cleanup

.remoteenv

@@ -2,3 +2,4 @@
 export HOST_SHELL="$(command -v "$SHELL")"
 eval "$(nix print-dev-env .#remoteenv)"
 echo Entered "$(hostname --fqdn)"
+df -h /nix/store

base.nix

@@ -55,11 +55,11 @@
   #nix.settings.allowed-users = [ "@builders" ]; # TODO: this
   nix.settings.allowed-users = [ "root" "pbsds" "@wheel" ]; # default is [ "*" ]
   nix.settings.trusted-users = [ "root" "pbsds" "@wheel" ];
-  nix.settings.keep-derivations = true; # great with nix-diff
+  nix.settings.keep-derivations = true; # keep .drv in store, great with nix-diff
   nix.settings.auto-optimise-store = true; # deduplicate with hardlinks, expensive. Alternative: nix-store --optimise
   nix.settings.max-silent-time = 3600;
-  #nix.settings.keep-failed = true;
+  #nix.settings.keep-failed = true; # fills up $TMPDIR
-  #nix.settings.log-lines = 35;
+  nix.settings.log-lines = 35;
   #nix.optimize.automatic = true; # periodic optimization
   nix.gc.automatic = true;
   nix.gc.dates     = "weekly";

flake.nix

@@ -274,6 +274,7 @@
       hidpi       = hw.common-hidpi;
       p1005       = ./hardware/printer/hp-laserjet-p1005.nix;
       au          = ./profiles/auto-upgrade.nix;
+      #rb          = ./profiles/remote-builders.nix; # TODO
       nixld       = ./profiles/nix-ld.nix;
       binfmt      = ./profiles/binfmt-emu.nix;
       dns64       = { config, ... }: {

hosts/hasselknippe/default.nix

@@ -33,7 +33,7 @@
     #../../profiles/desktop/lutris.nix
     #../../profiles/desktop/flatpak.nix
 
-    ../../profiles/remote-builders
+    ../../profiles/remote-builders.nix
   ];
 
   networking.firewall.allowedTCPPorts = [ 57621 ]; # spotify local discovery

hosts/nord/default.nix

@@ -19,6 +19,8 @@
     #../../profiles/oci/podman.nix
     #../../profiles/oci/docker.nix
 
+    #../../profiles/vpn-pbsds/tailscale.nix
+
     ../../users/pbsds
 
     ../../profiles/mounts/freon-nfs.nix

justfile

@@ -21,16 +21,16 @@ update:
   @echo "$(date +%Y-%m-%d)" > .direnv/pull-date
 
 build:
-  nixos-rebuild build --flake .
+  nixos-rebuild build --show-trace --flake .
 
 test:
-  sudo nixos-rebuild test --flake .
+  sudo nixos-rebuild test --show-trace --flake .
 
 switch:
-  sudo nixos-rebuild switch --flake .
+  sudo nixos-rebuild switch --show-trace --flake .
 
 boot:
-  sudo nixos-rebuild boot --flake .
+  sudo nixos-rebuild boot --show-trace --flake .
 
 push hostname=`just _a-host` cmd=`gum choose test switch boot --header "Select mode..."`:
   nixos-rebuild build --flake .#{{hostname}}

users/pbsds/home/profiles/ssh.nix

@@ -17,10 +17,10 @@
   programs.ssh.matchBlocks = {
     "*".serverAliveInterval = 10;
     "*".serverAliveCountMax = 3;
-    "github.com".forwardX11 = false;
-    "gitea.*".forwardX11 = false;
-    "gogs.*".forwardX11 = false;
     "git.*".forwardX11 = false;
+    "gitea.*".forwardX11 = false;
+    "github.com".forwardX11 = false;
+    "gogs.*".forwardX11 = false;
     "*.pbsds.net".forwardX11 = true;
     "*.pbsds.net".forwardX11Trusted = true;
     "*.ntnu.no".user = "pederbs";
@@ -41,14 +41,18 @@
     "rocm.pbsds.net".proxyJump = "isvegg.pvv.ntnu.no";
 
     # ntnu
-    "stud.ntnu.no".hostname = "login.stud.ntnu.no";
+    "garmr.idi.ntnu.no".forwardX11 = true;
+    "heid.idi.ntnu.no" = {}; #.forwardX11 = true;
+    "idun.hpc.ntnu.no" = {};
     "login.stud.ntnu.no" = {};
-    "idun-login1.hpc.ntnu.no" = {};
+    "malvik.idi.ntnu.no" = {};
-    "snotra-login1.idi.ntnu.no" = {};
     "oppdal.idi.ntnu.no" = {};
     "selbu.idi.ntnu.no" = {};
-    "malvik.idi.ntnu.no" = {};
+    "snotra.idi.ntnu.no" = {};
-    "heid.idi.ntnu.no".forwardX11 = true;
+    "stud.ntnu.no".hostname = "login.stud.ntnu.no";
+    /* "idun-login1.hpc.ntnu.no" = {}; */
+    /* "idun-login2.hpc.ntnu.no" = {}; */
+    /* "snotra-login1.idi.ntnu.no" = {}; */
     "clab01.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
     "clab02.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
     "clab03.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
@@ -75,41 +79,44 @@
     "clab24.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
     "clab25.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
     "clab26.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no";
+    /* "clab27.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no"; */
+    /* "clab28.idi.ntnu.no".proxyJump = "snotra-login1.idi.ntnu.no"; */
 
     # NVG
     "nvg.ntnu.no".hostname = "login.stud.ntnu.no";
+    "login.stud.ntnu.no" = {};
 
     # pvv
-    "alphys.pvv.ntnu.no".user = "root";
     "balduzius.pvv.ntnu.no".user = "root";
     "brzeczyszczykiewicz.pvv.ntnu.no" = {};
-    "georg.pvv.ntnu.no" = {};
-    "dash8.pvv.ntnu.no" = {};
     "demiurgen.pvv.ntnu.no" = {};
+    "drolsum.pvv.ntnu.no" = {};
     "dvask-mgmt.pvv.ntnu.no".user = "root";
     "eirin.pvv.ntnu.no" = {};
-    "essendrop.pvv.ntnu.no" = {};
+    "georg.pvv.ntnu.no" = {};
-    "fenris.pvv.ntnu.no".user = "root";
     "git.pvv.ntnu.no" = {};
-    "hasub.pvv.ntnu.no" = {};
     "hildring.pvv.ntnu.no" = {};
     "innovation.pvv.ntnu.no".user = "root";
     "isvegg.pvv.ntnu.no" = {};
-    "knakelibrak.pvv.ntnu.no" = {};
     "lommel.pvv.ntnu.no" = {};
     "microbel.pvv.ntnu.no" = {};
-    "monty.pvv.ntnu.no" = {};
-    "nsa.pvv.ntnu.no" = {};
     "principal.pvv.ntnu.no".user = "root";
-    "skrotnisse.pvv.ntnu.no" = {};
     "skrott.pvv.ntnu.no".user = "root";
-    "sleipner.pvv.ntnu.no" = {};
+    "sleipner.pvv.ntnu.no".user = "root";
-    "sleipner.pvv.ntnu.no" = {};
-    "spikkjeposche.pvv.ntnu.no" = {};
     "tallulah.pvv.ntnu.no" = {};
-    "tim.pvv.ntnu.no" = {};
     "tom.pvv.ntnu.no" = {};
     "toriel.pvv.ntnu.no".user = "root";
+    /* "alphys.pvv.ntnu.no".user = "root"; */
+    /* "dash8.pvv.ntnu.no" = {}; */
+    /* "essendrop.pvv.ntnu.no" = {}; */
+    /* "fenris.pvv.ntnu.no".user = "root"; */
+    /* "hasub.pvv.ntnu.no" = {}; */
+    /* "knakelibrak.pvv.ntnu.no" = {}; */
+    /* "monty.pvv.ntnu.no" = {}; */
+    /* "nsa.pvv.ntnu.no" = {}; */
+    /* "skrotnisse.pvv.ntnu.no" = {}; */
+    /* "spikkjeposche.pvv.ntnu.no" = {}; */
+    /* "tim.pvv.ntnu.no" = {}; */
 
     # fyrkat
     #"fyrkat.no".hostname = "fridge.fyrkat.no";