darwin03: remove

2024-07-15 09:08:34 +10:00 · 2024-07-15 09:08:34 +10:00 · 5ce9567be2
commit 5ce9567be2
parent dd7eae39c4
12 changed files with 9 additions and 78 deletions
--- a/.github/workflows/darwin.yml
+++ b/.github/workflows/darwin.yml
@ -16,7 +16,7 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        host: [darwin01, darwin02, darwin03]
+        host: [darwin01, darwin02]
    runs-on: ubuntu-latest
    timeout-minutes: 15
    steps:
--- a/devdoc/hosts.md
+++ b/devdoc/hosts.md
@ -46,14 +46,6 @@
 - RAM: 16GB
 - Drives: 256GB SSD

-### `darwin03`
-
- Provider: Hetzner
- Instance type: [Apple Mac mini M1](https://docs.hetzner.com/robot/dedicated-server/mac-mini/getting-started/)
- CPU: Apple M1
- RAM: 16GB
- Drives: 256GB SSD
-
 ### `web02`

 - Provider: Gandi
--- a/flake.nix
+++ b/flake.nix
@ -108,10 +108,6 @@
              pkgs = inputs.nixpkgs.legacyPackages.aarch64-darwin;
              modules = [ ./hosts/darwin02/configuration.nix ];
            };
-            darwin03 = darwinSystem {
-              pkgs = inputs.nixpkgs.legacyPackages.aarch64-darwin;
-              modules = [ ./hosts/darwin03/configuration.nix ];
-            };
          };

        flake.nixosConfigurations =
--- a/hosts/build03/builders.nix
+++ b/hosts/build03/builders.nix
@ -22,14 +22,5 @@
      systems = [ "aarch64-darwin" "x86_64-darwin" ];
      supportedFeatures = inputs.self.outputs.darwinConfigurations.darwin02.config.nix.settings.system-features;
    }
-    {
-      hostName = "darwin03.nix-community.org";
-      maxJobs = 8;
-      protocol = "ssh-ng";
-      sshKey = config.sops.secrets.id_buildfarm.path;
-      sshUser = "nix";
-      systems = [ "aarch64-darwin" "x86_64-darwin" ];
-      supportedFeatures = inputs.self.outputs.darwinConfigurations.darwin03.config.nix.settings.system-features;
-    }
  ];
 }
--- a/hosts/darwin03/configuration.nix
+++ b/hosts/darwin03/configuration.nix
@ -1,22 +0,0 @@
-{ inputs, ... }:
-
-{
-  imports = [
-    inputs.self.darwinModules.common
-    inputs.self.darwinModules.builder
-    inputs.self.darwinModules.hercules-ci
-    inputs.self.darwinModules.remote-builder
-  ];
-
-  nixCommunity.remote-builder.key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEmdo1x1QkRepZf7nSe+OdEWX+wOjkBLF70vX9F+xf68 builder";
-
-  nix.settings.sandbox = "relaxed";
-  nix.settings.extra-platforms = [ "x86_64-darwin" ];
-
-  # disable nixos-tests
-  nix.settings.system-features = [ "big-parallel" ];
-
-  networking.hostName = "darwin03";
-
-  system.stateVersion = 4;
-}
--- a/modules/darwin/common/default.nix
+++ b/modules/darwin/common/default.nix
@ -21,7 +21,6 @@ in
  # TODO: refactor this to share /users with nixos
  users.users = {
    customer.openssh = { inherit authorizedKeys; };
-    hetzner.openssh = { inherit authorizedKeys; };
  };

  services.nix-daemon.enable = true;
--- a/modules/nixos/monitoring/hosts.nix
+++ b/modules/nixos/monitoring/hosts.nix
@ -5,6 +5,5 @@
  "build04.nix-community.org"
  "darwin01.nix-community.org"
  "darwin02.nix-community.org"
-  "darwin03.nix-community.org"
  #"web02.nix-community.org"
 ]
--- a/modules/shared/known-hosts.nix
+++ b/modules/shared/known-hosts.nix
@ -24,10 +24,6 @@
      hostNames = [ "darwin02.nix-community.org" ];
      publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICJqwpMUEl1/iwrBakeDb1rlheXlE5mfDLICVz8w6yi6";
    };
-    darwin03 = {
-      hostNames = [ "darwin03.nix-community.org" ];
-      publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKX7W1ztzAtVXT+NBMITU+JLXcIE5HTEOd7Q3fQNu80S";
-    };
    hetzner-storage-box = {
      hostNames = [ "[u348918.your-storagebox.de]:23" ];
      publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIICf9svRenC/PLKIL9nk6K/pxQgoiFC41wTNvoIncOxs";
--- a/secrets.yaml
+++ b/secrets.yaml
@ -18,8 +18,6 @@ darwin01:
    customer: ENC[AES256_GCM,data:zDa+TUczDkjxthze,iv:VdYAf5EP6RjRLkWQzWRRlkWiUKSfoFR8f2GTMMTZg3Q=,tag:8CZSA1qxxOBxbPdzqU4NFg==,type:str]
 darwin02:
    hetzner: ENC[AES256_GCM,data:2ivyayF/bCI7BKGkRSg=,iv:ZKO9rViA7gvQplzaPz47WZlsq6kk7wekVrZOFO1zUqQ=,tag:BA9W7OZZk2Xt5nF7SECnQg==,type:str]
-darwin03:
-    hetzner: ENC[AES256_GCM,data:JXcc5M1LY5s+y1q9zKU=,iv:nyux6gTWd/OBrOauY1DdZrvBcn7soqHSOnDe7Qn2YGE=,tag:nOOXlN3T6bQS7Oh9WaGpJw==,type:str]
 nix-community-alert-bot:
    username: ENC[AES256_GCM,data:nA+jbVz3HtDgfDC+y2J4818=,iv:8Q7roobuWuXMnJXWKEJRjKlMYmvFUm5eodX5htLbVHY=,tag:r0FEOL9PByNYtL17hU7ApQ==,type:str]
    home-server: ENC[AES256_GCM,data:k6rsrEvyCUQj,iv:TJBl7dYioATGVYOOETIajkaw+7LKsyrJDI0zmey3Uo4=,tag:ZuSahyrPlmj2qGp8vvuyOw==,type:str]
@ -113,8 +111,8 @@ sops:
            MkcvL1JyVFBJV0Y5RFFCMGN1OUFXdU0Kdx1wy6ZOOTg1a6VKaq52SMBvC26lMsW/
            oMP+hmXc2WtoqZp+jZ9rrXz6cZW6/dO7CPqxl3aUEKg6BkXIwgyKeg==
            -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-07-11T21:42:16Z"
-    mac: ENC[AES256_GCM,data:CU9X65g+Zv35lHOGBLKheTtHgcV90w2T3m5a+ReStIpe/nmc6QUa3rMnqb1ES0jq6Il9WW8zdmRZk4Dg5vAKs1QfI1xrJKw2gkEH7uo5yQlagbPZBh8+yXcbNjwWkUaPy8Xp2N/ptujq1sAQuAJvicegIbGxyO1BpjapxSZ+o4w=,iv:xa+YQlRZzH2U3Im0c460ZneO7+SW/8iu5VZgGyswXY8=,tag:4lvMdHYojeGxEx3h8HRimQ==,type:str]
+    lastmodified: "2024-07-14T23:11:46Z"
+    mac: ENC[AES256_GCM,data:ACyhXOmQeoYclCUSkMtBNOgraEBZq/23sqxsCLpsQDlKYZdwn/QxoIJ/o4oN3pwN2SmZ7z7l+aOIQAMSGp8m8KYLGTnXHj4mX13grcWxkE0LDvHN50BFUXw27Jw3sVhTneUyo9RPl3jxTU02OYLquzS4/iYSli6LsZ61QqiNppQ=,iv:lJ+I+S+EbnuHJ2d5TnUanznDTnfpWdZWnSWpHZRYp9w=,tag:CMRQpj2hxbmCj9kvx0XWnA==,type:str]
    pgp: []
    unencrypted_suffix: _unencrypted
    version: 3.9.0
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -12,10 +12,9 @@ let
  build03 = knownHosts.build03.publicKey;
  build04 = knownHosts.build04.publicKey;
  darwin02 = knownHosts.darwin02.publicKey;
-  darwin03 = knownHosts.darwin03.publicKey;
 in
 {
-  "hercules-binary-caches.age".publicKeys = users ++ [ build03 build04 darwin02 darwin03 ];
-  "hercules-cluster-join-token.age".publicKeys = users ++ [ build03 build04 darwin02 darwin03 ];
+  "hercules-binary-caches.age".publicKeys = users ++ [ build03 build04 darwin02 ];
+  "hercules-cluster-join-token.age".publicKeys = users ++ [ build03 build04 darwin02 ];
  "hercules-secrets.age".publicKeys = users ++ [ build03 build04 ]; # hercules-secrets are only needed on linux
 }
--- a/tasks.py
+++ b/tasks.py
@ -122,13 +122,10 @@ def get_hosts(hosts: str) -> List[DeployHost]:
        return [DeployHost(f"{n}.nix-community.org") for n in systems]

    if "darwin" in hosts:
-        if hosts == "darwin01":
-            return [DeployHost("darwin01.nix-community.org", user="customer")]
-        else:
-            return [
-                DeployHost(f"{h}.nix-community.org", user="hetzner")
-                for h in hosts.split(",")
-            ]
+        return [
+            DeployHost(f"{h}.nix-community.org", user="customer")
+            for h in hosts.split(",")
+        ]

    return [DeployHost(f"{h}.nix-community.org") for h in hosts.split(",")]

--- a/terraform/cloudflare_nix-community_org.tf
+++ b/terraform/cloudflare_nix-community_org.tf
@ -103,20 +103,6 @@ resource "cloudflare_record" "nix-community-org-darwin02-AAAA" {
  type    = "AAAA"
 }

-resource "cloudflare_record" "nix-community-org-darwin03-A" {
-  zone_id = local.nix_community_zone_id
-  name    = "darwin03"
-  value   = "142.132.141.44"
-  type    = "A"
-}
-
-resource "cloudflare_record" "nix-community-org-darwin03-AAAA" {
-  zone_id = local.nix_community_zone_id
-  name    = "darwin03"
-  value   = "2a01:4f8:261:135a::1"
-  type    = "AAAA"
-}
-
 resource "cloudflare_record" "nix-community-org-web02-A" {
  zone_id = local.nix_community_zone_id
  name    = "web02"