Enabled remote building
All checks were successful
Gitea Actions Demo / Explore-Gitea-Actions (push) Successful in 6s
All checks were successful
Gitea Actions Demo / Explore-Gitea-Actions (push) Successful in 6s
Also includes a fix where home directory didn't exist for the remotebuild user.
This commit is contained in:
parent
0830ab5d48
commit
14fb3774d3
GPG key ID:
75579581C74554B6
2 changed files with 41 additions and 3 deletions
|
|
@ -25,7 +25,23 @@ in
|
|||
};
|
||||
|
||||
useSelfhostedCache = mkEnableOption "use self-hosted nix cache (currently hosted on gospel)";
|
||||
remoteBuilder.enable = mkEnableOption "set up as a remote builder";
|
||||
|
||||
remoteBuilder = {
|
||||
enable = mkEnableOption "set up as a remote builder";
|
||||
client = {
|
||||
enable = mkEnableOption "set up to use configured remote builders";
|
||||
sshKeyPath = mkOption {
|
||||
type = types.str;
|
||||
# NOTE: By default, only root user has read access.
|
||||
# This means only builds initiated by root will be able to make use
|
||||
# of distributed builds.
|
||||
# TODO: Allow my normal user to make use of distributed builds.
|
||||
default = "/etc/ssh/ssh_host_ed25519_key";
|
||||
description = "Path to ssh key to use to connect to remote builders";
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable (
|
||||
|
|
@ -79,6 +95,7 @@ in
|
|||
users.users.remotebuild = {
|
||||
isNormalUser = true;
|
||||
createHome = false;
|
||||
home = "/var/empty";
|
||||
group = "remotebuild";
|
||||
|
||||
# All the keys from ./remote_client_keys should be trusted
|
||||
|
|
@ -96,6 +113,24 @@ in
|
|||
|
||||
nix.settings.trusted-users = [ "remotebuild" ];
|
||||
})
|
||||
(lib.mkIf cfg.remoteBuilder.client.enable {
|
||||
nix.distributedBuilds = true;
|
||||
nix.settings.builders-use-substitutes = true;
|
||||
|
||||
nix.buildMachines = [
|
||||
{
|
||||
hostName = "gospel";
|
||||
sshUser = "remotebuild";
|
||||
sshKey = cfg.remoteBuilder.client.sshKeyPath;
|
||||
system = "x86_64-linux";
|
||||
supportedFeatures = [
|
||||
"nixos-test"
|
||||
"big-parallel"
|
||||
"kvm"
|
||||
];
|
||||
}
|
||||
];
|
||||
})
|
||||
]
|
||||
);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,8 +7,11 @@
|
|||
];
|
||||
|
||||
aa = {
|
||||
nix.enable = true;
|
||||
nix.useSelfhostedCache = true;
|
||||
nix = {
|
||||
enable = true;
|
||||
useSelfhostedCache = true;
|
||||
remoteBuilder.client.enable = true;
|
||||
};
|
||||
|
||||
archetypes.workstation.enable = true;
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue