add two nixos-managed VMs for docker swarm

change docker swarm ansible to target these vms

legacy/projects/docker_swarm/ansible/ansible.cfg

@@ -1,7 +1,7 @@
 [defaults]
 roles_path=../../../ansible_roles:~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:roles
 inventory=inventory
-interpreter_python=/usr/bin/python3
+interpreter_python=/run/current-system/sw/bin/python3.11
 remote_user = root
 vault_password_file=$HOME/.config/home/ansible-vault-secret
 

legacy/projects/docker_swarm/ansible/inventory/hosts.yml

@@ -1,11 +1,9 @@
 all:
   hosts:
     manager:
-      ansible_host: maestro.dmz
+      ansible_host: 192.168.30.42
   children:
     workers:
       hosts:
         bancomart:
-          ansible_host: bancomart.dmz
+          ansible_host: bancomart2.dmz
-        # vpay:
-        #   ansible_host: vpay.dmz

legacy/projects/docker_swarm/ansible/playbooks/setup-nixos.yml

@@ -0,0 +1,23 @@
+---
+
+- name: Setup Docker Swarm manager
+  hosts: manager
+  tasks:
+    - name: Create Docker Swarm
+      docker_swarm:
+    
+    - name: Get Docker Swarm manager info
+      docker_swarm_info:
+        nodes: yes
+        nodes_filters:
+          name: manager
+      register: swarm_info
+
+- hosts: workers
+  tasks:
+    - name: Join Docker Swarm
+      docker_swarm:
+        state: join
+        join_token: "{{ hostvars.manager.swarm_info.swarm_facts.JoinTokens.Worker }}"
+        remote_addrs:
+          - "{{ hostvars.manager.ansible_default_ipv4.address }}"

nixos/machines/default.nix

@@ -58,20 +58,6 @@
     };
   };
 
-  my-microvm = {
-    type = "virtual";
-    hypervisorName = "lewis";
-
-    nixosModule = { pkgs, ... }: {
-      # TODO: would be cool to create a check that a mac address is only ever assigned to one VM.
-      lab.vm.id = 0;
-
-      programs.bash.interactiveShellInit = ''
-        echo "Hello world from inside a virtual machine!!" | ${pkgs.lolcat}/bin/lolcat
-      '';
-    };
-  };
-
   hermes = {
     type = "virtual";
     hypervisorName = "lewis";
@@ -81,6 +67,7 @@
         networking.dmz.services.enable = true;
 
         vm = {
+          # TODO: would be cool to create a check that a mac address is only ever assigned to one VM.
           id = 7;
           staticNetworking = true;
           staticIPv4 = config.lab.networking.dmz.ipv4.services;
@@ -89,4 +76,61 @@
       };
     };
   };
+
+  maestro2 = {
+    type = "virtual";
+    hypervisorName = "lewis";
+
+    nixosModule = { pkgs, lib, ... }: {
+      lab.vm = {
+        id = 1;
+        staticNetworking = true;
+        staticIPv4 = "192.168.30.42";
+        staticIPv6 = "2a0d:6e00:1a77:30::42";
+      };
+
+      networking = {
+        nftables.enable = lib.mkForce false;
+        firewall.enable = lib.mkForce false;
+      };
+
+      virtualisation.docker = {
+        enable = true;
+        liveRestore = false;
+      };
+
+      environment.systemPackages = with pkgs; [
+        (python311.withPackages (python-pkgs: [
+          python-pkgs.docker
+          python-pkgs.requests
+        ]))
+      ];
+    };
+  };
+
+  bancomart2 = {
+    type = "virtual";
+    hypervisorName = "lewis";
+
+    nixosModule = { pkgs, lib, ... }: {
+      lab.vm.id = 2;
+
+      networking = {
+        nftables.enable = lib.mkForce false;
+        firewall.enable = lib.mkForce false;
+      };
+
+      virtualisation.docker = {
+        enable = true;
+        liveRestore = false;
+      };
+
+      environment.systemPackages = with pkgs; [
+        (python311.withPackages (python-pkgs: [
+          python-pkgs.docker
+          python-pkgs.requests
+        ]))
+      ];
+    };
+  };
 }