2021-11-01 20:33:21 +00:00
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
|
|
|
|
let
|
|
|
|
cfg = config.ptw.system.offloading.builder;
|
|
|
|
in {
|
|
|
|
options.ptw.system.offloading.builder = {
|
|
|
|
enable = lib.mkEnableOption "Allow building derivations for other systems";
|
|
|
|
};
|
|
|
|
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
|
|
boot.binfmt.emulatedSystems = [ "i686-linux" "aarch64-linux" ]; # For remote building
|
|
|
|
environment.systemPackages = with pkgs; [ openssh ];
|
2022-02-18 19:18:56 +00:00
|
|
|
nix.settings.trusted-users = [ "builder" ];
|
2021-11-01 20:33:21 +00:00
|
|
|
|
|
|
|
# TODO: Specify a firewall rule to only allow this from my other NixOS machines
|
|
|
|
users = {
|
|
|
|
groups.builder = {};
|
|
|
|
extraUsers."builder" = {
|
|
|
|
group = "builder";
|
|
|
|
isSystemUser = true;
|
|
|
|
useDefaultShell = true;
|
|
|
|
openssh.authorizedKeys.keys = [
|
|
|
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCYfZ6FF3I7Bc8h1VmRxNDHOL08OffetE4DaOZKgw3ZFYSYub80eGN14jevx4Ie525MptFIYbvO5FUcpXx3d6Dh7AE7WUsGzbvPPCmaRy/wiwn2mpCKWqSC3EVxabPakTfVD2+OWDVUW/LWDb2bK40NegBykxf9Vo7112lBFXD8xcq1p8cyhCaq/vsnWUr/8T5z029ySp5UnzuesqrXpfVwnBVzj7xaZizs3Y0bUxdP6vWQSqrTl9KXUveRt3AL+TG3ny4KESvFzGo4YZQCQ2WgCGWgf8SLeHm8UDp8h7dPWkzmT/y7ZSWKGp2R0VDklsjJQqi91l+NXBmKs/uLTVMVqGTYeO04z2mzwzI7aBLrN7A2n3/SmFHz6gW64BYkWNh6iRaDAnu0CgDM4rWyBD/vrgjlojJv6tmSCA3hNGm2ndRfsjiv49+K9NEAxkiijnf0277KHgPHstzlhFq6hYT9qEbaPtqfbKUeWMhj3FpqTHfNVznOXR6+bsGW7h28uLc= alexander@ayame"
|
|
|
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCnhM7E78tisAJuHpLURXXuR3Ya6bFXgh0gLAPU41EAw4QXg77NvW5vuSwGoGLsGmJCYUQSkQbzoqDpjDkdIzuJFMlkQrSBgHSm1g5BdQSY+g/Coey452vd8Xw/tHejlB102ZQI6Pp7IuWTVvJR0jZDosd3igEUmlWN7EVhtS4BIYioZTYS03XPHhZLsLvpXBtX9PST/iHINg1BkvVMAwHd3sRotTCFkJD8dlLrstKDPWijWNjnAmXuTFYPe0PQFUJFaM9JqoXbbu8JuOITtJDNnbh/3z6FNBnn7waJBL5hY+CRaDTnL5icNXzn+L3pcSNUMIm9/AlciqADf9gKx89+bdsM87KFVoFHYWkqHVEo1vBHxssMFFEF9hyTd68bav6rCLlF4CCH+TWG/wUbFR+s2eM+OEAhOl4fcfXMCOKRIMa2N8mAUm5Ms/1Ix1pWQ3MVqfidq7TXhh3Nu91jEoAVjVHihcpfDoNcwPVGXcQY/HcscR6A8VKiQt3ektKTan8= alexander@miku"
|
|
|
|
];
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|