flakes: Migrate the config and miku to flakes

2021-11-01 21:33:21 +01:00
parent 09d385806a
commit 1d8f2f8053
64 changed files with 2612 additions and 1739 deletions
--- a/modules/offloading/builder.nix
+++ b/modules/offloading/builder.nix
@@ -0,0 +1,29 @@
+{ config, lib, pkgs, ... }:
+
+let
+  cfg = config.ptw.system.offloading.builder;
+in {
+  options.ptw.system.offloading.builder = {
+    enable = lib.mkEnableOption "Allow building derivations for other systems";
+  };
+
+  config = lib.mkIf cfg.enable {
+    boot.binfmt.emulatedSystems = [ "i686-linux" "aarch64-linux" ]; # For remote building
+    environment.systemPackages = with pkgs; [ openssh ];
+    nix.trustedUsers = [ "builder" ];
+
+    # TODO: Specify a firewall rule to only allow this from my other NixOS machines
+    users = {
+      groups.builder = {};
+      extraUsers."builder" = {
+        group = "builder";
+        isSystemUser = true;
+        useDefaultShell = true;
+        openssh.authorizedKeys.keys = [
+          "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCYfZ6FF3I7Bc8h1VmRxNDHOL08OffetE4DaOZKgw3ZFYSYub80eGN14jevx4Ie525MptFIYbvO5FUcpXx3d6Dh7AE7WUsGzbvPPCmaRy/wiwn2mpCKWqSC3EVxabPakTfVD2+OWDVUW/LWDb2bK40NegBykxf9Vo7112lBFXD8xcq1p8cyhCaq/vsnWUr/8T5z029ySp5UnzuesqrXpfVwnBVzj7xaZizs3Y0bUxdP6vWQSqrTl9KXUveRt3AL+TG3ny4KESvFzGo4YZQCQ2WgCGWgf8SLeHm8UDp8h7dPWkzmT/y7ZSWKGp2R0VDklsjJQqi91l+NXBmKs/uLTVMVqGTYeO04z2mzwzI7aBLrN7A2n3/SmFHz6gW64BYkWNh6iRaDAnu0CgDM4rWyBD/vrgjlojJv6tmSCA3hNGm2ndRfsjiv49+K9NEAxkiijnf0277KHgPHstzlhFq6hYT9qEbaPtqfbKUeWMhj3FpqTHfNVznOXR6+bsGW7h28uLc= alexander@ayame"
+          "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCnhM7E78tisAJuHpLURXXuR3Ya6bFXgh0gLAPU41EAw4QXg77NvW5vuSwGoGLsGmJCYUQSkQbzoqDpjDkdIzuJFMlkQrSBgHSm1g5BdQSY+g/Coey452vd8Xw/tHejlB102ZQI6Pp7IuWTVvJR0jZDosd3igEUmlWN7EVhtS4BIYioZTYS03XPHhZLsLvpXBtX9PST/iHINg1BkvVMAwHd3sRotTCFkJD8dlLrstKDPWijWNjnAmXuTFYPe0PQFUJFaM9JqoXbbu8JuOITtJDNnbh/3z6FNBnn7waJBL5hY+CRaDTnL5icNXzn+L3pcSNUMIm9/AlciqADf9gKx89+bdsM87KFVoFHYWkqHVEo1vBHxssMFFEF9hyTd68bav6rCLlF4CCH+TWG/wUbFR+s2eM+OEAhOl4fcfXMCOKRIMa2N8mAUm5Ms/1Ix1pWQ3MVqfidq7TXhh3Nu91jEoAVjVHihcpfDoNcwPVGXcQY/HcscR6A8VKiQt3ektKTan8= alexander@miku"
+        ];
+      };
+    };
+  };
+}
--- a/modules/offloading/offload.nix
+++ b/modules/offloading/offload.nix
@@ -0,0 +1,31 @@
+{ config, lib, pkgs, ... }:
+
+let
+  network = import ../../network.nix;
+  cfg = config.ptw.system.offloading.offload;
+in {
+  options.ptw.system.offloading.offload = {
+    enable = lib.mkEnableOption "Allow offloading building of derivations";
+  };
+
+  config = lib.mkIf cfg.enable {
+    nix = {
+      distributedBuilds = true;
+      buildMachines = [{
+        hostName = "miku";
+        systems = [ "x86_64-linux" "i686-linux" ];
+        maxJobs = 4;
+        speedFactor = 2;
+        supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
+      }];
+    };
+
+    programs.ssh.extraConfig = ''
+Host miku
+  HostName ${network.miku}
+  User builder
+  IdentitiesOnly yes
+  IdentityFile /root/.ssh/id_builder
+  '';
+  };
+}