feat(remote-build): Add john-endesktop as builder machine

- Enable enableBuilder role on john-endesktop - Add john-endesktop to nix-book's builder list (maxJobs=1, speedFactor=1) - Document SSH setup process for new clients in remote-build role 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-12 21:27:01 -08:00
parent c92a82b21a
commit 056c1a1e62
3 changed files with 78 additions and 5 deletions
--- a/machines/john-endesktop/configuration.nix
+++ b/machines/john-endesktop/configuration.nix
@@ -104,6 +104,9 @@ with lib;
  # User configuration
  roles.users.enable = true;

+  # Enable as remote builder (similar to zix790prors)
+  roles.remote-build.enableBuilder = true;
+
  # k3s agent configuration
  roles.k3s-node = {
    enable = true;
--- a/machines/nix-book/configuration.nix
+++ b/machines/nix-book/configuration.nix
@@ -21,11 +21,18 @@
    };
    nfs-mounts.enable = true;
    printing.enable = true;
-    remote-build.builders = [{
+    remote-build.builders = [
+      {
        hostName = "zix790prors";
        maxJobs = 16;
        speedFactor = 3;
-    }];
+      }
+      {
+        hostName = "john-endesktop";
+        maxJobs = 1;
+        speedFactor = 1;
+      }
+    ];
    spotifyd.enable = true;
    users = {
      enable = true;
--- a/roles/remote-build/default.nix
+++ b/roles/remote-build/default.nix
@@ -1,3 +1,66 @@
+# Remote Build Role
+#
+# This module configures Nix distributed builds, allowing machines to offload
+# builds to more powerful remote machines.
+#
+# SETUP INSTRUCTIONS
+# ==================
+#
+# 1. BUILDER MACHINE SETUP
+#    On machines that will serve as builders (e.g., zix790prors, john-endesktop):
+#
+#    a) Enable the builder role in configuration.nix:
+#       roles.remote-build.enableBuilder = true;
+#
+#    b) After nixos-rebuild, the nix-builder user is created automatically.
+#       You need to add client SSH public keys to the builder. Either:
+#
+#       Option A - Manual (recommended for initial setup):
+#         sudo mkdir -p /var/lib/nix-builder/.ssh
+#         sudo bash -c 'cat >> /var/lib/nix-builder/.ssh/authorized_keys' << 'EOF'
+#         ssh-ed25519 AAAA... root@client-hostname
+#         EOF
+#         sudo chown -R nix-builder:nix-builder /var/lib/nix-builder/.ssh
+#         sudo chmod 700 /var/lib/nix-builder/.ssh
+#         sudo chmod 600 /var/lib/nix-builder/.ssh/authorized_keys
+#
+#       Option B - Via NixOS config (if you store keys in the repo):
+#         users.users.nix-builder.openssh.authorizedKeys.keys = [
+#           "ssh-ed25519 AAAA... root@client-hostname"
+#         ];
+#
+# 2. CLIENT MACHINE SETUP
+#    On machines that will use remote builders (e.g., nix-book):
+#
+#    a) Configure builders in configuration.nix:
+#       roles.remote-build.builders = [
+#         {
+#           hostName = "zix790prors";
+#           maxJobs = 16;      # Number of parallel build jobs
+#           speedFactor = 3;   # Higher = prefer this builder
+#         }
+#         {
+#           hostName = "john-endesktop";
+#           maxJobs = 1;       # Conservative for busy machines
+#           speedFactor = 1;
+#         }
+#       ];
+#
+#    b) Generate SSH key for root (if not exists) and copy to builders:
+#       sudo ssh-keygen -t ed25519 -f /root/.ssh/id_ed25519 -N ""
+#       sudo cat /root/.ssh/id_ed25519.pub  # Add this to builder's authorized_keys
+#
+#    c) Accept the builder's host key (as root):
+#       sudo ssh nix-builder@zix790prors echo "Connected!"
+#       sudo ssh nix-builder@john-endesktop echo "Connected!"
+#
+# 3. VERIFY SETUP
+#    Test that distributed builds work:
+#      nix build --rebuild nixpkgs#hello --print-build-logs
+#
+#    Check builder connectivity:
+#      nix store ping --store ssh-ng://nix-builder@zix790prors
+#
 { lib, config, pkgs, ... }:

 with lib;