mirror of
https://github.com/siderolabs/extensions.git
synced 2026-05-05 04:06:38 +02:00
daa3308984
gvisor: 20251208.0 Kata Containers: 3.24.0 nebula: 1.10.0 netbird: 0.60.8 newt: 1.7.0 NVIDIA Container Toolkit: 1.18.1 SOCI Snapshotter: 0.12.1 qemu-guest-agent: 10.1.3 tailscale: 1.92.3 Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Newt client
Newt is a fully user space WireGuard tunnel client and TCP/UDP proxy, designed to securely expose private resources controlled by Pangolin. By using Newt, you don't need to manage complex WireGuard tunnels and NATing. More info: https://github.com/fosrl/newt
Installation
Newt system extension can be installed by customising boot assets or after installation with the installer
You can use the following schematic file:
# newt-ext.yaml
customization:
systemExtensions:
officialExtensions:
- siderolabs/newt
Check documentation for install:
- https://www.talos.dev/latest/talos-guides/configuration/system-extensions/
- https://www.talos.dev/latest/talos-guides/install/boot-assets/
Usage
Configure the extension via ExtensionServiceConfig document.
# newt-config.yaml
---
apiVersion: v1alpha1
kind: ExtensionServiceConfig
name: newt
environment:
- PANGOLIN_ENDPOINT=https://example.com
- NEWT_ID=2ix2t8xk22ubpfy
- NEWT_SECRET=nnisrfsdfc7prqsp9ewo1dvtvci50j5uiqotez00dgap0ii2
Then apply the patch to your node's MachineConfigs
talosctl patch mc -p @newt-config.yaml
You will then be able to verify that it is in place with the following command
talosctl get extensionserviceconfigs
NODE NAMESPACE TYPE ID VERSION
mynode runtime ExtensionServiceConfig newt 1
Configuration
See all run parameters here (use environment variables): https://docs.fossorial.io/Newt/overview#cli-args