diff options
| author | quentin@aristote.fr <quentin@aristote.fr> | 2025-01-29 17:51:30 +0100 |
|---|---|---|
| committer | quentin@aristote.fr <quentin@aristote.fr> | 2025-01-29 17:58:32 +0100 |
| commit | 0f86479aa9920b7c4c2493d26e87c35ee0e46d0c (patch) | |
| tree | 9c2aace4272398d7d41a454ff5905a4415927b54 | |
| parent | 5942b39871b3f6f7622282a80488d203e8218ebb (diff) | |
nix: remote builds: factor out
| -rw-r--r-- | config/default.nix | 2 | ||||
| -rw-r--r-- | config/nix.nix (renamed from config/nix/default.nix) | 13 | ||||
| -rw-r--r-- | config/nix/remote-builds.nix | 29 |
3 files changed, 10 insertions, 34 deletions
diff --git a/config/default.nix b/config/default.nix index 9e31dab..974736f 100644 --- a/config/default.nix +++ b/config/default.nix @@ -5,7 +5,7 @@ ./environment.nix ./hardware ./networking - ./nix + ./nix.nix ./users.nix ]; diff --git a/config/nix/default.nix b/config/nix.nix index a9d79cc..4276c3f 100644 --- a/config/nix/default.nix +++ b/config/nix.nix @@ -1,13 +1,18 @@ -{lib, ...}: { - imports = [./remote-builds.nix]; - +{...}: { personal.nix = { enable = true; autoUpgrade.enable = true; gc.enable = true; flake = "git+file:///etc/nixos/"; + remoteBuilds = { + enable = true; + machines.hephaistos = { + enable = true; + domain = "local"; + }; + }; }; - nix.settings.max-jobs = lib.mkDefault 1; + nix.settings.max-jobs = 1; nixpkgs.flake = { setNixPath = true; setFlakeRegistry = true; diff --git a/config/nix/remote-builds.nix b/config/nix/remote-builds.nix deleted file mode 100644 index a895aad..0000000 --- a/config/nix/remote-builds.nix +++ /dev/null @@ -1,29 +0,0 @@ -{...}: { - programs.ssh = { - extraConfig = '' - Host hephaistos.local - # Prevent using ssh-agent or another keyfile, useful for testing - IdentitiesOnly yes - IdentityFile /etc/ssh/nixremote - # The weakly privileged user on the remote builder – if not set, 'root' is used – which will hopefully fail - User nixremote - ''; - knownHosts."hephaistos.local".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHvtqi8tziBuviUV8LDK2ddQQUbHdJYB02dgWTK5Olxq"; - }; - - nix = { - distributedBuilds = true; - buildMachines = [ - { - hostName = "hephaistos.local"; - system = "x86_64-linux"; - # Nix custom ssh-variant that avoids lots of "trusted-users" settings pain - protocol = "ssh-ng"; - maxJobs = 4; - speedFactor = 4; - supportedFeatures = ["nixos-test" "benchmark" "big-parallel" "kvm"]; - mandatoryFeatures = []; - } - ]; - }; -} |