Replace workshop user key.

.sops.yaml

@@ -2,6 +2,7 @@ keys:
   - &admin_ppetru age1df9ukkmg9yn9cjeheq9m6wspa420su8qarmq570rdvf2de3rl38saqauwn
   - &server_zippy age1gtyw202hd07hddac9886as2cs8pm07e4exlnrgfm72lync75ng9qc5fjac
   - &server_chilly age16yqffw4yl5jqvsr7tyd883vn98zw0attuv9g5snc329juff6dy3qw2w5wp
+  - &server_sparky age1zxf8263nk04zf4pu5x2czh6g4trv4e2xydypyjschyekr6udqcsqmrgv68
   - &server_alo_cloud_1 age1w5w4wfvtul3sge9mt205zvrkjaeh3qs9gsxhmq7df2g4dztnvv6qylup8z
   - &server_c1 age1wwufz86tm3auxn6pn27c47s8rvu7en58rk00nghtaxsdpw0gya6qj6qxdt
   - &server_c2 age1c2kc034n7tqztarcu7n5ldnjmy9sr3jgwrsaddsj0hwfus9mdp3sctts4m
@@ -13,6 +14,7 @@ creation_rules:
         - *admin_ppetru
         - *server_zippy
         - *server_chilly
+        - *server_sparky
         - *server_alo_cloud_1
         - *server_c1
         - *server_c2
@@ -27,6 +29,11 @@ creation_rules:
       - age:
         - *admin_ppetru
         - *server_chilly
+  - path_regex: secrets/sparky\.yaml
+    key_groups:
+      - age:
+        - *admin_ppetru
+        - *server_sparky
   - path_regex: secrets/alo-cloud-1\.yaml
     key_groups:
       - age:

common/user-ppetru.nix

@@ -15,7 +15,7 @@
     openssh.authorizedKeys.keys = [
       "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCdZ9dHN+DamoyRAIS8v7Ph85KyJ9zYdgwoqkp7F+smEJEdDKboHE5LA49IDQk4cgkR5xNEMtxANpJm+AXNAhQOPVl/w57vI/Z+TBtSvDoj8LuAvKjmmrPfok2iyD2IIlbctcw8ypn1revZwDb1rBFefpbbZdr5h+75tVqqmNebzxk6UQsfL++lU8HscWwYKzxrrom5aJL6wxNTfy7/Htkt4FHzoKAc5gcB2KM/q0s6NvZzX9WtdHHwAR1kib2EekssjDM9VLecX75Xhtbp+LrHOJKRnxbIanXos4UZUzaJctdNTcOYzEVLvV0BCYaktbI+uVvJcC0qo28bXbHdS3rTGRu8CsykFneJXnrrRIJw7mYWhJSTV9bf+6j/lnFNAurbiYmd4SzaTgbGjj2j38Gr/CTsyv8Rho7P3QUWbRRZnn4a7eVPtjGagqwIwS59YDxRcOy2Wdsw35ry/N2G802V7Cr3hUqeaAIev2adtn4FaG72C8enacYUeACPEhi7TYdsDzuuyt31W7AQa5Te4Uda20rTa0Y9N5Lw85uGB2ebbdYWlO2CqI/m+xNYcPkKqL7zZILz782jDw1sxWd/RUbEgJNrWjsKZ7ybiEMmhpw5vLiMGOeqQWIT6cBCNjocmW0ocU+FBLhhioyrvuZOyacoEZLoklatsL0DMkvvkbT0Ew== petru@paler.net"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH+QbeQG/gTPJ2sIMPgZ3ZPEirVo5qX/carbZMKt50YN petru@happy"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINqULSU2VWUXSrHzFhs9pdXWZPtP/RS9gx7zz/zD/GDG petru@Workshop"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINIwBGVVoiKh/5/j9Z0ITvResWy+ZuB1afFUkkP/VZ9O ppetru@sparky"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFRYVOfrqk2nFSyiu7TzU23ql8D6TfXICFpMIEvPbNsc JuiceSSH"
     ];
   };

flake.nix

@@ -128,6 +128,7 @@
           ./hosts/zippy
         ];
         chilly = mkHMNixos "x86_64-linux" [ ./hosts/chilly ];
+        sparky = mkHMNixos "x86_64-linux" [ ./hosts/sparky ];
       };
 
       deploy = {
@@ -180,6 +181,15 @@
               };
             };
           };
+          sparky = {
+            hostname = "sparky";
+            profiles = {
+              system = {
+                user = "root";
+                path = (deployPkgsFor "x86_64-linux").deploy-rs.lib.activate.nixos self.nixosConfigurations.sparky;
+              };
+            };
+          };
         };
       };
 

hosts/sparky/default.nix

@@ -0,0 +1,19 @@
+{ pkgs, inputs, ... }:
+{
+  imports = [
+    ../../common/encrypted-btrfs-layout.nix
+    ../../common/global
+    ../../common/base-node.nix
+    ../../common/dev-node.nix
+    ./hardware.nix
+  ];
+
+  diskLayout = {
+    mainDiskDevice = "/dev/disk/by-id/nvme-Samsung_SSD_970_EVO_Plus_250GB_S4EUNF0MA33640P";
+    #keyDiskDevice = "/dev/disk/by-id/usb-Intenso_Micro_Line_22080777660468-0:0";
+    keyDiskDevice = "/dev/sda";
+  };
+
+  networking.hostName = "sparky";
+  services.tailscaleAutoconnect.authkey = "tskey-auth-kFGr5T4rtT11CNTRL-Ls3wbQz5Nr2AUyzeLaC3s2eChNasyPdR";
+}

hosts/sparky/hardware.nix

@@ -0,0 +1,21 @@
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}:
+
+{
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [
+    "kvm-intel"
+  ];
+  boot.extraModulePackages = [ ];
+
+  nixpkgs.hostPlatform = "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = true;
+}

secrets/common.yaml

@@ -8,65 +8,74 @@ sops:
         - recipient: age1df9ukkmg9yn9cjeheq9m6wspa420su8qarmq570rdvf2de3rl38saqauwn
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjOWdvMkRQQUV0emx3WDZt
-            aDEvRHhKZGQxTThjakc5VVpMRFlxQ3pwdEhrCjl1Y3hKM2FRVENRcEtCYlphVTR5
-            ejFDZzhYUG5NTHgyUVp2emgwVWx1RVEKLS0tIDFWM1RublZVWjN3cXZKM1RsZHBt
-            ZFl4elUxbHdUZVQ4ajYvd2h3RHpMaVkKxviRk3TCTl9SdqAC7C+e+ugD3o/6/3sh
-            6I7Z1f9K99ONAaP3VhVoW34+qDXyA/RmNk85TWDjE8U/Y4A7/+kYAQ==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpeCtRemFxOUErVll5OGlx
+            Sk5UM3Z2SUdJeUVoYlBXZFdiMlc2NlFLNEhFCk94YUtDbGtzVm9wbkRWNkFNbjY1
+            aUQxSVhmWVVLRThMRWRCR00xbFk5czgKLS0tIG5wMGlaNi8wT3FTdkhhMkhvV3Ft
+            WHg4Zis0K20vM1MwcFVDSDQ3Tmx5N3cK8QO9Uyc11TdIDTUiOvTgAvgehVnWclRI
+            UX7ISxlF+qBwfkoXeo3N6jl4buAOrKhY/ssrvjF8fXwl/dc4iVRbRw==
             -----END AGE ENCRYPTED FILE-----
         - recipient: age1gtyw202hd07hddac9886as2cs8pm07e4exlnrgfm72lync75ng9qc5fjac
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBOVNYRTB1NVpMYzJlakpZ
-            cXd4amF2dUEyZXVubFZvUDVJZFVlSWh2TTBnCmhRMDhTdjFDQzg4eGNBYzhVTGNy
-            THJrbXZBeVVxMkJweXJESDVSR1U1S1kKLS0tIGpOcFZ1NnZyczZZT01BcUVLVGo5
-            cmdiMTNKZ0pJVWpOTDNHSUt1UUJCM2cKsCOQM166AQjNqlBoB3r04HMGiUkgkFvA
-            /uxxVnapjzn0Fj9OgtTSsHT7TnRHsPLvFbIPNuvzk2T7j2sv8TEZnw==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1bm9uQVZ3YlFXaldDSGhC
+            d3lEbjFweGY3b1Eyd2RQcFRYQ1ZCNDU5U0ZBCjVBUHhmOEtieVp3M0UrbzE5U0Nn
+            cnJjR0g3MCt0SngreWJpMFlFM2RDekUKLS0tIGdmQWgzelpabFJ0VWRaQ1FiRjRZ
+            UW9GbmUybkpXUExtWnJldENMek5wV00K/3ZKwVjEc/gfkwPZ/baPPNrc1SN9Yudn
+            DtKZfbR9nsqflEtuP2y7vEkEzBj3u/nRD8t7gvj9bAnjJGB+9HCdyA==
             -----END AGE ENCRYPTED FILE-----
         - recipient: age16yqffw4yl5jqvsr7tyd883vn98zw0attuv9g5snc329juff6dy3qw2w5wp
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2ZnVQVzhYaGlzcUY2ckNW
-            RkxKVHZpa2RRZ3ZuWGFkaTNWVVNISnpaMEhRCmxjbnlGbEJPWGhOdGFnNzNoSkgx
-            ZTNvL0ZKZ2JyeFRlMFJHK2dRTzhoTVkKLS0tIHBoZ09TdHFpTUs4TE5BVUxKemRr
-            WCttVkpwNVVhRUhtaWlDcDBSMzA1eEEKG149AvnnLyGGYA7oXIhUz46rFzYDFcC+
-            r1UrA6MrJXSDggNh2puQ1dDtntub9BHCO8qDGsxSOCpp/TqEtrv9eA==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLQk9lUWRWcEpzYlNnSStt
+            L2E3RUE0VG9SZ2pZcmYrbmZ3M3c2VkVWckFNClRHSnJhakcwNkZaSmg3aWVPSXZG
+            dUVQQWpqQjlwazQ4SitScllWMnhHRG8KLS0tIFZRWU1lbWhEdkZ5VFl2bWRJTkZM
+            Q1VaTjl6U2hzeWZUeDlab0RaNGlIa1EKaiEDRzdkn0dAoQdps1W1UHAYATDvP531
+            6V/KikZPwY8g6UBUsq53CKKx8tx4SvqixAuAYJT29WtPLIfn2wGnDA==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age1zxf8263nk04zf4pu5x2czh6g4trv4e2xydypyjschyekr6udqcsqmrgv68
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFVnZ0OERvMzRxSVE2MEFI
+            dmRCQUZ1a2YyN1JoMGcxdGhwT0cvcFhnSDNZCnYxa2R2T01aWmVpWUdrK0JTNGkv
+            empMTjFkRzZLZUFJVkpZU0tXUnRlcTgKLS0tIFU4QXk3NlR3b1o0UmVhNWt4NVR3
+            anJ5R3Z0MVNFWEZVM0pnQVgzcjdaSVUKcKKDp0mu4yO6Sxu6CDweETwJ6b404+rT
+            YfznubwZw+bbTS/W1yXvmKE9cSZ1A6EUldaGjizS+wR1fKpCwEGoHQ==
             -----END AGE ENCRYPTED FILE-----
         - recipient: age1w5w4wfvtul3sge9mt205zvrkjaeh3qs9gsxhmq7df2g4dztnvv6qylup8z
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMTTV0QkdnWDlVckJjaVF6
-            bXhZUHFFNEVReE1qSURZdjlXVkN4ZE1VOVVrCjBsdTdOSXRISkpVMGVDY0RtMXIy
-            MGtHakFuV2VqNk4vcFJmV2FmQjhJQk0KLS0tIC9nRHJSVWVWY0tEaURValdOY1Vm
-            bTFWS25lajdzNDdXd0lJY3VCbm0xbW8KgW0kqgIoH2UWqMPhyI1lY3qJJhDankCr
-            wQ1s6Jyxi58hFpCChfSi0q3s0Nd1RWo/MMHZnw8IJ9YAp7MFRY/6lA==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBTm1XZTdDU2tCMlRUZlR3
+            SURZbU5LOHl6MlVpb0J1QW5TbmZ1S3J5aERFCm5pTnJjUmg0Q1VWWUJ6TThTWGx0
+            dmMwUGlVc3FqTHFvRWhiQnp0UWljSTgKLS0tIHVXWjlaNjBTaTM4ck1XVWRFcXNi
+            L2pWazRCVnZDUHd6bUpvbG1JWEgvNFEKKT3AWCrMFyGp2bnAUMi1RDxKvJSUm5We
+            qt5ZaZbV8VqAhrZhHXb3KpWZYcof5yxTRGOalfKMSaAGg9Mr0itN6w==
             -----END AGE ENCRYPTED FILE-----
         - recipient: age1wwufz86tm3auxn6pn27c47s8rvu7en58rk00nghtaxsdpw0gya6qj6qxdt
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIeTBZM2NnV3EvSFQveUFE
-            OWJoeC9sR1BVemczT01YbjJCUW45dCtOamh3CjJycHNBb2RRaUVrd1E4V2k5d0Jt
-            SUhuakRFWDRQbnJmNDl1b0g2ZGV1S1kKLS0tIHd2eW5sNFAwUjhCaVVibGowSVNS
-            VGRMUmUxcjVqekFXV0MzbnpVN2V6dUUKze9Ys+rYb46Oz1ZTCoUGCjWteuheoa4h
-            DnhKGEcHVYVsJ+lxRheLeEEilLUSluWK0ejAomPSR9oi9y0Z3rEUAw==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKQWhWcC95OGRpNStyY21U
+            K3UyaXR3dUJhelVVUXpvMDRpNzlYZHFUVFNvCitzaUM5akl2RGlsTDBsdHptaTRM
+            MUFsNmlrS1JYV0w4anZMc2QxNy9sbjAKLS0tIHFGY2cwekpoL3IyMHAwK1VBai9D
+            NlVPMFNySmhjNzhSR0k2Z3kyRnpKZEkKfTCC2nPXDFEx7w2U5Z2Kdp8FPHAFakL1
+            xX4L4l878IfuRz7yMQGdS90tCexPocord/zWRks65JFdm31TLdkOVg==
             -----END AGE ENCRYPTED FILE-----
         - recipient: age1c2kc034n7tqztarcu7n5ldnjmy9sr3jgwrsaddsj0hwfus9mdp3sctts4m
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5L3FmS3JFTHRqeUkxY1JS
-            TXFONTNFNnUyVE1CSWhnM05pT21aVStWVDN3ClE2WHhRTExsVmhaaWQyNCs4LzJo
-            ampVZHlycE9McEEzdCtFZzNoY1ROcmcKLS0tIGFhcFM3cVNEa0k2NS93amtEVHp4
-            cE42N2Y5WGVMOUZ5a3VvQVlEcDNqZUEKUhfElhoxunhwhIEouSCzqbsqAHcBcuh6
-            tuzDqSuc3z8NMfLKW3EwCwmGbk9YX57WHmGbd1EM54kAE7zflymOLQ==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXT2Q5Z3BoZzFPQ2FSbkY4
+            dFYyRHc0dlpHdktUR2tKYUJ3Zjg3dWJpMWxJCkthenZ5TnkwL3B2bzFFQzN5WUJ0
+            Uk5iRm5QOTk2Y1BDcXFmVElDTjAySDAKLS0tIElVUkpyeXYwQ2Z6N0QvdDZVdkVo
+            K1MySzNiNWhBV2VaTVdEQ2pzZjJmME0K+Fvb4fpLEc8fcAFyeCQmdrXERUogjIvR
+            hlkO/x5nFdipBqNPLzY5ytE3GpgRTuq/O3+uXpdOk65Eq1Uwlrcm7w==
             -----END AGE ENCRYPTED FILE-----
         - recipient: age1zjgqu3zks5kvlw6hvy6ytyygq7n25lu0uj2435zlf30smpxuy4hshpmfer
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0RS9maGVJeDNnRUl5Yk0r
-            N3pvbWxQL3h6aU01TGRFNysrZkd1TmRER1JBCmJjdnBiUUlMR1poZGpTeC8wSVQx
-            aGF0STE0TE1sa3YxakEwMUt3bURxUkkKLS0tIDVsdnpxcHpvQStjM09iSDRMdU1T
-            c09FQVJURG5PaW43cGhIWFRhQ1ppcEUK2iJ/M228wXCdIcs7LBbnntTrJqzmfdOi
-            btMKaOX0d3vecXooJF6smssVrdUIwRdoLe8qBeGiMqhjCqjwur0UzQ==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPdkE0Uk5RNzI0MnRnc0Q5
+            UFVxOVRyQjRrTUNla0lpblVBUDNCVGU3clVzCk1Pd0RzUmxuVVI5WHRhYVdVYUVQ
+            MGkyS0F2ZlhIT0d3WU5SQloyYWN0eXMKLS0tIGROZ3J5SUZBVGt5SkZRY3dpdzht
+            bkFsT1NyWXhXbGJ6dWJRcWZBbE1vZ1UK2q/dIfdaRn18XvPJJUC/ML/cHZN+/XhQ
+            BYxCkg+8z6F+tWzJ/7yuV522fKRW7Vw/8jPQ1obPTRTYGvWSgPVVBg==
             -----END AGE ENCRYPTED FILE-----
     lastmodified: "2025-04-04T09:34:06Z"
     mac: ENC[AES256_GCM,data:YIcRrsPparPfPaI2+MLlKsxu7M19H8nndOsrDLuh/5BXzIZNiuTIWyvxODyhI745rDwlibO+7Q0QctanhTl4+IzGaYtuY4i+rb+3dzBMpcdT2VAbtCHHxcltWeanRGFq2K3WM2tbnQCERst5kejfn0Razjq3UU5vNwfBsdJMwGc=,iv:izDxy0ufVnH8ImkZIngcYhGuj0PGpLqBD/ZDvQyE+5I=,tag:oYBUEQS52pr09h5OvOadNg==,type:str]

secrets/sparky.yaml

@@ -0,0 +1,30 @@
+kopia: ENC[AES256_GCM,data:AS5zTDpPPuPGEoT05uHyAfPTbls=,iv:YZK8O0/osP0/ay1tw2kkiCoxws+DlzquVqXNdVayE+k=,tag:tCNM8fzEEuRTPDJybq7fUA==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1df9ukkmg9yn9cjeheq9m6wspa420su8qarmq570rdvf2de3rl38saqauwn
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwOUY0MFRzNkV4WTlyVXhj
+            L2drMTlUZ2pzN09mVk4xYk90cmg0VXVvbXdFCjNrYjNCQ1RXaXo3Nm5ScTZIcHJy
+            eGdVRkhpV0J1bC9jenkwS3l0UXVSMXMKLS0tIDZXbythcWN3Y21zZVVvNkhiVmY5
+            cnJZYWg3VVZsbGZhSHM5b2tXMTk2d1EKz1Dd5jhfVT+f+nRCYNFo1YuTDVzTUq91
+            W1HDd/6SvBfky80+KXTEqZL/TL+gjgKEdyXQryrfH/rfvymqzDpGaA==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age1zxf8263nk04zf4pu5x2czh6g4trv4e2xydypyjschyekr6udqcsqmrgv68
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPcWZxaE9EbWlIM0R5Wkhj
+            MmFMdlhyR2Vma3RsbnM4ak9sKzdLWENaUTJFCkNXVDNmRUJTRWFPeEpXcWl0cE9Z
+            dm53UTJVSlZpNmdieFJEYmU5TVhhUkUKLS0tIHhwSWhuWUhUYmZrK1Ezelpud3J3
+            Sit5S0hzcGZEL0oxRmNVbVNhYklaaTAKf0ts/HpTcrLH8svaB3gwFH4W4QIdrPPE
+            trGqXGj8YOkiA78J1maKijXuqjtPvKkBEPYekEY3c378gZhFdL+8lQ==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2025-10-19T17:33:13Z"
+    mac: ENC[AES256_GCM,data:IwEyBr/I7BJa0gWZ494dCT0ogyP2PbnUg5fLOn15vZAHIyYtTB3dI3gV5Lx7oPdqOPlI61MsShIYBnk0uBChpNu6O4oiGUfwvBfegzlDyHHERLx+S7nZpcwmf/3JoNXwq0f2OtOu8nA6Q1V4gVjFFNWUCAh5cq106vG1awsQkn0=,iv:j+JcVtKz2RfyWu55dUeJJTRK6prB9DGLvcjiAAdVySM=,tag:Pg5sKiLzYUFoN9Duu+nF0w==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.9.4

setup-host.txt

@@ -10,3 +10,4 @@
 * on base host: nix run github:nix-community/nixos-anywhere -- --flake '.#<target>' nixos@<target IP>
 * after confirmed working, update hosts/<target>/default.nix to set keyFile to /dev/sdX (otherwise when the USB drive fails it's harder to replace)
 * if replacing failed host in place, update key in .sops.yaml with the output from "ssh-keyscan <host> | ssh-to-age" then "sops updatekeys secrets/*.yaml"
+** if installing new host, do the same for install then again after the first reboot (the installer key is not persisted)