68 lines
1.6 KiB
Nix
68 lines
1.6 KiB
Nix
with import <nixpkgs> {};
|
|
let
|
|
pki = pkgs.callPackage ./lib/pki.nix {};
|
|
clusterHosts = ''
|
|
10.253.18.106 fs0-0 fs0-0.local
|
|
10.1.2.164 fs0-1 fs0-1.local
|
|
10.253.18.100 fs0-2 fs0-2.local
|
|
'';
|
|
|
|
nixosConfig = node: ip:
|
|
let
|
|
cert = pki.trust node ''"${node}", "${ip}", "127.0.0.1"'';
|
|
in
|
|
{
|
|
imports = [
|
|
(./nixos/hardware-configuration + "/${node}.nix")
|
|
./nixos/configuration.nix
|
|
];
|
|
boot.kernelModules = [
|
|
"dm_snapshot"
|
|
"dm_mirror"
|
|
"dm_thin_pool"
|
|
];
|
|
networking = {
|
|
hostName = node;
|
|
extraHosts = clusterHosts;
|
|
firewall.allowedTCPPortRanges = [ { from = 5000; to = 50000; } ];
|
|
firewall.allowedTCPPorts = [ 111 ];
|
|
firewall.allowedUDPPorts = [ 111 24007 24008 ];
|
|
};
|
|
services.glusterfs = {
|
|
enable = true;
|
|
tlsSettings = {
|
|
caCert = pki.ca.cert;
|
|
tlsKeyPath = cert.key;
|
|
tlsPem = cert.cert;
|
|
};
|
|
};
|
|
environment.systemPackages = [ pkgs.lvm2 ];
|
|
};
|
|
in
|
|
{
|
|
fs0-0 = { ... }:
|
|
let
|
|
base = nixosConfig "fs0-0" "10.253.18.106";
|
|
in
|
|
{
|
|
deployment.targetHost = "10.253.18.106";
|
|
require = [ base ];
|
|
services.nfs.server = {
|
|
enable=true;
|
|
exports= ''
|
|
/vol/brick0/nfs0 10.253.18.0/24(insecure,rw,sync,no_subtree_check,crossmnt,fsid=0,no_root_squash)
|
|
'';
|
|
};
|
|
networking.firewall.allowedTCPPorts = [ 111 2049 ];
|
|
networking.firewall.allowedUDPPorts = [ 111 2049 ];
|
|
};
|
|
fs0-1 = { ... }:
|
|
let
|
|
base = nixosConfig "fs0-1" "10.1.2.164";
|
|
in
|
|
{
|
|
deployment.targetHost = "10.1.2.164";
|
|
require = [ base ];
|
|
};
|
|
}
|