makefu/stockholm
1
0
Fork 0
Code Issues Pull requests Actions 1 Packages Projects Releases Wiki Activity

* tv identity: define type harder

Browse source
This commit is contained in:
tv 2015-07-23 00:37:21 +02:00
parent 14ac6d3bba
commit 504b1b90e8
10 changed files with 230 additions and 110 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
1systems/tv/cd.nix
View file

@ -35,11 +35,8 @@ in
singleton config.tv.github-hosts-sync.port; singleton config.tv.github-hosts-sync.port;
} }
{ {
imports = [ ../../3modules/tv/identity.nix ]; imports = [ ../../2configs/tv/identity.nix ];
tv.identity = { tv.identity.self = config.tv.identity.hosts.cd;
enable = true;
self = config.tv.identity.hosts.cd;
};
} }
{ {
imports = [ ../../3modules/tv/iptables.nix ]; imports = [ ../../3modules/tv/iptables.nix ];

7
1systems/tv/mkdir.nix
View file

@ -11,11 +11,8 @@ with lib;
../../2configs/tv/exim-smarthost.nix ../../2configs/tv/exim-smarthost.nix
../../2configs/tv/git-public.nix ../../2configs/tv/git-public.nix
{ {
imports = [ ../../3modules/tv/identity.nix ]; imports = [ ../../2configs/tv/identity.nix ];
tv.identity = { tv.identity.self = config.tv.identity.hosts.mkdir;
enable = true;
self = config.tv.identity.hosts.mkdir;
};
} }
{ {
imports = [ ../../3modules/tv/iptables.nix ]; imports = [ ../../3modules/tv/iptables.nix ];

7
1systems/tv/nomic.nix
View file

@ -10,11 +10,8 @@ with lib;
../../2configs/tv/exim-retiolum.nix ../../2configs/tv/exim-retiolum.nix
../../2configs/tv/git-public.nix ../../2configs/tv/git-public.nix
{ {
imports = [ ../../3modules/tv/identity.nix ]; imports = [ ../../2configs/tv/identity.nix ];
tv.identity = { tv.identity.self = config.tv.identity.hosts.nomic;
enable = true;
self = config.tv.identity.hosts.nomic;
};
} }
{ {
imports = [ ../../3modules/tv/iptables.nix ]; imports = [ ../../3modules/tv/iptables.nix ];

7
1systems/tv/rmdir.nix
View file

@ -11,11 +11,8 @@ with lib;
../../2configs/tv/exim-smarthost.nix ../../2configs/tv/exim-smarthost.nix
../../2configs/tv/git-public.nix ../../2configs/tv/git-public.nix
{ {
imports = [ ../../3modules/tv/identity.nix ]; imports = [ ../../2configs/tv/identity.nix ];
tv.identity = { tv.identity.self = config.tv.identity.hosts.rmdir;
enable = true;
self = config.tv.identity.hosts.rmdir;
};
} }
{ {
imports = [ ../../3modules/tv/iptables.nix ]; imports = [ ../../3modules/tv/iptables.nix ];

7
1systems/tv/wu.nix
View file

@ -18,11 +18,8 @@ in
../../2configs/tv/xserver.nix ../../2configs/tv/xserver.nix
../../2configs/tv/synaptics.nix # TODO w110er if xserver is enabled ../../2configs/tv/synaptics.nix # TODO w110er if xserver is enabled
{ {
imports = [ ../../3modules/tv/identity.nix ]; imports = [ ../../2configs/tv/identity.nix ];
tv.identity = { tv.identity.self = config.tv.identity.hosts.wu;
enable = true;
self = config.tv.identity.hosts.wu;
};
} }
{ {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [

16
2configs/tv/charybdis.nix
View file

@ -123,7 +123,7 @@ let
#loadmodule "extensions/ip_cloaking.so"; #loadmodule "extensions/ip_cloaking.so";
serverinfo { serverinfo {
name = ${toJSON config.tv.identity.self.fqdn}; name = ${toJSON (head config.tv.identity.self.nets.retiolum.aliases)};
sid = "4z3"; sid = "4z3";
description = "miep!"; description = "miep!";
network_name = "irc.retiolum"; network_name = "irc.retiolum";
@ -133,9 +133,9 @@ let
/* On multi-homed hosts you may need the following. These define /* On multi-homed hosts you may need the following. These define
* the addresses we connect from to other servers. */ * the addresses we connect from to other servers. */
/* for IPv4 */ /* for IPv4 */
vhost = ${toJSON config.tv.identity.self.addr}; vhost = ${concatMapStringsSep ", " toJSON config.tv.identity.self.nets.retiolum.addrs4};
/* for IPv6 */ /* for IPv6 */
vhost6 = ${toJSON config.tv.identity.self.addr6}; vhost6 = ${concatMapStringsSep ", " toJSON config.tv.identity.self.nets.retiolum.addrs6};
/* ssl_private_key: our ssl private key */ /* ssl_private_key: our ssl private key */
ssl_private_key = "/tmp/ssl.key"; ssl_private_key = "/tmp/ssl.key";
@ -238,12 +238,10 @@ let
/* If you want to listen on a specific IP only, specify host. /* If you want to listen on a specific IP only, specify host.
* host definitions apply only to the following port line. * host definitions apply only to the following port line.
*/ */
host = ${toJSON config.tv.identity.self.addr}; # XXX This is stupid because only one host is allowed[?]
port = 6667; #host = ''${concatMapStringsSep ", " toJSON (
sslport = 6697; # config.tv.identity.self.nets.retiolum.addrs
#)};
/* Listen on IPv6 (if you used host= above). */
host = ${toJSON config.tv.identity.self.addr6};
port = 6667; port = 6667;
sslport = 6697; sslport = 6697;
}; };

91
2configs/tv/identity.nix Normal file
View file

@ -0,0 +1,91 @@
{ config, ... }:
{
imports = [ ../../3modules/tv/identity.nix ];
tv.identity = {
enable = true;
hosts = {
cd = {
cores = 2;
dc = "tv"; #dc = "cac";
nets = {
internet = {
addrs4 = ["162.219.7.216"];
aliases = [
"cd.internet"
"cd.viljetic.de"
"cgit.cd.viljetic.de"
"cd.krebsco.de"
];
};
retiolum = {
addrs4 = ["10.243.113.222"];
addrs6 = ["42:4522:25f8:36bb:8ccb:0150:231a:2af3"];
aliases = [
"cd.retiolum"
"cgit.cd.retiolum"
];
};
};
search = "retiolum";
};
mkdir = {
cores = 1;
dc = "tv"; #dc = "cac";
nets = {
retiolum = {
addrs4 = ["10.243.113.223"];
aliases = [
"mkdir.retiolum"
"cgit.mkdir.retiolum"
];
};
};
search = "retiolum";
};
nomic = {
cores = 2;
dc = "tv"; #dc = "gg23";
nets = {
retiolum = {
addrs4 = ["10.243.0.110"];
aliases = [
"nomic.retiolum"
"cgit.nomic.retiolum"
];
};
};
search = "retiolum";
};
rmdir = {
cores = 1;
dc = "tv"; #dc = "cac";
nets = {
retiolum = {
addrs4 = ["10.243.113.224"];
addrs6 = ["42:4522:25f8:36bb:8ccb:0150:231a:2af5"];
aliases = [
"rmdir.retiolum"
"cgit.rmdir.retiolum"
];
};
};
search = "retiolum";
};
wu = {
cores = 4;
# TODO wu is mobile, so dc means "home data center"
dc = "tv"; #dc = "gg23";
nets = {
retiolum = {
addrs4 = ["10.243.13.37"];
aliases = [
"wu.retiolum"
];
};
};
search = "retiolum";
};
};
};
}

15
3modules/tv/consul.nix
View file

@ -5,8 +5,7 @@
# TODO consul-bootstrap HOST that actually does is # TODO consul-bootstrap HOST that actually does is
# TODO tools to inspect state of a cluster in outage state # TODO tools to inspect state of a cluster in outage state
with builtins; with import ../../4lib/tv { inherit lib pkgs; };
with lib;
let let
cfg = config.tv.consul; cfg = config.tv.consul;
@ -24,10 +23,10 @@ let
enable = mkEnableOption "tv.consul"; enable = mkEnableOption "tv.consul";
dc = mkOption { dc = mkOption {
type = types.unspecified; type = types.label;
}; };
hosts = mkOption { hosts = mkOption {
type = with types; listOf unspecified; type = with types; listOf host;
}; };
encrypt-file = mkOption { encrypt-file = mkOption {
type = types.str; # TODO path (but not just into store) type = types.str; # TODO path (but not just into store)
@ -38,7 +37,7 @@ let
default = "/var/lib/consul"; default = "/var/lib/consul";
}; };
self = mkOption { self = mkOption {
type = types.unspecified; type = types.host;
}; };
server = mkOption { server = mkOption {
type = types.bool; type = types.bool;
@ -56,9 +55,11 @@ let
log_level = "INFO"; log_level = "INFO";
#node_name = #node_name =
server = cfg.server; server = cfg.server;
bind_addr = cfg.self.addr; # TODO cfg.addr
enable_syslog = true; enable_syslog = true;
retry_join = map (getAttr "addr") (filter (host: host.fqdn != cfg.self.fqdn) cfg.hosts); retry_join =
# TODO allow consul in other nets than retiolum [maybe]
concatMap (host: host.nets.retiolum.addrs)
(filter (host: host.name != cfg.self.name) cfg.hosts);
leave_on_terminate = true; leave_on_terminate = true;
} // optionalAttrs cfg.server { } // optionalAttrs cfg.server {
bootstrap_expect = length cfg.hosts; bootstrap_expect = length cfg.hosts;

119
3modules/tv/identity.nix
View file

@ -1,6 +1,6 @@
{ config, lib, ... }: { config, lib, pkgs, ... }:
with lib; with import ../../4lib/tv { inherit lib pkgs; };
let let
cfg = config.tv.identity; cfg = config.tv.identity;
@ -13,77 +13,66 @@ let
enable = mkEnableOption "tv.identity"; enable = mkEnableOption "tv.identity";
self = mkOption { self = mkOption {
type = types.unspecified; type = types.host;
}; };
others = mkOption {
type = types.host;
default = filterAttrs (name: _host: name != cfg.self.name) cfg.hosts;
};
hosts = mkOption { hosts = mkOption {
type = with types; attrsOf unspecified; type = with types; attrsOf host;
default = { apply = mapAttrs (name: value: value // { inherit name; });
cd = {
#dc = "cac";
dc = "tv";
fqdn = "cd.retiolum";
subdomains = [
"cgit"
];
addr = "10.243.113.222";
addr6 = "42:4522:25f8:36bb:8ccb:0150:231a:2af3";
#internet-addr = "162.219.5.183";
cores = 2;
};
mkdir = {
#dc = "cac";
dc = "tv";
fqdn = "mkdir.retiolum";
subdomains = [
"cgit"
];
addr = "10.243.113.223";
cores = 1;
};
nomic = {
#dc = "gg";
dc = "tv";
fqdn = "nomic.retiolum";
subdomains = [
"cgit"
];
addr = "10.243.0.110";
cores = 2;
};
rmdir = {
#dc = "cac";
dc = "tv";
fqdn = "rmdir.retiolum";
subdomains = [
"cgit"
];
addr = "10.243.113.224";
#addr = "42:4522:25f8:36bb:8ccb:0150:231a:2af5";
cores = 1;
};
wu = {
#dc = "gg";
dc = "tv";
fqdn = "wu.retiolum";
subdomains = [
"cgit"
];
addr = "10.243.13.37";
cores = 8;
};
};
}; };
}; };
imp = { imp = {
networking.extraHosts = networking.extraHosts =
let concatStringsSep "\n" (flatten (
f = name: { addr, fqdn, subdomains, ... }: '' # TODO deepMap ["hosts" "nets"] (hostname: host: netname: net:
${addr} ${toString (map (s: "${s}.${name} ${s}.${fqdn}") subdomains)} mapAttrsToList (hostname: host:
''; mapAttrsToList (netname: net:
in let
concatStringsSep "\n" (mapAttrsToList f cfg.hosts); aliases = toString (unique (longs ++ shorts));
longs = (splitByProvider net.aliases).hosts;
shorts = map (removeSuffix ".${cfg.self.search}") longs;
in
map (addr: "${addr} ${aliases}") net.addrs
) host.nets
) cfg.hosts
));
}; };
# TODO move domain name providers to a dedicated module
# providers : tree label providername
providers = {
internet = "hosts";
retiolum = "hosts";
de.viljetic = "regfish";
de.krebsco = "ovh";
};
# splitByProvider : [alias] -> set providername [alias]
splitByProvider = foldl (acc: alias: insert (providerOf alias) alias acc) {};
# providerOf : alias -> providername
providerOf = alias:
tree-get (splitString "." alias) providers;
# insert : k -> v -> set k [v] -> set k [v]
insert = name: value: set:
set // { ${name} = set.${name} or [] ++ [value]; };
# tree k v = set k (either v (tree k v))
# tree-get : [k] -> tree k v -> v
tree-get = path: x:
let
y = x.${last path};
in
if typeOf y != "set"
then y
else tree-get (init path) y;
in in
out out

64
4lib/tv/default.nix
View file

@ -1,12 +1,10 @@
{ lib, pkgs, ... }: { lib, pkgs, ... }:
with builtins; with builtins;
with lib;
let builtins // lib // rec {
inherit (lib) mapAttrs stringAsChars;
in
rec {
git = import ./git.nix { git = import ./git.nix {
lib = lib // { lib = lib // {
inherit addNames; inherit addNames;
@ -59,4 +57,62 @@ rec {
else if c == "\n" then "'\n'" else if c == "\n" then "'\n'"
else "\\${c}"); else "\\${c}");
types = lib.types // (with lib.types; rec {
host = submodule {
options = {
name = mkOption {
type = label;
};
dc = mkOption {
type = label;
};
cores = mkOption {
type = positive;
};
nets = mkOption {
type = attrsOf net;
apply = x: assert hasAttr "retiolum" x; x;
};
search = mkOption {
type = hostname;
};
};
};
net = submodule ({ config, ... }: {
options = {
addrs = mkOption {
type = listOf addr;
apply = _: config.addrs4 ++ config.addrs6;
};
addrs4 = mkOption {
type = listOf addr4;
default = [];
};
addrs6 = mkOption {
type = listOf addr6;
default = [];
};
aliases = mkOption {
# TODO nonEmptyListOf hostname
type = listOf hostname;
};
};
});
positive = mkOptionType {
name = "positive integer";
check = x: isInt x && x > 0;
merge = mergeOneOption;
};
# TODO
addr = str;
addr4 = str;
addr6 = str;
hostname = str;
label = str;
});
} }