Build with morton!
This commit is contained in:
		
							parent
							
								
									5ca5007eb5
								
							
						
					
					
						commit
						636f1bd617
					
				
					 1 changed files with 21 additions and 33 deletions
				
			
		|  | @ -1,5 +1,4 @@ | |||
| { | ||||
|   pkgs, | ||||
|   lib, | ||||
|   config, | ||||
|   ... | ||||
|  | @ -8,62 +7,51 @@ let | |||
|   vivariumBuilderDefault = { | ||||
|     systems = [ | ||||
|       "x86_64-linux" | ||||
|       "aarch64-linux" | ||||
|     ]; | ||||
|     protocol = "ssh-ng"; | ||||
|     sshUser = "nixremote"; | ||||
|     # sshKey doesn't work | ||||
|   }; | ||||
|   # MANU ssh-keygen -y -f /etc/ssh/ssh_host_ed25519_key | base64 -w0 | ||||
|   # MANU ssh-keygen -y -f /etc/ssh/ssh_host_ed25519_key | ||||
|   # TODO Proper configuration option instead of pile of defs and hacks | ||||
|   vivariumBuilders = [ | ||||
|     { | ||||
|       hostName = "ludwig.frogeye.fr"; | ||||
|       publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSU41SXZhMzNXeGplN095cHVEUHBSakFNMTlvRUtEVDRiYlpUTm82V1FLZTAgZ2VvZmZyZXlAY3VyYWNhbwo="; | ||||
|       maxJobs = 4; | ||||
|     } | ||||
|     { | ||||
|       hostName = "abavorana.frogeye.fr"; | ||||
|       publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSU5iNzcrS01tRHI0MVhZdmZITXQvK3NHMkJCSEIzYUl4M045WDNVejhFaUogZ2VvZmZyZXlAY3VyYWNhbwo="; | ||||
|       hostName = "morton.frogeye.fr"; | ||||
|       publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEetvIp4ZrP+ofXNDypnrLxdU034SBYg7fx9FxClDJA3"; | ||||
|       supportedFeatures = [ | ||||
|         "nixos-test" | ||||
|         "benchmark" | ||||
|         "big-parallel" | ||||
|         "kvm" | ||||
|       ]; | ||||
|       maxJobs = 8; | ||||
|       maxJobs = 12; # 8 cores, 16 with hyperthreading, trying not to overload the thing | ||||
|     } | ||||
|   ]; | ||||
|   # MANU pass vivarium/lemmy/remote-builds/cache | nix key convert-secret-to-public | cat | ||||
|   publicKeys = [ | ||||
|     "ludwig.frogeye.fr:jTlN0fCOLU49M3LQw5j/u++Gmwrsv3m9RGs0slSg6r0=" | ||||
|     "abavorana.frogeye.fr:rcKZ9gwaIQLcst/vbhbF7meUQD5sveT2QQN4a+Zo1BM=" | ||||
|     "morton.frogeye.fr:rSjbCZ4mgXkb+ENKI7sk/KIbftlQzCTQA7pWkdfS2r4=" | ||||
|   ]; | ||||
| in | ||||
| { | ||||
|   config = { | ||||
|     system.activationScripts.remote = { | ||||
|       supportsDryActivation = true; | ||||
|       text = '' | ||||
|         mkdir -p /root/.ssh | ||||
|         cat ${ | ||||
|           pkgs.writeText "root-ssh-config" ( | ||||
|             lib.strings.concatLines ( | ||||
|               builtins.map (builder: '' | ||||
|                 Host ${builder.hostName} | ||||
|                   VerifyHostKeyDNS yes | ||||
|                   UpdateHostKeys yes | ||||
|               '') vivariumBuilders | ||||
|               # Check SSHFP records so hopefully no need to manually add SSH host keys, | ||||
|               # yet add them to known_hosts should we not be using DNSSEC-validating DNS. | ||||
|               # No persistent socket since sometimes it goes a weird state and have to remove them. | ||||
|             ) | ||||
|           ) | ||||
|         } > /root/.ssh/config | ||||
|       ''; | ||||
|     }; | ||||
|     programs.ssh.knownHosts = lib.trivial.pipe vivariumBuilders [ | ||||
|       (builtins.map (builder: { | ||||
|         name = builder.hostName; | ||||
|         value.publicKey = builder.publicKey; | ||||
|       })) | ||||
|       builtins.listToAttrs | ||||
|     ]; | ||||
|     # Currently using port 22 only because: | ||||
|     # - Morton has to use it for git | ||||
|     # - Hopefully allowed on some firewalls | ||||
|     # - Thought you couldn't set SSH config | ||||
|     # You might be able to set SSH config with porgrams.ssh, although I only tried creating a /root/.ssh/config file | ||||
|     # (which does not work, unless logged in as root. host keys from root are used regardless of the user, though) | ||||
|     nix = { | ||||
|       buildMachines = builtins.map ( | ||||
|         vivariumBuilder: vivariumBuilderDefault // vivariumBuilder | ||||
|         vivariumBuilder: | ||||
|         lib.attrsets.filterAttrs (k: v: k != "publicKey") (vivariumBuilderDefault // vivariumBuilder) | ||||
|       ) vivariumBuilders; | ||||
|       distributedBuilds = true; | ||||
|       settings = { | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue