# yaml-language-server: $schema=../../schemas/cluster.json
version:
  kubernetes: 1.34.1
  talos: 1.11.3
clusterEnv: staging
controlPlaneIp: 192.168.1.100
nodes:
  - testing/talos-vm
# secrets:
#   age: !file testing/age.key
#   talos: testing/secrets.yaml

base:
  kernelArgs:
    - talos.platform=metal
    - console=tty0
    - init_on_alloc=1
    - init_on_free=1
    - slab_nomerge
    - pti=on
    - consoleblank=0
    - nvme_core.io_timeout=4294967295
    - printk.devkmsg=on
    - selinux=1
    - lockdown=confidentiality
  patches:
    all:
      - system/hostname
      - system/install-disk
      - system/network
      - networking/vip
      - networking/tailscale
      - networking/cilium
      - spegel
      - storage/longhorn
      - storage/longhorn/user-volume
      - storage/local-path-provisioner/user-volume
      - storage/limit-ephemeral
      - metrics/all
    controlPlane:
      - system/allow-control-plane-workloads
      # - sops
      - flux/cluster-variables
      - metrics/control-plane
      - networking/gateway-api
default:
  arch: amd64
  network:
    interface: enp1s0
    netmask: 255.255.252.0
    gateway: 192.168.1.1
    dns:
      - 1.1.1.1
      - 8.8.8.8
    tailscale:
      server: https://headscale.huizinga.dev
      authKey:
        file: tailscale.key
      advertiseRoutes: true
  ntp: nl.pool.ntp.org
  install:
    auto: true
    disk: /dev/vda