commit 09ae60ad7b8ac99f35bbccac26afdea3685e04e3
parent 5918710205e113af6cee81dbd57335545e3e8b1b
Author: Vincent Demeester <vincent@sbr.pm>
Date: Fri, 19 Nov 2021 15:52:59 +0100
systems/modules: add a profile.externalbuilder…
… module.
It will have to move elsewhere (in modules) but has what is
required. It gets information from hosts.yml although the list of
buildMachines is currently static (ideally we would compute the list
from the `hosts.*` that have a `builder` attrSet).
It also filter the list of buildMachines if the machine is also the
current host. This is the case, for example, for aomi.home (which is a
builder as well as one that enable external builds).
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Diffstat:
4 files changed, 56 insertions(+), 38 deletions(-)
diff --git a/systems/hosts/aomi.nix b/systems/hosts/aomi.nix
@@ -92,6 +92,7 @@ in
services.hardware.bolt.enable = true;
profiles = {
+ externalbuilder.enable = true;
desktop.i3.enable = true;
laptop.enable = true;
home = true;
diff --git a/systems/hosts/naruhodo.nix b/systems/hosts/naruhodo.nix
@@ -87,44 +87,6 @@ in
# FIXME Fix tmpOnTmpfs
systemd.additionalUpstreamSystemUnits = [ "tmp.mount" ];
- # nix.distributedBuilds = true;
- nix.buildMachines = [
- {
- hostName = "192.168.1.77";
- maxJobs = 8;
- sshUser = "builder";
- sshKey = "/etc/nixos/secrets/builder";
- systems = [ "x86_64-linux" "aarch64-linux" "armv7l-linux" "armv6l-linux" "powerpc64le-linux" "s390x-linux" ];
- supportedFeatures = [
- "big-parallel"
- "kvm"
- "nixos-test"
- ];
- }
- # {
- # hostName = "192.168.1.115";
- # maxJobs = 8;
- # sshUser = "builder";
- # sshKey = "/etc/nixos/secrets/builder";
- # systems = [ "x86_64-linux" "aarch64-linux" "armv7l-linux" "armv6l-linux" "powerpc64le-linux" "s390x-linux" ];
- # supportedFeatures = [
- # "big-parallel"
- # "kvm"
- # "nixos-test"
- # ];
- # }
- ];
-
- programs.ssh.knownHosts = {
- "wakasu" = {
- hostNames = [ "wakasu.home" "192.168.1.77" ];
- publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ2GB030S1+iZMqwgYhkl5CuBOKBjZoujc0aVHII39/x";
- };
- "hokkaido" = {
- hostNames = [ "hokkaido.home" "192.168.1.115" ];
- publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB5hoyiE7fj+/vUzvvFD2r2Mm4p86p6uPDOp0ChzR5ZC";
- };
- };
services.udev.extraRules = ''
# Teensy rules for the Ergodox EZ
@@ -148,6 +110,7 @@ in
};
profiles = {
+ externalbuilder.enable = true;
desktop.i3.enable = true;
laptop.enable = true;
home = true;
diff --git a/systems/modules/profiles/builder.nix b/systems/modules/profiles/builder.nix
@@ -0,0 +1,53 @@
+{ config, lib, pkgs, ... }:
+
+let
+ inherit (lib) mkIf mkEnableOption importTOML filter;
+ cfg = config.profiles.externalbuilder;
+ metadata = importTOML ../../../ops/hosts.toml;
+ isCurrentHost = n: n.hostName != config.networking.hostName;
+in
+{
+ options = {
+ profiles.externalbuilder = {
+ enable = mkEnableOption "Enable externalbuilder profile";
+ };
+ };
+ config = mkIf cfg.enable {
+ nix.distributedBuilds = true;
+ sops.secrets.builder = {
+ sopsFile = ../../../secrets/builder.yaml;
+ };
+ nix.buildMachines = (filter isCurrentHost
+ [
+ {
+ hostName = "${metadata.hosts.wakasu.addrs.v4}";
+ maxJobs = metadata.hosts.wakasu.builder.maxJobs;
+ sshUser = "builder";
+ sshKey = config.sops.secrets.builder.path;
+ systems = metadata.hosts.wakasu.builder.systems;
+ supportedFeatures = metadata.hosts.wakasu.builder.features;
+ }
+ {
+ hostName = "${metadata.hosts.aomi.addrs.v4}";
+ maxJobs = metadata.hosts.aomi.builder.maxJobs;
+ sshUser = "builder";
+ sshKey = config.sops.secrets.builder.path;
+ systems = metadata.hosts.aomi.builder.systems;
+ supportedFeatures = metadata.hosts.aomi.builder.features;
+ }
+ ]
+ );
+
+ programs.ssh.knownHosts = {
+ "wakasu" = {
+ hostNames = [ "wakasu.home" "${metadata.hosts.wakasu.addrs.v4}" ];
+ publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ2GB030S1+iZMqwgYhkl5CuBOKBjZoujc0aVHII39/x";
+ };
+ "aomi" = {
+ hostNames = [ "aomi.home" "${metadata.hosts.aomi.addrs.v4}" ];
+ publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFQVlSrUKU0xlM9E+sJ8qgdgqCW6ePctEBD2Yf+OnyME";
+ };
+ };
+
+ };
+}
diff --git a/systems/modules/profiles/default.nix b/systems/modules/profiles/default.nix
@@ -2,6 +2,7 @@
imports = [
./avahi.nix
./base.nix
+ ./builder.nix
./desktop.nix
./dev.nix
./docker.nix