privatevoid.net/depot
1
1
Fork 0
Code Issues 18 Pull requests 2 Projects 3 Releases Packages Wiki Activity Actions

cluster/services/irc: refactor with hostLinks

Browse source
This commit is contained in:
Max Headroom 2022-10-22 14:12:37 +02:00
parent b923e738e8
commit 1def40063d
2 changed files with 32 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
cluster/services/irc/default.nix
View file

@ -1,24 +1,37 @@
{ tools, ... }: { config, lib, tools, ... }:
let
inherit (tools.meta) domain;
subDomains = {
VEGAS = "eu1";
prophet = "eu2";
};
in
{ {
vars = { vars = {
ircServers = {
VEGAS.subDomain = "eu1";
prophet.subDomain = "eu2";
};
ircPeerKey = { ircPeerKey = {
file = ./irc-peer-key.age; file = ./irc-peer-key.age;
owner = "ngircd"; owner = "ngircd";
group = "ngircd"; group = "ngircd";
}; };
}; };
hostLinks = lib.genAttrs config.services.irc.nodes.host (name: {
irc = {
ipv4 = "${subDomains.${name}}.irc.${domain}";
inherit (config.links.irc) port;
};
ircSecure = {
ipv4 = "${subDomains.${name}}.irc.${domain}";
inherit (config.links.ircSecure) port;
};
});
links = { links = {
irc = { irc = {
ipv4 = "irc.${tools.meta.domain}"; ipv4 = "irc.${domain}";
port = 6667; port = 6667;
}; };
ircSecure = { ircSecure = {
ipv4 = "irc.${tools.meta.domain}"; ipv4 = "irc.${domain}";
port = 6697; port = 6697;
}; };
}; };

22
cluster/services/irc/irc-host.nix
View file

@ -1,21 +1,23 @@
{ cluster, config, pkgs, tools, ... }: { cluster, config, pkgs, tools, ... }:
let let
inherit (tools.meta) domain adminEmail; inherit (tools.meta) adminEmail;
inherit (cluster) vars; inherit (cluster) vars;
inherit (vars.ircServers.${vars.hostName}) subDomain;
link = cluster.config.links.irc; linkGlobalSecure = cluster.config.links.ircSecure;
linkSecure = cluster.config.links.ircSecure; link = cluster.config.hostLinks.${vars.hostName}.irc;
linkSecure = cluster.config.hostLinks.${vars.hostName}.ircSecure;
otherServers = map mkServer cluster.config.services.irc.otherNodes.host; otherServers = map mkServer cluster.config.services.irc.otherNodes.host;
otherServerFiles = map (builtins.toFile "ngircd-peer.conf") otherServers; otherServerFiles = map (builtins.toFile "ngircd-peer.conf") otherServers;
opers = map mkOper [ "max" "num" "ark" ]; opers = map mkOper [ "max" "num" "ark" ];
mkServer = name: '' mkServer = name: let
peerLink = cluster.config.hostLinks.${name}.ircSecure;
in ''
[Server] [Server]
Name = ${vars.ircServers.${name}.subDomain}.irc.${domain} Name = ${peerLink.ipv4}
Host = ${vars.ircServers.${name}.subDomain}.irc.${domain} Host = ${peerLink.ipv4}
Port = ${linkSecure.portStr} Port = ${peerLink.portStr}
MyPassword = @PEER_PASSWORD@ MyPassword = @PEER_PASSWORD@
PeerPassword = @PEER_PASSWORD@ PeerPassword = @PEER_PASSWORD@
SSLConnect = yes SSLConnect = yes
@ -30,7 +32,7 @@ let
Mask = *!${name}@* Mask = *!${name}@*
''; '';
serverName = "${subDomain}.irc.${domain}"; serverName = linkSecure.ipv4;
cert = config.security.acme.certs."${serverName}"; cert = config.security.acme.certs."${serverName}";
dh = config.security.dhparams.params.ngircd; dh = config.security.dhparams.params.ngircd;
in { in {
@ -82,7 +84,7 @@ in {
dnsProvider = "pdns"; dnsProvider = "pdns";
group = "ngircd"; group = "ngircd";
reloadServices = [ "ngircd" ]; reloadServices = [ "ngircd" ];
extraDomainNames = [ "irc.${domain}" ]; extraDomainNames = [ linkGlobalSecure.ipv4 ];
}; };
security.pam.services.ngircd = { security.pam.services.ngircd = {
text = '' text = ''