From e8d7fd7db7c73ce4f03ed782205ff24c7b158e7d Mon Sep 17 00:00:00 2001
From: adjoly <contact@adjoly.fr>
Date: Wed, 27 Aug 2025 18:16:10 +0200
Subject: [PATCH] =?UTF-8?q?=E3=80=8C=F0=9F=8F=97=EF=B8=8F=E3=80=8D=20wip:?=
 =?UTF-8?q?=20started=20working=20on=20p2?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 p2/Vagrantfile                |  0
 p2/deploy/app1-deployment.yml | 21 +++++++++++++++++++++
 p2/deploy/app2.yml            | 21 +++++++++++++++++++++
 vm/configuration.nix          | 14 ++++++++++++++
 4 files changed, 56 insertions(+)
 create mode 100644 p2/Vagrantfile
 create mode 100644 p2/deploy/app1-deployment.yml
 create mode 100644 p2/deploy/app2.yml

diff --git a/p2/Vagrantfile b/p2/Vagrantfile
new file mode 100644
index 0000000..e69de29
diff --git a/p2/deploy/app1-deployment.yml b/p2/deploy/app1-deployment.yml
new file mode 100644
index 0000000..4aaed93
--- /dev/null
+++ b/p2/deploy/app1-deployment.yml
@@ -0,0 +1,21 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: app1-deployment
+spec:
+  selector:
+    matchLabels:
+      app: app1
+  template:
+    metadata:
+      labels:
+        app: app1
+    spec:
+      containers:
+      - name: app1
+        image: traefik/whoami
+        ports:
+        - containerPort: 80
+        command:
+          - --port=80
+          - --name=app-one
diff --git a/p2/deploy/app2.yml b/p2/deploy/app2.yml
new file mode 100644
index 0000000..e2f1c21
--- /dev/null
+++ b/p2/deploy/app2.yml
@@ -0,0 +1,21 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: app1-deployment
+  labels:
+    app: app1
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      - name: nginx
+        image: nginx:1.14.2
+        ports:
+        - containerPort: 80
diff --git a/vm/configuration.nix b/vm/configuration.nix
index 7822873..066f8fa 100644
--- a/vm/configuration.nix
+++ b/vm/configuration.nix
@@ -20,6 +20,20 @@
     "flakes"
   ];
 
+  networking.firewall.allowedTCPPorts = [
+    6443 # k3s: required so that pods can reach the API server (running on port 6443 by default)
+    # 2379 # k3s, etcd clients: required if using a "High Availability Embedded etcd" configuration
+    # 2380 # k3s, etcd peers: required if using a "High Availability Embedded etcd" configuration
+  ];
+  networking.firewall.allowedUDPPorts = [
+    # 8472 # k3s, flannel: required if using multi-node for inter-node networking
+  ];
+  services.k3s.enable = true;
+  services.k3s.role = "server";
+  services.k3s.extraFlags = toString [
+    # "--debug" # Optionally add additional args to k3s
+  ];
+
   # Since `fileSystems` is ignored by nixos-generators, we need to be creative
   systemd.services.mount-iot = {
     description = "Mount the IOT shared folder";