0103f369ad
Adds terraform/ to provision a Hetzner cpx11 (2 vCPU / 2 GB dedicated AMD / 40 GB NVMe) for the loops runtime, and a flake + NixOS host config to converge it — replacing the slow b1 Incus VM. Mirrors the cc-ci server terraform (same nixos-infect pin, same pattern). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
30 lines
1.1 KiB
Nix
30 lines
1.1 KiB
Nix
{
|
|
description = "cc-ci-orchestrator — NixOS host for the cc-ci loops runtime (Builder/Adversary/Watchdog)";
|
|
|
|
inputs = {
|
|
# Pinned to the same revision as the cc-ci server for ecosystem consistency.
|
|
nixpkgs.url = "github:NixOS/nixpkgs/50ab793786d9de88ee30ec4e4c24fb4236fc2674";
|
|
|
|
# Same pin as cc-ci server (buildGo125Module compatibility with nixpkgs 24.11).
|
|
sops-nix.url = "github:Mic92/sops-nix/77c423a03b9b2b79709ea2cb63336312e78b72e2";
|
|
sops-nix.inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
|
|
outputs = { nixpkgs, sops-nix, ... }:
|
|
let
|
|
system = "x86_64-linux";
|
|
in
|
|
{
|
|
# Hetzner cpx11 host (nixos-infect generated hardware.nix + orchestrator config).
|
|
# Provision with terraform/ then run Stage 2 per terraform/README.md.
|
|
nixosConfigurations.cc-ci-orchestrator-hetzner = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
sops-nix.nixosModules.sops
|
|
./nix/hosts/cc-ci-orchestrator-hetzner/hardware.nix
|
|
./nix/hosts/cc-ci-orchestrator-hetzner/configuration.nix
|
|
];
|
|
};
|
|
};
|
|
}
|