build-worker: Use sshServe
This commit is contained in:
parent
909e1d81e1
commit
7ea51e7e28
2 changed files with 7 additions and 11 deletions
|
@ -1,8 +1,8 @@
|
|||
{ lib, pkgs, ... }: {
|
||||
kyouma.deployment.auto-upgrade.cache = "daemon";
|
||||
nix.gc.options = lib.mkForce "--delete-older-than 60d";
|
||||
nix.gc.options = lib.mkForce "--delete-older-than 30d";
|
||||
nix.settings = {
|
||||
trusted-users = [ "build" ];
|
||||
trusted-users = [ "nix-ssh" ];
|
||||
#system-features = [ "nixos-test" "benchmark" "big-parallel" "kvm" ] ++ lib.optionals pkgs.hostPlatform.isx86_64 [ "gccarch-x86-64-v3" ];
|
||||
};
|
||||
nix.extraOptions = ''
|
||||
|
@ -11,11 +11,10 @@
|
|||
max-substitution-jobs = 20
|
||||
max-silent-time = 14400
|
||||
'';
|
||||
users.users.build = {
|
||||
isNormalUser = true;
|
||||
shell = pkgs.bash;
|
||||
ignoreShellProgramCheck = true;
|
||||
openssh.authorizedKeys.keys = [
|
||||
nix.sshServe = {
|
||||
enable = true;
|
||||
write = true;
|
||||
keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA/+iN407+HsfHbbC3tfdA8Yf4TZ08qXQMb4tb/SDAs+ emily@card"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE/vCXM3IaxJP9v2Y+xcQrQD2IcffgdzqtWhpMjj9Xl5 hydra@seras"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICT0dGyLUjxFnvqUmex+5xUGQ7D4yGHKo267JgApcq0k root@ryuuko"
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
}
|
||||
{
|
||||
hostName = "integra.kyouma.net";
|
||||
sshUser = "build";
|
||||
sshUser = "nix-ssh";
|
||||
maxJobs = 2;
|
||||
speedFactor = 4;
|
||||
systems = [ "aarch64-linux" ];
|
||||
|
@ -43,9 +43,6 @@
|
|||
"https://"
|
||||
];
|
||||
};
|
||||
users.users.hydra-queue-runner.openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE/vCXM3IaxJP9v2Y+xcQrQD2IcffgdzqtWhpMjj9Xl5 hydra@seras"
|
||||
];
|
||||
programs.ssh = {
|
||||
knownHosts = {
|
||||
"build-worker-03.nyantec.com".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEGqTY74c5g15DSNPNM2Wdr5jAwS7BFgX1XRnhtGOnJc";
|
||||
|
|
Loading…
Reference in a new issue