add support for offloading

2024-12-15 18:41:44 +01:00 · 2024-12-15 18:41:44 +01:00 · d937151609
parent 18de9f83c1
commit d937151609
5 changed files with 87 additions and 1 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,52 @@
+.pwd.lock
+NetworkManager/
+asound.conf
+bashrc
+cups/
+dbus-1
+environment
+fstab
+group
+hostname
+hosts
+issue
+libvirt/
+localtime
+login.defs
+lvm/
+machine-id
+mtab
+nonguix-key.pub
+nsswitch.conf
+os-release
+pam.d
+passwd
+polkit-1
+printcap
+profile
+profile.d/
+protocols
+pulse
+resolv.conf
+resolv.conf.bak
+rottlog
+rpc
+security
+services
+shadow
+shells
+skel
+ssl
+static
+sudoers
+sysconfig/
+syslog.conf
+timezone
+udev
+*.sec
+ssh/ssh_host_*_key
+ssh/authorized_keys.d/
+guix/acl*
+guix/machines.scm
+bluetooth
+shadow*
--- a/config.scm
+++ b/config.scm
@ -64,6 +64,7 @@
  (srfi srfi-1))

 (use-service-modules
+  authentication
  cups
  desktop
  guix
@ -517,7 +518,7 @@ fi"))
          "adb"
          "alsa-plugins"
          "alsa-utils"
-          "ardour"
+          ;"ardour"
          "audacity"
          "beep"
          "bind:utils"
@ -588,6 +589,7 @@ fi"))
          "iptables"
          "jack"
          "jp2a"
+          "jq"
          "kcachegrind"
          "kgraphviewer"
          "librecad"
@ -718,9 +720,14 @@ fi"))
          ;; Service de gestion des clés de chiffrement physique
          (service pcscd-service-type)

+          ;; Service lecteur d'empreinte
+          ;(service fprintd-service-type)
+
          ;; Service OpenSSH
          (service openssh-service-type
            (openssh-configuration
+              (authorized-keys
+                `(("neox" ,(local-file "/etc/ssh/ssh_neox_ed25519_key.pub"))))
               (x11-forwarding? #t)
               (password-authentication? #f)
               (permit-root-login 'prohibit-password)))
@ -780,6 +787,22 @@ fi"))
        ;; Configuration du garbage collector
        (guix-service-type config => (guix-configuration
          (inherit config)
+          (build-machines
+            (list
+              #~(build-machine
+                  (name "10.42.0.1")
+                  (system "x86_64-linux")
+                  (host-key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPyGPO723z8cE1PHKTbxqQUMalvmYrXeF88hwoS/SuRI root@n-guix-fix")
+                  (user "offload")
+                  (private-key "/etc/ssh/ssh_host_ed25519_key")
+                  (parallel-builds 8)
+                  (speed 16.0))))
+          (authorize-key? #t)
+          (authorized-keys
+            (append
+              (list
+                (local-file "/etc/guix/n-guix-fix.pub"))
+              %default-authorized-guix-keys)) 
          (extra-options '("--gc-keep-derivations=yes" "--gc-keep-output=yes"))))


--- a/guix/n-guix-fix.pub
+++ b/guix/n-guix-fix.pub
@ -0,0 +1,4 @@
+(public-key 
+  (ecc 
+    (curve Ed25519)
+    (q #8E46170F0B43CC3C0AD67F162CB1707246D18F322C3EA040898FBB15F2A18963#)))
--- a/guix/signing-key.pub
+++ b/guix/signing-key.pub
@ -0,0 +1,6 @@
+(public-key 
+ (ecc 
+  (curve Ed25519)
+  (q #7F8EB1AE40F138A9DF5F61C57CC4E33F4F1E42244CE71D855806CDE06113A245#)
+  )
+ )
--- a/ssh/ssh_neox_ed25519_key.pub
+++ b/ssh/ssh_neox_ed25519_key.pub
@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDZQd7U/DRPK5/qk35dzeG5dpnS/0FesbRrgZTSMHEsv openpgp:0x18D3885F
				`@ -0,0 +1 @@`
				`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDZQd7U/DRPK5/qk35dzeG5dpnS/0FesbRrgZTSMHEsv openpgp:0x18D3885F`