nix-dotfiles/hosts/common/nix-builders/tsuki.nix

{ config, ... }:
{
  # TODO: install public key on tsuki declaratively
  sops.secrets = {
    "ssh/nix-builders/tsuki/key" = { sopsFile = ./../../../secrets/common.yaml; };
    "ssh/nix-builders/tsuki/pub" = { sopsFile = ./../../../secrets/common.yaml; };
  };

  nix.buildMachines = [{
    hostName = "nix-builder-tsukir";
    system = "x86_64-linux";
    speedFactor = 2;
    maxJobs = 8;
    supportedFeatures = [
      "nixos-test"
      "benchmark"
      "big-paralell"
    ];
    mandatoryFeatures = [ ];
    sshUser = "nix-ssh";
    sshKey = config.sops.secrets."ssh/nix-builders/tsuki/key".path;
  }];

  programs.ssh = {
    extraConfig = ''
      Host nix-builder-tsukir
        HostName gingakei.loginto.me
        Port 45497
        IdentityFile ${config.sops.secrets."ssh/nix-builders/tsuki/key".path}
    '';

    # knownHosts.tsukir = {
    #   hostNames = [ "nani.wtf" "gingakei.loginto.me" ];
    #   # publicKeyFile = config.sops.secrets."ssh/nix-builders/tsuki/pub".path;
    #   publicKeyFile = "/var/keys/tsuki_nix-builder.pub";
    # };
  };
}
treewide: remove more usage of nix-secrets repository 2024-11-15 10:20:32 +01:00			`{ config, ... }:`
common: move nix-builders to separate files 2024-06-29 14:02:04 +02:00			`{`
			`# TODO: install public key on tsuki declaratively`
			`sops.secrets = {`
			`"ssh/nix-builders/tsuki/key" = { sopsFile = ./../../../secrets/common.yaml; };`
			`"ssh/nix-builders/tsuki/pub" = { sopsFile = ./../../../secrets/common.yaml; };`
			`};`

			`nix.buildMachines = [{`
			`hostName = "nix-builder-tsukir";`
			`system = "x86_64-linux";`
			`speedFactor = 2;`
			`maxJobs = 8;`
			`supportedFeatures = [`
			`"nixos-test"`
			`"benchmark"`
			`"big-paralell"`
			`];`
			`mandatoryFeatures = [ ];`
			`sshUser = "nix-ssh";`
			`sshKey = config.sops.secrets."ssh/nix-builders/tsuki/key".path;`
			`}];`

hosts/common: split into multiple files also add smartd, systemd-lock-handler and usbtop 2024-08-12 17:36:13 +02:00			`programs.ssh = {`
			`extraConfig = ''`
			`Host nix-builder-tsukir`
			`HostName gingakei.loginto.me`
treewide: remove more usage of nix-secrets repository 2024-11-15 10:20:32 +01:00			`Port 45497`
			`IdentityFile ${config.sops.secrets."ssh/nix-builders/tsuki/key".path}`
hosts/common: split into multiple files also add smartd, systemd-lock-handler and usbtop 2024-08-12 17:36:13 +02:00			`'';`

			`# knownHosts.tsukir = {`
			`# hostNames = [ "nani.wtf" "gingakei.loginto.me" ];`
			`# # publicKeyFile = config.sops.secrets."ssh/nix-builders/tsuki/pub".path;`
			`# publicKeyFile = "/var/keys/tsuki_nix-builder.pub";`
			`# };`
			`};`
			`}`