garage/script/jepsen.garage/garage-cluster.nix

{ config, lib, pkgs, ... }:
let
  unstable = import ./unstable.nix;
  addressMap =
    {
      "n1" = { localAddress = "10.233.0.101"; hostAddress = "10.233.1.101"; };
      "n2" = { localAddress = "10.233.0.102"; hostAddress = "10.233.1.102"; };
      "n3" = { localAddress = "10.233.0.103"; hostAddress = "10.233.1.103"; };
      "n4" = { localAddress = "10.233.0.104"; hostAddress = "10.233.1.104"; };
      "n5" = { localAddress = "10.233.0.105"; hostAddress = "10.233.1.105"; };
    };
  toHostsEntry = name: { localAddress, ... }: "${localAddress} ${name}";
  extraHosts =
    builtins.concatStringsSep "\n"
      (lib.attrsets.mapAttrsToList toHostsEntry addressMap);
  nodeConfig = hostName: { localAddress, hostAddress }: {
    inherit localAddress hostAddress;

    ephemeral = true;
    autoStart = true;
    privateNetwork = true;

    config = { config, pkgs, ... }:
      {
        networking = {
          inherit hostName extraHosts;
        };

        services.openssh = {
          enable = true;
          permitRootLogin = "yes";
        };
        users.users.root.initialPassword = "root";

        system.stateVersion = "22.11";

        services.garage = {
          enable = true;
          logLevel = "debug";
          settings.replication_mode = "3";
        };

        # Workaround for nixos-container issue
        # (see https://github.com/NixOS/nixpkgs/issues/67265 and
        # https://github.com/NixOS/nixpkgs/pull/81371#issuecomment-605526099).
        # The etcd service is of type "notify", which means that
        # etcd would not be considered started until etcd is fully online;
        # however, since NixOS container networking only works sometime *after*
        # multi-user.target, we forgo etcd's notification entirely.
        systemd.services.etcd.serviceConfig.Type = lib.mkForce "exec";

        systemd.services.etcd.serviceConfig.StandardOutput = "file:/var/log/etcd.log";
        systemd.services.etcd.serviceConfig.StandardError = "file:/var/log/etcd.log";

        networking.firewall.allowedTCPPorts = [ 2379 2380 ];
      };
  };
in
{
  containers = lib.attrsets.mapAttrs nodeConfig addressMap;
  networking = {
    inherit extraHosts;
  };
}
jepsen: wip 2023-04-18 10:14:13 +00:00			`{ config, lib, pkgs, ... }:`
			`let`
			`unstable = import ./unstable.nix;`
			`addressMap =`
			`{`
			`"n1" = { localAddress = "10.233.0.101"; hostAddress = "10.233.1.101"; };`
			`"n2" = { localAddress = "10.233.0.102"; hostAddress = "10.233.1.102"; };`
			`"n3" = { localAddress = "10.233.0.103"; hostAddress = "10.233.1.103"; };`
			`"n4" = { localAddress = "10.233.0.104"; hostAddress = "10.233.1.104"; };`
			`"n5" = { localAddress = "10.233.0.105"; hostAddress = "10.233.1.105"; };`
			`};`
			`toHostsEntry = name: { localAddress, ... }: "${localAddress} ${name}";`
			`extraHosts =`
			`builtins.concatStringsSep "\n"`
			`(lib.attrsets.mapAttrsToList toHostsEntry addressMap);`
			`nodeConfig = hostName: { localAddress, hostAddress }: {`
			`inherit localAddress hostAddress;`

			`ephemeral = true;`
			`autoStart = true;`
			`privateNetwork = true;`

			`config = { config, pkgs, ... }:`
			`{`
			`networking = {`
			`inherit hostName extraHosts;`
			`};`

			`services.openssh = {`
			`enable = true;`
			`permitRootLogin = "yes";`
			`};`
			`users.users.root.initialPassword = "root";`

			`system.stateVersion = "22.11";`

			`services.garage = {`
			`enable = true;`
			`logLevel = "debug";`
			`settings.replication_mode = "3";`
			`};`

			`# Workaround for nixos-container issue`
			`# (see https://github.com/NixOS/nixpkgs/issues/67265 and`
			`# https://github.com/NixOS/nixpkgs/pull/81371#issuecomment-605526099).`
			`# The etcd service is of type "notify", which means that`
			`# etcd would not be considered started until etcd is fully online;`
			`# however, since NixOS container networking only works sometime after`
			`# multi-user.target, we forgo etcd's notification entirely.`
			`systemd.services.etcd.serviceConfig.Type = lib.mkForce "exec";`

			`systemd.services.etcd.serviceConfig.StandardOutput = "file:/var/log/etcd.log";`
			`systemd.services.etcd.serviceConfig.StandardError = "file:/var/log/etcd.log";`

			`networking.firewall.allowedTCPPorts = [ 2379 2380 ];`
			`};`
			`};`
			`in`
			`{`
			`containers = lib.attrsets.mapAttrs nodeConfig addressMap;`
			`networking = {`
			`inherit extraHosts;`
			`};`
			`}`