From c898d56781492e7380b72c1a681fe3afe283ffde Mon Sep 17 00:00:00 2001 From: Julien Malka Date: Sat, 1 Jul 2023 16:44:29 +0200 Subject: [PATCH 1/2] added luj's remote builders --- modules/ssh-cursed.nix | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 modules/ssh-cursed.nix diff --git a/modules/ssh-cursed.nix b/modules/ssh-cursed.nix new file mode 100644 index 0000000..deb956d --- /dev/null +++ b/modules/ssh-cursed.nix @@ -0,0 +1,36 @@ +{ + programs.ssh.extraConfig = '' + Host telecom-bastion + HostName ssh.enst.fr + User jmalka + IdentityFile /home/luj/.ssh/id_ed25519 + + Host lame11 + Hostname lame11.enst.fr + User nix-remote-builder + ProxyJump telecom-bastion + IdentityFile /home/luj/.ssh/id_ed25519 + Host lame10 + Hostname lame10.enst.fr + User nix-remote-builder + ProxyJump telecom-bastion + IdentityFile /home/luj/.ssh/id_ed25519 + Host lame12 + Hostname lame12.enst.fr + User nix-remote-builder + ProxyJump telecom-bastion + IdentityFile /home/luj/.ssh/id_ed25519 + Host lame16 + Hostname lame16.enst.fr + User nix-remote-builder + ProxyJump telecom-bastion + IdentityFile /home/luj/.ssh/id_ed25519 + Host lame17 + Hostname lame17.enst.fr + User nix-remote-builder + ProxyJump telecom-bastion + IdentityFile /home/luj/.ssh/id_ed25519 + + ''; + +} From 147ca052d4651d9ca16fe3bf18b6b911d68b85ef Mon Sep 17 00:00:00 2001 From: Julien Malka Date: Sat, 1 Jul 2023 16:46:53 +0200 Subject: [PATCH 2/2] import ssh-cursed module --- configurations.nix | 64 ++++++++++++++++++++++++---------------------- 1 file changed, 34 insertions(+), 30 deletions(-) diff --git a/configurations.nix b/configurations.nix index 6c2e8c5..8441d78 100644 --- a/configurations.nix +++ b/configurations.nix @@ -34,6 +34,7 @@ let ./modules/hosts.nix ./modules/network.nix ./modules/zsh.nix + ./modules/ssh-cursed.nix disko.nixosModules.disko @@ -50,38 +51,41 @@ let , config , lib , ... - }: let - sopsFile = ./. + "/hosts/${config.networking.hostName}.yml"; - in { - nix.nixPath = [ - "home-manager=${home-manager}" - "nixpkgs=${pkgs.path}" - "nur=${nur}" - ]; - # TODO: share nixpkgs for each machine to speed up local evaluation. - #nixpkgs.pkgs = self.inputs.nixpkgs.legacyPackages.${system}; + }: + let + sopsFile = ./. + "/hosts/${config.networking.hostName}.yml"; + in + { + nix.nixPath = [ + "home-manager=${home-manager}" + "nixpkgs=${pkgs.path}" + "nur=${nur}" + ]; + # TODO: share nixpkgs for each machine to speed up local evaluation. + #nixpkgs.pkgs = self.inputs.nixpkgs.legacyPackages.${system}; - #users.withSops = builtins.pathExists sopsFile; - #sops.secrets = lib.mkIf (config.users.withSops) { - # root-password-hash.neededForUsers = true; - #}; - # sops.defaultSopsFile = lib.mkIf (builtins.pathExists sopsFile) sopsFile; + #users.withSops = builtins.pathExists sopsFile; + #sops.secrets = lib.mkIf (config.users.withSops) { + # root-password-hash.neededForUsers = true; + #}; + # sops.defaultSopsFile = lib.mkIf (builtins.pathExists sopsFile) sopsFile; - nix.extraOptions = '' - flake-registry = ${flake-registry}/flake-registry.json - ''; + nix.extraOptions = '' + flake-registry = ${flake-registry}/flake-registry.json + builders-use-substitutes = true + ''; - nix.registry = { - home-manager.flake = home-manager; - nixpkgs.flake = nixpkgs; - nur.flake = nur; - }; - time.timeZone = "UTC"; + nix.registry = { + home-manager.flake = home-manager; + nixpkgs.flake = nixpkgs; + nur.flake = nur; + }; + time.timeZone = "UTC"; - environment.systemPackages = [ - pkgs.kitty.terminfo - ]; - }) + environment.systemPackages = [ + pkgs.kitty.terminfo + ]; + }) ]; in { @@ -94,8 +98,8 @@ in ++ [ ./hosts/epyc.nix ]; - }; }; + }; flake.colmena = { meta.nixpkgs = import nixpkgs { @@ -107,6 +111,6 @@ in ++ [ ./hosts/epyc.nix ]; - }; + }; }; }