37 lines
1 KiB
Nix
37 lines
1 KiB
Nix
{config, ...}: let
|
||
servivi = "100.64.0.7";
|
||
in {
|
||
home-manager.users.root = {
|
||
home.file.".ssh/config".text = ''
|
||
Host ${servivi}
|
||
# Prevent using ssh-agent or another keyfile, useful for testing
|
||
IdentitiesOnly yes
|
||
IdentityFile ${config.sops.secrets.nixremote.path}
|
||
|
||
# The weakly privileged user on the remote builder – if not set, 'root' is used – which will hopefully fail
|
||
User nixremote
|
||
'';
|
||
};
|
||
|
||
programs.ssh.knownHosts = {
|
||
${servivi}.publicKey = "servivi ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMkNW0H4Fl6NFgahlgGbSvglg1DrX4yl1ht9Lp+vHE2A";
|
||
};
|
||
|
||
nix.buildMachines = [
|
||
{
|
||
hostName = servivi;
|
||
system = "x86_64-linux";
|
||
protocol = "ssh-ng";
|
||
maxJobs = 1;
|
||
speedFactor = 2;
|
||
supportedFeatures = ["nixos-test" "benchmark" "big-parallel" "kvm"];
|
||
mandatoryFeatures = [];
|
||
}
|
||
];
|
||
nix.distributedBuilds = true;
|
||
# optional, useful when the builder has a faster internet connection than yours
|
||
nix.extraOptions = ''
|
||
builders-use-substitutes = true
|
||
'';
|
||
}
|