Newer
Older
let
pkgs = import <nixpkgs> { };
gridlib = import ../../lib;
rawConfig = pkgs.lib.trivial.importJSON ./config.json;
config = rawConfig // {
sshUsers = import ./public-keys/users.nix;
# Convert relative paths to absolute so library code can resolve names
# correctly.
publicKeyPath = toString ./. + "/${rawConfig.publicKeyPath}";
privateKeyPath = toString ./. + "/${rawConfig.privateKeyPath}";
gridlib.issuer
(gridlib.hardware-virtual ({ publicIPv4 = "192.168.67.21"; }))
(gridlib.customize-issuer (config // {
monitoringvpnIPv4 = "172.23.23.11";
}))
gridlib.storage
(gridlib.hardware-virtual ({ publicIPv4 = "192.168.67.22"; }))
(gridlib.customize-storage (config // {
monitoringvpnIPv4 = "172.23.23.12";
stateVersion = "19.09";
}))
gridlib.storage
(gridlib.hardware-virtual ({ publicIPv4 = "192.168.67.23"; }))
(gridlib.customize-storage (config // {
monitoringvpnIPv4 = "172.23.23.13";
stateVersion = "19.09";
}))
gridlib.monitoring
(gridlib.hardware-virtual ({ publicIPv4 = "192.168.67.24"; }))
(gridlib.customize-monitoring {
inherit hostsMap vpnClientIPs nodeExporterTargets paymentExporterTargets;
inherit (config) domain publicKeyPath privateKeyPath letsEncryptAdminEmail;
monitoringvpnIPv4 = "172.23.23.1";
stateVersion = "19.09";
})
# Allow anonymous access to Grafana in local development environment:
services.private-storage.monitoring.grafana.googleOAuthClientID = "";
};
# TBD: derive these automatically:
hostsMap = {
"172.23.23.1" = [ "monitoring" "monitoring.monitoringvpn" ];
"172.23.23.11" = [ "payments" "payments.monitoringvpn" ];
"172.23.23.12" = [ "storage1" "storage1.monitoringvpn" ];
"172.23.23.13" = [ "storage2" "storage2.monitoringvpn" ];
};
vpnClientIPs = [ "172.23.23.11" "172.23.23.12" "172.23.23.13" ];
nodeExporterTargets = [ "monitoring" "payments" "storage1" "storage2" ];
in {
network = {
description = "PrivateStorage.io LocalDev Grid";
inherit payments monitoring storage1 storage2;