From cfe57d1d90e6b7d3041e6ad43f93d407a10bd210 Mon Sep 17 00:00:00 2001 From: Timo Wilken Date: Sun, 4 Jun 2023 00:25:22 +0200 Subject: Set up offloading from laptop to servers --- tw/channels.scm | 31 +++++++++++++++++++++++++++++++ tw/system/lap.scm | 31 +++++++++++++++++++++++++++++++ 2 files changed, 62 insertions(+) diff --git a/tw/channels.scm b/tw/channels.scm index ff9cdfac..712e891c 100644 --- a/tw/channels.scm +++ b/tw/channels.scm @@ -30,6 +30,33 @@ ) ")) +;; Authorize other machines' Guix signing keys, for offloading. +(define %tw-signing-keys + (list (plain-file "lud-signing-key.pub" "\ +(public-key + (ecc + (curve Ed25519) + (q #907985F2DEC4E15FAF29F4029FEADD266DD6563F7E9548160965C7E61EEDCA51#) + ) + ) +") + (plain-file "vin-signing-key.pub" "\ +(public-key + (ecc + (curve Ed25519) + (q #752B01B2CC6E1730BFD8F2B4CF9B9D3D29A07B4B7763EACBD8DEEE9F46E96561#) + ) + ) +") + (plain-file "lap-signing-key.pub" "\ +(public-key + (ecc + (curve Ed25519) + (q #DF75857BAD66DB4ED4F3DC6450C9E0923D3162435FDE281B536F40EA22FAD6CF#) + ) + ) +"))) + (define-public %system-channel-services ;; The gaming channel (https://gitlab.com/guix-gaming-channels) is per-user only. (list (simple-service 'nonguix guix-service-type @@ -37,5 +64,9 @@ (authorized-keys (list %nonguix-signing-key)) (substitute-urls '("https://substitutes.nonguix.org")))) + (simple-service 'offloading guix-service-type + (guix-extension + (authorized-keys %tw-signing-keys))) + (extra-special-file "/etc/guix/channels.scm" (scheme-file "channels.scm" %system-channels)))) diff --git a/tw/system/lap.scm b/tw/system/lap.scm index 1bcc0d78..4c63da44 100644 --- a/tw/system/lap.scm +++ b/tw/system/lap.scm @@ -367,6 +367,37 @@ support extra features (acr, pmu, gr).") (extra-special-file "/etc/NetworkManager/dispatcher.d/09-set-timezone" (program-file "set-timezone" set-timezone-script)) + (extra-special-file "/etc/guix/machines.scm" + (scheme-file "machines.scm" + #~(let ((lud (build-machine + (name "lud.twilken.net") + (systems '("x64_64-linux")) + (port '#$(assoc-ref %ssh-ports "lud.twilken.net")) + (host-key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGqXbxv3a2bZyGjnEirVCMtRBeLKW/ha8ULSR9Xye4Z1") + (user "timo") + (private-key "/home/timo/.local/share/ssh-keys/id_rsa") + (speed .5))) ; 4 cores, 8 GB RAM + (vin (build-machine + (name "vin.twilken.net") + (systems '("x64_64-linux")) + (port '#$(assoc-ref %ssh-ports "vin.twilken.net")) + (host-key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEEpdfKxzoCwg53TKPF5YxgUwhGF+bELAyBGdxagQroJ") + (user "timo") + (private-key "/home/timo/.local/share/ssh-keys/id_rsa") + (speed 1.)))) ; 8 cores, 16 GB RAM + (use-modules (ice-9 popen) + (ice-9 textual-ports) + (ice-9 regex)) + (let* ((regexp (make-regexp "^GENERAL\\.CONNECTION:[[:space:]]+TLAN$" regexp/newline)) + (pipe (open-pipe* OPEN_READ #$(file-append network-manager "/bin/nmcli") + "device" "show" "wlp3s0")) + (at-home? (regexp-exec regexp (get-string-all pipe)))) + (close-pipe pipe) + ;; Only offload to vin when at home, as the network connection is too bad otherwise. + (if at-home? + (list lud vin) + (list lud)))))) + (modify-services (append %system-channel-services %desktop-services) (gdm-service-type config => -- cgit v1.2.3