# SPDX-FileCopyrightText: 2020 Luke Granger-Brown <depot@lukegb.com>
#
# SPDX-License-Identifier: Apache-2.0

{ depot, lib, pkgs, rebuilder, config, ... }:
let
  inherit (depot.ops) secrets;
in {
  imports = [
    ../lib/blade.nix
  ];

  boot.loader.grub.device = "/dev/disk/by-id/usb-USB_SanDisk_3.2Gen1_0101da58c052a35c497ff39f7bd33f46a018bf2f2cd4503e52a89df5e552da8d661f000000000000000000005e0619e7ff90240091558107b6a8e58d-0:0";

  # Networking!
  networking = {
    hostName = "blade-paris";
    hostId = "41b2a198";
    interfaces.br-public.ipv4.addresses = [{
      address = "92.118.28.1";
      prefixLength = 24;
    }];
    interfaces.en-internet.ipv4.addresses = [{
      address = "195.74.55.23";
      prefixLength = 31;
    }];
    interfaces.en-internet.ipv6.addresses = [{
      address = "2a03:ee40:8080:9:2::2";
      prefixLength = 126;
    }];
    defaultGateway = "195.74.55.22";
    defaultGateway6 = "2a03:ee40:8080:9:2::1";
    firewall.extraCommands = "iptables -A INPUT -p vrrp -i br-mgmt -j ACCEPT";
  };
  my.ip.tailscale = "100.117.185.118";
  my.blade.bay = 2;
  my.blade.macAddress = {
    internal = "e4:11:5b:ac:e4:8a";
    storage = "e4:11:5b:ac:e4:8e";
    internet = "e4:11:5b:ac:e4:8c";
  };

  services.ceph = {
    mon.enable = true;
    osd = {
      enable = true;
      daemons = [ "2" ];
    };
  };

  services.keepalived = {
    enable = true;
    vrrpInstances.mgmtGateway = {
      interface = "br-mgmt";
      state = "MASTER";
      priority = 100;
      virtualIps = [{ addr = "10.100.0.1/23"; }];
      virtualRouterId = 1;
    };
  };
}