deployment: implement build offloading from aisaka to rakan

* deployment/keys.scm (aisaka-guix): define signing key of Guix daemon in aisaka. * deployment/systems/aisaka.scm (rakan-machine, guix-offload-rakan, offload-rakan): define the offload target. * deployment/systems/aisaka.scm (system): add the offload configuration to the list of services. * deployment/systems/rakan.scm (guix-offload-authorizations): change the authorized signing key to aisaka's. * deployment/users.scm (openssh-configuration): add the public SSH key of marek@aisaka.
author: Marek Paśnikowski <marek@marekpasnikowski.pl> 2025-11-20 19:28:30 +0100
committer: Marek Paśnikowski <marek@marekpasnikowski.pl> 2025-11-20 21:49:51 +0100
commit: dbbfb5911e3e69e264a8e4ea86db49392f9cbb8f (patch)
tree: 04f0c97172394ccf3654488768bea626306e7945 /deployment/systems/aisaka.scm
parent: 7bcd3d05415e4d21bf87557bd70d56607287a380 (diff)
1 files changed, 23 insertions, 0 deletions
diff --git a/deployment/systems/aisaka.scm b/deployment/systems/aisaka.scm
index 6f82f9c..aa099c4 100644
--- a/deployment/systems/aisaka.scm
+++ b/deployment/systems/aisaka.scm
@@ -2,10 +2,13 @@
 ;;; SPDX-FileCopyrightText: 2024-2025 Marek Paśnikowski <marek@marekpasnikowski.pl>
 
 (define-module (deployment systems aisaka)
+  #:use-module (guix gexp)
+  #:use-module ((deployment keys)             #:prefix deployment:keys:)
   #:use-module ((gnu bootloader)              #:prefix gnu:bootloader:)
   #:use-module ((gnu bootloader grub)         #:prefix gnu:bootloader:grub:)
   #:use-module ((gnu packages tls)            #:prefix gnu:packages:tls:)
   #:use-module ((gnu services)                #:prefix gnu:services:)
+  #:use-module ((gnu services base)           #:prefix gnu:services:base:)
   #:use-module ((gnu services dns)            #:prefix gnu:services:dns:)
   #:use-module ((gnu services version-control) #:prefix gnu:services:version-control:)
   #:use-module ((gnu services web)            #:prefix gnu:services:web:)
@@ -352,6 +355,25 @@
        (listen (list "192.168.10.2:443 ssl"))
        (server-name (list "radicale.marekpasnikowski.pl"))))))))
 
+(define rakan-machine
+  #~(build-machine
+    (name        "rakan")
+    (systems     (list "x86_64-linux"
+                       "i686-linux"))
+    (user        "marek")
+    (host-key    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFxlIhNlkWCNA+l/RiOJztB+VWhuJtDTUvSwwlE3MpgJ root@rakan")
+    (private-key "/home/marek/.ssh/id_ed25519")))
+
+(define guix-offload-rakan
+  (gnu:services:base:guix-extension
+    (authorized-keys (list deployment:keys:rakan-guix))
+    (build-machines  (list rakan-machine))))
+
+(define offload-rakan
+  (gnu:services:simple-service 'offload-rakan
+                               gnu:services:base:guix-service-type
+                               guix-offload-rakan))
+
 (define (openssh)
   (use-modules (gnu services ssh))
   ((@ (gnu services) service)
@@ -405,6 +427,7 @@
               (gitolite)
               (sovereign:systems:guix-home-service (list users:id1000:name/home-environment))
               (nginx-izumi)
+              offload-rakan
               (openssh)
               (radicale)))
author	Marek Paśnikowski <marek@marekpasnikowski.pl>	2025-11-20 19:28:30 +0100
committer	Marek Paśnikowski <marek@marekpasnikowski.pl>	2025-11-20 21:49:51 +0100
commit	dbbfb5911e3e69e264a8e4ea86db49392f9cbb8f (patch)
tree	04f0c97172394ccf3654488768bea626306e7945 /deployment/systems/aisaka.scm
parent	7bcd3d05415e4d21bf87557bd70d56607287a380 (diff)