Add fs0 cluster to new deployment infra

fs0/build.nix

@@ -0,0 +1,2 @@
+with import <nixpkgs> {};
+pkgs.callPackage ./certs.nix {}

fs0/certs.nix

@@ -0,0 +1,11 @@
+{ pkgs, ...}:
+let
+  pki = pkgs.callPackage ../lib/pki.nix {};
+in
+{
+    initca = pki.initca;
+    ca = pki.ca;
+    fs0-0 = pki.trust "fs0-0" ''"10.253.18.106", "127.0.0.1"'';
+    fs0-1 = pki.trust "fs0-1" ''"10.1.2.164", "127.0.0.1"'';
+}
+

fs0/deployment.nix

@@ -1,20 +1,21 @@
 with import <nixpkgs> {};
 let
-  pki = pkgs.callPackage ./lib/pki.nix {};
+  pki = pkgs.callPackage ../lib/pki.nix {};
+  certs = pkgs.callPackage ./certs.nix {};
   clusterHosts = ''
     10.253.18.106 fs0-0 fs0-0.local
     10.1.2.164    fs0-1 fs0-1.local
     10.253.18.100 fs0-2 fs0-2.local
   '';
 
-  nixosConfig = node: ip:
+  nixosConfig = node:
     let
-      cert = pki.trust node ''"${node}", "${ip}", "127.0.0.1"'';
+      cert = pki.toSet certs.${node};
     in
     {
       imports = [
-        (./nixos/hardware-configuration + "/${node}.nix")
+        (../nixos/hardware-configuration + "/${node}.nix")
-        ./nixos/configuration.nix
+        ../nixos/configuration.nix
       ];
       boot.kernelModules = [
         "dm_snapshot"
@@ -42,7 +43,7 @@ in
 {
   fs0-0 = { ... }:
     let
-      base = nixosConfig "fs0-0" "10.253.18.106";
+      base = nixosConfig "fs0-0";
     in
     {
       deployment.targetHost = "10.253.18.106";
@@ -58,7 +59,7 @@ in
     };
   fs0-1 = { ... }:
     let
-      base = nixosConfig "fs0-1" "10.1.2.164";
+      base = nixosConfig "fs0-1";
     in
     {
       deployment.targetHost = "10.1.2.164";

lib/pki.nix

@@ -112,10 +112,14 @@
     };
   };
 
-  trust = name: hosts: gencert rec {
+  trust = name: hosts:
+    let
+      hosts' = "\"${name}\", " + hosts;
+    in gencert rec {
       inherit name;
       csr = gencsr {
-      inherit name hosts;
+        inherit name;
+        hosts = hosts';
         cn = name;
         o = name;
       };