torjus/nixos-servers
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity

docs: move ns1-recreation plan to completed
Some checks failed
Run nix flake check / flake-check (push) Failing after 1s
Details

Browse Source 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Torjus Håkestad
2026-02-07 23:35:04 +01:00
parent 003d4ccf03
commit f9a3961457
1 changed files with 0 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

107
docs/plans/completed/ns1-recreation.md Normal file
View File

@@ -0,0 +1,107 @@
# ns1 Recreation Plan
## Overview
Recreate ns1 using the OpenTofu workflow after the existing VM entered emergency mode due to incorrect hardware-configuration.nix (hardcoded UUIDs that don't match actual disk layout).
## Current ns1 Configuration to Preserve
- **IP:** 10.69.13.5/24
- **Gateway:** 10.69.13.1
- **Role:** Primary DNS (authoritative + resolver)
- **Services:**
- `../../services/ns/master-authorative.nix`
- `../../services/ns/resolver.nix`
- **Metadata:**
- `homelab.host.role = "dns"`
- `homelab.host.labels.dns_role = "primary"`
- **Vault:** enabled
- **Deploy:** enabled
## Execution Steps
### Phase 1: Remove Old Configuration
```bash
nix develop -c create-host --remove --hostname ns1 --force
```
This removes:
- `hosts/ns1/` directory
- Entry from `flake.nix`
- Any terraform entries (none exist currently)
### Phase 2: Create New Configuration
```bash
nix develop -c create-host --hostname ns1 --ip 10.69.13.5/24
```
This creates:
- `hosts/ns1/` with template2-based configuration
- Entry in `flake.nix`
- Entry in `terraform/vms.tf`
- Vault wrapped token for bootstrap
### Phase 3: Customize Configuration
After create-host, manually update `hosts/ns1/configuration.nix` to add:
1. DNS service imports:
```nix
../../services/ns/master-authorative.nix
../../services/ns/resolver.nix
```
2. Host metadata:
```nix
homelab.host = {
tier = "prod";
role = "dns";
labels.dns_role = "primary";
};
```
3. Disable resolved (conflicts with Unbound):
```nix
services.resolved.enable = false;
```
### Phase 4: Commit Changes
```bash
git add -A
git commit -m "ns1: recreate with OpenTofu workflow
Old VM had incorrect hardware-configuration.nix with hardcoded UUIDs
that didn't match actual disk layout, causing boot failure.
Recreated using template2-based configuration for OpenTofu provisioning."
```
### Phase 5: Infrastructure
1. Delete old ns1 VM in Proxmox (it's broken anyway)
2. Run `nix develop -c tofu -chdir=terraform apply`
3. Wait for bootstrap to complete
4. Verify ns1 is functional:
- DNS resolution working
- Zone transfer to ns2 working
- All exporters responding
### Phase 6: Finalize
- Push to master
- Move this plan to `docs/plans/completed/`
## Rollback
If the new VM fails:
1. ns2 is still operational as secondary DNS
2. Can recreate with different settings if needed
## Notes
- ns2 will continue serving DNS during the migration
- Zone data is generated from flake, so no data loss
- The old VM's disk can be kept briefly in Proxmox as backup if desired