[Nix-dev] Using a remote machine for builds with two NixOS machines.

Peter Simons simons at cryp.to
Wed Sep 30 21:51:06 CEST 2015


Hi,

 > Step 3. Create a nixBuild account
 >
 > On the server (i.e. my desktop), update /etc/nixos/configuration.nix to
 > add a new user
 >
 >    users.extraUsers.nixBuild = {
 >      name = "nixBuild";
 >      useDefaultShell = true;
 >      openssh.authorizedKeys.keys = [ "ssh-ed25519 AAA... nixBuild" ];
 >    };
 >
 > replacing the string in the openssh.authorizedKeys.keys with the contents
 > of the /root/.ssh/id_nixBuild.pub file generated on the client machine.

personally, I use the 'root' account for that purpose like so:

  users.extraUsers.root.openssh.authorizedKeys.keys = pkgs.lib.singleton ''
    command="nice -n20 nix-store --serve --write" <your-authorized-ssh-key-here>
  '';

As far as I know, other unprivileged users cannot use nix-store in that
way, so you cannot easily configure a forced command for them (which is
desirable, IMHO). I might be wrong, though.

Best regards,
Peter



More information about the nix-dev mailing list