Add strawberry as a remote builder

shared/core/nix.nix

@@ -4,20 +4,42 @@ let cfg = config.custom.nix;
 
 in with lib; {
 
-  options.custom.nix = {};
+  options.custom.nix = {
+    distributedBuilds.enable = mkEnableOption "distributed builds on strawberry";
+  };
 
   # TODO: Add strawberry as a build machine here
   config = {
     nixpkgs.config.allowUnfree = true;
-    nix.extraOptions = ''
-      experimental-features = nix-command flakes
-    '';
-    nix.registry.nixpkgs.flake = nixpkgs;
-    nix.registry.pwnix.flake = pwnix;
-    nix.settings.trusted-users = [
-      "@wheel"
-      "root"
-    ];
+  	nix = {
+  		distributedBuilds = true;
+  		buildMachines = [{
+        hostName = "strawberry";
+        sshUser  = "nix-build";
+        sshKey   = "/etc/ssh/ssh_host_ed25519_key";
+
+        systems = [
+          "x86_64-linux"
+          "aarch64-linux"
+        ];
+
+        supportedFeatures = [
+          "nixos-test"
+          "benchmark"
+          "big-parallel"
+          "kvm"
+        ];
+  		}];
+      extraOptions = ''
+        experimental-features = nix-command flakes
+      '';
+      registry.nixpkgs.flake = nixpkgs;
+      registry.pwnix.flake = pwnix;
+      settings.trusted-users = [
+        "@wheel"
+        "root"
+      ];
+  	};
   };
 
 }

system/strawberry/core.nix

@@ -43,6 +43,16 @@
     initrd.luks.devices.nixos.device = "/dev/disk/by-uuid/6bd51990-1584-422c-94bb-32ea952e5cd2";
   };
 
+  # Make a user called "nix-build" which
+  users.users."nix-build" = {
+    isSystemUser = true;
+    group = "nix-build";
+    openssh.authorizedKeys.keyFiles = 
+      let userKey = sys: ../../system/${sys}/keys/root.pub;
+      in map userKey [ "lime" ];
+  };
+  nix.settings.trusted-users = [ "nix-build" ];
+
   fileSystems."/" = {
     device = "/dev/disk/by-uuid/f3cdd2ab-62ba-4d72-8a28-b3adc0ec3997";
     fsType = "ext4";