From 17f110b1833fcb709932183d71bed744a776cc1d Mon Sep 17 00:00:00 2001
From: Pim Kunis <pim@kunis.nl>
Date: Sun, 4 Feb 2024 17:16:41 +0100
Subject: [PATCH] add two nixos-managed VMs for docker swarm change docker
 swarm ansible to target these vms

---
 .../projects/docker_swarm/ansible/ansible.cfg |  2 +-
 .../docker_swarm/ansible/inventory/hosts.yml  |  6 +-
 .../ansible/playbooks/setup-nixos.yml         | 23 ++++++
 nixos/machines/default.nix                    | 72 +++++++++++++++----
 4 files changed, 84 insertions(+), 19 deletions(-)
 create mode 100644 legacy/projects/docker_swarm/ansible/playbooks/setup-nixos.yml

diff --git a/legacy/projects/docker_swarm/ansible/ansible.cfg b/legacy/projects/docker_swarm/ansible/ansible.cfg
index bfe23ea..2dae700 100644
--- a/legacy/projects/docker_swarm/ansible/ansible.cfg
+++ b/legacy/projects/docker_swarm/ansible/ansible.cfg
@@ -1,7 +1,7 @@
 [defaults]
 roles_path=../../../ansible_roles:~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:roles
 inventory=inventory
-interpreter_python=/usr/bin/python3
+interpreter_python=/run/current-system/sw/bin/python3.11
 remote_user = root
 vault_password_file=$HOME/.config/home/ansible-vault-secret
 
diff --git a/legacy/projects/docker_swarm/ansible/inventory/hosts.yml b/legacy/projects/docker_swarm/ansible/inventory/hosts.yml
index a7b1508..5500f35 100644
--- a/legacy/projects/docker_swarm/ansible/inventory/hosts.yml
+++ b/legacy/projects/docker_swarm/ansible/inventory/hosts.yml
@@ -1,11 +1,9 @@
 all:
   hosts:
     manager:
-      ansible_host: maestro.dmz
+      ansible_host: 192.168.30.42
   children:
     workers:
       hosts:
         bancomart:
-          ansible_host: bancomart.dmz
-        # vpay:
-        #   ansible_host: vpay.dmz
+          ansible_host: bancomart2.dmz
diff --git a/legacy/projects/docker_swarm/ansible/playbooks/setup-nixos.yml b/legacy/projects/docker_swarm/ansible/playbooks/setup-nixos.yml
new file mode 100644
index 0000000..f784c21
--- /dev/null
+++ b/legacy/projects/docker_swarm/ansible/playbooks/setup-nixos.yml
@@ -0,0 +1,23 @@
+---
+
+- name: Setup Docker Swarm manager
+  hosts: manager
+  tasks:
+    - name: Create Docker Swarm
+      docker_swarm:
+    
+    - name: Get Docker Swarm manager info
+      docker_swarm_info:
+        nodes: yes
+        nodes_filters:
+          name: manager
+      register: swarm_info
+
+- hosts: workers
+  tasks:
+    - name: Join Docker Swarm
+      docker_swarm:
+        state: join
+        join_token: "{{ hostvars.manager.swarm_info.swarm_facts.JoinTokens.Worker }}"
+        remote_addrs:
+          - "{{ hostvars.manager.ansible_default_ipv4.address }}"
diff --git a/nixos/machines/default.nix b/nixos/machines/default.nix
index bb78fc6..e654980 100644
--- a/nixos/machines/default.nix
+++ b/nixos/machines/default.nix
@@ -58,20 +58,6 @@
     };
   };
 
-  my-microvm = {
-    type = "virtual";
-    hypervisorName = "lewis";
-
-    nixosModule = { pkgs, ... }: {
-      # TODO: would be cool to create a check that a mac address is only ever assigned to one VM.
-      lab.vm.id = 0;
-
-      programs.bash.interactiveShellInit = ''
-        echo "Hello world from inside a virtual machine!!" | ${pkgs.lolcat}/bin/lolcat
-      '';
-    };
-  };
-
   hermes = {
     type = "virtual";
     hypervisorName = "lewis";
@@ -81,6 +67,7 @@
         networking.dmz.services.enable = true;
 
         vm = {
+          # TODO: would be cool to create a check that a mac address is only ever assigned to one VM.
           id = 7;
           staticNetworking = true;
           staticIPv4 = config.lab.networking.dmz.ipv4.services;
@@ -89,4 +76,61 @@
       };
     };
   };
+
+  maestro2 = {
+    type = "virtual";
+    hypervisorName = "lewis";
+
+    nixosModule = { pkgs, lib, ... }: {
+      lab.vm = {
+        id = 1;
+        staticNetworking = true;
+        staticIPv4 = "192.168.30.42";
+        staticIPv6 = "2a0d:6e00:1a77:30::42";
+      };
+
+      networking = {
+        nftables.enable = lib.mkForce false;
+        firewall.enable = lib.mkForce false;
+      };
+
+      virtualisation.docker = {
+        enable = true;
+        liveRestore = false;
+      };
+
+      environment.systemPackages = with pkgs; [
+        (python311.withPackages (python-pkgs: [
+          python-pkgs.docker
+          python-pkgs.requests
+        ]))
+      ];
+    };
+  };
+
+  bancomart2 = {
+    type = "virtual";
+    hypervisorName = "lewis";
+
+    nixosModule = { pkgs, lib, ... }: {
+      lab.vm.id = 2;
+
+      networking = {
+        nftables.enable = lib.mkForce false;
+        firewall.enable = lib.mkForce false;
+      };
+
+      virtualisation.docker = {
+        enable = true;
+        liveRestore = false;
+      };
+
+      environment.systemPackages = with pkgs; [
+        (python311.withPackages (python-pkgs: [
+          python-pkgs.docker
+          python-pkgs.requests
+        ]))
+      ];
+    };
+  };
 }