From d937151609bcc91d68a514969560479c5f364144 Mon Sep 17 00:00:00 2001 From: Adrien 'neox' Bourmault Date: Sun, 15 Dec 2024 18:41:44 +0100 Subject: [PATCH] add support for offloading --- .gitignore | 52 ++++++++++++++++++++++++++++++++++++ config.scm | 25 ++++++++++++++++- guix/n-guix-fix.pub | 4 +++ guix/signing-key.pub | 6 +++++ ssh/ssh_neox_ed25519_key.pub | 1 + 5 files changed, 87 insertions(+), 1 deletion(-) create mode 100644 .gitignore create mode 100644 guix/n-guix-fix.pub create mode 100644 guix/signing-key.pub create mode 100644 ssh/ssh_neox_ed25519_key.pub diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e4a9886 --- /dev/null +++ b/.gitignore @@ -0,0 +1,52 @@ +.pwd.lock +NetworkManager/ +asound.conf +bashrc +cups/ +dbus-1 +environment +fstab +group +hostname +hosts +issue +libvirt/ +localtime +login.defs +lvm/ +machine-id +mtab +nonguix-key.pub +nsswitch.conf +os-release +pam.d +passwd +polkit-1 +printcap +profile +profile.d/ +protocols +pulse +resolv.conf +resolv.conf.bak +rottlog +rpc +security +services +shadow +shells +skel +ssl +static +sudoers +sysconfig/ +syslog.conf +timezone +udev +*.sec +ssh/ssh_host_*_key +ssh/authorized_keys.d/ +guix/acl* +guix/machines.scm +bluetooth +shadow* diff --git a/config.scm b/config.scm index d5d2264..d454851 100644 --- a/config.scm +++ b/config.scm @@ -64,6 +64,7 @@ (srfi srfi-1)) (use-service-modules + authentication cups desktop guix @@ -517,7 +518,7 @@ fi")) "adb" "alsa-plugins" "alsa-utils" - "ardour" + ;"ardour" "audacity" "beep" "bind:utils" @@ -588,6 +589,7 @@ fi")) "iptables" "jack" "jp2a" + "jq" "kcachegrind" "kgraphviewer" "librecad" @@ -718,9 +720,14 @@ fi")) ;; Service de gestion des clés de chiffrement physique (service pcscd-service-type) + ;; Service lecteur d'empreinte + ;(service fprintd-service-type) + ;; Service OpenSSH (service openssh-service-type (openssh-configuration + (authorized-keys + `(("neox" ,(local-file "/etc/ssh/ssh_neox_ed25519_key.pub")))) (x11-forwarding? #t) (password-authentication? #f) (permit-root-login 'prohibit-password))) @@ -780,6 +787,22 @@ fi")) ;; Configuration du garbage collector (guix-service-type config => (guix-configuration (inherit config) + (build-machines + (list + #~(build-machine + (name "10.42.0.1") + (system "x86_64-linux") + (host-key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPyGPO723z8cE1PHKTbxqQUMalvmYrXeF88hwoS/SuRI root@n-guix-fix") + (user "offload") + (private-key "/etc/ssh/ssh_host_ed25519_key") + (parallel-builds 8) + (speed 16.0)))) + (authorize-key? #t) + (authorized-keys + (append + (list + (local-file "/etc/guix/n-guix-fix.pub")) + %default-authorized-guix-keys)) (extra-options '("--gc-keep-derivations=yes" "--gc-keep-output=yes")))) diff --git a/guix/n-guix-fix.pub b/guix/n-guix-fix.pub new file mode 100644 index 0000000..9c00fff --- /dev/null +++ b/guix/n-guix-fix.pub @@ -0,0 +1,4 @@ +(public-key + (ecc + (curve Ed25519) + (q #8E46170F0B43CC3C0AD67F162CB1707246D18F322C3EA040898FBB15F2A18963#))) diff --git a/guix/signing-key.pub b/guix/signing-key.pub new file mode 100644 index 0000000..f0dbd4f --- /dev/null +++ b/guix/signing-key.pub @@ -0,0 +1,6 @@ +(public-key + (ecc + (curve Ed25519) + (q #7F8EB1AE40F138A9DF5F61C57CC4E33F4F1E42244CE71D855806CDE06113A245#) + ) + ) diff --git a/ssh/ssh_neox_ed25519_key.pub b/ssh/ssh_neox_ed25519_key.pub new file mode 100644 index 0000000..25e29c6 --- /dev/null +++ b/ssh/ssh_neox_ed25519_key.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDZQd7U/DRPK5/qk35dzeG5dpnS/0FesbRrgZTSMHEsv openpgp:0x18D3885F