bazel

Author: randomizedcoder

hp/hp1/root_ssh_config

@@ -0,0 +1,21 @@
+host hp4 hp4.home
+        user remotebuild
+        IdentityFile ~/.ssh/remotebuild
+        ServerAliveInterval 10
+        Protocol 2
+        #UseRoaming no
+        ForwardAgent yes
+        # Modern Key Exchange Algorithms (Kex) - Prioritizes Post-Quantum (if available) and Curve25519
+        KexAlgorithms sntrup761x25519-sha512@openssh.com,curve25519-sha256@libssh.org,curve25519-sha256,diffie-hellman-group-exchange-sha256
+        # Modern Ciphers - Prioritizes ChaCha20 and AES-GCM (Authenticated Encryption)
+        Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com
+        # Modern MACs - Prioritizes Encrypt-then-MAC (EtM) modes
+        MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com
+        # temp hmac-md5
+        #MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-md5
+        ControlMaster auto
+        ControlPath ~/.ssh/master-%r@%h:%p
+        ControlPersist 10m
+        Compression yes
+        Connecttimeout 10
+        HashKnownHosts no

hp/hp4/remote-builder.nix

@@ -5,12 +5,17 @@
 {
   # https://nix.dev/tutorials/nixos/distributed-builds-setup.html#set-up-the-remote-builder
   # sudo ssh remotebuild@hp4 -i /root/.ssh/remotebuild "echo hello"
+  # sudo ssh remotebuild@hp4.home -i /root/.ssh/remotebuild "echo hello"
   users.users.remotebuild = {
     isNormalUser = true;
     createHome = false;
     group = "remotebuild";
 
-    openssh.authorizedKeys.keyFiles = [ ./authorizedKeys ];
+    # openssh.authorizedKeys.keyFiles = [ ./authorizedKeys ];
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINjiY/MIQUyp58JXt+fuy1mQWCZfFhbYoRK6jJN5ZxeV root@t"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMO7liZykpeI/ggPRBXQswdLAZWNWj+h8QA3hzQLi0ai das@hp1"
+    ];
   };
 
   users.groups.remotebuild = {};

laptops/t/flake.lock

@@ -166,6 +166,9 @@
     # https://github.com/bazel-contrib/bazel-gazelle/tags
     # https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/by-name/ba/bazel-gazelle/package.nix#L26
     unstable.bazel-gazelle
+    unstable.bazel-buildtools
+    unstable.bazelisk
+    # https://github.com/buchgr/bazel-remote - maybe something to look at?
 
     # Debugging/Profiling
     graphviz # for pprof
@@ -357,6 +360,8 @@
       jnoortheen.nix-ide
       #jeff-hykin.better-nix-syntax
       rust-lang.rust-analyzer
+      #bazel
+      bazelbuild.vscode-bazel
     ];
   };
 

laptops/t/home.nix

@@ -0,0 +1,21 @@
+host hp4 hp4.home
+        user remotebuild
+        IdentityFile ~/.ssh/remotebuild
+        ServerAliveInterval 10
+        Protocol 2
+        #UseRoaming no
+        ForwardAgent yes
+        # Modern Key Exchange Algorithms (Kex) - Prioritizes Post-Quantum (if available) and Curve25519
+        KexAlgorithms sntrup761x25519-sha512@openssh.com,curve25519-sha256@libssh.org,curve25519-sha256,diffie-hellman-group-exchange-sha256
+        # Modern Ciphers - Prioritizes ChaCha20 and AES-GCM (Authenticated Encryption)
+        Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com
+        # Modern MACs - Prioritizes Encrypt-then-MAC (EtM) modes
+        MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com
+        # temp hmac-md5
+        #MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-md5
+        ControlMaster auto
+        ControlPath ~/.ssh/master-%r@%h:%p
+        ControlPersist 10m
+        Compression yes
+        Connecttimeout 10
+        HashKnownHosts no