4 files changed, 31 insertions, 63 deletions
diff --git a/config/default.nix b/config/default.nix
index 4078e47..dd22e26 100644
--- a/config/default.nix
+++ b/config/default.nix
@@ -5,7 +5,7 @@
     ./boot.nix
     ./environment.nix
     ./networking.nix
-    ./nix
+    ./nix.nix
     ./services
     ./users.nix
   ];
diff --git a/config/nix.nix b/config/nix.nix
new file mode 100644
index 0000000..b07f339
--- /dev/null
+++ b/config/nix.nix
@@ -0,0 +1,30 @@
+{...}: {
+  personal.nix = {
+    enable = true;
+    autoUpgrade = {
+      enable = true;
+      autoUpdateInputs = ["nixpkgs" "nixpkgs-unstable"];
+    };
+    gc.enable = true;
+    flake = "git+file:///etc/nixos/";
+    remoteBuilds = {
+      enable = true;
+      machines.hephaistos = {
+        enable = true;
+        domain = "aristote.mesh";
+      };
+    };
+  };
+
+  nix.settings.max-jobs = 1;
+  nixpkgs.flake = {
+    setNixPath = true;
+    setFlakeRegistry = true;
+  };
+
+  systemd.services.nixos-upgrade.serviceConfig = {
+    MemoryAccounting = true;
+    MemoryHigh = "1G";
+    MemoryMax = "1.5G";
+  };
+}
diff --git a/config/nix/default.nix b/config/nix/default.nix
deleted file mode 100644
index c930095..0000000
--- a/config/nix/default.nix
+++ /dev/null
@@ -1,33 +0,0 @@
-{lib, ...}: {
-  imports = [./remote-builds.nix];
-
-  personal.nix = {
-    enable = true;
-    autoUpgrade = {
-      enable = true;
-      autoUpdateInputs = ["nixpkgs" "nixpkgs-unstable"];
-    };
-    gc.enable = true;
-    flake = "git+file:///etc/nixos/";
-  };
-  nix.settings.max-jobs = lib.mkDefault 1;
-  nixpkgs.flake = {
-    setNixPath = true;
-    setFlakeRegistry = true;
-  };
-
-  systemd.services.nixos-upgrade = let
-    mkForce = lib.mkOverride 51;
-  in {
-    # restart at most once every hour
-    serviceConfig = {
-      Restart = "on-failure";
-      RestartSec = "5sec";
-      MemoryAccounting = true;
-      MemoryHigh = "1G";
-      MemoryMax = "1.5G";
-    };
-    startLimitBurst = mkForce 1;
-    startLimitIntervalSec = mkForce 3600;
-  };
-}
diff --git a/config/nix/remote-builds.nix b/config/nix/remote-builds.nix
deleted file mode 100644
index d252af2..0000000
--- a/config/nix/remote-builds.nix
+++ /dev/null
@@ -1,29 +0,0 @@
-{...}: {
-  programs.ssh = {
-    extraConfig = ''
-      Host hephaistos.aristote.mesh
-        # Prevent using ssh-agent or another keyfile, useful for testing
-        IdentitiesOnly yes
-        IdentityFile /etc/ssh/nixremote
-        # The weakly privileged user on the remote builder – if not set, 'root' is used – which will hopefully fail
-        User nixremote
-    '';
-    knownHosts."hephaistos.aristote.mesh".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHvtqi8tziBuviUV8LDK2ddQQUbHdJYB02dgWTK5Olxq";
-  };
-
-  nix = {
-    distributedBuilds = true;
-    buildMachines = [
-      {
-        hostName = "hephaistos.aristote.mesh";
-        system = "x86_64-linux";
-        # Nix custom ssh-variant that avoids lots of "trusted-users" settings pain
-        protocol = "ssh-ng";
-        maxJobs = 4;
-        speedFactor = 4;
-        supportedFeatures = ["nixos-test" "benchmark" "big-parallel" "kvm"];
-        mandatoryFeatures = [];
-      }
-    ];
-  };
-}