From a5c7205481cced2dc999e79b6dbcd0122067e64f Mon Sep 17 00:00:00 2001
From: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Date: Fri, 5 May 2023 20:18:01 +0200
Subject: [PATCH] Add xeon08 basic config

---
 common/ssh.nix           |  5 ++++
 flake.nix                | 22 ++++++++++++++++++
 xeon08/configuration.nix | 32 +++++++++++++++++++++++++
 xeon08/fs.nix            | 13 +++++++++++
 xeon08/kernel/kernel.nix | 50 ++++++++++++++++++++++++++++++++++++++++
 xeon08/slurm.nix         |  7 ++++++
 xeon08/users.nix         | 23 ++++++++++++++++++
 7 files changed, 152 insertions(+)
 create mode 100644 xeon08/configuration.nix
 create mode 100644 xeon08/fs.nix
 create mode 100644 xeon08/kernel/kernel.nix
 create mode 100644 xeon08/slurm.nix
 create mode 100644 xeon08/users.nix

diff --git a/common/ssh.nix b/common/ssh.nix
index 8d069d7b..d3676f79 100644
--- a/common/ssh.nix
+++ b/common/ssh.nix
@@ -16,12 +16,17 @@
     root.openssh.authorizedKeys.keys = [
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKBOf4r4lzQfyO0bx5BaREePREw8Zw5+xYgZhXwOZoBO ram@hop"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINa0tvnNgwkc5xOwd6xTtaIdFi5jv0j2FrE7jl5MTLoE ram@mio"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF3zeB5KSimMBAjvzsp1GCkepVaquVZGPYwRIzyzaCba aleix@bsc"
     ];
     rarias.openssh.authorizedKeys.keys = [
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKBOf4r4lzQfyO0bx5BaREePREw8Zw5+xYgZhXwOZoBO ram@hop"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINa0tvnNgwkc5xOwd6xTtaIdFi5jv0j2FrE7jl5MTLoE ram@mio"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGYcXIxe0poOEGLpk8NjiRozls7fMRX0N3j3Ar94U+Gl rarias@hal"
     ];
+    arocanon.openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF3zeB5KSimMBAjvzsp1GCkepVaquVZGPYwRIzyzaCba aleix@bsc"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGdphWxLAEekicZ/WBrvP7phMyxKSSuLAZBovNX+hZXQ aleix@kerneland"
+    ];
   };
 
   programs.ssh.knownHosts = {
diff --git a/flake.nix b/flake.nix
index 7c4b67d2..e07bff97 100644
--- a/flake.nix
+++ b/flake.nix
@@ -75,6 +75,28 @@
           ./xeon07/configuration.nix
         ];
       };
+      xeon08 = nixpkgs.lib.nixosSystem {
+        system = "x86_64-linux";
+        modules = [
+          ( {options, ...}: {
+            # Sel the nixos-config path to the one of the current flake
+            nixpkgs.overlays = [ bscpkgs.bscOverlay ];
+            nix.nixPath = [
+                "nixpkgs=${nixpkgs}"
+                "bscpkgs=${bscpkgs}"
+                "nixos-config=${self.outPath}/xeon08/configuration.nix"
+                "nixpkgs-overlays=${self.outPath}/overlays-compat"
+            ];
+            nix.registry.nixpkgs.flake = nixpkgs;
+            nix.registry.bscpkgs.flake = bscpkgs;
+            system.configurationRevision =
+              if self ? rev
+              then self.rev
+              else throw ("Refusing to build from a dirty Git tree!");
+          })
+          ./xeon08/configuration.nix
+        ];
+      };
     };
   };
 }
diff --git a/xeon08/configuration.nix b/xeon08/configuration.nix
new file mode 100644
index 00000000..519c9540
--- /dev/null
+++ b/xeon08/configuration.nix
@@ -0,0 +1,32 @@
+{ config, pkgs, lib, modulesPath, ... }:
+
+{
+  imports = [
+    ../common/main.nix
+    #(modulesPath + "/installer/netboot/netboot-minimal.nix")
+
+    ./kernel/kernel.nix
+    ./fs.nix
+    ./users.nix
+    ./slurm.nix
+  ];
+
+  # Select this using the ID to avoid mismatches
+  boot.loader.grub.device = "/dev/disk/by-id/wwn-0x55cd2e414d53564b";
+
+  # disable automatic garbage collector
+  nix.gc.automatic = lib.mkForce false;
+
+  # set up both ethernet and infiniband ips
+  networking = {
+    hostName = "xeon08";
+    interfaces.eno1.ipv4.addresses = [ {
+      address = "10.0.40.8";
+      prefixLength = 24;
+    } ];
+    interfaces.ibp5s0.ipv4.addresses = [ {
+      address = "10.0.42.8";
+      prefixLength = 24;
+    } ];
+  };
+}
diff --git a/xeon08/fs.nix b/xeon08/fs.nix
new file mode 100644
index 00000000..1c1526a2
--- /dev/null
+++ b/xeon08/fs.nix
@@ -0,0 +1,13 @@
+{ ... }:
+
+{
+  fileSystems."/nix" = {
+    device = "/dev/disk/by-label/optane";
+    fsType = "ext4";
+    neededForBoot = true;
+  };
+  fileSystems."/mnt/data" = {
+    device = "/dev/disk/by-label/data";
+    fsType = "ext4";
+  };
+}
diff --git a/xeon08/kernel/kernel.nix b/xeon08/kernel/kernel.nix
new file mode 100644
index 00000000..5aca93c4
--- /dev/null
+++ b/xeon08/kernel/kernel.nix
@@ -0,0 +1,50 @@
+{ pkgs, lib, ... }:
+
+let
+  #fcs-devel = pkgs.linuxPackages_custom {
+  #   version = "6.2.8";
+  #   src = /mnt/data/kernel/fcs/kernel/src;
+  #   configfile = /mnt/data/kernel/fcs/kernel/configs/defconfig;
+  #};
+
+  #fcsv1 = fcs-kernel "bc11660676d3d68ce2459b9fb5d5e654e3f413be" false;
+  #fcsv2 = fcs-kernel "db0f2eca0cd57a58bf456d7d2c7d5d8fdb25dfb1" false;
+  #fcsv1-lockdep = fcs-kernel "bc11660676d3d68ce2459b9fb5d5e654e3f413be" true;
+  #fcsv2-lockdep = fcs-kernel "db0f2eca0cd57a58bf456d7d2c7d5d8fdb25dfb1" true;
+  #fcs-kernel = gitCommit: lockdep: pkgs.linuxPackages_custom {
+  #   version = "6.2.8";
+  #   src = builtins.fetchGit {
+  #     url = "git@bscpm03.bsc.es:ompss-kernel/linux.git";
+  #     rev = gitCommit;
+  #     ref = "fcs";
+  #   };
+  #   configfile = if lockdep then ./configs/lockdep else ./configs/defconfig;
+  #};
+
+  kernel = nixos-fcsv2;
+
+  nixos-fcs-kernel = {gitCommit, lockStat ? false}: pkgs.linuxPackagesFor (pkgs.buildLinux rec {
+    version = "6.2.8";
+    src = builtins.fetchGit {
+      url = "git@bscpm03.bsc.es:ompss-kernel/linux.git";
+      rev = gitCommit;
+      ref = "fcs";
+    };
+    structuredExtraConfig = with lib.kernel; {
+      # add cutom kernel options here
+    } // lib.optionalAttrs lockStat {
+      LOCK_STAT = yes;
+    };
+    kernelPatches = [];
+    extraMeta.branch = lib.versions.majorMinor version;
+  });
+
+  nixos-fcsv1 = nixos-fcs-kernel {gitCommit = "bc11660676d3d68ce2459b9fb5d5e654e3f413be";};
+  nixos-fcsv2 = nixos-fcs-kernel {gitCommit = "db0f2eca0cd57a58bf456d7d2c7d5d8fdb25dfb1";};
+  nixos-fcsv1-lockstat = nixos-fcs-kernel {gitCommit = "bc11660676d3d68ce2459b9fb5d5e654e3f413be"; lockStat = true;};
+  nixos-fcsv2-lockstat = nixos-fcs-kernel {gitCommit = "db0f2eca0cd57a58bf456d7d2c7d5d8fdb25dfb1"; lockStat = true;};
+  latest = pkgs.linuxPackages_latest;
+
+in {
+  boot.kernelPackages = lib.mkForce kernel;
+}
diff --git a/xeon08/slurm.nix b/xeon08/slurm.nix
new file mode 100644
index 00000000..0aa3bdac
--- /dev/null
+++ b/xeon08/slurm.nix
@@ -0,0 +1,7 @@
+{ lib, ... }:
+
+{
+  services.slurm = {
+    client.enable = lib.mkForce false;
+  };
+}
diff --git a/xeon08/users.nix b/xeon08/users.nix
new file mode 100644
index 00000000..4a01344b
--- /dev/null
+++ b/xeon08/users.nix
@@ -0,0 +1,23 @@
+{ ... }:
+
+{
+  users = {
+    users.arocanon = {
+      uid = 1042;
+      isNormalUser = true;
+      home = "/home/Computational/arocanon";
+      description = "Aleix Roca";
+      group = "Computational";
+      extraGroups = [ "wheel" ];
+      hashedPassword = "$6$hliZiW4tULC/tH7p$pqZarwJkNZ7vS0G5llWQKx08UFG9DxDYgad7jplMD8WkZh5k58i4dfPoWtnEShfjTO6JHiIin05ny5lmSXzGM/";
+    };
+  };
+
+  security.sudo.extraRules= [{
+    users = [ "arocanon" ];
+    commands = [{
+      command = "ALL" ;
+      options= [ "NOPASSWD" ]; # "SETENV" # Adding the following could be a good idea
+    }];
+  }];
+}