pyrox.dev / nixpkgs
lol
fork atom

darwin.builder: use port 31022 by default

Michael Hoang 285f5e85 f292b496

options
unified split
Changed files
+15 -9
doc
builders
special
darwin-builder.section.md
nixos
modules
profiles
macos-builder.nix
+10 -4
doc/builders/special/darwin-builder.section.md 
···

       
4

       
4

       
 

       



     

       
5

       
5

       
 

       
This requires macOS version 12.4 or later.


     

       
6

       
6

       
 

       



     

       
7

       

       
-

       
This also requires that port 22 on your machine is free (since Nix does not


     

       
8

       

       
-

       
permit specifying a non-default SSH port for builders).


     

       
9

       

       
-

       



     

       
10

       
7

       
 

       
You will also need to be a trusted user for your Nix installation.  In other


     

       
11

       
8

       
 

       
words, your `/etc/nix/nix.conf` should have something like:


     

       
12

       
9

       
 

       



     
···

       
50

       
47

       
 

       
```


     

       
51

       
48

       
 

       
# - Replace ${ARCH} with either aarch64 or x86_64 to match your host machine


     

       
52

       
49

       
 

       
# - Replace ${MAX_JOBS} with the maximum number of builds (pick 4 if you're not sure)


     

       
53

       

       
-

       
builders = ssh-ng://builder@localhost ${ARCH}-linux /etc/nix/builder_ed25519 ${MAX_JOBS} - - - c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUpCV2N4Yi9CbGFxdDFhdU90RStGOFFVV3JVb3RpQzVxQkorVXVFV2RWQ2Igcm9vdEBuaXhvcwo=


     

       

       
50

       
+

       
builders = ssh-ng://builder@linux-builder ${ARCH}-linux /etc/nix/builder_ed25519 ${MAX_JOBS} - - - c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUpCV2N4Yi9CbGFxdDFhdU90RStGOFFVV3JVb3RpQzVxQkorVXVFV2RWQ2Igcm9vdEBuaXhvcwo=


     

       
54

       
51

       
 

       



     

       
55

       
52

       
 

       
# Not strictly necessary, but this will reduce your disk utilization


     

       
56

       
53

       
 

       
builders-use-substitutes = true


     

       

       
54

       
+

       
```


     

       

       
55

       
+

       



     

       

       
56

       
+

       
To allow Nix to connect to a builder not running on port 22, you will also need to create a new file at `/etc/ssh/ssh_config.d/100-linux-builder.conf`:


     

       

       
57

       
+

       



     

       

       
58

       
+

       
```


     

       

       
59

       
+

       
Host linux-builder


     

       

       
60

       
+

       
  Hostname localhost


     

       

       
61

       
+

       
  HostKeyAlias linux-builder


     

       

       
62

       
+

       
  Port 31022


     

       
57

       
63

       
 

       
```


     

       
58

       
64

       
 

       



     

       
59

       
65

       
 

       
… and then restart your Nix daemon to apply the change:
+5 -5
nixos/modules/profiles/macos-builder.nix 
···

       
1

       

       
-

       
{ config, lib, pkgs, ... }:


     

       

       
1

       
+

       
{ config, lib, ... }:


     

       
2

       
2

       
 

       



     

       
3

       
3

       
 

       
let


     

       
4

       
4

       
 

       
  keysDirectory = "/var/keys";


     
···

       
67

       
67

       
 

       
       '';


     

       
68

       
68

       
 

       
    };


     

       
69

       
69

       
 

       
    hostPort = mkOption {


     

       
70

       

       
-

       
      default = 22;


     

       

       
70

       
+

       
      default = 31022;


     

       
71

       
71

       
 

       
      type = types.int;


     

       
72

       

       
-

       
      example = 31022;


     

       

       
72

       
+

       
      example = 22;


     

       
73

       
73

       
 

       
      description = ''


     

       
74

       
74

       
 

       
        The localhost host port to forward TCP to the guest port.


     

       
75

       
75

       
 

       
      '';


     
···

       
139

       
139

       
 

       



     

       
140

       
140

       
 

       
        hostPkgs = config.virtualisation.host.pkgs;


     

       
141

       
141

       
 

       



     

       
142

       

       
-

       
  script = hostPkgs.writeShellScriptBin "create-builder" (


     

       

       
142

       
+

       
        script = hostPkgs.writeShellScriptBin "create-builder" (


     

       
143

       
143

       
 

       
          # When running as non-interactively as part of a DarwinConfiguration the working directory


     

       
144

       
144

       
 

       
          # must be set to a writeable directory.


     

       
145

       
145

       
 

       
        (if cfg.workingDirectory != "." then ''


     

       
146

       
146

       
 

       
          ${hostPkgs.coreutils}/bin/mkdir --parent "${cfg.workingDirectory}"


     

       
147

       
147

       
 

       
          cd "${cfg.workingDirectory}"


     

       
148

       

       
-

       
  '' else "") + ''


     

       

       
148

       
+

       
        '' else "") + ''


     

       
149

       
149

       
 

       
          KEYS="''${KEYS:-./keys}"


     

       
150

       
150

       
 

       
          ${hostPkgs.coreutils}/bin/mkdir --parent "''${KEYS}"


     

       
151

       
151

       
 

       
          PRIVATE_KEY="''${KEYS}/${user}_${keyType}"