Enabled remote building
All checks were successful
Gitea Actions Demo / Explore-Gitea-Actions (push) Successful in 6s
All checks were successful
Gitea Actions Demo / Explore-Gitea-Actions (push) Successful in 6s
Also includes a fix where home directory didn't exist for the remotebuild user.
This commit is contained in:
parent
0830ab5d48
commit
14fb3774d3
GPG key ID:
75579581C74554B6
2 changed files with 41 additions and 3 deletions
|
|
@ -25,7 +25,23 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
useSelfhostedCache = mkEnableOption "use self-hosted nix cache (currently hosted on gospel)";
|
useSelfhostedCache = mkEnableOption "use self-hosted nix cache (currently hosted on gospel)";
|
||||||
remoteBuilder.enable = mkEnableOption "set up as a remote builder";
|
|
||||||
|
remoteBuilder = {
|
||||||
|
enable = mkEnableOption "set up as a remote builder";
|
||||||
|
client = {
|
||||||
|
enable = mkEnableOption "set up to use configured remote builders";
|
||||||
|
sshKeyPath = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
# NOTE: By default, only root user has read access.
|
||||||
|
# This means only builds initiated by root will be able to make use
|
||||||
|
# of distributed builds.
|
||||||
|
# TODO: Allow my normal user to make use of distributed builds.
|
||||||
|
default = "/etc/ssh/ssh_host_ed25519_key";
|
||||||
|
description = "Path to ssh key to use to connect to remote builders";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable (
|
config = mkIf cfg.enable (
|
||||||
|
|
@ -79,6 +95,7 @@ in
|
||||||
users.users.remotebuild = {
|
users.users.remotebuild = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
createHome = false;
|
createHome = false;
|
||||||
|
home = "/var/empty";
|
||||||
group = "remotebuild";
|
group = "remotebuild";
|
||||||
|
|
||||||
# All the keys from ./remote_client_keys should be trusted
|
# All the keys from ./remote_client_keys should be trusted
|
||||||
|
|
@ -96,6 +113,24 @@ in
|
||||||
|
|
||||||
nix.settings.trusted-users = [ "remotebuild" ];
|
nix.settings.trusted-users = [ "remotebuild" ];
|
||||||
})
|
})
|
||||||
|
(lib.mkIf cfg.remoteBuilder.client.enable {
|
||||||
|
nix.distributedBuilds = true;
|
||||||
|
nix.settings.builders-use-substitutes = true;
|
||||||
|
|
||||||
|
nix.buildMachines = [
|
||||||
|
{
|
||||||
|
hostName = "gospel";
|
||||||
|
sshUser = "remotebuild";
|
||||||
|
sshKey = cfg.remoteBuilder.client.sshKeyPath;
|
||||||
|
system = "x86_64-linux";
|
||||||
|
supportedFeatures = [
|
||||||
|
"nixos-test"
|
||||||
|
"big-parallel"
|
||||||
|
"kvm"
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
})
|
||||||
]
|
]
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -7,8 +7,11 @@
|
||||||
];
|
];
|
||||||
|
|
||||||
aa = {
|
aa = {
|
||||||
nix.enable = true;
|
nix = {
|
||||||
nix.useSelfhostedCache = true;
|
enable = true;
|
||||||
|
useSelfhostedCache = true;
|
||||||
|
remoteBuilder.client.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
archetypes.workstation.enable = true;
|
archetypes.workstation.enable = true;
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue