diff options
-rw-r--r-- | cluster/prod/app/garage/config/garage.toml | 6 | ||||
-rw-r--r-- | cluster/staging/app/core/deploy/d53.hcl | 4 | ||||
-rw-r--r-- | cluster/staging/app/garage/config/garage.toml | 6 | ||||
-rw-r--r-- | cluster/staging/app/garage/deploy/garage.hcl | 1 | ||||
-rw-r--r-- | nix/deuxfleurs.nix | 19 |
5 files changed, 22 insertions, 14 deletions
diff --git a/cluster/prod/app/garage/config/garage.toml b/cluster/prod/app/garage/config/garage.toml index 36daa5d..5b10707 100644 --- a/cluster/prod/app/garage/config/garage.toml +++ b/cluster/prod/app/garage/config/garage.toml @@ -6,8 +6,10 @@ db_engine = "lmdb" replication_mode = "3" -rpc_bind_addr = "[{{ env "meta.public_ipv6" }}]:3901" -rpc_public_addr = "[{{ env "meta.public_ipv6" }}]:3901" +{{ with $a := env "attr.unique.hostname" | printf "diplonat/autodiscovery/ipv6/%s" | key | parseJSON }} +rpc_bind_addr = "[{{ $a.address }}]:3901" +rpc_public_addr = "[{{ $a.address }}]:3901" +{{ end }} rpc_secret = "{{ key "secrets/garage/rpc_secret" | trimSpace }}" [consul_discovery] diff --git a/cluster/staging/app/core/deploy/d53.hcl b/cluster/staging/app/core/deploy/d53.hcl index 5d57eb3..fb1c1bf 100644 --- a/cluster/staging/app/core/deploy/d53.hcl +++ b/cluster/staging/app/core/deploy/d53.hcl @@ -11,7 +11,7 @@ job "core:d53" { config { packages = [ - "git+https://git.deuxfleurs.fr/lx/D53.git?ref=diplonat-autodiscovery&rev=d906a6ebb5d977f44340b157a520477849ced161" + "git+https://git.deuxfleurs.fr/lx/D53.git?ref=diplonat-autodiscovery&rev=49d94dae1d753c1f3349be7ea9bc7e7978c0af15" ] command = "d53" } @@ -52,7 +52,7 @@ D53_CONSUL_CLIENT_KEY=/etc/tricot/consul-client.key D53_PROVIDERS=deuxfleurs.org:gandi D53_GANDI_API_KEY={{ key "secrets/d53/gandi_api_key" }} D53_ALLOWED_DOMAINS=staging.deuxfleurs.org -RUST_LOG=d53=info +RUST_LOG=d53=debug EOH destination = "secrets/env" env = true diff --git a/cluster/staging/app/garage/config/garage.toml b/cluster/staging/app/garage/config/garage.toml index f14a602..26e0361 100644 --- a/cluster/staging/app/garage/config/garage.toml +++ b/cluster/staging/app/garage/config/garage.toml @@ -6,8 +6,10 @@ db_engine = "lmdb" replication_mode = "3" -rpc_bind_addr = "[{{ env "meta.public_ipv6" }}]:3991" -rpc_public_addr = "[{{ env "meta.public_ipv6" }}]:3991" +{{ with $a := env "attr.unique.hostname" | printf "diplonat/autodiscovery/ipv6/%s" | key | parseJSON }} +rpc_bind_addr = "[{{ $a.address }}]:3991" +rpc_public_addr = "[{{ $a.address }}]:3991" +{{ end }} rpc_secret = "{{ key "secrets/garage-staging/rpc_secret" | trimSpace }}" bootstrap_peers = [] diff --git a/cluster/staging/app/garage/deploy/garage.hcl b/cluster/staging/app/garage/deploy/garage.hcl index 6e37d82..1fc969b 100644 --- a/cluster/staging/app/garage/deploy/garage.hcl +++ b/cluster/staging/app/garage/deploy/garage.hcl @@ -25,6 +25,7 @@ job "garage-staging" { config { packages = [ "#bash", # so that we can enter a shell inside container + "#coreutils", "git+https://git.deuxfleurs.fr/Deuxfleurs/garage.git?ref=main&rev=0d0906b066eb76111f3b427dce1c50eac083366c", ] command = "garage" diff --git a/nix/deuxfleurs.nix b/nix/deuxfleurs.nix index 4423318..0f5c185 100644 --- a/nix/deuxfleurs.nix +++ b/nix/deuxfleurs.nix @@ -19,7 +19,7 @@ in }; staticIPv6.address = mkOption { description = "Static public IPv6 address of this node"; - type = str; + type = nullOr str; }; isRaftServer = mkOption { description = "Make this node a RAFT server for the Nomad and Consul deployments"; @@ -129,8 +129,10 @@ in clusterAddress = clusterNodeCfg.address; node_meta = { "site" = cfg.siteName; - "public_ipv6" = cfg.staticIPv6.address; } // + (if cfg.staticIPv6.address != null + then { "public_ipv6" = cfg.staticIPv6.address; } + else {}) // (if cfg.publicIPv4 != null then { "public_ipv4" = cfg.publicIPv4; } else {}) // @@ -156,11 +158,12 @@ in # IPv4 configuration is obtained by DHCP by default, # unless a static v4 address and default gateway are given noDHCP = cfg.staticIPv4.address != null && cfg.staticIPv4.defaultGateway != null; - # IPv6 configuration is obtained through router advertisements - # (RA), using a static token to ensure a static IPv6, - # unless defaultGateway is specified, in which case RAs are - # disabled entirely - noRA = cfg.staticIPv6.defaultGateway != null; + # IPv6 configuration is obtained through router advertisements (RA), + # possibly using a static token to ensure a static IPv6, + # unless a static v6 address and default gateway are given, + # in which case RAs are disabled entirely + noRA = cfg.staticIPv6.address != null && cfg.staticIPv6.defaultGateway != null; + staticV6 = cfg.staticIPv6.address != null; in { matchConfig.Name = "en* eth*"; @@ -189,7 +192,7 @@ in # Dynamic IPv6: only fetch default route, use static # address and no DNS servers - ipv6AcceptRAConfig.Token = mkIf (!noRA) "static:${cfg.staticIPv6.address}"; + ipv6AcceptRAConfig.Token = mkIf (!noRA && staticV6) "static:${cfg.staticIPv6.address}"; ipv6AcceptRAConfig.UseDNS = mkIf (!noRA) false; # Static IPv6: disable all router advertisements and |