Moves setup files into embedded package.

internal/setup/cluster-services/coredns/README.md

@@ -0,0 +1,45 @@
+# CoreDNS
+
+- https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
+- https://github.com/kubernetes/dns/blob/master/docs/specification.md
+- https://coredns.io/
+
+CoreDNS has the `kubernetes` plugin, so it returns all k8s service endpoints in well-known format.
+
+All services and pods are registered in CoreDNS.
+
+- <service-name>.<namespace>.svc.cluster.local
+- <service-name>.<namespace>
+- <service-name> (if in the same namespace)
+
+- <pod-ipv4-address>.<namespace>.pod.cluster.local
+- <pod-ipv4-address>.<service-name>.<namespace>.svc.cluster.local
+
+Any query for a resource in the `internal.$DOMAIN` domain will be given the IP of the Traefik proxy. We expose the CoreDNS server in the LAN via MetalLB just for this capability.
+
+## Default CoreDNS Configuration
+
+This is the default CoreDNS configuration, for reference:
+
+```txt
+.:53 {
+    errors
+    health { lameduck 5s }
+    ready
+    log . { class error }
+    prometheus :9153
+    kubernetes cluster.local in-addr.arpa ip6.arpa {
+        pods insecure
+        fallthrough in-addr.arpa ip6.arpa
+        ttl 30
+    }
+    forward . /etc/resolv.conf { max_concurrent 1000 }
+    cache 30 {
+        disable success cluster.local
+        disable denial cluster.local
+    }
+    loop
+    reload
+    loadbalance
+}
+```

internal/setup/cluster-services/coredns/install.sh

@@ -0,0 +1,57 @@
+#!/bin/bash
+set -e
+set -o pipefail
+
+# Ensure WILD_INSTANCE is set
+if [ -z "${WILD_INSTANCE}" ]; then
+    echo "❌ ERROR: WILD_INSTANCE is not set"
+    exit 1
+fi
+
+# Ensure WILD_CENTRAL_DATA is set
+if [ -z "${WILD_CENTRAL_DATA}" ]; then
+    echo "❌ ERROR: WILD_CENTRAL_DATA is not set"
+    exit 1
+fi
+
+# Ensure KUBECONFIG is set
+if [ -z "${KUBECONFIG}" ]; then
+    echo "❌ ERROR: KUBECONFIG is not set"
+    exit 1
+fi
+
+INSTANCE_DIR="${WILD_CENTRAL_DATA}/instances/${WILD_INSTANCE}"
+CLUSTER_SETUP_DIR="${INSTANCE_DIR}/setup/cluster-services"
+COREDNS_DIR="${CLUSTER_SETUP_DIR}/coredns"
+
+echo "🔧 === Setting up CoreDNS ==="
+echo ""
+
+# Templates should already be compiled
+echo "📦 Using pre-compiled CoreDNS templates..."
+if [ ! -d "${COREDNS_DIR}/kustomize" ]; then
+    echo "❌ ERROR: Compiled templates not found at ${COREDNS_DIR}/kustomize"
+    echo "Templates should be compiled before deployment."
+    exit 1
+fi
+
+# Apply the custom DNS override
+# TODO: Is this needed now that we are no longer on k3s?
+echo "🚀 Applying CoreDNS custom override configuration..."
+kubectl apply -f "${COREDNS_DIR}/kustomize/coredns-custom-config.yaml"
+
+echo "🔄 Restarting CoreDNS pods to apply changes..."
+kubectl rollout restart deployment/coredns -n kube-system
+echo "⏳ Waiting for CoreDNS rollout to complete..."
+kubectl rollout status deployment/coredns -n kube-system
+
+echo ""
+echo "✅ CoreDNS configured successfully"
+echo ""
+echo "💡 To verify the installation:"
+echo "  kubectl get pods -n kube-system -l k8s-app=kube-dns"
+echo "  kubectl get svc -n kube-system coredns"
+echo "  kubectl describe svc -n kube-system coredns"
+echo ""
+echo "📋 To view CoreDNS logs:"
+echo "  kubectl logs -n kube-system -l k8s-app=kube-dns -f"

internal/setup/cluster-services/coredns/kustomize.template/coredns-custom-config.yaml

@@ -0,0 +1,28 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: coredns-custom
+  namespace: kube-system
+data:
+  # Custom server block for internal domains. All internal domains should
+  # resolve to the cluster proxy.
+  internal.server: |
+    {{ .cloud.internalDomain }} {
+      errors
+      cache 30
+      reload
+      template IN A {
+        match (.*)\.{{ .cloud.internalDomain | strings.ReplaceAll "." "\\." }}\.
+        answer "{{`{{ .Name }}`}} 60 IN A {{ .cluster.loadBalancerIp }}"
+      }
+      template IN AAAA {
+        match (.*)\.{{ .cloud.internalDomain | strings.ReplaceAll "." "\\." }}\.
+        rcode NXDOMAIN
+      }
+    }
+  # Custom override to set external resolvers.
+  external.override: |
+    forward . {{ .cloud.dns.externalResolver }} {
+      max_concurrent 1000
+    }

internal/setup/cluster-services/coredns/wild-manifest.yaml

@@ -0,0 +1,15 @@
+name: coredns
+description: DNS server for internal cluster DNS resolution
+namespace: kube-system
+category: infrastructure
+
+configReferences:
+  - cloud.internalDomain
+  - cluster.loadBalancerIp
+
+serviceConfig:
+  externalResolver:
+    path: cloud.dns.externalResolver
+    prompt: "Enter external DNS resolver"
+    default: "8.8.8.8"
+    type: string