remote builder stuff

hosts/configuration.nix

@@ -25,26 +25,33 @@ in
   # allow mounting ntfs filesystems
   boot.supportedFilesystems = [ "ntfs" ];
 
-  # Fallback quickly if substituters are not available.
+  nix.settings = {
-  nix.settings.connect-timeout = 5;
+    # Fallback quickly if substituters are not available.
-  nix.settings.download-attempts = 3;
+    connect-timeout = 5;
-  # The default at 10 is rarely enough.
+    download-attempts = 3;
-  nix.settings.log-lines = 50;
+    # The default at 10 is rarely enough.
-  # Avoid disk full issues
+    log-lines = 50;
-  nix.settings.max-free = (3000 * 1024 * 1024);
+    # Avoid disk full issues
-  nix.settings.min-free = (1000 * 1024 * 1024);
+    max-free = (3000 * 1024 * 1024);
-  # Avoid copying unnecessary stuff over SSH
+    min-free = (1000 * 1024 * 1024);
-  nix.settings.builders-use-substitutes = true;
+    # Avoid copying unnecessary stuff over SSH
-  # Slower but mroe robust during crash TODO enable once we upgrade nix
+    builders-use-substitutes = true;
-  # nix.settings.fsync-store-paths = true;
+    # Slower but more robust during crash TODO enable once we upgrade nix
-  # nix.settings.fsync-metadata = true;
+    # fsync-store-paths = true;
-  nix.settings.auto-optimise-store = true;
+    # fsync-metadata = true;
+    auto-optimise-store = true;
 
-  # TODO should I have this set for my user...
+    # TODO should I have this set for my user...
-  nix.settings.trusted-users = [ "root" "${settings.user.username}" ];
+    trusted-users = [
+      "root"
+      "${settings.user.username}"
+    ];
+  };
 
   # rate limiting for github
   nix.extraOptions = ''
+    keep-outputs = true
+    keep-derivations = true
     !include ${config.age.secrets.github_read_token.path}
   '';
 
@@ -52,7 +59,7 @@ in
   programs.nh = {
     enable = true;
     clean.enable = true;
-    clean.extraArgs = "--keep 3";
+    clean.extraArgs = "--keep 10";
     # TODO this may need to be defined higher up if it is ever different for a machine...
     flake = "/home/${settings.user.username}/.config/nixos-config";
   };

hosts/lio/configuration.nix

@@ -25,7 +25,7 @@
     stormd.enable = true;
     nebula.enable = true;
     rustdesk.enable = true;
-    saber.enable = true;
+    # saber.enable = true;
   };
 
   # opening this port for dev purposes
@@ -45,4 +45,4 @@
 
   # System76
   hardware.system76.enableAll = true;
-}
+  }

users/josh/by_hosts/lio/nix_modules/ssh_authorized.nix

@@ -1,6 +1,11 @@
-{ settings, ... }:
+{ settings, config, ... }:
 {
   users.users.${settings.user.username}.openssh.authorizedKeys.keys = [
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJN2nsLmAlF6zj5dEBkNSJaqcCya+aB6I0imY8Q5Ew0S nix2lio"
   ];
+
+  # Also allow this key to work for root user, this will let us use this as a remote builder
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJN2nsLmAlF6zj5dEBkNSJaqcCya+aB6I0imY8Q5Ew0S nix2lio"
+  ];
 }

users/josh/home_manager/file_browser.nix

@@ -5,5 +5,5 @@
   ...
 }:
 {
-  home.packages = lib.mkIf (!nixConfig.mods.de_cosmic.enable) (with pkgs; [ gnome.nautilus qimgv ]);
+  home.packages = lib.mkIf (!nixConfig.mods.de_cosmic.enable) (with pkgs; [ nautilus qimgv ]);
 }