7e6efdc136
weasel: use tent cache
2025-09-26 12:35:21 +02:00
17a88aa52e
Add nixfmt-rfc-style to common packages
2025-09-26 12:35:21 +02:00
b88fd61e1a
Add packages to user abonerib
2025-09-26 12:35:20 +02:00
e9845889bd
Add nix-output-monitor to default packages
2025-09-26 12:35:20 +02:00
a3b7a2db07
Set fish shell for user abonerib
2025-09-26 12:35:20 +02:00
d2b64630d0
weasel: create user folders in /var/lib/podman-users
...
/home is a nfs mount, which does not support extra filesystem arguments
needed to run podman. We need to have a local home.
2025-09-26 12:35:20 +02:00
a176d4f0d5
weasel: add podman
2025-09-26 12:35:20 +02:00
30bb59a354
Mega Merge
2025-09-26 12:35:20 +02:00
c993962708
Use hut substituter in all nodes
2025-09-26 12:34:37 +02:00
2e74af2cd8
Enable nosv system feature
2025-09-26 12:32:46 +02:00
9c3fbc0ec9
Mount apex /home via NFS in raccoon
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-26 12:28:53 +02:00
3f8e6b9fcd
Remove extra SSH jump configuration
...
We now have direct visibility among nodes so we don't need any extra
SSH configuration to reach them.
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-26 12:28:51 +02:00
08e4dda6d2
Add raccoon peer to wireguard
...
It routes traffic from fox, apex and the compute nodes so that we can
reach the git servers and tent.
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-26 12:28:48 +02:00
26a4a26ce0
Add raccoon host key
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-26 12:28:46 +02:00
3380ec5e05
Restrict fox peer to a single IP
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-26 12:28:43 +02:00
e934a2bc9d
Use lowercase peer hostnames
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-26 12:28:25 +02:00
3387cbcc25
Share a public folder for documents
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:59:40 +02:00
017e0d82f7
Fix AMDuProfPcm so it finds libnuma.so
...
We change the search procedure so it detects NixOS from /etc/os-release
and uses "libnuma.so" when calling dlopen, instead of harcoding a full
path to /usr. The full patch of libnuma is stored in the runpath, so
dlopen can find it.
Reviewed-by: Aleix Boné <abonerib@bsc.es >
Tested-by: Vincent Arcila <vincent.arcila@bsc.es >
2025-09-19 10:54:36 +02:00
ac5f4e4dca
Add amd_hsmp module in fox for AMD uProf
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:54:24 +02:00
8835dbd764
Add AMD uProf section to fox documentation
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:54:22 +02:00
84830c66e6
Fix hidden dependencies for AMDuProfSys
...
It tries to dlopen libcrypt.so.1 and libstdc++.so.6, so we make sure
they are available by adding them to the runpath.
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:54:19 +02:00
cad88f92a8
Disable NMI watchdog in fox
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:54:17 +02:00
40372cd0d9
Fix amd-uprof dependencies with patchelf
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:54:15 +02:00
4e0e96f6fe
Fix hrtimer new interface
...
The hrtimer_init() is now done via hrtimer_setup() with the callback
function as argument.
See: https://lwn.net/Articles/996598/
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:54:09 +02:00
b021789a6e
Use CFLAGS_MODULE instead of EXTRA_CFLAGS
...
Fixes the build in Linux 6.15.6, as it was not able to find the include
files.
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:54:07 +02:00
3ab0e13960
Add AMD uProf module and enable it in fox
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:54:05 +02:00
0166686b6a
Add AMD uProf package and driver
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:53:49 +02:00
d3b355f651
Add /nfs/home to fox documentation
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 15:34:05 +02:00
2ed881cd89
Mount home via NFS from apex in fox
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 15:34:02 +02:00
2a07df1d30
Allow access to NFS via wireguard subnet
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 15:33:47 +02:00
52380eae59
Use 10.106.0.0/24 subnet to avoid collisions
...
The 106 byte is the code for 'j' (jungle) in ASCII:
% printf j | od -t d
0000000 106
0000001
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:03:13 +02:00
2fe84c4cbc
Update fox documentation for SLURM and FS
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:03:09 +02:00
3b16b41be3
Revert "Remove pam_slurm_adopt from fox"
...
This reverts commit 64a52801edaleix.rocanonell@bsc.es >
2025-09-03 12:03:06 +02:00
ee481deffb
Enable fail2ban in fox
...
Protect fox against ssh bruteforce attacks:
fox% sudo lastb | head
root ssh:notty 200.124.28.102 Mon Sep 1 11:25 - 11:25 (00:00)
root ssh:notty 200.124.28.102 Mon Sep 1 11:25 - 11:25 (00:00)
root ssh:notty 200.124.28.102 Mon Sep 1 11:25 - 11:25 (00:00)
root ssh:notty 200.124.28.102 Mon Sep 1 11:25 - 11:25 (00:00)
root ssh:notty 200.124.28.102 Mon Sep 1 11:25 - 11:25 (00:00)
root ssh:notty 200.124.28.102 Mon Sep 1 11:25 - 11:25 (00:00)
root ssh:notty 200.124.28.102 Mon Sep 1 11:25 - 11:25 (00:00)
root ssh:notty 200.124.28.102 Mon Sep 1 11:25 - 11:25 (00:00)
root ssh:notty 200.124.28.102 Mon Sep 1 11:24 - 11:24 (00:00)
root ssh:notty 200.124.28.102 Mon Sep 1 11:24 - 11:24 (00:00)
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:03:02 +02:00
b1bad25008
Accept connections from apex to fox slurmd
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:03:00 +02:00
85f38e17a2
Accept fox connection to slurm controller
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:02:59 +02:00
08ab01b89c
Add fox machine to SLURM
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:02:57 +02:00
194a6fb7f6
Rekey secrets with trusted fox key
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:02:55 +02:00
365576778b
Trust fox for compute node secrets
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:02:52 +02:00
e7490858c6
Make apex host specific to each machine
...
Allows direct contact via the VPN when accessing from fox, but use
Internet when using the rest of the machines.
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:02:49 +02:00
7606030135
Add local host fox in apex
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:02:46 +02:00
e55590f59e
Enable wireguard in apex
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:02:43 +02:00
c3da39c392
Add wireguard server in fox
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:02:38 +02:00
d3889b3339
Use writeShellScript for suspend.sh and resume.sh
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-08-29 12:35:28 +02:00
28540d8cf3
Add firewall rules to slurm server
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-08-29 12:35:26 +02:00
f847621ceb
Remove hut from slurm
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-08-29 12:35:24 +02:00
12fe43f95f
Only configure apex as slurm server
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-08-29 12:35:22 +02:00
0e8329eef3
Split slurm configuration for client and server
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-08-29 12:35:20 +02:00
df3b21b570
Move slurm control server to apex
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-08-29 12:35:16 +02:00
78df61d24a
Fix typo in csiringo ssh key
...
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2025-08-27 17:44:20 +02:00
