distributed-build: move to modules/config/nix

Signed-off-by: unexplrd <unexplrd@linerds.us>

hosts/dunamis/misc/default.nix

@@ -1,6 +1,6 @@
 {
   imports = [
     # ./minecraft.nix
-    ./nix-ssh-serve.nix
+    # ./nix-ssh-serve.nix
   ];
 }

hosts/dunamis/misc/nix-ssh-serve.nix

@@ -1,15 +0,0 @@
-{config, ...}: {
-  nix = let
-    inherit (builtins) readFile;
-    inherit (config.users.users) user;
-  in {
-    sshServe = {
-      enable = true;
-      keys = map (f: readFile f) user.openssh.authorizedKeys.keyFiles;
-      # protocol = "ssh-ng";
-      trusted = true;
-      write = true;
-    };
-  };
-  security.pam.sshAgentAuth.enable = true;
-}

hosts/eldrid/misc/default.nix

@@ -1,5 +1,5 @@
 {
   imports = [
-    ./distributed-build.nix
+    # ./distributed-build.nix
   ];
 }

hosts/eldrid/misc/distributed-build.nix

@@ -1,30 +0,0 @@
-{
-  config,
-  inputs,
-  ...
-}: let
-  inherit (builtins) readFile;
-  inherit (config.networking) hostName;
-  inherit (config.sops) secrets;
-  inherit (inputs) mysecrets;
-  pubHost = readFile "${mysecrets}/ssh/ssh_host_ed25519_dunamis.base64";
-in {
-  nix = {
-    distributedBuilds = true;
-    buildMachines = [
-      {
-        hostName = "dunamis";
-        publicHostKey = pubHost;
-        sshKey = secrets."ssh-${hostName}-user".path;
-        sshUser = "nix-ssh";
-        supportedFeatures = [
-          "benchmark"
-          "big-parallel"
-          "kvm"
-          "nixos-test"
-        ];
-        system = "x86_64-linux";
-      }
-    ];
-  };
-}

hosts/legion/misc/default.nix

@@ -1,5 +1,5 @@
 {
   imports = [
-    ./distributed-build.nix
+    # ./distributed-build.nix
   ];
 }

hosts/legion/misc/distributed-build.nix

@@ -1,30 +0,0 @@
-{
-  config,
-  inputs,
-  ...
-}: let
-  inherit (builtins) readFile;
-  inherit (config.networking) hostName;
-  inherit (config.sops) secrets;
-  inherit (inputs) mysecrets;
-  pubHost = readFile "${mysecrets}/ssh/ssh_host_ed25519_dunamis.base64";
-in {
-  nix = {
-    distributedBuilds = true;
-    buildMachines = [
-      {
-        hostName = "dunamis";
-        publicHostKey = pubHost;
-        sshKey = secrets."ssh-${hostName}-user".path;
-        sshUser = "nix-ssh";
-        supportedFeatures = [
-          "benchmark"
-          "big-parallel"
-          "kvm"
-          "nixos-test"
-        ];
-        system = "x86_64-linux";
-      }
-    ];
-  };
-}

hosts/morphius/misc/default.nix

@@ -1,5 +1,5 @@
 {
   imports = [
-    ./distributed-build.nix
+    # ./distributed-build.nix
   ];
 }

hosts/morphius/misc/distributed-build.nix

@@ -1,31 +0,0 @@
-{
-  config,
-  inputs,
-  ...
-}: let
-  inherit (builtins) readFile;
-  inherit (config.networking) hostName;
-  inherit (config.sops) secrets;
-  inherit (inputs) mysecrets;
-  pubHost = readFile "${mysecrets}/ssh/ssh_host_ed25519_dunamis.base64";
-in {
-  nix = {
-    distributedBuilds = true;
-    buildMachines = [
-      {
-        hostName = "dunamis";
-        publicHostKey = pubHost;
-        sshKey = secrets."ssh-${hostName}-user".path;
-        sshUser = "nix-ssh";
-        supportedFeatures = [
-          "benchmark"
-          "big-parallel"
-          "kvm"
-          "nixos-test"
-          "uid-range"
-        ];
-        system = "x86_64-linux";
-      }
-    ];
-  };
-}

hosts/sarien/misc/default.nix

@@ -1,5 +1,5 @@
 {
   imports = [
-    ./distributed-build.nix
+    # ./distributed-build.nix
   ];
 }

hosts/sarien/misc/distributed-build.nix

@@ -1,30 +0,0 @@
-{
-  config,
-  inputs,
-  ...
-}: let
-  inherit (builtins) readFile;
-  inherit (config.networking) hostName;
-  inherit (config.sops) secrets;
-  inherit (inputs) mysecrets;
-  pubHost = readFile "${mysecrets}/ssh/ssh_host_ed25519_dunamis.base64";
-in {
-  nix = {
-    distributedBuilds = true;
-    buildMachines = [
-      {
-        hostName = "dunamis";
-        publicHostKey = pubHost;
-        sshKey = secrets."ssh-${hostName}-user".path;
-        sshUser = "nix-ssh";
-        supportedFeatures = [
-          "benchmark"
-          "big-parallel"
-          "kvm"
-          "nixos-test"
-        ];
-        system = "x86_64-linux";
-      }
-    ];
-  };
-}

modules/nixos/config/nix/default.nix

@@ -1,6 +1,7 @@
 {
   imports = [
     ./common.nix
+    ./distibuted-build.nix
     ./substituters.nix
   ];
 }

modules/nixos/config/nix/distibuted-build.nix

@@ -0,0 +1,47 @@
+{
+  config,
+  inputs,
+  lib,
+  ...
+}: let
+  isBuildHost = config.networking.hostName == "dunamis";
+in {
+  config = lib.mkMerge [
+    (lib.mkIf isBuildHost {
+      nix = let
+        inherit (builtins) readFile;
+        inherit (config.users.users) user;
+      in {
+        sshServe = {
+          enable = true;
+          keys = map (f: readFile f) user.openssh.authorizedKeys.keyFiles;
+          # protocol = "ssh-ng";
+          trusted = true;
+          write = true;
+        };
+      };
+      security.pam.sshAgentAuth.enable = true;
+    })
+    (lib.mkIf (!isBuildHost) {
+      nix = let
+        inherit (builtins) readFile;
+        inherit (config.networking) hostName;
+        inherit (config.sops) secrets;
+        inherit (inputs) mysecrets;
+        pubHost = readFile "${mysecrets}/ssh/ssh_host_ed25519_dunamis.base64";
+      in {
+        distributedBuilds = true;
+        buildMachines = [
+          {
+            hostName = "dunamis";
+            system = "x86_64-linux";
+            publicHostKey = pubHost;
+            sshKey = secrets."ssh-${hostName}-user".path;
+            sshUser = "nix-ssh";
+            supportedFeatures = ["benchmark" "big-parallel" "kvm" "nixos-test"];
+          }
+        ];
+      };
+    })
+  ];
+}