diff --git a/nixos/modules/services/misc/nix-daemon.nix b/nixos/modules/services/misc/nix-daemon.nix
index ee0f8a228b11..0fbc9cecb4df 100644
--- a/nixos/modules/services/misc/nix-daemon.nix
+++ b/nixos/modules/services/misc/nix-daemon.nix
@@ -193,43 +193,60 @@ in
};
buildMachines = mkOption {
- type = types.loaOf (submodule ({ config }: {
+ type = types.listOf (types.submodule ({
options = {
- sshUser = mkOption {
- type = types.nullOr types.string;
- default = null;
- description = ''
- The user as who to SSH to the build machine.
- '';
- };
hostName = mkOption {
- type = types.string;
+ type = types.str;
+ example = "nixbuilder.example.org";
description = ''
The hostname of the build machine.
'';
};
system = mkOption {
- type = types.string;
+ type = types.nullOr types.str;
default = null;
+ example = "x86_64-linux";
description = ''
The system type the build machine can execute derivations on.
- null if multiple are supported.
+ Either this attribute or systems must be
+ present, where system takes precedence if
+ both are set.
'';
};
systems = mkOption {
- type = types.listOf types.string;
+ type = types.listOf types.str;
default = [];
+ example = [ "x86_64-linux" "aarch64-linux" ];
description = ''
The system types the build machine can execute derivations on.
+ Either this attribute or system must be
+ present, where system takes precedence if
+ both are set.
+ '';
+ };
+ sshUser = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ example = "builder";
+ description = ''
+ The username to log in as on the remote host. This user must be
+ able to log in and run nix commands non-interactively. It must
+ also be privileged to build derivations, so must be included in
+ .
'';
};
sshKey = mkOption {
- type = types.string;
- default = "-";
+ type = types.nullOr types.str;
+ default = null;
+ example = "/root/.ssh/id_buildhost_builduser";
description = ''
- The path to the SSH private key with which to authenticate with
- the build machine. "-" indicates falling back
- on defaults.
+ The path to the SSH private key with which to authenticate on
+ the build machine. The private key must not have a passphrase.
+ If null, the building user (root on NixOS machines) must have an
+ appropriate ssh configuration to log in non-interactively.
+
+ Note that for security reasons, this path must point to a file
+ in the local filesystem, *not* to the nix store.
'';
};
maxJobs = mkOption {
@@ -237,7 +254,7 @@ in
default = 1;
description = ''
The number of concurrent jobs the build machine supports. The
- build machine will enforce its own limits but this allows hydra
+ build machine will enforce its own limits, but this allows hydra
to schedule better since there is no work-stealing between build
machines.
'';
@@ -246,82 +263,41 @@ in
type = types.int;
default = 1;
description = ''
- Something at indicates how fast the machine is relative to an
- arbitrary norm???
+ The relative speed of this builder. This is an arbitrary integer
+ that indicates the speed of this builder, relative to other
+ builders. Higher is faster.
'';
};
- mandatoryFeatures = mkOptions {
- type = types.listOf types.string;
+ mandatoryFeatures = mkOption {
+ type = types.listOf types.str;
default = [];
- decriptions = ''
- A list of features derivations built with this remote are
- required to opt into using. (See the documentation on Nix itself
- for what those features are.)
+ example = [ "big-parallel" ];
+ description = ''
+ A list of features mandatory for this builder. The builder will
+ be ignored for derivations that don't require all features in
+ this list. All mandatory features are automatically included in
+ supportedFeatures.
'';
};
- supportedFeatures = mkOptions {
- type = types.listOf types.string;
+ supportedFeatures = mkOption {
+ type = types.listOf types.str;
default = [];
- decriptions = ''
- A list of features derivations built with this remote may choose
- to use or not. (See the documentation on Nix itself for what
- those features are.)
+ example = [ "kvm" "big-parallel" ];
+ description = ''
+ A list of features supported by this builder. The builder will
+ be ignored for derivations that require features not in this
+ list.
'';
};
};
- config = {
- assertions = [{
- assertion = config.system != null || config.systems != null;
- message = ''
- At least one system type (via system or
- systems) must be set for every build machine.
- '';
- }];
- };
}));
default = [];
- example = literalExample ''
- [ { hostName = "voila.labs.cs.uu.nl";
- sshUser = "nix";
- sshKey = "/root/.ssh/id_buildfarm";
- system = "powerpc-darwin";
- maxJobs = 1;
- }
- { hostName = "linux64.example.org";
- sshUser = "buildfarm";
- sshKey = "/root/.ssh/id_buildfarm";
- system = "x86_64-linux";
- maxJobs = 2;
- speedFactor = 2;
- supportedFeatures = [ "kvm" ];
- mandatoryFeatures = [ "perf" ];
- }
- ]
- '';
description = ''
- This option lists the machines to be used if distributed
- builds are enabled (see
- ). Nix will perform
- derivations on those machines via SSH by copying the inputs
- to the Nix store on the remote machine, starting the build,
- then copying the output back to the local Nix store. Each
- element of the list should be an attribute set containing
- the machine's host name (hostname), the
- user name to be used for the SSH connection
- (sshUser), the Nix system type
- (system, e.g.,
- "i686-linux"), the maximum number of
- jobs to be run in parallel on that machine
- (maxJobs), the path to the SSH private
- key to be used to connect (sshKey), a
- list of supported features of the machine
- (supportedFeatures) and a list of
- mandatory features of the machine
- (mandatoryFeatures). The SSH private key
- should not have a passphrase, and the corresponding public
- key should be added to
- ~sshUser/authorized_keys
- on the remote machine.
+ This option lists the machines to be used if distributed builds are
+ enabled (see ).
+ Nix will perform derivations on those machines via SSH by copying the
+ inputs to the Nix store on the remote machine, starting the build,
+ then copying the output back to the local Nix store.
'';
};
@@ -548,7 +524,7 @@ in
concatMapStrings (machine:
"${if machine.sshUser != null then "${machine.sshUser}@" else ""}${machine.hostName} "
+ (if machine.system != null then machine.system else concatStringsSep "," machine.systems)
- + " ${machine.sshKey} ${toString machine.maxJobs} "
+ + " ${if machine.sshKey != null then machine.sshKey else "-"} ${toString machine.maxJobs} "
+ toString (machine.speedFactor)
+ " "
+ concatStringsSep "," (machine.mandatoryFeatures ++ machine.supportedFeatures)