sercanto/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/README.md
Jörg Thalheim a37cd1f3dc
kexec: fix references
2021-05-11 16:57:29 +02:00

2.5 KiB
Raw Blame History

nix-community infrastructure

Welcome to the Nix Community infrastructure project. This project holds all the NixOS and Terraform configuration for this organization.

Support

If you hit any issues, ping us on IRC in the #nix-community channel (see the admin list below) or create an issue here: New Issue.

Administrators

  • @adisbladis
  • @flokli
  • @grahamc
  • @Mic92
  • @nlewo
  • @ryantm
  • @zimbatm

Services

  • BuildKite agent - on build01
  • GitLab agent - on build01
  • hound - on build01
  • https://hydra.nix-community.org - on build01
  • marvin-mk2 - on build01
  • matterbridge - on build01
  • ryantm-updater bot - on build02

Hosts

build01 build01

This machine is perfect for running heavy builds.

  • Provider: Hetzner
  • CPU: AMD Ryzen 7 1700X Eight-Core Processor
  • RAM: 64GB
  • Drives: 2 x 512 GB SATA SSD

build02

This machine currently just runs r-ryantm/nixpkgs-update.

  • Provider: Hetzner
  • CPU: AMD Ryzen 7 3700X Eight-Core Processor
  • RAM: 64GB DDR4 ECC
  • Drives: 2 x 1 TB NVME in RAID 1

build03

This machine is a replacement for build01.

  • Provider: Hetzner
  • CPU: AMD Ryzen 5 3600 6-Core Processor
  • RAM: 64GB DDR4 ECC
  • Drives: 2 x 512 TB NVME in RAID 1

Cache

All the builds on these machines are pushed to https://nix-community.cachix.org/

Thanks to Cachix for sponsoring our binary cache!

File hierarchy

  • ./build\d+ - build machines
  • ./ci.sh - What is executed by CI
  • ./deploy - NixOps deploy script
  • ./nix - pinned Nix dependencies and overlays
  • ./roles - shared NixOS configuration modules
  • ./secrets - git-crypt encrypted secrets
  • ./services - single instances of NixOS services
  • ./terraform - Setup DNS
  • ./users - NixOS configuration of our admins

Deployment commands:

$ ./deploy

If you want to reboot a machine, use the following command to also deploy secrets afterwards:

$ ./deploy --force-reboot --include build02

Install/Fix system from Hetzner recovery mode

  1. Mount all filesystems to /mnt
  2. Install kexec image from Hetzner recovery system as described in kexec.nix and boot into it
  3. Download infra repo
$ nix-shell -p git --run "git clone https://github.com/nix-community/infra && cd infra && nix-shell"
  1. Build new system closure:
nix-shell> nix-build -A buildXX-system
  1. Install system closure
$ nixos-install --system ./result