Marisa: add builder and misc changes

2021-07-21 20:17:32 +05:30
parent 66075be40a
commit 7dffa41ae2
5 changed files with 22 additions and 14 deletions
--- a/hosts/servers/marisa.nix
+++ b/hosts/servers/marisa.nix
@@ -7,13 +7,10 @@
    ./marisa/networking.nix
    ./marisa/hardware.nix
    ./marisa/boot.nix
- #   ./marisa/services.nix
-    ./marisa/cachix.nix
+    ./marisa/services.nix
+    ./marisa/builder.nix
    ../../configs/nvim.nix
  ];
-  environment.systemPackages = with pkgs; [
-    docker_compose
-  ];
-  virtualisation.docker.enable = true;
+  programs.gnupg.agent.enable = pkgs.lib.mkForce false;
  system.stateVersion = "21.05";
 }
--- a/hosts/servers/marisa/builder.nix
+++ b/hosts/servers/marisa/builder.nix
@@ -0,0 +1,14 @@
+{config, ...}:
+{
+  nix.buildMachines = [ {
+	 hostName = "Satori";
+	 system = "aarch64-linux";
+	 maxJobs = 4;
+	 speedFactor = 2;
+	 supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
+	}] ;
+	nix.distributedBuilds = true;
+	nix.extraOptions = ''
+		builders-use-substitutes = true
+	'';
+}
--- a/hosts/servers/marisa/networking.nix
+++ b/hosts/servers/marisa/networking.nix
@@ -3,7 +3,7 @@
  networking = {
    hostName = "Marisa";
    firewall = {
-      allowedTCPPorts = [ 22 80 6060 5001 8800 ];
+      allowedTCPPorts = [ 22 80 6060 5001 8800 8888 ];
      allowedUDPPorts = [ 17840 ];
    };
    wireless = {
@@ -22,7 +22,7 @@
    wireguard.interfaces.wg0 = {
      ips = [ "10.55.0.2/24" ];
      listenPort = 17840;
-      privateKeyFile = "/var/secrets/wg.key";
+      privateKeyFile = "/var/wg";
      peers = [
        {
          #Oracle VM1
--- a/hosts/servers/marisa/services.nix
+++ b/hosts/servers/marisa/services.nix
@@ -5,10 +5,6 @@
      enable = true;
      permitRootLogin = "yes";
    };
-    dovecot2 = {
-      enable = true;
-      enableImap = true;
-    };
    vault = {
      package = pkgs.vault-bin;
      enable = true;
@@ -42,7 +38,7 @@
        template = [
          {
            source = pkgs.writeText "gitea.tpl" ''
-              {{ with secret "kv/systems/Marisa" }}{{ .Data.data.gitea }}{{ end }}
+              {{ with secret "kv/systems/Marisa/gitea" }}{{ .Data.data.gitea }}{{ end }}
            '';
            destination = "/var/secrets/gitea.key";
          }
--- a/hosts/servers/pkgs.nix
+++ b/hosts/servers/pkgs.nix
@@ -6,7 +6,6 @@
    vim
    wireguard
    vault
-    tree-sitter
  ];
  programs = {
    zsh = {
@@ -29,7 +28,9 @@
    package = pkgs.nixUnstable;
    extraOptions = ''
      experimental-features = nix-command ca-references flakes
+      builders-use-substitutes = true
    '';
    trustedUsers = [ "root" ];
  };
+  documentation.enable = false;
 }