeadm/modules/k8s-common.nix
@@ -185,6 +185,7 @@ in
   systemd.services.kubelet = {
     description = "Kubernetes Kubelet";
     wantedBy = [ "multi-user.target" ];
+    wants = [ "network-online.target" ];
     after = [ "containerd.service" "network-online.target" ];
     serviceConfig = {
       ExecStart = "${pinnedK8s}/bin/kubelet";