66 lines
1.7 KiB
Nix
Executable file
66 lines
1.7 KiB
Nix
Executable file
{
|
|
systemPkgs,
|
|
config,
|
|
lib,
|
|
flakeSelf,
|
|
...
|
|
}: {
|
|
age.secrets = {
|
|
remoteBuilderKey.file = "${flakeSelf.inputs.secrets}/WinMax2/nixrbld-private-key.age";
|
|
};
|
|
|
|
programs.ssh = {
|
|
knownHosts.winmax2.publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPE+ksvEq/I2LMLOztVXpLE9yuI6EkRh4EtXdlYkhl6C WinMax2 host key";
|
|
extraConfig = ''
|
|
Host nixrbld
|
|
HostName winmax2
|
|
IdentitiesOnly yes
|
|
IdentityFile ${config.age.secrets.remoteBuilderKey.path}
|
|
User nixrbld
|
|
'';
|
|
};
|
|
|
|
nix = {
|
|
settings = {
|
|
auto-optimise-store = true;
|
|
experimental-features = "nix-command flakes";
|
|
};
|
|
distributedBuilds = true;
|
|
# Don't use remote builder on the remote builder
|
|
buildMachines = lib.mkIf (config.networking.hostName != "WinMax2") [
|
|
{
|
|
hostName = "nixrbld";
|
|
system = "x86_64-linux";
|
|
protocol = "ssh-ng";
|
|
maxJobs = 4;
|
|
supportedFeatures = [
|
|
"big-parallel"
|
|
"kvm"
|
|
"nixos-test"
|
|
];
|
|
}
|
|
];
|
|
optimise = {
|
|
automatic = true;
|
|
dates = ["weekly"];
|
|
};
|
|
registry = {
|
|
agenix = {
|
|
from = {
|
|
id = "agenix";
|
|
type = "indirect";
|
|
};
|
|
to = {
|
|
owner = "ryantm";
|
|
repo = "agenix";
|
|
type = "github";
|
|
};
|
|
};
|
|
# Write the system's nixpkgs into the registry to avoid mixing nixpkgs versions
|
|
# https://dataswamp.org/~solene/2022-07-20-nixos-flakes-command-sync-with-system.html
|
|
system.flake = systemPkgs;
|
|
};
|
|
# I removed this in the past since I thought that I didn't need it, but turns out comma does :)
|
|
nixPath = ["nixpkgs=${systemPkgs}"];
|
|
};
|
|
}
|