photoncloud-monorepo/nix/test-cluster/node06.nix

# node06 - Gateway Node
#
# Services: APIGateway, NightLight, minimal auth-integrated CreditService reference

{ config, lib, pkgs, ... }:

{
  imports = [
    ./common.nix
    ../modules/apigateway.nix
    ../modules/nightlight.nix
    ../modules/creditservice.nix
    ../modules/deployer.nix
    ../modules/fleet-scheduler.nix
  ];

  networking.hostName = "node06";
  
  virtualisation = {
    memorySize = 1536;
    diskSize = 10240;
  };

  networking.interfaces.eth1.ipv4.addresses = [{
    address = "10.100.0.100";
    prefixLength = 24;
  }];

  services.apigateway = {
    enable = true;
    port = 8080;
    iamAddr = "10.100.0.11:50080";
    
    # Configure routes to control plane and tenant-facing services
    routes = [
      {
        name = "iam-auth";
        pathPrefix = "/api/v1/auth";
        upstream = "http://${config.plasmacloud.cluster.nodes.node01.ip}:8083";
      }
      {
        name = "prismnet-vpcs";
        pathPrefix = "/api/v1/vpcs";
        upstream = "http://${config.plasmacloud.cluster.nodes.node01.ip}:8087";
      }
      {
        name = "prismnet-subnets";
        pathPrefix = "/api/v1/subnets";
        upstream = "http://${config.plasmacloud.cluster.nodes.node01.ip}:8087";
      }
      {
        name = "plasmavmc-vms";
        pathPrefix = "/api/v1/vms";
        upstream = "http://${config.plasmacloud.cluster.nodes.node01.ip}:8084";
        timeoutMs = 1200000;
      }
      {
        name = "nightlight-metrics";
        pathPrefix = "/api/v1/metrics";
        upstream = "http://127.0.0.1:9090/api/v1";
        stripPrefix = true;
      }
      {
        name = "creditservice-rest";
        pathPrefix = "/api/v1/credits";
        upstream = "http://127.0.0.1:3011/api/v1";
        stripPrefix = true;
      }
    ];
  };

  services.nightlight = {
    enable = true;
    grpcPort = 50088;
    httpPort = 9090;
  };

  services.creditservice = {
    enable = true;
    grpcPort = 50089;
    chainfireAddr = config.photonTestCluster.chainfireControlPlaneAddrs;
    flaredbAddr = config.photonTestCluster.flaredbControlPlaneAddrs;
    iamAddr = "10.100.0.11:50080";
  };

  services.deployer = {
    enable = true;
    bindAddr = "0.0.0.0:8088";
    chainfireEndpoints = [
      "http://10.100.0.11:2379"
      "http://10.100.0.12:2379"
      "http://10.100.0.13:2379"
    ];
    clusterId = "test-cluster";
    allowUnauthenticated = false;
    allowUnknownNodes = false;
    requireChainfire = true;
    bootstrapToken = "test-bootstrap-token";
    adminToken = "test-admin-token";
    bootstrapFlakeBundle = pkgs.plasmacloudFlakeBundle;
    seedClusterState = true;
  };

  services.fleet-scheduler = {
    enable = true;
    chainfireEndpoint = config.photonTestCluster.chainfireControlPlaneAddrs;
    clusterId = "test-cluster";
    intervalSecs = 10;
    heartbeatTimeoutSecs = 60;
    iamEndpoint = "http://10.100.0.11:50080";
    fiberlbEndpoint = "http://10.100.0.11:50085";
    flashdnsEndpoint = "http://10.100.0.11:50084";
    publishAddress = "10.100.0.11";
    defaultOrgId = "native-services";
    defaultProjectId = "test-cluster";
    controllerPrincipalId = "fleet-scheduler";
  };

  environment.systemPackages = [ pkgs.deployer-ctl ];
}