From a204342ee72c02958be055029bb27d30d3582c7a Mon Sep 17 00:00:00 2001 From: Marek Paśnikowski Date: Fri, 21 Nov 2025 00:14:18 +0100 Subject: implement guix offload in akashi * deployment/keys.scm (akashi-guix): define guix signing key. * deployment/systems/aisaka.scm (guix-offload-rakan): add guix signing key of akashi. * deployment/systems/akashi.scm (offload-hub, guix-offload-targets, offload-extension): define guix offload configuration. * deployment/systems/akashi.scm (services): add guix offload service and clean up the definition. * deployment/systems/akashi.scm (operating-system*): clean up the definition. --- deployment/keys.scm | 7 ++++ deployment/systems/aisaka.scm | 3 +- deployment/systems/akashi.scm | 77 +++++++++++++++++++++++++++---------------- 3 files changed, 58 insertions(+), 29 deletions(-) diff --git a/deployment/keys.scm b/deployment/keys.scm index 85e2e64..fc7d426 100644 --- a/deployment/keys.scm +++ b/deployment/keys.scm @@ -11,6 +11,13 @@ " (curve Ed25519)\n" " (q #983CD313090D2699AD26AE5CB589A29F24A32E247A41EB4F4A22D196DFCD9D3C#)))")) +(define-public akashi-guix + (mixed-text-file "akashi-signing-key.pub" + "(public-key\n" + " (ecc\n" + " (curve Ed25519)\n" + " (q #A3E347D0D79D616C4379C844C1D67DFC9BFD4F2011D4070EB3DB7EFA66D6F3D2#)))")) + (define-public mcdowell-guix (mixed-text-file "mcdowell-signing-key.pub" "(public-key\n" diff --git a/deployment/systems/aisaka.scm b/deployment/systems/aisaka.scm index aa099c4..9fbb75f 100644 --- a/deployment/systems/aisaka.scm +++ b/deployment/systems/aisaka.scm @@ -366,7 +366,8 @@ (define guix-offload-rakan (gnu:services:base:guix-extension - (authorized-keys (list deployment:keys:rakan-guix)) + (authorized-keys (list deployment:keys:akashi-guix + deployment:keys:rakan-guix)) (build-machines (list rakan-machine)))) (define offload-rakan diff --git a/deployment/systems/akashi.scm b/deployment/systems/akashi.scm index 5093fd4..03e188b 100644 --- a/deployment/systems/akashi.scm +++ b/deployment/systems/akashi.scm @@ -2,7 +2,11 @@ ;;; SPDX-FileCopyrightText: 2024-2025 Marek Paśnikowski (define-module (deployment systems akashi) + #:use-module (guix gexp) + #:use-module ((deployment keys) #:prefix deployment:keys:) #:use-module ((gnu packages linux) #:prefix gnu:packages:linux:) + #:use-module ((gnu services) #:prefix gnu:services:) + #:use-module ((gnu services base) #:prefix gnu:services:base:) #:use-module ((gnu services guix) #:prefix gnu:services:guix:) #:use-module ((gnu system) #:prefix gnu:system:) #:use-module ((gnu system file-systems) #:prefix gnu:system:file-systems:) @@ -29,16 +33,35 @@ ((@ (gnu system keyboard) keyboard-layout) "pl")) +(define offload-hub + #~(build-machine + (name "marekpasnikowski.pl") + (systems (list "x86_64-linux" + "i686-linux")) + (user "marek") + (host-key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM0Eh0q54myeSEironEP9DEKl+ownYuH7oSgAVuLIDNt root@aisaka") + (port 23) + (private-key "/home/marek/.ssh/id_ed25519"))) + +(define guix-offload-targets + (gnu:services:base:guix-extension + (authorized-keys (list deployment:keys:aisaka-guix)) + (build-machines (list offload-hub)))) + +(define offload-extension + (gnu:services:simple-service 'offload-extension + gnu:services:base:guix-service-type + guix-offload-targets)) + (define (services) - (let* ((home-environments `((,uid1000-name ,uid1000-home-environment))) - (guix-home ((@ (gnu services) service) - gnu:services:guix:guix-home-service-type - home-environments))) - (append sovereign:systems:%sovereign-services - (list guix-home - ((@ (gnu services base) udev-rules-service) - 'adb-udev - (@ (gnu packages android) android-udev-rules)))))) + (let* + ( (home-environments `((,uid1000-name ,uid1000-home-environment))) + (guix-home (gnu:services:service + gnu:services:guix:guix-home-service-type + home-environments))) + (append sovereign:systems:%sovereign-services + (list guix-home + offload-extension)))) (define users (list uid1000-account)) @@ -46,23 +69,21 @@ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; (define-public operating-system* - (let* ((patter-placeholder #f) - (timezone* "Europe/Warsaw")) (gnu:system:operating-system - (kernel gnu:packages:linux:linux-libre) - (kernel-arguments (cons* "thinkpad_acpi.fan_control=1" - "thinkpad_acpi.fan='level 7'" - gnu:system:%default-kernel-arguments)) - (bootloader (machines:thinkpad-x200:bootloader-configuration* keyboard-layout*)) - (label (sovereign:systems:operating-system-label* host-name* - (gnu:system:operating-system-default-label gnu:system:this-operating-system))) - (keyboard-layout keyboard-layout*) - (host-name host-name*) - (file-systems (file-systems)) - (swap-devices (machines:thinkpad-x200:swap-devices* host-name*)) - (users users) - (timezone timezone*) - (locale sovereign:systems:pl-locale) - (locale-definitions sovereign:systems:%sovereign-locale-definitions) - (services (services)) - (sudoers-file sovereign:systems:%sovereign-sudoers-specification)))) + (kernel gnu:packages:linux:linux-libre) + (kernel-arguments (cons* "thinkpad_acpi.fan_control=1" + "thinkpad_acpi.fan='level 7'" + gnu:system:%default-kernel-arguments)) + (bootloader (machines:thinkpad-x200:bootloader-configuration* keyboard-layout*)) + (label (sovereign:systems:operating-system-label* host-name* + (gnu:system:operating-system-default-label gnu:system:this-operating-system))) + (keyboard-layout keyboard-layout*) + (host-name host-name*) + (file-systems (file-systems)) + (swap-devices (machines:thinkpad-x200:swap-devices* host-name*)) + (users users) + (timezone "Europe/Warsaw") + (locale sovereign:systems:pl-locale) + (locale-definitions sovereign:systems:%sovereign-locale-definitions) + (services (services)) + (sudoers-file sovereign:systems:%sovereign-sudoers-specification))) -- cgit v1.2.3