Select Git revision
Forked from
PrivateStorage / PrivateStorageio
Source project has a limited visibility.
-
Tom Prince authoredThis reduces the confusion with the nixos/modules/deployment.nix module, and should make it clearer that it can contain any configuration that applies to all hosts on the grid.
Tom Prince authoredThis reduces the confusion with the nixos/modules/deployment.nix module, and should make it clearer that it can contain any configuration that applies to all hosts on the grid.
grid.nix 2.24 KiB
# See morph/grid/local/grid.nix for additional commentary.
let
pkgs = import <nixpkgs> { };
gridlib = import ../../lib;
rawConfig = pkgs.lib.trivial.importJSON ./config.json;
config = rawConfig // {
sshUsers = import ./public-keys/users.nix;
# Convert relative paths to absolute so library code can resolve names
# correctly.
publicKeyPath = toString ./. + "/${rawConfig.publicKeyPath}";
privateKeyPath = toString ./. + "/${rawConfig.privateKeyPath}";
};
# Module with per-grid configuration
grid-module = {
# Configure deployment management authorization for all systems in the grid.
services.private-storage.deployment = {
authorizedKey = builtins.readFile "${config.publicKeyPath}/deploy_key.pub";
gridName = "testing";
};
};
payments = {
imports = [
gridlib.issuer
gridlib.hardware-aws
(gridlib.customize-issuer (config // {
monitoringvpnIPv4 = "172.23.23.11";
}))
grid-module
];
};
storage001 = {
imports = [
gridlib.storage
gridlib.hardware-aws
./testing001-hardware.nix
(gridlib.customize-storage (config // {
monitoringvpnIPv4 = "172.23.23.12";
stateVersion = "19.03";
}))
grid-module
];
};
monitoring = {
imports = [
gridlib.monitoring
gridlib.hardware-aws
(gridlib.customize-monitoring {
inherit hostsMap vpnClientIPs nodeExporterTargets paymentExporterTargets;
inherit (config) domain publicKeyPath privateKeyPath sshUsers letsEncryptAdminEmail;
googleOAuthClientID = config.monitoringGoogleOAuthClientID;
monitoringvpnIPv4 = "172.23.23.1";
stateVersion = "19.09";
})
grid-module
];
};
# TBD: derive these automatically:
hostsMap = {
"172.23.23.1" = [ "monitoring" "monitoring.monitoringvpn" ];
"172.23.23.11" = [ "payments" "payments.monitoringvpn" ];
"172.23.23.12" = [ "storage001" "storage001.monitoringvpn" ];
};
vpnClientIPs = [ "172.23.23.11" "172.23.23.12" ]; nodeExporterTargets = [ "monitoring" "payments" "storage001" ];
paymentExporterTargets = [ "payments" ];
in {
network = {
description = "PrivateStorage.io Testing Grid";
};
inherit payments monitoring storage001;
}