eedeeb39ef
hydra: set listen host
2025-09-25 18:49:19 +02:00
8f6f46abc2
Enable hydra on weasel
2025-09-25 17:37:39 +02:00
075dad2d16
weasel: use tent cache
2025-09-25 17:37:39 +02:00
3ebf9a3c55
Add nixfmt-rfc-style to common packages
2025-09-25 17:37:39 +02:00
da8726b554
Add packages to user abonerib
2025-09-25 17:37:39 +02:00
8f4e613d12
Add nix-output-monitor to default packages
2025-09-25 17:37:39 +02:00
3b2aa2f9a6
Set fish shell for user abonerib
2025-09-25 17:37:39 +02:00
6bf61f740d
weasel: create user folders in /var/lib/podman-users
...
/home is a nfs mount, which does not support extra filesystem arguments
needed to run podman. We need to have a local home.
2025-09-25 17:37:38 +02:00
53087aee4f
weasel: add podman
2025-09-25 17:37:38 +02:00
b704e2c6ad
Mega Merge
2025-09-25 17:37:31 +02:00
0c4928c978
Use hut substituter in all nodes
2025-09-25 17:32:06 +02:00
8e1766db57
Mount apex /home via NFS in raccoon
2025-09-25 15:18:57 +02:00
8b83d1b2a0
Remove extra SSH jump configuration
...
We now have direct visibility among nodes so we don't need any extra
SSH configuration to reach them.
2025-09-25 15:18:52 +02:00
1c0e002079
Add raccoon peer to wireguard
...
It routes traffic from fox, apex and the compute nodes so that we can
reach the git servers and tent.
2025-09-25 15:16:57 +02:00
4a97ca2e18
Add raccoon host key
2025-09-19 13:26:56 +02:00
93586bb12b
Restrict fox peer to a single IP
2025-09-19 13:20:54 +02:00
3160415793
Use lowercase peer hostnames
2025-09-19 13:18:12 +02:00
6193f7dce2
Enable nosv system feature
2025-09-19 11:21:16 +02:00
3387cbcc25
Share a public folder for documents
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:59:40 +02:00
017e0d82f7
Fix AMDuProfPcm so it finds libnuma.so
...
We change the search procedure so it detects NixOS from /etc/os-release
and uses "libnuma.so" when calling dlopen, instead of harcoding a full
path to /usr. The full patch of libnuma is stored in the runpath, so
dlopen can find it.
Reviewed-by: Aleix Boné <abonerib@bsc.es >
Tested-by: Vincent Arcila <vincent.arcila@bsc.es >
2025-09-19 10:54:36 +02:00
ac5f4e4dca
Add amd_hsmp module in fox for AMD uProf
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:54:24 +02:00
8835dbd764
Add AMD uProf section to fox documentation
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:54:22 +02:00
84830c66e6
Fix hidden dependencies for AMDuProfSys
...
It tries to dlopen libcrypt.so.1 and libstdc++.so.6, so we make sure
they are available by adding them to the runpath.
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:54:19 +02:00
cad88f92a8
Disable NMI watchdog in fox
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:54:17 +02:00
40372cd0d9
Fix amd-uprof dependencies with patchelf
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:54:15 +02:00
4e0e96f6fe
Fix hrtimer new interface
...
The hrtimer_init() is now done via hrtimer_setup() with the callback
function as argument.
See: https://lwn.net/Articles/996598/
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:54:09 +02:00
b021789a6e
Use CFLAGS_MODULE instead of EXTRA_CFLAGS
...
Fixes the build in Linux 6.15.6, as it was not able to find the include
files.
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:54:07 +02:00
3ab0e13960
Add AMD uProf module and enable it in fox
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:54:05 +02:00
0166686b6a
Add AMD uProf package and driver
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-19 10:53:49 +02:00
d3b355f651
Add /nfs/home to fox documentation
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 15:34:05 +02:00
2ed881cd89
Mount home via NFS from apex in fox
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 15:34:02 +02:00
2a07df1d30
Allow access to NFS via wireguard subnet
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 15:33:47 +02:00
52380eae59
Use 10.106.0.0/24 subnet to avoid collisions
...
The 106 byte is the code for 'j' (jungle) in ASCII:
% printf j | od -t d
0000000 106
0000001
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:03:13 +02:00
2fe84c4cbc
Update fox documentation for SLURM and FS
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:03:09 +02:00
3b16b41be3
Revert "Remove pam_slurm_adopt from fox"
...
This reverts commit 64a52801edaleix.rocanonell@bsc.es >
2025-09-03 12:03:06 +02:00
ee481deffb
Enable fail2ban in fox
...
Protect fox against ssh bruteforce attacks:
fox% sudo lastb | head
root ssh:notty 200.124.28.102 Mon Sep 1 11:25 - 11:25 (00:00)
root ssh:notty 200.124.28.102 Mon Sep 1 11:25 - 11:25 (00:00)
root ssh:notty 200.124.28.102 Mon Sep 1 11:25 - 11:25 (00:00)
root ssh:notty 200.124.28.102 Mon Sep 1 11:25 - 11:25 (00:00)
root ssh:notty 200.124.28.102 Mon Sep 1 11:25 - 11:25 (00:00)
root ssh:notty 200.124.28.102 Mon Sep 1 11:25 - 11:25 (00:00)
root ssh:notty 200.124.28.102 Mon Sep 1 11:25 - 11:25 (00:00)
root ssh:notty 200.124.28.102 Mon Sep 1 11:25 - 11:25 (00:00)
root ssh:notty 200.124.28.102 Mon Sep 1 11:24 - 11:24 (00:00)
root ssh:notty 200.124.28.102 Mon Sep 1 11:24 - 11:24 (00:00)
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:03:02 +02:00
b1bad25008
Accept connections from apex to fox slurmd
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:03:00 +02:00
85f38e17a2
Accept fox connection to slurm controller
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:02:59 +02:00
08ab01b89c
Add fox machine to SLURM
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:02:57 +02:00
194a6fb7f6
Rekey secrets with trusted fox key
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:02:55 +02:00
365576778b
Trust fox for compute node secrets
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:02:52 +02:00
e7490858c6
Make apex host specific to each machine
...
Allows direct contact via the VPN when accessing from fox, but use
Internet when using the rest of the machines.
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:02:49 +02:00
7606030135
Add local host fox in apex
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:02:46 +02:00
e55590f59e
Enable wireguard in apex
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:02:43 +02:00
c3da39c392
Add wireguard server in fox
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:02:38 +02:00
d3889b3339
Use writeShellScript for suspend.sh and resume.sh
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-08-29 12:35:28 +02:00
28540d8cf3
Add firewall rules to slurm server
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-08-29 12:35:26 +02:00
f847621ceb
Remove hut from slurm
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-08-29 12:35:24 +02:00
12fe43f95f
Only configure apex as slurm server
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-08-29 12:35:22 +02:00
0e8329eef3
Split slurm configuration for client and server
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-08-29 12:35:20 +02:00
