Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set up a Nix builder #15

Open
Frontear opened this issue Oct 7, 2024 · 2 comments
Open

Set up a Nix builder #15

Frontear opened this issue Oct 7, 2024 · 2 comments
Labels
compat: backwards Represents a backwards compatible change. Existing functionality is wholly unaffected by changes. priority: low Non-essential issues that are neither affecting functionality nor usability. type: feature/addition Marks the request/implementation of a feature addition. Accompany with relevant labels.

Comments

@Frontear
Copy link
Owner

Frontear commented Oct 7, 2024

Extremely low priority. This issue is largely being made to document the process so that I do not need to stumble around in documentation hell.

  1. Generate an ssh key on the local machine, send the public part to the remote machine (via users.users.<name>.openssh.authorizedKeys.keys/keyFiles).
  2. Create a /root/.ssh/config on the local machine that contains this minimum snippet
Host REMOTE-BUILDER
  IdentitiesOnly yes
  IdentityFile /root/.ssh/key
  User <builder-user>
  1. Create a build user on the remote machine via this minimal snippet
services.openssh.enable = true;

users.users.builder = {
  isNormalUser = true;
  group = "builder";

  openssh.authorizedKeys.key/keyFiles = [ ... ];
};

users.groups.builder = {};

nix.settings.trusted-users = [ "builder" ];
  1. On the local machine, use this configuration to attach the builder
nix.distributedBuilds = true;
nix.buildMachines = [{
  hostName = "REMOTE-BUILDER";
  sshUser = "builder";
  sshKey = "/root/.ssh/key";
  system = " ... ";
  supportedFeatures = [ ... ];
  ... # THIS IS BARE MINIMUM
}];

That's it. What a disgustingly annoying set of tips, full of imperative behaviour too. Ideally I want to set this up behind a module and in a significantly saner way, sometime in the near future.
@Frontear Frontear added the priority: low Non-essential issues that are neither affecting functionality nor usability. label Oct 7, 2024
@Frontear
Copy link
Owner Author

Frontear commented Oct 7, 2024

https://wiki.nixos.org/wiki/Distributed_build
https://nix.dev/manual/nix/2.24/advanced-topics/distributed-builds.html
https://nix.dev/tutorials/nixos/distributed-builds-setup#set-up-distributed-builds
https://wiki.nixos.org/wiki/Distributed_build

@Frontear
Copy link
Owner Author

Frontear commented Oct 7, 2024

https://docs.nixbuild.net/getting-started/

programs.ssh.extraConfig = ''
  Host eu.nixbuild.net
    PubkeyAcceptedKeyTypes ssh-ed25519
    ServerAliveInterval 60
    IPQoS throughput
    IdentityFile /path/to/your/private/key
'';

programs.ssh.knownHosts = {
  nixbuild = {
    hostNames = [ "eu.nixbuild.net" ];
    publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPIQCZc54poJ8vqawd8TraNryQeJnvH1eLpIDgbiqymM";
  };
};

nix = {
  distributedBuilds = true;
  buildMachines = [
    { hostName = "eu.nixbuild.net";
      system = "x86_64-linux";
      maxJobs = 100;
      supportedFeatures = [ "benchmark" "big-parallel" ];
    }
  ];
};

@Frontear Frontear added type: feature/addition Marks the request/implementation of a feature addition. Accompany with relevant labels. compat: backwards Represents a backwards compatible change. Existing functionality is wholly unaffected by changes. labels Nov 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
compat: backwards Represents a backwards compatible change. Existing functionality is wholly unaffected by changes. priority: low Non-essential issues that are neither affecting functionality nor usability. type: feature/addition Marks the request/implementation of a feature addition. Accompany with relevant labels.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Frontear