Settle on v1 setup method. Test run completed successfully from bootstrap to service setup.

- Refactor dnsmasq configuration and scripts for improved variable handling and clarity
- Updated dnsmasq configuration files to use direct variable references instead of data source functions for better readability.
- Modified setup scripts to ensure they are run from the correct environment and directory, checking for the WC_HOME variable.
- Changed paths in README and scripts to reflect the new directory structure.
- Enhanced error handling in setup scripts to provide clearer guidance on required configurations.
- Adjusted kernel and initramfs URLs in boot.ipxe to use the updated variable references.

my-scaffold/.env.example

@@ -1,2 +0,0 @@
-KUBECONFIG=~/.kube/config
-export KUBECONFIG

my-scaffold/.gitignore

@@ -1,4 +1,6 @@
 secrets.yaml
 .wildcloud/cache
 .bots/*/sessions
-backup/
+backup/
+.working
+.claude

my-scaffold/config.example.yaml

@@ -1,6 +1,5 @@
 wildcloud:
-  # You can also use a local path for the repository such as /home/adam/repos/wild-cloud
-  repository: https://github.com/payneio/wild-cloud
+  repository: /home/adam/wildcloud
 operator:
   email: adam@adam.tld
 cloud:
@@ -17,15 +16,40 @@ cloud:
     storageCapacity: 250Gi
   dns:
     ip: 192.168.8.218
+    externalResolver: 1.1.1.1
   dhcpRange: 192.168.8.100,192.168.8.239
-  dnsmasqInterface: enp5s0
+  dnsmasq:
+    interface: enp5s0
+    username: adam
 cluster:
-  endpoint: computer-01
-  endpointIp: 192.168.8.241
+  nodes:
+    talos:
+      version: v1.10.3
+    schematic:
+      customization:
+        extraKernelArgs:
+          - -talos.halt_if_installed
+        systemExtensions:
+          officialExtensions:
+            - siderolabs/gvisor
+            - siderolabs/intel-ucode
+            - siderolabs/iscsi-tools
+            - siderolabs/util-linux-tools
+      schematicId: TBD
+    control:
+      vip: 192.168.8.30
+      node1:
+        ip: 192.168.8.31
+      node2:
+        ip: 192.168.8.32
+      node3:
+        ip: 192.168.8.33
+  name: adam-cluster
+  ipaddressPool: 192.168.8.20-192.168.8.29
+  loadBalancerIp: 192.168.8.20
   kubernetes:
     config: /home/adam/.kube/config
     context: default
-  loadBalancerRange: 192.168.8.240-192.168.8.250
   dashboard:
     adminUsername: admin
   certManager:
@@ -33,6 +57,7 @@ cluster:
     cloudflare:
       domain: adam.tld
       ownerId: cloud-adam-cluster
-  nodes:
-    talos:
-      version: v1.10.3
+  externalDns:
+    ownerId: cloud-adam-cluster
+  dockerRegistry:
+    storage: 10Gi

my-scaffold/docs/node-setup.md

@@ -0,0 +1,246 @@
+# Node Setup Guide
+
+This guide covers setting up Talos Linux nodes for your Kubernetes cluster using USB boot.
+
+## Overview
+
+There are two main approaches for booting Talos nodes:
+
+1. **USB Boot** (covered here) - Boot from a custom USB drive with system extensions
+2. **PXE Boot** - Network boot using dnsmasq setup (see `setup/dnsmasq/README.md`)
+
+## USB Boot Setup
+
+### Prerequisites
+
+- Target hardware for Kubernetes nodes
+- USB drive (8GB+ recommended)
+- Admin access to create bootable USB drives
+
+### Step 1: Upload Schematic and Download Custom Talos ISO
+
+First, upload the system extensions schematic to Talos Image Factory, then download the custom ISO.
+
+```bash
+# Upload schematic configuration to get schematic ID
+wild-talos-schema
+
+# Download custom ISO with system extensions
+wild-talos-iso
+```
+
+The custom ISO includes system extensions (iscsi-tools, util-linux-tools, intel-ucode, gvisor) needed for the cluster and is saved to `.wildcloud/iso/talos-v1.10.3-metal-amd64.iso`.
+
+### Step 2: Create Bootable USB Drive
+
+#### Linux (Recommended)
+
+```bash
+# Find your USB device (be careful to select the right device!)
+lsblk
+sudo dmesg | tail  # Check for recently connected USB devices
+
+# Create bootable USB (replace /dev/sdX with your USB device)
+sudo dd if=.wildcloud/iso/talos-v1.10.3-metal-amd64.iso of=/dev/sdX bs=4M status=progress sync
+
+# Verify the write completed
+sync
+```
+
+**⚠️ Warning**: Double-check the device path (`/dev/sdX`). Writing to the wrong device will destroy data!
+
+#### macOS
+
+```bash
+# Find your USB device
+diskutil list
+
+# Unmount the USB drive (replace diskX with your USB device)
+diskutil unmountDisk /dev/diskX
+
+# Create bootable USB
+sudo dd if=.wildcloud/iso/talos-v1.10.3-metal-amd64.iso of=/dev/rdiskX bs=4m
+
+# Eject when complete
+diskutil eject /dev/diskX
+```
+
+#### Windows
+
+Use one of these tools:
+
+1. **Rufus** (Recommended)
+
+   - Download from https://rufus.ie/
+   - Select the Talos ISO file
+   - Choose your USB drive
+   - Use "DD Image" mode
+   - Click "START"
+
+2. **Balena Etcher**
+
+   - Download from https://www.balena.io/etcher/
+   - Flash from file → Select Talos ISO
+   - Select target USB drive
+   - Flash!
+
+3. **Command Line** (Windows 10/11)
+
+   ```cmd
+   # List disks to find USB drive number
+   diskpart
+   list disk
+   exit
+
+   # Write ISO (replace X with your USB disk number)
+   dd if=.wildcloud\iso\talos-v1.10.3-metal-amd64.iso of=\\.\PhysicalDriveX bs=4M --progress
+   ```
+
+### Step 3: Boot Target Machine
+
+1. **Insert USB** into target machine
+2. **Boot from USB**:
+   - Restart machine and enter BIOS/UEFI (usually F2, F12, DEL, or ESC during startup)
+   - Change boot order to prioritize USB drive
+   - Or use one-time boot menu (usually F12)
+3. **Talos will boot** in maintenance mode with a DHCP IP
+
+### Step 4: Hardware Detection and Configuration
+
+Once the machine boots, it will be in maintenance mode with a DHCP IP address.
+
+```bash
+# Find the node's maintenance IP (check your router/DHCP server)
+# Then detect hardware and register the node
+cd setup/cluster-nodes
+./detect-node-hardware.sh <maintenance-ip> <node-number>
+
+# Example: Node got DHCP IP 192.168.8.150, registering as node 1
+./detect-node-hardware.sh 192.168.8.150 1
+```
+
+This script will:
+
+- Discover network interface names (e.g., `enp4s0`)
+- List available disks for installation
+- Update `config.yaml` with node-specific hardware settings
+
+### Step 5: Generate and Apply Configuration
+
+```bash
+# Generate machine configurations with detected hardware
+./generate-machine-configs.sh
+
+# Apply configuration (node will reboot with static IP)
+talosctl apply-config --insecure -n <maintenance-ip> --file final/controlplane-node-<number>.yaml
+
+# Example:
+talosctl apply-config --insecure -n 192.168.8.150 --file final/controlplane-node-1.yaml
+```
+
+### Step 6: Verify Installation
+
+After reboot, the node should come up with its assigned static IP:
+
+```bash
+# Check connectivity (node 1 should be at 192.168.8.31)
+ping 192.168.8.31
+
+# Verify system extensions are installed
+talosctl -e 192.168.8.31 -n 192.168.8.31 get extensions
+
+# Check for iscsi tools
+talosctl -e 192.168.8.31 -n 192.168.8.31 list /usr/local/bin/ | grep iscsi
+```
+
+## Repeat for Additional Nodes
+
+For each additional control plane node:
+
+1. Boot with the same USB drive
+2. Run hardware detection with the new maintenance IP and node number
+3. Generate and apply configurations
+4. Verify the node comes up at its static IP
+
+Example for node 2:
+
+```bash
+./detect-node-hardware.sh 192.168.8.151 2
+./generate-machine-configs.sh
+talosctl apply-config --insecure -n 192.168.8.151 --file final/controlplane-node-2.yaml
+```
+
+## Cluster Bootstrap
+
+Once all control plane nodes are configured:
+
+```bash
+# Bootstrap the cluster using the VIP
+talosctl bootstrap -n 192.168.8.30
+
+# Get kubeconfig
+talosctl kubeconfig
+
+# Verify cluster
+kubectl get nodes
+```
+
+## Troubleshooting
+
+### USB Boot Issues
+
+- **Machine won't boot from USB**: Check BIOS boot order, disable Secure Boot if needed
+- **Talos doesn't start**: Verify ISO was written correctly, try re-creating USB
+- **Network issues**: Ensure DHCP is available on your network
+
+### Hardware Detection Issues
+
+- **Node not accessible**: Check IP assignment, firewall settings
+- **Wrong interface detected**: Manual override in `config.yaml` if needed
+- **Disk not found**: Verify disk size (must be >10GB), check disk health
+
+### Installation Issues
+
+- **Static IP not assigned**: Check network configuration in machine config
+- **Extensions not installed**: Verify ISO includes extensions, check upgrade logs
+- **Node won't join cluster**: Check certificates, network connectivity to VIP
+
+### Checking Logs
+
+```bash
+# View system logs
+talosctl -e <node-ip> -n <node-ip> logs machined
+
+# Check kernel messages
+talosctl -e <node-ip> -n <node-ip> dmesg
+
+# Monitor services
+talosctl -e <node-ip> -n <node-ip> get services
+```
+
+## System Extensions Included
+
+The custom ISO includes these extensions:
+
+- **siderolabs/iscsi-tools**: iSCSI initiator tools for persistent storage
+- **siderolabs/util-linux-tools**: Utility tools including fstrim for storage
+- **siderolabs/intel-ucode**: Intel CPU microcode updates (harmless on AMD)
+- **siderolabs/gvisor**: Container runtime sandbox (optional security enhancement)
+
+These extensions enable:
+
+- Longhorn distributed storage
+- Improved security isolation
+- CPU microcode updates
+- Storage optimization tools
+
+## Next Steps
+
+After all nodes are configured:
+
+1. **Install CNI**: Deploy a Container Network Interface (Cilium, Calico, etc.)
+2. **Install CSI**: Deploy Container Storage Interface (Longhorn for persistent storage)
+3. **Deploy workloads**: Your applications and services
+4. **Monitor cluster**: Set up monitoring and logging
+
+See the main project documentation for application deployment guides.

my-scaffold/env.sh

@@ -0,0 +1,49 @@
+#!/bin/bash
+
+# Set the WC_HOME environment variable to this script's directory.
+# This variable is used consistently across the Wild Config scripts.
+export WC_HOME="$(cd "$(dirname "$(readlink -f "${BASH_SOURCE[0]}")")" && pwd)"
+
+# Add bin to path first so wild-config is available
+export PATH="$WC_HOME/bin:$PATH"
+
+# Install kubectl
+if ! command -v kubectl &> /dev/null; then
+    echo "Error: kubectl is not installed. Installing."
+    curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
+    curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl.sha256"
+    echo "$(cat kubectl.sha256)  kubectl" | sha256sum --check
+    sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
+fi
+
+# Install talosctl
+if ! command -v talosctl &> /dev/null; then
+    echo "Error: talosctl is not installed. Installing."
+    curl -sL https://talos.dev/install | sh
+fi
+
+
+# Check if gomplate is installed
+if ! command -v gomplate &> /dev/null; then
+    echo "Error: gomplate is not installed. Please install gomplate first."
+    echo "Visit: https://docs.gomplate.ca/installing/"
+    exit 1
+fi
+
+KUBECONFIG=~/.kube/config
+export KUBECONFIG
+
+# Use cluster name as both talos and kubectl context name
+CLUSTER_NAME=$(wild-config cluster.name)
+if [ -z "${CLUSTER_NAME}" ] || [ "${CLUSTER_NAME}" = "null" ]; then
+    echo "Error: cluster.name not set in config.yaml"
+    exit 1
+fi
+
+# Only try to use the kubectl context if it exists
+if kubectl config get-contexts "${CLUSTER_NAME}" >/dev/null 2>&1; then
+    kubectl config use-context "${CLUSTER_NAME}"
+    echo "Using Kubernetes context: ${CLUSTER_NAME}"
+# else
+#     echo "Kubernetes context '${CLUSTER_NAME}' not found, skipping context switch"
+fi