diff --git a/.github/workflows/darwin.yml b/.github/workflows/darwin.yml
index 5c32790..e1b3ee0 100644
--- a/.github/workflows/darwin.yml
+++ b/.github/workflows/darwin.yml
@@ -16,7 +16,7 @@ jobs:
strategy:
fail-fast: false
matrix:
- host: [darwin02, darwin03]
+ host: [darwin01, darwin02, darwin03]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
@@ -36,6 +36,7 @@ jobs:
EOF
chmod 600 "$HOME/.ssh/id_ed25519"
cat >>"$HOME/.ssh/known_hosts" <<EOF
+ darwin01.nix-community.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDDnaVD9TZDJKSpiJQg0qYs0WUHFq3Ur5ijm/kHOY91N
darwin02.nix-community.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICJqwpMUEl1/iwrBakeDb1rlheXlE5mfDLICVz8w6yi6
darwin03.nix-community.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKX7W1ztzAtVXT+NBMITU+JLXcIE5HTEOd7Q3fQNu80S
EOF
diff --git a/devdoc/hosts.md b/devdoc/hosts.md
index 5225435..5b5f12c 100644
--- a/devdoc/hosts.md
+++ b/devdoc/hosts.md
@@ -30,6 +30,14 @@
- RAM: 128GB DDR4 ECC
- Drives: 2 x 960 GB NVME in RAID 0
+### `darwin01`
+
+- Provider: Hetzner
+- Instance type: [Apple Mac mini M1](https://docs.hetzner.com/robot/dedicated-server/mac-mini/getting-started/)
+- CPU: Apple M1
+- RAM: 16GB
+- Drives: 256GB SSD, 2 x 1 TB NVME in RAID 0
+
### `darwin02`
- Provider: Hetzner
diff --git a/flake.nix b/flake.nix
index 32fce5d..d61e473 100644
--- a/flake.nix
+++ b/flake.nix
@@ -101,6 +101,10 @@
inherit (self.lib) darwinSystem;
in
{
+ darwin01 = darwinSystem {
+ pkgs = inputs.nixpkgs.legacyPackages.aarch64-darwin;
+ modules = [ ./hosts/darwin01/configuration.nix ];
+ };
darwin02 = darwinSystem {
pkgs = inputs.nixpkgs.legacyPackages.aarch64-darwin;
modules = [ ./hosts/darwin02/configuration.nix ];
diff --git a/hosts/darwin01/configuration.nix b/hosts/darwin01/configuration.nix
new file mode 100644
index 0000000..523f091
--- /dev/null
+++ b/hosts/darwin01/configuration.nix
@@ -0,0 +1,19 @@
+{ inputs, ... }:
+
+{
+ imports = [
+ inputs.self.darwinModules.common
+ inputs.self.darwinModules.builder
+ inputs.self.darwinModules.community-builder
+ ];
+
+ nix.settings.sandbox = "relaxed";
+ nix.settings.extra-platforms = [ "x86_64-darwin" ];
+
+ # disable nixos-tests
+ nix.settings.system-features = [ "big-parallel" ];
+
+ networking.hostName = "darwin01";
+
+ system.stateVersion = 4;
+}
diff --git a/modules/nixos/common/security.nix b/modules/nixos/common/security.nix
index 3cead7b..a6729c8 100644
--- a/modules/nixos/common/security.nix
+++ b/modules/nixos/common/security.nix
@@ -19,6 +19,10 @@
hostNames = [ "build04.nix-community.org" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINvzMJfCiVKGfEjCfBZqDD7Kib5y+2zz04YI8XrCZ68O";
};
+ darwin01 = {
+ hostNames = [ "darwin01.nix-community.org" ];
+ publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDDnaVD9TZDJKSpiJQg0qYs0WUHFq3Ur5ijm/kHOY91N";
+ };
darwin02 = {
hostNames = [ "darwin02.nix-community.org" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICJqwpMUEl1/iwrBakeDb1rlheXlE5mfDLICVz8w6yi6";
diff --git a/modules/nixos/monitoring/hosts.nix b/modules/nixos/monitoring/hosts.nix
index 024ae4e..ba6d185 100644
--- a/modules/nixos/monitoring/hosts.nix
+++ b/modules/nixos/monitoring/hosts.nix
@@ -3,6 +3,7 @@
"build02.nix-community.org"
"build03.nix-community.org"
"build04.nix-community.org"
+ "darwin01.nix-community.org"
"darwin02.nix-community.org"
"darwin03.nix-community.org"
#"web02.nix-community.org"
diff --git a/secrets.yaml b/secrets.yaml
index 2d4b746..dec21ad 100644
--- a/secrets.yaml
+++ b/secrets.yaml
@@ -5,6 +5,8 @@ accounts:
totpsecret: ENC[AES256_GCM,data:mc6+rgdhLqcMLq4R6P4D6g==,iv:GZsNKdzA9edMiTnTYNU/KUI5HI5NYdTxOjiaYzXdUMM=,tag:agGQATAj3YqAu7eCnNHb5g==,type:str]
- name: ENC[AES256_GCM,data:hnEPU+XXIeOkf5DT2w==,iv:wZux1caDhtUF5TcUtqAG03oxVUolUnHq+w35zVtDxw0=,tag:dE3DSzK3FlLlldO7FgbWeA==,type:str]
totpsecret: ENC[AES256_GCM,data:75Til5U49fkBCYxzqDa33w==,iv:rataIY24/u0ldHid4PnfJyh1E6P8U9OUYszsk/tfMw4=,tag:dWeqIxcO7ASnAZiVbKLiLw==,type:str]
+darwin01:
+ hetzner: ENC[AES256_GCM,data:OPqvPiv9jF2+6Dc8N3o=,iv:KA3nxkD8hUd+cF0486eTnCSE95oYaoVDVOkiecVI1pM=,tag:cEuGEZrBa1dqv5c+JuYrpg==,type:str]
darwin02:
hetzner: ENC[AES256_GCM,data:2ivyayF/bCI7BKGkRSg=,iv:ZKO9rViA7gvQplzaPz47WZlsq6kk7wekVrZOFO1zUqQ=,tag:BA9W7OZZk2Xt5nF7SECnQg==,type:str]
darwin03:
@@ -92,8 +94,8 @@ sops:
MkcvL1JyVFBJV0Y5RFFCMGN1OUFXdU0Kdx1wy6ZOOTg1a6VKaq52SMBvC26lMsW/
oMP+hmXc2WtoqZp+jZ9rrXz6cZW6/dO7CPqxl3aUEKg6BkXIwgyKeg==
-----END AGE ENCRYPTED FILE-----
- lastmodified: "2023-12-11T01:26:04Z"
- mac: ENC[AES256_GCM,data:yHBOTHFrnQcMHsIzgiyGYY3KBiHgtrD8e6OlL4DdNgtIsU86IM701g0TRFXLCu5zYcurXkt1YrolPtCvUdycnPvkYxHj/8vGX6iuWvYMupqkB2+5UkHlNCBHWkJ5bJvRJPoDtRSUnI6kJJOY3IT6w3hD9aynT/YfvSnb9RsdKok=,iv:T2GxfZ+0OukuwpudStlYEn8lqNLtUpi9iQlfO9WTMK8=,tag:xb/E2pPZDkY6OJzcCFwm+Q==,type:str]
+ lastmodified: "2024-03-08T05:14:51Z"
+ mac: ENC[AES256_GCM,data:80rbdcagpzJu0kWtMXXZ1Ol9IhZZT042/2u2ttj+K7dtKFnBreUdLbPG1g0g4DmMUtzxRUNbygPtpg47twfPXfKiHxUcbwHUE+duFHOhJA/KKBWbcz/sKBXQQeiSDAluMiSh32V1z0wLwpgxBUlzKK9iML8cbZQYcUQ5gXRcCdw=,iv:nvYw3DQN5c80WPqCoZayzww2OM99cofejWgGgTaNCXY=,tag:2dGSZMKrZkTY6uOxEpXUTQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1
diff --git a/terraform/cloudflare_nix-community_org.tf b/terraform/cloudflare_nix-community_org.tf
index ef7b7b3..b2c4303 100644
--- a/terraform/cloudflare_nix-community_org.tf
+++ b/terraform/cloudflare_nix-community_org.tf
@@ -75,6 +75,20 @@ resource "cloudflare_record" "nix-community-org-build04-AAAA" {
type = "AAAA"
}
+resource "cloudflare_record" "nix-community-org-darwin01-A" {
+ zone_id = local.nix_community_zone_id
+ name = "darwin01"
+ value = "142.132.141.89"
+ type = "A"
+}
+
+resource "cloudflare_record" "nix-community-org-darwin01-AAAA" {
+ zone_id = local.nix_community_zone_id
+ name = "darwin01"
+ value = "2a01:4f8:261:1397::1"
+ type = "AAAA"
+}
+
resource "cloudflare_record" "nix-community-org-darwin02-A" {
zone_id = local.nix_community_zone_id
name = "darwin02"