From 0c58b2b87ab66eba0f80daf146182e26ca617537 Mon Sep 17 00:00:00 2001 From: chayleaf Date: Tue, 2 Jul 2024 23:05:56 +0700 Subject: [PATCH] nixmsi: add remote community builder --- flake.lock | 410 +++++++++++++++++++++++++++++++++++++++- flake.nix | 1 + system/hosts/nixmsi.nix | 11 ++ 3 files changed, 412 insertions(+), 10 deletions(-) diff --git a/flake.lock b/flake.lock index 6a8abc7..e6f5ca1 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,38 @@ { "nodes": { + "agenix": { + "inputs": { + "darwin": [ + "nix-community-infra", + "nix-darwin" + ], + "home-manager": [ + "nix-community-infra", + "empty" + ], + "nixpkgs": [ + "nix-community-infra", + "nixpkgs" + ], + "systems": [ + "nix-community-infra", + "systems" + ] + }, + "locked": { + "lastModified": 1718371084, + "narHash": "sha256-abpBi61mg0g+lFFU0zY4C6oP6fBwPzbHPKBGw676xsA=", + "owner": "ryantm", + "repo": "agenix", + "rev": "3a56735779db467538fb2e577eda28a9daacaca6", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, "blobs": { "flake": false, "locked": { @@ -16,6 +49,57 @@ "type": "gitlab" } }, + "buildbot-nix": { + "inputs": { + "flake-parts": [ + "nix-community-infra", + "flake-parts" + ], + "nixpkgs": [ + "nix-community-infra", + "nixpkgs" + ], + "treefmt-nix": [ + "nix-community-infra", + "treefmt-nix" + ] + }, + "locked": { + "lastModified": 1719797756, + "narHash": "sha256-TGZthxgxLdT8boadFm6+MK7HZlIxN1u1V+x3hu+Fd8I=", + "owner": "nix-community", + "repo": "buildbot-nix", + "rev": "0b56574a5c823097771487d1bac952c3549fe9fb", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "buildbot-nix", + "type": "github" + } + }, + "comin": { + "inputs": { + "nixpkgs": [ + "nix-community-infra", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1714766748, + "narHash": "sha256-//fP25eh1f9eA+0TEgWqusWjv9SuKh8rIF1ZJQNL1jo=", + "owner": "nlewo", + "repo": "comin", + "rev": "d3658c452024824235de2355ac3e156b10c3eaaf", + "type": "github" + }, + "original": { + "owner": "nlewo", + "repo": "comin", + "rev": "d3658c452024824235de2355ac3e156b10c3eaaf", + "type": "github" + } + }, "coop-fd": { "inputs": { "crane": "crane", @@ -59,6 +143,42 @@ "type": "github" } }, + "disko": { + "inputs": { + "nixpkgs": [ + "nix-community-infra", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1719733833, + "narHash": "sha256-6h2EqZU9bL9rHlXE+2LCBgnDImejzbS+4dYsNDDFlkY=", + "owner": "nix-community", + "repo": "disko", + "rev": "d185770ea261fb5cf81aa5ad1791b93a7834d12c", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "disko", + "type": "github" + } + }, + "empty": { + "locked": { + "lastModified": 1708697125, + "narHash": "sha256-JeMK8G1oabQTSpqXhYaYtPRak4m6z1xxyRKf8CvHy14=", + "owner": "nix-systems", + "repo": "empty", + "rev": "23d743284b73ae69caf0cb7874edf05c0c631a1f", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "empty", + "type": "github" + } + }, "flake-compat": { "flake": false, "locked": { @@ -92,6 +212,21 @@ } }, "flake-compat_3": { + "locked": { + "lastModified": 1717312683, + "narHash": "sha256-FrlieJH50AuvagamEvWMIE6D2OAnERuDboFDYAED/dE=", + "owner": "nix-community", + "repo": "flake-compat", + "rev": "38fd3954cf65ce6faf3d0d45cd26059e059f07ea", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_4": { "flake": false, "locked": { "lastModified": 1696426674, @@ -108,6 +243,27 @@ } }, "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "nix-community-infra", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1719745305, + "narHash": "sha256-xwgjVUpqSviudEkpQnioeez1Uo2wzrsMaJKJClh+Bls=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "c3c5ecc05edc7dafba779c6c1a61cd08ac6583e9", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_2": { "inputs": { "nixpkgs-lib": "nixpkgs-lib" }, @@ -127,7 +283,7 @@ }, "flake-utils": { "inputs": { - "systems": "systems_2" + "systems": "systems_3" }, "locked": { "lastModified": 1705309234, @@ -196,9 +352,63 @@ "type": "github" } }, + "nix-community-infra": { + "inputs": { + "agenix": "agenix", + "buildbot-nix": "buildbot-nix", + "comin": "comin", + "disko": "disko", + "empty": "empty", + "flake-compat": "flake-compat_3", + "flake-parts": "flake-parts", + "nix-darwin": "nix-darwin", + "nixpkgs": "nixpkgs", + "nixpkgs-update": "nixpkgs-update", + "nixpkgs-update-github-releases": "nixpkgs-update-github-releases", + "nur-update": "nur-update", + "sops-nix": "sops-nix", + "srvos": "srvos", + "systems": "systems", + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1719876004, + "narHash": "sha256-YIGAUeEVgJ/Qpn+YUoyR9HjV6j01W+5vOKRYpqsx+gw=", + "owner": "nix-community", + "repo": "infra", + "rev": "766a23a468858d2413f12bec828860158abaadf1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "infra", + "type": "github" + } + }, + "nix-darwin": { + "inputs": { + "nixpkgs": [ + "nix-community-infra", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1719128254, + "narHash": "sha256-I7jMpq0CAOZA/i70+HDQO/ulLttyQu/K70cSESiMX7A=", + "owner": "LnL7", + "repo": "nix-darwin", + "rev": "50581970f37f06a4719001735828519925ef8310", + "type": "github" + }, + "original": { + "owner": "LnL7", + "repo": "nix-darwin", + "type": "github" + } + }, "nix-gaming": { "inputs": { - "flake-parts": "flake-parts", + "flake-parts": "flake-parts_2", "nixpkgs": [ "nixpkgs" ] @@ -255,7 +465,7 @@ "nixos-mailserver": { "inputs": { "blobs": "blobs", - "flake-compat": "flake-compat_3", + "flake-compat": "flake-compat_4", "nixpkgs": [ "nixpkgs" ], @@ -297,15 +507,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1717922286, - "narHash": "sha256-RsV7rNWYceglPDVgVukwYfoYK2fuAgyvyvSE/Gyah+Y=", - "owner": "chayleaf", + "lastModified": 1719824438, + "narHash": "sha256-pY0wosAgcr9W4vmGML0T3BVhQiGuKoozCbs2t+Je1zc=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "47c40a60d0952cd6b86c171898870142b0747602", + "rev": "7f993cdf26ccef564eabf31fdb40d140821e12bc", "type": "github" }, "original": { - "owner": "chayleaf", + "owner": "NixOS", + "ref": "nixos-unstable-small", "repo": "nixpkgs", "type": "github" } @@ -338,6 +549,81 @@ "url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz" } }, + "nixpkgs-update": { + "inputs": { + "mmdoc": [ + "nix-community-infra", + "empty" + ], + "nixpkgs": "nixpkgs_2", + "runtimeDeps": [ + "nix-community-infra", + "nixpkgs" + ], + "treefmt-nix": [ + "nix-community-infra", + "treefmt-nix" + ] + }, + "locked": { + "lastModified": 1719362107, + "narHash": "sha256-Vrd+Y3odIIXjlUwSDOjyrhf6V4svB5njtGH9i0NJIxc=", + "owner": "nix-community", + "repo": "nixpkgs-update", + "rev": "d49fec1752e0bcb69f156a86ba5b93e14aaca2c3", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs-update", + "type": "github" + } + }, + "nixpkgs-update-github-releases": { + "flake": false, + "locked": { + "lastModified": 1713252683, + "narHash": "sha256-/hWsx6qCMHIRgdGkEIHaI40eVUg5gQGxpfp6GG7moSU=", + "owner": "nix-community", + "repo": "nixpkgs-update-github-releases", + "rev": "e1a72b5848a3a08168917dee85a6b4b64eca6b24", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs-update-github-releases", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1672428209, + "narHash": "sha256-eejhqkDz2cb2vc5VeaWphJz8UXNuoNoM8/Op8eWv2tQ=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "293a28df6d7ff3dec1e61e37cc4ee6e6c0fb0847", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1717922286, + "narHash": "sha256-RsV7rNWYceglPDVgVukwYfoYK2fuAgyvyvSE/Gyah+Y=", + "owner": "chayleaf", + "repo": "nixpkgs", + "rev": "47c40a60d0952cd6b86c171898870142b0747602", + "type": "github" + }, + "original": { + "owner": "chayleaf", + "repo": "nixpkgs", + "type": "github" + } + }, "notlua": { "inputs": { "nixpkgs": [ @@ -393,6 +679,27 @@ "type": "github" } }, + "nur-update": { + "inputs": { + "nixpkgs": [ + "nix-community-infra", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1716222588, + "narHash": "sha256-gbyIIHsJpk3V8tnsGP8RZpgc0NM/R9QT4zk4SObRDas=", + "owner": "nix-community", + "repo": "nur-update", + "rev": "a54c4c1b0ec643ff36b3c9deecb5fefce57dcabc", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nur-update", + "type": "github" + } + }, "root": { "inputs": { "coop-fd": "coop-fd", @@ -400,12 +707,13 @@ "home-manager": "home-manager", "impermanence": "impermanence", "mobile-nixos": "mobile-nixos", + "nix-community-infra": "nix-community-infra", "nix-gaming": "nix-gaming", "nix-index-database": "nix-index-database", "nixos-hardware": "nixos-hardware", "nixos-mailserver": "nixos-mailserver", "nixos-router": "nixos-router", - "nixpkgs": "nixpkgs", + "nixpkgs": "nixpkgs_3", "nixpkgs-kernel": "nixpkgs-kernel", "notlua": "notlua", "notnft": "notnft", @@ -434,6 +742,52 @@ "type": "github" } }, + "sops-nix": { + "inputs": { + "nixpkgs": [ + "nix-community-infra", + "nixpkgs" + ], + "nixpkgs-stable": [ + "nix-community-infra", + "empty" + ] + }, + "locked": { + "lastModified": 1719716556, + "narHash": "sha256-KA9gy2Wkv76s4A8eLnOcdKVTygewbw3xsB8+awNMyqs=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "b5974d4331fb6c893e808977a2e1a6d34b3162d6", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, + "srvos": { + "inputs": { + "nixpkgs": [ + "nix-community-infra", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1719835186, + "narHash": "sha256-o0FB8SQVLOnbsYTk2Bt6gXwsfqEv4ZHsGP50/kM/gR0=", + "owner": "nix-community", + "repo": "srvos", + "rev": "14b3b0aa48fa291f1be26ab8948d5b9eadaed0b8", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "srvos", + "type": "github" + } + }, "systems": { "locked": { "lastModified": 1681028828, @@ -464,9 +818,45 @@ "type": "github" } }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "nix-community-infra", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1719749022, + "narHash": "sha256-ddPKHcqaKCIFSFc/cvxS14goUhCOAwsM1PbMr0ZtHMg=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "8df5ff62195d4e67e2264df0b7f5e8c9995fd0bd", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, "utils": { "inputs": { - "systems": "systems" + "systems": "systems_2" }, "locked": { "lastModified": 1709126324, diff --git a/flake.nix b/flake.nix index 4a079a3..0829736 100644 --- a/flake.nix +++ b/flake.nix @@ -4,6 +4,7 @@ inputs = { #nixpkgs.url = "github:NixOS/nixpkgs/3dc2b4f8166f744c3b3e9ff8224e7c5d74a5424f"; # nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + nix-community-infra.url = "github:nix-community/infra"; nixpkgs-kernel.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs.url = "github:chayleaf/nixpkgs"; nixos-hardware.url = "github:NixOS/nixos-hardware"; diff --git a/system/hosts/nixmsi.nix b/system/hosts/nixmsi.nix index 971e560..1c6c2ff 100644 --- a/system/hosts/nixmsi.nix +++ b/system/hosts/nixmsi.nix @@ -167,6 +167,17 @@ "nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA=" ]; }; + nix.buildMachines = [ + { + hostName = "darwin-build-box.nix-community.org"; + protocol = "ssh-ng"; + systems = [ "aarch64-darwin" "x86_64-darwin" ]; + supportedFeatures = inputs.nix-community-infra.darwinConfigurations.darwin01.config.nix.settings.system-features; + sshKey = "/secrets/community-builder-key"; + sshUser = "chayleaf"; + publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUZ6OEZYU1ZFZGY4RnZETWZib3hoQjVWalNlN3kyV2dTYTA5cTFMNHQwOTkgCg=="; + } + ]; services.udev.packages = [ pkgs.android-udev-rules ];