add support for offloading

.gitignore

@@ -0,0 +1,52 @@
+.pwd.lock
+NetworkManager/
+asound.conf
+bashrc
+cups/
+dbus-1
+environment
+fstab
+group
+hostname
+hosts
+issue
+libvirt/
+localtime
+login.defs
+lvm/
+machine-id
+mtab
+nonguix-key.pub
+nsswitch.conf
+os-release
+pam.d
+passwd
+polkit-1
+printcap
+profile
+profile.d/
+protocols
+pulse
+resolv.conf
+resolv.conf.bak
+rottlog
+rpc
+security
+services
+shadow
+shells
+skel
+ssl
+static
+sudoers
+sysconfig/
+syslog.conf
+timezone
+udev
+*.sec
+ssh/ssh_host_*_key
+ssh/authorized_keys.d/
+guix/acl*
+guix/machines.scm
+bluetooth
+shadow*

config.scm

@@ -64,6 +64,7 @@
   (srfi srfi-1))
 
 (use-service-modules
+  authentication
   cups
   desktop
   guix
@@ -517,7 +518,7 @@ fi"))
           "adb"
           "alsa-plugins"
           "alsa-utils"
-          "ardour"
+          ;"ardour"
           "audacity"
           "beep"
           "bind:utils"
@@ -588,6 +589,7 @@ fi"))
           "iptables"
           "jack"
           "jp2a"
+          "jq"
           "kcachegrind"
           "kgraphviewer"
           "librecad"
@@ -718,9 +720,14 @@ fi"))
           ;; Service de gestion des clés de chiffrement physique
           (service pcscd-service-type)
 
+          ;; Service lecteur d'empreinte
+          ;(service fprintd-service-type)
+
           ;; Service OpenSSH
           (service openssh-service-type
             (openssh-configuration
+              (authorized-keys
+                `(("neox" ,(local-file "/etc/ssh/ssh_neox_ed25519_key.pub"))))
                (x11-forwarding? #t)
                (password-authentication? #f)
                (permit-root-login 'prohibit-password)))
@@ -780,6 +787,22 @@ fi"))
         ;; Configuration du garbage collector
         (guix-service-type config => (guix-configuration
           (inherit config)
+          (build-machines
+            (list
+              #~(build-machine
+                  (name "10.42.0.1")
+                  (system "x86_64-linux")
+                  (host-key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPyGPO723z8cE1PHKTbxqQUMalvmYrXeF88hwoS/SuRI root@n-guix-fix")
+                  (user "offload")
+                  (private-key "/etc/ssh/ssh_host_ed25519_key")
+                  (parallel-builds 8)
+                  (speed 16.0))))
+          (authorize-key? #t)
+          (authorized-keys
+            (append
+              (list
+                (local-file "/etc/guix/n-guix-fix.pub"))
+              %default-authorized-guix-keys)) 
           (extra-options '("--gc-keep-derivations=yes" "--gc-keep-output=yes"))))
 
 

guix/n-guix-fix.pub

@@ -0,0 +1,4 @@
+(public-key 
+  (ecc 
+    (curve Ed25519)
+    (q #8E46170F0B43CC3C0AD67F162CB1707246D18F322C3EA040898FBB15F2A18963#)))

guix/signing-key.pub

@@ -0,0 +1,6 @@
+(public-key 
+ (ecc 
+  (curve Ed25519)
+  (q #7F8EB1AE40F138A9DF5F61C57CC4E33F4F1E42244CE71D855806CDE06113A245#)
+  )
+ )

ssh/ssh_neox_ed25519_key.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDZQd7U/DRPK5/qk35dzeG5dpnS/0FesbRrgZTSMHEsv openpgp:0x18D3885F