ooks/ooknet
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nixos: distributed builds config init

Browse source
This commit is contained in:
ooks-io 2025-01-13 13:25:23 +11:00
parent f020ae8902
commit aa2d8c578e
4 changed files with 62 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

12
modules/nixos/base/builder.nix
View file

@ -1,12 +0,0 @@
{
keys,
config,
...
}: let
inherit (config.ooknet.host) admin;
in {
users = {
groups.builder = {};
users.builder = (key: ''command="nix-daemon --stdio",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ${key}'') keys.users.${admin.name};
};
}

1
modules/nixos/base/default.nix
View file

@ -1,6 +1,7 @@
{ {
imports = [ imports = [
./nix.nix ./nix.nix
./distributed-builds.nix
./home-manager.nix ./home-manager.nix
./boot.nix ./boot.nix
./admin.nix ./admin.nix

59
modules/nixos/base/distributed-builds.nix Normal file
View file

@ -0,0 +1,59 @@
{
keys,
config,
lib,
self,
...
}: let
inherit (lib) mkIf;
inherit (config.ooknet.host) admin;
inherit (config.networking) hostName;
mkBuilderMachine = {
host,
speedFactor,
systems ? ["x86_64-linux"],
supportedFeatures ? ["big-parallel" "kvm" "nixos-test"],
}: {
inherit speedFactor systems supportedFeatures;
hostName = host;
maxJobs = self.nixosConfigurations.${host}.config.nix.settings.max-jobs or "auto";
protocol = "ssh";
sshKey = "/home/${admin.name}/.ssh/builder";
};
builders = {
ooksdesk = mkBuilderMachine {
host = "ooksdesk";
speedFactor = 16;
};
ooksmedia = mkBuilderMachine {
host = "ooksmedia";
speedFactor = 8;
};
};
in {
users = mkIf (hostName == "ooksdesk" || hostName == "ooksmedia") {
groups.builder = {};
users.builder = {
createHome = false;
isSystemUser = true;
useDefaultShell = true;
group = "builder";
openssh.authorizedKeys.keys = [
''
command="nix-daemon --stdio",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ${keys.users.${admin.name}}
''
];
};
};
nix = {
distributedBuilds = true;
buildMachines =
if hostName == "ooksdesk"
then []
else if hostName == "ooksmedia"
then [builders.ooksdesk]
else [builders.ooksdesk builders.ooksmedia];
};
}

4
modules/nixos/base/nix.nix
View file

@ -44,8 +44,9 @@ in {
settings = { settings = {
trusted-users = ["@wheel" "root" "builder"]; trusted-users = ["@wheel" "root" "builder"];
experimental-features = ["nix-command" "flakes"]; experimental-features = ["nix-command" "flakes"];
accept-flake-config = true; accept-flake-config = false;
auto-optimise-store = true; auto-optimise-store = true;
warn-dirty = false;
# cache # cache
substituters = [ substituters = [
"https://cache.nixos.org?priority=10" "https://cache.nixos.org?priority=10"
@ -57,7 +58,6 @@ in {
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"neovim-flake.cachix.org-1:iyQ6lHFhnB5UkVpxhQqLJbneWBTzM8LBYOFPLNH4qZw=" "neovim-flake.cachix.org-1:iyQ6lHFhnB5UkVpxhQqLJbneWBTzM8LBYOFPLNH4qZw="
]; ];
# TODO: setup builders -- builders-use-substitutes = true;
}; };
}; };
nixpkgs = { nixpkgs = {