add remote builder for hs

os/basado/configuration.nix

@@ -9,6 +9,7 @@ in
     ../common.nix
     ../common-graphics.nix
     (import ../remote-disk-unlock.nix ["igb"] sshKeys)
+    ../builder.nix
   ];
 
   boot.loader = {

os/builder.nix

@@ -0,0 +1,19 @@
+{ config, pkgs, ... }: 
+let sshKeys = with (import ../sshKeys.nix); [
+  hs
+];
+in
+{
+  users.users.remotebuild = {
+    isNormalUser = true;
+    createHome = false;
+    group = "remotebuild";
+    shell = pkgs.bash;
+
+    openssh.authorizedKeys.keys = sshKeys;
+  };
+
+  users.groups.remotebuild = {};
+
+  nix.settings.extra-trusted-users = [ "remotebuild" ];
+}

os/hs/configuration.nix

@@ -143,4 +143,18 @@ in {
     enable = true;
     secretKeyFile = "/var/cache-priv-key.pem";
   };
+
+  nix.distributedBuilds = true;
+  nix.settings.builders-use-substitutes = true;
+
+  nix.buildMachines = [
+    {
+      hostName = "192.168.1.2";
+      protocol = "ssh-ng";
+      sshUser = "remotebuild";
+      sshKey = "/home/ant/.ssh/id_ed25519";
+      system = pkgs.stdenv.hostPlatform.system;
+      supportedFeatures = [ "nixos-test" "big-parallel" "kvm" ];
+    }
+  ];
 }