diff --git a/clusters/fs0/default.nix b/clusters/fs0/default.nix index cbc2379..2c9f4b0 100644 --- a/clusters/fs0/default.nix +++ b/clusters/fs0/default.nix @@ -1,17 +1,16 @@ with import {}; let - here = ./.; # hack + lib = import ../../lib/default.nix { inherit pkgs cfg lib config; }; - settings = { + hosts = [ + { name = "fs0-0"; address = "10.253.18.106"; hw = ./fs0-0.nix; } + ]; + + cfg = { initca = ./ca; clusterName = "fs0"; - hosts = [ - { name = "fs0-0"; address = "10.253.18.106"; } - ]; - clusterHosts = '' + extraHosts = '' 10.253.18.106 fs0-0 fs0-0.itpartner.no fs0-0.itpartner.intern - 10.1.2.83 fs0-1 fs0-1.itpartner.no fs0-1.itpartner.intern - 10.253.18.100 fs0-2 fs0-2.itpartner.no fs0-2.itpartner.intern 10.253.18.100 k0-0 k0-0.itpartner.no k0-0.itpartner.intern 10.253.18.101 k0-1 k0-1.itpartner.no k0-1.itpartner.intern @@ -30,51 +29,16 @@ let 10.253.18.118 k2-4 k2-4.itpartner.no k2-4.itpartner.intern 10.253.18.103 k2-5 k2-5.itpartner.no k2-5.itpartner.intern ''; + adminAuthorizedKeys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKiAS30ZO+wgfAqDE9Y7VhRunn2QszPHA5voUwo+fGOf jonas" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCk5EKXxo/KLogjqSxSf/GkQdZ30UxB3wXc5k6Y6RRKQ/5iJ+XyYTbuqYOUp30p54apZzbayU2icahE/upr754lQicQwJtOXW/Iut57VRhSpq4P+mKCIdT58xCUkAZYr8Aja8UjHlYeJgFvp023K/fqmwbapu8R1gh4bzXm7uU1XeJoYfuOb+Cb8NGMn1ICrw2aztA0yVOXZ7tyJd2qyr1+6PuM/Ca2nKN4wLIX2vwyN3vZjR15nkIaHQGlTaJlNk2NEG1YTxsIQ9axDjNtyL80kjUr5M8zxW6s0h3451zr1b21EetP1i+1POIjS9uWXv5iabF+1Qb1GaS4FAYzzpqNY+moLzY7Zqfi05MPsMYkNoZ1Kg5aj0IuZb0OM9i6ZJrFs9nYAGG0uLSUTfrs957f9nokFyILGYg5xY46YN3uQrqfZifvcR0KaEdxEKvnfq0qrNG3uYLR/OYm2yblRcNbWgDoQ1hH7qa9uJM2JrPM07s4sJGkqfAib8Hwz9+l7jMrL6KIGUOA4aX0B1KZaIKKiZa42WlgdbeA17aW3laIqS5mZCkI3pLMYZAxe+A6rQi+V8ZAvDSyOL/Vws3lboXaN5QLu17R8uCY7MkIAvRBiZSpdWNeX3JO5m6zexkxkrFlxyEBf+ott4ATSw+eMYMs8i5xQRqPjgO1cABWkUdGpw== martin.moe.carstens@itpartner.no" ]; + + fs.nfs.enable = true; + fs.nfs.exports = '' + /vol/brick0/nfs0 10.253.18.0/24(insecure,rw,sync,no_subtree_check,crossmnt,fsid=0,no_root_squash) + ''; }; - - base = import ../../lib/base.nix { inherit pkgs lib settings here; }; - - fsConfig = node: conf: - let cert = base.hostCerts.${node}; - in - { - boot.kernelModules = [ - "dm_snapshot" - "dm_mirror" - "dm_thin_pool" - ]; - - networking = { - hostName = node; - extraHosts = settings.clusterHosts; - firewall.allowedTCPPortRanges = [ { from = 5000; to = 50000; } ]; - firewall.allowedTCPPorts = [ 111 2049 ]; - firewall.allowedUDPPorts = [ 111 2049 24007 24008 ]; - }; - - services.glusterfs = { - enable = false; - tlsSettings = { - caCert = base.pki.ca.cert; - tlsKeyPath = cert.key; - tlsPem = cert.cert; - }; - }; - - services.nfs.server = { - enable = true; - exports = '' - /vol/brick0/nfs0 10.253.18.0/24(insecure,rw,sync,no_subtree_check,crossmnt,fsid=0,no_root_squash) - ''; - }; - - environment.systemPackages = [ pkgs.lvm2 ]; - } // conf; in -base.baseDeployment { - fs0-0 = fsConfig "fs0-0" {}; -} + lib.fs.mkDeployment hosts