diff --git a/files/rke-common/etc/NetworkManager/conf.d/rke2-canal.conf b/files/rke-common/etc/NetworkManager/conf.d/rke2-canal.conf
new file mode 100644
index 0000000..a046a90
--- /dev/null
+++ b/files/rke-common/etc/NetworkManager/conf.d/rke2-canal.conf
@@ -0,0 +1,2 @@
+[keyfile]
+unmanaged-devices=interface-name:flannel*;interface-name:cali*;interface-name:tunl*;interface-name:vxlan.calico;interface-name:vxlan-v6.calico;interface-name:wireguard.cali;interface-name:wg-v6.cali
diff --git a/files/rke-common/etc/firewalld/services/rke-common.xml b/files/rke-common/etc/firewalld/services/rke-common.xml
new file mode 100644
index 0000000..657bcb2
--- /dev/null
+++ b/files/rke-common/etc/firewalld/services/rke-common.xml
@@ -0,0 +1,16 @@
+
+
+ RKE Common
+ Common ports for RKE services.
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/files/rke_setup/etc/sudoers.d/99_rke2 b/files/rke-common/etc/sudoers.d/99_rke2
similarity index 100%
rename from files/rke_setup/etc/sudoers.d/99_rke2
rename to files/rke-common/etc/sudoers.d/99_rke2
diff --git a/files/rke_setup/usr/lib/systemd/system/create_rke_user.service b/files/rke-common/usr/lib/systemd/system/create_rke_user.service
similarity index 100%
rename from files/rke_setup/usr/lib/systemd/system/create_rke_user.service
rename to files/rke-common/usr/lib/systemd/system/create_rke_user.service
diff --git a/files/rke_setup/usr/libexec/rke2/create_rke_user.sh b/files/rke-common/usr/libexec/rke2/create_rke_user.sh
similarity index 91%
rename from files/rke_setup/usr/libexec/rke2/create_rke_user.sh
rename to files/rke-common/usr/libexec/rke2/create_rke_user.sh
index bc2b7c4..d85f2a2 100755
--- a/files/rke_setup/usr/libexec/rke2/create_rke_user.sh
+++ b/files/rke-common/usr/libexec/rke2/create_rke_user.sh
@@ -10,5 +10,6 @@ fi
# Add 'rke' to docker group
echo "Adding 'rke' to docker group"
usermod -aG docker rke
+usermod -aG systemd-journal rke
echo "Done"
diff --git a/files/rke_setup/usr/libexec/rke2/skel/.ssh/authorized_keys b/files/rke-common/usr/libexec/rke2/skel/.ssh/authorized_keys
similarity index 100%
rename from files/rke_setup/usr/libexec/rke2/skel/.ssh/authorized_keys
rename to files/rke-common/usr/libexec/rke2/skel/.ssh/authorized_keys
diff --git a/files/rke-server/etc/firewalld/services/rke-server.xml b/files/rke-server/etc/firewalld/services/rke-server.xml
new file mode 100644
index 0000000..9ba0838
--- /dev/null
+++ b/files/rke-server/etc/firewalld/services/rke-server.xml
@@ -0,0 +1,11 @@
+
+
+ RKE Server
+ Ports for RKE server services.
+
+
+
+
+
+
+
diff --git a/files/rke_setup/etc/firewalld/services/rke.xml b/files/rke_setup/etc/firewalld/services/rke.xml
deleted file mode 100644
index 662d740..0000000
--- a/files/rke_setup/etc/firewalld/services/rke.xml
+++ /dev/null
@@ -1,6 +0,0 @@
-
-
- RKE API
- Open port 6443 for Kubernetes API Server.
-
-
diff --git a/recipes/common/jp-minis.yml b/recipes/common/jp-minis.yml
index 136874c..20afcb8 100644
--- a/recipes/common/jp-minis.yml
+++ b/recipes/common/jp-minis.yml
@@ -26,7 +26,7 @@ modules:
- curl -sfL https://get.rke2.io | sh
- type: files
files:
- - source: rke_setup
+ - source: rke-common
destination: /
- type: systemd
system:
diff --git a/recipes/jp-minis-server.yml b/recipes/jp-minis-server.yml
index a00869f..382afd6 100644
--- a/recipes/jp-minis-server.yml
+++ b/recipes/jp-minis-server.yml
@@ -7,6 +7,10 @@ image-version: 42
description: The image of Wunker OS for JP's Minisforum PCs.
modules:
- from-file: common/jp-minis.yml
+ - type: files
+ files:
+ - source: rke-server
+ destination: /
- type: script
snippets:
- curl -sfL https://get.rke2.io | INSTALL_RKE2_SKIP_RELOAD=true sh