timtorChen
diff --git a/‎README.md‎
Lines changed: 12 additions & 12 deletions b/‎README.md‎
Lines changed: 12 additions & 12 deletions
diff --git a/‎kubernetes/kube-system/cilium/release.yaml‎
Lines changed: 1 addition & 1 deletion b/‎kubernetes/kube-system/cilium/release.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎kubernetes/rook-ceph/cluster/cephcluster.yaml‎
Lines changed: 11 additions & 2 deletions b/‎kubernetes/rook-ceph/cluster/cephcluster.yaml‎
Lines changed: 11 additions & 2 deletions
diff --git a/‎kubernetes/rook-ceph/cluster/rook-config-override.yaml‎
Lines changed: 0 additions & 16 deletions b/‎kubernetes/rook-ceph/cluster/rook-config-override.yaml‎
Lines changed: 0 additions & 16 deletions
diff --git a/‎kubernetes/rook-ceph/kustomization.yaml‎
Lines changed: 0 additions & 1 deletion b/‎kubernetes/rook-ceph/kustomization.yaml‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎talos/.taskfile.yaml‎
Lines changed: 24 additions & 21 deletions b/‎talos/.taskfile.yaml‎
Lines changed: 24 additions & 21 deletions
diff --git a/‎talos/schematics/nuc11tnhi50l.yaml‎ renamed to ‎talos/schematics/intelnuc.yaml‎
Lines changed: 1 addition & 1 deletion b/‎talos/schematics/nuc11tnhi50l.yaml‎ renamed to ‎talos/schematics/intelnuc.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎talos/schematics/raspi.yaml‎
Lines changed: 0 additions & 7 deletions b/‎talos/schematics/raspi.yaml‎
Lines changed: 0 additions & 7 deletions
diff --git a/‎talos/templates/nodes/nuc11tnhi50l-1.tmpl‎
Lines changed: 19 additions & 1 deletion b/‎talos/templates/nodes/nuc11tnhi50l-1.tmpl‎
Lines changed: 19 additions & 1 deletion
diff --git a/‎talos/templates/nodes/nuc11tnhi50l-2.tmpl‎
Lines changed: 19 additions & 1 deletion b/‎talos/templates/nodes/nuc11tnhi50l-2.tmpl‎
Lines changed: 19 additions & 1 deletion
@@ -40,7 +40,7 @@ This is a mono repository for my home infrastructure and Kubernetes cluster. I u
 
 |                                                                                                                                                      | Name                                                                                      | Description                                                         |
 | :--------------------------------------------------------------------------------------------------------------------------------------------------: | ----------------------------------------------------------------------------------------- | ------------------------------------------------------------------- |
-|                                             <img width="32" src="https://www.talos.dev/images/logo.svg">                                             | [Talos](https://github.com/siderolabs/talos)                                              | Immutable Linux distribution for Kubernetes.                        |
+|                                     <img width="32" src="https://avatars.githubusercontent.com/u/13804887?v=4">                                      | [Talos](https://github.com/siderolabs/talos)                                              | Immutable Linux distribution for Kubernetes.                        |
 |               <img width="28" src="https://raw.githubusercontent.com/cncf/artwork/main/projects/flux/icon/color/flux-icon-color.svg">                | [Flux](https://github.com/fluxcd/flux2)                                                   | Gitops tool to reconcile sources from Git repository to Kubernetes. |
 |            <img width="32" src="https://raw.githubusercontent.com/cncf/artwork/main/projects/kyverno/icon/color/kyverno-icon-color.svg">             | [Kyverno](https://github.com/kyverno/kyverno)                                             | Kubernetes policy manager.                                          |
 |             <img width="32" src="https://raw.githubusercontent.com/cncf/artwork/main/projects/cilium/icon/color/cilium_icon-color.svg">              | [Cilium](https://github.com/cilium/cilium)                                                | Advanced networking.                                                |
@@ -61,12 +61,12 @@ This is a mono repository for my home infrastructure and Kubernetes cluster. I u
 | :------------ | :----------------------------------------- | :-------------- |
 | Github        | Code repository and automation chores/jobs | Free            |
 | JumpCloud     | SSO identity provider                      | Free            |
-| Cloudflare    | Domain registrar and tunnel                | $10/year        |
-| Backblaze     | S3 bucket for buckup                       | ~$1/month       |
+| Cloudflare    | Domain registrar and tunnel                | $12/year        |
+| Backblaze     | S3 bucket for buckup                       | ~$5/month       |
 | AWS           | Parameter storage and terraform backend    | Free            |
 | Grafana Cloud | External montoring                         | Free            |
 | Let's Encrypt | Public certificate authroity               | Free            |
-|               |                                            | Total ~$22/year |
+|               |                                            | Total ~$6/month |
 
 ## 🔧 Hardware
 
@@ -75,14 +75,14 @@ This is a mono repository for my home infrastructure and Kubernetes cluster. I u
 <img src="docs/src/rack-20241103.jpg" width="400px"/>
 </details>
 
-| Device                          | Description                  | Count | RAM                        | Disk                                                                      |
-| ------------------------------- | ---------------------------- | ----- | -------------------------- | ------------------------------------------------------------------------- |
-| Askey RTF8207W                  | Chunghwa Telecom modem       | 1     |                            |                                                                           |
-| Mikrotik RB4011iGS+RM           | Router                       | 1     |                            |                                                                           |
-| Mikrotik CRS328-24P-4S+RM       | PoE Switch                   | 1     |                            |                                                                           |
-| Raspberry Pi 4B with PoE hat    | Kubernetes control planes    | 1     | 8GB                        | 960GB SSD Micron 5200                                                     |
-| Intel NUC11TNHi50L              | Kubernetes worker nodes      | 3     | 16\*2 Mircon CT16G4SFRA32A | <div>• OS: 960GB SSD Mircon 5300<div/><div>• Data: 960GB NVMe Mircon 7450 |
-| Ubiquiti Power Distribution Pro | 16p Switched and metered PDU | 1     |                            |                                                                           |
+| Device                          | Description                  | Count | RAM                          | Disk                                                                      |
+| ------------------------------- | ---------------------------- | ----- | ---------------------------- | ------------------------------------------------------------------------- |
+| Askey RTF8207W                  | Chunghwa Telecom modem       | 1     |                              |                                                                           |
+| Mikrotik RB4011iGS+RM           | Router                       | 1     |                              |                                                                           |
+| Mikrotik CRS328-24P-4S+RM       | PoE Switch                   | 1     |                              |                                                                           |
+| Intel NUC12WSHi5                | Kubernetes control planes    | 1     | 16GB Mircon CT16G4SFRA32A    | 960GB SSD Micron 5200                                                     |
+| Intel NUC11TNHi50L              | Kubernetes worker nodes      | 3     | 16GB\*2 Mircon CT16G4SFRA32A | <div>• OS: 960GB SSD Mircon 5300<div/><div>• Data: 960GB NVMe Mircon 7450 |
+| Ubiquiti Power Distribution Pro | 16p Switched and metered PDU | 1     |                              |                                                                           |
 
 ## 🤝 Acknowledgments
 
 
@@ -47,7 +47,7 @@ spec:
         enabled: false
       hostRoot: /sys/fs/cgroup
     k8sServiceHost: localhost
-    k8sServicePort: 7745
+    k8sServicePort: 7445
     hubble:
       enabled: true
       relay:
 
@@ -9,6 +9,17 @@ spec:
   cephVersion:
     image: quay.io/ceph/ceph:v19.2.2
   dataDirHostPath: /var/lib/rook
+  network:
+    provider: host
+    addressRanges:
+      public:
+        - 192.168.253.11/21
+        - 192.168.253.12/21
+        - 192.168.253.13/21
+      cluster:
+        - 192.168.253.101/32
+        - 192.168.253.102/32
+        - 192.168.253.103/32
   mon:
     count: 3
     allowMultiplePerNode: false
@@ -58,8 +69,6 @@ spec:
         memory: 64Mi
       requests:
         memory: 64Mi
-  network:
-    provider: host
   dashboard:
     enabled: true
   monitoring:
 
@@ -8,7 +8,6 @@ resources:
   - app/release.yaml
   # cluster
   - cluster/cephcluster.yaml
-  - cluster/rook-config-override.yaml
   # block
   - storage/block/cephblock.yaml
   - storage/block/snapshotclass.yaml
 
@@ -5,10 +5,8 @@ silent: true
 
 tasks:
   # schematics id
-  get-nuc11tnhi50l-schematic-id:
-    cmd: curl -s -X POST --data-binary @schematics/nuc11tnhi50l.yaml https://factory.talos.dev/schematics | jq --raw-output .id
-  get-raspi-schematic-id:
-    cmd: curl -s -X POST --data-binary @schematics/raspi.yaml https://factory.talos.dev/schematics | jq --raw-output .id
+  get-intelnuc-schematic-id:
+    cmd: curl -s -X POST --data-binary @schematics/intelnuc.yaml https://factory.talos.dev/schematics | jq --raw-output .id
 
   # talos task functions
   render:
@@ -34,7 +32,7 @@ tasks:
       IP="{{.IP}}"
 
       echo "> (dry-run) Apply configuration on $IP $TALOS_ROLE/$TALOS_NODE"
-      talosctl apply-config --dry-run -n "$IP" -f <(echo "$CONFIG")
+      talosctl apply-config --dry-run -n "$IP" -f <(echo "$CONFIG") {{.CLI_ARGS}}
 
   apply:
     internal: true
@@ -48,7 +46,7 @@ tasks:
       IP="{{.IP}}"
 
       echo "> Apply configuration on $IP $TALOS_ROLE/$TALOS_NODE"
-      talosctl apply-config -n "$IP" -f <(echo "$CONFIG")
+      talosctl apply-config -n "$IP" -f <(echo "$CONFIG") {{.CLI_ARGS}}
 
   upgrade:
     internal: true
@@ -71,7 +69,7 @@ tasks:
     prompt: Shutdown the node {{.TALOS_ROLE}}/{{.TALOS_NODE}}... continue?
     cmd: |
       IP="{{.IP}}"
-      talosctl shutdonw -n "$IP"
+      talosctl shutdown -n "$IP"
 
   reset:
     internal: true
@@ -84,34 +82,39 @@ tasks:
       --system-labels-to-wipe=META \
       --reboot --graceful -n "$IP"
 
-  # pi4b-1
-  render-pi4b-1:
+  # bootstrap
+  bootstrap:
+    cmd: |
+      talosctl bootstrap {{.CLI_ARGS}}
+
+  # nuc12wshi5-1
+  render-nuc12wshi5-1:
     cmds:
       - task: render
-        vars: &pi4b-1-vars
+        vars: &nuc12wshi5-1-vars
           IP: 192.168.253.1
-          TALOS_NODE: pi4b-1
+          TALOS_NODE: nuc12wshi5-1
           TALOS_ROLE: controlplane
-  plan-pi4b-1:
+  plan-nuc12wshi5-1:
     cmds:
       - task: plan
-        vars: *pi4b-1-vars
-  apply-pi4b-1:
+        vars: *nuc12wshi5-1-vars
+  apply-nuc12wshi5-1:
     cmds:
       - task: apply
-        vars: *pi4b-1-vars
-  upgrade-pi4b-1:
+        vars: *nuc12wshi5-1-vars
+  upgrade-nuc12wshi5-1:
     cmds:
       - task: upgrade
-        vars: *pi4b-1-vars
-  shutdown-pi4b-1:
+        vars: *nuc12wshi5-1-vars
+  shutdown-nuc12wshi5-1:
     cmds:
       - task: shutdown
-        vars: *pi4b-1-vars
-  reset-pi4b-1:
+        vars: *nuc12wshi5-1-vars
+  reset-nuc12wshi5-1:
     cmds:
       - task: reset
-        vars: *pi4b-1-vars
+        vars: *nuc12wshi5-1-vars
 
   # nuc11tnhi50l-1
   render-nuc11tnhi50l-1:
 
@@ -3,4 +3,4 @@ overlay: {}
 customization:
   systemExtensions:
     officialExtensions:
-      - siderolabs/i915-ucode
+      - siderolabs/i915
@@ -3,6 +3,24 @@ machine:
   type: worker
   network:
     hostname: nuc11tnhi50l-1
+    interfaces:
+      # external network
+      - interface: eth0
+        addresses: 
+          - 192.168.253.11/21
+        routes:
+          - network: 0.0.0.0/0
+            gateway: 192.168.248.1
+      # internal ceph communication
+      - interface: eth1
+        addresses:
+          - 192.168.253.101/21
+        routes:
+          - network: 192.168.253.101/32
+          - network: 192.168.253.102/32
+          - network: 192.168.253.103/32
+    nameservers:
+      - 192.168.248.1
   udev:
     # check /usr/etc/udev/rules.d/99-talos.rules
     rules:
@@ -11,7 +29,7 @@ machine:
   install:
     disk: /dev/sda
     # renovate: depName=ghcr.io/siderolabs/installer
-    image: factory.talos.dev/installer/ed036d0640097a4e7af413ee089851a12963cd2e2e1715f8866d551d17c2ec62:v1.9.0
+    image: factory.talos.dev/installer/dc8730aa8cc7bfa5ef7e2b3284248f2631135b2faf4ae11aa997a0c1987b0eee:v1.9.0
   kubelet:
     image: ghcr.io/siderolabs/kubelet:v1.32.0
 {{ end }}
@@ -3,6 +3,24 @@ machine:
   type: worker
   network:
     hostname: nuc11tnhi50l-2
+    interfaces:
+      # external network
+      - interface: eth0
+        addresses: 
+          - 192.168.253.12/21
+        routes:
+          - network: 0.0.0.0/0
+            gateway: 192.168.248.1
+      # internal ceph communication
+      - interface: eth1
+        addresses: 
+          - 192.168.253.102/21
+        routes:
+          - network: 192.168.253.101/32
+          - network: 192.168.253.102/32
+          - network: 192.168.253.103/32
+    nameservers:
+      - 192.168.248.1
   udev:
     # check /usr/etc/udev/rules.d/99-talos.rules
     rules:
@@ -11,7 +29,7 @@ machine:
   install:
     disk: /dev/sda
     # renovate: depName=ghcr.io/siderolabs/installer
-    image: factory.talos.dev/installer/ed036d0640097a4e7af413ee089851a12963cd2e2e1715f8866d551d17c2ec62:v1.9.0
+    image: factory.talos.dev/installer/dc8730aa8cc7bfa5ef7e2b3284248f2631135b2faf4ae11aa997a0c1987b0eee:v1.9.0
   kubelet:
     image: ghcr.io/siderolabs/kubelet:v1.32.0
 {{ end }}