3 files changed, 24 insertions, 2 deletions

diff --git a/os/pc/configuration.nix b/os/pc/configuration.nix
index 50c4802..023fc30 100644
--- a/os/pc/configuration.nix
+++ b/os/pc/configuration.nix
@@ -16,7 +16,7 @@ in
     ./modules/network.nix
     ./modules/wayland.nix
     ./modules/nopolkit.nix
-    ./modules/work.nix
+    ./modules/work
     ./modules/firejail.nix
   ];
 
diff --git a/os/pc/modules/work.nix b/os/pc/modules/work/default.nix
index 58aa4e0..5124ade 100644
--- a/os/pc/modules/work.nix
+++ b/os/pc/modules/work/default.nix
@@ -25,13 +25,23 @@ in
     ];
   };
   services.k3s = {
-    gracefulNodeShutdown.enable = true;
     enable = true;
+    gracefulNodeShutdown.enable = true;
     clusterInit = true;
     role = "server";
     extraFlags = [
       "--write-kubeconfig-group users"
       "--write-kubeconfig-mode 0640"
+      # disabled because some wifi won't have IPv6 (2025 edition), and k3s fails on startup
+      # uncomment this to enble IPv6 ingress when humanity transcends
+      # "--cluster-cidr=10.42.0.0/16,fd12:b0d8:b00b::/56"
+      # "--service-cidr=10.43.0.0/16,fd12:b0d8:babe::/112"
+      # "--flannel-ipv6-masq"
     ];
+    manifests.traefik-daemonset = {
+      enable = true;
+      source = ./traefik-daemonset.yaml;
+      target = "traefik-daemonset.yaml";
+    };
   };
 }
diff --git a/os/pc/modules/work/traefik-daemonset.yaml b/os/pc/modules/work/traefik-daemonset.yaml
new file mode 100644
index 0000000..e90e9ec
--- /dev/null
+++ b/os/pc/modules/work/traefik-daemonset.yaml
@@ -0,0 +1,12 @@
+apiVersion: helm.cattle.io/v1
+kind: HelmChartConfig
+metadata:
+  name: traefik
+  namespace: kube-system
+spec:
+  valuesContent: |-
+    deployment:
+      kind: DaemonSet
+    service:
+      spec:
+        externalTrafficPolicy: Local