From 5a855b7eaa7642c2007bda307bb7c34994fbff15 Mon Sep 17 00:00:00 2001 From: James Walker Date: Wed, 7 Jun 2023 15:17:07 -0400 Subject: [PATCH] =?UTF-8?q?=F0=9F=91=B7=20use=20macos-builder?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- flake.lock | 12 +++---- modules/builder/default.nix | 66 ++++++++++++++++++++++++++++++++----- 2 files changed, 64 insertions(+), 14 deletions(-) diff --git a/flake.lock b/flake.lock index a95a5d6..2b17d5c 100644 --- a/flake.lock +++ b/flake.lock @@ -676,11 +676,11 @@ "nixpkgs": "nixpkgs_8" }, "locked": { - "lastModified": 1685999310, - "narHash": "sha256-gaRMZhc7z4KeU/xS3IWv3kC+WhVcAXOLXXGKLe5zn1Y=", + "lastModified": 1686142265, + "narHash": "sha256-IP0xPa0VYqxCzpqZsg3iYGXarUF+4r2zpkhwdHy9WsM=", "owner": "nix-community", "repo": "home-manager", - "rev": "28614ed7a1e3ace824c122237bdc0e5e0b62c5c3", + "rev": "39c7d0a97a77d3f31953941767a0822c94dc01f5", "type": "github" }, "original": { @@ -1324,11 +1324,11 @@ }, "nixpkgs_9": { "locked": { - "lastModified": 1685938391, - "narHash": "sha256-96Jw6TbWDLSopt5jqCW8w1Fc1cjQyZlhfBnJ3OZGpME=", + "lastModified": 1686089707, + "narHash": "sha256-LTNlJcru2qJ0XhlhG9Acp5KyjB774Pza3tRH0pKIb3o=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "31cd1b4afbaf0b1e81272ee9c31d1ab606503aed", + "rev": "af21c31b2a1ec5d361ed8050edd0303c31306397", "type": "github" }, "original": { diff --git a/modules/builder/default.nix b/modules/builder/default.nix index 9d99ae3..358374e 100644 --- a/modules/builder/default.nix +++ b/modules/builder/default.nix @@ -1,11 +1,61 @@ -_: +{ config, nixpkgs, pkgs, ... }: +let + dataDir = "/var/lib/darwin-builder"; + port = 33022; + + darwin-builder = nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + modules = [ + "${nixpkgs}/nixos/modules/profiles/macos-builder.nix" + { + boot.binfmt.emulatedSystems = [ "x86_64-linux" ]; + system.nixos.revision = nixpkgs.lib.mkForce null; + virtualisation.host.pkgs = pkgs; + virtualisation.darwin-builder.hostPort = port; + virtualisation.darwin-builder.workingDirectory = dataDir; + } + ]; + }; +in { nix.distributedBuilds = true; - nix.buildMachines = [{ - hostName = "plato"; - systems = [ "x86_64-linux" "aarch64-linux" ]; - maxJobs = 12; - speedFactor = 2; - supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ]; - }]; + nix.buildMachines = [ + { + hostName = "ssh://builder"; + systems = [ "x86_64-linux" "aarch64-linux" ]; + maxJobs = 4; + speedFactor = 2; + supportedFeatures = [ "kvm" "benchmark" "big-parallel" ]; + } + { + hostName = "ssh://plato"; + systems = [ "x86_64-linux" "aarch64-linux" ]; + maxJobs = 6; + supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ]; + } + ]; + + # We can't/want to edit /var/root/.ssh/config so instead we create the config at another location and tell ssh to use that instead by modifying NIX_SSHOPTS + environment.etc."nix/ssh_config".text = '' + Host builder + User builder + HostName 127.0.0.1 + Port ${toString port} + IdentityFile ${dataDir}/keys/builder_ed25519 + Host plato + IdentityFile /var/root/.ssh/id_plato + ''; + + # Tell nix-daemon to use our custom SSH config + nix.envVars = { NIX_SSHOPTS = "-F /etc/nix/ssh_config"; }; + + launchd.daemons.darwin-builder = { + command = "${darwin-builder.config.system.build.macos-builder-installer}/bin/create-builder"; + serviceConfig = { + KeepAlive = true; + RunAtLoad = true; + StandardOutPath = "/var/log/darwin-builder.log"; + StandardErrorPath = "/var/log/darwin-builder.log"; + }; + }; }