37 lines
1 KiB
Nix
37 lines
1 KiB
Nix
|
{config, ...}: let
|
|||
|
servivi = "100.64.0.7";
|
|||
|
in {
|
|||
|
home-manager.users.root = {
|
|||
|
home.file.".ssh/config".text = ''
|
|||
|
Host ${servivi}
|
|||
|
# Prevent using ssh-agent or another keyfile, useful for testing
|
|||
|
IdentitiesOnly yes
|
|||
|
IdentityFile ${config.sops.secrets.nixremote.path}
|
|||
|
|
|||
|
# The weakly privileged user on the remote builder – if not set, 'root' is used – which will hopefully fail
|
|||
|
User nixremote
|
|||
|
'';
|
|||
|
};
|
|||
|
|
|||
|
programs.ssh.knownHosts = {
|
|||
|
${servivi}.publicKey = "servivi ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMkNW0H4Fl6NFgahlgGbSvglg1DrX4yl1ht9Lp+vHE2A";
|
|||
|
};
|
|||
|
|
|||
|
nix.buildMachines = [
|
|||
|
{
|
|||
|
hostName = servivi;
|
|||
|
system = "x86_64-linux";
|
|||
|
protocol = "ssh-ng";
|
|||
|
maxJobs = 1;
|
|||
|
speedFactor = 2;
|
|||
|
supportedFeatures = ["nixos-test" "benchmark" "big-parallel" "kvm"];
|
|||
|
mandatoryFeatures = [];
|
|||
|
}
|
|||
|
];
|
|||
|
nix.distributedBuilds = true;
|
|||
|
# optional, useful when the builder has a faster internet connection than yours
|
|||
|
nix.extraOptions = ''
|
|||
|
builders-use-substitutes = true
|
|||
|
'';
|
|||
|
}
|