mt-caret/etcd-container-cluster.nix Secret

## etcd-container-cluster.nix
{ config, lib, pkgs, ... }:
let
  addressMap =
    {
      "n1" = { localAddress = "10.233.0.101"; hostAddress = "10.233.1.101"; };
      "n2" = { localAddress = "10.233.0.102"; hostAddress = "10.233.1.102"; };
      "n3" = { localAddress = "10.233.0.103"; hostAddress = "10.233.1.103"; };
      "n4" = { localAddress = "10.233.0.104"; hostAddress = "10.233.1.104"; };
      "n5" = { localAddress = "10.233.0.105"; hostAddress = "10.233.1.105"; };
    };
  toHostsEntry = name: { localAddress, ... }: "${localAddress} ${name}";
  extraHosts =
    builtins.concatStringsSep "\n"
      (lib.attrsets.mapAttrsToList toHostsEntry addressMap);
  nodeConfig = hostName: { localAddress, hostAddress }: {
    inherit localAddress hostAddress;

    ephemeral = true;
    autoStart = true;
    privateNetwork = true;
    timeoutStartSec = "5min";

    config = { config, pkgs, ... }:
      {
        networking = {
          inherit hostName extraHosts;
        };
        system.stateVersion = "20.03";

        services.etcd =
          let
            peerUrl = "http://${localAddress}:2380";
            clientUrl = "http://${localAddress}:2379";
            toClusterEntry = name: { localAddress, ... }:
              "${name}=http://${localAddress}:2380";
          in
            {
              enable = true;
              name = hostName;

              initialAdvertisePeerUrls = [ peerUrl ];
              listenPeerUrls = [ peerUrl ];

              advertiseClientUrls = [ clientUrl ];
              listenClientUrls = [ clientUrl "http://127.0.0.1:2379" ];

              initialClusterToken = "etcd-cluster";
              initialCluster =
                lib.attrsets.mapAttrsToList toClusterEntry addressMap;
              initialClusterState = "new";
            };
        networking.firewall.allowedTCPPorts = [ 2379 2380 ];
      };
  };
in
{
  containers = lib.attrsets.mapAttrs nodeConfig addressMap;
}
	{ config, lib, pkgs, ... }:
	let
	addressMap =
	{
	"n1" = { localAddress = "10.233.0.101"; hostAddress = "10.233.1.101"; };
	"n2" = { localAddress = "10.233.0.102"; hostAddress = "10.233.1.102"; };
	"n3" = { localAddress = "10.233.0.103"; hostAddress = "10.233.1.103"; };
	"n4" = { localAddress = "10.233.0.104"; hostAddress = "10.233.1.104"; };
	"n5" = { localAddress = "10.233.0.105"; hostAddress = "10.233.1.105"; };
	};
	toHostsEntry = name: { localAddress, ... }: "${localAddress} ${name}";
	extraHosts =
	builtins.concatStringsSep "\n"
	(lib.attrsets.mapAttrsToList toHostsEntry addressMap);
	nodeConfig = hostName: { localAddress, hostAddress }: {
	inherit localAddress hostAddress;

	ephemeral = true;
	autoStart = true;
	privateNetwork = true;
	timeoutStartSec = "5min";

	config = { config, pkgs, ... }:
	{
	networking = {
	inherit hostName extraHosts;
	};
	system.stateVersion = "20.03";

	services.etcd =
	let
	peerUrl = "http://${localAddress}:2380";
	clientUrl = "http://${localAddress}:2379";
	toClusterEntry = name: { localAddress, ... }:
	"${name}=http://${localAddress}:2380";
	in
	{
	enable = true;
	name = hostName;

	initialAdvertisePeerUrls = [ peerUrl ];
	listenPeerUrls = [ peerUrl ];

	advertiseClientUrls = [ clientUrl ];
	listenClientUrls = [ clientUrl "http://127.0.0.1:2379" ];

	initialClusterToken = "etcd-cluster";
	initialCluster =
	lib.attrsets.mapAttrsToList toClusterEntry addressMap;
	initialClusterState = "new";
	};
	networking.firewall.allowedTCPPorts = [ 2379 2380 ];
	};
	};
	in
	{
	containers = lib.attrsets.mapAttrs nodeConfig addressMap;
	}