nixos-config/modules/offloading/builder.nix

30 lines
1.9 KiB
Nix
Raw Normal View History

{ config, lib, pkgs, ... }:
let
cfg = config.ptw.system.offloading.builder;
in {
options.ptw.system.offloading.builder = {
enable = lib.mkEnableOption "Allow building derivations for other systems";
};
config = lib.mkIf cfg.enable {
boot.binfmt.emulatedSystems = [ "i686-linux" "aarch64-linux" ]; # For remote building
environment.systemPackages = with pkgs; [ openssh ];
2022-02-18 19:18:56 +00:00
nix.settings.trusted-users = [ "builder" ];
# TODO: Specify a firewall rule to only allow this from my other NixOS machines
users = {
groups.builder = {};
extraUsers."builder" = {
group = "builder";
isSystemUser = true;
useDefaultShell = true;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCYfZ6FF3I7Bc8h1VmRxNDHOL08OffetE4DaOZKgw3ZFYSYub80eGN14jevx4Ie525MptFIYbvO5FUcpXx3d6Dh7AE7WUsGzbvPPCmaRy/wiwn2mpCKWqSC3EVxabPakTfVD2+OWDVUW/LWDb2bK40NegBykxf9Vo7112lBFXD8xcq1p8cyhCaq/vsnWUr/8T5z029ySp5UnzuesqrXpfVwnBVzj7xaZizs3Y0bUxdP6vWQSqrTl9KXUveRt3AL+TG3ny4KESvFzGo4YZQCQ2WgCGWgf8SLeHm8UDp8h7dPWkzmT/y7ZSWKGp2R0VDklsjJQqi91l+NXBmKs/uLTVMVqGTYeO04z2mzwzI7aBLrN7A2n3/SmFHz6gW64BYkWNh6iRaDAnu0CgDM4rWyBD/vrgjlojJv6tmSCA3hNGm2ndRfsjiv49+K9NEAxkiijnf0277KHgPHstzlhFq6hYT9qEbaPtqfbKUeWMhj3FpqTHfNVznOXR6+bsGW7h28uLc= alexander@ayame"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCnhM7E78tisAJuHpLURXXuR3Ya6bFXgh0gLAPU41EAw4QXg77NvW5vuSwGoGLsGmJCYUQSkQbzoqDpjDkdIzuJFMlkQrSBgHSm1g5BdQSY+g/Coey452vd8Xw/tHejlB102ZQI6Pp7IuWTVvJR0jZDosd3igEUmlWN7EVhtS4BIYioZTYS03XPHhZLsLvpXBtX9PST/iHINg1BkvVMAwHd3sRotTCFkJD8dlLrstKDPWijWNjnAmXuTFYPe0PQFUJFaM9JqoXbbu8JuOITtJDNnbh/3z6FNBnn7waJBL5hY+CRaDTnL5icNXzn+L3pcSNUMIm9/AlciqADf9gKx89+bdsM87KFVoFHYWkqHVEo1vBHxssMFFEF9hyTd68bav6rCLlF4CCH+TWG/wUbFR+s2eM+OEAhOl4fcfXMCOKRIMa2N8mAUm5Ms/1Ix1pWQ3MVqfidq7TXhh3Nu91jEoAVjVHihcpfDoNcwPVGXcQY/HcscR6A8VKiQt3ektKTan8= alexander@miku"
];
};
};
};
}