From b3dbe0c0dcc0c6b6ff1f898b5fcd3173c5ecf45e Mon Sep 17 00:00:00 2001
From: Viktor Barzin <vbarzin@gmail.com>
Date: Sun, 17 Sep 2023 22:00:36 +0000
Subject: [PATCH] remove allowed users; configure magic dns and dns servers to
 advertise; set prometheus monitoring annotations[ci skip]

---
 modules/kubernetes/headscale/config.yaml | 7 ++++---
 upgrade-k8s.sh                           | 6 ++++++
 2 files changed, 10 insertions(+), 3 deletions(-)
 create mode 100644 upgrade-k8s.sh

diff --git a/modules/kubernetes/headscale/config.yaml b/modules/kubernetes/headscale/config.yaml
index f3ea6340..9f15d229 100644
--- a/modules/kubernetes/headscale/config.yaml
+++ b/modules/kubernetes/headscale/config.yaml
@@ -210,7 +210,8 @@ dns_config:
 
   # List of DNS servers to expose to clients.
   nameservers:
-    - 1.1.1.1
+    - "10.0.20.101"
+    - "1.1.1.1"
 
   # NextDNS (see https://tailscale.com/kb/1218/nextdns/).
   # "abc123" is example NextDNS ID, replace with yours.
@@ -235,7 +236,7 @@ dns_config:
   #     - 8.8.8.8
 
   # Search domains to inject.
-  domains: []
+  domains: ["viktorbarzin.lan"]
 
   # Extra DNS records
   # so far only A-records are supported (on the tailscale side)
@@ -256,7 +257,7 @@ dns_config:
   # `base_domain` must be a FQDNs, without the trailing dot.
   # The FQDN of the hosts will be
   # `hostname.user.base_domain` (e.g., _myhost.myuser.example.com_).
-  base_domain: example.com
+  base_domain: viktorbarzin.lan
 
 # Unix socket used for the CLI to connect without authentication
 # Note: for production you will want to set this to something like:
diff --git a/upgrade-k8s.sh b/upgrade-k8s.sh
new file mode 100644
index 00000000..f1d69916
--- /dev/null
+++ b/upgrade-k8s.sh
@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+
+VERSION=$1
+
+sudo apt update
+sudo apt upgrade kubeadm=$1