modules: add darwin/nixos remote-builder
This commit is contained in:
zowoq
parent
1ccf0503b3
commit
754a7b72b8
8 changed files with 35 additions and 24 deletions
modules/shared
13
modules/shared/remote-builder.nix
Normal file
13
modules/shared/remote-builder.nix
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
{ config, ... }:
|
||||
let
|
||||
# on nix-darwin if user is removed the keys need to be removed manually from /etc/ssh/authorized_keys.d
|
||||
key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEmdo1x1QkRepZf7nSe+OdEWX+wOjkBLF70vX9F+xf68 builder";
|
||||
in
|
||||
{
|
||||
users.users.nix.openssh.authorizedKeys.keys = [
|
||||
# use nix-store for hydra which doesn't support ssh-ng
|
||||
''command="${config.nix.package}/bin/nix-store --serve --write",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ${key}''
|
||||
];
|
||||
|
||||
nix.settings.trusted-users = [ "nix" ];
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue