{ pkgs, configVars, ... }:
let
  remoteMachineIp = configVars.networking.addresses.remote-builder.ip;
in
{
  nix.distributedBuilds = true;
  nix.settings.builders-use-substitutes = true;

  nix.buildMachines = [
    {
      hostName = remoteMachineIp;
      sshUser = "remotebuild";
      speedFactor = 1;
      maxJobs = 10;
      sshKey = "/root/.ssh/remotebuild";
      system = pkgs.stdenv.hostPlatform.system;
      supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
    }
  ];

  # TODO: set known host here when have static ip on main server
  # programs.ssh.knownHosts = {
  #   "merlin" = {
  #     publicKey = "server pubkey";
  #   };
  # };

  sops.secrets = {
    "ssh_keys/root/remotebuild" = {
      path = "/root/.ssh/remotebuild";
    };
  };
}