config/profiles/remote-builders/default.nix

95 lines
3.3 KiB
Nix

{ config, pkgs, lib, ... }:
let
#supportedFeatures:
# - "kvm" - has hypervisor
# - "nixos-test" - the same as ^? nixos?
# - "benchmark" - has "equal" performance
# - "big-parallel" - is beefy, for stuff like llvm
# TODO: get a binfmt-misc host for cross stuff
# add noximilien, filter (hostName != fqdn)
remotes = [
/**/
{
systems = ["x86_64-linux"];
hostName = "rocm.pbsds.net";
sshUser = "pbsds";
maxJobs = 8;
#maxJobs = 4;
#maxJobs = 1; # at least for big-parallel
speedFactor = 2;
supportedFeatures = [ "kvm" "big-parallel" ];
#supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
#mandatoryFeatures = [ ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDuWdqEQ5mmVjuKi6f/Q2PFxuqB3URpgTHid06Vw7we";
proxy.user="pederbs";
proxy.host="isvegg.pvv.ntnu.no";
proxy.publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=";
}
/**/
{
systems = ["x86_64-linux"];
hostName = "isvegg.pvv.ntnu.no";
sshUser = "pederbs";
maxJobs = 1;
speedFactor = 0;
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=";
}
{
systems = ["x86_64-linux"];
hostName = "eirin.pvv.ntnu.no";
sshUser = "pederbs";
maxJobs = 2;
speedFactor = 0;
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBILGULKEzYe5kPorM0rWATv10qq6debfCuYUYqw3HWZm4Y5Pi7mVKcf8lKFNPc1DxT/dStfxxtHj/2fbezaxElk=";
}
{
systems = ["x86_64-linux"];
hostName = "demiurgen.pvv.ntnu.no";
sshUser = "pederbs";
maxJobs = 2;
speedFactor = 0;
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKw92q3eB5HZbKJN3p+80MtirqcXPu01USE9LnoGYJuDvko1udjIy4UR0wAwELqgs+r7mJyuQPeXmOZKwjHP6tM=";
}
/**/
];
mkRemoteConfig = {
publicKey,# fetch it with `ssh-keyscan`
proxy ? null, # schema: { user, host, publicKey }
... # the rest follows nix.buildMachines.<NAME> schema
}@args:
let
buildMachine = lib.filterAttrs (key: _: !builtins.elem key ["publicKey" "proxy"]) args; # this should have syntactic sugar: ...@buildMachine
in {
nix.buildMachines = [ buildMachine ];
programs.ssh.knownHosts.${buildMachine.hostName}.publicKey = publicKey;
programs.ssh.extraConfig = ''
Host ${buildMachine.hostName}
ConnectTimeout 3
${lib.optionalString (proxy != null) ''
ProxyJump ${proxy.user}@${proxy.host}
''}
'';
programs.ssh.knownHosts.${proxy.host or "IGNORE"} = lib.mkIf (proxy != null) { publicKey = proxy.publicKey; };
};
in {
nix.distributedBuilds = true;
# TODO: Allow setting speedFactor for local builds, as local is currently fixed to 0
# https://github.com/NixOS/nix/issues/2457
# useful when the builder has a faster internet connection than i do
nix.extraOptions = ''
builders-use-substitutes = true
'';
# TODO: can i make ^ non-string?
# TIL: this can be a list of configurations and lambdas, not just file paths
imports = builtins.map mkRemoteConfig remotes;
}