berdario/logical.nix

## logical.nix
let
  pkgs = import ./channel.nix;
  foo_project = import foo/default.nix;

  main_service = cmd: {
    wantedBy = [ "multi-user.target" ]; # Specify that the system wants this service to run.
    after = [ "network.target" ]; # Start the webserver after the network has come up.
    serviceConfig = {
      ExecStart = cmd;
      User = "nobody";
    };
  };

  blue_config = {
    foo_port = 8080;
  };
  green_config = {
    foo_port = 8081;
  };
  all_configs = [blue_config green_config];
  host_nat_configuration = {
    enable = true;
    internalInterfaces = ["ve-+"];
    externalInterface = "eth0";
    forwardPorts = [
      { destination = "$foo_blue:${toString blue_config.foo_port}"; sourcePort = blue_config.foo_port; }
      { destination = "$foo_green:${toString green_config.foo_port}"; sourcePort = green_config.foo_port; } ];
  };
  foo_container = config : {
    environment.systemPackages = [foo_project];
    networking.firewall.allowedTCPPorts = [config.foo_port];
    systemd.services.foo = main_service "${foo_project}/bin/run ${toString config.foo_port}";
  };
in
{
  network.description = "Foo Service";
  network.enableRollback = true;

  foo = { config, pkgs, ... }: {
    networking.firewall.allowedTCPPorts = map (x: x.foo_port) all_configs;
    networking.nat = host_nat_configuration;
  };

  foo_blue = foo_container blue_config;
  foo_green = foo_container green_config;

}

## physical.nix
let
  region = "eu-west-1";
  accessKeyId = "dev"; # symbolic name looked up in ~/.ec2-keys
  ec2 = { resources, ... } : {
    deployment.targetEnv = "ec2";
    deployment.ec2.accessKeyId = accessKeyId;
    deployment.ec2.region = region;
    deployment.ec2.instanceType = "m1.small";
    deployment.ec2.keyPair = resources.ec2KeyPairs.my-key-pair;
    deployment.ec2.securityGroups = [ "staging-server" ];
  };
  container_in = host : { resources, ... } : {
    deployment.targetEnv = "container";
    deployment.container.host = __getAttr host resources.machines;
    deployment.encryptedLinksTo = [host];
  };
in
{
  foo = ec2;
  foo_blue = container_in "foo";
  foo_green = container_in "foo";

  # Provision an EC2 key pair.
  resources.ec2KeyPairs.my-key-pair =
    { inherit region accessKeyId; };
}
	let
	pkgs = import ./channel.nix;
	foo_project = import foo/default.nix;

	main_service = cmd: {
	wantedBy = [ "multi-user.target" ]; # Specify that the system wants this service to run.
	after = [ "network.target" ]; # Start the webserver after the network has come up.
	serviceConfig = {
	ExecStart = cmd;
	User = "nobody";
	};
	};

	blue_config = {
	foo_port = 8080;
	};
	green_config = {
	foo_port = 8081;
	};
	all_configs = [blue_config green_config];
	host_nat_configuration = {
	enable = true;
	internalInterfaces = ["ve-+"];
	externalInterface = "eth0";
	forwardPorts = [
	{ destination = "$foo_blue:${toString blue_config.foo_port}"; sourcePort = blue_config.foo_port; }
	{ destination = "$foo_green:${toString green_config.foo_port}"; sourcePort = green_config.foo_port; } ];
	};
	foo_container = config : {
	environment.systemPackages = [foo_project];
	networking.firewall.allowedTCPPorts = [config.foo_port];
	systemd.services.foo = main_service "${foo_project}/bin/run ${toString config.foo_port}";
	};
	in
	{
	network.description = "Foo Service";
	network.enableRollback = true;

	foo = { config, pkgs, ... }: {
	networking.firewall.allowedTCPPorts = map (x: x.foo_port) all_configs;
	networking.nat = host_nat_configuration;
	};

	foo_blue = foo_container blue_config;
	foo_green = foo_container green_config;

	}
	let
	region = "eu-west-1";
	accessKeyId = "dev"; # symbolic name looked up in ~/.ec2-keys
	ec2 = { resources, ... } : {
	deployment.targetEnv = "ec2";
	deployment.ec2.accessKeyId = accessKeyId;
	deployment.ec2.region = region;
	deployment.ec2.instanceType = "m1.small";
	deployment.ec2.keyPair = resources.ec2KeyPairs.my-key-pair;
	deployment.ec2.securityGroups = [ "staging-server" ];
	};
	container_in = host : { resources, ... } : {
	deployment.targetEnv = "container";
	deployment.container.host = __getAttr host resources.machines;
	deployment.encryptedLinksTo = [host];
	};
	in
	{
	foo = ec2;
	foo_blue = container_in "foo";
	foo_green = container_in "foo";

	# Provision an EC2 key pair.
	resources.ec2KeyPairs.my-key-pair =
	{ inherit region accessKeyId; };
	}