kdvz/hetzner-k8s-extern

No description

HCL 100%

Find a file

buss430 f09776a73f feat: added nextcloud charts		2026-02-03 15:39:12 +01:00
archive/matrix	feat: added nextcloud	2026-02-03 15:37:07 +01:00
bootstrap	first commit	2026-02-03 14:55:57 +01:00
kubernetes	feat: added nextcloud charts	2026-02-03 15:39:12 +01:00
.editorconfig	first commit	2026-02-03 14:55:57 +01:00
.gitignore	first commit	2026-02-03 14:55:57 +01:00
.sops.yaml	first commit	2026-02-03 14:55:57 +01:00
README.md	first commit	2026-02-03 14:55:57 +01:00

README.md

Prerequisites

age keys

Create your own key and create a cluster key. Later on the cluster key gets deployed as secret inside your cluster to decrypt your secrets.

# install dependencies
brew install age sops

# create path
mkdir -p  $HOME/.config/sops/age

# create keys
age-keygen -o $HOME/.config/sops/age/keys.txt
age-keygen -o $HOME/.config/sops/age/cluster-keys.txt

sops configuration

Die öffentlichen age keys, die in der Datei .sops.yaml hinterlegt werden, werden für die Verschlüsselung der secret.sops.yaml Dateien genutzt.

vi .sops.yaml

---
creation_rules:
  - path_regex: kubernetes/.*\.sops\.ya?ml
    encrypted_regex: "^(data|stringData)$"
    key_groups:
      - age:
          - age1kxw2un7pcutnx8tsw2q5hg2g24vzsy3asjsmqngdzlh0fu5rayaqze6e5a # cluster key
          - age1kxu....
  - path_regex: setup/.*\.sops\.ya?ml
    encrypted_regex: "^(data|stringData)$"
    key_groups:
      - age:
          - age1kxw2un7pcutnx8tsw2q5hg2g24vzsy3asjsmqngdzlh0fu5rayaqze6e5a # cluster key
          - age1kxu....

⛵ Kubernetes

Installation

git clone https://code.kdvz.cloud/kdvz/hetzner-k8s-extern.git
Create talos node on hcloud
Bootstrap talos node
Bootstrap k8s