made a build and nixremote modules.

2025-09-27 16:31:05 -06:00
parent 8cd5e390cf
commit 4b81028cde
7 changed files with 198 additions and 166 deletions
--- a/modules/modules.nix
+++ b/modules/modules.nix
@@ -30,7 +30,11 @@ in
    ++ autoImport "scripts"
    ++ autoImport "servers"
    ++ autoImport "services"
-    ++ autoImport "shell";
+    ++ autoImport "shell"
+    ++ [
+      ./nix/build.nix
+      ./users/nixremote.nix
+    ];
  options.my = {
    localhost = lib.mkOption {
      type = lib.types.str;
--- a/modules/nix/build.nix
+++ b/modules/nix/build.nix
@@ -0,0 +1,53 @@
+{ lib, config, ... }:
+{
+  options.my.nix = {
+    features = lib.mkOption {
+      type = lib.types.listOf lib.types.str;
+      default = [
+        "nixos-test"
+        "benchmark"
+        "big-parallel"
+        "kvm"
+        "gccarch-znver3"
+        "gccarch-skylake"
+        "gccarch-alderlake"
+      ];
+      description = "List of supported nix build features for this system";
+    };
+    
+    buildMachines = lib.mkOption {
+      type = lib.types.listOf lib.types.attrs;
+      default = [];
+      description = "List of remote build machines configuration";
+    };
+    
+    cores = lib.mkOption {
+      type = lib.types.nullOr lib.types.int;
+      default = null;
+      description = "Number of cores to use for builds (null = auto-detect)";
+    };
+    
+    maxJobs = lib.mkOption {
+      type = lib.types.nullOr lib.types.int;
+      default = null;
+      description = "Maximum number of parallel jobs (null = auto-detect)";
+    };
+  };
+
+  config = {
+    nix.settings = lib.mkMerge [
+      {
+        system-features = config.my.nix.features;
+      }
+      (lib.mkIf (config.my.nix.cores != null) {
+        cores = config.my.nix.cores;
+      })
+      (lib.mkIf (config.my.nix.maxJobs != null) {
+        max-jobs = config.my.nix.maxJobs;
+      })
+    ];
+    
+    nix.buildMachines = lib.mkIf (config.my.nix.buildMachines != []) 
+      config.my.nix.buildMachines;
+  };
+} 
--- a/modules/users/nixremote.nix
+++ b/modules/users/nixremote.nix
@@ -0,0 +1,41 @@
+{ lib, config, ... }:
+{
+  options.my.users.nixremote = {
+    enable = lib.mkEnableOption "nixremote user for distributed builds";
+    
+    authorizedKeys = lib.mkOption {
+      type = lib.types.listOf lib.types.path;
+      default = [
+        ../../secrets/ssh/ed25519_nixworkstation.pub
+        ../../secrets/ssh/ed25519_nixserver.pub
+        ../../secrets/ssh/ed25519_nixminiserver.pub
+      ];
+      description = "List of SSH public key files to authorize for nixremote user";
+    };
+    
+    gid = lib.mkOption {
+      type = lib.types.int;
+      default = 555;
+      description = "Group ID for the nixremote group";
+    };
+    
+    home = lib.mkOption {
+      type = lib.types.str;
+      default = "/var/nixremote/";
+      description = "Home directory for the nixremote user";
+    };
+  };
+
+  config = lib.mkIf config.my.users.nixremote.enable {
+    users = {
+      groups.nixremote.gid = config.my.users.nixremote.gid;
+      users.nixremote = {
+        isNormalUser = true;
+        createHome = true;
+        group = "nixremote";
+        home = config.my.users.nixremote.home;
+        openssh.authorizedKeys.keyFiles = config.my.users.nixremote.authorizedKeys;
+      };
+    };
+  };
+}