add the SSH key for the remote builder

All the secrets were rekeyed.
author: Franck Cuny <franck@fcuny.net> 2025-08-09 11:02:18 -0700
committer: Franck Cuny <franck@fcuny.net> 2025-08-09 11:02:18 -0700
commit: d23d7bf78b38fd7976d2dbbc063f406fa04f13d5 (patch)
tree: 1ecf84d2efb861a854918dfd88f30251561e4a36 /profiles/remote-builder.nix
parent: ignore terraform caches (diff)
download: infra-d23d7bf78b38fd7976d2dbbc063f406fa04f13d5.tar.gz
1 files changed, 6 insertions, 8 deletions
diff --git a/profiles/remote-builder.nix b/profiles/remote-builder.nix
index cc7751f..50d3e84 100644
--- a/profiles/remote-builder.nix
+++ b/profiles/remote-builder.nix
@@ -1,21 +1,18 @@
-{ ... }:
+{ config, ... }:
 {
   nix.buildMachines = [
     {
-      hostName = "vm-synology";
+      hostName = "builder";
       sshUser = "builder";
 
-      # 'ssh-ng' is faster if both machines are NixOS but falls flat if the
-      # machine Nix will attempt a connection to is not NixOS. In such a case
-      # you must use 'ssh' instead.
-      protocol = "ssh-ng";
+      protocol = "ssh";
+
+      sshKey = config.age.secrets.ssh-remote-builder.path;
 
-      # Systems for which builds will be offloaded.
       systems = [
         "x86_64-linux"
       ];
 
-      # Default is 1 but may keep the builder idle in between builds
       maxJobs = 1;
 
       supportedFeatures = [
@@ -30,5 +27,6 @@
     Host builder
       User builder
       HostName vm-synology
+      IdentityFile ${config.age.secrets.ssh-remote-builder.path}
   '';
 }
author	Franck Cuny <franck@fcuny.net>	2025-08-09 11:02:18 -0700
committer	Franck Cuny <franck@fcuny.net>	2025-08-09 11:02:18 -0700
commit	d23d7bf78b38fd7976d2dbbc063f406fa04f13d5 (patch)
tree	1ecf84d2efb861a854918dfd88f30251561e4a36 /profiles/remote-builder.nix
parent	ignore terraform caches (diff)
download	infra-d23d7bf78b38fd7976d2dbbc063f406fa04f13d5.tar.gz