Skip to content
Snippets Groups Projects
Commit dc9f5f0f authored by Tom Prince's avatar Tom Prince
Browse files

local-grid: Make `publicIPv4` a NixOS options.

parent 2b157e19
No related branches found
No related tags found
2 merge requests!228merge develop into production,!182Simplify local grid hardware
Hide whitespace changes
Inline Side-by-side
morph/grid/local/grid.nix
+ 14
5
View file @ dc9f5f0f
......@@ -27,6 +27,7 @@ let
../../../nixos/modules/deployment.nix
# Give it a good SSH configuration.
../../../nixos/modules/ssh.nix
gridlib.hardware-virtual
];
services.private-storage.sshUsers = ssh-users;
......@@ -46,7 +47,7 @@ let
# depend on the format we use.
mode = "0666";
text = ''
# Include the ssh-users config
# Include the ssh-users config
builtins.fromJSON (builtins.readFile ./ssh-users.json)
'';
};
......@@ -68,42 +69,47 @@ let
payments = {
imports = [
gridlib.issuer
(gridlib.hardware-virtual ({ publicIPv4 = "192.168.67.21"; }))
(gridlib.customize-issuer (grid-config // {
monitoringvpnIPv4 = "172.23.23.11";
}))
grid-module
];
config = {
grid.publicIPv4 = "192.168.67.21";
};
};
storage1 = {
imports = [
gridlib.storage
(gridlib.hardware-virtual ({ publicIPv4 = "192.168.67.22"; }))
(gridlib.customize-storage (grid-config // {
monitoringvpnIPv4 = "172.23.23.12";
stateVersion = "19.09";
}))
grid-module
];
config = {
grid.publicIPv4 = "192.168.67.22";
};
};
storage2 = {
imports = [
gridlib.storage
(gridlib.hardware-virtual ({ publicIPv4 = "192.168.67.23"; }))
(gridlib.customize-storage (grid-config // {
monitoringvpnIPv4 = "172.23.23.13";
stateVersion = "19.09";
}))
grid-module
];
config = {
grid.publicIPv4 = "192.168.67.23";
};
};
monitoring = {
imports = [
gridlib.monitoring
(gridlib.hardware-virtual ({ publicIPv4 = "192.168.67.24"; }))
(gridlib.customize-monitoring {
inherit hostsMap vpnClientIPs nodeExporterTargets paymentExporterTargets;
inherit (grid-config) letsEncryptAdminEmail;
......@@ -113,6 +119,9 @@ let
})
grid-module
];
config = {
grid.publicIPv4 = "192.168.67.24";
};
};
# TBD: derive these automatically:
......
morph/lib/hardware-virtual.nix
+ 30
20
View file @ dc9f5f0f
{ publicIPv4, ... }:
{ modulesPath, ... }:
{ config, lib, modulesPath, ... }:
{
imports = [
# modulesPath points at the upstream nixos/modules directory.
"${modulesPath}/virtualisation/vagrant-guest.nix"
];
virtualisation.virtualbox.guest.enable = true;
options.grid = {
publicIPv4 = lib.mkOption {
type = lib.types.str;
description = ''
The primary IPv4 address of the virtual machine.
'';
};
};
boot.loader.grub.device = "/dev/sda";
config = {
virtualisation.virtualbox.guest.enable = true;
boot.initrd.availableKernelModules = [ "ata_piix" "sd_mod" "sr_mod" ];
boot.kernel.sysctl = { "vm.swappiness" = 0; };
boot.loader.grub.device = "/dev/sda";
# remove the fsck that runs at startup. It will always fail to run, stopping
# your boot until you press *.
boot.initrd.checkJournalingFS = false;
boot.initrd.availableKernelModules = [ "ata_piix" "sd_mod" "sr_mod" ];
boot.kernel.sysctl = { "vm.swappiness" = 0; };
networking.interfaces.enp0s8.ipv4.addresses = [{
address = publicIPv4;
prefixLength = 24;
}];
# remove the fsck that runs at startup. It will always fail to run, stopping
# your boot until you press *.
boot.initrd.checkJournalingFS = false;
fileSystems."/storage" = { fsType = "tmpfs"; };
fileSystems."/" =
{ device = "/dev/sda1";
fsType = "ext4";
};
networking.interfaces.enp0s8.ipv4.addresses = [{
address = config.grid.publicIPv4;
prefixLength = 24;
}];
fileSystems."/storage" = { fsType = "tmpfs"; };
fileSystems."/" =
{ device = "/dev/sda1";
fsType = "ext4";
};
# We want to push packages with morph without having to sign them
nix.trustedUsers = [ "@wheel" "root" "vagrant" ];
# We want to push packages with morph without having to sign them
nix.trustedUsers = [ "@wheel" "root" "vagrant" ];
};
}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment