steveej/infra
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

feat(steveej-x13s,sj-bm-hostkey0): configure buildmachine

Browse source
This commit is contained in:
steveej 2024-05-02 09:45:30 +02:00
parent 5f1eded00a
commit a58b498d3e
3 changed files with 34 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

16
nix/os/devices/sj-bm-hostkey0/configuration.nix
View file

@ -18,9 +18,18 @@ in {
imports = [
nodeFlake.inputs.disko.nixosModules.disko
nodeFlake.inputs.srvos.nixosModules.roles-nix-remote-builder
repoFlake.inputs.sops-nix.nixosModules.sops
nodeFlake.inputs.srvos.nixosModules.roles-nix-remote-builder
{
roles.nix-remote-builder.schedulerPublicKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINQ22z5rDdCLYH+MEoEt+tXJXTJqoeZNqvJl2n4aB+Kn steveej@steveej-x13s"
# TODO: make this a reference to the private key's secret
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8FHuK0k86iBWq41+NAhVwJqH1ZpGJe+q01m7iLviz6 root@steveej-t14"
];
}
../../profiles/common/user.nix
../../snippets/nix-settings.nix
../../snippets/nix-settings-holo-chain.nix
@ -66,11 +75,6 @@ in {
}
];
roles.nix-remote-builder.schedulerPublicKeys = [
# TODO: make this a reference to the private key's secret
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8FHuK0k86iBWq41+NAhVwJqH1ZpGJe+q01m7iLviz6 root@steveej-t14"
];
services.openssh.enable = true;
services.openssh.settings.PermitRootLogin = "yes";

20
nix/os/devices/steveej-x13s/configuration.nix
View file

@ -81,6 +81,26 @@
enable = true;
enableNonRoot = true;
};
sops.secrets.builder-private-key = {};
nix.distributedBuilds = true;
nix.buildMachines = [
{
hostName = "sj-bm-hostkey0.dev.infra.holochain.org";
sshUser = "nix-remote-builder";
sshKey = config.sops.secrets.builder-private-key.path;
protocol = "ssh-ng";
systems = [
"x86_64-linux"
"aarch64-linux"
];
supportedFeatures = [
"big-parallel"
"kvm"
];
maxJobs = 32;
}
];
}
# TODO: create syncthing os snippet