gribse/nix-cluster
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add Nomad and Consul

Browse source
This commit is contained in:
zuma 2025-11-07 13:03:16 +01:00 committed by Zuma
parent b6d31e25b9
commit 4971e8c185
2 changed files with 85 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

71
configuration.nix
View file

@ -171,6 +171,77 @@ with pkgs.lib;
fi
'';
systemd.services.consul.after = [ "wgautomesh.service" ];
services.consul = {
enable = true;
extraConfig = {
node_meta = {
site = clusterNodeCfg.siteName;
};
server = true;
datacenter = cfg.clusterName;
ui_config.enabled = true;
bind_addr = "${clusterAddress}";
addresses = {
http = "0.0.0.0";
dns = "0.0.0.0";
};
# Make consul try again these nodes
retry_join = [
"10.0.1.1" # fifi
"10.0.2.1" # riri
"10.0.3.1" # loulou
];
};
};
nixpkgs.config.allowUnfree = true; # Nomad's license is BSL
systemd.services.nomad.after = [ "wgautomesh.service" ];
services.nomad = {
enable = true;
dropPrivileges = false; # We need to run Nomad as root to access docker
settings = {
server = {
enabled = true;
};
region = cfg.clusterName;
datacenter = clusterNodeCfg.siteName;
advertise = {
rpc = "${clusterAddress}";
http = "${clusterAddress}";
serf = "${clusterAddress}";
};
consul = {
address = "localhost:8500";
ssl = false;
};
client = {
enabled = true;
network_interface = "wg0";
meta = {
site = clusterNodeCfg.siteName;
};
};
plugin = [
{
docker = [
{
config = [
{
volumes.enabled = true;
allow_privileged = true;
allow_caps = [ "all" ];
}
];
}
];
}
];
};
};
# Sets /etc/hosts to link all hostnames to wireguard IP
networking.extraHosts = concatStringsSep "\n" (
attrValues (mapAttrs (hostname: { address, ... }: "${address} ${hostname}") cfg.clusterNodes)