amend README

README.md

@@ -42,39 +42,49 @@ kubeseal --controller-namespace sealed-secrets -o yaml -n MYNS < ../../gitops-tb
 After installing k3s, do:
 
 ```
+# install Argo CD
+kubectl create ns argocd
 kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
+kubectl get pods -n argocd -l app.kubernetes.io/name=argocd-server -o name | cut -d'/' -f 2
+argocd login argocd-server
+
+# Restore Sealed Secrets secret key
+kubectl create ns sealed-secrets
+kubectl apply -f ../gitops-tbrnt-private/sealed-secrets/master-key.yaml
+
+# Instantiate Argo Root App
+kubectl apply -f _apps/apps.yaml
+
+# Let Argo CD do it's job
+argocd app sync apps
+argocd app sync sealed-secrets
+argocd app sync -l app.kubernetes.io/instance=apps
 ```
 
 TODO:
-* private key restore
-* initial app provisioning
-* ...
+* Restore PVCs via K8up
 
 ## k3s on Alpine
 
-* Install k3s: `apk add k3s cni-plugins iptables wireguard-virt wireguard-tools-wg`
-* Enable cgroups: `rc-update add cgroups default`
-* Adapt service file `/etc/init.d/k3s`:
+Prerequisits for installing k3s:
 
 ```
-#!/sbin/openrc-run
+apk add \
+  iptables \
+  wireguard-virt \
+  bash \
+  curl
+```
 
-export PATH=/usr/share/cni-plugins/bin:$PATH
+Installing via [k3sup](https://github.com/alexellis/k3sup):
 
-name="k3s"
-command="/usr/bin/k3s"
-command_args="$K3S_OPTS"
-command_background="yes"
-output_log="/var/log/k3s.log"
-error_log="/var/log/k3s.err"
-
-start_stop_daemon_args="server"
-pidfile="/run/k3s.pid"
-
-depend() {
-	need net
-	after firewall
-}
+```
+k3sup install \
+  --ip=185.95.218.11 \
+  --user=root \
+  --local-path=~/.kube/config_knurrli2 \
+  --sudo=false \
+  --k3s-extra-args='--tls-san knurrli.tobrunet.ch --cluster-cidr 10.44.0.0/16 --flannel-backend wireguard'
 ```
 
 Helpful links: