TerraHome

Author	SHA1	Message	Date
MichaelFisher1997	c061dda31d	fix: disable webhook authz and clean stale kubelet configs Some checks failed Terraform Plan / Terraform Plan (push) Has been cancelled Details - Add authorization.mode: AlwaysAllow to KubeletConfiguration - Remove stale kubelet config.yaml before unmasking in all kubeadm scripts - This prevents 'no client provided, cannot use webhook authorization' error	2026-03-02 17:59:31 +00:00
MichaelFisher1997	fb21fbef4f	fix: disable kubelet webhook auth in kubeadm init config Some checks failed Terraform Plan / Terraform Plan (push) Has been cancelled Details - Use explicit kubeadm config file with KubeletConfiguration - Disable webhook authentication which was causing 'no client provided' error - Add ConditionPathExists to kubelet systemd unit	2026-03-02 16:49:21 +00:00
MichaelFisher1997	1b76e07326	fix: kubelet directories and containerd readiness Some checks failed Terraform Plan / Terraform Plan (push) Has been cancelled Details - Create /var/lib/kubelet and /var/lib/kubelet/pki directories via tmpfiles - Ensure containerd is running before kubeadm init - Add kubelet logs output on kubeadm init failure for debugging	2026-03-02 14:44:47 +00:00
MichaelFisher1997	db72dcab75	fix: remove kubelet ConditionPathExists, add daemon-reload Some checks failed Terraform Plan / Terraform Plan (push) Has been cancelled Details - Remove ConditionPathExists from kubelet service definition as it prevents kubelet from starting when managed by kubeadm - Add systemctl daemon-reload after unmasking in all kubeadm scripts - Add reset-failed for consistent state cleanup	2026-03-02 13:58:49 +00:00
MichaelFisher1997	d42e83358c	fix: mask kubelet before rebuild, unmask in kubeadm helpers Some checks failed Terraform Plan / Terraform Plan (push) Has been cancelled Details - Mask kubelet service entirely before nixos-rebuild to prevent systemd from restarting it during switch - Unmask kubelet in th-kubeadm-init/join scripts before starting	2026-03-02 12:44:40 +00:00
MichaelFisher1997	93e43a546f	fix: prevent kubelet auto-start during rebuild Some checks failed Terraform Plan / Terraform Plan (push) Has been cancelled Details Add wantedBy = [] to prevent kubelet from being started by multi-user.target during nixos-rebuild switch. This allows rebuilds to succeed even when the cluster is in a transitional state. Kubelet will be started by kubeadm init/join commands instead.	2026-03-02 12:13:05 +00:00
MichaelFisher1997	ab5cc8b01d	fix: disable lingering kubelet service before node rebuild Some checks failed Terraform Plan / Terraform Plan (push) Has been cancelled Details	2026-03-02 10:08:27 +00:00
MichaelFisher1997	f65a414959	fix: stop auto-enabling kubelet during base node rebuild All checks were successful Terraform Plan / Terraform Plan (push) Successful in 10m8s Details	2026-03-02 09:13:53 +00:00
MichaelFisher1997	7c849ed019	fix: gate kubelet startup until kubeadm config exists Some checks failed Terraform Plan / Terraform Plan (push) Has been cancelled Details	2026-03-02 08:39:22 +00:00
MichaelFisher1997	388b0c4f5d	fix: align kubelet systemd unit with kubeadm flags Some checks failed Terraform Plan / Terraform Plan (push) Has been cancelled Details	2026-03-02 03:44:35 +00:00
MichaelFisher1997	d810547675	fix: ignore kubeadm HTTPProxyCIDR preflight in homelab workflow Some checks failed Terraform Plan / Terraform Plan (push) Has been cancelled Details	2026-03-02 03:06:29 +00:00
MichaelFisher1997	9426968cd4	fix: run kubeadm init/reset with clean environment Some checks failed Terraform Plan / Terraform Plan (push) Has been cancelled Details	2026-03-02 02:36:57 +00:00
MichaelFisher1997	02a6bca60b	fix: harden kubeadm scripts for proxy and preflight issues Some checks failed Terraform Plan / Terraform Plan (push) Has been cancelled Details	2026-03-02 02:02:38 +00:00
MichaelFisher1997	a098c0aa29	fix: avoid sudo env loss for kube-vip image reference All checks were successful Terraform Plan / Terraform Plan (push) Successful in 10m8s Details	2026-03-02 01:27:44 +00:00
MichaelFisher1997	9b03cec23e	fix: correctly propagate remote command exit status All checks were successful Terraform Plan / Terraform Plan (push) Successful in 10m7s Details	2026-03-02 00:52:24 +00:00
MichaelFisher1997	fd7be1a428	fix: require admin kubeconfig before skipping cp init All checks were successful Terraform Plan / Terraform Plan (push) Successful in 10m8s Details	2026-03-01 23:42:56 +00:00
MichaelFisher1997	f9e7356f94	fix: make cp-1 init detection and join token generation robust All checks were successful Terraform Plan / Terraform Plan (push) Successful in 9m44s Details	2026-03-01 21:56:59 +00:00
MichaelFisher1997	a5f0f0a420	fix: recover when admin kubeconfig is missing on primary control plane All checks were successful Terraform Plan / Terraform Plan (push) Successful in 10m7s Details	2026-03-01 20:58:44 +00:00
MichaelFisher1997	661fbc2ff4	fix: use admin kubeconfig for final cluster node check All checks were successful Terraform Plan / Terraform Plan (push) Successful in 10m7s Details	2026-03-01 20:31:57 +00:00
MichaelFisher1997	3fa227d7c9	feat: add SSH-based fallback for kubeadm IP inventory All checks were successful Terraform Plan / Terraform Plan (push) Successful in 10m7s Details	2026-03-01 19:28:15 +00:00
MichaelFisher1997	718a9930e8	fix: fail fast when terraform node IP outputs are empty Some checks failed Terraform Plan / Terraform Plan (push) Has been cancelled Details	2026-03-01 18:01:09 +00:00
MichaelFisher1997	7ec1ce92cf	fix: auto-detect kube-vip interface and tighten SSH fallback Some checks failed Terraform Plan / Terraform Plan (push) Has been cancelled Details	2026-03-01 17:34:09 +00:00
MichaelFisher1997	88db11292d	fix: fallback SSH user per host during bootstrap steps All checks were successful Terraform Plan / Terraform Plan (push) Successful in 10m6s Details	2026-03-01 13:34:15 +00:00
MichaelFisher1997	8bd064c828	fix: keep micqdf user during kubeadm node rebuilds Some checks failed Terraform Plan / Terraform Plan (push) Has been cancelled Details	2026-03-01 13:31:46 +00:00
MichaelFisher1997	760d0e8b5b	perf: speed up first bootstrap with fast-mode defaults All checks were successful Terraform Plan / Terraform Plan (push) Successful in 1m59s Details	2026-03-01 03:33:42 +00:00
MichaelFisher1997	dad409a5b7	fix: restore use-remote-sudo for nixos-rebuild compatibility All checks were successful Terraform Plan / Terraform Plan (push) Successful in 20s Details	2026-02-28 23:20:12 +00:00
MichaelFisher1997	45e818b113	fix: enable nix-command for remote gc and use --sudo All checks were successful Terraform Plan / Terraform Plan (push) Successful in 21s Details	2026-02-28 22:55:15 +00:00
MichaelFisher1997	f5d9eba9d0	feat: parallelize worker rebuilds with retry and timeout Some checks failed Terraform Plan / Terraform Plan (push) Has been cancelled Details	2026-02-28 22:15:48 +00:00
MichaelFisher1997	327c07314c	fix: reclaim remote nix store space before rebuild All checks were successful Terraform Plan / Terraform Plan (push) Successful in 13s Details	2026-02-28 21:24:26 +00:00
MichaelFisher1997	3b5d04dda2	fix: force bash for remote kubeadm commands All checks were successful Terraform Plan / Terraform Plan (push) Successful in 18s Details	2026-02-28 21:06:35 +00:00
MichaelFisher1997	ba912810d1	fix: preconfigure remote nix trusted-users before rebuild All checks were successful Terraform Plan / Terraform Plan (push) Successful in 12s Details	2026-02-28 20:25:50 +00:00
MichaelFisher1997	5c037d9a99	fix: prefer root SSH for deploy and trust micqdf in nix All checks were successful Terraform Plan / Terraform Plan (push) Successful in 18s Details	2026-02-28 20:03:26 +00:00
MichaelFisher1997	244887e9c2	fix: auto-detect SSH login user for node operations All checks were successful Terraform Plan / Terraform Plan (push) Successful in 18s Details	2026-02-28 19:25:48 +00:00
MichaelFisher1997	c94c1f61d8	fix: force explicit SSH identity for kubeadm remote operations All checks were successful Terraform Plan / Terraform Plan (push) Successful in 18s Details	2026-02-28 17:16:31 +00:00
MichaelFisher1997	046de9b3d4	fix: preseed known_hosts for kubeadm SSH operations All checks were successful Terraform Plan / Terraform Plan (push) Successful in 19s Details	2026-02-28 17:07:43 +00:00
MichaelFisher1997	5669305e59	feat: make kubeadm workflows auto-scale with terraform outputs All checks were successful Terraform Plan / Terraform Plan (push) Successful in 19s Details	2026-02-28 16:43:22 +00:00
MichaelFisher1997	f341816112	feat: run kubeadm reconcile after terraform apply on master All checks were successful Terraform Plan / Terraform Plan (push) Successful in 18s Details	2026-02-28 16:39:04 +00:00
MichaelFisher1997	8bcc162956	feat: auto-discover kubeadm node IPs from terraform state All checks were successful Terraform Plan / Terraform Plan (push) Successful in 17s Details	2026-02-28 16:31:23 +00:00
MichaelFisher1997	b0779c51c0	feat: add gitea workflows for kubeadm bootstrap and reset All checks were successful Terraform Plan / Terraform Plan (push) Successful in 17s Details	2026-02-28 16:26:51 +00:00
MichaelFisher1997	9fe845b53d	feat: add repeatable kubeadm rebuild and reset scripts All checks were successful Terraform Plan / Terraform Plan (push) Successful in 17s Details	2026-02-28 16:24:45 +00:00
MichaelFisher1997	885a92f494	chore: add lightweight flake checks for kubeadm configs All checks were successful Terraform Plan / Terraform Plan (push) Successful in 17s Details	2026-02-28 16:19:37 +00:00
MichaelFisher1997	91dd20e60e	fix: escape shell expansion in kubeadm helper scripts All checks were successful Terraform Plan / Terraform Plan (push) Successful in 17s Details	2026-02-28 16:12:25 +00:00
MichaelFisher1997	abac6300ca	refactor: generate kubeadm host configs from flake All checks were successful Terraform Plan / Terraform Plan (push) Successful in 17s Details	2026-02-28 16:09:05 +00:00
MichaelFisher1997	7206d8cd41	feat: implement kubeadm bootstrap scaffolding for Nix nodes All checks were successful Terraform Plan / Terraform Plan (push) Successful in 18s Details	2026-02-28 16:04:14 +00:00
MichaelFisher1997	21be01346b	feat: refactor infra to cp/wk kubeadm topology Some checks failed Terraform Plan / Terraform Plan (push) Failing after 9s Details Provision 3 thin control planes and 3 workers with role-specific sizing and VMID ranges (701/711), generate per-node cloud-init snippets with SSH key injection, and add NixOS kubeadm host/module scaffolding for cp-1..3 and wk-1..3.	2026-02-28 14:16:55 +00:00

45 Commits