Modularize and prepare to support multiple clusters

8 files changed, 171 insertions, 0 deletions

diff --git a/cluster/staging/node/carcajou.nix b/cluster/staging/node/carcajou.nix
new file mode 100644
index 0000000..9ef88ad
--- /dev/null
+++ b/cluster/staging/node/carcajou.nix
@@ -0,0 +1,33 @@
+# Configuration file local to this node
+
+{ config, pkgs, ... }:
+
+{
+  # Use the systemd-boot EFI boot loader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.timeout = 20;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = "carcajou";
+
+  networking.interfaces.eno1.useDHCP = false;
+  networking.interfaces.eno1.ipv4.addresses = [
+    {
+      address = "192.168.1.22";
+      prefixLength = 24;
+    }
+  ];
+  networking.interfaces.eno1.ipv6.addresses = [
+    {
+      address = "2a01:e0a:c:a720::22";
+      prefixLength = 64;
+    }
+  ];
+
+  deuxfleurs.vpn_ip = "10.42.0.22";
+  deuxfleurs.vpn_listen_port = 33722;
+  deuxfleurs.is_raft_server = true;
+
+  # Enable netdata monitoring
+  services.netdata.enable = true;
+}
diff --git a/cluster/staging/node/carcajou.site.nix b/cluster/staging/node/carcajou.site.nix
new file mode 120000
index 0000000..04ee36c
--- /dev/null
+++ b/cluster/staging/node/carcajou.site.nix
@@ -0,0 +1 @@
+../site/neptune.nix
\ No newline at end of file
diff --git a/cluster/staging/node/cariacou.nix b/cluster/staging/node/cariacou.nix
new file mode 100644
index 0000000..7e999d3
--- /dev/null
+++ b/cluster/staging/node/cariacou.nix
@@ -0,0 +1,33 @@
+# Configuration file local to this node
+
+{ config, pkgs, ... }:
+
+{
+  # Use the systemd-boot EFI boot loader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.timeout = 20;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = "cariacou";
+
+  networking.interfaces.eno1.useDHCP = false;
+  networking.interfaces.eno1.ipv4.addresses = [
+    {
+      address = "192.168.1.21";
+      prefixLength = 24;
+    }
+  ];
+  networking.interfaces.eno1.ipv6.addresses = [
+    {
+      address = "2a01:e0a:c:a720::21";
+      prefixLength = 64;
+    }
+  ];
+
+  deuxfleurs.vpn_ip = "10.42.0.21";
+  deuxfleurs.vpn_listen_port = 33721;
+  deuxfleurs.is_raft_server = true;
+
+  # Enable netdata monitoring
+  services.netdata.enable = true;
+}
diff --git a/cluster/staging/node/cariacou.site.nix b/cluster/staging/node/cariacou.site.nix
new file mode 120000
index 0000000..04ee36c
--- /dev/null
+++ b/cluster/staging/node/cariacou.site.nix
@@ -0,0 +1 @@
+../site/neptune.nix
\ No newline at end of file
diff --git a/cluster/staging/node/caribou.nix b/cluster/staging/node/caribou.nix
new file mode 100644
index 0000000..474f3d3
--- /dev/null
+++ b/cluster/staging/node/caribou.nix
@@ -0,0 +1,33 @@
+# Configuration file local to this node
+
+{ config, pkgs, ... }:
+
+{
+  # Use the systemd-boot EFI boot loader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.timeout = 20;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = "caribou";
+
+  networking.interfaces.eno1.useDHCP = false;
+  networking.interfaces.eno1.ipv4.addresses = [
+    {
+      address = "192.168.1.23";
+      prefixLength = 24;
+    }
+  ];
+  networking.interfaces.eno1.ipv6.addresses = [
+    {
+      address = "2a01:e0a:c:a720::23";
+      prefixLength = 64;
+    }
+  ];
+
+  deuxfleurs.vpn_ip = "10.42.0.23";
+  deuxfleurs.vpn_listen_port = 33723;
+  deuxfleurs.is_raft_server = true;
+
+  # Enable netdata monitoring
+  services.netdata.enable = true;
+}
diff --git a/cluster/staging/node/caribou.site.nix b/cluster/staging/node/caribou.site.nix
new file mode 120000
index 0000000..04ee36c
--- /dev/null
+++ b/cluster/staging/node/caribou.site.nix
@@ -0,0 +1 @@
+../site/neptune.nix
\ No newline at end of file
diff --git a/cluster/staging/node/spoutnik.nix b/cluster/staging/node/spoutnik.nix
new file mode 100644
index 0000000..1554de9
--- /dev/null
+++ b/cluster/staging/node/spoutnik.nix
@@ -0,0 +1,68 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, ... }:
+
+{
+  boot.loader.grub.enable = true;
+  boot.loader.grub.version = 2;
+  boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
+
+  networking.hostName = "spoutnik";
+  services.openssh.ports = [ 220 ];
+
+  networking.interfaces.enp0s25.useDHCP = false;
+  networking.interfaces.enp0s25.ipv4.addresses = [
+    {
+      address = "192.168.0.40";
+      prefixLength = 24;
+    }
+  ];
+
+  networking.wireguard.interfaces.wg0 = {
+    ips = [ "10.42.0.2/16" ];
+    listenPort = 42136;
+  };
+
+  # Activate as Nomad and Consul server node
+  services.nomad.settings.server.enabled = true;
+  services.consul.extraConfig.server = true;
+
+  # Nginx configuration:
+
+  services.nginx = {
+    enable = true;
+
+    # Use recommended settings
+    recommendedGzipSettings = true;
+    recommendedOptimisation = true;
+    recommendedProxySettings = true;
+    recommendedTlsSettings = true;
+
+    # Add any further config to match your needs, e.g.:
+    virtualHosts = let
+      base = locations: {
+        inherit locations;
+
+        forceSSL = true;
+        enableACME = true;
+      };
+      proxy = addr: port: base {
+        "/".proxyPass = "http://" + addr + ":" + toString(port);
+      };
+    in {
+      "axl.deuxfleurs.fr" = proxy "192.168.0.60" 80;
+      "warez.luxeylab.net" = proxy "192.168.0.50" 80;
+    };
+  };
+
+
+  # ACME:
+
+  security.acme = {
+    acceptTerms = true;
+    email = "adrien@luxeylab.net";
+  };
+}
+
diff --git a/cluster/staging/node/spoutnik.site.nix b/cluster/staging/node/spoutnik.site.nix
new file mode 120000
index 0000000..87c7991
--- /dev/null
+++ b/cluster/staging/node/spoutnik.site.nix
@@ -0,0 +1 @@
+../site/pluton.nix
\ No newline at end of file