othrayte/infra
1
0
Fork 0
Code Issues 1 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

Fix some networking issues and setup a second nomad host

Browse Source
This commit is contained in:
Adrian Cowan
2025-05-25 22:40:41 +10:00
parent 376c278c11
commit 8b0b7c1e73
7 changed files with 81 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
1-nixos-node/configuration.nix
View File

@@ -11,7 +11,7 @@
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "jaglan-beta-m01"; # Define your hostname.
networking.hostName = "${hostname}"; # Define your hostname.
time.timeZone = "Australia/Melbourne";
@@ -40,7 +40,9 @@
datacenter = "jaglan-beta";
server = {
enabled = true;
%{if bootstrap ~}
bootstrap_expect = 1;
%{endif ~}
};
client = {
enabled = true;
@@ -54,7 +56,7 @@
read_only = false;
};
};
cni_path = "${pkgs.cni-plugins}/bin";
cni_path = "$${pkgs.cni-plugins}/bin";
};
plugin.docker.config.allow_privileged = true;
};
@@ -66,12 +68,17 @@
consul = {
enable = true;
webUi = true;
interface.bind = "eno1";
interface.advertise = "eno1";
interface.bind = "${bind_interface}";
interface.advertise = "${bind_interface}";
extraConfig = {
%{if bootstrap ~}
bootstrap_expect = 1;
%{endif ~}
server = true;
client_addr = "127.0.0.1 192.168.1.235";
retry_join = [
"jaglan-beta-m01"
"jaglan-beta-m20"
];
datacenter = "jaglan-beta";
connect.enabled = true;
ports.grpc = 8502;
@@ -92,8 +99,9 @@
"d /opt/postgres 0755 root root -"
];
# Open ports in the firewall. 464X are the default ports for Nomad.
networking.firewall.allowedTCPPorts = [ 80 443 4646 4647 4648 ];
# Open ports in the firewall. 80/443 are for HTTP/HTTPS (terraform), 464X are the default ports for Nomad, 830X are the default ports for Consul.
networking.firewall.allowedTCPPorts = [ 80 443 4646 4647 4648 8300 8301 ];
networking.firewall.allowedUDPPorts = [ 8301 ];
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you