Enable meta.cross for mpich related packages

Disable meta.cross for gpi-2 and tagaspi
Fix nativeBuildInputs for tagaspi
2025-10-30 17:22:12 +01:00 · 2025-10-30 17:22:12 +01:00 · 2025-10-30 17:22:12 +01:00 · 2025-10-30 17:22:12 +01:00 · 2025-10-30 17:22:11 +01:00
14 changed files with 96 additions and 119 deletions
--- a/m/apex/configuration.nix
+++ b/m/apex/configuration.nix
@@ -57,18 +57,6 @@
    };
  };

-  services.fail2ban = {
-    enable = true;
-    maxretry = 5;
-    bantime-increment = {
-      enable = true; # Double ban time on each attack
-      maxtime = "7d"; # Ban up to a week
-    };
-  };
-
-  # Disable SSH login with password, allow only keypair
-  services.openssh.settings.PasswordAuthentication = false;
-
  networking.firewall = {
    extraCommands = ''
      # Blackhole BSC vulnerability scanner (OpenVAS) as it is spamming our
--- a/m/common/base/users.nix
+++ b/m/common/base/users.nix
@@ -139,7 +139,6 @@
        openssh.authorizedKeys.keys = [
          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKGt0ESYxekBiHJQowmKpfdouw0hVm3N7tUMtAaeLejK vincent@varch"
        ];
-        shell = pkgs.zsh;
      };

      pmartin1 = {
--- a/m/fox/configuration.nix
+++ b/m/fox/configuration.nix
@@ -93,4 +93,20 @@
    wantedBy = [ "multi-user.target" ];
    serviceConfig.ExecStart = script;
  };
+
+  # Only allow SSH connections from users who have a SLURM allocation
+  # See: https://slurm.schedmd.com/pam_slurm_adopt.html
+  security.pam.services.sshd.rules.account.slurm = {
+    control = "required";
+    enable = true;
+    modulePath = "${pkgs.slurm}/lib/security/pam_slurm_adopt.so";
+    args = [ "log_level=debug5" ];
+    order = 999999; # Make it last one
+  };
+
+  # Disable systemd session (pam_systemd.so) as it will conflict with the
+  # pam_slurm_adopt.so module. What happens is that the shell is first adopted
+  # into the slurmstepd task and then into the systemd session, which is not
+  # what we want, otherwise it will linger even if all jobs are gone.
+  security.pam.services.sshd.startSession = lib.mkForce false;
 }
--- a/m/module/slurm-client.nix
+++ b/m/module/slurm-client.nix
@@ -1,4 +1,4 @@
-{ lib, pkgs, ... }:
+{ lib, ... }:

 {
  imports = [
@@ -21,20 +21,4 @@
  };

  services.slurm.client.enable = true;
-
-  # Only allow SSH connections from users who have a SLURM allocation
-  # See: https://slurm.schedmd.com/pam_slurm_adopt.html
-  security.pam.services.sshd.rules.account.slurm = {
-    control = "required";
-    enable = true;
-    modulePath = "${pkgs.slurm}/lib/security/pam_slurm_adopt.so";
-    args = [ "log_level=debug5" ];
-    order = 999999; # Make it last one
-  };
-
-  # Disable systemd session (pam_systemd.so) as it will conflict with the
-  # pam_slurm_adopt.so module. What happens is that the shell is first adopted
-  # into the slurmstepd task and then into the systemd session, which is not
-  # what we want, otherwise it will linger even if all jobs are gone.
-  security.pam.services.sshd.startSession = lib.mkForce false;
 }
--- a/m/module/slurm-common.nix
+++ b/m/module/slurm-common.nix
@@ -1,6 +1,31 @@
 { config, pkgs, ... }:

-{
+let
+  suspendProgram = pkgs.writeShellScript "suspend.sh" ''
+    exec 1>>/var/log/power_save.log 2>>/var/log/power_save.log
+    set -x
+    export "PATH=/run/current-system/sw/bin:$PATH"
+    echo "$(date) Suspend invoked $0 $*" >> /var/log/power_save.log
+    hosts=$(scontrol show hostnames $1)
+    for host in $hosts; do
+      echo Shutting down host: $host
+      ipmitool -I lanplus -H ''${host}-ipmi -P "" -U "" chassis power off
+    done
+  '';
+
+  resumeProgram = pkgs.writeShellScript "resume.sh" ''
+    exec 1>>/var/log/power_save.log 2>>/var/log/power_save.log
+    set -x
+    export "PATH=/run/current-system/sw/bin:$PATH"
+    echo "$(date) Suspend invoked $0 $*" >> /var/log/power_save.log
+    hosts=$(scontrol show hostnames $1)
+    for host in $hosts; do
+      echo Starting host: $host
+      ipmitool -I lanplus -H ''${host}-ipmi -P "" -U "" chassis power on
+    done
+  '';
+
+in {
  services.slurm = {
    controlMachine = "apex";
    clusterName = "jungle";
@@ -34,6 +59,16 @@
      # the resources. Use the task/cgroup plugin to enable process containment.
      TaskPlugin=task/affinity,task/cgroup

+      # Power off unused nodes until they are requested
+      SuspendProgram=${suspendProgram}
+      SuspendTimeout=60
+      ResumeProgram=${resumeProgram}
+      ResumeTimeout=300
+      SuspendExcNodes=fox
+
+      # Turn the nodes off after 1 hour of inactivity
+      SuspendTime=3600
+
      # Reduce port range so we can allow only this range in the firewall
      SrunPortRange=60000-61000

--- a/overlay.nix
+++ b/overlay.nix
@@ -12,9 +12,9 @@ let
    bench6 = callPackage ./pkgs/bench6/default.nix { };
    bigotes = callPackage ./pkgs/bigotes/default.nix { };
    clangOmpss2 = callPackage ./pkgs/llvm-ompss2/default.nix { };
-    clangOmpss2Nanos6 = callPackage ./pkgs/llvm-ompss2/default.nix { useNanos6 = true; };
-    clangOmpss2Nodes = callPackage ./pkgs/llvm-ompss2/default.nix { useNodes = true; useOpenmp = true; };
-    clangOmpss2NodesOmpv = callPackage ./pkgs/llvm-ompss2/default.nix { useNodes = true; useOpenmpV = true; };
+    clangOmpss2Nanos6 = callPackage ./pkgs/llvm-ompss2/default.nix { ompss2rt = final.nanos6; };
+    clangOmpss2Nodes = callPackage ./pkgs/llvm-ompss2/default.nix { ompss2rt = final.nodes; openmp = final.openmp; };
+    clangOmpss2NodesOmpv = callPackage ./pkgs/llvm-ompss2/default.nix { ompss2rt = final.nodes; openmp = final.openmpv; };
    clangOmpss2Unwrapped = callPackage ./pkgs/llvm-ompss2/clang.nix { };
    cudainfo = prev.callPackage ./pkgs/cudainfo/default.nix { };
    #extrae = callPackage ./pkgs/extrae/default.nix { }; # Broken and outdated
@@ -54,10 +54,10 @@ let
    #psmpi = callPackage ./pkgs/parastation/psmpi.nix { }; # Unmaintaned
    slurm = import ./pkgs/slurm/default.nix { slurm = prev.slurm; };
    sonar = callPackage ./pkgs/sonar/default.nix { };
-    stdenvClangOmpss2 = final.stdenv.override { cc = final.buildPackages.clangOmpss2; allowedRequisites = null; };
-    stdenvClangOmpss2Nanos6 = final.stdenv.override { cc = final.buildPackages.clangOmpss2Nanos6; allowedRequisites = null; };
-    stdenvClangOmpss2Nodes = final.stdenv.override { cc = final.buildPackages.clangOmpss2Nodes; allowedRequisites = null; };
-    stdenvClangOmpss2NodesOmpv = final.stdenv.override { cc = final.buildPackages.clangOmpss2NodesOmpv; allowedRequisites = null; };
+    stdenvClangOmpss2 = final.stdenv.override { cc = final.clangOmpss2; allowedRequisites = null; };
+    stdenvClangOmpss2Nanos6 = final.stdenv.override { cc = final.clangOmpss2Nanos6; allowedRequisites = null; };
+    stdenvClangOmpss2Nodes = final.stdenv.override { cc = final.clangOmpss2Nodes; allowedRequisites = null; };
+    stdenvClangOmpss2NodesOmpv = final.stdenv.override { cc = final.clangOmpss2NodesOmpv; allowedRequisites = null; };
    tagaspi = callPackage ./pkgs/tagaspi/default.nix { };
    tampi = callPackage ./pkgs/tampi/default.nix { };
    upc-qaire-exporter = prev.callPackage ./pkgs/upc-qaire-exporter/default.nix { };
@@ -101,16 +101,14 @@ let
  pkgsTopLevel = filterAttrs (_: isDerivation) bscPkgs;

  # Native build in that platform doesn't imply cross build works
-  canCrossCompile = platform: default: pkg:
+  canCrossCompile = platform: pkg:
    (isDerivation pkg) &&
-    # If meta.cross is undefined, use default
-    (pkg.meta.cross or default) &&
-    (meta.availableOn final.pkgsCross.${platform}.stdenv.hostPlatform pkg);
+    # Must be defined explicitly
+    (pkg.meta.cross or false) &&
+    (meta.availableOn platform pkg);

  # For now only RISC-V
-  crossSet = genAttrs [ "riscv64" ] (platform:
-    filterAttrs (_: canCrossCompile platform true)
-      final.pkgsCross.${platform}.bsc.pkgsTopLevel);
+  crossSet = { riscv64 = final.pkgsCross.riscv64.bsc.pkgsTopLevel; };

  buildList = name: paths:
    final.runCommandLocal name { } ''
@@ -130,7 +128,7 @@ let
  # For now only RISC-V
  crossList = buildList "ci-cross"
    (filter
-      (canCrossCompile "riscv64" false) # opt-in (pkgs with: meta.cross = true)
+      (canCrossCompile final.pkgsCross.riscv64.stdenv.hostPlatform)
        (builtins.attrValues crossSet.riscv64));

 in bscPkgs // {
--- a/pkgs/amd-uprof/default.nix
+++ b/pkgs/amd-uprof/default.nix
@@ -90,7 +90,7 @@ in
    meta = {
      description = "Performance analysis tool-suite for x86 based applications";
      homepage = "https://www.amd.com/es/developer/uprof.html";
-      platforms = [ "x86_64-linux" ];
+      platforms = lib.platforms.linux;
      license = lib.licenses.unfree;
      maintainers = with lib.maintainers.bsc; [ rarias varcila ];
    };
--- a/pkgs/cudainfo/default.nix
+++ b/pkgs/cudainfo/default.nix
@@ -1,6 +1,5 @@
 {
  stdenv
-, lib
 , cudatoolkit
 , cudaPackages
 , autoAddDriverRunpath
@@ -41,9 +40,4 @@ stdenv.mkDerivation (finalAttrs: {
    '';
    installPhase = "touch $out";
  };
-
-  meta = {
-    platforms = [ "x86_64-linux" ];
-    maintainers = with lib.maintainers.bsc; [ rarias ];
-  };
 })
--- a/pkgs/gpi-2/default.nix
+++ b/pkgs/gpi-2/default.nix
@@ -43,7 +43,7 @@ stdenv.mkDerivation rec {

  configureFlags = [
    "--with-infiniband=${rdma-core-all}"
-    "--with-mpi=yes" # fixes mpi detection when cross-compiling
+    "--with-mpi=yes"
    "--with-slurm"
    "CFLAGS=-fPIC"
    "CXXFLAGS=-fPIC"
@@ -70,6 +70,6 @@ stdenv.mkDerivation rec {
    maintainers = with lib.maintainers.bsc; [ rarias ];
    platforms = lib.platforms.linux;
    license = lib.licenses.gpl3Plus;
-    cross = false; # infiniband detection does not work
+    cross = false;
  };
 }
--- a/pkgs/llvm-ompss2/clang.nix
+++ b/pkgs/llvm-ompss2/clang.nix
@@ -1,9 +1,9 @@
 {
-  stdenv
-, llvmPackages_latest
+  llvmPackages_latest
 , lib
 , fetchFromGitHub
 , cmake
+, bash
 , python3
 , perl
 , which
@@ -11,6 +11,7 @@
 , libffi
 , zlib
 , pkg-config
+, gcc # needed to set the rpath of libstdc++ for clang-tblgen
 , enableDebug ? false
 , useGit ? false
 , gitUrl ? "ssh://git@bscpm04.bsc.es/llvm-ompss/llvm-mono.git"
@@ -19,10 +20,7 @@
 }:

 let
-  llvmPackages = llvmPackages_latest;
-  llvmStdenv = llvmPackages.stdenv;
-  # needed to set the rpath of libstdc++ for clang-tblgen
-  gcc = stdenv.cc;
+  stdenv = llvmPackages_latest.stdenv;

  release = rec {
    version = "2025.11";
@@ -45,7 +43,7 @@ let

  source = if (useGit) then git else release;

-in llvmStdenv.mkDerivation {
+in stdenv.mkDerivation {
  pname = "clang-ompss2";
  inherit (source) src version;

@@ -62,12 +60,13 @@ in llvmStdenv.mkDerivation {
  };

  nativeBuildInputs = [
+    bash
    cmake
    elfutils
-    llvmPackages.lld
-    perl
+    llvmPackages_latest.lld
    pkg-config
    python3
+    perl
    which
    zlib
  ];
@@ -98,13 +97,8 @@ in llvmStdenv.mkDerivation {
    cd build
    cmakeDir="../llvm"
    cmakeFlagsArray=(
-      "-DLLVM_HOST_TRIPLE=${llvmStdenv.targetPlatform.config}"
-    '' + (if "${llvmStdenv.targetPlatform.config}" == "riscv64-unknown-linux-gnu" then ''
-      "-DLLVM_DEFAULT_TARGET_TRIPLE=riscv64-unknown-linux-gnu"
-      "-DLLVM_TARGETS_TO_BUILD=RISCV"
-    '' else ''
+      "-DLLVM_HOST_TRIPLE=${stdenv.targetPlatform.config}"
      "-DLLVM_TARGETS_TO_BUILD=host"
-    '') + ''
      "-DLLVM_BUILD_LLVM_DYLIB=ON"
      "-DLLVM_LINK_LLVM_DYLIB=ON"
      # Required to run clang-ast-dump and clang-tblgen during build
@@ -113,8 +107,7 @@ in llvmStdenv.mkDerivation {
      "-DCMAKE_CXX_FLAGS_DEBUG=-g -ggnu-pubnames"
      "-DCMAKE_EXE_LINKER_FLAGS_DEBUG=-Wl,--gdb-index"
      "-DLLVM_LIT_ARGS=-sv --xunit-xml-output=xunit.xml"
-      "-DLLVM_ENABLE_PROJECTS=clang;lld"
-      #"-DLLVM_ENABLE_PROJECTS=clang;compiler-rt;lld"
+      "-DLLVM_ENABLE_PROJECTS=clang;compiler-rt;lld"
      "-DLLVM_ENABLE_ASSERTIONS=ON"
      "-DLLVM_INSTALL_TOOLCHAIN_ONLY=ON"
      "-DCMAKE_INSTALL_BINDIR=bin"
@@ -124,8 +117,8 @@ in llvmStdenv.mkDerivation {
      # install
      "-DCMAKE_INSTALL_RPATH_USE_LINK_PATH=ON"
      "-DCMAKE_INSTALL_RPATH=${zlib}/lib:${gcc.cc.lib}/lib"
-      #"-DLLVM_APPEND_VC_REV=ON"
-      #"-DLLVM_FORCE_VC_REVISION=${source.version}"
+      "-DLLVM_APPEND_VC_REV=ON"
+      "-DLLVM_FORCE_VC_REVISION=${source.version}"
    )
  '';

--- a/pkgs/llvm-ompss2/default.nix
+++ b/pkgs/llvm-ompss2/default.nix
@@ -3,43 +3,25 @@
 , lib
 , gcc
 , clangOmpss2Unwrapped
-
-, openmp
-, useOpenmp  ? false
-, openmpv
-, useOpenmpV ? false
-, nanos6
-, useNanos6 ? false
-, nodes
-, useNodes ? false
-
+, openmp ? null
 , wrapCCWith
 , llvmPackages_latest
+, ompss2rt ? null
 }:

 with lib;

 let
-  getSplice = target: pkg: if pkg ? "__spliced" && pkg.__spliced ? target then pkg.__spliced."${target}" else pkg;
-  #getSpliceTargetTarget = pkg: if pkg ? "__spliced" && pkg.__spliced ? "targetTarget" then pkg.__spliced.targetTarget else pkg;
-  getSpliceTargetTarget = getSplice "targetTarget";
-  omp = if useOpenmp then openmp else if useOpenmpV then openmpv else null;
-  ompss2rtUnspliced = if useNanos6 then nanos6 else if useNodes then nodes else null;
-  ompss2rt = getSpliceTargetTarget ompss2rtUnspliced;
-  usingNodesAndOmpv = (omp.pname == "openmp-v" && ompss2rt.pname == "nodes");
-  sameNosvUnspliced = omp.nosv == ompss2rtUnspliced.nosv;
-  sameNosvSpliced = (getSpliceTargetTarget omp.nosv) == ompss2rt.nosv;
+  usingNodesAndOmpv = (openmp.pname == "openmp-v" && ompss2rt.pname == "nodes");
+  sameNosv = openmp.nosv == ompss2rt.nosv;
 in

-assert assertMsg (usingNodesAndOmpv -> sameNosvUnspliced) "OpenMP-V and NODES must share the same nOS-V before splice";
-assert assertMsg (usingNodesAndOmpv -> sameNosvSpliced) "OpenMP-V and NODES must share the same nOS-V after splice";
-assert assertMsg (useOpenmp -> !useOpenmpV) "Either OpenMP or OpenMP-V may be enabled, but not both";
-assert assertMsg (useNanos6 -> !useNodes) "Either Nanos6 or NODES may be enabled, but not both";
+assert assertMsg (usingNodesAndOmpv -> sameNosv) "OpenMP-V and NODES must share the same nOS-V";

 let
  homevar = if ompss2rt.pname == "nanos6" then "NANOS6_HOME" else "NODES_HOME";
  rtname  = if ompss2rt.pname == "nanos6" then "libnanos6" else "libnodes";
-  ompname = if omp.pname == "openmp-v" then  "libompv" else "libomp";
+  ompname = if openmp.pname == "openmp-v" then  "libompv" else "libomp";


  # We need to replace the lld linker from bintools with our linker just built,
@@ -55,13 +37,12 @@ let
  inherit gcc;
  cc = clangOmpss2Unwrapped;
  gccVersion = with versions; let v = gcc.version; in concatStringsSep "." [(major v) (minor v) (patch v)];
-in (wrapCCWith {
+in wrapCCWith {
  inherit cc bintools;
  # extraPackages adds packages to depsTargetTargetPropagated
-  extraPackages = optional (omp != null) omp;
+  extraPackages = optional (openmp != null) openmp;
  extraBuildCommands = ''
    echo "-target ${targetConfig}" >> $out/nix-support/cc-cflags
-    #echo "-fuse-ld=lld" >> $out/nix-support/cc-cflags
    echo "-B${gcc.cc}/lib/gcc/${targetConfig}/${gccVersion}" >> $out/nix-support/cc-cflags
    echo "-L${gcc.cc}/lib/gcc/${targetConfig}/${gccVersion}" >> $out/nix-support/cc-ldflags
    echo "-L${gcc.cc.lib}/lib" >> $out/nix-support/cc-ldflags
@@ -75,17 +56,15 @@ in (wrapCCWith {

    echo "--gcc-toolchain=${gcc}" >> $out/nix-support/cc-cflags

-    wrap ${targetConfig}clang++  $wrapper $ccPath/clang++
-    wrap ${targetConfig}clang    $wrapper $ccPath/clang
+    wrap clang++  $wrapper $ccPath/clang++

-  '' + optionalString (omp != null) ''
+  '' + optionalString (openmp != null) ''
    echo "export OPENMP_RUNTIME=${ompname}" >> $out/nix-support/cc-wrapper-hook
  '' + optionalString (ompss2rt != null) ''
    echo "export OMPSS2_RUNTIME=${rtname}" >> $out/nix-support/cc-wrapper-hook
    echo "export ${homevar}=${ompss2rt}"   >> $out/nix-support/cc-wrapper-hook
  '' + optionalString (ompss2rt != null && ompss2rt.pname == "nodes") ''
-    echo "export NOSV_HOME=${ompss2rt}" >> $out/nix-support/cc-wrapper-hook
+    echo "export NOSV_HOME=${ompss2rt.nosv}" >> $out/nix-support/cc-wrapper-hook
  '';
-}) // { inherit ompss2rt; }
-
+}

--- a/pkgs/llvm-ompss2/openmp.nix
+++ b/pkgs/llvm-ompss2/openmp.nix
@@ -39,9 +39,6 @@ stdenv.mkDerivation rec {
    perl
    pkg-config
    python3
-  ];
-
-  buildInputs = [
  ] ++ lib.optionals enableNosv [
    nosv
  ] ++ lib.optionals enableOvni [
--- a/pkgs/mpich/default.nix
+++ b/pkgs/mpich/default.nix
@@ -12,7 +12,6 @@
 # For each arch
 , enableFortran ? stdenv.hostPlatform == stdenv.buildPlatform
 , perl
-, targetPackages
 }:

 let
@@ -46,10 +45,10 @@ in mpich.overrideAttrs (old: {
  ];

  preFixup = ''
-    sed -i 's:^CC=.*:CC=${targetPackages.stdenv.cc}/bin/${targetPackages.stdenv.cc.targetPrefix}cc:' $out/bin/mpicc
-    sed -i 's:^CXX=.*:CXX=${targetPackages.stdenv.cc}/bin/${targetPackages.stdenv.cc.targetPrefix}c++:' $out/bin/mpicxx
+    sed -i 's:^CC=.*:CC=''${CC:-gcc}:' $out/bin/mpicc
+    sed -i 's:^CXX=.*:CXX=''${CXX:-g++}:' $out/bin/mpicxx
  '' + lib.optionalString enableFortran ''
-    sed -i 's:^FC=.*:FC=${targetPackages.gfortran or gfortran}/bin/${targetPackages.gfortran.targetPrefix or gfortran.targetPrefix}gfortran:' $out/bin/mpifort
+    sed -i 's:^FC=.*:FC=''${FC:-gfortran}: $out/bin/mpifort
  '';

  hardeningDisable = [ "all" ];
--- a/pkgs/osu/default.nix
+++ b/pkgs/osu/default.nix
@@ -32,11 +32,6 @@ stdenv.mkDerivation rec {
      "CXX=mpicxx"
  ];

-  env = {
-    MPICH_CC="${stdenv.cc}/bin/${stdenv.cc.targetPrefix}cc";
-    MPICH_CXX="${stdenv.cc}/bin/${stdenv.cc.targetPrefix}c++";
-  };
-
  postInstall = ''
    mkdir -p $out/bin
    for f in $(find $out -executable -type f); do
Author	SHA1	Message	Date
Aleix Boné	81fa5392bc	Enable meta.cross for mpich related packages	2025-10-30 17:22:12 +01:00
Aleix Boné	7e2ba7049d	Disable meta.cross for gpi-2 and tagaspi	2025-10-30 17:22:12 +01:00
Aleix Boné	7c1a32dbec	Fix nativeBuildInputs for tagaspi	2025-10-30 17:22:12 +01:00
Aleix Boné	437f7947e1	Fix nativeBuildInputs for gpi-2	2025-10-30 17:22:12 +01:00
Aleix Boné	053ee5b0a5	Fix mpich cross compilation (disable fortran)	2025-10-30 17:22:11 +01:00