pederbs/config
pederbs
/
config
2
1
Fork 0
Code Issues Pull Requests Releases Activity

llkasjdlkajsd

This commit is contained in:
Peder Bergebakken Sundt 2024-04-27 23:31:32 +02:00
parent 3b972d07af
commit 61dd7d6188
3 changed files with 232 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

225
hosts/known-hosts.toml
View File

@ -1,18 +1,18 @@
#primarily user for remote builders #primarily user for remote builders
#["host"] #["host.name"]
# https://search.nixos.org/options?query=nix.buildMachine # https://search.nixos.org/options?query=nix.buildMachine
#systems #systems
#maxJobs #maxJobs
#speedFactor #speedFactor
#supportedFeatures #supportedFeatures
#mandatoryFeatures #mandatoryFeatures
#ssh.user #ssh.listenUser
#ssh.port #ssh.listenPort
#ssh.listenPublicKey # cat /etc/ssh/ssh_host_ed25519_key.pub || ssh-keyscan {{fqdn}}
#ssh.userPublicKey # sudo ssh-keygen -t ed25519 && sudo cat /root/.ssh/id_ed25519.pub
#ssh.protocol #ssh.protocol
#ssh.proxyJump #ssh.proxyJump
#ssh.publicKeyListen # cat /etc/ssh/ssh_host_ed25519_key.pub || ssh-keyscan {{fqdn}}
#ssh.publicKeyUser # sudo ssh-keygen -t ed25519 && sudo cat /root/.ssh/id_ed25519.pub
[default] [default]
systems = ["x86_64-linux"] systems = ["x86_64-linux"]
@ -20,90 +20,243 @@ maxJobs = 0 # not a builder
speedFactor = 1 speedFactor = 1
supportedFeatures = [] supportedFeatures = []
mandatoryFeatures = [] mandatoryFeatures = []
ssh.user = "nixbld-remote" # "pbsds" ssh.listenUser = "nixbld-remote" # "pbsds"
ssh.port = 22 ssh.listenPort = 22
ssh.protocol = "ssh" # "ssh-ng" ssh.protocol = "ssh" # "ssh-ng"
["bjarte"] ["bjarte.pbsds.net"]
ssh.publicKeyUser = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID7Ftu1LP+p+D6YWIo32V9w6ckHCIbrQWPyCNU4rBAbl root@bjarte" ssh.publicKeyUser = "TODO"
# in general: one job per 4 threads and 8GB RAM # in general:
# headless: one job per 4 threads and 8GB RAM
# graphical: one job
["bolle.pbsds.net"] ["bolle.pbsds.net"]
maxJobs = 3 # 12 threads 32GB maxJobs = 3 # 12 threads 32GB
speedFactor = 5 speedFactor = 5
supportedFeatures = ["kvm","big-parallel","nixos-test"] supportedFeatures = ["kvm","big-parallel","nixos-test"]
ssh.publicKeyListen = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILeOB/57N1fQPVorIUlkkJZaQduBo+4+km2Qbj4ebd/k" ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILeOB/57N1fQPVorIUlkkJZaQduBo+4+km2Qbj4ebd/k"
ssh.proxyJump = "microbel.pvv.ntnu.no" ssh.proxyJump = "isvegg.pvv.ntnu.no"
["eple.pbsds.net"] ["eple.pbsds.net"]
maxJobs = 3 # 12 threads 32GB maxJobs = 3 # 12 threads 32GB
speedFactor = 5 speedFactor = 5
supportedFeatures = ["kvm","big-parallel","nixos-test"] supportedFeatures = ["kvm","big-parallel","nixos-test"]
ssh.publicKeyListen = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH03MEINNnjBvtmvN2QsCDCLkvF9ow5FQJp9uiyQ1Iwi" ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH03MEINNnjBvtmvN2QsCDCLkvF9ow5FQJp9uiyQ1Iwi"
ssh.proxyJump = "microbel.pvv.ntnu.no" ssh.proxyJump = "isvegg.pvv.ntnu.no"
["garp.pbsds.net"] ["garp.pbsds.net"]
maxJobs = 2 # 8 threads 32GB maxJobs = 2 # 8 threads 32GB
speedFactor = 4 speedFactor = 4
supportedFeatures = ["kvm","big-parallel","nixos-test"] supportedFeatures = ["kvm","big-parallel","nixos-test"]
ssh.publicKeyListen = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOkcZ3cUAKk8uUvZPsX7PDBInkb3Eps3Xh+xVrhPY+sx" ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOkcZ3cUAKk8uUvZPsX7PDBInkb3Eps3Xh+xVrhPY+sx"
ssh.proxyJump = "microbel.pvv.ntnu.no" ssh.proxyJump = "isvegg.pvv.ntnu.no"
["noximilien.pbsds.net"] ["noximilien.pbsds.net"]
#maxJobs = 1 # 8 threads 8GB #maxJobs = 1 # 8 threads 8GB
speedFactor = 2 speedFactor = 2
ssh.publicKeyListen = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ3QhTGS03Sqm6OeCEz5AIGqJnBttKaBqMgNXp3Md7t4" ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ3QhTGS03Sqm6OeCEz5AIGqJnBttKaBqMgNXp3Md7t4"
ssh.publicKeyUser = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC7fYndgIXJM+tLSfkbprWc8ClOI58wlaZCg6I+wMYINeOwxLU24BmIyQAhNeqhHYBdXiyIAl5KN3+YajN1nx6zq2XPXLut31Xtf+0yMdRMX4rXgqOnsBeG4eTfNsPx+v7VNANth8dIADpk59Y9ioWB6JI6NF0wfkqrCSTpt2q9gpTA35MBe41hlaxqxYGq+PlfZyJbN4TJCORZROkjw1P6K+EoYUHTHmduMZSAnpzx5bTHL2r1VK1jLRL4q2O1LP9G7eVYUsZKxKznJqtAeoOGBL4OX2JeIXT51/pXTW0NNyVPELD6aUUZjK8aVK2JDXupXegYO8cHqwLaz7rZj3G8evGamSlGvAYR4Gwvvp4Du8ZRZVM3Gt1allhPMTLnm/gy9Lta35D8SHH0IUKWD3buo5HZliZgSMAvoSrT03vpuGILLoWEkTjpPT0qKIlBd/qlACBzKC9Wwmda5WWgMsfe0zP4zNLVdves5nkMrbY91TYSFM0FuDCaRsK5Mrhx7i0= root@noximilien" ssh.publicKeyUser = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC7fYndgIXJM+tLSfkbprWc8ClOI58wlaZCg6I+wMYINeOwxLU24BmIyQAhNeqhHYBdXiyIAl5KN3+YajN1nx6zq2XPXLut31Xtf+0yMdRMX4rXgqOnsBeG4eTfNsPx+v7VNANth8dIADpk59Y9ioWB6JI6NF0wfkqrCSTpt2q9gpTA35MBe41hlaxqxYGq+PlfZyJbN4TJCORZROkjw1P6K+EoYUHTHmduMZSAnpzx5bTHL2r1VK1jLRL4q2O1LP9G7eVYUsZKxKznJqtAeoOGBL4OX2JeIXT51/pXTW0NNyVPELD6aUUZjK8aVK2JDXupXegYO8cHqwLaz7rZj3G8evGamSlGvAYR4Gwvvp4Du8ZRZVM3Gt1allhPMTLnm/gy9Lta35D8SHH0IUKWD3buo5HZliZgSMAvoSrT03vpuGILLoWEkTjpPT0qKIlBd/qlACBzKC9Wwmda5WWgMsfe0zP4zNLVdves5nkMrbY91TYSFM0FuDCaRsK5Mrhx7i0= root@noximilien"
["sopp.pbsds.net"] ["sopp.pbsds.net"]
#maxJobs = 4 # 8 threads 32GB #maxJobs = 1 # 8 threads 32GB
speedFactor = 3 speedFactor = 3
supportedFeatures = ["kvm","big-parallel","nixos-test"] supportedFeatures = ["kvm","big-parallel","nixos-test"]
ssh.port = 26 ssh.listenPort = 26
ssh.publicKeyListen = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDYB9H1pHB1vTBiGhO/GCQjn70BtVdQuJyXx38zN2CDj" ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDYB9H1pHB1vTBiGhO/GCQjn70BtVdQuJyXx38zN2CDj"
ssh.publicKeyUser = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL6eTQkxO/1XflHpGf3478+Z7HFYYaf1d4M6mvSK2nAU root@sopp" ssh.publicKeyUser = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL6eTQkxO/1XflHpGf3478+Z7HFYYaf1d4M6mvSK2nAU root@sopp"
["nord.pbsds.net"] ["nord.pbsds.net"]
maxJobs = 1 # 4 threads 32GB maxJobs = 1 # 4 threads 32GB
speedFactor = 3 speedFactor = 3
supportedFeatures = ["kvm","big-parallel","nixos-test"] supportedFeatures = ["kvm","big-parallel","nixos-test"]
ssh.port = 24 ssh.listenPort = 24
ssh.publicKeyListen = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIBSdIUtUfAxnVbPDmDDFdP2S3Wd3+CC8IfZAANJ76oh" ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIBSdIUtUfAxnVbPDmDDFdP2S3Wd3+CC8IfZAANJ76oh"
ssh.publicKeyUser = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINnS1TmV9q7n+s7+RouuB6vQllnhqNCE1RqPmTMJ2/29 root@nord" ssh.publicKeyUser = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINnS1TmV9q7n+s7+RouuB6vQllnhqNCE1RqPmTMJ2/29 root@nord"
["rocm.pbsds.net"] ["rocm.pbsds.net"]
maxJobs = 4 # 16 threads 32GB maxJobs = 1 # 16 threads 32GB
speedFactor = 5 speedFactor = 5
supportedFeatures = ["kvm","big-parallel"] supportedFeatures = ["kvm","big-parallel"]
ssh.user = "pbsds" ssh.listenUser = "pbsds"
ssh.publicKeyListen = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDuWdqEQ5mmVjuKi6f/Q2PFxuqB3URpgTHid06Vw7we" ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDuWdqEQ5mmVjuKi6f/Q2PFxuqB3URpgTHid06Vw7we"
["isvegg.pvv.ntnu.no"] ["isvegg.pvv.ntnu.no"]
maxJobs = 1 # 4 threads 16GB maxJobs = 1 # 4 threads 16GB
speedFactor = 2 speedFactor = 2
ssh.user = "pederbs" ssh.listenUser = "pederbs"
ssh.publicKeyListen = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=" ssh.listenPublicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU="
["eirin.pvv.ntnu.no"] ["eirin.pvv.ntnu.no"]
maxJobs = 2 # 8 threads 16GB maxJobs = 2 # 8 threads 16GB
speedFactor = 2 speedFactor = 2
ssh.user = "pederbs" ssh.listenUser = "pederbs"
ssh.publicKeyListen = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBILGULKEzYe5kPorM0rWATv10qq6debfCuYUYqw3HWZm4Y5Pi7mVKcf8lKFNPc1DxT/dStfxxtHj/2fbezaxElk=" ssh.listenPublicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBILGULKEzYe5kPorM0rWATv10qq6debfCuYUYqw3HWZm4Y5Pi7mVKcf8lKFNPc1DxT/dStfxxtHj/2fbezaxElk="
["demiurgen.pvv.ntnu.no"] ["demiurgen.pvv.ntnu.no"]
maxJobs = 2 # 8 threads 16GB maxJobs = 2 # 8 threads 16GB
speedFactor = 2 speedFactor = 2
ssh.user = "pederbs" ssh.listenUser = "pederbs"
ssh.publicKeyListen = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKw92q3eB5HZbKJN3p+80MtirqcXPu01USE9LnoGYJuDvko1udjIy4UR0wAwELqgs+r7mJyuQPeXmOZKwjHP6tM=" ssh.listenPublicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKw92q3eB5HZbKJN3p+80MtirqcXPu01USE9LnoGYJuDvko1udjIy4UR0wAwELqgs+r7mJyuQPeXmOZKwjHP6tM="
["hildring.pvv.ntnu.no"] ["hildring.pvv.ntnu.no"]
ssh.user = "pederbs" ssh.listenUser = "pederbs"
ssh.publicKeyListen = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=" ssh.listenPublicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU="
["microbel.pvv.ntnu.no"] ["microbel.pvv.ntnu.no"]
ssh.user = "pederbs" ssh.listenUser = "pederbs"
ssh.publicKeyListen = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEq0yasKP0mH6PI6ypmuzPzMnbHELo9k+YB5yW534aKudKZS65YsHJKQ9vapOtmegrn5MQbCCgrshf+/XwZcjbM=" ssh.listenPublicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEq0yasKP0mH6PI6ypmuzPzMnbHELo9k+YB5yW534aKudKZS65YsHJKQ9vapOtmegrn5MQbCCgrshf+/XwZcjbM="
#["bob.pvv.ntnu.no"] ["bob.pvv.ntnu.no"]
#maxJobs = 10 # 40 threads #maxJobs = 10 # 40 threads
ssh.listenUser = "pederbs"
#ssh.listenPublicKey = ""
#["darwin-build-box.winter.cafe"]
#systems = [ "aarch64-darwin", "x86_64-darwin" ];
#maxJobs = 1; # TODO
#ssh.listenUser = "TODO";
#ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB0io9E0eXiDIEHvsibXOxOPveSjUPIr1RnNKbUkw3fD";
#ssh.egressPrivateKey = "/run/secrets/nix-community-builders-ssh-key";
#["aarch64.nixos.community"]
#systems = [ "aarch64-linux" ];
#supportedFeatures = [ "big-parallel" ];
#maxJobs = 1; # TODO: 64 threads?
#ssh.listenUser = "TODO";
#ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMUTz5i9u5H2FHNAmZJyoJfIGyUm/HfGhfwnc142L3ds";
#ssh.egressPrivateKey = "/run/secrets/nix-community-builders-ssh-key";
["clab01.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJfJV5Ov3D0qErVnbQZ3oxhA3i0zuAmjmVUf3JV08aSg"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab02.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHNhQPotOGWZdFeW4B3eDYGcaF/2xB56hNL+x3QEURa6"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab03.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH5srnYPuULchLvlCOlWOwrhQEBznQn61kj0Oawnp44Y"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab04.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICgMxLYYiYb/6IAH6nyc9eGXASgDPTE2JcRZ9ODjhQt5"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab05.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHw4h4dH689bLYWjrhhsvfljyWfUEClPa1Kb0cYxLRaD"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab06.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDVZ394P3124lSxkzVodFqbindIvCB3kcn4YcgbaPrAs"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab07.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILKQfcOmWC73bmE2mlWEcXFHiDUhsYWA7Xy9Dtq8kKmn"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab08.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKlyZq3uTBCgkvPgs6nWRzsdhHmXHph14dmYWgt1vuBx"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab09.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAj4eXT/k7iiUYx+CXq5ShLWm1N6SNO23EIs4xYEaQaW"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab10.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG5xEUkiwXWaUCA+QfMDq2vHfXKzcpXlrHpJMNQ8EU+K"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab11.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFlKZhdQBrjafzzwdRR3arem3TXnnPucQskd7RWW9L5V"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab12.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDEr2zGzev8JffE67Hkb3Qli7K0kzVdu8VXxJW47PK7m"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab13.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIZgIhgpMCdegJaW6Huad7Dj4YfyR8Zhi1UmDsgcJYK2"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab14.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL3pAYx5rtbaUCf4xsiy+7/qKqnGMnSa9KCp42j+XmEh"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab15.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7XwwhLJGwK+a7zShr2Ok9f2GlvPkP+FxKdbGYsNHtd"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab16.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJKAaMXBAYsDd2QQOAQhXAAJCejbylQNLI9KsN3/EsY+"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab20.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEGBbcKU5uDTgaQoREjaNuzQkCKNm5wlnhln6ZNiL3o2"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab22.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMHlaYq184VDBoEOtaIIu2jnuBihhWiGPlyku0SMKORG"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab23.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsIRgqoFF900olTCy6DSrFMpZyRmtK6aVP2oYQhNi8g"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab24.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICqh/Sp13OcUnZ8gVgiylcLsqAgIw+twQG92GyZK3FBZ"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab25.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOdL5coXj0geu9O1cMLdYuUE0TWlIkKLNj71/XF0e8eg"
ssh.proxyJump = "isvegg.pvv.ntnu.no"
["clab26.idi.ntnu.no"]
#maxJobs = 1 # 24 threads 64GB
ssh.listenUser = "pederbs"
ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINqqxg0hVT/gPBM1xqrR9QtMRHVBZDYWZ3pzbJv9MHUG"
ssh.proxyJump = "isvegg.pvv.ntnu.no"

16
profiles/remote-builders.nix
View File

@ -26,7 +26,7 @@ let
jump = hosts.${host.ssh.proxyJump}; jump = hosts.${host.ssh.proxyJump};
buildMachine = (lib.filterAttrs (key: _: !elem key ["ssh"]) host) // { buildMachine = (lib.filterAttrs (key: _: !elem key ["ssh"]) host) // {
hostName = fqdn; hostName = fqdn;
sshUser = fqdn.ssh.user; sshUser = host.ssh.listenUser;
}; };
isBuilder = host.maxJobs > 0; isBuilder = host.maxJobs > 0;
isConsumer = host.ssh ? publicKeyUser && thisHostIsBuilder; isConsumer = host.ssh ? publicKeyUser && thisHostIsBuilder;
@ -35,13 +35,13 @@ let
# out # out
nix.buildMachines = mkIf isBuilder [ buildMachine ]; nix.buildMachines = mkIf isBuilder [ buildMachine ];
programs.ssh.knownHosts.${fqdn}.publicKey = mkIf isBuilder host.ssh.publicKeyListen; programs.ssh.knownHosts.${fqdn}.publicKey = mkIf isBuilder host.ssh.listenPublicKey;
# timeout is great when remote is unresponsive. nix doesn't care # timeout is great when remote is unresponsive. nix doesn't care
programs.ssh.extraConfig = '' programs.ssh.extraConfig = ''
Host ${fqdn} Host ${fqdn}
ConnectTimeout 3 ConnectTimeout 3
Port ${builtins.toString (host.ssh.port or 22)} Port ${builtins.toString (host.ssh.listenPort or 22)}
${lib.optionalString (host.ssh ? proxyJump) '' ${lib.optionalString (host.ssh ? proxyJump) ''
ProxyJump ${host.ssh.proxyJump} ProxyJump ${host.ssh.proxyJump}
''} ''}
@ -49,16 +49,16 @@ let
# in # in
users = mkIf isConsumer { users = mkIf isConsumer {
users.${thisHost.ssh.user} = { users.${thisHost.ssh.listenUser} = {
isSystemUser = lib.mkDefault (!config.users.users.${thisHost.ssh.user}.isNormalUser); isSystemUser = lib.mkDefault (!config.users.users.${thisHost.ssh.listenUser}.isNormalUser);
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
host.ssh.publicKeyUser host.ssh.userPublicKey
]; ];
group = lib.mkDefault "nogroup"; group = lib.mkDefault "nogroup";
}; };
}; };
nix.settings.allowed-users = mkIf isConsumer [ thisHost.ssh.user ]; nix.settings.allowed-users = mkIf isConsumer [ thisHost.ssh.listenUser ];
nix.settings.trusted-users = mkIf isConsumer [ thisHost.ssh.user ]; nix.settings.trusted-users = mkIf isConsumer [ thisHost.ssh.listenUser ];
}; };
in { in {

43
users/pbsds/home/profiles/ssh.nix
View File

@ -28,31 +28,57 @@
"*.pbsds.net".forwardX11Trusted = true; "*.pbsds.net".forwardX11Trusted = true;
"*.ntnu.no".user = "pederbs"; "*.ntnu.no".user = "pederbs";
"*.pvv.org".user = "pederbs"; "*.pvv.org".user = "pederbs";
"*.hpc.ntnu.no".proxyJump = "microbel.pvv.ntnu.no"; "*.hpc.ntnu.no".proxyJump = "isvegg.pvv.ntnu.no";
"*.idi.ntnu.no".proxyJump = "microbel.pvv.ntnu.no"; "*.idi.ntnu.no".proxyJump = "isvegg.pvv.ntnu.no";
# me # me
"garp.pbsds.net".proxyJump = "microbel.pvv.ntnu.no"; "garp.pbsds.net".proxyJump = "isvegg.pvv.ntnu.no";
"eple.pbsds.net".proxyJump = "microbel.pvv.ntnu.no"; "eple.pbsds.net".proxyJump = "isvegg.pvv.ntnu.no";
"bolle.pbsds.net".proxyJump = "microbel.pvv.ntnu.no"; "bolle.pbsds.net".proxyJump = "isvegg.pvv.ntnu.no";
"pederbs.idi.ntnu.no" = {}; "pederbs.idi.ntnu.no" = {};
"brumlebasse.pbsds.net".port = 2222; "brumlebasse.pbsds.net".port = 2222;
"knut.pbsds.net".port = 23; "knut.pbsds.net".port = 23;
"nord.pbsds.net".port = 24; "nord.pbsds.net".port = 24;
"sopp.pbsds.net".port = 26; "sopp.pbsds.net".port = 26;
"noximilien.pbsds.net" = {}; "noximilien.pbsds.net" = {};
"rocm.pbsds.net".proxyJump = "microbel.pvv.ntnu.no"; "rocm.pbsds.net".proxyJump = "isvegg.pvv.ntnu.no";
# ntnu # ntnu
"stud.ntnu.no".hostname = "login.stud.ntnu.no"; "stud.ntnu.no".hostname = "login.stud.ntnu.no";
"login.stud.ntnu.no" = {}; "login.stud.ntnu.no" = {};
"clab15.idi.ntnu.no" = {}; #"clab15.idi.ntnu.no" = {};
"idun-login1.hpc.ntnu.no" = {}; "idun-login1.hpc.ntnu.no" = {};
"snotra-login1.idi.ntnu.no" = {}; "snotra-login1.idi.ntnu.no" = {};
"oppdal.idi.ntnu.no" = {}; "oppdal.idi.ntnu.no" = {};
"selbu.idi.ntnu.no" = {}; "selbu.idi.ntnu.no" = {};
"malvik.idi.ntnu.no" = {}; "malvik.idi.ntnu.no" = {};
"heid.idi.ntnu.no".forwardX11 = true; "heid.idi.ntnu.no".forwardX11 = true;
"clab01.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab02.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab03.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab04.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab05.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab06.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab07.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab08.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab09.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab10.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab11.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab12.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab13.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab14.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab15.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab16.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab17.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab18.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab19.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab20.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab21.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab22.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab23.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab24.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab25.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
"clab26.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
# NVG # NVG
"nvg.ntnu.no".hostname = "login.stud.ntnu.no"; "nvg.ntnu.no".hostname = "login.stud.ntnu.no";
@ -61,6 +87,7 @@
"alphys.pvv.ntnu.no".user = "root"; "alphys.pvv.ntnu.no".user = "root";
"balduzius.pvv.ntnu.no".user = "root"; "balduzius.pvv.ntnu.no".user = "root";
"brzeczyszczykiewicz.pvv.ntnu.no" = {}; "brzeczyszczykiewicz.pvv.ntnu.no" = {};
"georg.pvv.ntnu.no" = {};
"dash8.pvv.ntnu.no" = {}; "dash8.pvv.ntnu.no" = {};
"demiurgen.pvv.ntnu.no" = {}; "demiurgen.pvv.ntnu.no" = {};
"dvask-mgmt.pvv.ntnu.no".user = "root"; "dvask-mgmt.pvv.ntnu.no".user = "root";
@ -90,7 +117,7 @@
# fyrkat # fyrkat
#"fyrkat.no".hostname = "fridge.fyrkat.no"; #"fyrkat.no".hostname = "fridge.fyrkat.no";
#"*.fyrkat.no".proxyJump = "microbel.pvv.ntnu.no"; #"*.fyrkat.no".proxyJump = "isvegg.pvv.ntnu.no";
"fridge.fyrkat.no" = {}; "fridge.fyrkat.no" = {};
"fil.fyrkat.no" = {}; "fil.fyrkat.no" = {};
}; };