From 585d5d4370d783a9a81df993ef134c7c75a750e0 Mon Sep 17 00:00:00 2001
From: Jean-Paul Calderone <exarkun@twistedmatrix.com>
Date: Wed, 23 Jun 2021 12:47:58 -0400
Subject: [PATCH] Stop using make-grid for production deployment

---
 morph/grid/production/grid.nix | 158 +++++++++++++++++----------------
 1 file changed, 80 insertions(+), 78 deletions(-)

diff --git a/morph/grid/production/grid.nix b/morph/grid/production/grid.nix
index f41fbcae..e507fb36 100644
--- a/morph/grid/production/grid.nix
+++ b/morph/grid/production/grid.nix
@@ -1,90 +1,92 @@
 # See morph/grid/local/grid.nix for additional commentary.
-let lib = import ../../lib;
-in lib.make-grid {
-  name = "Production";
-  config = ./config.json;
-  nodes = cfg:
-    let
-      sshUsers = import ./secrets/users.nix;
+let
+  pkgs = import <nixpkgs> { };
 
-      # Get absolute vpn key directory path, as a string:
-      monitoringvpnKeyDir = toString ./. + "/${cfg.monitoringvpnKeyDir}";
+  lib = import ../../lib;
+  config = pkgs.lib.trivial.importJSON ./config.json;
+  sshUsers = import ./secrets/users.nix;
 
-      # TBD: derive these automatically:
-      hostsMap = {
-        "172.23.23.1"  = [ "monitoring" "monitoring.monitoringvpn" ];
-        "172.23.23.11" = [   "payments"   "payments.monitoringvpn" ];
-        "172.23.23.21" = [ "storage001" "storage001.monitoringvpn" ];
-        "172.23.23.22" = [ "storage002" "storage002.monitoringvpn" ];
-        "172.23.23.23" = [ "storage003" "storage003.monitoringvpn" ];
-        "172.23.23.24" = [ "storage004" "storage004.monitoringvpn" ];
-        "172.23.23.25" = [ "storage005" "storage005.monitoringvpn" ];
-      };
-      vpnClientIPs = [
-        "172.23.23.11"
-        "172.23.23.21"
-        "172.23.23.22"
-        "172.23.23.23"
-        "172.23.23.24"
-        "172.23.23.25"
-      ];
-      nodeExporterTargets = [
-        "monitoring"
-        "payments"
-        "storage001"
-        "storage002"
-        "storage003"
-        "storage004"
-        "storage005"
-      ];
+  # Get absolute vpn key directory path, as a string:
+  monitoringvpnKeyDir = toString ./. + "/${config.monitoringvpnKeyDir}";
 
-    "payments.privatestorage.io" = {
-      imports = [
-        lib.issuer
-        lib.hardware-aws
-        (lib.customize-issuer cfg sshUsers monitoringvpnKeyDir "172.23.23.11" "19.03")
-      ];
-    };
+  "payments.privatestorage.io" = {
+    imports = [
+      lib.issuer
+      lib.hardware-aws
+      (lib.customize-issuer config sshUsers monitoringvpnKeyDir "172.23.23.11" "19.03")
+    ];
+  };
 
-    monitoring = let publicIPv4 = "monitoring.private.storage"; in {
-      imports = [
-        lib.monitoring
-        lib.hardware-aws
-        (lib.customize-monitoring hostsMap monitoringvpnKeyDir publicIPv4 "172.23.23.1" vpnClientIPs nodeExporterTargets [] "19.09")
-      ];
-    };
+  monitoring = let publicIPv4 = "monitoring.private.storage"; in {
+    imports = [
+      lib.monitoring
+      lib.hardware-aws
+      (lib.customize-monitoring hostsMap monitoringvpnKeyDir publicIPv4 "172.23.23.1" vpnClientIPs nodeExporterTargets [] "19.09")
+    ];
+  };
 
-    defineStorageNode = name: { vpnIP, stateVersion }: let nodecfg = import "${./.}/${name}-config.nix"; in {
-      imports = [
-        # Get some of the very lowest-level system configuration for this
-        # node.  This isn't all *completely* hardware related.  Maybe some
-        # more factoring is in order, someday.
-        "${./.}/${name}-hardware.nix"
+  defineStorageNode = name: { vpnIP, stateVersion }: let nodecfg = import "${./.}/${name}-config.nix"; in {
+    imports = [
+      # Get some of the very lowest-level system configuration for this
+      # node.  This isn't all *completely* hardware related.  Maybe some
+      # more factoring is in order, someday.
+      "${./.}/${name}-hardware.nix"
 
-        # Slightly awkwardly, enable some of our hardware / network / bootloader options.
-        ../../../nixos/modules/100tb.nix
+      # Slightly awkwardly, enable some of our hardware / network / bootloader options.
+      ../../../nixos/modules/100tb.nix
 
-        # Get all of the configuration that is common across all storage nodes.
-        lib.storage
+      # Get all of the configuration that is common across all storage nodes.
+      lib.storage
 
-        # Then customize the storage system a little bit based on this node's particulars.
-        (lib.customize-storage cfg sshUsers nodecfg.publicIPv4 monitoringvpnKeyDir vpnIP stateVersion)
-      ];
+      # Then customize the storage system a little bit based on this node's particulars.
+      (lib.customize-storage config sshUsers nodecfg.publicIPv4 monitoringvpnKeyDir vpnIP stateVersion)
+    ];
 
-      # And supply configuration for those hardware / network / bootloader options.
-      "100tb".config = nodecfg;
-    };
+    # And supply configuration for those hardware / network / bootloader options.
+    "100tb".config = nodecfg;
+  };
 
-    # Define all of the storage nodes for this grid.
-    storageNodes = builtins.mapAttrs defineStorageNode {
-      storage001 = { vpnIP = "172.23.23.21"; stateVersion = "19.09"; };
-      storage002 = { vpnIP = "172.23.23.22"; stateVersion = "19.09"; };
-      storage003 = { vpnIP = "172.23.23.23"; stateVersion = "19.09"; };
-      storage004 = { vpnIP = "172.23.23.24"; stateVersion = "19.09"; };
-      storage005 = { vpnIP = "172.23.23.25"; stateVersion = "19.03"; };
-    };
+  # Define all of the storage nodes for this grid.
+  storageNodes = builtins.mapAttrs defineStorageNode {
+    storage001 = { vpnIP = "172.23.23.21"; stateVersion = "19.09"; };
+    storage002 = { vpnIP = "172.23.23.22"; stateVersion = "19.09"; };
+    storage003 = { vpnIP = "172.23.23.23"; stateVersion = "19.09"; };
+    storage004 = { vpnIP = "172.23.23.24"; stateVersion = "19.09"; };
+    storage005 = { vpnIP = "172.23.23.25"; stateVersion = "19.03"; };
+  };
 
-    in {
-      inherit "payments.privatestorage.io" "monitoring";
-    } // storageNodes;
-}
+  # TBD: derive these automatically:
+  hostsMap = {
+    "172.23.23.1"  = [ "monitoring" "monitoring.monitoringvpn" ];
+    "172.23.23.11" = [   "payments"   "payments.monitoringvpn" ];
+    "172.23.23.21" = [ "storage001" "storage001.monitoringvpn" ];
+    "172.23.23.22" = [ "storage002" "storage002.monitoringvpn" ];
+    "172.23.23.23" = [ "storage003" "storage003.monitoringvpn" ];
+    "172.23.23.24" = [ "storage004" "storage004.monitoringvpn" ];
+    "172.23.23.25" = [ "storage005" "storage005.monitoringvpn" ];
+  };
+  vpnClientIPs = [
+    "172.23.23.11"
+    "172.23.23.21"
+    "172.23.23.22"
+    "172.23.23.23"
+    "172.23.23.24"
+    "172.23.23.25"
+  ];
+  nodeExporterTargets = [
+    "monitoring"
+    "payments"
+    "storage001"
+    "storage002"
+    "storage003"
+    "storage004"
+    "storage005"
+  ];
+
+in {
+  network = {
+    description = "PrivateStorage.io Production Grid";
+  };
+
+  inherit "payments.privatestorage.io" "monitoring";
+} // storageNodes
-- 
GitLab