Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

abstract

Browse Source
This commit is contained in:
Nathan
2025-08-23 11:24:03 -05:00
parent f94627e858
commit 3ce100218d
2 changed files with 18 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
system-config/default.nix
View File

@@ -69,6 +69,7 @@
settings = {
experimental-features = [ "nix-command" "flakes" ];
builders-use-substitutes = lib.mkIf config.sysconfig.remoteBuildClient true;
trusted-users = lib.mkIf config.sysconfig.remoteBuildHost [ "remote-builder" ];
};
distributedBuilds = config.sysconfig.remoteBuildClient;
@@ -88,6 +89,23 @@
];
};
users.users."remote-builder" = lib.mkIf config.sysconfig.remoteBuildHost {
isNormalUser = true;
createHome = false;
};
sops.templates."remote-builder" = lib.mkIf config.sysconfig.remoteBuildHost {
content = builtins.concatStringsSep ''''\n'' (builtins.map
(y: config.sops.placeholder.${y})
(builtins.partition
(x: (builtins.match "^remoteBuildClientKeys/.+" x) != null)
(builtins.attrNames config.sops.secrets)
).right
);
path = "/etc/ssh/authorized_keys.d/remote-builder";
owner = "remote-builder";
};
time.timeZone = lib.mkDefault "America/Chicago";
i18n = lib.mkDefault {