From dc9f5f0fdff2e6206dffd13285b9acaedf44ffbf Mon Sep 17 00:00:00 2001
From: Tom Prince <tom.prince@private.storage>
Date: Tue, 28 Sep 2021 09:38:19 -0600
Subject: [PATCH] local-grid: Make `publicIPv4` a NixOS options.

---
 morph/grid/local/grid.nix      | 19 +++++++++----
 morph/lib/hardware-virtual.nix | 50 ++++++++++++++++++++--------------
 2 files changed, 44 insertions(+), 25 deletions(-)

diff --git a/morph/grid/local/grid.nix b/morph/grid/local/grid.nix
index 46cb9c8e..b909c603 100644
--- a/morph/grid/local/grid.nix
+++ b/morph/grid/local/grid.nix
@@ -27,6 +27,7 @@ let
       ../../../nixos/modules/deployment.nix
       # Give it a good SSH configuration.
       ../../../nixos/modules/ssh.nix
+      gridlib.hardware-virtual
     ];
     services.private-storage.sshUsers = ssh-users;
 
@@ -46,7 +47,7 @@ let
       # depend on the format we use.
       mode = "0666";
       text = ''
-        # Include the ssh-users config 
+        # Include the ssh-users config
         builtins.fromJSON (builtins.readFile ./ssh-users.json)
       '';
     };
@@ -68,42 +69,47 @@ let
   payments = {
     imports = [
       gridlib.issuer
-      (gridlib.hardware-virtual ({ publicIPv4 = "192.168.67.21"; }))
       (gridlib.customize-issuer (grid-config // {
           monitoringvpnIPv4 = "172.23.23.11";
       }))
       grid-module
     ];
+    config = {
+      grid.publicIPv4 = "192.168.67.21";
+    };
   };
 
   storage1 = {
     imports = [
       gridlib.storage
-      (gridlib.hardware-virtual ({ publicIPv4 = "192.168.67.22"; }))
       (gridlib.customize-storage (grid-config // {
         monitoringvpnIPv4 = "172.23.23.12";
         stateVersion = "19.09";
       }))
       grid-module
     ];
+    config = {
+      grid.publicIPv4 = "192.168.67.22";
+    };
   };
 
   storage2 = {
     imports = [
       gridlib.storage
-      (gridlib.hardware-virtual ({ publicIPv4 = "192.168.67.23"; }))
       (gridlib.customize-storage (grid-config // {
         monitoringvpnIPv4 = "172.23.23.13";
         stateVersion = "19.09";
       }))
       grid-module
     ];
+    config = {
+      grid.publicIPv4 = "192.168.67.23";
+    };
   };
 
   monitoring = {
     imports = [
       gridlib.monitoring
-      (gridlib.hardware-virtual ({ publicIPv4 = "192.168.67.24"; }))
       (gridlib.customize-monitoring {
         inherit hostsMap vpnClientIPs nodeExporterTargets paymentExporterTargets;
         inherit (grid-config) letsEncryptAdminEmail;
@@ -113,6 +119,9 @@ let
       })
       grid-module
     ];
+    config = {
+      grid.publicIPv4 = "192.168.67.24";
+    };
   };
 
   # TBD: derive these automatically:
diff --git a/morph/lib/hardware-virtual.nix b/morph/lib/hardware-virtual.nix
index d7cef714..150944cd 100644
--- a/morph/lib/hardware-virtual.nix
+++ b/morph/lib/hardware-virtual.nix
@@ -1,33 +1,43 @@
-{ publicIPv4, ... }:
-{ modulesPath, ... }:
+{ config, lib, modulesPath, ... }:
 {
   imports = [
     # modulesPath points at the upstream nixos/modules directory.
     "${modulesPath}/virtualisation/vagrant-guest.nix"
   ];
 
-  virtualisation.virtualbox.guest.enable = true;
+  options.grid = {
+    publicIPv4 = lib.mkOption {
+      type = lib.types.str;
+      description = ''
+        The primary IPv4 address of the virtual machine.
+      '';
+    };
+  };
 
-  boot.loader.grub.device = "/dev/sda";
+  config = {
+    virtualisation.virtualbox.guest.enable = true;
 
-  boot.initrd.availableKernelModules = [ "ata_piix" "sd_mod" "sr_mod" ];
-  boot.kernel.sysctl = { "vm.swappiness" = 0; };
+    boot.loader.grub.device = "/dev/sda";
 
-  # remove the fsck that runs at startup. It will always fail to run, stopping
-  # your boot until you press *.
-  boot.initrd.checkJournalingFS = false;
+    boot.initrd.availableKernelModules = [ "ata_piix" "sd_mod" "sr_mod" ];
+    boot.kernel.sysctl = { "vm.swappiness" = 0; };
 
-  networking.interfaces.enp0s8.ipv4.addresses = [{
-    address = publicIPv4;
-    prefixLength = 24;
-  }];
+    # remove the fsck that runs at startup. It will always fail to run, stopping
+    # your boot until you press *.
+    boot.initrd.checkJournalingFS = false;
 
-  fileSystems."/storage" = { fsType = "tmpfs"; };
-  fileSystems."/" =
-    { device = "/dev/sda1";
-      fsType = "ext4";
-    };
+    networking.interfaces.enp0s8.ipv4.addresses = [{
+      address = config.grid.publicIPv4;
+      prefixLength = 24;
+    }];
+
+    fileSystems."/storage" = { fsType = "tmpfs"; };
+    fileSystems."/" =
+      { device = "/dev/sda1";
+        fsType = "ext4";
+      };
 
-  # We want to push packages with morph without having to sign them
-  nix.trustedUsers = [ "@wheel" "root" "vagrant" ];
+    # We want to push packages with morph without having to sign them
+    nix.trustedUsers = [ "@wheel" "root" "vagrant" ];
+  };
 }
-- 
GitLab