aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2023-04-21 14:36:10 +0200
committerAlex Auvolat <alex@adnab.me>2023-04-21 14:36:10 +0200
commit607add3161f9a465fc061cfd3a5434aa4dbd4796 (patch)
tree516a0406ec8aa76ba8ebbdaac4ea245003bc402e
parentc4598bd84fa000ea1631bab8d67a0c8f1929141c (diff)
downloadnixcfg-607add3161f9a465fc061cfd3a5434aa4dbd4796.tar.gz
nixcfg-607add3161f9a465fc061cfd3a5434aa4dbd4796.zip
make specifying an ipv6 fully optionnal
-rw-r--r--cluster/prod/app/garage/config/garage.toml6
-rw-r--r--cluster/staging/app/core/deploy/d53.hcl4
-rw-r--r--cluster/staging/app/garage/config/garage.toml6
-rw-r--r--cluster/staging/app/garage/deploy/garage.hcl1
-rw-r--r--nix/deuxfleurs.nix19
5 files changed, 22 insertions, 14 deletions
diff --git a/cluster/prod/app/garage/config/garage.toml b/cluster/prod/app/garage/config/garage.toml
index 36daa5d..5b10707 100644
--- a/cluster/prod/app/garage/config/garage.toml
+++ b/cluster/prod/app/garage/config/garage.toml
@@ -6,8 +6,10 @@ db_engine = "lmdb"
replication_mode = "3"
-rpc_bind_addr = "[{{ env "meta.public_ipv6" }}]:3901"
-rpc_public_addr = "[{{ env "meta.public_ipv6" }}]:3901"
+{{ with $a := env "attr.unique.hostname" | printf "diplonat/autodiscovery/ipv6/%s" | key | parseJSON }}
+rpc_bind_addr = "[{{ $a.address }}]:3901"
+rpc_public_addr = "[{{ $a.address }}]:3901"
+{{ end }}
rpc_secret = "{{ key "secrets/garage/rpc_secret" | trimSpace }}"
[consul_discovery]
diff --git a/cluster/staging/app/core/deploy/d53.hcl b/cluster/staging/app/core/deploy/d53.hcl
index 5d57eb3..fb1c1bf 100644
--- a/cluster/staging/app/core/deploy/d53.hcl
+++ b/cluster/staging/app/core/deploy/d53.hcl
@@ -11,7 +11,7 @@ job "core:d53" {
config {
packages = [
- "git+https://git.deuxfleurs.fr/lx/D53.git?ref=diplonat-autodiscovery&rev=d906a6ebb5d977f44340b157a520477849ced161"
+ "git+https://git.deuxfleurs.fr/lx/D53.git?ref=diplonat-autodiscovery&rev=49d94dae1d753c1f3349be7ea9bc7e7978c0af15"
]
command = "d53"
}
@@ -52,7 +52,7 @@ D53_CONSUL_CLIENT_KEY=/etc/tricot/consul-client.key
D53_PROVIDERS=deuxfleurs.org:gandi
D53_GANDI_API_KEY={{ key "secrets/d53/gandi_api_key" }}
D53_ALLOWED_DOMAINS=staging.deuxfleurs.org
-RUST_LOG=d53=info
+RUST_LOG=d53=debug
EOH
destination = "secrets/env"
env = true
diff --git a/cluster/staging/app/garage/config/garage.toml b/cluster/staging/app/garage/config/garage.toml
index f14a602..26e0361 100644
--- a/cluster/staging/app/garage/config/garage.toml
+++ b/cluster/staging/app/garage/config/garage.toml
@@ -6,8 +6,10 @@ db_engine = "lmdb"
replication_mode = "3"
-rpc_bind_addr = "[{{ env "meta.public_ipv6" }}]:3991"
-rpc_public_addr = "[{{ env "meta.public_ipv6" }}]:3991"
+{{ with $a := env "attr.unique.hostname" | printf "diplonat/autodiscovery/ipv6/%s" | key | parseJSON }}
+rpc_bind_addr = "[{{ $a.address }}]:3991"
+rpc_public_addr = "[{{ $a.address }}]:3991"
+{{ end }}
rpc_secret = "{{ key "secrets/garage-staging/rpc_secret" | trimSpace }}"
bootstrap_peers = []
diff --git a/cluster/staging/app/garage/deploy/garage.hcl b/cluster/staging/app/garage/deploy/garage.hcl
index 6e37d82..1fc969b 100644
--- a/cluster/staging/app/garage/deploy/garage.hcl
+++ b/cluster/staging/app/garage/deploy/garage.hcl
@@ -25,6 +25,7 @@ job "garage-staging" {
config {
packages = [
"#bash", # so that we can enter a shell inside container
+ "#coreutils",
"git+https://git.deuxfleurs.fr/Deuxfleurs/garage.git?ref=main&rev=0d0906b066eb76111f3b427dce1c50eac083366c",
]
command = "garage"
diff --git a/nix/deuxfleurs.nix b/nix/deuxfleurs.nix
index 4423318..0f5c185 100644
--- a/nix/deuxfleurs.nix
+++ b/nix/deuxfleurs.nix
@@ -19,7 +19,7 @@ in
};
staticIPv6.address = mkOption {
description = "Static public IPv6 address of this node";
- type = str;
+ type = nullOr str;
};
isRaftServer = mkOption {
description = "Make this node a RAFT server for the Nomad and Consul deployments";
@@ -129,8 +129,10 @@ in
clusterAddress = clusterNodeCfg.address;
node_meta = {
"site" = cfg.siteName;
- "public_ipv6" = cfg.staticIPv6.address;
} //
+ (if cfg.staticIPv6.address != null
+ then { "public_ipv6" = cfg.staticIPv6.address; }
+ else {}) //
(if cfg.publicIPv4 != null
then { "public_ipv4" = cfg.publicIPv4; }
else {}) //
@@ -156,11 +158,12 @@ in
# IPv4 configuration is obtained by DHCP by default,
# unless a static v4 address and default gateway are given
noDHCP = cfg.staticIPv4.address != null && cfg.staticIPv4.defaultGateway != null;
- # IPv6 configuration is obtained through router advertisements
- # (RA), using a static token to ensure a static IPv6,
- # unless defaultGateway is specified, in which case RAs are
- # disabled entirely
- noRA = cfg.staticIPv6.defaultGateway != null;
+ # IPv6 configuration is obtained through router advertisements (RA),
+ # possibly using a static token to ensure a static IPv6,
+ # unless a static v6 address and default gateway are given,
+ # in which case RAs are disabled entirely
+ noRA = cfg.staticIPv6.address != null && cfg.staticIPv6.defaultGateway != null;
+ staticV6 = cfg.staticIPv6.address != null;
in
{
matchConfig.Name = "en* eth*";
@@ -189,7 +192,7 @@ in
# Dynamic IPv6: only fetch default route, use static
# address and no DNS servers
- ipv6AcceptRAConfig.Token = mkIf (!noRA) "static:${cfg.staticIPv6.address}";
+ ipv6AcceptRAConfig.Token = mkIf (!noRA && staticV6) "static:${cfg.staticIPv6.address}";
ipv6AcceptRAConfig.UseDNS = mkIf (!noRA) false;
# Static IPv6: disable all router advertisements and