rarias/jungle
rarias/jungle
2
0
Fork 2
Code Issues 52 Pull Requests 8 Actions Packages Projects Releases Wiki Activity
387 Commits 23 Branches 0 Tags
Commit Graph

387 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rodrigo Arias Mallo
46bbcf7fac Use IPv4 in blackbox probes 
Otherwise they simply fail as IPv6 doesn't work.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
847709b209 Make NFS mount async to improve latency 
Don't wait to flush writes, as we don't care about consistency on a
crash:

> This option allows the NFS server to violate the NFS protocol and
> reply to requests before any changes made by that request have been
> committed to stable storage (e.g. disc drive).
>
> Using this option usually improves performance, but at the cost that
> an unclean server restart (i.e. a crash) can cause data to be lost or
> corrupted.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
6551dce813 Disable root_squash from NFS 
Allows root to read files in the NFS export, so we can directly run
`nixos-rebuild switch` from /home.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
b8561dbc44 Remove SSH proxy to access BSC clusters 
We now have direct connection to them.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
298028c803 Add users to apex machine 
They need to be able to login to apex to access any other machine from
the SSF rack.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
983336b6f6 Remove proxy from hut HTTP probes 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
2649ef4c0d Remove proxy configuration from environment 
All machines have now direct connection with the outside world.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
9ae2c79202 Add storcli utility to apex 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
4fcdcd064d Add new configuration for apex 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
598cd43520 Add pmartin1 user with access to fox 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
0c8e2ed8f8 Add access to fox for rpenacob user 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
6ed558877c Revert "Only allow Vincent to access fox for now" 
This reverts commit efac36b186efe6c3814278ae0a284ae346ff9d83.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Aleix Boné
247fd56571 Add all terminfo files in environment 
Fixes problems with the kitty terminal when opening vim or kakoune.

Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
cb05eb36e6 Monitor Fox BMC with ICMP probes too 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
70da31ed03 Restrict DAC VPN to fox-ipmi machine only 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
3672c04980 Monitor fox via VPN 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
1511a0a739 Add OpenVPN service to connect to fox BMC 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
23fa1bf52c Add ac.upc.edu as name search server 
Allows referring to fox.ac.upc.edu directly as fox.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
e59e89c6f1 Disable kptr_restrict in fox 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
41962ba34f Disable NUMA balancing in fox 
See: https://www.kernel.org/doc/html/latest/admin-guide/sysctl/kernel.html#numa-balancing

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
70c9338076 Load amd_uncore module in fox 
Needed for L3 events in perf.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
3db4bd811c Enable SSH X11 forwarding 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
a6b532a6d9 Disable registration in Gitea 
Get rid of all the spam accounts they are trying to register.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
7771717d1e Enable msmtp configuration in tent 
Allows gitea to send notifications via email.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
c931e0f9bb Add GitLab runner with debian docker for PM 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
1f9b48cc9a Monitor nix-daemon in tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
20bc2612fa Move nix-daemon exporter to modules 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
da02c4290c Add p service for pastes 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
3a25d7e798 Enable public-inbox service in tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
f7db23eaee Enable gitea in tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
892489a02f Add bsc.es to resolve domain names 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
b1e93332fc Monitor AXLE machine too 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
fbc4cac562 Use IPv4 for blackbox exporter 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
dcfade24dd Add public html files to tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
2af536fd52 Add docker GitLab runner for BSC GitLab 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
b532c023a0 Add GitLab shell runner in tent for PM 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
6ef63735da Enable jungle robot emails for Grafana in tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
8d9f970b4f Add tent key for nix-serve 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
95c47a6cd8 Remove jungle nix cache from tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
4405a4feff Enable nix cache 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
5116b82318 Serve Grafana from subpath 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
0df728c733 Add nginx server in tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
29a7475140 Add monitoring in tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Aleix Roca Nonell
a7d687010e Disable nix garbage collector in tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
090613bd31 Rekey secrets with tent keys 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
404e690a3c Add tent host key and admin keys 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
c79d0b59e7 Create directories in /vault/home for tent users 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
ce35461509 Add software RAID in tent using 3 disks 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
3dacd598d6 Add access to tent to all hut users too 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
8065fbe10d Add hut SSH configuration from outside SSF LAN 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00