diff --git a/config/files/builders b/config/files/builders index 6e1fdd7..efcd1ac 100644 --- a/config/files/builders +++ b/config/files/builders @@ -1 +1 @@ -ssh://nixremote@seras.kyouma.net x86_64-linux,aarch64-linux - 40 5 nixos-test,benchmark,big-parallel,kvm +ssh://build@seras.kyouma.net x86_64-linux,aarch64-linux - 40 5 nixos-test,benchmark,big-parallel,kvm diff --git a/config/hosts/seras/configuration.nix b/config/hosts/seras/configuration.nix index 28d7699..351f0f8 100644 --- a/config/hosts/seras/configuration.nix +++ b/config/hosts/seras/configuration.nix @@ -14,7 +14,14 @@ hostName = "seras"; nftables.enable = lib.mkForce false; }; - nix.settings.trusted-users = [ "nixremote" ]; + nix.gc.options = lib.mkForce "--delete-older-than 60d"; + nix.settings.trusted-users = [ "build" ]; + nix.extraOptions = '' + min-free = ${builtins.toString (4096 * 1024 * 1024)} + max-free = ${builtins.toString (8192 * 1024 * 1024)} + max-substitution-jobs = 20 + max-silent-time = 900 + ''; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; systemd.network.networks."98-eth-default" = { @@ -22,7 +29,7 @@ "2a0f:be01:0:100::169/128" ]; }; - users.users.nixremote = { + users.users.build = { isNormalUser = true; shell = pkgs.fish; ignoreShellProgramCheck = true; diff --git a/config/profiles/headless.nix b/config/profiles/headless.nix index dd64f1c..1fe23d4 100644 --- a/config/profiles/headless.nix +++ b/config/profiles/headless.nix @@ -1,6 +1,12 @@ -{ config, lib, ... }: with lib; { +{ config, lib, pkgs, ... }: { + kyouma.machine-type.headless = true; + documentation.man.generateCaches = false; - services.openssh.enable = mkDefault true; - services.vnstat.enable = mkDefault true; + environment.systemPackages = with pkgs; [ + vim + ]; + + services.openssh.enable = lib.mkDefault true; + services.vnstat.enable = lib.mkDefault true; } diff --git a/config/profiles/remote-build.nix b/config/profiles/remote-build.nix index 1b8e134..2c49322 100644 --- a/config/profiles/remote-build.nix +++ b/config/profiles/remote-build.nix @@ -1,11 +1,16 @@ {config, lib, pkgs, ... }: { nix.buildMachines = [{ hostName = "seras.kyouma.net"; - sshUser = "nixremote"; + sshUser = "build"; maxJobs = 40; speedFactor = 5; systems = [ "aarch64-linux" "x86_64-linux" ]; supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ]; }]; nix.distributedBuilds = true; + programs.ssh = { + knownHosts = { + "seras.kyouma.net".publicKey = "sh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPNVavo3YHVsrYwXRVISu7kDoknn+5inFGySn4azlB8P"; + }; + }; } diff --git a/flake.nix b/flake.nix index 0cc822d..1b61b9e 100644 --- a/flake.nix +++ b/flake.nix @@ -43,9 +43,9 @@ }; }; - nixConfig = rec { + nixConfig = { builders-use-substitutes = true; - builders = "ssh://nixremote@seras.kyouma.net x86_64-linux,aarch64-linux - 40 5 nixos-test,benchmark,big-parallel,kvm"; + builders = "ssh://build@seras.kyouma.net x86_64-linux,aarch64-linux - 40 5 nixos-test,benchmark,big-parallel,kvm"; }; outputs = { self, nixpkgs, flake-utils, ... }@inputs: {