fixup: .: enable using ci-hosts as substituters
parent
b422aac13b
commit
5403d98cda
|
@ -1,6 +1,8 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let gitea-runner-directory = "/var/lib/gitea-runner";
|
||||
let
|
||||
gitea-runner-directory = "/var/lib/gitea-runner";
|
||||
secrets = import ../secrets.nix;
|
||||
in {
|
||||
age.secrets.gitea-runner-token = {
|
||||
file = ../secrets/gitea-runner-token-${config.networking.hostName}.age;
|
||||
|
@ -45,9 +47,9 @@ in {
|
|||
|
||||
nix.sshServe = {
|
||||
enable = true;
|
||||
protocol = "ssh-ng";
|
||||
protocol = "ssh";
|
||||
keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILeC/Nr7STpYEZ50p7X+XrFdeaIfib60tt2QN4Kvxscr"
|
||||
];
|
||||
] ++ secrets.ar;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -16,7 +16,7 @@ in {
|
|||
buildOnTarget = true;
|
||||
};
|
||||
|
||||
age.secrets = { nix-store.file = ../secrets/nix-store.age; };
|
||||
age.secrets.nix-store.file = ../secrets/nix-store.age;
|
||||
|
||||
boot.binfmt.emulatedSystems =
|
||||
lib.lists.remove pkgs.system [ "x86_64-linux" "aarch64-linux" ];
|
||||
|
@ -58,11 +58,26 @@ in {
|
|||
'';
|
||||
settings = {
|
||||
trusted-users = [ "ar" ];
|
||||
trusted-substituters = (if config.networking.hostName != "scylla" then
|
||||
[ "ssh-ng://i.am-a.cat?ssh-key=${config.age.secrets.nix-store.path}" ]
|
||||
substituters = (if config.networking.hostName != "scylla" then
|
||||
[
|
||||
"ssh://nix-ssh@i.am-a.cat?ssh-key=${config.age.secrets.nix-store.path}"
|
||||
]
|
||||
else
|
||||
[ ]) ++ (if config.networking.hostName != "zorigami" then
|
||||
[ "ssh-ng://is-a.cat?ssh-key=${config.age.secrets.nix-store.path}" ]
|
||||
[
|
||||
"ssh://nix-ssh@is-a.cat?ssh-key=${config.age.secrets.nix-store.path}"
|
||||
]
|
||||
else
|
||||
[ ]);
|
||||
trusted-substituters = (if config.networking.hostName != "scylla" then
|
||||
[
|
||||
"ssh://nix-ssh@i.am-a.cat?ssh-key=${config.age.secrets.nix-store.path}"
|
||||
]
|
||||
else
|
||||
[ ]) ++ (if config.networking.hostName != "zorigami" then
|
||||
[
|
||||
"ssh://nix-ssh@is-a.cat?ssh-key=${config.age.secrets.nix-store.path}"
|
||||
]
|
||||
else
|
||||
[ ]);
|
||||
};
|
||||
|
|
Loading…
Reference in New Issue