Module: Pangea::Kubernetes::BareMetal::CloudInit

Defined in:

lib/pangea/kubernetes/bare_metal/cloud_init.rb

Overview

Generates user_data for NixOS servers running k3s or vanilla Kubernetes via blackmatter-kubernetes modules.

The NixOS boot sequence reads /etc/pangea/cluster-config.json and applies the corresponding blackmatter-kubernetes module (k3s or kubernetes).

Config is cloud-agnostic — the same JSON drives k3s/k8s setup on AWS EC2, GCP GCE, Azure VMs, and Hetzner servers.

Two output formats:

:shell        — bash script (NixOS AMIs with amazon-init, default)
:cloud_config — #cloud-config YAML (providers with real cloud-init)

Class Method Summary

• .generate(cluster_name:, distribution: :k3s, profile: 'cloud-server', distribution_track: '1.34', role: 'server', node_index: 0, cluster_init: false, network_id: nil, join_server: nil, fluxcd: nil, argocd: nil, k3s: nil, kubernetes: nil, secrets: nil, vpn: nil, bootstrap_secrets: nil, persistent_state: nil, format: :shell) ⇒ String

  Generate user_data for a NixOS Kubernetes node.

Class Method Details

.generate(cluster_name:, distribution: :k3s, profile: 'cloud-server', distribution_track: '1.34', role: 'server', node_index: 0, cluster_init: false, network_id: nil, join_server: nil, fluxcd: nil, argocd: nil, k3s: nil, kubernetes: nil, secrets: nil, vpn: nil, bootstrap_secrets: nil, persistent_state: nil, format: :shell) ⇒ String

Generate user_data for a NixOS Kubernetes node.

Parameters:

• cluster_name (String) —

  Name of the cluster

• distribution (Symbol) (defaults to: :k3s) —

  :k3s or :kubernetes

• profile (String) (defaults to: 'cloud-server') —

  blackmatter-kubernetes profile (e.g., ‘cilium-standard’)

• distribution_track (String) (defaults to: '1.34') —

  version track (e.g., ‘1.34’)

• role (String) (defaults to: 'server') —

  ‘server’/‘agent’ (k3s) or ‘control-plane’/‘worker’ (k8s)

• node_index (Integer) (defaults to: 0) —

  Index within the role group

• cluster_init (Boolean) (defaults to: false) —

  Whether this is the first server (cluster-init)

• network_id (String, nil) (defaults to: nil) —

  Cloud network ID for private networking

• join_server (String, nil) (defaults to: nil) —

  IP/hostname of the server to join

• fluxcd (Hash, nil) (defaults to: nil) —

  FluxCD bootstrap configuration

• argocd (Hash, nil) (defaults to: nil) —

  ArgoCD bootstrap configuration

• k3s (Hash, nil) (defaults to: nil) —

  K3s distribution options (full passthrough)

• kubernetes (Hash, nil) (defaults to: nil) —

  Vanilla Kubernetes options (full passthrough)

• secrets (Hash, nil) (defaults to: nil) —

  Secrets path references (sops-nix)

• vpn (Hash, nil) (defaults to: nil) —

  VPN configuration (WireGuard links)

• bootstrap_secrets (Hash, nil) (defaults to: nil) —

  Bootstrap secrets (age key, tokens) written at first boot

• persistent_state (Hash, nil) (defaults to: nil) —

  Persistent EBS-volume mount config — kindling discovers + attaches + mounts before k3s starts

• format (Symbol) (defaults to: :shell) —

  :shell (NixOS AMIs) or :cloud_config (real cloud-init)

Returns:

• (String) —

  user_data string

# File 'lib/pangea/kubernetes/bare_metal/cloud_init.rb', line 57

def generate(cluster_name:, distribution: :k3s, profile: 'cloud-server',
             distribution_track: '1.34', role: 'server', node_index: 0,
             cluster_init: false, network_id: nil, join_server: nil,
             fluxcd: nil, argocd: nil, k3s: nil, kubernetes: nil, secrets: nil,
             vpn: nil, bootstrap_secrets: nil, persistent_state: nil,
             format: :shell)
  config = {
    'cluster_name' => cluster_name,
    'distribution' => distribution.to_s,
    'profile' => profile,
    'distribution_track' => distribution_track,
    'role' => normalize_role(distribution, role),
    'node_index' => node_index,
    'cluster_init' => cluster_init
  }

  config['network_id'] = network_id if network_id
  config['join_server'] = join_server if join_server
  config['fluxcd'] = fluxcd if fluxcd
  config['argocd'] = stringify_keys_recursive(argocd) if argocd && !argocd.empty?
  config['k3s'] = stringify_keys_recursive(k3s) if k3s && !k3s.empty?
  config['kubernetes'] = stringify_keys_recursive(kubernetes) if kubernetes && !kubernetes.empty?
  config['secrets'] = stringify_keys_recursive(secrets) if secrets && !secrets.empty?
  config['vpn'] = stringify_keys_recursive(vpn) if vpn && !vpn.empty?
  config['bootstrap_secrets'] = stringify_keys_recursive(bootstrap_secrets) if bootstrap_secrets && !bootstrap_secrets.empty?
  config['persistent_state'] = stringify_keys_recursive(persistent_state) if persistent_state && !persistent_state.empty?

  case format.to_sym
  when :cloud_config
    generate_cloud_config(config)
  else
    generate_shell_script(config)
  end
end