130 lines
2.7 KiB
Nix
130 lines
2.7 KiB
Nix
{ pkgs, cluster, customize ? {}, extraConfig ? {}, lib, config, ... }:
|
|
with lib;
|
|
let
|
|
cfg = cluster;
|
|
|
|
mkSANs = host: [
|
|
host.name
|
|
host.address
|
|
"127.0.0.1"
|
|
];
|
|
|
|
pki = import ./pki.nix { inherit pkgs; ca = cfg.initca; };
|
|
|
|
mkCert = host: {
|
|
${host.name} = pki.gencert {
|
|
cn = host.name;
|
|
ca = cfg.ca;
|
|
o = cfg.clusterName;
|
|
hosts = [
|
|
host.name
|
|
"${host.name}.${cfg.domain}"
|
|
host.address
|
|
"127.0.0.1"
|
|
];
|
|
};
|
|
};
|
|
in {
|
|
k8s = rec {
|
|
apiserver = host: self: {
|
|
deployment.targetHost = host.address;
|
|
|
|
inherit customize;
|
|
|
|
cluster = mkMerge [
|
|
cfg
|
|
{
|
|
hostName = host.name;
|
|
address = host.address;
|
|
k8s.master.enable = true;
|
|
k8s.node.enable = true;
|
|
}
|
|
];
|
|
|
|
services.kubernetes.kubelet.extraSANs = mkSANs host;
|
|
|
|
imports = [ host.hw extraConfig ./modules.nix ../overrides/kubelet.nix ];
|
|
};
|
|
|
|
node = host: self: {
|
|
deployment.targetHost = host.address;
|
|
|
|
inherit customize;
|
|
|
|
cluster = mkMerge [
|
|
cfg
|
|
{
|
|
hostName = host.name;
|
|
address = host.address;
|
|
k8s.node.enable = true;
|
|
}
|
|
];
|
|
|
|
services.kubernetes.kubelet.extraSANs = mkSANs host;
|
|
|
|
imports = [ host.hw extraConfig ./modules.nix ../overrides/kubelet.nix ];
|
|
};
|
|
|
|
mkDeployment = top:
|
|
let
|
|
master = cfg.k8s.master // { hw = "${top}/${master.name}.nix"; };
|
|
nodes = cfg.k8s.nodes;
|
|
server = { "${master.name}" = apiserver master; };
|
|
in
|
|
builtins.foldl' (a: x:
|
|
a // {
|
|
"${x.name}" = node (x // { hw = "${top}/${x.name}.nix"; });
|
|
}) server nodes;
|
|
};
|
|
|
|
fs = rec {
|
|
node = host: self: {
|
|
deployment.targetHost = host.address;
|
|
|
|
inherit customize;
|
|
|
|
cluster = mkMerge [
|
|
cfg
|
|
{
|
|
hostName = host.name;
|
|
address = host.address;
|
|
cert = mkCert host.name;
|
|
}
|
|
];
|
|
|
|
imports = [ host.hw extraConfig ./modules.nix ];
|
|
};
|
|
|
|
mkDeployment = top: nodes:
|
|
builtins.foldl' (a: x:
|
|
a // {
|
|
"${x.name}" = node (x // { hw = "${top}/${x.name}.nix"; });
|
|
}) {} nodes;
|
|
} ;
|
|
|
|
host = rec {
|
|
node = host: self: {
|
|
deployment.targetHost = host.address;
|
|
|
|
inherit customize;
|
|
|
|
cluster = mkMerge [
|
|
cfg
|
|
{
|
|
hostName = host.name;
|
|
address = host.address;
|
|
cert = mkCert host.name;
|
|
}
|
|
];
|
|
|
|
imports = [ host.hw extraConfig ./modules.nix ];
|
|
};
|
|
|
|
mkDeployment = top: nodes:
|
|
builtins.foldl' (a: x:
|
|
a // {
|
|
"${x.name}" = node (x // { hw = "${top}/${x.name}.nix"; });
|
|
}) {} nodes;
|
|
};
|
|
}
|