Further attempt at remote builds
This commit is contained in:
parent
b0168f4354
commit
836f8ee8b4
GPG key ID:
C72403E7F82E6AD8
|
|
@ -18,6 +18,8 @@
|
||||||
# even though home-manager sets it
|
# even though home-manager sets it
|
||||||
programs.zsh.enable = true;
|
programs.zsh.enable = true;
|
||||||
|
|
||||||
|
nix.settings.trusted-users = [ "geoffrey" ];
|
||||||
|
|
||||||
home-manager = {
|
home-manager = {
|
||||||
users.geoffrey = { pkgs, ... }: {
|
users.geoffrey = { pkgs, ... }: {
|
||||||
frogeye = lib.mkDefault config.frogeye;
|
frogeye = lib.mkDefault config.frogeye;
|
||||||
|
|
|
||||||
|
|
@ -1,15 +1,48 @@
|
||||||
{ pkgs, lib, config, ... }:
|
{ pkgs, lib, config, ... }:
|
||||||
let
|
let
|
||||||
|
vivariumBuilderDefault = {
|
||||||
|
systems = [ "x86_64-linux" ];
|
||||||
|
protocol = "ssh-ng";
|
||||||
|
sshUser = "nixremote";
|
||||||
|
# sshKey doesn't work
|
||||||
|
};
|
||||||
|
vivariumBuilders = [
|
||||||
|
{
|
||||||
|
hostName = "abavorana.frogeye.fr";
|
||||||
|
publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUZsaW9WYWZVWEIwdFNzSDRUVHBremphUkNkb0piSmRjVDRGOXFLZithMnEgcm9vdEBhYmF2b3JhbmEK";
|
||||||
|
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
|
||||||
|
}
|
||||||
|
{
|
||||||
|
hostName = "ludwig.clowncar.frogeye.fr";
|
||||||
|
publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSVBaRHIrQmVqZzRXTVVGR1NGdkd5YituMk0zMG9VR09KVUlzY3Z1b2F4VEQgcm9vdEBsdWR3aWcK";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
# MANU pass vivarium/lemmy/remote-builds/cache | nix key convert-secret-to-public | cat
|
||||||
publicKeys = [
|
publicKeys = [
|
||||||
"abavorana.frogeye.fr:rcKZ9gwaIQLcst/vbhbF7meUQD5sveT2QQN4a+Zo1BM="
|
"abavorana.frogeye.fr:rcKZ9gwaIQLcst/vbhbF7meUQD5sveT2QQN4a+Zo1BM="
|
||||||
"ludwig.clowncar.frogeye.fr:jTlN0fCOLU49M3LQw5j/u++Gmwrsv3m9RGs0slSg6r0="
|
"ludwig.clowncar.frogeye.fr:jTlN0fCOLU49M3LQw5j/u++Gmwrsv3m9RGs0slSg6r0="
|
||||||
];
|
];
|
||||||
# MANU pass vivarium/lemmy/remote-builds/cache | nix key convert-secret-to-public | cat
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
config = {
|
config = {
|
||||||
nix.settings = {
|
system.activationScripts.diff = {
|
||||||
trusted-public-keys = publicKeys;
|
supportsDryActivation = true;
|
||||||
|
text = ''
|
||||||
|
mkdir -p /root/.ssh
|
||||||
|
cat ${pkgs.writeText "root-ssh-config" (lib.strings.concatLines (builtins.map (builder: ''
|
||||||
|
Host ${builder.hostName}
|
||||||
|
Port 2278
|
||||||
|
'') vivariumBuilders)) } > /root/.ssh/config
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
nix = {
|
||||||
|
buildMachines = builtins.map (vivariumBuilder: vivariumBuilderDefault // vivariumBuilder) vivariumBuilders;
|
||||||
|
distributedBuilds = true;
|
||||||
|
settings = {
|
||||||
|
builders-use-substitutes = true;
|
||||||
|
trusted-public-keys = publicKeys;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
# TODO Make it work. I think it just doesn't like non-standard SSH ports.
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue