torjus/nixos-servers
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
Files
94feae82a083701493fe97b61dfec023dff126eb
nixos-servers/docs/plans/ns1-recreation.md
Torjus Håkestad 94feae82a0
Some checks failed
Run nix flake check / flake-check (push) Failing after 1s
Details
ns1: recreate with OpenTofu workflow 
Old VM had incorrect hardware-configuration.nix with hardcoded UUIDs
that didn't match actual disk layout, causing boot failure (emergency mode).

Recreated using template2-based configuration for OpenTofu provisioning.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-07 23:18:08 +01:00

2.5 KiB
Raw Blame History

ns1 Recreation Plan

Overview

Recreate ns1 using the OpenTofu workflow after the existing VM entered emergency mode due to incorrect hardware-configuration.nix (hardcoded UUIDs that don't match actual disk layout).

Current ns1 Configuration to Preserve

  • IP: 10.69.13.5/24
  • Gateway: 10.69.13.1
  • Role: Primary DNS (authoritative + resolver)
  • Services:
    • ../../services/ns/master-authorative.nix
    • ../../services/ns/resolver.nix
  • Metadata:
    • homelab.host.role = "dns"
    • homelab.host.labels.dns_role = "primary"
  • Vault: enabled
  • Deploy: enabled

Execution Steps

Phase 1: Remove Old Configuration

nix develop -c create-host --remove --hostname ns1 --force

This removes:

  • hosts/ns1/ directory
  • Entry from flake.nix
  • Any terraform entries (none exist currently)

Phase 2: Create New Configuration

nix develop -c create-host --hostname ns1 --ip 10.69.13.5/24

This creates:

  • hosts/ns1/ with template2-based configuration
  • Entry in flake.nix
  • Entry in terraform/vms.tf
  • Vault wrapped token for bootstrap

Phase 3: Customize Configuration

After create-host, manually update hosts/ns1/configuration.nix to add:

  1. DNS service imports:

    ../../services/ns/master-authorative.nix
../../services/ns/resolver.nix

  2. Host metadata:

    homelab.host = {
  tier = "prod";
  role = "dns";
  labels.dns_role = "primary";
};

  3. Disable resolved (conflicts with Unbound):

    services.resolved.enable = false;

Phase 4: Commit Changes

git add -A
git commit -m "ns1: recreate with OpenTofu workflow

Old VM had incorrect hardware-configuration.nix with hardcoded UUIDs
that didn't match actual disk layout, causing boot failure.

Recreated using template2-based configuration for OpenTofu provisioning."

Phase 5: Infrastructure

  1. Delete old ns1 VM in Proxmox (it's broken anyway)
  2. Run nix develop -c tofu -chdir=terraform apply
  3. Wait for bootstrap to complete
  4. Verify ns1 is functional:
    • DNS resolution working
    • Zone transfer to ns2 working
    • All exporters responding

Phase 6: Finalize

  • Push to master
  • Move this plan to docs/plans/completed/

Rollback

If the new VM fails:

  1. ns2 is still operational as secondary DNS
  2. Can recreate with different settings if needed

Notes

  • ns2 will continue serving DNS during the migration
  • Zone data is generated from flake, so no data loss
  • The old VM's disk can be kept briefly in Proxmox as backup if desired
Reference in New Issue View Git Blame Copy Permalink