micqdf/TerraHome
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: micqdf:7434a65590c4a8c075cf88a638f182142d8d27e0
Branches Tags
micqdf:master micqdf:stage micqdf:destroy
micqdf:destroy/now
..
compare: micqdf:master
Branches Tags
micqdf:master micqdf:stage micqdf:destroy
micqdf:destroy/now

4 Commits
7434a65590 ... master

Author SHA1 Message Date
micqdf
5bfc135350 Merge pull request 'fix: ignore stale SSH host keys for ephemeral homelab VMs' (#130) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 19m24s
Details 
Reviewed-on: #130
 2026-03-09 03:45:11 +00:00
MichaelFisher1997
63213a4bc3 fix: ignore stale SSH host keys for ephemeral homelab VMs
All checks were successful
Terraform Plan / Terraform Plan (push) Successful in 16s
Details 
Fresh destroy/recreate cycles change VM host keys, which was breaking bootstrap after rebuilds. Use a disposable known-hosts policy in the controller SSH options so automation does not fail on expected key rotation.
 2026-03-09 03:16:18 +00:00
micqdf
e4243c7667 Merge pull request 'fix: keep DHCP enabled by default on template VM' (#129) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 1h50m42s
Details 
Reviewed-on: #129
 2026-03-08 22:03:17 +00:00
MichaelFisher1997
33bb0ffb17 fix: keep DHCP enabled by default on template VM
All checks were successful
Terraform Plan / Terraform Plan (push) Successful in 14s
Details 
The template machine can lose connectivity when rebuilt directly because it has no cloud-init network data during template maintenance. Restore DHCP as the default for the template itself while keeping cloud-init + networkd enabled so cloned VMs can still consume injected network settings.
 2026-03-08 20:12:03 +00:00
2 changed files with 5 additions and 10 deletions
Expand all files Collapse all files

13
nixos/kubeadm/bootstrap/controller.py
View File

@@ -110,7 +110,9 @@ class Controller:
"-o", "-o",
"IdentitiesOnly=yes", "IdentitiesOnly=yes",
"-o", "-o",
"StrictHostKeyChecking=accept-new", "StrictHostKeyChecking=no",
"-o",
"UserKnownHostsFile=/dev/null",
"-i", "-i",
self.ssh_key, self.ssh_key,
] ]
@@ -172,14 +174,7 @@ class Controller:
return last return last
def prepare_known_hosts(self): def prepare_known_hosts(self):
ssh_dir = Path.home() / ".ssh" pass
ssh_dir.mkdir(parents=True, exist_ok=True)
(ssh_dir / "known_hosts").touch()
run_local(["chmod", "700", str(ssh_dir)])
run_local(["chmod", "600", str(ssh_dir / "known_hosts")])
for ip in self.node_ips.values():
run_local(["ssh-keygen", "-R", ip], check=False)
run_local(f"ssh-keyscan -H {shlex.quote(ip)} >> {shlex.quote(str(ssh_dir / 'known_hosts'))}", check=False)
def prepare_remote_nix(self, ip): def prepare_remote_nix(self, ip):
self.remote(ip, "sudo mkdir -p /etc/nix") self.remote(ip, "sudo mkdir -p /etc/nix")

2
nixos/template-base/configuration.nix
View File

@@ -10,7 +10,7 @@ in
./hardware-configuration.nix; ./hardware-configuration.nix;
networking.hostName = "k8s-base-template"; networking.hostName = "k8s-base-template";
networking.useDHCP = false; networking.useDHCP = lib.mkDefault true;
networking.useNetworkd = true; networking.useNetworkd = true;
networking.nameservers = [ "1.1.1.1" "8.8.8.8" ]; networking.nameservers = [ "1.1.1.1" "8.8.8.8" ];