diff options
author | Alex Auvolat <alex@adnab.me> | 2023-04-18 12:14:13 +0200 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2023-10-18 12:03:11 +0200 |
commit | 7011b71fbd782e199417ce9afa44a8c220885b4a (patch) | |
tree | 4fc1acd135f3fbc415259f5fb6499afa78030934 /script/jepsen.garage/garage-cluster.nix | |
parent | a5e8ffeb63a193e5b0e020e4c014687e57f85c23 (diff) | |
download | garage-7011b71fbd782e199417ce9afa44a8c220885b4a.tar.gz garage-7011b71fbd782e199417ce9afa44a8c220885b4a.zip |
jepsen: wip
Diffstat (limited to 'script/jepsen.garage/garage-cluster.nix')
-rw-r--r-- | script/jepsen.garage/garage-cluster.nix | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/script/jepsen.garage/garage-cluster.nix b/script/jepsen.garage/garage-cluster.nix new file mode 100644 index 00000000..32fedc04 --- /dev/null +++ b/script/jepsen.garage/garage-cluster.nix @@ -0,0 +1,64 @@ +{ config, lib, pkgs, ... }: +let + unstable = import ./unstable.nix; + addressMap = + { + "n1" = { localAddress = "10.233.0.101"; hostAddress = "10.233.1.101"; }; + "n2" = { localAddress = "10.233.0.102"; hostAddress = "10.233.1.102"; }; + "n3" = { localAddress = "10.233.0.103"; hostAddress = "10.233.1.103"; }; + "n4" = { localAddress = "10.233.0.104"; hostAddress = "10.233.1.104"; }; + "n5" = { localAddress = "10.233.0.105"; hostAddress = "10.233.1.105"; }; + }; + toHostsEntry = name: { localAddress, ... }: "${localAddress} ${name}"; + extraHosts = + builtins.concatStringsSep "\n" + (lib.attrsets.mapAttrsToList toHostsEntry addressMap); + nodeConfig = hostName: { localAddress, hostAddress }: { + inherit localAddress hostAddress; + + ephemeral = true; + autoStart = true; + privateNetwork = true; + + config = { config, pkgs, ... }: + { + networking = { + inherit hostName extraHosts; + }; + + services.openssh = { + enable = true; + permitRootLogin = "yes"; + }; + users.users.root.initialPassword = "root"; + + system.stateVersion = "22.11"; + + services.garage = { + enable = true; + logLevel = "debug"; + settings.replication_mode = "3"; + }; + + # Workaround for nixos-container issue + # (see https://github.com/NixOS/nixpkgs/issues/67265 and + # https://github.com/NixOS/nixpkgs/pull/81371#issuecomment-605526099). + # The etcd service is of type "notify", which means that + # etcd would not be considered started until etcd is fully online; + # however, since NixOS container networking only works sometime *after* + # multi-user.target, we forgo etcd's notification entirely. + systemd.services.etcd.serviceConfig.Type = lib.mkForce "exec"; + + systemd.services.etcd.serviceConfig.StandardOutput = "file:/var/log/etcd.log"; + systemd.services.etcd.serviceConfig.StandardError = "file:/var/log/etcd.log"; + + networking.firewall.allowedTCPPorts = [ 2379 2380 ]; + }; + }; +in +{ + containers = lib.attrsets.mapAttrs nodeConfig addressMap; + networking = { + inherit extraHosts; + }; +} |