diff --git a/modules/nixos/nix/default.nix b/modules/nixos/nix/default.nix index c2df8d3..5b39adb 100644 --- a/modules/nixos/nix/default.nix +++ b/modules/nixos/nix/default.nix @@ -45,6 +45,10 @@ in nixfmt-rfc-style nix-prefetch-git nix-du + + nix-weather + nix-index + nix-output-monitor ]; nix = diff --git a/modules/nixos/submodules/basics/default.nix b/modules/nixos/submodules/basics/default.nix index 164a613..57a32f8 100644 --- a/modules/nixos/submodules/basics/default.nix +++ b/modules/nixos/submodules/basics/default.nix @@ -36,6 +36,9 @@ in nix = { enable = true; extra-substituters = { + "https://cache.lix.systems" = { + key = "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="; + }; "https://nix-community.cachix.org" = { key = "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="; }; diff --git a/systems/aarch64-linux/nixberry/default.nix b/systems/aarch64-linux/nixberry/default.nix index ecac6b6..10f37ef 100644 --- a/systems/aarch64-linux/nixberry/default.nix +++ b/systems/aarch64-linux/nixberry/default.nix @@ -3,7 +3,6 @@ lib, modulesPath, namespace, - pkgs, ... }: @@ -17,8 +16,63 @@ in raspberry-pi-5 ]; - raspberry-pi-nix.board = "bcm2711"; + users.users.remotebuild = { + isNormalUser = true; + createHome = false; + group = "remotebuild"; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJYZjG+XPNoVHVdCel5MK4mwvtoFCqDY1WMI1yoU71Rd root@yggdrasil" + ]; + }; + + users.groups.remotebuild = { }; + + nix = { + nrBuildUsers = 64; + settings = { + trusted-users = [ "remotebuild" ]; + + min-free = 10 * 1024 * 1024; + max-free = 200 * 1024 * 1024; + + max-jobs = "auto"; + cores = 0; + }; + }; + + systemd.services.nix-daemon.serviceConfig = { + MemoryAccounting = true; + MemoryMax = "90%"; + OOMScoreAdjust = 500; + }; + + networking = { + interfaces.wlan0 = { + ipv4.addresses = [ + { + address = "192.168.178.2"; + prefixLength = 24; + } + ]; + }; + defaultGateway = { + address = "192.168.178.1"; + interface = "wlan0"; + }; + + wireless = { + enable = true; + networks = { + "Slow Internet" = { + pskRaw = "521b6d766b27276c29c7b6bec5b495b1c52bf88b0682277e65b37dc649b630de"; + }; + }; + }; + }; + + # Pi specific stuff + raspberry-pi-nix.board = "bcm2712"; hardware = { raspberry-pi = { config = { @@ -53,19 +107,14 @@ in }; ${namespace} = { - submodules = { - basics = enabled; - }; - - apps.cli-apps.helix = { - pkg = pkgs.helix; - }; + submodules.basics = enabled; system = { - boot = { - # Raspberry Pi requires a specific bootloader. - enable = mkForce false; - }; + # cachemiss for webkit gtk + hardware.networking.enable = mkForce false; + + # rasberry pi uses alternative boot settings + boot.enable = mkForce false; }; user.trustedPublicKeys = [ diff --git a/systems/x86_64-linux/yggdrasil/default.nix b/systems/x86_64-linux/yggdrasil/default.nix index 7df70a0..cf56fec 100644 --- a/systems/x86_64-linux/yggdrasil/default.nix +++ b/systems/x86_64-linux/yggdrasil/default.nix @@ -33,9 +33,11 @@ in }; nix = { + distributedBuilds = true; + settings.builders-use-substitutes = true; buildMachines = [ { - hostName = "pi"; + hostName = "nixberry"; sshUser = "remotebuild"; sshKey = "/root/.ssh/remotebuild"; systems = [ "aarch64-linux" ]; @@ -44,18 +46,10 @@ in supportedFeatures = [ "nixos-test" "big-parallel" + "kvm" ]; } ]; - - distributedBuilds = true; - settings = { - trusted-users = [ - "@wheel" - "remotebuild" - ]; - trusted-public-keys = [ "nixberry:25s8/rxsolAXg4skjnecCeqcfkxYE9FGCPG5UcXsFlw=" ]; - }; }; ${namespace} = {