57 lines
1.6 KiB
Nix
57 lines
1.6 KiB
Nix
{ config, lib, ... }:
|
|
|
|
let
|
|
builderUserName = "nix-builder";
|
|
|
|
builderRole = "nix-builder";
|
|
builders = config.machines.withRole.${builderRole};
|
|
thisMachineIsABuilder = config.thisMachine.hasRole.${builderRole};
|
|
|
|
# builders don't include themselves as a remote builder
|
|
otherBuilders = lib.filter (hostname: hostname != config.networking.hostName) builders;
|
|
in
|
|
lib.mkMerge [
|
|
# configure builder
|
|
(lib.mkIf thisMachineIsABuilder {
|
|
users.users.${builderUserName} = {
|
|
description = "Distributed Nix Build User";
|
|
group = builderUserName;
|
|
isSystemUser = true;
|
|
createHome = true;
|
|
home = "/var/lib/nix-builder";
|
|
useDefaultShell = true;
|
|
openssh.authorizedKeys.keys = builtins.map
|
|
(builderCfg: builderCfg.hostKey)
|
|
(builtins.attrValues config.machines.hosts);
|
|
};
|
|
users.groups.${builderUserName} = { };
|
|
|
|
nix.settings.trusted-users = [
|
|
builderUserName
|
|
];
|
|
})
|
|
|
|
# use each builder
|
|
{
|
|
nix.distributedBuilds = true;
|
|
|
|
nix.buildMachines = builtins.map
|
|
(builderHostname: {
|
|
hostName = builderHostname;
|
|
system = config.machines.hosts.${builderHostname}.arch;
|
|
protocol = "ssh-ng";
|
|
sshUser = builderUserName;
|
|
sshKey = "/etc/ssh/ssh_host_ed25519_key";
|
|
maxJobs = 3;
|
|
speedFactor = 10;
|
|
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
|
|
})
|
|
otherBuilders;
|
|
|
|
# It is very likely that the builder's internet is faster or just as fast
|
|
nix.extraOptions = ''
|
|
builders-use-substitutes = true
|
|
'';
|
|
}
|
|
]
|