rarias/jungle
rarias/jungle
2
0
Fork 2
Code Issues 52 Pull Requests 8 Actions Packages Projects Releases Wiki Activity
435 Commits 23 Branches 0 Tags
Commit Graph

27 Commits

Author SHA1 Message Date
Rodrigo Arias Mallo
333e24d80b Revert "Remove pam_slurm_adopt from fox" 
This reverts commit 64a52801ed8d5c4a57650c2c434254a9986c1901.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:18 +02:00
Rodrigo Arias Mallo
8ebc51b33e Enable fail2ban in fox 
Protect fox against ssh bruteforce attacks:

fox% sudo lastb | head
root     ssh:notty    200.124.28.102   Mon Sep  1 11:25 - 11:25  (00:00)
root     ssh:notty    200.124.28.102   Mon Sep  1 11:25 - 11:25  (00:00)
root     ssh:notty    200.124.28.102   Mon Sep  1 11:25 - 11:25  (00:00)
root     ssh:notty    200.124.28.102   Mon Sep  1 11:25 - 11:25  (00:00)
root     ssh:notty    200.124.28.102   Mon Sep  1 11:25 - 11:25  (00:00)
root     ssh:notty    200.124.28.102   Mon Sep  1 11:25 - 11:25  (00:00)
root     ssh:notty    200.124.28.102   Mon Sep  1 11:25 - 11:25  (00:00)
root     ssh:notty    200.124.28.102   Mon Sep  1 11:25 - 11:25  (00:00)
root     ssh:notty    200.124.28.102   Mon Sep  1 11:24 - 11:24  (00:00)
root     ssh:notty    200.124.28.102   Mon Sep  1 11:24 - 11:24  (00:00)

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:18 +02:00
Rodrigo Arias Mallo
11d389f5c3 Accept connections from apex to fox slurmd 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:18 +02:00
Rodrigo Arias Mallo
871abab0eb Add fox machine to SLURM 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:18 +02:00
Rodrigo Arias Mallo
b0fb3c7be3 Make apex host specific to each machine 
Allows direct contact via the VPN when accessing from fox, but use
Internet when using the rest of the machines.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:18 +02:00
Rodrigo Arias Mallo
6c0010e100 Add wireguard server in fox 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:18 +02:00
Rodrigo Arias Mallo
06496a3b06 Access gitlab via raccoon in fox 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:18 +02:00
Rodrigo Arias Mallo
91fd1756e8 Disable automatic August shutdown for Fox 
The UPC has different dates for the yearly power cut, and Fox can
recover properly from a power loss, so we don't need to have it turned
off before the power cut. Simply disabling the timer is enough.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Aleix Boné
348ebb5053 Move shared nvidia settings to a separate module 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
4c9e197a27 Enable open source NVidia driver in fox 
It is recommended for newer versions.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
b77fc54e8a Remove option allowUnfree from fox and raccoon 
It is already set to true for all machines.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
e59e89c6f1 Disable kptr_restrict in fox 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
41962ba34f Disable NUMA balancing in fox 
See: https://www.kernel.org/doc/html/latest/admin-guide/sysctl/kernel.html#numa-balancing

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
70c9338076 Load amd_uncore module in fox 
Needed for L3 events in perf.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
3db4bd811c Enable SSH X11 forwarding 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
3e02850b1f Use performance governor in fox 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
2b875a54f7 Add hut as nix cache in fox 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
0e58847a21 Use DHCP for Ethernet in fox 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
399fc93e44 Use UPC time servers as others are blocked 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
8d8d32e9ae Update configuration for UPC network 
The fox machine will be placed in the UPC network, so we update the
configuration with the new IP and gateway. We won't be able to reach hut
directly so we also remove the host entry and proxy.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
3e103c6e9c Disable home via NFS in fox 
It won't be accesible anymore as we won't be in the same LAN.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
485c1f1305 Remove Ceph module from fox 
It will no longer be accesible from the UPC.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
c5fb3f3e22 Remove fox from SLURM 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
64d38e44e0 Remove pam_slurm_adopt from fox 
We no longer will be able to use SLURM from jungle.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
d25b9a3c51 Reject SSH connections without SLURM allocation 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
c57802ec54 Mount NVME disks in /nvme{0,1} 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
364f05e7af Add new fox machine 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:16 +02:00