# Talos

To decrypt the secrets file:

```
git-crypt unlock
```

Generate the config files:

```bash
talosctl gen config <cluster_name> https://<controlplane_ip>:6443 -f \
--with-secrets secrets.yaml \
--config-patch @<path_to_patch> \
--config-patch-control-plane @<path_to_controlplane_patch> \
--install-image factory.talos.dev/metal-installer/<schematic_id>:<version> \
-o configs
```

Set TALOSCONFIG:

```bash
export TALOSCONFIG=$(realpath configs/talosconfig)
```

Apply the configs for each node, use worker.yaml for worker nodes:

```bash
talosctl apply-config --insecure --nodes <node_id> --file configs/controlplane.yaml
```

Set endpoint to one of the nodes:

```bash
talosctl config endpoint <node_ip>
```

Bootstrap Kubernetes:

```bash
talosctl -n <node_id> bootstrap
```

Set endpoint to control plane:

```bash
talosctl config endpoint <controlplane_ip>
```

Get kubeconfig and set KUBECONFIG:

```bash
talosctl -n 192.168.1.100 kubeconfig $PWD/configs/kubeconfig
export KUBECONFIG=$(realpath configs/kubeconfig)
```

For applying updated config to node:

```bash
talosctl apply-config --nodes <node_id> --file configs/controlplane.yaml
```

Upgrading talos or changing the schematic:

```bash
talosctl upgrade --nodes <node_id> --image factory.talos.dev/metal-installer/<schematic_id>:<version>
```

To upgrade kubernetes or inline manifests, first apply the updated controlplane configs, then run:

```bash
talosctl upgrade-k8s
```