profiles/hydra-build-machine: Migrate configuration to profile
This commit is contained in:
@@ -1,16 +0,0 @@
|
|||||||
{ ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
|
|
||||||
# Allow Hydra to fetch remote URLs in restricted mode
|
|
||||||
nix.settings.allowed-uris = "http: https: git+https: github:";
|
|
||||||
|
|
||||||
services.openssh.settings= {
|
|
||||||
PermitRootLogin = "yes";
|
|
||||||
};
|
|
||||||
|
|
||||||
users.extraUsers.root.openssh.authorizedKeys.keys = [
|
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMv8Lbca/CR4das3HJ2F/sQ9dA7kdGS1hSVTt5lX4diP root@hydra-1"
|
|
||||||
];
|
|
||||||
|
|
||||||
}
|
|
||||||
@@ -4,7 +4,6 @@
|
|||||||
imports =
|
imports =
|
||||||
[
|
[
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
../../configuration/hydra-build-machine
|
|
||||||
|
|
||||||
./build-machines.nix
|
./build-machines.nix
|
||||||
./hydra.nix
|
./hydra.nix
|
||||||
@@ -12,6 +11,7 @@
|
|||||||
];
|
];
|
||||||
|
|
||||||
profiles.clerie.mercury-vm.enable = true;
|
profiles.clerie.mercury-vm.enable = true;
|
||||||
|
profiles.clerie.hydra-build-machine.enable = true;
|
||||||
|
|
||||||
boot.loader.grub.enable = true;
|
boot.loader.grub.enable = true;
|
||||||
boot.loader.grub.device = "/dev/vda";
|
boot.loader.grub.device = "/dev/vda";
|
||||||
|
|||||||
@@ -4,10 +4,10 @@
|
|||||||
imports =
|
imports =
|
||||||
[
|
[
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
../../configuration/hydra-build-machine
|
|
||||||
];
|
];
|
||||||
|
|
||||||
profiles.clerie.cybercluster-vm.enable = true;
|
profiles.clerie.cybercluster-vm.enable = true;
|
||||||
|
profiles.clerie.hydra-build-machine.enable = true;
|
||||||
|
|
||||||
boot.loader.grub.enable = true;
|
boot.loader.grub.enable = true;
|
||||||
boot.loader.grub.device = "/dev/vda";
|
boot.loader.grub.device = "/dev/vda";
|
||||||
|
|||||||
@@ -11,6 +11,7 @@
|
|||||||
./fem-net
|
./fem-net
|
||||||
./firefox
|
./firefox
|
||||||
./hetzner-cloud
|
./hetzner-cloud
|
||||||
|
./hydra-build-machine
|
||||||
./mercury-vm
|
./mercury-vm
|
||||||
./netcup
|
./netcup
|
||||||
./network-fallback-dhcp
|
./network-fallback-dhcp
|
||||||
|
|||||||
26
profiles/hydra-build-machine/default.nix
Normal file
26
profiles/hydra-build-machine/default.nix
Normal file
@@ -0,0 +1,26 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
with lib;
|
||||||
|
|
||||||
|
{
|
||||||
|
|
||||||
|
options.profiles.clerie.hydra-build-machine = {
|
||||||
|
enable = mkEnableOption "Set defaults for hydra build machines";
|
||||||
|
};
|
||||||
|
|
||||||
|
config = mkIf config.profiles.clerie.hydra-build-machine.enable {
|
||||||
|
|
||||||
|
# Allow Hydra to fetch remote URLs in restricted mode
|
||||||
|
nix.settings.allowed-uris = "http: https: git+https: github:";
|
||||||
|
|
||||||
|
services.openssh.settings= {
|
||||||
|
PermitRootLogin = "yes";
|
||||||
|
};
|
||||||
|
|
||||||
|
users.extraUsers.root.openssh.authorizedKeys.keys = [
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMv8Lbca/CR4das3HJ2F/sQ9dA7kdGS1hSVTt5lX4diP root@hydra-1"
|
||||||
|
];
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user