hosts/marisa: remove hashistack

Signed-off-by: natto1784 <natto@weirdnatto.in>
2023-07-26 17:48:52 +05:30
parent e06bc88784
commit ff831dc3e0
4 changed files with 57 additions and 45 deletions
--- a/hosts/marisa/default.nix
+++ b/hosts/marisa/default.nix
@@ -4,7 +4,7 @@
    ./networking.nix
    ./hardware.nix
    ./boot.nix
-    ./services.nix
+    ./services
  ];

  users.users.spark = {
@@ -14,7 +14,10 @@
    extraGroups = [ "wheel" ];
    openssh.authorizedKeys.keys = lib'.network.commonSSHKeys;
  };
+  programs.zsh.enable = true;

  time.timeZone = "Asia/Kolkata";
  system.stateVersion = "21.05";
+
+  security.pki.certificateFiles = [ ../../cert.pem ../../consul-agent-ca.pem ];
 }
--- a/hosts/marisa/services.nix
+++ b/hosts/marisa/services.nix
@@ -1,44 +0,0 @@
-{ lib, config, pkgs, ... }:
-{
-
-  # Add secrets to nomad, consul and vault
-  virtualisation.docker = {
-    enable = true;
-    daemon.settings = {
-      #     default-cgroupns-mode = "host";
-    };
-  };
-  systemd.tmpfiles.rules = lib.singleton "d /run/vault - vault vault 1h";
-  services = {
-    openssh = {
-      enable = true;
-      permitRootLogin = "yes";
-    };
-    nomad = {
-      enable = true;
-      enableDocker = true;
-      dropPrivileges = false;
-      extraPackages = with pkgs; [ consul ];
-      extraSettingsPaths = lib.singleton "/run/nomad/nomad.json";
-    };
-    vault = {
-      package = pkgs.vault-bin;
-      enable = true;
-      tlsCertFile = "/var/rootcert/cert.pem";
-      tlsKeyFile = "/var/rootcert/key.pem";
-      address = "0.0.0.0:8800";
-      # storageBackend = "file";
-      # storagePath = "/var/lib/vault";
-      extraSettingsPaths = lib.singleton "/run/vault/vault.json";
-    };
-
-    consul = {
-      enable = true;
-      package = pkgs.consul;
-      extraConfigFiles = lib.singleton "/run/consul/consul.json";
-    };
-  };
-
-  security.pki.certificateFiles = [ ../../cert.pem ../../consul-agent-ca.pem ];
-}
-
--- a/hosts/marisa/services/default.nix
+++ b/hosts/marisa/services/default.nix
@@ -0,0 +1,23 @@
+{ config, ... }:
+{
+
+  imports = [
+   # ./hashicorp.nix
+  ];
+
+  # Add secrets to nomad, consul and vault
+  virtualisation.docker = {
+    enable = true;
+    daemon.settings = {
+      #     default-cgroupns-mode = "host";
+    };
+  };
+  systemd.tmpfiles.rules = [ "d /run/vault - vault vault 1h" ];
+  services = {
+    openssh = {
+      enable = true;
+      permitRootLogin = "yes";
+    };
+  };
+}
+
--- a/hosts/marisa/services/hashicorp.nix
+++ b/hosts/marisa/services/hashicorp.nix
@@ -0,0 +1,30 @@
+{ config, pkgs, ... }:
+{
+
+  services = {
+    nomad = {
+      enable = true;
+      enableDocker = true;
+      dropPrivileges = false;
+      extraPackages = with pkgs; [ consul cni-plugins ];
+      extraSettingsPaths = [ "/run/nomad/nomad.json" ];
+    };
+    vault = {
+      package = pkgs.vault-bin;
+      enable = true;
+      tlsCertFile = "/var/rootcert/cert.pem";
+      tlsKeyFile = "/var/rootcert/key.pem";
+      address = "0.0.0.0:8800";
+      # storageBackend = "file";
+      # storagePath = "/var/lib/vault";
+      extraSettingsPaths = [ "/run/vault/vault.json" ];
+    };
+
+    consul = {
+      enable = true;
+      package = pkgs.consul;
+      extraConfigFiles = [ "/run/consul/consul.json" ];
+    };
+  };
+}
+