Merge #495

495: treefmt: format markdown, docs: various updates r=Mic92 a=zowoq



Co-authored-by: zowoq <59103226+zowoq@users.noreply.github.com>

HOSTS.md

@@ -4,38 +4,47 @@
 
 This machine is perfect for running heavy builds.
 
-* Provider: Hetzner
+- Provider: Hetzner
-* CPU: AMD Ryzen 7 1700X Eight-Core Processor
+- CPU: AMD Ryzen 7 1700X Eight-Core Processor
-* RAM: 64GB
+- RAM: 64GB
-* Drives: 2 x 512 GB SATA SSD
+- Drives: 2 x 512 GB SATA SSD
 
 ### `build02`
 
 This machine currently just runs r-ryantm/nixpkgs-update.
 
-* Provider: Hetzner
+- Provider: Hetzner
-* CPU: AMD Ryzen 7 3700X Eight-Core Processor
+- CPU: AMD Ryzen 7 3700X Eight-Core Processor
-* RAM: 64GB DDR4 ECC
+- RAM: 64GB DDR4 ECC
-* Drives: 2 x 1 TB NVME in RAID 1
+- Drives: 2 x 1 TB NVME in RAID 1
 
 ### `build03`
 
 This machine is a replacement for build01.
 
-* Provider: Hetzner
+- Provider: Hetzner
-* CPU: AMD Ryzen 5 3600 6-Core Processor
+- CPU: AMD Ryzen 5 3600 6-Core Processor
-* RAM: 64GB DDR4 ECC
+- RAM: 64GB DDR4 ECC
-* Drives: 2 x 512 GB NVME in RAID 1
+- Drives: 2 x 512 GB NVME in RAID 1
 
 ### `build04`
 
 This machine is meant as an aarch64 builder for our hydra instance running on build03.
 
-* Provider: Oracle cloud
+- Provider: Oracle cloud
-* Instance type: [Ampere A1 Compute](https://www.oracle.com/cloud/compute/arm/)
+- Instance type: [Ampere A1 Compute](https://www.oracle.com/cloud/compute/arm/)
-* CPU: 4 VCPUs on an Ampere Altra (arm64)
+- CPU: 4 VCPUs on an Ampere Altra (arm64)
-* RAM: 24GB
+- RAM: 24GB
-* Drives: 200 GB Block
+- Drives: 200 GB Block
+
+## SSH config:
+
+You will need to set your admin username if it doesn't match your local username.
+
+```
+Host *.nix-community.org
+  User <youradminusername>
+```
 
 ## Deployment commands:
 
@@ -43,7 +52,7 @@ This machine is meant as an aarch64 builder for our hydra instance running on bu
 $ ./inv deploy
 ```
 
-If you want to reboot a machine, use the following command to also deploy secrets afterwards:
+If you want to reboot a machine, use the following command:
 
 ```console
 $ inv deploy --hosts build02 reboot --hosts build02
@@ -53,43 +62,17 @@ $ inv deploy --hosts build02 reboot --hosts build02
 
 1. Copy your ssh key to the recovery system so that the kexec image can re-use it.
 
-``` console
+```console
 yourmachine> ssh-copy-id root@build0X.nix-community.org
 ```
 
 2. Download and boot into kexec-image:
 
-``` console
+```console
 $ curl -L https://github.com/nix-community/nixos-images/releases/download/nixos-unstable/nixos-kexec-installer-x86_64-linux.tar.gz | tar -xzf- -C /root
 $ /root/kexec/run
 ```
 
-3. Format and/or mount all filesystems to /mnt:
-
-```console
-$ inv format-disks --hosts buildXX --disks /dev/nvme0n1,/dev/nvme1n1
-```
-
-4. Setup secrets
-
-```console
-$ inv setup-secret --hosts buildXX
-```
-
-5. Generate configuration and download to the repo
-
-```console
-$ nixos-generate-config  --root /tmp
-# optional, in most cases one can import roles/hetzner/amd.nix
-$ scp buildXX.nix-community.org:/tmp/etc/nixos/hardware-configuration.nix buildXX/hardware-configuration.nix
-```
-
-6. Build and install
-
-```console
-$ inv install-nixos --hosts buildXX
-```
-
 ### Debug VM
 
 You can start a vm from the rescue system in order to debug the boot:

README.md

@@ -15,9 +15,11 @@ See [here](roles/builder/README.md) for more information.
 We provide x86 and aarch64 linux CI via these systems:
 
 - `Hercules` - https://hercules-ci.com/github/nix-community
+
   - To enable hercules builds go to `https://hercules-ci.com/github/nix-community/$REPO` and click "Build this repository".
 
 - `Hydra` - https://hydra.nix-community.org
+
   - To enable hydra builds add a new project in this [file](terraform/hydra-projects.tf).
 
 ### `Cache` - https://nix-community.cachix.org/
@@ -36,8 +38,8 @@ DNS is managed by terraform in this [file](terraform/cloudflare_nix-community_or
 
 ### `ryantm-updater bot`
 
-* Docs: https://ryantm.github.io/nixpkgs-update
+- Docs: https://ryantm.github.io/nixpkgs-update
-* Logs: https://r.ryantm.com/log/
+- Logs: https://r.ryantm.com/log/
 
 ### `nur-update`
 
@@ -50,19 +52,20 @@ For repo additions, service requests and general conversation about governance a
 For casual chat, come join us in the [nix-community](https://matrix.to/#/#nix-community:nixos.org) room.
 
 ### Pull requests from forks
+
 As PRs from forks don't have automatic CI checks, admins can test PRs by posting a comment on the PR instead.
 
-* `bors try` - check if the PR builds.
+- `bors try` - check if the PR builds.
-* `bors merge` - same as `bors try` but will also merge the PR if it builds successfully.
+- `bors merge` - same as `bors try` but will also merge the PR if it builds successfully.
-* https://bors.tech/documentation/
+- https://bors.tech/documentation/
 
 ### nix-community administrators
 
-* @Mic92
+- @Mic92
-* @adisbladis
+- @adisbladis
-* @ryantm
+- @ryantm
-* @zimbatm
+- @zimbatm
-* @zowoq
+- @zowoq
 
 #### Role
 
@@ -73,11 +76,12 @@ The role of the administrators is to support the members of the org, and the Nix
 The administrators are responsible for serving the community to the best of their ability and availability.
 
 They provide services such as:
-* keep the systems updated and patched
+
-* reply to user requests
+- keep the systems updated and patched
-* host new services that could help the project
+- reply to user requests
-* on-board new projects
+- host new services that could help the project
-* resolve conflict
+- on-board new projects
+- resolve conflict
 
 The administrators are the only "owners" of the github organization.
 

docs/README.md

@@ -51,6 +51,7 @@ If you need to contact the nix-community admins, they are listed [here](https://
 
 Thanks to all our sponsors.
 
+<!-- prettier-ignore-start -->
 |[<img src="https://raw.githubusercontent.com/cachix/docs.cachix.org/master/source/logo.png" width="200" alt="Cachix">](https://cachix.org)|
 |:-:|
 |Cachix provides us with 1TB of free cache|
@@ -58,3 +59,4 @@ Thanks to all our sponsors.
 |[<img src="https://raw.githubusercontent.com/Gandi/.github/b1f21a402d9223c672476b41148429f538be5303/logos/black.svg" width="200" alt="Gandi">](https://www.gandi.net/)|
 |:-:|
 |Gandi provides us with a free domain.|
+<!-- prettier-ignore-end -->

roles/builder/README.md

@@ -5,7 +5,8 @@ If you want access read the security guide lines on [aarch64-build-box](https://
 ### Using your NixOS home-manager configuration on the hosts
 
 If you happen to have your NixOS & home-manager configurations intertwined but you'd like your familiar environment on our infrastructure you can evaluate `pkgs.writeShellScript "hm-activate" config.systemd.services.home-manager-<yourusername>.serviceConfig.ExecStart` from your NixOS configuration, and send this derivation to be realized remotely: (in case you aren't a Nix trusted user)
-``` console
+
+```console
 # somehow get the .drv of the above expression into $path
 $ nix copy --to ssh://build01.nix-community.org --derivation $path
 $ ssh build01.nix-community.org
@@ -13,4 +14,4 @@ $ nix-store -r $path
 $ $path
 ```
 
-*(My [implementation](https://github.com/ckiee/nixfiles/blob/aac57f56e417e31f00fd495d8a30fb399ecbc19b/deploy/hm-only.nix#L10) of [this](https://github.com/ckiee/nixfiles/blob/aac57f56e417e31f00fd495d8a30fb399ecbc19b/bin/c#L92-L95) ~ckie)*
+_(My [implementation](https://github.com/ckiee/nixfiles/blob/aac57f56e417e31f00fd495d8a30fb399ecbc19b/deploy/hm-only.nix#L10) of [this](https://github.com/ckiee/nixfiles/blob/aac57f56e417e31f00fd495d8a30fb399ecbc19b/bin/c#L92-L95) ~ckie)_

treefmt.nix

@@ -35,7 +35,6 @@
 
         prettier = {
           excludes = [
-            "*.md"
             "secrets.yaml"
           ];
         };