From 0eee7f7695dd05a930d79524e771984bb029362e Mon Sep 17 00:00:00 2001
From: Jean-Paul Calderone <exarkun@twistedmatrix.com>
Date: Thu, 10 Feb 2022 11:23:07 -0500
Subject: [PATCH] Read the VPN server IP address from the monitoring node
 config

morph offers an auto-passed `nodes` parameter from which we can read all of
the nodes in the morph "network".  We can dig around in this to find the
monitoring node and then read its configured IP address.

It may be worth noting that this address appears in at least two places in the
configuration.  It appears in our "input" configuration which grid.nix
defines.  This change reads it from there.  We also have a NixOS module
`nixos/modules/monitoring/vpn/server.nix` which reads this "input" and uses it
to configure `networking.wireguard.interfaces.monitoringvpn`.  This is fed
onwards to <nixos> to generate actual system configuration.

It seems better to use the former than the latter because we have more direct
control over it and if we consider the whole configuration system a function
then it is more like an argument we are supplying rather than an obscure
implementation detail.
---
 morph/lib/base.nix | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/morph/lib/base.nix b/morph/lib/base.nix
index fd0e21c9..aafbf4f4 100644
--- a/morph/lib/base.nix
+++ b/morph/lib/base.nix
@@ -1,5 +1,5 @@
 # This module contains settings and configuration that apply to all nodes in a grid.
-{ lib, config, ...}:
+{ lib, config, nodes, ...}:
 {
   options.grid = {
     publicKeyPath = lib.mkOption {
@@ -59,7 +59,9 @@
 
     networking.hosts = {
       # To stream logs to the monitoring host, all nodes need to know its address
-      "172.23.23.1" = [ "monitoring" "monitoring.monitoringvpn" ];
+      ${nodes.monitoring.config.services.private-storage.monitoring.vpn.server.ip} = [
+        "monitoring" "monitoring.monitoringvpn"
+      ];
     };
 
     services.private-storage.monitoring.exporters.promtail.enable = true;
-- 
GitLab