Skip to content
Snippets Groups Projects
Commit 585d5d43 authored by Jean-Paul Calderone's avatar Jean-Paul Calderone
Browse files

Stop using make-grid for production deployment

parent e6e9fcc1
No related branches found
No related tags found
3 merge requests!140Merge staging into production,!118Merge develop into staging,!109Regularize (somewhat) the definition of grids for Morph
# See morph/grid/local/grid.nix for additional commentary.
let lib = import ../../lib;
in lib.make-grid {
name = "Production";
config = ./config.json;
nodes = cfg:
let
sshUsers = import ./secrets/users.nix;
let
pkgs = import <nixpkgs> { };
# Get absolute vpn key directory path, as a string:
monitoringvpnKeyDir = toString ./. + "/${cfg.monitoringvpnKeyDir}";
lib = import ../../lib;
config = pkgs.lib.trivial.importJSON ./config.json;
sshUsers = import ./secrets/users.nix;
# TBD: derive these automatically:
hostsMap = {
"172.23.23.1" = [ "monitoring" "monitoring.monitoringvpn" ];
"172.23.23.11" = [ "payments" "payments.monitoringvpn" ];
"172.23.23.21" = [ "storage001" "storage001.monitoringvpn" ];
"172.23.23.22" = [ "storage002" "storage002.monitoringvpn" ];
"172.23.23.23" = [ "storage003" "storage003.monitoringvpn" ];
"172.23.23.24" = [ "storage004" "storage004.monitoringvpn" ];
"172.23.23.25" = [ "storage005" "storage005.monitoringvpn" ];
};
vpnClientIPs = [
"172.23.23.11"
"172.23.23.21"
"172.23.23.22"
"172.23.23.23"
"172.23.23.24"
"172.23.23.25"
];
nodeExporterTargets = [
"monitoring"
"payments"
"storage001"
"storage002"
"storage003"
"storage004"
"storage005"
];
# Get absolute vpn key directory path, as a string:
monitoringvpnKeyDir = toString ./. + "/${config.monitoringvpnKeyDir}";
"payments.privatestorage.io" = {
imports = [
lib.issuer
lib.hardware-aws
(lib.customize-issuer cfg sshUsers monitoringvpnKeyDir "172.23.23.11" "19.03")
];
};
"payments.privatestorage.io" = {
imports = [
lib.issuer
lib.hardware-aws
(lib.customize-issuer config sshUsers monitoringvpnKeyDir "172.23.23.11" "19.03")
];
};
monitoring = let publicIPv4 = "monitoring.private.storage"; in {
imports = [
lib.monitoring
lib.hardware-aws
(lib.customize-monitoring hostsMap monitoringvpnKeyDir publicIPv4 "172.23.23.1" vpnClientIPs nodeExporterTargets [] "19.09")
];
};
monitoring = let publicIPv4 = "monitoring.private.storage"; in {
imports = [
lib.monitoring
lib.hardware-aws
(lib.customize-monitoring hostsMap monitoringvpnKeyDir publicIPv4 "172.23.23.1" vpnClientIPs nodeExporterTargets [] "19.09")
];
};
defineStorageNode = name: { vpnIP, stateVersion }: let nodecfg = import "${./.}/${name}-config.nix"; in {
imports = [
# Get some of the very lowest-level system configuration for this
# node. This isn't all *completely* hardware related. Maybe some
# more factoring is in order, someday.
"${./.}/${name}-hardware.nix"
defineStorageNode = name: { vpnIP, stateVersion }: let nodecfg = import "${./.}/${name}-config.nix"; in {
imports = [
# Get some of the very lowest-level system configuration for this
# node. This isn't all *completely* hardware related. Maybe some
# more factoring is in order, someday.
"${./.}/${name}-hardware.nix"
# Slightly awkwardly, enable some of our hardware / network / bootloader options.
../../../nixos/modules/100tb.nix
# Slightly awkwardly, enable some of our hardware / network / bootloader options.
../../../nixos/modules/100tb.nix
# Get all of the configuration that is common across all storage nodes.
lib.storage
# Get all of the configuration that is common across all storage nodes.
lib.storage
# Then customize the storage system a little bit based on this node's particulars.
(lib.customize-storage cfg sshUsers nodecfg.publicIPv4 monitoringvpnKeyDir vpnIP stateVersion)
];
# Then customize the storage system a little bit based on this node's particulars.
(lib.customize-storage config sshUsers nodecfg.publicIPv4 monitoringvpnKeyDir vpnIP stateVersion)
];
# And supply configuration for those hardware / network / bootloader options.
"100tb".config = nodecfg;
};
# And supply configuration for those hardware / network / bootloader options.
"100tb".config = nodecfg;
};
# Define all of the storage nodes for this grid.
storageNodes = builtins.mapAttrs defineStorageNode {
storage001 = { vpnIP = "172.23.23.21"; stateVersion = "19.09"; };
storage002 = { vpnIP = "172.23.23.22"; stateVersion = "19.09"; };
storage003 = { vpnIP = "172.23.23.23"; stateVersion = "19.09"; };
storage004 = { vpnIP = "172.23.23.24"; stateVersion = "19.09"; };
storage005 = { vpnIP = "172.23.23.25"; stateVersion = "19.03"; };
};
# Define all of the storage nodes for this grid.
storageNodes = builtins.mapAttrs defineStorageNode {
storage001 = { vpnIP = "172.23.23.21"; stateVersion = "19.09"; };
storage002 = { vpnIP = "172.23.23.22"; stateVersion = "19.09"; };
storage003 = { vpnIP = "172.23.23.23"; stateVersion = "19.09"; };
storage004 = { vpnIP = "172.23.23.24"; stateVersion = "19.09"; };
storage005 = { vpnIP = "172.23.23.25"; stateVersion = "19.03"; };
};
in {
inherit "payments.privatestorage.io" "monitoring";
} // storageNodes;
}
# TBD: derive these automatically:
hostsMap = {
"172.23.23.1" = [ "monitoring" "monitoring.monitoringvpn" ];
"172.23.23.11" = [ "payments" "payments.monitoringvpn" ];
"172.23.23.21" = [ "storage001" "storage001.monitoringvpn" ];
"172.23.23.22" = [ "storage002" "storage002.monitoringvpn" ];
"172.23.23.23" = [ "storage003" "storage003.monitoringvpn" ];
"172.23.23.24" = [ "storage004" "storage004.monitoringvpn" ];
"172.23.23.25" = [ "storage005" "storage005.monitoringvpn" ];
};
vpnClientIPs = [
"172.23.23.11"
"172.23.23.21"
"172.23.23.22"
"172.23.23.23"
"172.23.23.24"
"172.23.23.25"
];
nodeExporterTargets = [
"monitoring"
"payments"
"storage001"
"storage002"
"storage003"
"storage004"
"storage005"
];
in {
network = {
description = "PrivateStorage.io Production Grid";
};
inherit "payments.privatestorage.io" "monitoring";
} // storageNodes
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment