fix - rke2 metallb open

2025-04-08 10:03:24 -04:00 · 2025-04-08 10:03:24 -04:00 · b5d767ccee
commit b5d767ccee
parent c3a947ff02
2 changed files with 7 additions and 7 deletions
--- a/homes/aarch64-darwin/evanreichard@mac-va-mbp-personal/default.nix
+++ b/homes/aarch64-darwin/evanreichard@mac-va-mbp-personal/default.nix
@ -1,4 +1,4 @@
-{ pkgs, lib, config, namespace, ... }:
+{ lib, config, namespace, ... }:
 let
  inherit (lib.${namespace}) enabled;
 in
@ -12,7 +12,6 @@ in
    };

    services = {
-      ssh-agent = enabled;
      # TODO
      # sops = {
      #   enable = true;
@ -25,11 +24,6 @@ in
      graphical = {
        ghostty = enabled;
        ghidra = enabled;
-        browsers.firefox = {
-          enable = true;
-          gpuAcceleration = true;
-          hardwareDecoding = true;
-        };
      };

      terminal = {
--- a/modules/nixos/services/rke2/default.nix
+++ b/modules/nixos/services/rke2/default.nix
@ -27,6 +27,9 @@ in
      2381 # etcd Metrics Port
      10250 # kubelet metrics
      9099 # Canal CNI health checks
+
+      # MetalLB
+      7946 # memberlist
    ];

    networking.firewall.allowedUDPPorts = mkIf cfg.openFirewall [
@ -34,6 +37,9 @@ in
      8472 # Canal CNI with VXLAN
      # 51820 # Canal CNI with WireGuard IPv4 (if using encryption)
      # 51821 # Canal CNI with WireGuard IPv6 (if using encryption)
+
+      # MetalLB
+      7946 # memberlist
    ];
  };
 }