From f8913781acabaaed7a50f563c43d806fcefa0448 Mon Sep 17 00:00:00 2001
From: jonas <jonas.forsberg@suse.com>
Date: Thu, 18 Nov 2021 13:59:40 +0100
Subject: [PATCH] .

---
 doc/notes.md                                       | 11 +++++++++++
 salt/pillars/packages.sls                          |  1 +
 salt/states/firewalld/init.sls                     |  2 ++
 salt/states/rancher/files/rancher-proxy.conf.jinja | 10 +++++++---
 4 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/doc/notes.md b/doc/notes.md
index 8ae0c22..4e31db5 100644
--- a/doc/notes.md
+++ b/doc/notes.md
@@ -16,6 +16,17 @@ mount -o remount,rw $(blkid -L COS_STATE) /run/initramfs/cos-state
 vim /run/initramfs/cos-state/grub2/grub.cfg
 ```
 
+## Rancher server is logging error syncing nodename
+The rancher server is logging the following for every node, repeatedly 
+```
+2021/11/10 08:40:57 [ERROR] error syncing 'node2': handler machine-worker-label: machines.cluster.x-k8s.io "custom-9cebcaf1ae85" not found, requeuing
+```
+
+tag all nodes in the harvester cluster as worker nodes
+```
+kubectl label node node1 node-role.kubernetes.io/worker=true
+```
+
 # podman
 Proplem:
 ```
diff --git a/salt/pillars/packages.sls b/salt/pillars/packages.sls
index 557f1f9..0ef2522 100644
--- a/salt/pillars/packages.sls
+++ b/salt/pillars/packages.sls
@@ -2,3 +2,4 @@ packages:
   - vim
   - jq
   - htop
+  - terminator
diff --git a/salt/states/firewalld/init.sls b/salt/states/firewalld/init.sls
index 11bb84e..02d4a04 100644
--- a/salt/states/firewalld/init.sls
+++ b/salt/states/firewalld/init.sls
@@ -52,6 +52,8 @@ Configure firewalld for internal network:
       - dns
       - ntp
       - registry
+      - nfs
+      - nfs3
 
 Configure firewalld for public networks:
   firewalld.present:
diff --git a/salt/states/rancher/files/rancher-proxy.conf.jinja b/salt/states/rancher/files/rancher-proxy.conf.jinja
index 1921bef..02cdcfa 100644
--- a/salt/states/rancher/files/rancher-proxy.conf.jinja
+++ b/salt/states/rancher/files/rancher-proxy.conf.jinja
@@ -9,9 +9,10 @@ server {
     ssl_certificate     /etc/rancher/ssl/rancher-server.crt;
     ssl_certificate_key /etc/rancher/ssl/rancher-server.key;
     location /{ 
-        proxy_pass https://localhost:9443;
-	proxy_ssl_trusted_certificate /etc/rancher/ssl/rancher-server.crt;
+        proxy_pass https://172.18.0.1:9080;
         proxy_http_version 1.1;
+	proxy_read_timeout 3600;
+        proxy_set_header X-API-request-url $scheme://$host:$server_port$request_uri;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection $connection_upgrade;
         proxy_set_header Host $host;
@@ -19,7 +20,10 @@ server {
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
         proxy_set_header X-Forwarded-Port $server_port;
-
+        proxy_set_header X-Forwarded-Host $host:$server_port;
+        proxy_set_header Referer $host:$server_port;
+        proxy_buffering off;
+        proxy_redirect off;
     }
 }