nix-dotfiles/hosts/common/nix-builders/tsuki.nix

{ config, secrets, ... }:
{
  # TODO: install public key on tsuki declaratively
  sops.secrets = {
    "ssh/nix-builders/tsuki/key" = { sopsFile = ./../../../secrets/common.yaml; };
    "ssh/nix-builders/tsuki/pub" = { sopsFile = ./../../../secrets/common.yaml; };
  };

  nix.buildMachines = [{
    # Login details configured in ssh module in nix-secrets
    hostName = "nix-builder-tsukir";
    system = "x86_64-linux";
    speedFactor = 2;
    maxJobs = 8;
    supportedFeatures = [
      "nixos-test"
      "benchmark"
      "big-paralell"
    ];
    mandatoryFeatures = [ ];
    sshUser = "nix-ssh";
    sshKey = config.sops.secrets."ssh/nix-builders/tsuki/key".path;
  }];

  programs.ssh.extraConfig = ''
    Host nix-builder-tsukir
      HostName gingakei.loginto.me
      Port ${toString secrets.ports.ssh.home-in}
  '';
}
common: move nix-builders to separate files 2024-06-29 14:02:04 +02:00			`{ config, secrets, ... }:`
			`{`
			`# TODO: install public key on tsuki declaratively`
			`sops.secrets = {`
			`"ssh/nix-builders/tsuki/key" = { sopsFile = ./../../../secrets/common.yaml; };`
			`"ssh/nix-builders/tsuki/pub" = { sopsFile = ./../../../secrets/common.yaml; };`
			`};`

			`nix.buildMachines = [{`
			`# Login details configured in ssh module in nix-secrets`
			`hostName = "nix-builder-tsukir";`
			`system = "x86_64-linux";`
			`speedFactor = 2;`
			`maxJobs = 8;`
			`supportedFeatures = [`
			`"nixos-test"`
			`"benchmark"`
			`"big-paralell"`
			`];`
			`mandatoryFeatures = [ ];`
			`sshUser = "nix-ssh";`
			`sshKey = config.sops.secrets."ssh/nix-builders/tsuki/key".path;`
			`}];`

			`programs.ssh.extraConfig = ''`
			`Host nix-builder-tsukir`
			`HostName gingakei.loginto.me`
			`Port ${toString secrets.ports.ssh.home-in}`
			`'';`
			`}`