From acfc9ac1a4004cd212e9a80172eeae979ee30427 Mon Sep 17 00:00:00 2001
From: Tom Alexander <tom@fizz.buzz>
Date: Sun, 23 Mar 2025 17:07:12 -0400
Subject: [PATCH] Add hydra as a distributed build machine.

---
 nix/configuration/configuration.nix           |  8 +++++
 nix/configuration/hosts/hydra/default.nix     |  5 +++
 .../hosts/hydra/optimized_build.nix           | 12 ++++++-
 nix/configuration/hosts/odo/default.nix       |  1 +
 .../hosts/odo/distributed_build.nix           | 32 +++++++++++++++++++
 nix/configuration/roles/ssh/default.nix       |  8 +++++
 .../roles/ssh/files/ssh_config_root           |  9 ++++++
 7 files changed, 74 insertions(+), 1 deletion(-)
 create mode 100644 nix/configuration/hosts/odo/distributed_build.nix
 create mode 100644 nix/configuration/roles/ssh/files/ssh_config_root

diff --git a/nix/configuration/configuration.nix b/nix/configuration/configuration.nix
index 541451c..3903d78 100644
--- a/nix/configuration/configuration.nix
+++ b/nix/configuration/configuration.nix
@@ -118,6 +118,14 @@
       home.stateVersion = "24.11";
     };
 
+  home-manager.users.root =
+    { pkgs, ... }:
+    {
+      # The state version is required and should stay at the version you
+      # originally installed.
+      home.stateVersion = "24.11";
+    };
+
   # Automatic garbage collection
   nix.gc = lib.mkIf (!config.me.buildingIso) {
     # Runs nix-collect-garbage --delete-older-than 5d
diff --git a/nix/configuration/hosts/hydra/default.nix b/nix/configuration/hosts/hydra/default.nix
index 874fb2e..ae0f5e7 100644
--- a/nix/configuration/hosts/hydra/default.nix
+++ b/nix/configuration/hosts/hydra/default.nix
@@ -24,4 +24,9 @@
   me.zsh.enable = true;
   me.wireguard.activated = [ ];
   me.wireguard.deactivated = [ ];
+
+  # Trust this key so nix running as root can ssh into hydra.
+  users.users.talexander.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB/IlYTQ0M5pFN5tdoswh37CDl/gbULI3h+SsKXCansh talexander@odo"
+  ];
 }
diff --git a/nix/configuration/hosts/hydra/optimized_build.nix b/nix/configuration/hosts/hydra/optimized_build.nix
index d125920..ab25599 100644
--- a/nix/configuration/hosts/hydra/optimized_build.nix
+++ b/nix/configuration/hosts/hydra/optimized_build.nix
@@ -8,7 +8,17 @@
   imports = [ ];
 
   config = lib.mkMerge [
-    { }
+    {
+      nix.settings.system-features = lib.mkForce [
+        "gccarch-znver4"
+        "gccarch-x86-64-v3"
+        "gccarch-x86-64-v4"
+        "benchmark"
+        "big-parallel"
+        # "kvm"
+        # "nixos-test"
+      ];
+    }
     (lib.mkIf (!config.me.buildingIso) {
       nix.settings.system-features = lib.mkForce [
         "gccarch-znver4"
diff --git a/nix/configuration/hosts/odo/default.nix b/nix/configuration/hosts/odo/default.nix
index c5ac484..2d77c62 100644
--- a/nix/configuration/hosts/odo/default.nix
+++ b/nix/configuration/hosts/odo/default.nix
@@ -9,6 +9,7 @@
     ./hardware-configuration.nix
     ./disk-config.nix
     ./optimized_build.nix
+    ./distributed_build.nix
     ./power_management.nix
     ./screen_brightness.nix
     ./wifi.nix
diff --git a/nix/configuration/hosts/odo/distributed_build.nix b/nix/configuration/hosts/odo/distributed_build.nix
new file mode 100644
index 0000000..741d80c
--- /dev/null
+++ b/nix/configuration/hosts/odo/distributed_build.nix
@@ -0,0 +1,32 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+{
+  imports = [ ];
+
+  config = lib.mkMerge [
+    {
+      nix.distributedBuilds = true;
+      nix.buildMachines = [
+        {
+          hostName = "hydra";
+          systems = [
+            "x86_64-linux"
+            # "aarch64-linux"
+          ];
+          maxJobs = 1;
+          speedFactor = 2;
+          supportedFeatures = [
+            # "nixos-test"
+            "benchmark"
+            "big-parallel"
+            # "kvm"
+          ];
+        }
+      ];
+    }
+  ];
+}
diff --git a/nix/configuration/roles/ssh/default.nix b/nix/configuration/roles/ssh/default.nix
index ba69def..fc78956 100644
--- a/nix/configuration/roles/ssh/default.nix
+++ b/nix/configuration/roles/ssh/default.nix
@@ -28,4 +28,12 @@
         source = ./files/ssh_config;
       };
     };
+
+  home-manager.users.root =
+    { pkgs, ... }:
+    {
+      home.file.".ssh/config" = {
+        source = ./files/ssh_config_root;
+      };
+    };
 }
diff --git a/nix/configuration/roles/ssh/files/ssh_config_root b/nix/configuration/roles/ssh/files/ssh_config_root
new file mode 100644
index 0000000..2d66ca5
--- /dev/null
+++ b/nix/configuration/roles/ssh/files/ssh_config_root
@@ -0,0 +1,9 @@
+Host hydra
+  HostName ns1.fizz.buzz
+  Port 65122
+  User talexander
+  IdentitiesOnly yes
+  IdentityFile /persist/manual/ssh/root/keys/id_ed25519
+
+Host *
+  Compression yes