# SPDX-FileCopyrightText: 2020 Luke Granger-Brown <depot@lukegb.com> # # SPDX-License-Identifier: Apache-2.0 { depot, lib, pkgs, rebuilder, config, ... }: let inherit (depot.ops) secrets; in { imports = [ ../lib/blade.nix ]; boot.loader.grub.device = "/dev/disk/by-id/usb-USB_SanDisk_3.2Gen1_0101da58c052a35c497ff39f7bd33f46a018bf2f2cd4503e52a89df5e552da8d661f000000000000000000005e0619e7ff90240091558107b6a8e58d-0:0"; # Networking! networking = { hostName = "blade-paris"; hostId = "41b2a198"; interfaces.br-public.ipv4.addresses = [{ address = "92.118.28.1"; prefixLength = 24; }]; interfaces.en-internet.ipv4.addresses = [{ address = "195.74.55.23"; prefixLength = 31; }]; interfaces.en-internet.ipv6.addresses = [{ address = "2a03:ee40:8080:9:2::2"; prefixLength = 126; }]; defaultGateway = "195.74.55.22"; defaultGateway6 = "2a03:ee40:8080:9:2::1"; firewall.extraCommands = "iptables -A INPUT -p vrrp -i br-mgmt -j ACCEPT"; }; my.ip.tailscale = "100.117.185.118"; my.blade.bay = 2; my.blade.macAddress = { internal = "e4:11:5b:ac:e4:8a"; storage = "e4:11:5b:ac:e4:8e"; internet = "e4:11:5b:ac:e4:8c"; }; services.ceph = { mon.enable = true; osd = { enable = true; daemons = [ "2" ]; }; }; services.keepalived = { enable = true; vrrpInstances.mgmtGateway = { interface = "br-mgmt"; state = "MASTER"; priority = 100; virtualIps = [{ addr = "10.100.0.1/23"; }]; virtualRouterId = 1; }; }; }