From 528ecd8bea5acbb951f5a8a280fdb40fd140e792 Mon Sep 17 00:00:00 2001
From: Victor <victor@xirion.net>
Date: Wed, 3 Nov 2021 22:55:03 +0100
Subject: [PATCH] add consul

---
 flake.lock                     |  8 +++----
 flake.nix                      | 16 ++++++++++++-
 hosts/consul/configuration.nix | 41 ++++++++++++++++++++++++++++++++++
 hosts/vault/configuration.nix  | 18 ++-------------
 4 files changed, 62 insertions(+), 21 deletions(-)
 create mode 100644 hosts/consul/configuration.nix

diff --git a/flake.lock b/flake.lock
index 915caae..257001c 100644
--- a/flake.lock
+++ b/flake.lock
@@ -54,16 +54,16 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1635835164,
-        "narHash": "sha256-E8MI6D+uX5O7MJwfEa+MZb7L9tonbbn4VZDkqkLZeQc=",
+        "lastModified": 1635844945,
+        "narHash": "sha256-tZcL307dj28jgEU1Wdn+zwG9neyW0H2+ZjdVhvJxh9g=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "94d91a448b87a70204485bd768977c07575911e8",
+        "rev": "b67e752c29f18a0ca5534a07661366d6a2c2e649",
         "type": "github"
       },
       "original": {
         "owner": "NixOS",
-        "ref": "nixos-unstable-small",
+        "ref": "nixos-unstable",
         "repo": "nixpkgs",
         "type": "github"
       }
diff --git a/flake.nix b/flake.nix
index 77fb984..8af8313 100644
--- a/flake.nix
+++ b/flake.nix
@@ -2,7 +2,7 @@
   description = "Delft Deployment";
 
   inputs.deploy-rs.url = "github:serokell/deploy-rs";
-  inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small";
+  inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
 
   outputs = { self, nixpkgs, deploy-rs }: {
     nixosConfigurations.bastion = nixpkgs.lib.nixosSystem {
@@ -30,6 +30,11 @@
       modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/nginx/configuration.nix ];
     };
 
+    nixosConfigurations.consul = nixpkgs.lib.nixosSystem {
+      system = "x86_64-linux";
+      modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/consul/configuration.nix ];
+    };
+
     deploy.nodes.bastion = {
       hostname = "10.42.42.4";
       fastConnection = true;
@@ -75,6 +80,15 @@
       };
     };
 
+    deploy.nodes.consul = {
+      hostname = "10.42.42.14";
+      fastConnection = true;
+      profiles.system = {
+        user = "root";
+        path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.consul;
+      };
+    };
+
     checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
   };
 }
diff --git a/hosts/consul/configuration.nix b/hosts/consul/configuration.nix
new file mode 100644
index 0000000..7373578
--- /dev/null
+++ b/hosts/consul/configuration.nix
@@ -0,0 +1,41 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, ... }:
+
+{
+  imports = [
+    # Import common config
+    ../../common/generic-lxc.nix
+    ../../common
+  ];
+
+  networking.hostName = "vault";
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "21.05"; # Did you read the comment?
+
+  # Additional packages
+  environment.systemPackages = with pkgs; [ ];
+
+  # Vault
+  networking.firewall.allowedTCPPorts = [ 8200 ];
+
+  services.vault = {
+    enable = true;
+    # bin version includes the UI
+    package = pkgs.vault-bin;
+    address = "0.0.0.0:8200";
+    storageBackend = "file";
+    storagePath = "/var/lib/vault";
+    extraConfig = ''
+      ui = true
+    '';
+  };
+}
diff --git a/hosts/vault/configuration.nix b/hosts/vault/configuration.nix
index 19c46c0..28e3e5d 100644
--- a/hosts/vault/configuration.nix
+++ b/hosts/vault/configuration.nix
@@ -11,7 +11,7 @@
     ../../common
   ];
 
-  networking.hostName = "vault";
+  networking.hostName = "consul";
 
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions
@@ -24,19 +24,5 @@
   # Additional packages
   environment.systemPackages = with pkgs; [ ];
 
-  # Vault
-  networking.firewall.allowedTCPPorts = [ 8200 ];
-
-  services.vault = {
-    enable = true;
-    # bin version includes the UI
-    package = pkgs.vault-bin;
-    address = "0.0.0.0:8200";
-    storageBackend = "file";
-    storagePath = "/var/lib/vault";
-    extraConfig = ''
-      api_addr = "10.42.42.6:8200"
-      ui = true
-    '';
-  };
+  networking.firewall.allowedTCPPorts = [ ];
 }