diff --git a/README.md b/README.md index c5a2728e..16a66fb8 100644 --- a/README.md +++ b/README.md @@ -150,3 +150,22 @@ nix run .#deploy-linux-builder-01 switch ``` nix run .#turn-readiness-check ``` + +### Bind refuses to start after an update + +The error message + +``` +journal rollforward failed: journal out of sync with zone +``` + +This can be fixed by removing the journal files. + +Upon connection via SSH (`nix run .\#ssh-dweb-reverse-tls-proxy +`): + +```shell +systemctl stop bind +rm /etc/bind/zones/infra.holochain.org.zone.jnl +systemctl start bind +``` diff --git a/modules/flake-parts/nixosConfigurations.buildbot-nix-0/configuration.nix b/modules/flake-parts/nixosConfigurations.buildbot-nix-0/configuration.nix new file mode 100644 index 00000000..daa0c36a --- /dev/null +++ b/modules/flake-parts/nixosConfigurations.buildbot-nix-0/configuration.nix @@ -0,0 +1,106 @@ +{ + config, + inputs, + self, + pkgs, + lib, + ... +}: { + imports = [ + inputs.disko.nixosModules.disko + inputs.srvos.nixosModules.server + inputs.srvos.nixosModules.hardware-hetzner-online-amd + inputs.srvos.nixosModules.roles-nix-remote-builder + self.nixosModules.holo-users + self.nixosModules.nix-build-distributor + + inputs.sops-nix.nixosModules.sops + + ../../nixos/shared.nix + ../../nixos/shared-nix-settings.nix + ../../nixos/shared-linux.nix + ]; + + system.stateVersion = "24.05"; + + passthru = { + hostName = "buildbot-nix-0"; + primaryIpv4 = "135.181.114.173"; + primaryIpv6 = "2a01:4f9:4b:1a93::1/64"; + }; + + networking.hostName = config.passthru.hostName; # Define your hostname. + + hostName = "${config.passthru.hostName}.${(builtins.elemAt (builtins.attrValues self.nixosConfigurations.dweb-reverse-tls-proxy.config.services.bind.zones) 0).name}"; + + nix.settings.max-jobs = 16; + + boot.loader.grub = { + efiSupport = false; + }; + # boot.loader.systemd-boot.enable = true; + # boot.loader.efi.canTouchEfiVariables = true; + boot.kernelPackages = pkgs.linuxPackages_latest; + + systemd.network.networks."10-uplink".networkConfig.Address = config.passthru.primaryIpv6; + + disko.devices = let + disk = id: { + type = "disk"; + device = "/dev/${id}"; + content = { + type = "gpt"; + partitions = { + boot = { + size = "1M"; + type = "EF02"; # for grub MBR + }; + mdadm = { + size = "100%"; + content = { + type = "mdraid"; + name = "raid0"; + }; + }; + }; + }; + }; + in { + disk = { + sda = disk "nvme0n1"; + sdb = disk "nvme1n1"; + }; + mdadm = { + raid0 = { + type = "mdadm"; + level = 0; + content = { + type = "gpt"; + partitions = { + primary = { + size = "100%"; + content = { + type = "btrfs"; + extraArgs = ["-f"]; # Override existing partition + subvolumes = { + # Subvolume name is different from mountpoint + "/rootfs" = { + mountpoint = "/"; + }; + "/nix" = { + mountOptions = ["noatime"]; + mountpoint = "/nix"; + }; + }; + }; + }; + }; + }; + }; + }; + }; + + roles.nix-remote-builder.schedulerPublicKeys = [ + # TODO + ]; +} diff --git a/modules/flake-parts/nixosConfigurations.buildbot-nix-0/default.nix b/modules/flake-parts/nixosConfigurations.buildbot-nix-0/default.nix new file mode 100644 index 00000000..fd261ddb --- /dev/null +++ b/modules/flake-parts/nixosConfigurations.buildbot-nix-0/default.nix @@ -0,0 +1,14 @@ +{ + self, + lib, + inputs, + ... +}: let + evaluatedSystem = inputs.nixpkgs.lib.nixosSystem { + modules = [./configuration.nix]; + system = "x86_64-linux"; + specialArgs = self.specialArgs; + }; +in { + flake.nixosConfigurations."${evaluatedSystem.config.passthru.hostName}" = evaluatedSystem; +} diff --git a/modules/flake-parts/nixosConfigurations.dweb-reverse-tls-proxy/configuration.nix b/modules/flake-parts/nixosConfigurations.dweb-reverse-tls-proxy/configuration.nix index 49026ae8..472c3d8f 100644 --- a/modules/flake-parts/nixosConfigurations.dweb-reverse-tls-proxy/configuration.nix +++ b/modules/flake-parts/nixosConfigurations.dweb-reverse-tls-proxy/configuration.nix @@ -205,6 +205,9 @@ in turn-3.${fqdn2domain}. A ${self.nixosConfigurations.turn-3.config.services.holochain-turn-server.address} signal-3.${fqdn2domain}. A ${self.nixosConfigurations.turn-3.config.services.tx5-signal-server.address} bootstrap-3.${fqdn2domain}. A ${self.nixosConfigurations.turn-3.config.services.kitsune-bootstrap.address} + + monitoring-0.${fqdn2domain}. A ${self.nixosConfigurations.monitoring-0.config.passthru.primaryIpv4} + buildbot-nix-0.${fqdn2domain}. A ${self.nixosConfigurations.buildbot-nix-0.config.passthru.primaryIpv4} ''; }; diff --git a/modules/flake-parts/nixosConfigurations.monitoring-0/README.md b/modules/flake-parts/nixosConfigurations.monitoring-0/README.md new file mode 100644 index 00000000..e7522dcb --- /dev/null +++ b/modules/flake-parts/nixosConfigurations.monitoring-0/README.md @@ -0,0 +1,5 @@ +## Installation log + +``` +nix run .#nixos-anywhere -- --flake .#monitoring-0 root@monitoring-0.infra.holochain.org +``` diff --git a/modules/flake-parts/nixosConfigurations.monitoring-0/configuration.nix b/modules/flake-parts/nixosConfigurations.monitoring-0/configuration.nix new file mode 100644 index 00000000..64acf7ce --- /dev/null +++ b/modules/flake-parts/nixosConfigurations.monitoring-0/configuration.nix @@ -0,0 +1,42 @@ +{ + config, + inputs, + self, + pkgs, + ... +}: { + imports = [ + inputs.disko.nixosModules.disko + inputs.srvos.nixosModules.server + inputs.srvos.nixosModules.mixins-terminfo + inputs.srvos.nixosModules.hardware-hetzner-cloud + self.nixosModules.hardware-hetzner-cloud-cpx + + inputs.sops-nix.nixosModules.sops + + self.nixosModules.holo-users + ../../nixos/shared.nix + ../../nixos/shared-nix-settings.nix + ]; + + networking.hostName = config.passthru.hostName; # Define your hostname. + + hostName = "${config.passthru.hostName}.${(builtins.elemAt (builtins.attrValues self.nixosConfigurations.dweb-reverse-tls-proxy.config.services.bind.zones) 0).name}"; + + nix.settings.max-jobs = 3; + + nix.settings.substituters = [ + "https://holochain-ci.cachix.org" + ]; + + nix.settings.trusted-public-keys = [ + "holochain-ci.cachix.org-2:5IUSkZc0aoRS53rfkvH9Kid40NpyjwCMCzwRTXy+QN8=" + ]; + + system.stateVersion = "24.05"; + + passthru = { + hostName = "monitoring-0"; + primaryIpv4 = "135.181.110.69"; + }; +} diff --git a/modules/flake-parts/nixosConfigurations.monitoring-0/default.nix b/modules/flake-parts/nixosConfigurations.monitoring-0/default.nix new file mode 100644 index 00000000..3567b617 --- /dev/null +++ b/modules/flake-parts/nixosConfigurations.monitoring-0/default.nix @@ -0,0 +1,12 @@ +{ + self, + lib, + inputs, + ... +}: { + flake.nixosConfigurations.monitoring-0 = inputs.nixpkgs.lib.nixosSystem { + modules = [./configuration.nix]; + system = "x86_64-linux"; + specialArgs = self.specialArgs; + }; +}