From 24ea2f1f5c6581130134cb36f659531379b1a1c2 Mon Sep 17 00:00:00 2001
From: Michael Walker <mike@barrucadu.co.uk>
Date: Wed, 11 Dec 2024 12:25:57 +0000
Subject: [PATCH] [carcosa] Create a user to execute remote builds

This is so I can downsize yuggoth, as it doesn't really need to be big
enough to compile bookdb & bookmarks
---
 hosts/carcosa/configuration.nix | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/hosts/carcosa/configuration.nix b/hosts/carcosa/configuration.nix
index 5630cdcb..4d0775a0 100644
--- a/hosts/carcosa/configuration.nix
+++ b/hosts/carcosa/configuration.nix
@@ -334,6 +334,21 @@ in
   nixfiles.bookmarks.remoteSync.receive.authorizedKeys =
     [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIChVw9DPLafA3lCLCI4Df9rYuxedFQTXAwDOOHUfZ0Ac remote-sync@nyarlathotep" ];
 
+
+  ###############################################################################
+  ## Remote Builds
+  ###############################################################################
+
+  users.extraUsers.nix-remote-builder = {
+    home = "/var/lib/nix-remote-builder";
+    createHome = true;
+    isSystemUser = true;
+    shell = pkgs.bashInteractive;
+    group = "nogroup";
+  };
+  nix.settings.trusted-users = [ config.users.extraUsers.nix-remote-builder.name ];
+
+
   ###############################################################################
   ## Miscellaneous
   ###############################################################################