privatevoid.net/depot
1
1
Fork 0
Code Issues 23 Pull requests 2 Projects 3 Releases Packages Wiki Activity Actions

cluster/services/frangiclave: some cluster stuff

Browse source
This commit is contained in:
Max Headroom 2024-07-20 23:52:16 +02:00
parent 3179d90463
commit 18a376e8dd
2 changed files with 25 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
cluster/services/frangiclave/default.nix
View file

@ -1,13 +1,21 @@
{ config, ... }:
{ {
services.frangiclave = { services.frangiclave = {
nodes = { nodes = {
server = [ "VEGAS" "grail" "prophet" ]; # 3 reliable nodes server = [ "VEGAS" "grail" "prophet" ];
cluster = config.services.frangiclave.nodes.server;
agent = []; # all nodes, for vault-agent, secret templates, etc. agent = []; # all nodes, for vault-agent, secret templates, etc.
}; };
meshLinks = {
server.link.protocol = "http";
cluster.link.protocol = "http";
};
nixos = { nixos = {
server = [ server = [
./server.nix ./server.nix
]; ];
cluster = [];
agent = []; agent = [];
}; };
}; };

17
cluster/services/frangiclave/server.nix
View file

@ -1,8 +1,23 @@
{ depot, ... }: { cluster, config, depot, ... }:
let
apiLink = cluster.config.hostLinks.${config.networking.hostName}.frangiclave-server;
clusterLink = cluster.config.hostLinks.${config.networking.hostName}.frangiclave-cluster;
in
{ {
services.vault = { services.vault = {
enable = true; enable = true;
package = depot.packages.openbao; package = depot.packages.openbao;
address = apiLink.tuple;
extraConfig = /*hcl*/ ''
api_addr = "${apiLink.url}"
cluster_addr = "${clusterLink.url}"
'';
storageBackend = "raft";
storageConfig = /*hcl*/ ''
node_id = "x${builtins.hashString "sha256" "frangiclave-node-${config.networking.hostName}"}"
'';
}; };
} }