cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

darwin.builder: use port 31022 by default

Browse source
This commit is contained in:
Michael Hoang 2023-06-07 12:39:27 +10:00
parent f292b4964c
commit 285f5e858e
2 changed files with 15 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
doc/builders/special/darwin-builder.section.md
View file

@ -4,9 +4,6 @@
This requires macOS version 12.4 or later. This requires macOS version 12.4 or later.
This also requires that port 22 on your machine is free (since Nix does not
permit specifying a non-default SSH port for builders).
You will also need to be a trusted user for your Nix installation. In other You will also need to be a trusted user for your Nix installation. In other
words, your `/etc/nix/nix.conf` should have something like: words, your `/etc/nix/nix.conf` should have something like:
@ -50,12 +47,21 @@ To delegate builds to the remote builder, add the following options to your
``` ```
# - Replace ${ARCH} with either aarch64 or x86_64 to match your host machine # - Replace ${ARCH} with either aarch64 or x86_64 to match your host machine
# - Replace ${MAX_JOBS} with the maximum number of builds (pick 4 if you're not sure) # - Replace ${MAX_JOBS} with the maximum number of builds (pick 4 if you're not sure)
builders = ssh-ng://builder@localhost ${ARCH}-linux /etc/nix/builder_ed25519 ${MAX_JOBS} - - - c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUpCV2N4Yi9CbGFxdDFhdU90RStGOFFVV3JVb3RpQzVxQkorVXVFV2RWQ2Igcm9vdEBuaXhvcwo= builders = ssh-ng://builder@linux-builder ${ARCH}-linux /etc/nix/builder_ed25519 ${MAX_JOBS} - - - c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUpCV2N4Yi9CbGFxdDFhdU90RStGOFFVV3JVb3RpQzVxQkorVXVFV2RWQ2Igcm9vdEBuaXhvcwo=
# Not strictly necessary, but this will reduce your disk utilization # Not strictly necessary, but this will reduce your disk utilization
builders-use-substitutes = true builders-use-substitutes = true
``` ```
To allow Nix to connect to a builder not running on port 22, you will also need to create a new file at `/etc/ssh/ssh_config.d/100-linux-builder.conf`:
```
Host linux-builder
Hostname localhost
HostKeyAlias linux-builder
Port 31022
```
… and then restart your Nix daemon to apply the change: … and then restart your Nix daemon to apply the change:
```ShellSession ```ShellSession

10
nixos/modules/profiles/macos-builder.nix
View file

@ -1,4 +1,4 @@
{ config, lib, pkgs, ... }: { config, lib, ... }:
let let
keysDirectory = "/var/keys"; keysDirectory = "/var/keys";
@ -67,9 +67,9 @@ in
''; '';
}; };
hostPort = mkOption { hostPort = mkOption {
default = 22; default = 31022;
type = types.int; type = types.int;
example = 31022; example = 22;
description = '' description = ''
The localhost host port to forward TCP to the guest port. The localhost host port to forward TCP to the guest port.
''; '';
@ -139,13 +139,13 @@ in
hostPkgs = config.virtualisation.host.pkgs; hostPkgs = config.virtualisation.host.pkgs;
script = hostPkgs.writeShellScriptBin "create-builder" ( script = hostPkgs.writeShellScriptBin "create-builder" (
# When running as non-interactively as part of a DarwinConfiguration the working directory # When running as non-interactively as part of a DarwinConfiguration the working directory
# must be set to a writeable directory. # must be set to a writeable directory.
(if cfg.workingDirectory != "." then '' (if cfg.workingDirectory != "." then ''
${hostPkgs.coreutils}/bin/mkdir --parent "${cfg.workingDirectory}" ${hostPkgs.coreutils}/bin/mkdir --parent "${cfg.workingDirectory}"
cd "${cfg.workingDirectory}" cd "${cfg.workingDirectory}"
'' else "") + '' '' else "") + ''
KEYS="''${KEYS:-./keys}" KEYS="''${KEYS:-./keys}"
${hostPkgs.coreutils}/bin/mkdir --parent "''${KEYS}" ${hostPkgs.coreutils}/bin/mkdir --parent "''${KEYS}"
PRIVATE_KEY="''${KEYS}/${user}_${keyType}" PRIVATE_KEY="''${KEYS}/${user}_${keyType}"