From 808c290c71673c35058b17841094fa936f9de4b7 Mon Sep 17 00:00:00 2001 From: MichaelFisher1997 Date: Sun, 8 Mar 2026 13:16:37 +0000 Subject: [PATCH 1/2] chore: clarify stale template cloud-init failure message Make SSH bootstrap failures explain the real root cause when fresh clones never accept the injected user/key: the Proxmox source template itself still needs the updated cloud-init-capable NixOS configuration. --- nixos/kubeadm/bootstrap/controller.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/nixos/kubeadm/bootstrap/controller.py b/nixos/kubeadm/bootstrap/controller.py index 0faf76e..7912ea5 100755 --- a/nixos/kubeadm/bootstrap/controller.py +++ b/nixos/kubeadm/bootstrap/controller.py @@ -145,7 +145,13 @@ class Controller: f"({attempt}/{self.ssh_ready_retries})" ) time.sleep(self.ssh_ready_delay) - raise RuntimeError(f"Unable to authenticate to {ip} with users: {', '.join(self.ssh_candidates)}") + raise RuntimeError( + "Unable to authenticate to " + f"{ip} with users: {', '.join(self.ssh_candidates)}. " + "If this is a freshly cloned VM, the Proxmox source template likely does not yet include the " + "current cloud-init-capable NixOS template configuration from nixos/template-base. " + "Terraform can only clone what exists in Proxmox; it cannot retrofit cloud-init support into an old template." + ) def remote(self, ip, cmd, check=True): ordered = [self.active_ssh_user] + [u for u in self.ssh_candidates if u != self.active_ssh_user] From cd8e538c516ab4aae8d70c5808a243a9e6e6a19f Mon Sep 17 00:00:00 2001 From: MichaelFisher1997 Date: Sun, 8 Mar 2026 13:36:21 +0000 Subject: [PATCH 2/2] ci: switch checkout action source away from gitea.com mirror The gitea.com checkout action mirror is timing out during workflow startup. Use actions/checkout@v4 directly so jobs do not fail before any repository logic runs. --- .gitea/workflows/kubeadm-bootstrap.yml | 2 +- .gitea/workflows/kubeadm-reset.yml | 2 +- .gitea/workflows/terraform-apply.yml | 2 +- .gitea/workflows/terraform-destroy.yml | 2 +- .gitea/workflows/terraform-plan.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.gitea/workflows/kubeadm-bootstrap.yml b/.gitea/workflows/kubeadm-bootstrap.yml index f0b5978..5e48fb8 100644 --- a/.gitea/workflows/kubeadm-bootstrap.yml +++ b/.gitea/workflows/kubeadm-bootstrap.yml @@ -27,7 +27,7 @@ jobs: fi - name: Checkout repository - uses: https://gitea.com/actions/checkout@v4 + uses: actions/checkout@v4 - name: Create SSH key run: | diff --git a/.gitea/workflows/kubeadm-reset.yml b/.gitea/workflows/kubeadm-reset.yml index 939d3a1..3dfa23c 100644 --- a/.gitea/workflows/kubeadm-reset.yml +++ b/.gitea/workflows/kubeadm-reset.yml @@ -27,7 +27,7 @@ jobs: fi - name: Checkout repository - uses: https://gitea.com/actions/checkout@v4 + uses: actions/checkout@v4 - name: Create SSH key run: | diff --git a/.gitea/workflows/terraform-apply.yml b/.gitea/workflows/terraform-apply.yml index ba368ac..dd91b9e 100644 --- a/.gitea/workflows/terraform-apply.yml +++ b/.gitea/workflows/terraform-apply.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Checkout repository - uses: https://gitea.com/actions/checkout@v4 + uses: actions/checkout@v4 - name: Create secrets.tfvars working-directory: terraform diff --git a/.gitea/workflows/terraform-destroy.yml b/.gitea/workflows/terraform-destroy.yml index 9498894..899bd6b 100644 --- a/.gitea/workflows/terraform-destroy.yml +++ b/.gitea/workflows/terraform-destroy.yml @@ -36,7 +36,7 @@ jobs: fi - name: Checkout repository - uses: https://gitea.com/actions/checkout@v4 + uses: actions/checkout@v4 - name: Create Terraform secret files working-directory: terraform diff --git a/.gitea/workflows/terraform-plan.yml b/.gitea/workflows/terraform-plan.yml index 0701861..166e07a 100644 --- a/.gitea/workflows/terraform-plan.yml +++ b/.gitea/workflows/terraform-plan.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Checkout repository - uses: https://gitea.com/actions/checkout@v4 + uses: actions/checkout@v4 - name: Create secrets.tfvars working-directory: terraform