Added server options for nomad and consul

2024-02-11 20:58:26 +01:00
parent 042e246b1b
commit e716f7cb7d
14 changed files with 204 additions and 39 deletions
--- a/modules/server/consul.nix
+++ b/modules/server/consul.nix
@@ -2,11 +2,18 @@

 let
  cfg = config.samfelag.modules.server.consul;
+  nameservers = config.networking.nomeservers;
 in
 {
  options.samfelag.modules.server.consul = {
    enable = lib.mkEnableOption "consul";

+    server = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = "Set to true if configured a server - otherwise a client is assumed";
+    };
+
    agent-token = lib.mkOption {
      type = lib.types.str;
      description = "Agent token config file (should be secret)";
@@ -17,30 +24,51 @@ in
    services.consul = {
      enable = true;
      webUi = true;
+    } // lib.optionalAttrs cfg.server {
+      extraConfig = {
+        recursors = config.networking.nameservers;
+      };
    };

    environment.etc = {
-      agent-ca = {
+      consul-agent-ca = {
        # Consul agent CA
        target = "consul.d/certs/consul-agent-ca.pem";
        source = config.age.secrets."consul.d/consul-agent-ca.pem".path;
      };
-      gossip = {
+      consul-gossip = {
        # Gossip encryption key
        target = "consul.d/gossip.json";
        source = config.age.secrets."consul.d/gossip.json".path;
      };
-      client = {
-        # Client config
-        target = "consul.d/client.json";
-        source = ../../config/consul.d/client.json;
+      consul-common-cfg = {
+        # Common config
+        target = "consul.d/common.json";
+        source = ../../config/consul.d/common.json;
      };
-      agent-token = {
+      consul-server-list = {
+        # Server list
+        target = "consul.d/server-list.json";
+        source = ../../config/consul.d/server-list.json;
+      };
+      consul-agent-token = {
        # Agent token
        target = "consul.d/agent-token.json";
        source = cfg.agent-token;
      };
-    };
+    } // (if cfg.server then {
+      consul-server-cfg = {
+        # Server config
+        target = "consul.d/server.json";
+        source = ../../config/consul.d/server.json;
+      };
+    } else {
+      consul-client-cfg = {
+        # Client config
+        target = "consul.d/client.json";
+        source = ../../config/consul.d/client.json;
+      };
+    });

    # networking.firewall.allowedTCPPorts = [ 22 ];
  };