111 lines
2.4 KiB
Nix
111 lines
2.4 KiB
Nix
{ pkgs, cfg, lib, config, ... }:
|
|
with lib;
|
|
let
|
|
pki = import ./pki.nix { inherit pkgs; ca = cfg.initca; };
|
|
|
|
mkCert = host: {
|
|
${host.name} = pki.gencert {
|
|
cn = host.name;
|
|
ca = cfg.ca;
|
|
o = cfg.clusterName;
|
|
};
|
|
};
|
|
|
|
hostCerts = builtins.foldl'
|
|
(a: x: a // { ${x.name} = pki.gencert {
|
|
cn = x.name;
|
|
ca = x.ca;
|
|
o = cfg.clusterName;
|
|
};
|
|
}) {} cfg.hosts;
|
|
|
|
mkHost = host: self: {
|
|
deployment.targetHost = host.address;
|
|
require = [
|
|
(baseNixos host.name)
|
|
];
|
|
};
|
|
|
|
baseDeployment = nodes: attrs:
|
|
let
|
|
hosts =
|
|
builtins.foldl'
|
|
(a: x: a // { ${x.name} = mkHost x _; }) {} nodes;
|
|
hosts' = lib.recursiveUpdate hosts attrs;
|
|
names = builtins.attrNames hosts;
|
|
in
|
|
builtins.foldl' (a: x: a // { ${x} = self: hosts'.${x}; }) {} names;
|
|
|
|
in {
|
|
k8s = rec {
|
|
master = host: self: {
|
|
deployment.targetHost = host.address;
|
|
|
|
cluster = cfg // {
|
|
hostName = host.name;
|
|
cert = mkCert host.name;
|
|
k8s.master.enable = true;
|
|
k8s.node.enable = true;
|
|
};
|
|
|
|
imports = [ host.hw ./k8s.nix ];
|
|
};
|
|
|
|
node = host: self: {
|
|
deployment.targetHost = host.address;
|
|
|
|
cluster = cfg // {
|
|
hostName = host.name;
|
|
cert = mkCert host.name;
|
|
k8s.node.enable = true;
|
|
};
|
|
|
|
imports = [ host.hw ./k8s.nix ];
|
|
};
|
|
|
|
mkDeployment = masterNode: workerNodes:
|
|
let
|
|
apiserver = { "${master.name}" = apiserver masterNode; };
|
|
in
|
|
builtins.foldl' (a: x:
|
|
a // { "${x.name}" = mkWorker x; }) apiserver workerNodes;
|
|
};
|
|
|
|
fs = rec {
|
|
mkNode = host: self: {
|
|
deployment.targetHost = host.address;
|
|
|
|
cluster = cfg // {
|
|
hostName = host.name;
|
|
cert = mkCert host.name;
|
|
};
|
|
|
|
imports = [ host.hw ./fs.nix ];
|
|
};
|
|
|
|
mkDeployment = nodes:
|
|
builtins.foldl' (a: x:
|
|
a // { "${x.name}" = mkNode x; }) {} nodes;
|
|
} ;
|
|
|
|
host = rec {
|
|
node = host: self: {
|
|
deployment.targetHost = host.address;
|
|
|
|
cluster = cfg // {
|
|
hostName = host.name;
|
|
cert = mkCert host.name;
|
|
};
|
|
|
|
imports = [ host.hw ./os.nix ];
|
|
};
|
|
|
|
mkDeployment = masterNode: workerNodes:
|
|
let
|
|
master = { "${master.name}" = apiserver masterNode; };
|
|
in
|
|
builtins.foldl' (a: x:
|
|
a // { "${x.name}" = mkWorker x; }) master workerNodes;
|
|
};
|
|
}
|