nix-dotfiles/hosts/common/nix-builders/tsuki.nix

39 lines
1.1 KiB
Nix
Raw Normal View History

{ config, secrets, ... }:
{
# TODO: install public key on tsuki declaratively
sops.secrets = {
"ssh/nix-builders/tsuki/key" = { sopsFile = ./../../../secrets/common.yaml; };
"ssh/nix-builders/tsuki/pub" = { sopsFile = ./../../../secrets/common.yaml; };
};
nix.buildMachines = [{
# Login details configured in ssh module in nix-secrets
hostName = "nix-builder-tsukir";
system = "x86_64-linux";
speedFactor = 2;
maxJobs = 8;
supportedFeatures = [
"nixos-test"
"benchmark"
"big-paralell"
];
mandatoryFeatures = [ ];
sshUser = "nix-ssh";
sshKey = config.sops.secrets."ssh/nix-builders/tsuki/key".path;
}];
programs.ssh = {
extraConfig = ''
Host nix-builder-tsukir
HostName gingakei.loginto.me
Port ${toString secrets.ports.ssh.home-in}
'';
# knownHosts.tsukir = {
# hostNames = [ "nani.wtf" "gingakei.loginto.me" ];
# # publicKeyFile = config.sops.secrets."ssh/nix-builders/tsuki/pub".path;
# publicKeyFile = "/var/keys/tsuki_nix-builder.pub";
# };
};
}