cluster/services/irc: refactor with hostLinks

This commit is contained in:
Max Headroom 2022-10-22 14:12:37 +02:00
parent b923e738e8
commit 1def40063d
2 changed files with 32 additions and 17 deletions

View file

@ -1,24 +1,37 @@
{ tools, ... }:
{ config, lib, tools, ... }:
let
inherit (tools.meta) domain;
subDomains = {
VEGAS = "eu1";
prophet = "eu2";
};
in
{
vars = {
ircServers = {
VEGAS.subDomain = "eu1";
prophet.subDomain = "eu2";
};
ircPeerKey = {
file = ./irc-peer-key.age;
owner = "ngircd";
group = "ngircd";
};
};
hostLinks = lib.genAttrs config.services.irc.nodes.host (name: {
irc = {
ipv4 = "${subDomains.${name}}.irc.${domain}";
inherit (config.links.irc) port;
};
ircSecure = {
ipv4 = "${subDomains.${name}}.irc.${domain}";
inherit (config.links.ircSecure) port;
};
});
links = {
irc = {
ipv4 = "irc.${tools.meta.domain}";
ipv4 = "irc.${domain}";
port = 6667;
};
ircSecure = {
ipv4 = "irc.${tools.meta.domain}";
ipv4 = "irc.${domain}";
port = 6697;
};
};

View file

@ -1,21 +1,23 @@
{ cluster, config, pkgs, tools, ... }:
let
inherit (tools.meta) domain adminEmail;
inherit (tools.meta) adminEmail;
inherit (cluster) vars;
inherit (vars.ircServers.${vars.hostName}) subDomain;
link = cluster.config.links.irc;
linkSecure = cluster.config.links.ircSecure;
linkGlobalSecure = cluster.config.links.ircSecure;
link = cluster.config.hostLinks.${vars.hostName}.irc;
linkSecure = cluster.config.hostLinks.${vars.hostName}.ircSecure;
otherServers = map mkServer cluster.config.services.irc.otherNodes.host;
otherServerFiles = map (builtins.toFile "ngircd-peer.conf") otherServers;
opers = map mkOper [ "max" "num" "ark" ];
mkServer = name: ''
mkServer = name: let
peerLink = cluster.config.hostLinks.${name}.ircSecure;
in ''
[Server]
Name = ${vars.ircServers.${name}.subDomain}.irc.${domain}
Host = ${vars.ircServers.${name}.subDomain}.irc.${domain}
Port = ${linkSecure.portStr}
Name = ${peerLink.ipv4}
Host = ${peerLink.ipv4}
Port = ${peerLink.portStr}
MyPassword = @PEER_PASSWORD@
PeerPassword = @PEER_PASSWORD@
SSLConnect = yes
@ -30,7 +32,7 @@ let
Mask = *!${name}@*
'';
serverName = "${subDomain}.irc.${domain}";
serverName = linkSecure.ipv4;
cert = config.security.acme.certs."${serverName}";
dh = config.security.dhparams.params.ngircd;
in {
@ -82,7 +84,7 @@ in {
dnsProvider = "pdns";
group = "ngircd";
reloadServices = [ "ngircd" ];
extraDomainNames = [ "irc.${domain}" ];
extraDomainNames = [ linkGlobalSecure.ipv4 ];
};
security.pam.services.ngircd = {
text = ''