From 32aeed170f16e0bb5ba7bae8f2ff3c21e228900b Mon Sep 17 00:00:00 2001
From: zowoq <59103226+zowoq@users.noreply.github.com>
Date: Fri, 26 Jul 2024 09:05:35 +1000
Subject: [PATCH] build03: switch to new hardware
---
devdoc/hosts.md | 5 +++--
hosts/build03/configuration.nix | 8 ++++----
hosts/build03/postgresql.nix | 2 +-
hosts/build03/secrets.yaml | 6 +++---
modules/nixos/buildbot.nix | 2 +-
terraform/cloudflare_nix-community_org.tf | 4 ++--
6 files changed, 14 insertions(+), 13 deletions(-)
diff --git a/devdoc/hosts.md b/devdoc/hosts.md
index 515ee30..001edf4 100644
--- a/devdoc/hosts.md
+++ b/devdoc/hosts.md
@@ -18,8 +18,9 @@
### `build03`
- Provider: Hetzner
-- CPU: AMD Ryzen 9 3900 12-Core Processor
-- RAM: 128GB DDR4 ECC
+- Instance type: [AX162-R](https://www.hetzner.com/dedicated-rootserver/ax162-r)
+- CPU: AMD EPYC 9454P 48-Core Processor
+- RAM: 256GB DDR5 ECC
- Drives: 2 x 1.92 TB NVME
### `build04`
diff --git a/hosts/build03/configuration.nix b/hosts/build03/configuration.nix
index 4f25b4e..e4a7a52 100644
--- a/hosts/build03/configuration.nix
+++ b/hosts/build03/configuration.nix
@@ -1,4 +1,4 @@
-{ inputs, ... }:
+{ config, inputs, ... }:
{
imports = [
inputs.srvos.nixosModules.mixins-nginx
@@ -17,12 +17,12 @@
./postgresql.nix
];
- # set in srvos, remove when reinstalling
- networking.hostId = "deadbeef";
+ # the default zpool import services somehow times out while this import works fine?
+ boot.initrd.systemd.services.zfs-import-zroot.serviceConfig.ExecStartPre = "${config.boot.zfs.package}/bin/zpool import -N -f zroot";
nixCommunity.gc.gbFree = 500;
- systemd.network.networks."10-uplink".networkConfig.Address = "2a01:4f9:3b:2946::1/64";
+ systemd.network.networks."10-uplink".networkConfig.Address = "2a01:4f8:2190:2698::2";
networking.hostName = "build03";
diff --git a/hosts/build03/postgresql.nix b/hosts/build03/postgresql.nix
index 40e8332..fbe50b3 100644
--- a/hosts/build03/postgresql.nix
+++ b/hosts/build03/postgresql.nix
@@ -14,7 +14,7 @@
services.postgresql = {
enable = true;
# enableJIT seems to be broken, can't set a version without also needing to add withJIT
- package = pkgs.postgresql_15.withJIT;
+ package = pkgs.postgresql_16.withJIT;
enableJIT = true;
diff --git a/hosts/build03/secrets.yaml b/hosts/build03/secrets.yaml
index ff88293..e654c5d 100644
--- a/hosts/build03/secrets.yaml
+++ b/hosts/build03/secrets.yaml
@@ -6,7 +6,7 @@ cachix-auth-token: ENC[AES256_GCM,data:AlZlzPSdYSrQV7ENPSvUGbOwTmvLeRRuPBCKUHJJL
buildbot-github-app-secret-key: ENC[AES256_GCM,data:Z4CNXmB94hl6KYoghVnGFhvUUV4T4rbkhaMmeanMOJt5aqgL/ultpcIHdYajn0tdlh8GzUATP+NLCbERpySn100C2ejsUz6QJPHdkVJeo32WvZ/Tj+9FBGkeTgznHW2XXhUSQDSmDy4OZJydilw8FKC8Qk6EuLWp08bhi60XDOe2I+BoK8zJKQh6FkIYHJAo5y/kQGmBu8YowC2ZWZkshv/4gW2dcANShnyN6eBvaHrskQWl6wkMDaf7+Vzrok9HBL1C1uaDMcsxz89yMeNSupsGB1IGvEAFrubY5HAsr8AQUaGTs2O8KYbMFyiE2TanBueIm/ZkwimlhIHA3W9Q98wwIqrEAKBlv+GDGqWaFyDFazWnEsdIx71+tlX0JDftxD7uvHzLMiaqf4KTHPoO3fBTBVIREfZmXEwFfxaCQUlKMBHYQfigNLLITIQkQ/SiJ05EqdqlOdFkyDsyeUtsOaCwW6MoXpo6oKKaGa9Hd4fzl8jumU5RprbuvfBOZUbv2xFnR8Eu0IT3SrUdAFoN49bGKn9qqvciTswEfIAi2YKEmHJ9yzLMmHJ061t6EIU0w1XVb97Ir3QB09LId/Plz7X1M+9sNyug32Ymc6Km38Msd/sJ2jsKIoi6V9X0b5ybwEYQM2OAeXZWjW6EYJRck3eHvgYNjBj4k2iiQ2NPABCmno0XWLz2OqgKyOGi9XHVY73C0Bl+C1f27eNIFGfQTngfqPqMu7rStjMBY5E1tBewNDKPAz6FAGPH/tGgGEej+nnZRmkMzknz2AV+o50XEho81YMEwW4Z4+sx6ArubAFI1n3vJ6KO7fqKUaxm2EexB+fU+4wXATn3zD7HzNVFHiuZfI6q4Ta0sXdsGjopfDxkAd7+BaL1gU/B3OIfcsMxlFxMwucT/rS4IuVMjtTXtRL7kwQl321zZQRE4mB20xKBTQcG/0U89GoAcj4awFfKdvOwO4efP4FU4R/PZOw4YSVDpudm2sj+eW6mrsr7/8R4J/MAMqan7C6pKpcuPRhTsXMY4G9rlgp5WMAkRyzHHNNN93hrYprUgqkIKY4lY6jCV5p7wfgslDnRCp+N2easx9ysX6Wxl0lV9jLFoT6P8vdncTjTfxFdzK8/FBpQyld4DE+GwpKlcToZSWUMLJea5FyIx4NIOnvw0bcff868rgJLFN4OON89eHD7jaeU5iXsv3Jmlug0H+t6J+2JtqcwXF53buwH9XRAv3+XWEBqthBr79IsYra4kZYcxaM9XC6njd0N0Pt63EkWj9T/+hyUJvh0oZc9W6wiI/3r6idrizvNIygnFPFHns4b6HRy8O0pYDxhvMqA2V4/X+yEYQrv/M6W20fDwhaVcHLBRmV0IbcJzC7PF3msjenzZA3NaPArHK1D9bB1hDqoCsZEJl5qNr/0bGbIwzmTF1ZwJRcD2IrUokX1RuUcbu9my4eZ2t1SvwtCWNAw/MJOF9zEH+hZiJEo2xf2Kcjy60Y0kAgN5GyiZyVx/WA/ICTvb22UHBLrNGbd548WT1215/izBphsI+jfFaZsQapnhZdcSj77I2xYdwR1PfGUwua1Expc57PrMO/WKQH8uBM27DcRqQSjQV8MaL2R8EWvz7kjmk6aXmtDcIVEUVZEO67U0rniv2gWtLxd+YduvjuA70d18YNi+4f/Y0shQfkwkckcq56qhEEuEjdorvAtkYOhf4gX7ZwPbsFG1YcmEYMgFDCPE9+6ouU7FlNkOFpQzAtU0s5B36jqOAOzZ1WDpmG67R68tKq/W8HghZcwLvFXXqqWnzsQ9uTYgp8iXYbkVRMewYGvlL2D5Ykwv5bTqJiVkw9z+XFrhHWemVzpKNUYXUGlMdAEHnA50T4ubA4kLqfQvhJ0MRys4bXJEVB4g4y0edyAXYRhAov3EpgxPdojSqgzVOL0AGIW73zzB4HkA1VbJYWNsCDTA0EfP3F/18N8HrfIGJR5QAVa7PkxR38DgM9kJhjwyloSYrUdyqeD0/5QymGQAMvyRVQ9iNP2RFq3LwdYT+TRNQtkj1PXubQIsM9Hfu7s9M7fTW6J9z6v+wmBDh/IN945MVciYQM3uWqIL1lRCIWvkg9tG4c0dz/McRiBHPAcZSb3rpeN5yGa3q/JoaTMt00A5RErTvMu7RfSRcE00Yc76+qQHiPKbSaP5U5juhy1l9s7TILKKOBNCDGvOhBAGwS8ColNojQ0zI11tRusd9ewsEJm7rIvoVJLQPeZeW8=,iv:RnOm+3nmwpB2fdaHIrUmLMPTHqySYeeoLn3LDU/GIIM=,tag:wKjwBPU+zzMrVC7I6Hag3g==,type:str]
buildbot-github-oauth-secret: ENC[AES256_GCM,data:C5P54zotOwe3u2cOsJMKEVmZVH6hrLp7Xg0JUlHBxPPXOVXWIUWWug==,iv:YutIXMrDsyznN76ApWDJF2rt1DPyVCa5dbb5VO6kM+c=,tag:GPEY2mf2sf9LSQNBx8PKFA==,type:str]
buildbot-github-webhook-secret: ENC[AES256_GCM,data:AtUFcOjLivJt8np5451Wfol5s48R4vW5gJPisT+hMD7dFAvucKriQEY+mcAMqL1X6w==,iv:oBKj9XXu/4mkeH+3KkMlWSx8GnMoXwBugNuG8Uu3XtU=,tag:8cBZVE7TOJf3QEqxfsuF8g==,type:str]
-buildbot-nix-workers: ENC[AES256_GCM,data:strmAT5SBTmwnwnYcVpE6SOwv+nX4oQmrYStovnDijjnbOU6MsSB9nvKaWXXRJbtF1OhyCd5iUqt2zktyvG3d6BL93pI8zGWoi5LI1iHhuxd0DPn4OvFJd/Szy5hFDnH6wpOtQw=,iv:/156lXfM6fs1W1gOwYhWU3e/3UJdWLTmbxhwplPMg3A=,tag:soyBmfXK+cUQQr4fCyyQfw==,type:str]
+buildbot-nix-workers: ENC[AES256_GCM,data:5Xxu6+MEnWWPFcjqYslUtsCVgYaQarMKYmlqshJ1XNK1poPeaWeqg3e44DVMw4B8MIwyWGEEmU9MR91kdYw+//jg+YMYXnG/Hq4GPlgVJBaL648wmznmJEZkXuH7bb9CMxCoXlU=,iv:71KKHcMW5tGK4Ue3xLSYwGASJhYS5z2pjU2btwmlK7M=,tag:NK6n0BoCic+vU5FWnyHnUg==,type:str]
buildbot-nix-worker-password: ENC[AES256_GCM,data:TaMHVzlzuAHfTBAyqG5JJFwpG2We+wlXva3YJnNkO9KSX9PIhnRHVES72jO63AkhvfBVEg==,iv:rTpaiCYcedcsy115BEDep68Mehb6knes7OxvBrEOrUQ=,tag:dD4Hg4oR3SfpYdP1e8V2jA==,type:str]
sops:
kms: []
@@ -68,8 +68,8 @@ sops:
WUZQSGQyQy9halJsRTIvb1FGV08zZEEKmjlYY6epTuZKRBcVyjPvJI5XKQtP5Yag
FMrI+M6hUeyBeCade5C+Y4eGQbt57BWLmsX7u0J1WTlkUSS5j7+wPg==
-----END AGE ENCRYPTED FILE-----
- lastmodified: "2024-07-25T02:42:34Z"
- mac: ENC[AES256_GCM,data:PRDIL01CTnlQ2im4OBYYP/DEX1cs4+YCdu2A+45duxu01KPViwG+C7WapkCH9x0E/78HNx0m7yyRpG7dyAhyWU8wb7d4A68po+WClIVp2pRq4VpjnwREqmN7bUbNyBKnCiO+wva/Q4KwypArxcbs5+PwbIFEBii1BKJSKwQNY6g=,iv:pP5fq5BW4m2IFWEa9tzUCREclmOtMGiGEknzh26CLYo=,tag:q1SyaQsxf/jR2VRyySr3QA==,type:str]
+ lastmodified: "2024-07-26T00:08:15Z"
+ mac: ENC[AES256_GCM,data:O+YLqDLwses7/yFxfk47d7MzoeVqkrqhL4YW+igCjzov3TWncohUdhZxCsHNGyHqL9YUOb/ftCMYr3pT80i40ndvxDuzvv58Ulm8UX7onmQIxt0kavDGp5IR3pFPgBZQNBNNbhCqJ9Z8h2JYGtzW72YmswDo5VCHt7u4CuV4fG8=,iv:uTiqOFw1Y2l/1VaIqScr5bsCRPsB3qOWLMnFijIIh2k=,tag:SyBfVwdNXQB3ByXjK3E/yA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.0
diff --git a/modules/nixos/buildbot.nix b/modules/nixos/buildbot.nix
index b7bba9e..4af7a46 100644
--- a/modules/nixos/buildbot.nix
+++ b/modules/nixos/buildbot.nix
@@ -40,7 +40,7 @@
buildRetries = 0;
domain = "buildbot.nix-community.org";
evalMaxMemorySize = "4096";
- evalWorkerCount = 16;
+ evalWorkerCount = 32;
workersFile = config.sops.secrets.buildbot-nix-workers.path;
cachix = {
name = "nix-community";
diff --git a/terraform/cloudflare_nix-community_org.tf b/terraform/cloudflare_nix-community_org.tf
index 2870180..3fc21e4 100644
--- a/terraform/cloudflare_nix-community_org.tf
+++ b/terraform/cloudflare_nix-community_org.tf
@@ -50,14 +50,14 @@ resource "cloudflare_record" "nix-community-org-build02-AAAA" {
resource "cloudflare_record" "nix-community-org-build03-A" {
zone_id = local.nix_community_zone_id
name = "build03"
- value = "65.21.139.242"
+ value = "162.55.14.99"
type = "A"
}
resource "cloudflare_record" "nix-community-org-build03-AAAA" {
zone_id = local.nix_community_zone_id
name = "build03"
- value = "2a01:4f9:3b:2946::1"
+ value = "2a01:4f8:2190:2698::2"
type = "AAAA"
}