From 50cda2a8f89f6aa58955fea0d7effc702355c64c Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Thu, 14 Nov 2024 20:08:12 +1000 Subject: [PATCH] build05: init (aarch64-build-box.nix-community.org) --- docs/community-builder.md | 6 ++++++ docs/infrastructure.md | 8 ++++++++ flake.nix | 1 + hosts/build05/default.nix | 13 +++++++++++++ modules/shared/known-hosts.nix | 4 ++++ secrets.yaml | 1 + secrets/secrets.nix | 2 ++ terraform/cloudflare_nix-community_org.tf | 5 +++++ 8 files changed, 40 insertions(+) create mode 100644 hosts/build05/default.nix diff --git a/docs/community-builder.md b/docs/community-builder.md index 47d659982..0eec9d1b3 100644 --- a/docs/community-builder.md +++ b/docs/community-builder.md @@ -6,6 +6,12 @@ We provide machines as public builders for the nix community. build-box.nix-community.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIElIQ54qAy7Dh63rBudYKdbzJHrrbrrMXLYl7Pkmk88H ``` +`aarch64-linux` + +``` +aarch64-build-box.nix-community.org ssh-ed25519 ? +``` + `aarch64-darwin`, `x86_64-darwin` ``` diff --git a/docs/infrastructure.md b/docs/infrastructure.md index b8dd5dd88..ad10a0acb 100644 --- a/docs/infrastructure.md +++ b/docs/infrastructure.md @@ -30,6 +30,14 @@ - RAM: 128GB DDR4 ECC - Drives: 2 x 960GB NVME +#### `build05` - [`aarch64-build-box.nix-community.org`](./community-builder.md) + +- Provider: Hetzner +- Instance type: [RX170](https://www.hetzner.com/dedicated-rootserver/rx170) +- CPU: Ampere Altra Q80-30 80-Core Processor +- RAM: 128GB DDR4 ECC +- Drives: 2 x 960GB NVME + #### `darwin01` - [`darwin-build-box.nix-community.org`](./community-builder.md) - Provider: OakHost diff --git a/flake.nix b/flake.nix index 2a8a9bf14..c2162b9b1 100644 --- a/flake.nix +++ b/flake.nix @@ -88,6 +88,7 @@ build02.system = "x86_64-linux"; build03.system = "x86_64-linux"; build04.system = "aarch64-linux"; + build05.system = "aarch64-linux"; darwin01.system = "aarch64-darwin"; darwin02.system = "aarch64-darwin"; web02.system = "x86_64-linux"; diff --git a/hosts/build05/default.nix b/hosts/build05/default.nix new file mode 100644 index 000000000..e11dfae65 --- /dev/null +++ b/hosts/build05/default.nix @@ -0,0 +1,13 @@ +{ inputs, ... }: +{ + imports = [ + inputs.srvos.nixosModules.hardware-hetzner-online-arm + inputs.self.nixosModules.disko-zfs + inputs.self.nixosModules.builder + inputs.self.nixosModules.community-builder + ]; + + system.stateVersion = "23.11"; + + systemd.network.networks."10-uplink".networkConfig.Address = "?"; +} diff --git a/modules/shared/known-hosts.nix b/modules/shared/known-hosts.nix index aad1ce8e4..b952ba754 100644 --- a/modules/shared/known-hosts.nix +++ b/modules/shared/known-hosts.nix @@ -16,6 +16,10 @@ hostNames = [ "build04.nix-community.org" ]; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINvzMJfCiVKGfEjCfBZqDD7Kib5y+2zz04YI8XrCZ68O"; }; + build05 = { + hostNames = [ "build05.nix-community.org" ]; + publicKey = "ssh-ed25519 ?"; + }; darwin01 = { hostNames = [ "darwin01.nix-community.org" ]; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFz8FXSVEdf8FvDMfboxhB5VjSe7y2WgSa09q1L4t099"; diff --git a/secrets.yaml b/secrets.yaml index a6a1e2300..a06b121c8 100644 --- a/secrets.yaml +++ b/secrets.yaml @@ -14,6 +14,7 @@ ssh_host_ed25519_key: build02: ENC[AES256_GCM,data:kwc1rs7xbKod7+vV9yDNqAZMmTqencDe6LTMqxihNLuvGny1atjJ/4cf2vnWEyPar4AvqLtawbIexowbpgyzIiJBKskw0voUgUan0TMH7dsjeZtcdnBSsGWDlcBSjq8bK+yfNMWxwaq7FB9eTJkhN41UhQwqXIVpitEJg0LQcz7+BeQnYhCMnMOc+AG78zIZK+lbzAikejFJUV1A0/kmEl9VirBTpGqxhsiPUSCpAq9c3mE16f31YF9bUn9Dr/4gLW42xxbt/+6psDstKlKgfldzC+izCCCfL1qKcKz7RtyLX37O1MkQqLWvC5I5XRt81tKPOgmtjtGSM0iYmx9zy6FKGJlWqHGNb5K+g1NugWuKMzkBQNoWIypS/yHUY9R3eLa6JJM+tfE/Hvw4Q6/4HGBePMauULd/sgTC8D6o+6023a9ZdC6vdwAWzgWzhbG8uN8vjRR9JKy8/tzgzWJsR4PvPFw9ka0HbRMjigmMxZ817Z6iB2BcO2xmJvD5hP2YpPKCNLQzUznq0vh1s91C,iv:cQERNZJUQ0TJW0pbEzJF6O+1Idkt2e+I06+Kjygr4lk=,tag:2X4KhuEd/0153sCT7qeyqQ==,type:str] build03: ENC[AES256_GCM,data:GsCPKzEPBkc3o+6gSKXIEXudNOg4hQ2i/nVu0IoPVG99QaL77VxQczmiEINPCXYOqvH0ugD9TGW1SEOghv1VYzCus98IMcCfWJqiZAEPjqtu9uvoBR54uw4rehHrMeBD5auGzWwJcJ3PT2fHAE0G9A6khWLdYyE7O9OFo490DAJD/XMO/beEsMiLI9nTCzLgCEL4koM8Omg4crq2ixLcGnueBsP5uF+W8vuvKBwz1TgAg7qguNEYnqHVZLEQgKBMCdca2yPmKnbEBMKnlsjGOWThT9Bw3JB8slBaIV6dCvvFUNnfqhVo9NZtaLH7ciPZCD1+vk9ja7KE8PqwUGVbrQM32DFajhtFSJa+IUZYAda192ZTbVEE4T/xL7mhYsS1rnGFIsGVSHjC/QgC9VU4THbkcO/1Uzt0H8OeSaMLERxpKmVqqLlvQPAs+/bos3D9vHHlfiY6liq1fa0++2+JnuSTsKLEmh6+h1/prhQ8oy+0imm15AHDsTllbaWxMjRCBSVaua25+h2eTEci1T3/h8XiM3+S7yWa3sfoe1Kj1fNmDlQ=,iv:VRAoe3bRpEBDGDAX/dZM+TOM8I6K2oxb1d3Ld+BQKuE=,tag:CIndzn8DJdxJLuFMtpk8Ww==,type:str] build04: ENC[AES256_GCM,data:e8qLPiTruUq1OSgfR6KQ/zXMeLeTapH8k9viglYdz0mjG198oKPc2JNgLsuL8vFBafJ9P0SHJlKH6wQNApPNgEaktfTpx11WlK5oEa9J/Bw3OuFUJnyRE3UzxvWNzj5BVIk6pQBDhc2rOucAbiWwTJu76Wxopd5PQ5GVyEK2OIYaZ2rG2ZlF9RbfZgfiq0HBkZhPfL4osUMGmFRsa6p18xH4wm+Ey08n5DG27AxGf7yjKiXswlZfzgxX3ukqsNw5pw3GNHRLjlsJsprTMVj+hgS5N3PeY+IViJKHE0VmEU3pJzlFSAk05mTrYzJ0jHlfQTbWHs6wYkc3EbKXG83zcviowGMK78P8Qpy0h9/3+r1I55/3UAd4JKnGbz+ADTMwowgNeZO/Vv0LQN3zspyfmYiQ3sD55kdGLWVnWFXZ1m0x+3D+CK7KaH7hqoT0GY2rYFwvM5fXKy7ekrGtpUyZPy8iQw6Vxl0+bcKgU6IcWYikZ32XvR4bjY9uDBvuS+Kk1e7y9WTy2h0p5fw7T2aWE/rw9m5TuUnn13gRHo1KRfNApzQckc5NbXG+VhMrQ9y1,iv:to8K9ljpumnRFz7lmxi0C6JT6xME3Sukh2jWRYkZlPg=,tag:puIarMsuxMidHOJ18ZO2mQ==,type:str] + build05: null web02: ENC[AES256_GCM,data:KR3sChbsD8B2OPyWgrUXsXcOZa5GgYrP819LuIQt9kmd83KIidG0AzuPbHjnpB4gLRgLzMUEGXzretmITHr8llIlFzzehLXulLsdBNT4FiyD80CjzUUxT/L1TadSWCqf8DMn581t6CwdpYaOPfrAesxD4ZJE0O/6oa6/pUG6AYAgFui56PAfUb1A04O8/hYZu5M9o+OxYeX7Ep3w3Fn0815Oe2qeILdjmIgecaKmc+rscJL8CrDanX5qYdAnzBEL0U8uWhDalVtHmgvTUcITeyjDNeVR0Zb76Xfl6HJb9HOpXS6DfPugONAEGyigte3PHd8lQbGArtR3UxVl95z2gQRcDIEHiYPnR1CHs1HEmLjCGot0jOnC9mHC/NAb6EYrnmRNxgu0elR3O6PNwf89Nu3Jq87GPlVTbggMg4bW8/d+ZnsOPUDSfB6F9HMDjKqu0qJdRt9D6VV/OfH537vw+XPgw/9Evdhb4tL5qX3FVjyxDSU1v5thnzum4mGoZI0S2EReRO/MO11orpIBeNOw4bwzPl7ftD6Emb0v,iv:qcewvFVbCppM0063eAVE2qkl348X3Pocm3dd+H/9Hko=,tag:QlXb7KkWV6tztq6kAbIhlw==,type:str] darwin01: customer: ENC[AES256_GCM,data:zDa+TUczDkjxthze,iv:VdYAf5EP6RjRLkWQzWRRlkWiUKSfoFR8f2GTMMTZg3Q=,tag:8CZSA1qxxOBxbPdzqU4NFg==,type:str] diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 752381d8c..910b6a175 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -15,6 +15,7 @@ let build02 = knownHosts.build02.publicKey; build03 = knownHosts.build03.publicKey; build04 = knownHosts.build04.publicKey; + build05 = knownHosts.build05.publicKey; darwin01 = knownHosts.darwin01.publicKey; darwin02 = knownHosts.darwin02.publicKey; web02 = knownHosts.web02.publicKey; @@ -24,6 +25,7 @@ let # from `nix-community-buildbot` (user account, not the github app) community-builder-nix-access-tokens = [ build01 + build05 darwin01 ]; grafana-client-secret = [ web02 ]; diff --git a/terraform/cloudflare_nix-community_org.tf b/terraform/cloudflare_nix-community_org.tf index bf482ae3c..92838ab6d 100644 --- a/terraform/cloudflare_nix-community_org.tf +++ b/terraform/cloudflare_nix-community_org.tf @@ -23,6 +23,10 @@ locals { ipv4 = "65.109.107.32" ipv6 = "2a01:4f9:3051:3962::2" } + "build05" = { + ipv4 = "?" + ipv6 = "?" + } "darwin01" = { ipv4 = "85.209.53.240" ipv6 = "2a09:9340:808:630::1" @@ -38,6 +42,7 @@ locals { } cname = { + "aarch64-build-box" = "build05.nix-community.org" "build-box" = "build01.nix-community.org" "buildbot" = "build03.nix-community.org" "darwin-build-box" = "darwin01.nix-community.org"