build-worker: Use sshServe

This commit is contained in:
emily 2024-09-05 14:46:07 +02:00
parent 909e1d81e1
commit af8ff6a6a1
Signed by: emily
GPG key ID: F6F4C66207FCF995
2 changed files with 6 additions and 10 deletions

View file

@ -2,7 +2,7 @@
kyouma.deployment.auto-upgrade.cache = "daemon";
nix.gc.options = lib.mkForce "--delete-older-than 60d";
nix.settings = {
trusted-users = [ "build" ];
trusted-users = [ "nix-ssh" ];
#system-features = [ "nixos-test" "benchmark" "big-parallel" "kvm" ] ++ lib.optionals pkgs.hostPlatform.isx86_64 [ "gccarch-x86-64-v3" ];
};
nix.extraOptions = ''
@ -11,11 +11,10 @@
max-substitution-jobs = 20
max-silent-time = 14400
'';
users.users.build = {
isNormalUser = true;
shell = pkgs.bash;
ignoreShellProgramCheck = true;
openssh.authorizedKeys.keys = [
nix.sshServe = {
enable = true;
write = true;
keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA/+iN407+HsfHbbC3tfdA8Yf4TZ08qXQMb4tb/SDAs+ emily@card"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE/vCXM3IaxJP9v2Y+xcQrQD2IcffgdzqtWhpMjj9Xl5 hydra@seras"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICT0dGyLUjxFnvqUmex+5xUGQ7D4yGHKo267JgApcq0k root@ryuuko"

View file

@ -10,7 +10,7 @@
}
{
hostName = "integra.kyouma.net";
sshUser = "build";
sshUser = "nix-ssh";
maxJobs = 2;
speedFactor = 4;
systems = [ "aarch64-linux" ];
@ -43,9 +43,6 @@
"https://"
];
};
users.users.hydra-queue-runner.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE/vCXM3IaxJP9v2Y+xcQrQD2IcffgdzqtWhpMjj9Xl5 hydra@seras"
];
programs.ssh = {
knownHosts = {
"build-worker-03.nyantec.com".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEGqTY74c5g15DSNPNM2Wdr5jAwS7BFgX1XRnhtGOnJc";