From 62901545b8450b4b552210c5891cdd1d9c2814c5 Mon Sep 17 00:00:00 2001
From: Jonas Juselius <jonas.juselius@itpartner.no>
Date: Wed, 2 Dec 2020 11:25:24 +0100
Subject: [PATCH] Move implementation into a let definition

---
 clusters/{fs0 => fs1}/default.nix         |  0
 clusters/{fs0/fs0-0.nix => fs1/fs1-0.nix} |  0
 modules/os.nix                            | 84 ++++++++++++-----------
 3 files changed, 43 insertions(+), 41 deletions(-)
 rename clusters/{fs0 => fs1}/default.nix (100%)
 rename clusters/{fs0/fs0-0.nix => fs1/fs1-0.nix} (100%)

diff --git a/clusters/fs0/default.nix b/clusters/fs1/default.nix
similarity index 100%
rename from clusters/fs0/default.nix
rename to clusters/fs1/default.nix
diff --git a/clusters/fs0/fs0-0.nix b/clusters/fs1/fs1-0.nix
similarity index 100%
rename from clusters/fs0/fs0-0.nix
rename to clusters/fs1/fs1-0.nix
diff --git a/modules/os.nix b/modules/os.nix
index 9cbb736..ac57fbd 100644
--- a/modules/os.nix
+++ b/modules/os.nix
@@ -4,6 +4,48 @@ let
   cfg = config.cluster;
 
   pki = import ./pki.nix { inherit pkgs; ca = cfg.initca; };
+
+  common = {
+    users.extraUsers.admin.openssh.authorizedKeys.keys =
+      cfg.adminAuthorizedKeys;
+
+    users.extraUsers.root.openssh.authorizedKeys.keys =
+      cfg.adminAuthorizedKeys;
+
+    networking = {
+      domain = cfg.domain;
+      search = cfg.searchDomains;
+      extraHosts = cfg.extraHosts;
+      firewall.allowedTCPPortRanges = [ { from = 5000; to = 50000; } ];
+      firewall.allowedTCPPorts = [ 80 443 111 ];
+      firewall.allowedUDPPorts = [ 111 24007 24008 ];
+    } // (
+      if cfg.externalInterface == null then
+        { hostName = cfg.hostName; }
+      else {
+        hostName = cfg.hostName;
+        interfaces."${cfg.externalInterface}" = {
+          useDHCP = false;
+          ipv4.addresses = [ {
+            address = cfg.address;
+            prefixLength = 24;
+          } ];
+        };
+        defaultGateway = cfg.defaultGateway;
+        nameservers = cfg.nameservers;
+      }
+    );
+
+    security.pki.certificateFiles = [ pki.ca.cert ];
+    boot.kernel.sysctl = {
+      "kernel.mm.transparent_hugepage.enabled" = "never";
+      "net.core.somaxconn" = "512";
+    };
+
+    environment.systemPackages = with pkgs; [
+      nfs-utils
+    ];
+  };
 in
 {
   options.cluster = {
@@ -67,47 +109,7 @@ in
     };
   };
 
-  config = {
-    users.extraUsers.admin.openssh.authorizedKeys.keys =
-      cfg.adminAuthorizedKeys;
-
-    users.extraUsers.root.openssh.authorizedKeys.keys =
-      cfg.adminAuthorizedKeys;
-
-    networking = {
-      domain = cfg.domain;
-      search = cfg.searchDomains;
-      extraHosts = cfg.extraHosts;
-      firewall.allowedTCPPortRanges = [ { from = 5000; to = 50000; } ];
-      firewall.allowedTCPPorts = [ 80 443 111 ];
-      firewall.allowedUDPPorts = [ 111 24007 24008 ];
-    } // (
-      if cfg.externalInterface == null then
-        { hostName = cfg.hostName; }
-      else {
-        hostName = cfg.hostName;
-        interfaces."${cfg.externalInterface}" = {
-          useDHCP = false;
-          ipv4.addresses = [ {
-            address = cfg.address;
-            prefixLength = 24;
-          } ];
-        };
-        defaultGateway = cfg.defaultGateway;
-        nameservers = cfg.nameservers;
-      }
-   );
-
-   security.pki.certificateFiles = [ pki.ca.cert ];
-    boot.kernel.sysctl = {
-      "kernel.mm.transparent_hugepage.enabled" = "never";
-      "net.core.somaxconn" = "512";
-    };
-
-    environment.systemPackages = with pkgs; [
-      nfs-utils
-    ];
-  };
+  config = common;
 
   imports = [
     ../nixos/configuration.nix