Give devices access to desktop as nix builder
This commit is contained in:
parent
37e7b04eee
commit
343bf1529c
38
flake.lock
38
flake.lock
|
@ -58,11 +58,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1686226982,
|
||||
"narHash": "sha256-nLuiPoeiVfqqzeq9rmXxpybh77VS37dsY/k8N2LoxVg=",
|
||||
"lastModified": 1686412476,
|
||||
"narHash": "sha256-inl9SVk6o5h75XKC79qrDCAobTD1Jxh6kVYTZKHzewA=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "a64b73e07d4aa65cfcbda29ecf78eaf9e72e44bd",
|
||||
"rev": "21951114383770f96ae528d0ae68824557768e81",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -74,11 +74,11 @@
|
|||
},
|
||||
"nixpkgs-stable": {
|
||||
"locked": {
|
||||
"lastModified": 1685758009,
|
||||
"narHash": "sha256-IT4Z5WGhafrq+xbDTyuKrRPRQ1f+kVOtE+4JU1CHFeo=",
|
||||
"lastModified": 1686392259,
|
||||
"narHash": "sha256-hqSS9hKhWldIZr1bBp9xKhIznnGPICGKzuehd2LH0UA=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "eaf03591711b46d21abc7082a8ebee4681f9dbeb",
|
||||
"rev": "ef24b2fa0c5f290a35064b847bc211f25cb85c88",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -90,11 +90,11 @@
|
|||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1686237827,
|
||||
"narHash": "sha256-fAZB+Zkcmc+qlauiFnIH9+2qgwM0NO/ru5pWEw3tDow=",
|
||||
"lastModified": 1686331006,
|
||||
"narHash": "sha256-hElRDWUNG655aqF0awu+h5cmDN+I/dQcChRt2tGuGGU=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "81ed90058a851eb73be835c770e062c6938c8a9e",
|
||||
"rev": "85bcb95aa83be667e562e781e9d186c57a07d757",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -120,11 +120,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1686341580,
|
||||
"narHash": "sha256-JumpdYiL/ssIPArxY+3KI1Fyi1C9ggJEYdF34/DTEts=",
|
||||
"lastModified": 1686449378,
|
||||
"narHash": "sha256-zPHl5NNhydRKiGhFl9oJ7BJqd7DfPYApE83QQsV9avE=",
|
||||
"owner": "asonix",
|
||||
"repo": "nixos-rockchip",
|
||||
"rev": "7ebd16810ab4ba77c3ffab09db50a980e3dee9a3",
|
||||
"rev": "55f848fc3e6f661bc596a639626a45360fb53a8f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -151,11 +151,11 @@
|
|||
"rockchip": "rockchip"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1686342717,
|
||||
"narHash": "sha256-aPhcv5ZQ3LuTMvRF7snPX7ev5nuHuv42ucs9QD6Pqt4=",
|
||||
"lastModified": 1686450523,
|
||||
"narHash": "sha256-rG6fgWifjGoMbpntqFDXwLs/+/2eoKaUPI9i9WNdOT8=",
|
||||
"ref": "asonix/nabam-sd-image",
|
||||
"rev": "5e2fd84b853a91adeb3163f805ab56d56f856b10",
|
||||
"revCount": 45,
|
||||
"rev": "d544a81345757d64f4c6c0efc3a77ebe249c9f40",
|
||||
"revCount": 46,
|
||||
"type": "git",
|
||||
"url": "https://git.asonix.dog/asonix/sd-images"
|
||||
},
|
||||
|
@ -173,11 +173,11 @@
|
|||
"nixpkgs-stable": "nixpkgs-stable"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1685848844,
|
||||
"narHash": "sha256-Iury+/SVbAwLES76QJSiKFiQDzmf/8Hsq8j54WF2qyw=",
|
||||
"lastModified": 1686453485,
|
||||
"narHash": "sha256-75iPAcS6xuw4SNfqLmFCi9wWG1JmDNKaC8l3WJUkmDk=",
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"rev": "a522e12ee35e50fa7d902a164a9796e420e6e75b",
|
||||
"rev": "cb85e297937af1bd1434cf5f85a3f86a21dc8207",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
@ -1,8 +1,20 @@
|
|||
{ config, ... }:
|
||||
|
||||
{
|
||||
services.openssh.settings.PasswordAuthentication = false;
|
||||
|
||||
sops = {
|
||||
age.keyFile = "/home/asonix/.config/sops/age/keys.txt";
|
||||
age.generateKey = true;
|
||||
|
||||
secrets.builderKey = {
|
||||
format = "binary";
|
||||
sopsFile = ../../secrets/builderKey.bin;
|
||||
};
|
||||
};
|
||||
|
||||
nix.extraOptions = ''
|
||||
builders = ssh://builder@192.168.5.10?ssh-key=${config.sops.secrets.builderKey.path}
|
||||
builders-use-substitutes = false
|
||||
'';
|
||||
}
|
||||
|
|
24
secrets/builderKey.bin
Normal file
24
secrets/builderKey.bin
Normal file
|
@ -0,0 +1,24 @@
|
|||
{
|
||||
"data": "ENC[AES256_GCM,data:KPc+VYXjcmubD9E8aQrP+efbERODF3U2SVP/O8sA57OIdBnfIsImnTkdYt50x8IlT1gt+luSNZ+fLVs4jjxuKPtoMs+t7LTRP0TJQDkYKVrwEyqxkKUE5e1jXtjPSLI8mMgBJipQy4rkONvCjSd58OdeV9EVFIBbxrS6EjmFRvTHxLf5vR08A0M0ACfwzStVZGi22gOpr98oYomoFbR7k4AlhR/RIvq7glwjg4OZRqRsbKFKIs9+qxnkIJN8TmwmLUfjzwxvHtIFM9/UXzLc27plmZeuhGdUvqPVxPz++otC0A/v9YpZGer6AM5TQbotCHVgaQ1jFATjTvbpu0O+iaeGVeC8qvDWnKTOMIOS+gC40lNyU+5u+dJ0WngpjJcXDwAuXJ62qewtiOhnFjKkXudwQk3G7BBe9skEX1ga6VUJQa3He6nAvt/0xsPtl2rdlVHMwztjgt9T6Tt+mCwvz94jTXj0DHequSwMybDX9Lr/LOELa7qJ0w9pVwo3Imy9LznUXGFrKKSbingFtL3/jSbY0Vfovqi1W2Hv,iv:X7nVHg0cm84MNBeFhmPNLsp9pEoGcw/0cZojFnfQn6U=,tag:21iM7c5kGhf3l7nX8SKkaQ==,type:str]",
|
||||
"sops": {
|
||||
"kms": null,
|
||||
"gcp_kms": null,
|
||||
"azure_kv": null,
|
||||
"hc_vault": null,
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age17yhtwnhqjssghc5qqamt0fqdu27zpqms8d8ghrc0txeevywfp3ssklfy57",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLVzZzdlIyNitENUxUaCtE\nbUhxOXFrQXNCQkdjTzZwNHo4MzNPbUI1WGdNCjBuSHE5b0Vvb2d0SFRXRnQ3Ums3\nOHNyK2VuUGRpak1URVVsdGtYQm41RXcKLS0tIEI2TksyWCs1V1RQeCtaczhmenNp\nV09nL1VudDN1ZnJMWmhXY0JiYVIvZmcKZ7CvSrWhXZIUo/fB5S0UR37OVMp9W/BS\ngzrBAvL/a7y3NPafovjsJh4rrd6DkvO4xSy5q341y+3rTnL+POSheQ==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age145uwrexj6ffaaxy7jg3j29gtchhwy0y0nttw06zeuxkqsy8rnpds7fh7xq",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaK0xLVkNyelRwSWRKdG1U\nWjdCNUhaekZHYVJ2WDJlTkhuMThWYU5POFFVCktHaVF5MXByamNwREhIVmN0eEJp\nYzR5TjBuR0Vxbld6WkZKVEhKT3NmYkEKLS0tIDdvVHRJNndFTDlWbGYxeVQraENI\nd1pNME9HYkhoakdFWGJtTldBY2tLdEUKlcBcaMNBVtsdi6xCEtprC2U5hkJ3iOps\n7ZCx9orSKxqSck0BSVEj6W1YWB2qVC6aWhU77EphgTudMnM7iLK+zA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2023-06-12T16:34:05Z",
|
||||
"mac": "ENC[AES256_GCM,data:n+qaQaqHp76hGsY1iI7RjwLPFqQHdc7iGqPwv8S58pXd2AFmJJqg8g+34Qh5VGPid4+A8MKXIqCFuXqUjzcFmum1oQp+m8uDLa8NwAI5UBXhGNoxA7VwSdlDPEJxzLaJuA+pvlZYHFMQnFnIQmUDyQwMy9LW8O97MiHKcWleKGk=,iv:x3diVVnx/hMbe4PFF8tOlyauEDmVB7unyRR4sDET2+M=,tag:vRp25j0XVU38DydlqAy3cw==,type:str]",
|
||||
"pgp": null,
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.7.3"
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue