From c3df63c4790400bb357ed5057f19f10772bf0614 Mon Sep 17 00:00:00 2001
From: matt1432 <matt@nelim.org>
Date: Sun, 21 Jan 2024 22:11:38 -0500
Subject: [PATCH] feat(servers): setup corosync

---
 devices/cluster/default.nix           |  3 +++
 devices/cluster/modules/corosync.nix  | 23 +++++++++++++++++++++++
 devices/cluster/modules/pacemaker.nix |  4 +++-
 flake.lock                            |  8 ++++----
 flake.nix                             |  2 ++
 5 files changed, 35 insertions(+), 5 deletions(-)
 create mode 100644 devices/cluster/modules/corosync.nix

diff --git a/devices/cluster/default.nix b/devices/cluster/default.nix
index c5b1635..8466665 100644
--- a/devices/cluster/default.nix
+++ b/devices/cluster/default.nix
@@ -7,6 +7,9 @@ in {
     ../../modules/kmscon.nix
     ../../modules/sshd.nix
     ../../modules/tailscale.nix
+
+    ./modules/corosync.nix
+    ./modules/pacemaker.nix
   ];
 
   vars = {
diff --git a/devices/cluster/modules/corosync.nix b/devices/cluster/modules/corosync.nix
new file mode 100644
index 0000000..a41fd67
--- /dev/null
+++ b/devices/cluster/modules/corosync.nix
@@ -0,0 +1,23 @@
+{config, ...}: {
+  environment.etc."corosync/authkey" = {
+    source = config.sops.secrets.corosync.path;
+  };
+
+  services.corosync = {
+    enable = true;
+    clusterName = "thingies";
+
+    nodelist = [
+      {
+        nodeid = 1;
+        name = "thingone";
+        ring_addrs = ["10.0.0.244"];
+      }
+      {
+        nodeid = 2;
+        name = "thingtwo";
+        ring_addrs = ["10.0.0.159"];
+      }
+    ];
+  };
+}
diff --git a/devices/cluster/modules/pacemaker.nix b/devices/cluster/modules/pacemaker.nix
index 53feade..cbc60fe 100644
--- a/devices/cluster/modules/pacemaker.nix
+++ b/devices/cluster/modules/pacemaker.nix
@@ -13,5 +13,7 @@ in {
   ];
 
   disabledModules = [pacemakerPath];
-  import = ["${nixpkgs-pacemaker}/nixos/modules/${pacemakerPath}"];
+  imports = ["${nixpkgs-pacemaker}/nixos/modules/${pacemakerPath}"];
+
+  services.pacemaker.enable = true;
 }
diff --git a/flake.lock b/flake.lock
index c1ad73a..4a4bea6 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1316,11 +1316,11 @@
         "sops-nix": "sops-nix"
       },
       "locked": {
-        "lastModified": 1705530924,
-        "narHash": "sha256-AQZ5Ojmxv8W97b2L7ZrcKnGt6rIqzDdItNF/AzqBIaU=",
+        "lastModified": 1705892745,
+        "narHash": "sha256-MlH+FZTtHmguvhUlMehmnUjEaDw4ah9mOT+dLEHT9sc=",
         "ref": "refs/heads/main",
-        "rev": "43ac719e0cfe8ae908630a28fe3ed3cf8ab46aa2",
-        "revCount": 33,
+        "rev": "66809b35f0f511babb90f85abae3a1203f43b478",
+        "revCount": 35,
         "type": "git",
         "url": "ssh://git@git.nelim.org/matt1432/nixos-secrets"
       },
diff --git a/flake.nix b/flake.nix
index 6b4b745..03bce7f 100644
--- a/flake.nix
+++ b/flake.nix
@@ -51,9 +51,11 @@
       # Cluster
       thingone = mkNixOS [
         (import ./devices/cluster "thingone")
+        secrets.nixosModules.thingy
       ];
       thingtwo = mkNixOS [
         (import ./devices/cluster "thingtwo")
+        secrets.nixosModules.thingy
       ];
 
       live-image = mkNixOS [