From 38daf405e5aaee774c61aa1fbbf8a66ed745c15b Mon Sep 17 00:00:00 2001
From: Jonas Juselius <jonas.juselius@itpartner.no>
Date: Wed, 2 Dec 2020 12:33:35 +0100
Subject: [PATCH] Add psql1 cluster

---
 clusters/psql1/default.nix | 58 ++++++++++++++++++++++++++++++++++++++
 clusters/psql1/psql1-0.nix | 35 +++++++++++++++++++++++
 2 files changed, 93 insertions(+)
 create mode 100644 clusters/psql1/default.nix
 create mode 100644 clusters/psql1/psql1-0.nix

diff --git a/clusters/psql1/default.nix b/clusters/psql1/default.nix
new file mode 100644
index 0000000..60017b2
--- /dev/null
+++ b/clusters/psql1/default.nix
@@ -0,0 +1,58 @@
+with import <nixpkgs> {};
+let
+  setup = import ../../modules {
+    inherit pkgs cluster customize extraConfig lib config;
+  };
+
+  hosts = [
+    { name = "psql1-0"; address = "10.1.30.80"; }
+  ];
+
+  customize = {
+    boot.uefi = true;
+  };
+
+  cluster = {
+    clusterName = "psql1";
+    initca = ./ca;
+
+    domain = "itpartner.intern";
+    externalInterface = "ens6";
+    defaultGateway = "10.1.30.1";
+    nameservers = [ "8.8.8.8" ];
+    searchDomains = [ "itpartner.intern" "itpartner.no" ];
+
+    extraHosts = import ../hosts.nix;
+
+    adminAuthorizedKeys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKiAS30ZO+wgfAqDE9Y7VhRunn2QszPHA5voUwo+fGOf jonas"
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDULdlLC8ZLu9qBZUYsjhpr6kv5RH4yPkekXQdD7prkqapyoptUkO1nOTDwy7ZsKDxmp9Zc6OtdhgoJbowhGW3VIZPmooWO8twcaYDpkxEBLUehY/n8SlAwBtiHJ4mTLLcynJMVrjmTQLF3FeWVof0Aqy6UtZceFpLp1eNkiHTCM3anwtb9+gfr91dX1YsAOqxqv7ooRDu5rCRUvOi4OvRowepyuBcCjeWpTkJHkC9WGxuESvDV3CySWkGC2fF2LHkAu6SFsFE39UA5ZHo0b1TK+AFqRFiBAb7ULmtuno1yxhpBxbozf8+Yyc7yLfMNCyBpL1ci7WnjKkghQv7yM1xN2XMJLpF56v0slSKMoAs7ThoIlmkRm/6o3NCChgu0pkpNg/YP6A3HfYiEDgChvA6rAHX6+to50L9xF3ajqk4BUzWd/sCk7Q5Op2lzj31L53Ryg8vMP8hjDjYcgEcCCsGOcjUVgcsmfC9LupwRIEz3aF14AWg66+3zAxVho8ozjes= jonas.juselius@juselius.io"
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCk5EKXxo/KLogjqSxSf/GkQdZ30UxB3wXc5k6Y6RRKQ/5iJ+XyYTbuqYOUp30p54apZzbayU2icahE/upr754lQicQwJtOXW/Iut57VRhSpq4P+mKCIdT58xCUkAZYr8Aja8UjHlYeJgFvp023K/fqmwbapu8R1gh4bzXm7uU1XeJoYfuOb+Cb8NGMn1ICrw2aztA0yVOXZ7tyJd2qyr1+6PuM/Ca2nKN4wLIX2vwyN3vZjR15nkIaHQGlTaJlNk2NEG1YTxsIQ9axDjNtyL80kjUr5M8zxW6s0h3451zr1b21EetP1i+1POIjS9uWXv5iabF+1Qb1GaS4FAYzzpqNY+moLzY7Zqfi05MPsMYkNoZ1Kg5aj0IuZb0OM9i6ZJrFs9nYAGG0uLSUTfrs957f9nokFyILGYg5xY46YN3uQrqfZifvcR0KaEdxEKvnfq0qrNG3uYLR/OYm2yblRcNbWgDoQ1hH7qa9uJM2JrPM07s4sJGkqfAib8Hwz9+l7jMrL6KIGUOA4aX0B1KZaIKKiZa42WlgdbeA17aW3laIqS5mZCkI3pLMYZAxe+A6rQi+V8ZAvDSyOL/Vws3lboXaN5QLu17R8uCY7MkIAvRBiZSpdWNeX3JO5m6zexkxkrFlxyEBf+ott4ATSw+eMYMs8i5xQRqPjgO1cABWkUdGpw== martin.moe.carstens@itpartner.no"
+    ];
+  };
+
+  extraConfig = {
+    services.postgresql = {
+      enable = true;
+      dataDir = "/data/postgresql";
+      enableTCPIP = true;
+      identMap = ''
+          nixos root postgres
+          nixos admin postgres
+      '';
+      authentication = pkgs.lib.mkOverride 11 ''
+          local all all trust
+          host all all ::1/128 trust
+          host all all ::1/128 md5
+          host all postgres 127.0.0.1/32 md5
+          host all postgres ::1/128 md5
+          host all postgres 10.1.8.0/24 md5
+          host all postgres 10.1.30.0/24 md5
+          host all consto 10.1.8.0/24 md5
+          host all consto 10.1.30.0/24 md5
+          host score consto all md5
+      '';
+    };
+  };
+in
+  setup.host.mkDeployment ./. hosts
diff --git a/clusters/psql1/psql1-0.nix b/clusters/psql1/psql1-0.nix
new file mode 100644
index 0000000..7a148c6
--- /dev/null
+++ b/clusters/psql1/psql1-0.nix
@@ -0,0 +1,35 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, ... }:
+
+{
+  imports = [ ];
+
+  boot.initrd.availableKernelModules = [ "ata_piix" "virtio_pci" "uhci_hcd" "ehci_pci" "sd_mod" "sr_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/49b61f5c-9dd6-4989-8d24-87e143a580ae";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/DCF5-0AA3";
+      fsType = "vfat";
+    };
+
+  fileSystems."/data" =
+    { device = "/dev/disk/by-label/psql";
+      fsType = "ext4";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/137fc4ef-452d-4216-9f18-42cf859f77ce"; }
+    ];
+
+  nix.maxJobs = lib.mkDefault 4;
+  #virtualisation.hypervGuest.enable = true;
+}