abonerib/jungle
1
0
Fork 0
forked from rarias/jungle
Code Pull Requests Activity

Compare commits

base: abonerib:fix/cross-clang
Branches Tags
abonerib:master abonerib:fix/cross/ompss-2 abonerib:mega-merge abonerib:pkgs/tacuda abonerib:pkgs/pocl abonerib:pkgs/tasycl abonerib:enableStrictDeps abonerib:upgrade/25.11 abonerib:fix/cross-clang abonerib:add-private abonerib:fix/paraver abonerib:pkgs/gromacs abonerib:pkgs/aocc abonerib:pkgs/clsparse abonerib:pkgs/taopencl abonerib:quick-shell abonerib:fix/gcc14 abonerib:remove-old abonerib:remove-inputs abonerib:weasel-hydra abonerib:feat/hydra rarias:master rarias:enableStrictDeps rarias:fox-regression rarias:pkgs/tacuda rarias:pkgs/tasycl rarias:robust-fetchGit rarias:old-master rarias:gitea-lfs rarias:only-restart-logins rarias:monitor-gpfs-home rarias:add-tent-machine rarias:m/raccoon rarias:add-fpga-u280 rarias:maintenance-purchase rarias:add-fox-machine rarias:share-files rarias:shared-nix-store rarias:intro-nix rarias:lake2-ipoib
..
compare: abonerib:f921f0a4bd75fb8b58df4037a9564f9a22200b01
Branches Tags
abonerib:fix/cross/ompss-2 abonerib:mega-merge abonerib:pkgs/tacuda abonerib:pkgs/pocl abonerib:pkgs/tasycl abonerib:enableStrictDeps abonerib:upgrade/25.11 abonerib:fix/cross-clang abonerib:master abonerib:add-private abonerib:fix/paraver abonerib:pkgs/gromacs abonerib:pkgs/aocc abonerib:pkgs/clsparse abonerib:pkgs/taopencl abonerib:quick-shell abonerib:fix/gcc14 abonerib:remove-old abonerib:remove-inputs abonerib:weasel-hydra abonerib:feat/hydra rarias:master rarias:enableStrictDeps rarias:fox-regression rarias:pkgs/tacuda rarias:pkgs/tasycl rarias:robust-fetchGit rarias:old-master rarias:gitea-lfs rarias:only-restart-logins rarias:monitor-gpfs-home rarias:add-tent-machine rarias:m/raccoon rarias:add-fpga-u280 rarias:maintenance-purchase rarias:add-fox-machine rarias:share-files rarias:shared-nix-store rarias:intro-nix rarias:lake2-ipoib

2 Commits
fix/cross- ... f921f0a4bd

Author SHA1 Message Date
Rodrigo Arias Mallo
f921f0a4bd Disable password login via SSH in apex 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-01-07 13:14:30 +01:00
Rodrigo Arias Mallo
aa16bfc0bc Enable fail2ban in apex login node 
We are seeing a lot of failed attempts from the same IPs:

    apex% sudo journalctl -u sshd -b0 | grep 'Failed password' | wc -l
    2441

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2026-01-07 13:14:22 +01:00
2 changed files with 5 additions and 3 deletions
Expand all files Collapse all files

5
m/apex/configuration.nix
View File

@@ -57,6 +57,11 @@
};
};
services.fail2ban.enable = true;
# Disable SSH login with password, allow only keypair
services.openssh.settings.PasswordAuthentication = false;
networking.firewall = {
extraCommands = ''
# Blackhole BSC vulnerability scanner (OpenVAS) as it is spamming our

3
pkgs/llvm-ompss2/clang.nix
View File

@@ -17,7 +17,6 @@
, gitUrl ? "ssh://git@bscpm04.bsc.es/llvm-ompss/llvm-mono.git"
, gitBranch ? "master"
, gitCommit ? "872ba63f86edaefc9787984ef3fae9f2f94e0124" # github-release-2025.11
, buildLlvmPackages
}:
let
@@ -120,8 +119,6 @@ in stdenv.mkDerivation {
"-DCMAKE_INSTALL_RPATH=${zlib}/lib:${gcc.cc.lib}/lib"
"-DLLVM_APPEND_VC_REV=ON"
"-DLLVM_FORCE_VC_REVISION=${source.version}"
"-DLLVM_TABLEGEN_EXE=${buildLlvmPackages.tblgen}/bin/llvm-tblgen"
"-DCLANG_TABLEGEN=${buildLlvmPackages.tblgen}/bin/clang-tblgen"
)
'';