From 96566ae523934f5a37b8d7c2a9ef928cd5c0d098 Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Fri, 24 Mar 2023 15:26:39 +0100 Subject: refactor configuration syntax --- cluster/staging/cluster.nix | 70 ++++++++++++++++++--------------------- cluster/staging/node/carcajou.nix | 7 ++-- cluster/staging/node/caribou.nix | 9 ++--- cluster/staging/node/df-pw5.nix | 8 ++--- cluster/staging/node/origan.nix | 9 ++--- cluster/staging/node/piranha.nix | 9 ++--- cluster/staging/site/bespin.nix | 4 +-- cluster/staging/site/corrin.nix | 6 ++-- cluster/staging/site/jupiter.nix | 7 ++-- cluster/staging/site/neptune.nix | 8 ++--- 10 files changed, 54 insertions(+), 83 deletions(-) (limited to 'cluster') diff --git a/cluster/staging/cluster.nix b/cluster/staging/cluster.nix index cf30d6e..56ca904 100644 --- a/cluster/staging/cluster.nix +++ b/cluster/staging/cluster.nix @@ -1,49 +1,43 @@ { config, pkgs, ... } @ args: { - deuxfleurs.cluster_name = "staging"; + deuxfleurs.clusterName = "staging"; # The IP range to use for the Wireguard overlay of this cluster - deuxfleurs.cluster_prefix = "10.14.0.0"; - deuxfleurs.cluster_prefix_length = 16; + deuxfleurs.clusterPrefix = "10.14.0.0/16"; - deuxfleurs.cluster_nodes = [ - { - hostname = "carcajou"; - site_name = "neptune"; + deuxfleurs.clusterNodes = { + "carcajou" = { + siteName = "neptune"; publicKey = "7Nm7pMmyS7Nts1MB+loyD8u84ODxHPTkDu+uqQR6yDk="; - IP = "10.14.1.2"; + address = "10.14.1.2"; endpoint = "77.207.15.215:33722"; - } - { - hostname = "caribou"; - site_name = "neptune"; + }; + "caribou" = { + siteName = "neptune"; publicKey = "lABn/axzD1jkFulX8c+K3B3CbKXORlIMDDoe8sQVxhs="; - IP = "10.14.1.3"; + address = "10.14.1.3"; endpoint = "77.207.15.215:33723"; - } - { - hostname = "origan"; - site_name = "jupiter"; + }; + "origan" = { + siteName = "jupiter"; publicKey = "smBQYUS60JDkNoqkTT7TgbpqFiM43005fcrT6472llI="; - IP = "10.14.2.33"; + address = "10.14.2.33"; endpoint = "82.64.238.84:33733"; - } - { - hostname = "piranha"; - site_name = "corrin"; + }; + "piranha" = { + siteName = "corrin"; publicKey = "m9rLf+233X1VColmeVrM/xfDGro5W6Gk5N0zqcf32WY="; - IP = "10.14.3.1"; + address = "10.14.3.1"; #endpoint = "82.120.233.78:33721"; - } - { - hostname = "df-pw5"; - site_name = "bespin"; + }; + "df-pw5" = { + siteName = "bespin"; publicKey = "XLOYoMXF+PO4jcgfSVAk+thh4VmWx0wzWnb0xs08G1s="; - IP = "10.14.4.1"; + address = "10.14.4.1"; endpoint = "bitfrost.fiber.shirokumo.net:33734"; - } - ]; + }; + }; services.wgautomesh.logLevel = "debug"; # Bootstrap IPs for Consul cluster, @@ -54,7 +48,7 @@ "10.14.1.3" # caribou ]; - deuxfleurs.admin_accounts = { + deuxfleurs.adminAccounts = { lx = [ # Keys for accessing nodes from outside "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJpaBZdYxHqMxhv2RExAOa7nkKhPBOHupMP3mYaZ73w9 lx@lindy" @@ -142,16 +136,16 @@ enable = true; port = substituter_port; openFirewall = false; - bindAddress = config.deuxfleurs.cluster_ip; + bindAddress = "0.0.0.0"; package = pkgs.haskellPackages.nix-serve-ng; }; nix.settings.substituters = map - ({ IP, ... }: "http://${IP}:${builtins.toString substituter_port}") - (builtins.filter - ({ site_name, IP, ...}: - (IP != config.deuxfleurs.cluster_ip - && site_name == config.deuxfleurs.site_name)) - config.deuxfleurs.cluster_nodes); + ({ address, ... }: "http://${address}:${builtins.toString substituter_port}") + (builtins.attrValues (pkgs.lib.filterAttrs + (hostname: { siteName, ...}: + (hostname != config.deuxfleurs.hostName + && siteName == config.deuxfleurs.siteName)) + config.deuxfleurs.clusterNodes)); }) ]; } diff --git a/cluster/staging/node/carcajou.nix b/cluster/staging/node/carcajou.nix index 5822f49..e6c1653 100644 --- a/cluster/staging/node/carcajou.nix +++ b/cluster/staging/node/carcajou.nix @@ -19,11 +19,8 @@ boot.loader.timeout = 20; boot.loader.efi.canTouchEfiVariables = true; - networking.hostName = "carcajou"; - - deuxfleurs.ipv6 = "2001:910:1204:1::22"; - - deuxfleurs.cluster_ip = "10.14.1.2"; + deuxfleurs.hostName = "carcajou"; + deuxfleurs.ipv6Address = "2001:910:1204:1::22"; system.stateVersion = "21.05"; } diff --git a/cluster/staging/node/caribou.nix b/cluster/staging/node/caribou.nix index 2e8691a..ad5a65d 100644 --- a/cluster/staging/node/caribou.nix +++ b/cluster/staging/node/caribou.nix @@ -8,12 +8,9 @@ boot.loader.timeout = 20; boot.loader.efi.canTouchEfiVariables = true; - networking.hostName = "caribou"; - - deuxfleurs.ipv6 = "2001:910:1204:1::23"; - - deuxfleurs.cluster_ip = "10.14.1.3"; - deuxfleurs.is_raft_server = true; + deuxfleurs.hostName = "caribou"; + deuxfleurs.ipv6Address = "2001:910:1204:1::23"; + deuxfleurs.isRaftServer = true; system.stateVersion = "21.05"; } diff --git a/cluster/staging/node/df-pw5.nix b/cluster/staging/node/df-pw5.nix index 356a2ae..0e5be15 100644 --- a/cluster/staging/node/df-pw5.nix +++ b/cluster/staging/node/df-pw5.nix @@ -9,13 +9,9 @@ boot.loader.efi.efiSysMountPoint = "/boot"; boot.loader.timeout = 20; - networking.hostName = "df-pw5"; - + deuxfleurs.hostName = "df-pw5"; deuxfleurs.staticIPv4.address = "192.168.5.130/24"; - deuxfleurs.ipv6 = "2a02:a03f:6510:5102:223:24ff:feb0:e8a7"; - - deuxfleurs.cluster_ip = "10.14.4.1"; - deuxfleurs.is_raft_server = false; + deuxfleurs.ipv6Address = "2a02:a03f:6510:5102:223:24ff:feb0:e8a7"; system.stateVersion = "22.11"; } diff --git a/cluster/staging/node/origan.nix b/cluster/staging/node/origan.nix index 6db7f87..d900fd6 100644 --- a/cluster/staging/node/origan.nix +++ b/cluster/staging/node/origan.nix @@ -8,13 +8,10 @@ boot.loader.timeout = 20; boot.loader.efi.canTouchEfiVariables = true; - networking.hostName = "origan"; - + deuxfleurs.hostName = "origan"; deuxfleurs.staticIPv4.address = "192.168.1.33/24"; - deuxfleurs.ipv6 = "2a01:e0a:5e4:1d0:223:24ff:feaf:fdec"; - - deuxfleurs.cluster_ip = "10.14.2.33"; - deuxfleurs.is_raft_server = true; + deuxfleurs.ipv6Address = "2a01:e0a:5e4:1d0:223:24ff:feaf:fdec"; + deuxfleurs.isRaftServer = true; system.stateVersion = "22.11"; } diff --git a/cluster/staging/node/piranha.nix b/cluster/staging/node/piranha.nix index 4873693..436965c 100644 --- a/cluster/staging/node/piranha.nix +++ b/cluster/staging/node/piranha.nix @@ -8,13 +8,10 @@ boot.loader.timeout = 20; boot.loader.efi.canTouchEfiVariables = true; - networking.hostName = "piranha"; - + deuxfleurs.hostName = "piranha"; deuxfleurs.staticIPv4.address = "192.168.1.25/24"; - deuxfleurs.ipv6 = "2a01:cb05:8984:9900:223:24ff:feb0:ea82"; - - deuxfleurs.cluster_ip = "10.14.3.1"; - deuxfleurs.is_raft_server = true; + deuxfleurs.ipv6Address = "2a01:cb05:8984:9900:223:24ff:feb0:ea82"; + deuxfleurs.isRaftServer = true; system.stateVersion = "22.11"; } diff --git a/cluster/staging/site/bespin.nix b/cluster/staging/site/bespin.nix index 3fcefbb..22feb59 100644 --- a/cluster/staging/site/bespin.nix +++ b/cluster/staging/site/bespin.nix @@ -1,9 +1,9 @@ { config, pkgs, ... }: { - deuxfleurs.site_name = "bespin"; + deuxfleurs.siteName = "bespin"; deuxfleurs.staticIPv4.defaultGateway = "192.168.5.254"; - deuxfleurs.cname_target = "bespin.site.staging.deuxfleurs.org."; + deuxfleurs.cnameTarget = "bespin.site.staging.deuxfleurs.org."; networking.firewall.allowedTCPPorts = [ 80 443 ]; } diff --git a/cluster/staging/site/corrin.nix b/cluster/staging/site/corrin.nix index 0ff7b80..0083986 100644 --- a/cluster/staging/site/corrin.nix +++ b/cluster/staging/site/corrin.nix @@ -1,10 +1,10 @@ { config, pkgs, ... }: { - deuxfleurs.site_name = "corrin"; + deuxfleurs.siteName = "corrin"; deuxfleurs.staticIPv4.defaultGateway = "192.168.1.1"; - deuxfleurs.cname_target = "corrin.site.staging.deuxfleurs.org."; - deuxfleurs.public_ipv4 = "82.120.233.78"; + deuxfleurs.cnameTarget = "corrin.site.staging.deuxfleurs.org."; + deuxfleurs.publicIPv4 = "82.120.233.78"; networking.firewall.allowedTCPPorts = [ 80 443 ]; } diff --git a/cluster/staging/site/jupiter.nix b/cluster/staging/site/jupiter.nix index 2269836..2d39f5a 100644 --- a/cluster/staging/site/jupiter.nix +++ b/cluster/staging/site/jupiter.nix @@ -1,12 +1,9 @@ { config, pkgs, ... }: { - deuxfleurs.site_name = "jupiter"; + deuxfleurs.siteName = "jupiter"; deuxfleurs.staticIPv4.defaultGateway = "192.168.1.1"; - deuxfleurs.cname_target = "jupiter.site.staging.deuxfleurs.org."; - - # no public ipv4 is used for the staging cluster on Jupiter - # deuxfleurs.public_ipv4 = "???"; + deuxfleurs.cnameTarget = "jupiter.site.staging.deuxfleurs.org."; networking.firewall.allowedTCPPorts = [ 80 443 ]; } diff --git a/cluster/staging/site/neptune.nix b/cluster/staging/site/neptune.nix index 36d5957..f94d62f 100644 --- a/cluster/staging/site/neptune.nix +++ b/cluster/staging/site/neptune.nix @@ -1,12 +1,8 @@ { config, pkgs, ... }: { - deuxfleurs.site_name = "neptune"; - deuxfleurs.cname_target = "neptune.site.staging.deuxfleurs.org."; - - # no public ipv4 is used for the staging cluster on Neptune, - # because the Internet connection is already used for the prod cluster - # deuxfleurs.public_ipv4 = "77.207.15.215"; + deuxfleurs.siteName = "neptune"; + deuxfleurs.cnameTarget = "neptune.site.staging.deuxfleurs.org."; networking.firewall.allowedTCPPorts = [ 80 443 ]; } -- cgit v1.2.3