From cc4826e4a167475b0f8a4e9b158eac1d5b6420c4 Mon Sep 17 00:00:00 2001
From: Katherina Walshe-Grey <git@qenya.tel>
Date: Sat, 25 Apr 2026 12:02:05 +0100
Subject: [PATCH] tehanu: Kubernetes master node (WIP)

---
 hosts/tehanu/default.nix | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/hosts/tehanu/default.nix b/hosts/tehanu/default.nix
index fc1ecad..6976bb0 100644
--- a/hosts/tehanu/default.nix
+++ b/hosts/tehanu/default.nix
@@ -15,5 +15,24 @@
 
   qenya.base-server.enable = true;
 
+    randomcat.services.zfs.datasets = {
+    "rpool_tehanu/state" = { mountpoint = "none"; };
+    "rpool_tehanu/state/cfssl" = { mountpoint = config.services.cfssl.dataDir; };
+    "rpool_tehanu/state/etcd" = { mountpoint = config.services.etcd.dataDir; };
+    "rpool_tehanu/state/kubernetes" = { mountpoint = config.services.kubernetes.dataDir; };
+  };
+
+  services.sanoid.datasets."rpool_tehanu/state" = {
+    useTemplate = [ "production" ];
+    recursive = "zfs";
+  };
+
+  services.kubernetes = {
+    roles = [ "master" ];
+    masterAddress = "100.77.194.23"; # tehanu tailscale ip
+    # apiserver.advertiseAddress = "100.77.194.23";
+  };
+  networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ 6443 2379 2380 10250 10259 10257 ];
+
   system.stateVersion = "23.11";
 }