From e1a79474115fb7711fd2bbe561b43a42ab2556f4 Mon Sep 17 00:00:00 2001
From: Gerg-L <GregLeyda@proton.me>
Date: Thu, 27 Apr 2023 15:31:34 -0400
Subject: [PATCH] setup remote building for both laptops

---
 flake.lock                       | 42 +++++++++++------------
 modules/boot/misc.nix            |  2 ++
 modules/builders.nix             | 59 ++++++++++++++++++++++++++++++++
 systems/game-laptop/default.nix  |  1 +
 systems/gerg-desktop/default.nix |  2 ++
 systems/moms-laptop/default.nix  |  1 +
 6 files changed, 86 insertions(+), 21 deletions(-)
 create mode 100644 modules/builders.nix

diff --git a/flake.lock b/flake.lock
index d059512..fbd788f 100644
--- a/flake.lock
+++ b/flake.lock
@@ -7,11 +7,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1681977899,
-        "narHash": "sha256-G5/DB7t1t1uhGEwPk6HY2JSVOPp3k9qZC5sOl2vrn7E=",
+        "lastModified": 1682299489,
+        "narHash": "sha256-bqHo0/82KB+IyBMyjBd6QdyZWJl/YZeGggjBsAgRFlY=",
         "owner": "nix-community",
         "repo": "disko",
-        "rev": "a433c7995448989e697c9f913405df1a98122885",
+        "rev": "8ab9e5609929379ab15f03fd3bdc1f85419e5a3a",
         "type": "github"
       },
       "original": {
@@ -141,11 +141,11 @@
     },
     "master": {
       "locked": {
-        "lastModified": 1682012766,
-        "narHash": "sha256-qcQvCO3vBENFBnE7btDf2mi7PeLqnZmnktYKDWHEUu4=",
+        "lastModified": 1682616090,
+        "narHash": "sha256-29fV+jLRbo7WtLx0rQ7nxYkjTdU7KDWbtC9hOLWk3S4=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "1c74273033e2d375122d4d301c8bff44d657872b",
+        "rev": "938afbb96edba3dd28065f5f2d42a86e9714bab3",
         "type": "github"
       },
       "original": {
@@ -226,11 +226,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1681464810,
-        "narHash": "sha256-G7AD9qMvD7lU+5K7tTZpUMXvQa0kFR5KKY9y/okcX+w=",
+        "lastModified": 1682332772,
+        "narHash": "sha256-GMoWhChQdeNM2FFqVbEZgBABSdi/+JgSP6v+jUz5b24=",
         "owner": "nix-community",
         "repo": "nixos-generators",
-        "rev": "5ad9f98194cfe7aa990929fb8cae28c500da7620",
+        "rev": "d774aeedc0685e5871be1e1ee0511900deeb21c2",
         "type": "github"
       },
       "original": {
@@ -273,11 +273,11 @@
     },
     "nixpkgs-stable": {
       "locked": {
-        "lastModified": 1681613598,
-        "narHash": "sha256-Ogkoma0ytYcDoMR2N7CZFABPo+i0NNo26dPngru9tPc=",
+        "lastModified": 1682173319,
+        "narHash": "sha256-tPhOpJJ+wrWIusvGgIB2+x6ILfDkEgQMX0BTtM5vd/4=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "1040ce5f652b586da95dfd80d48a745e107b9eac",
+        "rev": "ee7ec1c71adc47d2e3c2d5eb0d6b8fbbd42a8d1c",
         "type": "github"
       },
       "original": {
@@ -333,11 +333,11 @@
         "nixpkgs-stable": "nixpkgs-stable"
       },
       "locked": {
-        "lastModified": 1681821695,
-        "narHash": "sha256-uwyBGo/9IALi97AfMuzkJroQQhV6hkybaZVdw6pRNG4=",
+        "lastModified": 1682539132,
+        "narHash": "sha256-djX/Vp1snR1XHyk400HKCfwWVoLBE8uiQalTXMH7Kj0=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "5698b06b0731a2c15ff8c2351644427f8ad33993",
+        "rev": "4a330ead6a990365c9bb48f30523ac048fb6d8ae",
         "type": "github"
       },
       "original": {
@@ -386,11 +386,11 @@
     },
     "stable": {
       "locked": {
-        "lastModified": 1681932375,
-        "narHash": "sha256-tSXbYmpnKSSWpzOrs27ie8X3I0yqKA6AuCzCYNtwbCU=",
+        "lastModified": 1682538316,
+        "narHash": "sha256-YuHgVsR7S9zxJWHo7lo2ugd+uDC4ESWg1hA4bEZQv3Y=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "3d302c67ab8647327dba84fbdb443cdbf0e82744",
+        "rev": "15b75800dce80225b44f067c9012b09de37dfad2",
         "type": "github"
       },
       "original": {
@@ -452,11 +452,11 @@
     },
     "unstable": {
       "locked": {
-        "lastModified": 1681828457,
-        "narHash": "sha256-o4Zvs309HOhrNeVloPKqangcKHobsggVt6GFbnEPZlQ=",
+        "lastModified": 1682526928,
+        "narHash": "sha256-2cKh4O6t1rQ8Ok+v16URynmb0rV7oZPEbXkU0owNLQs=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "555daa9d339b3df75e58ee558a4fec98ea92521e",
+        "rev": "d6b863fd9b7bb962e6f9fdf292419a775e772891",
         "type": "github"
       },
       "original": {
diff --git a/modules/boot/misc.nix b/modules/boot/misc.nix
index 9c8ef2e..0fc7c7c 100644
--- a/modules/boot/misc.nix
+++ b/modules/boot/misc.nix
@@ -10,7 +10,9 @@ _: {
       logo = self + /misc/nixos.png;
     };
     loader = {
+      grub.configurationLimit = 10;
       systemd-boot = {
+        configurationLimit = 10;
         enable = lib.mkDefault true;
         consoleMode = "max";
         editor = false;
diff --git a/modules/builders.nix b/modules/builders.nix
new file mode 100644
index 0000000..edb0d1e
--- /dev/null
+++ b/modules/builders.nix
@@ -0,0 +1,59 @@
+_: {
+  config,
+  lib,
+  options,
+  ...
+}: {
+  options.localModules.remoteBuild = {
+    enable = lib.mkEnableOption "";
+    isBuilder = lib.mkEnableOption "";
+  };
+  config = lib.mkMerge [
+    (
+      lib.mkIf config.localModules.remoteBuild.enable {
+        nix = {
+          settings = {
+            builders-use-substitutes = true;
+            max-jobs = 0;
+          };
+          distributedBuilds = true;
+          buildMachines = [
+            {
+              hostName = "gerg-desktop";
+              protocol = "ssh-ng";
+              maxJobs = 32;
+              systems = ["x86_64-linux"];
+              supportedFeatures = ["big-parallel" "nixos-test" "kvm" "benchmark"];
+              sshUser = "builder";
+              sshKey = "/etc/ssh/ssh_host_ed25519_key";
+              publicHostKey = "BQxvBOWsTw1gdNDR0KzrSRmbVhDrJdG05vYXkVmw8yA";
+            }
+          ];
+        };
+        programs.ssh.knownHosts = {
+          gerg-desktop = {
+            extraHostNames = ["gerg-desktop.lan"];
+            publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIeHsGcmOdIMzV+SNe4WFcA3CPHCNb1aqxThkXtm7G/1";
+          };
+        };
+      }
+    )
+    (lib.mkIf config.localModules.remoteBuild.isBuilder {
+      users = {
+        groups.builder = {};
+        users.builder = {
+          createHome = false;
+          isSystemUser = true;
+          openssh.authorizedKeys.keys = [
+            "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIq9YTf4jlVCKBKn44m4yJvj94C7pTOyaa4VjZFohNqD root@mom-laptop"
+            "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJUKHZasYQUAmRBiqtx1drDxfq18/N4rKydCtPHx461I root@game-laptop"
+          ];
+          useDefaultShell = true;
+          group = "builder";
+        };
+      };
+
+      nix.settings.trusted-users = ["builder"];
+    })
+  ];
+}
diff --git a/systems/game-laptop/default.nix b/systems/game-laptop/default.nix
index 8dfd2b4..78c1cf2 100644
--- a/systems/game-laptop/default.nix
+++ b/systems/game-laptop/default.nix
@@ -4,6 +4,7 @@ _: {
   ...
 }: {
   localModules = {
+    remoteBuild.enable = true;
     DE.gnome.enable = true;
     DM = {
       lightdm.enable = true;
diff --git a/systems/gerg-desktop/default.nix b/systems/gerg-desktop/default.nix
index b10ac81..432b9bf 100644
--- a/systems/gerg-desktop/default.nix
+++ b/systems/gerg-desktop/default.nix
@@ -4,6 +4,7 @@ inputs: {
   ...
 }: {
   localModules = {
+    remoteBuild.isBuilder = true;
     X11Programs = {
       sxhkd.enable = true;
     };
@@ -38,6 +39,7 @@ inputs: {
   nixpkgs.overlays = [
     inputs.nvim-flake.overlays.default
   ];
+  nix.settings.system-features = ["kvm" "big-parallel" "nixos-test" "benchmark"];
 
   environment.systemPackages = [
     pkgs.bitwarden #store stuff
diff --git a/systems/moms-laptop/default.nix b/systems/moms-laptop/default.nix
index edd3ac4..75c3dc8 100644
--- a/systems/moms-laptop/default.nix
+++ b/systems/moms-laptop/default.nix
@@ -4,6 +4,7 @@ _: {
   ...
 }: {
   localModules = {
+    remoteBuild.enable = true;
     DM = {
       lightdm.enable = true;
       autoLogin = true;