input-output-hk
diff --git a/‎flake.lock‎
Lines changed: 142 additions & 11 deletions b/‎flake.lock‎
Lines changed: 142 additions & 11 deletions
diff --git a/‎flake.nix‎
Lines changed: 4 additions & 2 deletions b/‎flake.nix‎
Lines changed: 4 additions & 2 deletions
diff --git a/‎nix/metal/bitteProfile/default.nix‎
Lines changed: 40 additions & 0 deletions b/‎nix/metal/bitteProfile/default.nix‎
Lines changed: 40 additions & 0 deletions
@@ -5,8 +5,8 @@
     n2c.url = "github:nlewo/nix2container";
     data-merge.url = "github:divnix/data-merge";
     # --- Bitte Stack ----------------------------------------------
-    bitte.url = "github:input-output-hk/bitte";
-    # bitte.url = "path:/home/jlotoski/work/iohk/bitte-wt/fix-core-user-data";
+    bitte.url = "github:input-output-hk/bitte/zt";
+    # bitte.url = "path:/home/jlotoski/work/iohk/bitte-wt/zt";
     # bitte.url = "path:/home/manveru/github/input-output-hk/bitte";
     bitte-cells.url = "github:input-output-hk/bitte-cells";
     # bitte-cells.url = "path:/home/jlotoski/work/iohk/bitte-cells-wt/bitte-cells";
@@ -30,6 +30,8 @@
     cicero.inputs.spongix.follows = "spongix";
     cicero.inputs.driver.follows = "nomad-driver-nix";
     tullia.url = "github:input-output-hk/tullia";
+    openziti.url = "github:johnalotoski/openziti-bins";
+    openziti.inputs.nixpkgs.follows = "nixpkgs";
     # --------------------------------------------------------------
   };
 
 
@@ -25,6 +25,15 @@ in {
       flakePath = "${inputs.self}";
       vbkBackend = "local";
       builder = "cache";
+      transitGateway = {
+        enable = true;
+        transitRoutes = [
+          {
+            gatewayCoreNodeName = "zt";
+            cidrRange = "10.10.0.0/24";
+          }
+        ];
+      };
 
       autoscalingGroups = let
         defaultModules = [
@@ -231,6 +240,37 @@ in {
             inherit (securityGroupRules) internet internal ssh;
           };
         };
+
+        zt = {
+          # https://support.netfoundry.io/hc/en-us/articles/360025875331-Edge-Router-VM-Sizing-Guide
+          instanceType = "c5.large";
+          privateIP = "172.16.0.30";
+          subnet = cluster.vpc.subnets.core-1;
+          volumeSize = 100;
+          sourceDestCheck = false;
+
+          modules = [
+            (bitte + /profiles/common.nix)
+            (bitte + /modules/ziti/ziti-controller.nix)
+            (bitte + /modules/ziti/ziti-router.nix)
+            (bitte + /modules/ziti/ziti-console.nix)
+            (bitte + /modules/ziti/ziti-edge-tunnel.nix)
+            ./ziti.nix
+          ];
+
+          securityGroupRules = {
+            inherit
+              (securityGroupRules)
+              internal
+              internet
+              ssh
+              ziti-controller-mgmt
+              ziti-controller-rest
+              ziti-router-edge
+              ziti-router-fabric
+              ;
+          };
+        };
       };
     };
   };