clusterName: noble
endpoint: https://192.168.50.230:6443
talosVersion: v1.12.5
kubernetesVersion: v1.31.1
allowSchedulingOnControlPlanes: true

# kube-vip fronts the Kubernetes API at this IP (see clusters/noble/apps/kube-vip).
# Without these SANs, TLS to https://192.168.50.230:6443 fails (cert does not match).
# Talos API (talosctl -e) also uses endpoint; include VIP in machine cert SANs.
additionalApiServerCertSans:
  - 192.168.50.230
  - kube.noble.lab.pcenicni.dev

additionalMachineCertSans:
  - 192.168.50.230

# Use Cilium installed via GitOps (no bundled Talos CNI).
cniConfig:
  name: none

clusterPodNets:
  - 10.244.0.0/16
clusterSvcNets:
  - 10.96.0.0/12

# Secondary disk on every node (OS stays on installDisk: /dev/sda).
# Mount matches Longhorn defaultDataPath in clusters/noble/apps/longhorn/application.yaml.
patches:
  - |-
    machine:
      disks:
        - device: /dev/sdb
          partitions:
            - mountpoint: /var/mnt/longhorn

nodes:
  - hostname: noble-cp-1
    ipAddress: 192.168.50.20
    controlPlane: true
    installDisk: /dev/sda

  - hostname: noble-cp-2
    ipAddress: 192.168.50.30
    controlPlane: true
    installDisk: /dev/sda

  - hostname: noble-cp-3
    ipAddress: 192.168.50.40
    controlPlane: true
    installDisk: /dev/sda

  - hostname: noble-worker-1
    ipAddress: 192.168.50.10
    controlPlane: false
    installDisk: /dev/sda