feat: several updates
This commit is contained in:
Xavier Morel
@@ -218,6 +218,7 @@ in
|
||||
options = {
|
||||
ip_prefix = mkOption { type = str; };
|
||||
cidr = mkOption { type = int; };
|
||||
mask = mkOption { type = str; }; # TODO: Build from cidr
|
||||
gateway = mkOption { type = str; };
|
||||
domains = mkOption {
|
||||
type = submodule {
|
||||
@@ -232,7 +233,7 @@ in
|
||||
options = {
|
||||
login = mkOption { type = str; };
|
||||
email = mkOption { type = str; };
|
||||
public_ssh_key = mkOption { type = str; };
|
||||
public_ssh_keys = mkOption { type = listOf str; };
|
||||
initial_htpasswd = mkOption { type = str; };
|
||||
};
|
||||
};
|
||||
@@ -251,9 +252,8 @@ in
|
||||
dns_provider = mkOption { type = str; };
|
||||
|
||||
other_hosts = mkOption {
|
||||
type = listOf (submodule {
|
||||
type = attrsOf (submodule {
|
||||
options = {
|
||||
hostname = mkOption { type = str; };
|
||||
private = mkOption {
|
||||
type = bool;
|
||||
default = true;
|
||||
@@ -262,9 +262,24 @@ in
|
||||
type = bool;
|
||||
default = true;
|
||||
};
|
||||
addr = mkOption {
|
||||
# addr = mkOption {
|
||||
# type = str;
|
||||
# description = "ip:port for the service";
|
||||
# };
|
||||
protocol = mkOption {
|
||||
type = str;
|
||||
description = "ip:port for the service";
|
||||
default = "http";
|
||||
};
|
||||
ip = mkOption {
|
||||
type = int;
|
||||
};
|
||||
port = mkOption {
|
||||
type = nullOr int;
|
||||
default = null;
|
||||
};
|
||||
mac = mkOption {
|
||||
type = nullOr str;
|
||||
default = null;
|
||||
};
|
||||
useCustomCA = mkOption {
|
||||
type = bool;
|
||||
@@ -311,12 +326,15 @@ in
|
||||
(mergeConf (
|
||||
lib.attrValues (
|
||||
lib.mapAttrs (
|
||||
secretName': _:
|
||||
secretName': entry:
|
||||
let
|
||||
secretName = lib.removeSuffix ".age" secretName';
|
||||
in
|
||||
{
|
||||
age.secrets.${secretName}.file = ../secrets/${secretName'};
|
||||
age.secrets.${secretName} = {
|
||||
file = ../secrets/${secretName'};
|
||||
}
|
||||
// (entry.extra or { });
|
||||
}
|
||||
) (lib.filterAttrs (_: entry: builtins.elem ownKey entry.publicKeys) secrets)
|
||||
)
|
||||
|
||||
@@ -58,9 +58,7 @@ in
|
||||
time.timeZone = config.globals.default_tz;
|
||||
|
||||
users.users.root = {
|
||||
openssh.authorizedKeys.keys = [
|
||||
config.globals.master.public_ssh_key
|
||||
];
|
||||
openssh.authorizedKeys.keys = config.globals.master.public_ssh_keys;
|
||||
initialPassword = "nixos";
|
||||
};
|
||||
|
||||
|
||||
@@ -9,12 +9,19 @@ let
|
||||
(
|
||||
if (!lib.strings.isString arg) then
|
||||
"${config.globals.ip_prefix}${toString arg}"
|
||||
else
|
||||
else if (lib.hasAttr arg config.id) then
|
||||
let
|
||||
id = config.id.${arg};
|
||||
ip = if (id > 1000) then id - 1000 else id;
|
||||
in
|
||||
"${config.globals.ip_prefix}${toString ip}"
|
||||
else if (lib.hasAttr arg config.globals.other_hosts) then
|
||||
let
|
||||
ip = config.globals.other_hosts.${arg}.ip;
|
||||
in
|
||||
"${config.globals.ip_prefix}${toString ip}"
|
||||
else
|
||||
"${config.globals.ip_prefix}${toString arg}" # probably erroneous
|
||||
);
|
||||
build_ip_cidr = arg: "${build_ip arg}/${toString config.globals.cidr}";
|
||||
mask_cidr = build_ip_cidr 0;
|
||||
@@ -29,6 +36,12 @@ let
|
||||
db_name = base;
|
||||
in
|
||||
"postgresql://${db_user}:${db_pass}@${db_host}:${db_port}/${db_name}";
|
||||
build_proto_uri =
|
||||
proto: container: port:
|
||||
let
|
||||
ip = build_ip container;
|
||||
in
|
||||
"${proto}://${ip}:${toString port}";
|
||||
in
|
||||
{
|
||||
build_ip = build_ip;
|
||||
@@ -36,6 +49,7 @@ in
|
||||
mask_cidr = mask_cidr;
|
||||
build_hostname = build_hostname;
|
||||
build_db_uri = build_db_uri;
|
||||
build_proto_uri = build_proto_uri;
|
||||
|
||||
loki_addr = "${build_ip "monitoring"}:3100";
|
||||
metrics_addr = "${build_ip "metrics"}:9090";
|
||||
|
||||
Reference in New Issue
Block a user