modules: added builders

hosts/doloro-laptop/nixos.nix

@@ -24,6 +24,7 @@ in
     stylix.enable = true;
     steam.enable = false;
     Hyprland.enable = true;
+    builder.use-remote-builders = true;
     wivrn.enable = false;
     fonts.enable = true;
   };
@@ -62,10 +63,12 @@ in
   };
   hardware.graphics = {
     enable = true;
+    # https://github.com/intel/libvpl?tab=readme-ov-file#dispatcher-behavior-when-targeting-intel-gpus
     extraPackages = with pkgs; [
-      intel-media-driver # VA-API (iHD) userspace
+      vpl-gpu-rt
+      # intel-media-driver # VA-API (iHD) userspace
       # vpl-gpu-rt # oneVPL (QSV) runtime
-      intel-compute-runtime # OpenCL (NEO) + Level Zero for Arc/Xe
+      # intel-compute-runtime # OpenCL (NEO) + Level Zero for Arc/Xe
     ];
   };
   services.openssh = {

hosts/doloro/nixos.nix

@@ -24,6 +24,7 @@ in
     steam.enable = true;
     Hyprland.enable = true;
     wivrn.enable = true;
+    remoteBuild.become-remote-builder = true;
     fonts.enable = true;
   };
 
@@ -43,10 +44,12 @@ in
       "https://nix-community.cachix.org"
       "https://cache.nixos.org/"
       "https://attic.scug.io/pkgs"
+      "https://cache.nixos-cuda.org"
     ];
     trusted-public-keys = [
       "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
       "pkgs:+sRbfiZMMX5R3PuAPtIRz/emowDoGZNpozibrnrAvuc="
+      "cache.nixos-cuda.org:74DUi4Ye579gUqzH4ziL9IyiJBlDpMRn9MBN8oNan9M="
     ];
     experimental-features = [
       "flakes"
@@ -83,7 +86,7 @@ in
   security.rtkit.enable = true;
 
   sops = {
-    age.keyFile = "/home/doloro/.config/sops/age/keys.txt";
+    # age.keyFile = "/etc/ssh/ssh_host_ed25519_key";
     defaultSopsFile = builtins.toPath "${nix-meow.flakeRoot}/secrets/users.yaml";
     secrets = {
       root-hashed_password = {

modules/builder/default.nix

@@ -0,0 +1,4 @@
+_: {
+  # home = ./home.nix;
+  nixos = ./nixos.nix;
+}

modules/builder/home.nix

@@ -0,0 +1,48 @@
+# {
+#   config,
+#   lib,
+#   pkgs,
+#   fetchFromGitHub,
+#   ...
+# }:
+# let
+#   cfg = config.modules.fish;
+# in
+# {
+#   options.modules.fish = {
+#     enable = lib.mkEnableOption "Fish";
+#   };
+#   config = lib.mkIf cfg.enable {
+#     home.shell.enableFishIntegration = true;
+#     programs = {
+#       fish = {
+#         enable = true;
+#         shellInit = ''
+#                               set -g theme_nerd_fonts yes
+#                               set -g theme_color_scheme nord
+#                               set -g theme_display_user yes
+#                     set -g fish_color_autosuggestion 6F6578
+#           					alias nik 'nix'
+#                     					'';
+#         plugins = [
+#           {
+#             name = "bobthefish";
+#             src = pkgs.fetchFromGitHub {
+#               owner = "oh-my-fish";
+#               repo = "theme-bobthefish";
+#               rev = "e3b4d4eafc23516e35f162686f08a42edf844e40";
+#               sha256 = "sha256-cXOYvdn74H4rkMWSC7G6bT4wa9d3/3vRnKed2ixRnuA=";
+#             };
+#           }
+#         ];
+#       };
+#       eza = {
+#         enable = true;
+#         enableFishIntegration = true;
+#         icons = "auto";
+#         git = true;
+#         extraOptions = [ ];
+#       };
+#     };
+#   };
+# }

modules/builder/nixos.nix

@@ -0,0 +1,55 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+let
+  cfg = config.modules.remoteBuild;
+in
+{
+  options.modules.remoteBuild = {
+    use-remote-builders = lib.mkEnableOption "remoteBuild";
+    become-remote-builder = lib.mkEnableOption "remoteBuild";
+  };
+  config =
+    lib.mkIf cfg.become-remote-builder {
+      users.users.remotebuild = {
+        isSystemUser = true;
+        group = "remotebuild";
+        useDefaultShell = true;
+
+        # ssh-keygen -f /root/.ssh/remotebuild
+        openssh.authorizedKeys.keyFiles = [ ./remotebuild.pub ];
+        openssh.authorizedKeys.keys = [
+          # Laptop
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE/4h+WCBBW82puv8SMdUbkWymF4amEMuZitgFztB6oZ doloroo@proton.me"
+        ];
+      };
+
+      users.groups.remotebuild = { };
+
+      nix.settings.trusted-users = [ "remotebuild" ];
+    }
+    // lib.mkIf cfg.use-remote-builders {
+      nix.distributedBuilds = true;
+      nix.settings.builders-use-substitutes = true;
+
+      # Define every build machine here..
+      nix.buildMachines = [
+        {
+          # Main desktop pc
+          # ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKqsFEgtcTDw89GaZJg8P/FE1xngIXmiUZl8j0b+V7n+ root@doloroo-main
+          hostName = "doloroo-main";
+          sshUser = "remotebuild";
+          sshKey = "/root/.ssh/remotebuild";
+          system = "x86_64-linux";
+          supportedFeatures = [
+            "nixos-test"
+            "big-parallel"
+            "kvm"
+          ];
+        }
+      ];
+    };
+}