add build02 which will run nixpkgs-update only for now

build01/configuration.nix

@@ -21,7 +21,6 @@ in
     ./hydra.nix
     ./hydra-declarative-projects.nix
     ./cache.nix
-    ./nixpkgs-update.nix
     ./marvin-mk2.nix
     ./matterbridge.nix
 

build02/cache.nix

@@ -0,0 +1,48 @@
+{ config, pkgs, ... }:
+let
+  postBuildHook = pkgs.writeScript "post-build-hook.sh" ''
+    #!${pkgs.runtimeShell}
+    export PATH=$PATH:${pkgs.nix}/bin
+    exec ${pkgs.cachix}/bin/cachix -c /var/lib/post-build-hook/nix-community-cachix.dhall push nix-community $OUT_PATHS
+  '';
+
+  sockPath = "/run/post-build-hook.sock";
+
+  queueBuildHook = pkgs.writeScript "post-build-hook.sh" ''
+    ${pkgs.queued-build-hook}/bin/queued-build-hook queue --socket ${sockPath}
+  '';
+
+  sources = import ../nix/sources.nix;
+
+in
+{
+
+  nixpkgs.overlays = [
+    (self: super: {
+      queued-build-hook = (import sources.queued-build-hook { pkgs = super; });
+    })
+  ];
+
+  systemd.sockets.queued-build-hook = {
+    description = "Post-build-hook socket";
+    wantedBy = [ "sockets.target" ];
+    socketConfig = {
+      ListenStream = sockPath;
+      SocketUser = "root";
+      SocketMode = "0600";
+    };
+  };
+
+  systemd.services.queued-build-hook = {
+    description = "Post-build-hook service";
+    wantedBy = [ "multi-user.target" ];
+    after = [ "network.target" "queued-build-hook.socket" ];
+    requires = [ "queued-build-hook.socket" ];
+    serviceConfig.ExecStart = "${pkgs.queued-build-hook}/bin/queued-build-hook daemon --retry-interval 30 --hook ${postBuildHook}";
+  };
+
+  nix.extraOptions = ''
+    post-build-hook = ${queueBuildHook}
+  '';
+
+}

build02/configuration.nix

@@ -0,0 +1,59 @@
+{ config, pkgs, lib, ... }:
+let
+  userImports =
+    let
+      toUserPath = f: ../users/. + "/${f}";
+      onlyUserFiles = x:
+        lib.hasSuffix ".nix" x &&
+        x != "lib.nix"
+      ;
+      userDirEntries = builtins.readDir ../users;
+      userFiles = builtins.filter onlyUserFiles (lib.attrNames userDirEntries);
+    in
+    builtins.map toUserPath userFiles;
+in
+{
+  imports = [
+    ./hardware-configuration.nix
+
+    ./cache.nix
+    ./nixpkgs-update.nix
+
+    ../profiles/common.nix
+    ../profiles/docker.nix
+  ] ++ userImports;
+
+  # /boot is a mirror raid
+  boot.loader.grub.devices = [ "/dev/nvme0n1" "/dev/nvme1n1" ];
+  boot.loader.grub.enable = true;
+  boot.loader.grub.version = 2;
+
+  networking.hostName = "nix-community-build02";
+  networking.hostId = "af9ccc71";
+  networking.useDHCP = false;
+  networking.defaultGateway = "95.217.109.129";
+  networking.nameservers = [ "1.1.1.1" "1.0.0.1" ];
+  networking.interfaces."enp35s0" = {
+    ipv4.addresses = [ { address = "95.217.109.189"; prefixLength = 26; } ];
+    ipv6.addresses = [ { address = "fe80::aaa1:59ff:fe0e:aa61"; prefixLength = 64; } ];
+  };
+
+  # nginx is being used as the frontend HTTP server for all the services
+  # running on the box
+  services.nginx.enable = true;
+  networking.firewall = {
+    # for Nginx
+    allowedTCPPorts = [ 443 80 ];
+  };
+
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+
+  security.acme.email = "trash@nix-community.org";
+  security.acme.acceptTerms = true;
+
+  nix.gc.automatic = true;
+  nix.gc.options = "--delete-older-than 30d";
+
+  system.stateVersion = "20.09";
+
+}

build02/hardware-configuration.nix

@@ -0,0 +1,26 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/29a6b37b-fafb-46a1-b856-1e1c20dc053b";
+      fsType = "f2fs";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/5021610e-ffdd-4721-ad23-63d10a6f4e2c"; }
+      { device = "/dev/disk/by-uuid/e7a3712f-bc88-4b04-8823-58871494c132"; }
+    ];
+
+}

deployment.nix

@@ -53,30 +53,6 @@ in
         permissions = "0600";
       };
 
-      deployment.keys."id_rsa" = {
-        text = secrets.github-r-ryantm-key;
-        destDir = "/home/r-ryantm/.ssh";
-        user = "r-ryantm";
-        group = "r-ryantm";
-        permissions = "0600";
-      };
-
-      deployment.keys."github_token.txt" = {
-        text = secrets.github-r-ryantm-token;
-        destDir = "/var/lib/nixpkgs-update";
-        user = "r-ryantm";
-        group = "r-ryantm";
-        permissions = "0600";
-      };
-
-      deployment.keys."github_token_with_username.txt" = {
-        text = "r-ryantm:${secrets.github-r-ryantm-token}";
-        destDir = "/var/lib/nixpkgs-update";
-        user = "r-ryantm";
-        group = "r-ryantm";
-        permissions = "0600";
-      };
-
       deployment.keys."marvin-mk2-key.pem" = {
         text = secrets."marvin-mk2-key.pem";
         destDir = "/var/lib/marvin-mk2";
@@ -137,4 +113,39 @@ in
 
     };
 
+  build02 =
+    { resources, ... }:
+    {
+      imports = [
+        ./build02/configuration.nix
+      ];
+
+      deployment.targetHost = "95.217.109.189";
+
+      deployment.keys."id_rsa" = {
+        text = secrets.github-r-ryantm-key;
+        destDir = "/home/r-ryantm/.ssh";
+        user = "r-ryantm";
+        group = "r-ryantm";
+        permissions = "0600";
+      };
+
+      deployment.keys."github_token.txt" = {
+        text = secrets.github-r-ryantm-token;
+        destDir = "/var/lib/nixpkgs-update";
+        user = "r-ryantm";
+        group = "r-ryantm";
+        permissions = "0600";
+      };
+
+      deployment.keys."github_token_with_username.txt" = {
+        text = "r-ryantm:${secrets.github-r-ryantm-token}";
+        destDir = "/var/lib/nixpkgs-update";
+        user = "r-ryantm";
+        group = "r-ryantm";
+        permissions = "0600";
+      };
+
+    };
+
 }