abonerib/jungle
1
0
Fork 0
forked from rarias/jungle
Code Pull Requests Activity
1,553 Commits 25 Branches 0 Tags
master
Commit Graph

1553 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rodrigo Arias Mallo
f71e807d47 Add remote sblame probe to prometheus 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-03-11 16:48:15 +01:00
Rodrigo Arias Mallo
461d96dc75 Allow access to postgresql socket from CI runner 
Fixes: rarias/jungle#237
Cc: Antoni Navarro <antoni.navarro@bsc.es>
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-03-11 12:41:06 +01:00
Rodrigo Arias Mallo
26d9e3d432 Grant gitlab-runner user access to perftestsdb 
Cc: Antoni Navarro <antoni.navarro@bsc.es>
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-03-11 12:40:21 +01:00
Rodrigo Arias Mallo
5c30975b8b Mount NFS home in tent at /nfs/home 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-03-09 15:27:41 +01:00
Rodrigo Arias Mallo
d4c00679ee Increase NFS subnet to allow tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-03-09 15:27:41 +01:00
Rodrigo Arias Mallo
32a576e870 Copy Gitea backup in /ceph too 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-03-09 15:27:37 +01:00
Rodrigo Arias Mallo
8197221146 Mount /ceph in tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-03-09 08:52:11 +01:00
Rodrigo Arias Mallo
374cd4ce48 Allow tent to reach ceph 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-03-09 08:52:08 +01:00
Rodrigo Arias Mallo
d3e54b7c99 Rekey secrets adding tent for ceph 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-03-09 08:52:05 +01:00
Rodrigo Arias Mallo
46b7efb5ac Rename Gitea backup service and directory 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-03-09 08:51:48 +01:00
Aleix Boné
56ab099017 Override files in rotating gitea dump service 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2026-03-09 08:51:44 +01:00
Aleix Boné
2654b9fdd9 Enable rotating gitea backups 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2026-03-09 08:51:23 +01:00
Rodrigo Arias Mallo
84a5cb09ee Use host mode for docker network 
In order to reduce the traffic of the secondary Ethernet device we need
to be able to directly use the physical device instead of the virtual
one. For now use the host mode and see later if we can revert it.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-03-05 15:29:23 +01:00
Aleix Boné
4899d20748 Fix weasel infiniband interface name 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2026-02-26 10:26:01 +01:00
Rodrigo Arias Mallo
76cd6d64b2 Add ssanzmar user to apex and fox 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-02-24 14:06:12 +01:00
Rodrigo Arias Mallo
8dab0d82ba Update fox documentation in website 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-02-04 15:08:13 +01:00
Rodrigo Arias Mallo
958dcd4774 Add emonteir user to apex and fox 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-02-04 15:08:08 +01:00
Aleix Boné
7a6e4232de Add nom and nixfmt-tree to system packages 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2026-02-03 15:17:30 +01:00
Aleix Boné
3b56e905e5 Add standalone home-manager to system packages 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2026-02-03 15:17:29 +01:00
Aleix Boné
2d41309466 Format and sort default package list 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2026-02-03 15:17:24 +01:00
Rodrigo Arias Mallo
deb0cd1488 Allow USB access to TC1 from Gitlab Runner 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-01-23 17:56:16 +01:00
Rodrigo Arias Mallo
cd1f502ecc Allow user USB access to FTDI device in tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-01-23 17:56:11 +01:00
Rodrigo Arias Mallo
dda6a66782 Fix gitea user to allow sending email 
In order to send email, the gitea user needs to be in the mail-robot
group.

Fixes: rarias/jungle#220
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-01-20 12:18:52 +01:00
Rodrigo Arias Mallo
22420e6ac8 Remove unneeded perf package from eudy 
It is already included in the base list of packages, which is now only
"perf" and doesn't depend on the kernel version.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-01-20 12:18:49 +01:00
Rodrigo Arias Mallo
a71cd78b4c Fix infiniband interface names 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-01-20 12:18:46 +01:00
Rodrigo Arias Mallo
e84a2cadbb flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/8bb5646e0bed5dbd3ab08c7a7cc15b75ab4e1d0f?narHash=sha256-SqUuBFjhl/kpDiVaKLQBoD8TLD%2B/cTUzzgVFoaHrkqY%3D' (2025-11-30)
  → 'github:NixOS/nixpkgs/3c9db02515ef1d9b6b709fc60ba9a540957f661c?narHash=sha256-2GffSfQxe3sedHzK%2BsTKlYo/NTIAGzbFCIsNMUPAAnk%3D' (2026-01-05)

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-01-20 12:18:41 +01:00
Aleix Boné
d3e43eb651 Remove conflicting definitions in amd-uprof-driver 
See: https://lkml.org/lkml/2025/4/9/1709

Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2026-01-20 12:15:18 +01:00
Aleix Boné
a491546ffb Mark mcxx as broken and remove from package list 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2026-01-20 12:15:14 +01:00
Aleix Boné
933c78a80b Fix moved package linuxPackages.perf is now perf 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2026-01-20 12:15:10 +01:00
Aleix Boné
150969be9b Fix replaced nixseparatedebuginfod 
nixseparatedebuginfod has been replaced by nixseparatedebuginfod2

Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2026-01-20 12:15:06 +01:00
Aleix Boné
9097729759 Use standard gcc for intel packages 
This reverts 26f52aa27d

Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2026-01-20 12:15:02 +01:00
Aleix Boné
779449f1db Fix renamed option watchdog.runtimeTime 
The option 'systemd.watchdog.runtimeTime' has been renamed to
'systemd.settings.Manager.RuntimeWatchdogSec'.

Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2026-01-20 12:14:59 +01:00
Aleix Boné
6cbe33bd80 Replace wrapGAppsHook with wrapGAppsHook3 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2026-01-20 12:14:56 +01:00
Aleix Boné
3f1f5ae8f2 Fix changed cudaPackages.cuda_cudart output 
See: https://github.com/NixOS/nixpkgs/pull/437723
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2026-01-20 12:14:49 +01:00
Aleix Boné
fe8586e780 Set pyproject=true in buildPythonApplication 
The buildPythonPackage and buildPythonApplication functions now
  require an explicit format attribute. Previously the default format
  used setuptools and called setup.py from the source tree, which is
  deprecated. The modern alternative is to configure pyproject = true
  with build-system = [ setuptools ].

Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2026-01-20 12:14:31 +01:00
Aleix Boné
8677adba27 Fix renamed llvm bintools 
Moved from llvmPackages_latest.tools.bintools to
llvmPackages_latest.bintools

Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2026-01-20 12:14:27 +01:00
Aleix Boné
f614149edf Upgrade nixpkgs to 25.11 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2026-01-20 12:14:11 +01:00
Vincent A. Arcila
859eebda98 Change varcila shell to zsh 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2026-01-07 13:22:17 +01:00
Rodrigo Arias Mallo
c2a201b085 Increase fail2ban ban time on each attempt 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-01-07 13:14:34 +01:00
Rodrigo Arias Mallo
f921f0a4bd Disable password login via SSH in apex 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-01-07 13:14:30 +01:00
Rodrigo Arias Mallo
aa16bfc0bc Enable fail2ban in apex login node 
We are seeing a lot of failed attempts from the same IPs:

    apex% sudo journalctl -u sshd -b0 | grep 'Failed password' | wc -l
    2441

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-01-07 13:14:22 +01:00
Aleix Boné
a173af654f Fix osu cross-compilation 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2025-10-31 16:23:46 +01:00
Aleix Boné
2fff7e4a7b Set mpich default compilers from targetPackages 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2025-10-31 16:23:46 +01:00
Aleix Boné
a761b73336 Enable meta.cross for mpich related packages 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2025-10-31 16:23:46 +01:00
Aleix Boné
86eb796771 Disable meta.cross for gpi-2 and tagaspi 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2025-10-31 16:23:46 +01:00
Aleix Boné
08633435cf Fix nativeBuildInputs for tagaspi 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2025-10-31 16:23:46 +01:00
Aleix Boné
39d64456a4 Fix nativeBuildInputs for gpi-2 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2025-10-31 16:23:46 +01:00
Aleix Boné
410040a4a0 Fix mpich cross compilation (disable fortran) 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2025-10-31 16:23:46 +01:00
Rodrigo Arias Mallo
fc69ef3217 Enable pam_slurm_adopt in all compute nodes 
Prevents access to owl1 and owl2 too if the user doesn't have any jobs
running there.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-31 11:41:50 +01:00
Rodrigo Arias Mallo
1d025f7a38 Don't suspend owl compute nodes 
Currently the owl nodes are located on top of the rack and turning them
off causes a high temperature increase at that region, which accumulates
heat from the whole rack. To maximize airflow we will leave them on at
all times. This also makes allocations immediate at the extra cost of
around 200 W.

In the future, if we include more nodes in SLURM we can configure those
to turn off if needed.

Fixes: rarias/jungle#156
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-31 11:41:44 +01:00