Compare commits
No commits in common. "d83782f315f06c8d26127a2c8f811b0b536caa2e" and "0c58e62ed4d55ce234dafaab4267b319384b6c1b" have entirely different histories.
d83782f315
...
0c58e62ed4
@ -4,13 +4,13 @@
|
|||||||
nix = {
|
nix = {
|
||||||
settings = {
|
settings = {
|
||||||
substituters = [
|
substituters = [
|
||||||
"https://cache.nixos.org/"
|
|
||||||
"https://nix-community.cachix.org"
|
|
||||||
"http://s0.koi-bebop.ts.net:5000"
|
"http://s0.koi-bebop.ts.net:5000"
|
||||||
|
"https://nix-community.cachix.org"
|
||||||
|
"https://cache.nixos.org/"
|
||||||
];
|
];
|
||||||
trusted-public-keys = [
|
trusted-public-keys = [
|
||||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
|
||||||
"s0.koi-bebop.ts.net:OjbzD86YjyJZpCp9RWaQKANaflcpKhtzBMNP8I2aPUU="
|
"s0.koi-bebop.ts.net:OjbzD86YjyJZpCp9RWaQKANaflcpKhtzBMNP8I2aPUU="
|
||||||
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -12,7 +12,6 @@
|
|||||||
./server
|
./server
|
||||||
./pc
|
./pc
|
||||||
./machine-info
|
./machine-info
|
||||||
./nix-builder.nix
|
|
||||||
./ssh.nix
|
./ssh.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -1,60 +0,0 @@
|
|||||||
{ config, lib, ... }:
|
|
||||||
|
|
||||||
let
|
|
||||||
builderRole = "nix-builder";
|
|
||||||
builderUserName = "nix-builder";
|
|
||||||
|
|
||||||
machinesByRole = role: lib.filterAttrs (hostname: cfg: builtins.elem role cfg.systemRoles) config.machines.hosts;
|
|
||||||
otherMachinesByRole = role: lib.filterAttrs (hostname: cfg: hostname != config.networking.hostName) (machinesByRole role);
|
|
||||||
thisMachineHasRole = role: builtins.hasAttr config.networking.hostName (machinesByRole role);
|
|
||||||
|
|
||||||
builders = machinesByRole builderRole;
|
|
||||||
thisMachineIsABuilder = thisMachineHasRole builderRole;
|
|
||||||
|
|
||||||
# builders don't include themselves as a remote builder
|
|
||||||
otherBuilders = lib.filterAttrs (hostname: cfg: hostname != config.networking.hostName) builders;
|
|
||||||
in
|
|
||||||
lib.mkMerge [
|
|
||||||
# configure builder
|
|
||||||
(lib.mkIf thisMachineIsABuilder {
|
|
||||||
users.users.${builderUserName} = {
|
|
||||||
description = "Distributed Nix Build User";
|
|
||||||
group = builderUserName;
|
|
||||||
isSystemUser = true;
|
|
||||||
createHome = true;
|
|
||||||
home = "/var/lib/nix-builder";
|
|
||||||
useDefaultShell = true;
|
|
||||||
openssh.authorizedKeys.keys = builtins.map
|
|
||||||
(builderCfg: builderCfg.hostKey)
|
|
||||||
(builtins.attrValues config.machines.hosts);
|
|
||||||
};
|
|
||||||
users.groups.${builderUserName} = { };
|
|
||||||
|
|
||||||
nix.settings.trusted-users = [
|
|
||||||
builderUserName
|
|
||||||
];
|
|
||||||
})
|
|
||||||
|
|
||||||
# use each builder
|
|
||||||
{
|
|
||||||
nix.distributedBuilds = true;
|
|
||||||
|
|
||||||
nix.buildMachines = builtins.map
|
|
||||||
(builderCfg: {
|
|
||||||
hostName = builtins.elemAt builderCfg.hostNames 0;
|
|
||||||
system = builderCfg.arch;
|
|
||||||
protocol = "ssh-ng";
|
|
||||||
sshUser = builderUserName;
|
|
||||||
sshKey = "/etc/ssh/ssh_host_ed25519_key";
|
|
||||||
maxJobs = 3;
|
|
||||||
speedFactor = 10;
|
|
||||||
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
|
|
||||||
})
|
|
||||||
(builtins.attrValues otherBuilders);
|
|
||||||
|
|
||||||
# It is very likely that the builder's internet is faster or just as fast
|
|
||||||
nix.extraOptions = ''
|
|
||||||
builders-use-substitutes = true
|
|
||||||
'';
|
|
||||||
}
|
|
||||||
]
|
|
@ -9,7 +9,6 @@
|
|||||||
systemRoles = [
|
systemRoles = [
|
||||||
"server"
|
"server"
|
||||||
"gitea-runner"
|
"gitea-runner"
|
||||||
"nix-builder"
|
|
||||||
];
|
];
|
||||||
|
|
||||||
hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBlgRPpuUkZqe8/lHugRPm/m2vcN9psYhh5tENHZt9I2";
|
hostKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBlgRPpuUkZqe8/lHugRPm/m2vcN9psYhh5tENHZt9I2";
|
||||||
|
Loading…
x
Reference in New Issue
Block a user