43 lines
951 B
Nix
43 lines
951 B
Nix
{ config, lib, ... }:
|
|
|
|
let
|
|
user_keys = user:
|
|
lib.optionals (builtins.hasAttr "bertof" config.users.users)
|
|
config.users.users.${user}.openssh.authorizedKeys.keys;
|
|
in
|
|
{
|
|
# nix.buildMachines
|
|
nix.distributedBuilds = true;
|
|
|
|
nix.sshServe = {
|
|
enable = true;
|
|
keys = user_keys "bertof";
|
|
write = true;
|
|
protocol = "ssh-ng";
|
|
};
|
|
|
|
services.nix-serve = {
|
|
enable = true;
|
|
openFirewall = true;
|
|
secretKeyFile = "/etc/nix/serve";
|
|
};
|
|
|
|
nix.settings = {
|
|
trusted-users = [ "root" "nix-ssh" "@wheel" ];
|
|
trusted-public-keys = [
|
|
"odin:ukZZy//P0nBAcy4ycX8eYCByRJFOfJRlfW4sYjP/rGE="
|
|
"loki:jVAH1bQugXdQ1w29lvVknyPqWwmAn7WhjKf7z4t+q7E="
|
|
];
|
|
substituters = [
|
|
# "https://192.168.0.10"
|
|
# "https://192.168.0.100"
|
|
# "ssh-ng://loki.local"
|
|
# "ssh-ng://odin.local"
|
|
# "ssh-ng://192.168.0.10"
|
|
# "ssh-ng://192.168.0.100"
|
|
];
|
|
# trusted-substituters = [
|
|
# ];
|
|
};
|
|
|
|
}
|