From b2eab48b4fbd966b76587e13893b04fc1ebac03e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Fri, 30 Dec 2022 20:49:32 +0100
Subject: [PATCH] re-install build04
---
.sops.yaml | 2 +-
build04/configuration.nix | 42 +++++-----
build04/hardware-configuration.nix | 97 +++++++++++++++++------
flake.lock | 21 +++++
flake.nix | 5 ++
roles/hercules-ci/secrets.yaml | 82 +++++++++----------
roles/nix-community-cache/secrets.yaml | 92 ++++++++++-----------
terraform/cloudflare_nix-community_org.tf | 4 +-
8 files changed, 207 insertions(+), 138 deletions(-)
diff --git a/.sops.yaml b/.sops.yaml
index 8412c32..c70ba99 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -5,7 +5,7 @@ keys:
- &build01 age17jtyn2y4fpey6q7ers9gtnh4580xj89zdjuew9nqhxywmsaw94fs5udupc
- &build02 age1kh6yvgxz9ys74as7aufdy8je7gmqjtguhnjuxvj79qdjswk2r3xqxf2n6d
- &build03 age1qg7tfjwzp6dxwkw9vej6knkhdvqre3fu7ryzsdk5ggvtdx854ycqevlwnq
- - &build04 age1vr4suv4lhtt8f59s25eukdfk67j7av72gvj7sk7ux6thusct3utqmn3pmf
+ - &build04 age1r2t5vf67jay42ju8r6d47q6zssxvv9jjh8k42qequnnsfjjk632qm2tfrm
- &zowoq age1m7xhem3qll35d539f364pm6txexvnp6k0tk34d8jxu4ry3pptv7smm0k5n
- &github_actions age1hdmmmv423xajuv4pjumnj35j34e4rhta3wgatjafy3dxf38yycysqzl4mn
# scan new hosts like this:
diff --git a/build04/configuration.nix b/build04/configuration.nix
index f6998be..a188889 100644
--- a/build04/configuration.nix
+++ b/build04/configuration.nix
@@ -13,38 +13,34 @@
nix.settings.system-features = [ ];
# we use grub because systemd-boot sometimes fail on aarch64/EFI
+ # XXX check if this is still an issue?
boot.loader.grub.devices = [ "nodev" ];
boot.loader.grub.enable = true;
boot.loader.grub.efiSupport = true;
boot.loader.grub.version = 2;
boot.loader.efi.canTouchEfiVariables = true;
- boot.loader.grub.extraConfig = ''
- serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1
- terminal_input --append serial
- terminal_output --append serial
- '';
+
+ # Make it easier to recover via serial console in case something goes wrong.
+ services.getty.autologinUser = "root";
networking.hostName = "build04";
networking.hostId = "8daf74c0";
- networking.usePredictableInterfaceNames = false;
- # networkd chokes on some ipv6 messages that the oracle network sends
- networking.dhcpcd.enable = true;
-
system.stateVersion = "21.11";
+ systemd.network = {
+ enable = true;
+ networks.ethernet.extraConfig = ''
+ [Match]
+ Type = ether
+ [Network]
+ DHCP = both
+ '';
+ };
}
-# after loading kexec, be patient. The kexec image can take up to 5 minutes to boot
-# partition guide
-/*
- sgdisk -n 1:0:+800M -N 2 -t 1:ef00 -t 2:8304 /dev/sda
- mkfs.vfat -b32 /dev/sda1
- zpool create zroot -O acltype=posixacl -O xattr=sa -O compression=lz4 /dev/sda2
- zfs create -o mountpoint=none zroot/root
- zfs create -o mountpoint=legacy zroot/root/nixos
- zfs create -o mountpoint=legacy zroot/root/home
- mount -t zfs zroot/root/nixos /mnt
- mkdir /mnt/{home,boot}
- mount -t zfs zroot/root/home /mnt/home
- mount /dev/sda1 /mnt/boot
-*/
+## `opc` is the username from the oracle image. Replace with root if we are booted into nixos.
+# nix run github:numtide/nixos-remote#nixos-remote -- \
+# --debug \
+# --kexec "$(nix build --print-out-paths github:nix-community/nixos-images#packages.aarch64-linux.kexec-installer-nixos-unstable)/nixos-kexec-installer-aarch64-linux.tar.gz" \
+# --flake '.#build04' \
+# opc@141.148.235.248
diff --git a/build04/hardware-configuration.nix b/build04/hardware-configuration.nix
index 593d66d..41fbbfa 100644
--- a/build04/hardware-configuration.nix
+++ b/build04/hardware-configuration.nix
@@ -1,36 +1,83 @@
# Do not modify this file! It was generated by ‘nixos-generate-config’
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
{
- imports =
- [
- (modulesPath + "/profiles/qemu-guest.nix")
- ];
+ config,
+ lib,
+ pkgs,
+ modulesPath,
+ ...
+}: {
+ imports = [
+ (modulesPath + "/profiles/qemu-guest.nix")
+ ];
- boot.initrd.availableKernelModules = [ "xhci_pci" "virtio_pci" ];
- boot.initrd.kernelModules = [ ];
- boot.kernelModules = [ ];
- boot.extraModulePackages = [ ];
+ boot.initrd.availableKernelModules = ["xhci_pci" "virtio_pci"];
+ boot.initrd.kernelModules = [];
+ boot.kernelModules = [];
+ boot.extraModulePackages = [];
- fileSystems."/" =
- {
- device = "zroot/root/nixos";
- fsType = "zfs";
+ disko.devices = {
+ disk = {
+ sda = {
+ type = "disk";
+ device = "/dev/sda";
+ content = {
+ type = "table";
+ format = "gpt";
+ partitions = [
+ {
+ type = "partition";
+ name = "ESP";
+ start = "0";
+ end = "512MiB";
+ fs-type = "fat32";
+ bootable = true;
+ content = {
+ type = "filesystem";
+ format = "vfat";
+ mountpoint = "/boot";
+ };
+ }
+ {
+ type = "partition";
+ name = "zfs";
+ start = "512MiB";
+ end = "100%";
+ content = {
+ type = "zfs";
+ pool = "zroot";
+ };
+ }
+ ];
+ };
+ };
};
+ zpool = {
+ zroot = {
+ type = "zpool";
+ rootFsOptions = {
+ compression = "lz4";
+ "com.sun:auto-snapshot" = "false";
+ };
- fileSystems."/home" =
- {
- device = "zroot/root/home";
- fsType = "zfs";
+ datasets = {
+ "root" = {
+ zfs_type = "filesystem";
+ mountpoint = null;
+ };
+ "root/nixos" = {
+ zfs_type = "filesystem";
+ mountpoint = "/";
+ };
+ "root/home" = {
+ zfs_type = "filesystem";
+ mountpoint = "/home";
+ };
+ };
+ };
};
+ };
- fileSystems."/boot" =
- {
- device = "/dev/disk/by-uuid/E6D6-572B";
- fsType = "vfat";
- };
-
- swapDevices = [ ];
+ swapDevices = [];
}
diff --git a/flake.lock b/flake.lock
index 761e6b1..945ceb4 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1,5 +1,25 @@
{
"nodes": {
+ "disko": {
+ "inputs": {
+ "nixpkgs": [
+ "nixpkgs"
+ ]
+ },
+ "locked": {
+ "lastModified": 1672163301,
+ "narHash": "sha256-ClIIPeY0SyZjlc9b1+EorH5DiCyYBSsUOOu9dXEwrXE=",
+ "owner": "nix-community",
+ "repo": "disko",
+ "rev": "df3a607ad7ee431f4831a51af2c464aa8a8813f4",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nix-community",
+ "repo": "disko",
+ "type": "github"
+ }
+ },
"flake-compat": {
"flake": false,
"locked": {
@@ -195,6 +215,7 @@
},
"root": {
"inputs": {
+ "disko": "disko",
"flake-parts": "flake-parts",
"nixpkgs": "nixpkgs",
"nixpkgs-update": "nixpkgs-update",
diff --git a/flake.nix b/flake.nix
index dfa2fa0..6f2c380 100644
--- a/flake.nix
+++ b/flake.nix
@@ -28,6 +28,9 @@
nur-update.url = "github:nix-community/nur-update";
nur-update.inputs.nixpkgs.follows = "nixpkgs";
+
+ disko.url = "github:nix-community/disko";
+ disko.inputs.nixpkgs.follows = "nixpkgs";
};
outputs = inputs @ {flake-parts, ...}:
@@ -100,8 +103,10 @@
common
++ [
./build04/configuration.nix
+ inputs.disko.nixosModules.disko
];
};
+ build04 = inputs.self.nixosConfigurations."build04.nix-community.org";
};
};
}
diff --git a/roles/hercules-ci/secrets.yaml b/roles/hercules-ci/secrets.yaml
index 8c936ce..a60fcab 100644
--- a/roles/hercules-ci/secrets.yaml
+++ b/roles/hercules-ci/secrets.yaml
@@ -10,73 +10,73 @@ sops:
- recipient: age17n64ahe3wesh8l8lj0zylf4nljdmqn28hvqns2g7hgm9mdkhlsvsjuvkxz
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZUWJiRzlrMENmblRySk9m
- Z1lwcE9OWS9OOEJ5V05mSHNYRWlEbXZCTFJFCmZmeS9VdXdVMGRvR2ZIczlxd0Uw
- SzBGaXd3L1QyNzlPNzZGMThFNXJUSU0KLS0tIHpXcFZQejFIQ1FHT0QrQjNGeE51
- TGFuZXVSSGtKeFF4TEdJemVMdU10Z28Kq2Dc0P/hzdQ1hpEVZVUjicIt4uSYQMxc
- Jhg9UtZo9FHmE5gQ4KAFrcWlqrdfRkgBzKT9shXCggmWBFqHnfM4aw==
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnY1ZYWkxzN2JTZy9GTkFi
+ elo0OEwyb2prYnB3eVdlQms2MWloT1FuZUJvCmdhSHY3N01rL0xPM3F5SjNXRi85
+ S2E3eXJNMlVhbm5CY3U1SUxsK2pUMUUKLS0tIGpXeXZxdlYzMGpRVytjTUV1Zi9L
+ NldUMVNIOHl2SXg5V1JwSTliVU5JeWcKU4YgW8lMrqIY9E248gANhKswJsuYt05T
+ vdHSw+cxSt6LNgkX+0rNk8eaZ6iA64uSklFewZLdCCBTII1Z57w6ow==
-----END AGE ENCRYPTED FILE-----
- recipient: age1d87z3zqlv6ullnzyng8l722xzxwqr677csacf3zf3l28dau7avfs6pc7ay
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUdkRWclNMZ3hSdHF5NzUx
- VUg1bVpIcUIzZ3NBamZNQ2FpbWw0QnJOQlg0Cjg5VFBVT3JkejVuTU1CY0V3MlZM
- ZjZhb1pwSkpXVkRoakorRHNXVmVHSVkKLS0tIDYyNHQ4b2JpT2c5TmxkbEVYcGd0
- aHhlb3pPOG1PRUtLQ2xmRDJOZG12Nk0Kem6cFZdrrB/38FV+9YtJn9lk36JcQh1t
- xrbG4vzpKoRcG6S+2SWOIKnspMcB2y4QgMHpgbiWG9ade5E2CWmGpg==
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEVUt4S0EvUW9wSXBiOTlF
+ ZnVnYnlxTzBPMVhZT2JwSlNCdTZuTmpIZGdZCkF1b09YYlU0cDU2NzR6dkNWZ0Qz
+ RmtJdE5xRkJrOG5BMjdGSGlKdmhCRWsKLS0tIGJaamVRanAwQ2g5RVEwTktreURW
+ UlFVZmR6TndUR1RCUEFtTkhDSHlybzAKVzsJtPwQbdZQvuNEan6PDxBYxrgSJrF2
+ xVFfkO5kWrzc90LBc0/Am3j6cJ1zBhUNjZAdCHoCsfxv/hPlpIM28w==
-----END AGE ENCRYPTED FILE-----
- recipient: age1kh6yvgxz9ys74as7aufdy8je7gmqjtguhnjuxvj79qdjswk2r3xqxf2n6d
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXQURTcVdWS2JtSmpuQ3dN
- enYxeXdGdERjaWpjZzVkN2ZpbHNEa0I5SFZZClFNR0ZjcXJ4dDhxUzY4U1phOGZ5
- OWx4OGEwUDBHMk1KSlEwdk1RRXd1akEKLS0tIHRNZUhVS3Q5TWY3ZVRRQVhpRVA3
- KzllT2pUS0YyaFZCdzJldy94ZXY5VFkK8fCVZxvzK+b9L1xhvJwRfXJ9ahmUtsZh
- izF754DrxJTGull0uGwWBQGB8Hbhaa4pvKbaqkRvUa393xYa5dijyg==
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlU0NsZFRiSjEwVWpxcWJn
+ eWdlZmU3K2o1Z0ZJK2cra0VBRi9TbXNMaWpZCnhHZ0pSOGNZVzZBK3dicnlwMEJK
+ VnpRT1VRWm5kekZjSFVvc1pnUmtKWWcKLS0tIDMrOUZTWDYxaFVIOHZEZkpQSFAv
+ NGhHbnhwa2NTRjNGaTNxSUJJdVFYNlkKaBV5egbZz9tjc/ezC3T/s9WNUug4ZfUP
+ Z7mnWHv2AWbkRSQ4P0I3taqmlVP1eSQrfKLu17sHjSumTuoOq7q3Ig==
-----END AGE ENCRYPTED FILE-----
- recipient: age1qg7tfjwzp6dxwkw9vej6knkhdvqre3fu7ryzsdk5ggvtdx854ycqevlwnq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3ZlVuSzBLUHFsYXhHQTZ1
- U3haNnhycWJONGgxOFVSM1hyS3dHNVQyVVZNCmpmeU1BVmJZejZwekNjTjJ1RWQr
- WlYvSWVuSStSaU0vcVFqaEJaZFhxSXcKLS0tIGtuOHdPUDA5ZzlmRm9DVU92NHZV
- Yk5SdVh2S1BERzFlSXBSUnB2L3IwdXcKI7GL2PHug4EQ/Ckg6ZobW6ylBtnXwuIe
- n3Gcyaxt6sG7EYXCoQec3YrgJ5vBYB4gClgTf39s1625K9fjUTe7vQ==
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0OGt3QjQ5K2RCYVpWRVJ0
+ anlvcW51cTlmazErby9LNmxpLzdJb3BjdW1RCkNPcE9zSzFqNTB5dGtsZ05mbXlF
+ VEQvR0U0Y1d5ZlNPUzEwVFJVS3pBVmcKLS0tIGFTMWVHMXJHVU93YlR6M3U0ZXRv
+ K214NkVYcXRlaTg2aGY4N1ZwcFRWQ28KKCm/iGYeKGOU0p/PevR6rUUt4eZJXLis
+ R86x2OH+5HcwOQ9CWKys3o8RM3cdzigGurKeGmJbmvlUJIERyqveuA==
-----END AGE ENCRYPTED FILE-----
- - recipient: age1vr4suv4lhtt8f59s25eukdfk67j7av72gvj7sk7ux6thusct3utqmn3pmf
+ - recipient: age1r2t5vf67jay42ju8r6d47q6zssxvv9jjh8k42qequnnsfjjk632qm2tfrm
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWYUlCL1ROYzNUaTFWYWx1
- SHV2aTdiNU96ZTF2UVFzQ0JES1MzcUxML0h3Cm1zOUYyZGJEVW9Wb1NKWTIvd3RN
- TUxBN1FyQzM4WGZURkc0NTJlR1NnMlkKLS0tIHVIR0R6aWtnUzk0ZDJpbVVSM1ha
- NFhBRWYrRXkydElzd3ZqSXllaWhjK0EK0+NxdMtPVRNoksiwgm4uITGM4NXfLrWk
- rGv//kXwT+ODWzSgTJ9ZbZPirUzD66By7J2xtfb7sFnhOTv6cMNgnQ==
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUd1gzNmF5WEkzTy9udDN2
+ OWVsS3QyZ08vS1k5T25rUXk2STN4ejlabWdzCkp0QXpWZE5ZK2t6R0JpNEtpUDBj
+ SDZlSDdnWHlIRDVMS2JXa0JGSitON3cKLS0tIDZKZjJPV3NOSFd1UTZxL1NsVUhz
+ YkRpMFZJQVFjdGRWMlgyOHdVUkpCRzgK82Btf3W65/BICHiyoja8or08tTFL0ymk
+ ICaqWaeqqydDfGEFZrVk7LaBq+lYMqtZFVQFY4UGbmgbGTw4qs3bMg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1m7xhem3qll35d539f364pm6txexvnp6k0tk34d8jxu4ry3pptv7smm0k5n
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwVmxNMllZZ2t2RFZMWWYz
- YnMvdS9oQnhWM2wvRjdLeWtlNWFqdmVXR2drCnZLZDB4M2Y1OW0rekh4NkpkV1Yx
- ZTI1aDBUcVhuK0VvK1N4VDYwTExqTTgKLS0tIC84cUNqcXBLcjRNYnl0ZzZvK2VE
- ZGVabDRQK0RyWXJnUzBaZk0rNEoxbDgKM65kdIEM6u4Kup/1NcefTB4I2HrbIlKn
- l53BsfD6KFLbIW9uA3Z3lzNQma7fyErCg8PLB5wpLP9watBthu3nQw==
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4eXlOVzloalVwdjNVTnB1
+ OWk2U285Zk5FYkxZVmVLYytWSXpoc2JDTzNzCjdGMmYrNG00SytsQWxWSzRFcXlT
+ K3ZYNE1xM2dySVZpL3Z6QXYrcHdRMGMKLS0tIEpBZzZXeUZRTUZEb2hoTG9DMERU
+ OTFsbE44eFpqVlBIcXRIMmovbzdTU0kKFPyqYxHqhH6j5WtTEo1x9J0oGCYRETja
+ Eb+YvMtkgFDuCtSHTPdDY60pORFfqM7yyuQP8bcGgIJIWlo/h+AE9Q==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2022-08-13T09:17:44Z"
mac: ENC[AES256_GCM,data:16G6jxdyBzWlhY0L/xWtN/IIu/+phh643pxiGAJIpI4pytf8pBJN9EX3YPORw23VZYpJtdCbktGUIDZ8SlSTUyG/Ce/wulpk0RdG7cpSMvFZxFGAiZTxCcVv/rZwn3aLx5D6KnnFrDW0rlPK7a6YCpuJuOD2CZ7V7laO6Z0VR94=,iv:5m+qKT1NA4D0nAw4DJzrHoOL6DMl/7i45ibqJZDp8pg=,tag:HZEHrus+1YrFbQILCyu+zw==,type:str]
pgp:
- - created_at: "2022-10-25T07:54:32Z"
+ - created_at: "2022-12-30T19:49:06Z"
enc: |
-----BEGIN PGP MESSAGE-----
- hQEMA3tEuTsG48KkAQf/Rhvyuh6Hw1V1bjIo338PDLrnP3bu8njOTL/mdhowJ5Dz
- MLdjIvOe7dYUWZBjDdeU8V0EooQQcq5a7mB+Ol6whnVe8bAKNoOYPedt8QyntzU/
- eX2j2lD1m56khLyaTMdY3enJqfqp//z6Tnf/hSNS0KNctqdvE6Q0zpaav86rghF/
- Tu5lzwHbmCPvLzWpg7AxUsFybwZGWU6TsFyM4SCa9K2ZGPsGaqlh00LgS0SrO0K+
- rpi1ZuGgbOFBzm+93ivag10gROqhOFZVm9l1nLH+Hauc7AJ6oNpX8Qao+InWo46l
- foCWonI2F5c8VddEqMEN7veKKyNVfqjVj70f4NyuT9JeAc+WI94Dvomcd+5LyuBf
- XKT2iDB+2FjpfrWwtUsXfsmhJB4zskHCn7XZ7BWqGoA1XoGjVecasXiN715H95wH
- GQOBwcuwhNf29JtnMCuBCVaoTIjly8XIx0O93pu6/Q==
- =QIok
+ hQEMA3tEuTsG48KkAQf+O2P5GsqAPDZgbd01EcpzM0Fisa+T2tG0eGAvG1cjvJim
+ AAjUngw77bcmqbjGUNQBg68NM/XhuKPr5Ja6LvP5fnVklVl/WkCSNzM5Z9gT76u5
+ Uszxy3UnDVnjedRcAT0qKTqyH6m+fL4zhdweG2bEyR6NnNrhke2n+tji7/y6ag2d
+ CSOm0Q2e+UJrYgNuwp2ShINzQAg/LgmRsm1Eel9Bva4vzGifUlJAp1EHL32q8i4q
+ f9XcjIsDOKS3K00oebRfp53b41lYXtESkB/Bbkcv2APIBogtw6Is5ZqGs33OM0cS
+ 5bJOuwqNRJ3ka51xux1cz6s9028faEcsBvVqdgHSV9JeAf8ZlYOA4a2XtAiqbFMW
+ Rvk8RLesGv0fFO0i9hhEWBCm+9abf0QB+irsBlBQdsDanVOqiJV4fkhRgFkYhRix
+ 9F21g5o7rZmTCojJIQDQvJsjy0YGdV0xEyYboOGvsw==
+ =robM
-----END PGP MESSAGE-----
fp: 260353B993F8CE16752EF48C71BAF6D40C1D63D7
unencrypted_suffix: _unencrypted
diff --git a/roles/nix-community-cache/secrets.yaml b/roles/nix-community-cache/secrets.yaml
index b6ee295..5b5f74e 100644
--- a/roles/nix-community-cache/secrets.yaml
+++ b/roles/nix-community-cache/secrets.yaml
@@ -8,82 +8,82 @@ sops:
- recipient: age17n64ahe3wesh8l8lj0zylf4nljdmqn28hvqns2g7hgm9mdkhlsvsjuvkxz
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHUWpQcmZzSVlUd21oTDJB
- Y0RkVG9XUVptSmNVNlRkVFZNYkxuQXNyZjJjClRYVHoxS1NJRjlheCtRQ3V5OW4w
- ZXA4Ym1SSzJJR3NhUkRmMWViNCtVNjgKLS0tIFBKVUZCQkNQN1h3aGovUTd1bWhz
- bUlsY1RyWDMyYlU0aGQ0ZElrT3RDd3MKrCIdWzknV9TguuSkCn6gPVxSX2uYfwnA
- eRkGVpuMA9FlytwBMg+QV5JN3Kgi2MZ5Ap1dtP72AbVbQucc+M6YgA==
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsY0JoN3JhSGN1NXR6T3FP
+ MEFvZjYrTlNGSGQxa0tSclRXMENzTnIzVEc0ClV0aWxHblRmaENzNWpTWlFnSnNq
+ TDJkZEx3N3Z3YnB4M0svOWxNZHhveFkKLS0tIGllSmVvM2ZoM1ZEYkh6b2xFdFBC
+ NWJqSytVYnNTOXIyaHZpYThncUVoa0kKtwDgPXI0KHGOT3CEMUpNSD+F57jG27Ya
+ hLJzSgGZq29q7U1xWsvS8VbVBmpmL7MMTzmmpqCrE1/SFxGJlcjBwQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1d87z3zqlv6ullnzyng8l722xzxwqr677csacf3zf3l28dau7avfs6pc7ay
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2Nnc5MkVQNTlwcmdrWUFL
- RmJVZVFHaW5oM3VpcmUrTmhqaDNTcUxVNkRnCjAwdGpZbjE2cDZlUGErbCtKV0k4
- dWRSYjEwVHVRNk4rSWJkeDNwamg0TU0KLS0tIC9US3pzSnlCSm9zVWU2TGUwOXZl
- VDh2cktFMklxOWpCRU1XMTE0MVd6ZVkKJMRw66azUgibl27J7FzJ8WXT/hqwvfrz
- FDFKXCWG06XMYZPPFUXqnnACqT2CvYlAqS0QQg+90Y4LRYJgCJofCQ==
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyVDY4MWQwVXZ2RFQxTDNx
+ TVJNZUFwSUZkUjAzM3VhVldlWkZrZWEzOWlBCkF1SVpNSWU5Y3lpZERMR083VDdw
+ dzBOaXN5MXArOGlNdW1BSkhLUkd4WW8KLS0tIHlRMnhab1phVDl4c2NFNnU3d1FL
+ YmdCSDVOalFMdFlVUkFTUEFJc1J1azQKk4QBdhwtC8KTKFc6huRjzlnvSj8qGV8S
+ Ix0izRiqmMQv5VB/Ij9LPQ8hoX0E/IQQVcjve+/AsUAeB/PLYxhUMA==
-----END AGE ENCRYPTED FILE-----
- recipient: age17jtyn2y4fpey6q7ers9gtnh4580xj89zdjuew9nqhxywmsaw94fs5udupc
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEdDYvRm1DZlAweDJJcDBB
- RUEwb3lpSXFrdDdZNDhqdS92M1h1TS8wSDJzCmdwaEFMZ3E1RjFObllpN0MwNGc2
- RDQ5d05nNDMvV2k1MW5BMHVVSUN5ek0KLS0tIGs0ckZROFRpWkhBYngyWkNxTmtT
- MjRDK01vcmMrQzFJd1VPSFpsVFkzR3MK4knio/OIqUK3jOwBBfpSlxU7Cd24NtcX
- M7eFeL4dELJp7tz2Sa+G8wPqfd0+5LqBFm6btCPghRyJh6hauBDE9Q==
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoSWdSQjgyU0JTaDRFZGtW
+ OTRrVitNMUtRKzkwc2tBcEF4TlFQaHQ2c0NvCk5ZODVvZHVRMXlqcmU2N3BMMEtN
+ UkpWczk3RTFpbU4vdmNqbUF6bHNNbE0KLS0tIGNibDFhd1ljMjRMZmY1TzhBcU5M
+ UlJNamYzMUViMTE3Y1pvaXZGbEQ0RGMKCgtAW8SMwiSDQlhh1ha6ZkDnxt8bN0Xe
+ L5yr3s8BsUQjEz7KoEOK+WTaoZ3oQNVpbk1U4Yltb/HRTNEJKSKAtw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1kh6yvgxz9ys74as7aufdy8je7gmqjtguhnjuxvj79qdjswk2r3xqxf2n6d
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtSURtaXU3bEpncEFNbThR
- L1R2Um9rN0lPYlZOOVhBd1BEdjhQUUZOVW44CndCaEVvUlNlRXZUaTUvZkRLSktl
- ODJ5OUd6a2Q4S2ZkSjkwaXIrbWZwd0EKLS0tIG5CV3ZQMnFaaHRaVU1kTHlXMXFo
- TndBOXdkUHN5VmMvS3VaOUw1aDFGOXMK31KLw7VuibqnfBSMjjv9fl1PF+JfqJy8
- bj3Cg4+g88JUp1o8KxmdSSdKk2o+QsyzExPPXKzJjG73hutvvYELQQ==
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPZHlVL0tMZ2JXZ2Vod2lY
+ Qy9MYXBVU2hHUDFINWJSb2xkRERVdnh1VERrClovVWFBQkdSWFFiYU5MemR0eHJv
+ Uzd3Y0lyQWlsMEVRZVRMYXFyQ3Z5ZGcKLS0tIDR3Yk5ORmhMcWJVNXEyYnVTNVJX
+ U0FLQlNhNnFhVjhtM3R6alVrMHRiNGMKog6V1r10mO/GkhgDmmQ3/aygSwKE3Vsv
+ n8fOhFI88B5/u/mpj7djcUgGS6lwycFzvsgvBluYQPyCjc63uf6cUw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1qg7tfjwzp6dxwkw9vej6knkhdvqre3fu7ryzsdk5ggvtdx854ycqevlwnq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBVHovdGhiQXVzSHlpVGVs
- Q3hrR1k2VDNKZWFtNHl1U2RwbUU0RU9kRlhrCjBkSW1TeVc0YnplSEF4b20xWjNk
- OTVVeitYOVdMd0M3MXRWNkZWVTkrb1kKLS0tIGs1T2R1bTR2ei9Hc2V1U3NiNFJ6
- L2RuamlmLzhrdFVIcHlqYU14QnJNVWcKSbl3NijlG/pcknA6djt/UH73axyNBIJF
- TCXMrUZl23bx1hiQsIMH7k5IogQWxaWcrjsgoK4zBDpKlZ3CK2KLmg==
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqU2Z4eTFhZ2RKb2twZm81
+ ZytJeVlmMVc4M2QyQVVZd2hyK0hGRkl6Z1gwCitTMHlVKzJ2R1dZdjI0U2VqbW5O
+ KzZaTGVSV2s2SGFka2pMc1o0eExRdjgKLS0tIFlsM093Q2N2c3h3NjFkNkJUb0p3
+ SStDR0xpSjdYMVpldXNCdHcxMXlxOEUKTBHKXG7kPlr9u3Qz4XmeSbtN1QwwnZxZ
+ C0vFttW+JZvUx+7eepFhyIQK/VJCgJMr8+Q7tloJb+jTAYgetaNUGw==
-----END AGE ENCRYPTED FILE-----
- - recipient: age1vr4suv4lhtt8f59s25eukdfk67j7av72gvj7sk7ux6thusct3utqmn3pmf
+ - recipient: age1r2t5vf67jay42ju8r6d47q6zssxvv9jjh8k42qequnnsfjjk632qm2tfrm
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaaDZxSU8wazlxY1BNNjBM
- S2JoenFFSExrc3htSFJhV0lJTll0Y3hxMWswCnU4dnVyd0FqREpIZWhmS3dSanlS
- TUthNnRDampMTWZyaVBzYThsVUtzaEUKLS0tIFErWElsR05oQW50cFVtaFhtUVky
- RjE1Z0ExQjJ1Q0ZHa0hwNTVTb1VFTWcKKQtu7iOLTGGDCtn843CGeSKWAecD9C5x
- i4wDgyw8EO44RpqES2wBQhqE8uBYMv8YvwuQIeXplmQNcjsNDvO2fw==
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTZ3I1dXdkdjdMRVV4dXp4
+ OGlSeVBMVnZUcE9ZMzhaTmR3VjZXc2xFdTJ3CmtLTDRhRjhLWjh5aHJIVEJMTmtu
+ TXJycWkyYkZmOGFUNUhQdGlidUNyNjAKLS0tIGJldEFRbGZJcDI3N2V3YWFoVTdz
+ c3l2MHRxSXdSQlpOSmdBckRBdmV3SzQKlcr78Aij13N0FdWnoRYTrNav7yLF/wSD
+ OxTMazFi32mKzfDnvfuZnM+u+OKOzctl+SNrqyIYfvtFlfiG9nCuwg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1m7xhem3qll35d539f364pm6txexvnp6k0tk34d8jxu4ry3pptv7smm0k5n
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuMSsydzB6MkFvSElFdG1l
- aTJsNVhGNWFTZFJJTUNreDlobFF3cS9kemxjCkhqNU9USXZPY1pQQVordElrdytC
- NFIrcGN4VHp6RzdNZ2t3OXRtSHA2STgKLS0tIGVOaHUyVmRGZk9UcmpNRFBmVWdz
- NG5oSkFOcmtJSzV5cXdpanlkVWdSbTgKKW9+7+p6K0o915X5uz9h/76aPxBsPkjJ
- TMySL9YvhPqWER5IVPCHEdHtXpjtqhVfPxouoXo0iK8fT3fhfY6qWA==
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxVjE0Z004dWdmR0F2ekRv
+ T2RQcHhheXFXNWc1bncwRkNSbTNYMmxlZnpFClpKM0VYaTZ6MVRLZGRLMmUzYWdM
+ L1F6UTZlNzN5cnJqakNPTmpqNVN3T0kKLS0tIERnYlRMdE4vY3g2eWdwc2h3NVgv
+ MjZwY1VQUmF2V01WWnFsK2prZ0YvK0EK5z3k5V9L5s2Xf2vH/9bBlOZ4G/iheLgz
+ TD9jIVjJsgqcTRalFqf9WYNGFRzhEhApDiIic3zMpy0LH6xIMHUwTQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2021-09-25T19:43:46Z"
mac: ENC[AES256_GCM,data:ZQibKAevbsldaAIjzoZ4/zzWdCLaGHKMzBU7zre6DnE+9UF3vpa+VWfTPCs7ovqKkWJUsTiyyg8JxMeF3ivFnXRzrbzeX5EZRAqlKQJHXAp5ruWDJL5Zaw3dWMVM70MGJDOsZdws5tJUu8jbZN5nYX+yjw1zDIfb1Gho7sfYg48=,iv:VDP2iWxiFy+4vTQd5DKMNpMFAWrfwKKaGfZos+Y5l3U=,tag:wo8a27b6hWkL85e+IIm58Q==,type:str]
pgp:
- - created_at: "2022-10-25T07:54:32Z"
+ - created_at: "2022-12-30T19:49:06Z"
enc: |
-----BEGIN PGP MESSAGE-----
- hQEMA3tEuTsG48KkAQgAnMbguVBAEO19J2Fb0BKSY22ka89gaA1o0Dh8m9Ne9HfD
- vDhv0A89F9sKUK/E659FJxXkDdXo4RGFF26oitylntaVMLpLFeTO4IGDe6ybZRvC
- 2dOiePsaogqai1K3075jThOdm/gXnql32e3KdjVs8+54F2afLZHtB36u1NK3A0My
- 3MdxEW3QKE5bJsg+0pEkz2DeIr9A7KSKYMI7cDVC61V1MX7q2E+LDkhARl8VX327
- jYyJVIkOepcZfWpVdcHfsRbJL6QrVm9ZaKAM0k0n1dhZeij0Q7Ie/qLHlWwpc8Df
- N/oZi4ykt0LWxh8ncZ4bPvyLbh6esQ1g5rNGFaKOMdJeAWL01oqobTCFy+0nO+ie
- viYgjbAPmlrqRlkTTHv1h3x0s261BXEemm1BmiRPVoE9a+vzL11Nxi7zyGAamLHJ
- cMtkhAaJ+fZxP7rIzg1NkqtOhED2JorgngMO45Y7Og==
- =DJEv
+ hQEMA3tEuTsG48KkAQf9GKFJ1P0owIl+VzdIdHGHYZsk+vmqe1i02iEwj3nulO/U
+ ghCdDVXSYd4mkAjYdeRgKGojBtLsKSa3kN6bocuXGaBripYZcRN0+Dvx0F//Wkjl
+ k8PGCg6rhRp7fY17p3SvOdwM70vF0+ol2wGgru5hY8e4hHki4OBnaDL08uDJiiIa
+ VKzpaFbFGrKebDnu1pj12Nffqwp5WuZWnXF13lsv/jjWuK2KH5ixr4cgXUPIHOfL
+ LIKDqc/5Wv/qn0Fia8YIPupyDE9oNucvovZG6b0sLX7KmGkuI18P6QkozckQ+y6R
+ fVu3t8nNl7WKDQhcx2WIqehhQgCpZ7a5FLFX/N+LFtJeARN4PReypd1GaeM3CcDl
+ 2V2Ynn2X+sRAzb/vsYBpK4uPgUfvC3e6kDaBfy/nT9QjVABfqoGyMv2FEr7Z5Llp
+ m43FaQIhWh/J/R51nqhJsZQyKwsSrkhWjv4JVnjjuw==
+ =qdWF
-----END PGP MESSAGE-----
fp: 260353B993F8CE16752EF48C71BAF6D40C1D63D7
unencrypted_suffix: _unencrypted
diff --git a/terraform/cloudflare_nix-community_org.tf b/terraform/cloudflare_nix-community_org.tf
index f2bb4c4..0fdc5d2 100644
--- a/terraform/cloudflare_nix-community_org.tf
+++ b/terraform/cloudflare_nix-community_org.tf
@@ -47,14 +47,14 @@ resource "cloudflare_record" "nix-community-org-build03-AAAA" {
resource "cloudflare_record" "nix-community-org-build04-A" {
zone_id = local.nix_community_org_zone_id
name = "build04"
- value = "158.101.197.202"
+ value = "141.148.235.248"
type = "A"
}
resource "cloudflare_record" "nix-community-org-build04-AAAA" {
zone_id = local.nix_community_org_zone_id
name = "build04"
- value = "2603:c022:c001:b500:1::"
+ value = "2603:c022:c001:b500:66b1:bcc4:3fde:5265"
type = "AAAA"
}