with import <nixpkgs> {};
let
  pki = pkgs.callPackage ./lib/pki.nix {};
  certs = {
    ca = pki.ca;
    apiserver = pki.apiserver ''
          "10.253.18.109",
          "10.0.0.1",
          "127.0.0.1",
          "kubernetes",
          "etcd0",
          "k1-0"
        '';
    kube-proxy = pki.kube-proxy;
    admin = pki.admin;
    etcd = pki.etcd ''
        "etcd0",
        "etcd1",
        "10.253.18.109",
        "10.253.18.110",
        "127.0.0.1"
      '';
      k1-0 = pki.worker { name = "k1-0"; ip = "10.253.18.109"; };
      k1-1 = pki.worker { name = "k1-1"; ip = "10.253.18.110"; };
  };
  cluster = callPackage ./lib/k8s.nix {
    masterNode = "10.253.18.109";
    etcdNodes = [ "etcd0" "etcd1" ];
    clusterHosts = ''
          10.253.18.109 k1-0 etcd0 kubernetes fs0-2
          10.253.18.110 k1-1 etcd1
          10.253.18.106 fs0-0
          10.1.2.164    fs0-1
          10.253.18.100 k0-0
    '';
    inherit certs;
  };
in
{
  k1-0 = { ... }:
  {
    require = [ (cluster.apiserver "10.253.18.109" "k1-0" "etcd0") ];
    services.dnsmasq.enable = true;
  };
  k1-1 = cluster.server "10.253.18.110" "k1-1" "etcd1";
}