ready?

2025-08-18 22:47:55 -05:00
parent 8622694fd3
commit d8231a5f2a
7 changed files with 123 additions and 250 deletions
--- a/system-config/default.nix
+++ b/system-config/default.nix
@@ -25,35 +25,7 @@
        };
    };

-    config = let 
-        dirs = (builtins.partition 
-            (x: ((builtins.readDir ./configuration).${x} == "directory" && (import x).config.sysconfig.host != config.sysconfig.host))
-            (builtins.attrNames (builtins.readDir ./configuration))
-        ).right;
-
-        rbHosts = (builtins.listToAttrs 
-            (builtins.map 
-                (x: let
-                    host = import x;
-                in { 
-                    name = x; 
-                    value = {
-                        hostName = host.config.networking.hostName;
-                        sshUser = "remote-builder";
-                        sshKey = config.sops.secrets."remoteBuildSSHKey".path;
-                        supportedFeatures = [
-                            "nixos-test"
-                            "benchmark"
-                            "big-parallel"
-                            "kvm"
-                        ];
-                        system = pkgs.stdenv.hostPlatform.system;
-                    }; 
-                })
-                dirs
-            )
-        );
-    in {
+    config = {

        sops.secrets."remoteBuildSSHKey" = lib.mkIf config.sysconfig.remoteBuildClient {};
    
@@ -69,17 +41,32 @@
            };

            distributedBuilds = config.sysconfig.remoteBuildClient;
-            buildMachines = lib.mkIf config.sysconfig.remoteBuildClient {};
+            buildMachines = lib.mkIf config.sysconfig.remoteBuildClient [
+                {
+                    hostName = "blunkall.us";
+                    sshUser = "remote-builder";
+                    sshKey = config.sops.secrets."remoteBuildSSHKey".path;
+                    supportedFeatures = [
+                        "nixos-test"
+                        "benchmark"
+                        "big-parallel"
+                        "kvm"
+                    ];
+                    systems = [ "x86_64-linux" "aarch64-linux" ];
+                }
+            ];

-            trusted-users = lib.mkIf config.sysconfig.remoteBuildHost [ config.users.users."remote-builder".name ];
+            trusted-users = lib.mkIf config.sysconfig.remoteBuildHost [ "remote-builder" ];
        };

-        environment.etc = lib.mkIf config.sysconfig.remoteBuildHost {};
+        boot.binfmt.emulatedSystems = lib.mkIf config.sysconfig.remoteBuildHost [ "aarch64-linux" ];

        users.users."remote-builder" = lib.mkIf config.sysconfig.remoteBuildHost {
            isNormalUser = true;
            createHome = false;
-            openssh.authorizedKeys.keyFiles = [];
+            openssh.authorizedKeys.keys = [
+                "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN7wpZD7mpHHpfHBSBV28x3ify+dtoLRDXO91mJ/WhUj root@laptop"
+            ];
        };
        
        time.timeZone = lib.mkDefault "America/Chicago";