remotes

hosts/bolle/default.nix

@@ -31,6 +31,7 @@
   ];
 
   # run/build weird binaries
+  # TODO: somehow make sure this is in sync with remote-builders
   boot.binfmt.emulatedSystems = [
     "wasm32-wasi"
     "wasm64-wasi"

hosts/noximilien/default.nix

@@ -87,6 +87,7 @@
   ];
 
   # run/build weird binaries
+  # TODO: somehow make sure this is in sync with remote-builders
   boot.binfmt.emulatedSystems = [
     "wasm32-wasi"
     "wasm64-wasi"

profiles/remote-builders/default.nix

@@ -6,10 +6,12 @@ let
   # - "benchmark"    - has "equal" performance
   # - "big-parallel" - is beefy, for stuff like llvm
 
+  # find 'publicKey' with `ssh-keyscan`
+
   remotes = [
-    /** /
+    /**/
     {
-      systems = [ "x86_64-linux" ];
+      systems     = [ "x86_64-linux" "wasm32-wasi" "wasm64-wasi" "x86_64-windows" "aarch64-linux" "riscv64-linux" ];
       hostName    = "bolle.pbsds.net";
       sshUser     = "pbsds";
       maxJobs     = 16;
@@ -17,12 +19,24 @@ let
       speedFactor = 2;
       supportedFeatures  = [ "kvm" "big-parallel" "nixos-test" ];
       #mandatoryFeatures  = [ ];
-      publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBHdkKmRB0WjD3L+k8GNTVJDLpOUqLBMW17ld/Jzapo6";
+      publicKey  = "bolle.pbsds.net ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILeOB/57N1fQPVorIUlkkJZaQduBo+4+km2Qbj4ebd/k";
-      proxy.user="pederbs";
+      proxy.user = "pederbs";
-      proxy.host="isvegg.pvv.ntnu.no";
+      proxy.host = "isvegg.pvv.ntnu.no";
       proxy.publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=";
     }
     /**/
+    {
+      systems     = [ "x86_64-linux" "wasm32-wasi" "wasm64-wasi" "x86_64-windows" "aarch64-linux" "riscv64-linux" ];
+      hostName    = "noximilien.pbsds.net";
+      sshUser     = "pbsds";
+      maxJobs     = 4;
+      #maxJobs    = 1; # at least for big-parallel
+      speedFactor = 1;
+      supportedFeatures  = [ "kvm" "big-parallel" "nixos-test" ];
+      #mandatoryFeatures  = [ ];
+      publicKey = "noximilien.pbsds.net ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ3QhTGS03Sqm6OeCEz5AIGqJnBttKaBqMgNXp3Md7t4";
+    }
+    /**/
     {
       systems            = ["x86_64-linux"];
       hostName           = "rocm.pbsds.net";
@@ -34,8 +48,8 @@ let
       supportedFeatures  = [ "kvm" "big-parallel" ];
       #mandatoryFeatures  = [ ];
       publicKey          = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDuWdqEQ5mmVjuKi6f/Q2PFxuqB3URpgTHid06Vw7we";
-      proxy.user="pederbs";
+      proxy.user         = "pederbs";
-      proxy.host="isvegg.pvv.ntnu.no";
+      proxy.host         = "isvegg.pvv.ntnu.no";
       proxy.publicKey    = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=";
     }
     /**/
@@ -73,8 +87,10 @@ let
     }@args:
   let
     buildMachine = lib.filterAttrs (key: _: !builtins.elem key ["publicKey" "proxy"]) args; # this should have syntactic sugar: ...@buildMachine
-  in  {
+    filter = lib.mkIf (buildMachine.hostName != config.networking.fqdn);
+  in filter {
     nix.buildMachines = [ buildMachine ];
+    #TODO: users.users.root.openssh.authorizedKeys.keys
     programs.ssh.knownHosts.${buildMachine.hostName}.publicKey = publicKey;
     # the timeout is great to have when a remote is unresponsive, as nix currently does not give a shit
     programs.ssh.extraConfig = ''
@@ -95,10 +111,7 @@ in {
   # https://github.com/NixOS/nix/issues/2457
 
   # useful when the builder has a faster internet connection than i do
-  nix.extraOptions = ''
+  nix.settings.builders-use-substitutes = true;
-    builders-use-substitutes = true
-  '';
-  # TODO: can i make ^ non-string?
 
   # TIL: this can be a list of configurations and lambdas, not just file paths
   imports = builtins.map mkRemoteConfig remotes;