cluster/services/frangiclave: some cluster stuff

This commit is contained in:
Max Headroom 2024-07-20 23:52:16 +02:00
parent de28fac9a0
commit e4c211aaa1
2 changed files with 25 additions and 2 deletions

View file

@ -1,13 +1,21 @@
{ config, ... }:
{ {
services.frangiclave = { services.frangiclave = {
nodes = { nodes = {
server = [ "VEGAS" "grail" "prophet" ]; # 3 reliable nodes server = [ "VEGAS" "grail" "prophet" ];
cluster = config.services.frangiclave.nodes.server;
agent = []; # all nodes, for vault-agent, secret templates, etc. agent = []; # all nodes, for vault-agent, secret templates, etc.
}; };
meshLinks = {
server.link.protocol = "http";
cluster.link.protocol = "http";
};
nixos = { nixos = {
server = [ server = [
./server.nix ./server.nix
]; ];
cluster = [];
agent = []; agent = [];
}; };
}; };

View file

@ -1,8 +1,23 @@
{ depot, ... }: { cluster, config, depot, ... }:
let
apiLink = cluster.config.hostLinks.${config.networking.hostName}.frangiclave-server;
clusterLink = cluster.config.hostLinks.${config.networking.hostName}.frangiclave-cluster;
in
{ {
services.vault = { services.vault = {
enable = true; enable = true;
package = depot.packages.openbao; package = depot.packages.openbao;
address = apiLink.tuple;
extraConfig = /*hcl*/ ''
api_addr = "${apiLink.url}"
cluster_addr = "${clusterLink.url}"
'';
storageBackend = "raft";
storageConfig = /*hcl*/ ''
node_id = "x${builtins.hashString "sha256" "frangiclave-node-${config.networking.hostName}"}"
'';
}; };
} }