Misc
This commit is contained in:
parent
f3e7b29a98
commit
8fd6a0d2d8
GPG key ID:
C72403E7F82E6AD8
os
|
|
@ -27,6 +27,7 @@ fi
|
||||||
info "Evaluating"
|
info "Evaluating"
|
||||||
# Evaluating can take a lot of memory, and Nix doesn't free it until the program ends,
|
# Evaluating can take a lot of memory, and Nix doesn't free it until the program ends,
|
||||||
# which can be limiting on memory-constrained devices. Hence the build step is separate.
|
# which can be limiting on memory-constrained devices. Hence the build step is separate.
|
||||||
|
# Drawback: it will query info about missing paths twice
|
||||||
# nix eval doesn't use the eval cache, so we do a nix build --dry-run
|
# nix eval doesn't use the eval cache, so we do a nix build --dry-run
|
||||||
# sudo so the eval cache is shared with nixos-rebuild
|
# sudo so the eval cache is shared with nixos-rebuild
|
||||||
json=$(time sudo nix build "$self#nixosConfigurations.$HOSTNAME.config.system.build.toplevel" --dry-run --json )
|
json=$(time sudo nix build "$self#nixosConfigurations.$HOSTNAME.config.system.build.toplevel" --dry-run --json )
|
||||||
|
|
|
||||||
|
|
@ -16,6 +16,11 @@ let
|
||||||
};
|
};
|
||||||
# MANU ssh-keygen -y -f /etc/ssh/ssh_host_ed25519_key | base64 -w0
|
# MANU ssh-keygen -y -f /etc/ssh/ssh_host_ed25519_key | base64 -w0
|
||||||
vivariumBuilders = [
|
vivariumBuilders = [
|
||||||
|
{
|
||||||
|
hostName = "ludwig.clowncar.frogeye.fr";
|
||||||
|
publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSU41SXZhMzNXeGplN095cHVEUHBSakFNMTlvRUtEVDRiYlpUTm82V1FLZTAgZ2VvZmZyZXlAY3VyYWNhbwo=";
|
||||||
|
maxJobs = 4;
|
||||||
|
}
|
||||||
{
|
{
|
||||||
hostName = "abavorana.frogeye.fr";
|
hostName = "abavorana.frogeye.fr";
|
||||||
publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSU5iNzcrS01tRHI0MVhZdmZITXQvK3NHMkJCSEIzYUl4M045WDNVejhFaUogZ2VvZmZyZXlAY3VyYWNhbwo=";
|
publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSU5iNzcrS01tRHI0MVhZdmZITXQvK3NHMkJCSEIzYUl4M045WDNVejhFaUogZ2VvZmZyZXlAY3VyYWNhbwo=";
|
||||||
|
|
@ -27,16 +32,11 @@ let
|
||||||
];
|
];
|
||||||
maxJobs = 8;
|
maxJobs = 8;
|
||||||
}
|
}
|
||||||
{
|
|
||||||
hostName = "ludwig.clowncar.frogeye.fr";
|
|
||||||
publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSU41SXZhMzNXeGplN095cHVEUHBSakFNMTlvRUtEVDRiYlpUTm82V1FLZTAgZ2VvZmZyZXlAY3VyYWNhbwo=";
|
|
||||||
maxJobs = 4;
|
|
||||||
}
|
|
||||||
];
|
];
|
||||||
# MANU pass vivarium/lemmy/remote-builds/cache | nix key convert-secret-to-public | cat
|
# MANU pass vivarium/lemmy/remote-builds/cache | nix key convert-secret-to-public | cat
|
||||||
publicKeys = [
|
publicKeys = [
|
||||||
"abavorana.frogeye.fr:rcKZ9gwaIQLcst/vbhbF7meUQD5sveT2QQN4a+Zo1BM="
|
|
||||||
"ludwig.clowncar.frogeye.fr:jTlN0fCOLU49M3LQw5j/u++Gmwrsv3m9RGs0slSg6r0="
|
"ludwig.clowncar.frogeye.fr:jTlN0fCOLU49M3LQw5j/u++Gmwrsv3m9RGs0slSg6r0="
|
||||||
|
"abavorana.frogeye.fr:rcKZ9gwaIQLcst/vbhbF7meUQD5sveT2QQN4a+Zo1BM="
|
||||||
];
|
];
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
|
@ -50,14 +50,12 @@ in
|
||||||
lib.strings.concatLines (
|
lib.strings.concatLines (
|
||||||
builtins.map (builder: ''
|
builtins.map (builder: ''
|
||||||
Host ${builder.hostName}
|
Host ${builder.hostName}
|
||||||
ControlMaster auto
|
|
||||||
ControlPath ~/.ssh/master-%r@%n:%p
|
|
||||||
ControlPersist 60s
|
|
||||||
VerifyHostKeyDNS yes
|
VerifyHostKeyDNS yes
|
||||||
UpdateHostKeys yes
|
UpdateHostKeys yes
|
||||||
'') vivariumBuilders
|
'') vivariumBuilders
|
||||||
# Check SSHFP records so hopefully no need to manually add SSH host keys,
|
# Check SSHFP records so hopefully no need to manually add SSH host keys,
|
||||||
# yet add them to known_hosts should we not be using DNSSEC-validating DNS.
|
# yet add them to known_hosts should we not be using DNSSEC-validating DNS.
|
||||||
|
# No persistent socket since sometimes it goes a weird state and have to remove them.
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
} > /root/.ssh/config
|
} > /root/.ssh/config
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue