2023-03-06 00:31:31 +01:00
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
|
|
cfg = config.services.hashicorp-envoy;
|
|
|
|
|
|
|
|
serviceFormat = pkgs.formats.json {};
|
2023-04-03 01:35:18 +02:00
|
|
|
serviceFile = name: value:
|
|
|
|
if value.type == "normal" then
|
|
|
|
serviceFormat.generate "${name}-service.json" { service = value.service; }
|
|
|
|
else
|
|
|
|
serviceFormat.generate "${name}-service.json" value.service;
|
2023-03-06 00:31:31 +01:00
|
|
|
in
|
|
|
|
{
|
|
|
|
options.services.hashicorp-envoy = mkOption {
|
|
|
|
description = mdDoc ''
|
|
|
|
'';
|
|
|
|
type = types.attrsOf (types.submodule {
|
|
|
|
options = {
|
|
|
|
service = mkOption {
|
|
|
|
description = mdDoc ''
|
|
|
|
'';
|
2023-03-07 23:35:39 +01:00
|
|
|
type = with types; oneOf [ serviceFormat.type (listOf serviceFormat.type) ];
|
2023-03-06 00:31:31 +01:00
|
|
|
};
|
|
|
|
|
2023-04-03 01:35:18 +02:00
|
|
|
type = mkOption {
|
|
|
|
description = mdDoc ''
|
|
|
|
'';
|
|
|
|
type = with types; enum [ "ingress" "terminating" "normal" ];
|
|
|
|
default = "normal";
|
|
|
|
};
|
|
|
|
|
2023-03-06 00:31:31 +01:00
|
|
|
environment = mkOption {
|
|
|
|
description = mdDoc ''
|
|
|
|
'';
|
|
|
|
type = with types; attrsOf str;
|
|
|
|
default = {};
|
|
|
|
};
|
|
|
|
|
|
|
|
adminBind = mkOption {
|
|
|
|
description = mdDoc ''
|
|
|
|
'';
|
|
|
|
type = types.str;
|
|
|
|
};
|
|
|
|
|
2023-04-03 01:35:18 +02:00
|
|
|
address = mkOption {
|
|
|
|
description = mdDoc ''
|
|
|
|
'';
|
|
|
|
type = types.str;
|
|
|
|
default = "0.0.0.0:19000";
|
|
|
|
};
|
|
|
|
|
|
|
|
|
2023-03-07 23:35:39 +01:00
|
|
|
drainTime = mkOption {
|
|
|
|
description = mdDoc ''
|
|
|
|
'';
|
|
|
|
type = types.int;
|
|
|
|
default = 15;
|
|
|
|
};
|
|
|
|
|
|
|
|
parentShutdownTime = mkOption {
|
|
|
|
description = mdDoc ''
|
|
|
|
'';
|
|
|
|
type = types.int;
|
|
|
|
default = 20;
|
|
|
|
};
|
|
|
|
|
2023-03-07 23:40:00 +01:00
|
|
|
hotRestart = mkOption {
|
|
|
|
description = mdDoc ''
|
|
|
|
'';
|
|
|
|
type = types.bool;
|
|
|
|
default = false;
|
|
|
|
};
|
|
|
|
|
2023-03-06 00:31:31 +01:00
|
|
|
consulPackage = mkOption {
|
|
|
|
description = mdDoc ''
|
|
|
|
'';
|
|
|
|
type = types.package;
|
|
|
|
default = pkgs.consul;
|
|
|
|
};
|
|
|
|
|
|
|
|
envoyPackage = mkOption {
|
|
|
|
description = mdDoc ''
|
|
|
|
'';
|
|
|
|
type = types.package;
|
|
|
|
default = pkgs.envoy;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
});
|
|
|
|
default = {};
|
|
|
|
};
|
|
|
|
|
|
|
|
config = {
|
|
|
|
systemd.services = flip mapAttrs' cfg (name: value:
|
|
|
|
nameValuePair
|
|
|
|
"hashicorp-envoy-${name}"
|
|
|
|
{
|
2023-03-07 23:35:39 +01:00
|
|
|
description = name;
|
|
|
|
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
wants = [ "network-online.target" ];
|
|
|
|
after = [ "network-online.target" ];
|
|
|
|
|
|
|
|
path = [ value.envoyPackage ];
|
|
|
|
|
|
|
|
restartIfChanged = true;
|
|
|
|
|
2023-04-03 01:35:18 +02:00
|
|
|
preStart =
|
|
|
|
if value.type == "normal" then
|
|
|
|
''
|
|
|
|
${value.consulPackage}/bin/consul services register ${serviceFile name value}
|
|
|
|
''
|
|
|
|
else
|
|
|
|
''
|
|
|
|
${value.consulPackage}/bin/consul config write ${serviceFile name value}
|
|
|
|
'';
|
|
|
|
postStop =
|
|
|
|
if value.type == "normal" then
|
|
|
|
''
|
|
|
|
${value.consulPackage}/bin/consul services deregister -id=${value.service.id}
|
|
|
|
''
|
|
|
|
else
|
|
|
|
''
|
|
|
|
${value.consulPackage}/bin/consul config delete -filename ${serviceFile name value}
|
|
|
|
'';
|
2023-03-07 23:35:39 +01:00
|
|
|
script =
|
|
|
|
let
|
2023-04-03 01:35:18 +02:00
|
|
|
startEnvoy = pkgs.writeShellScript "start_envoy_${name}.sh"
|
2023-03-07 23:35:39 +01:00
|
|
|
''
|
|
|
|
exec ${value.consulPackage}/bin/consul connect envoy \
|
2023-04-03 01:35:18 +02:00
|
|
|
${optionalString (value.type == "normal") ''
|
|
|
|
-sidecar-for ${value.service.id} \
|
|
|
|
''} \
|
|
|
|
${optionalString (value.type == "ingress") ''
|
|
|
|
-gateway=ingress \
|
|
|
|
-register \
|
|
|
|
-service ${value.service.name} \
|
|
|
|
''} \
|
2023-03-07 23:35:39 +01:00
|
|
|
-admin-bind ${value.adminBind} \
|
2023-04-03 01:35:18 +02:00
|
|
|
-address ${value.address} \
|
2023-03-07 23:40:00 +01:00
|
|
|
${optionalString value.hotRestart ''
|
|
|
|
-- \
|
|
|
|
$([[ $RESTART_EPOCH == 0 ]] && printf -- "--use-dynamic-base-id --base-id-path $RUNTIME_DIRECTORY/id") \
|
|
|
|
$([[ $RESTART_EPOCH == 0 ]] || printf -- "--base-id $(cat $RUNTIME_DIRECTORY/id)") \
|
|
|
|
--restart-epoch $RESTART_EPOCH \
|
|
|
|
--drain-time-s ${toString value.drainTime} \
|
|
|
|
--parent-shutdown-time-s ${toString value.parentShutdownTime}
|
|
|
|
''}
|
2023-03-07 23:35:39 +01:00
|
|
|
'';
|
|
|
|
in
|
2023-03-07 23:40:00 +01:00
|
|
|
if value.hotRestart then
|
|
|
|
"exec ${pkgs.python3}/bin/python ${value.envoyPackage.src}/restarter/hot-restarter.py ${startEnvoy}"
|
|
|
|
else
|
|
|
|
"exec ${startEnvoy}";
|
2023-03-07 23:35:39 +01:00
|
|
|
|
2023-03-06 00:31:31 +01:00
|
|
|
environment = value.environment;
|
2023-03-07 23:35:39 +01:00
|
|
|
|
|
|
|
serviceConfig = {
|
|
|
|
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
|
|
|
KillMode = "control-group";
|
|
|
|
KillSignal = "SIGINT";
|
|
|
|
LimitNOFILE = 65536;
|
|
|
|
LimitNPROC = "infinity";
|
|
|
|
OOMScoreAdjust = -1000;
|
|
|
|
Restart = "always";
|
|
|
|
RestartSec = 2;
|
|
|
|
TasksMax = "infinity";
|
|
|
|
|
|
|
|
RuntimeDirectory = name;
|
|
|
|
};
|
2023-03-06 00:31:31 +01:00
|
|
|
}
|
|
|
|
);
|
|
|
|
};
|
|
|
|
}
|