rarias/jungle
rarias/jungle
2
0
Fork 3
Code Issues 53 Pull Requests 10 Actions Packages Projects Releases Wiki Activity
451 Commits 24 Branches 0 Tags
Commit Graph

451 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rodrigo Arias Mallo
7be793da3d Disable root_squash from NFS 
Allows root to read files in the NFS export, so we can directly run
`nixos-rebuild switch` from /home.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
327c0d61a2 Remove SSH proxy to access BSC clusters 
We now have direct connection to them.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
f70074b216 Add users to apex machine 
They need to be able to login to apex to access any other machine from
the SSF rack.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
fd99204913 Remove proxy from hut HTTP probes 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
6826a372d5 Remove proxy configuration from environment 
All machines have now direct connection with the outside world.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
3d02a231a5 Add storcli utility to apex 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
52bd019cdd Add new configuration for apex 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
57b9450a59 Add pmartin1 user with access to fox 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
daba3eca18 Add access to fox for rpenacob user 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
c47c880ff2 Revert "Only allow Vincent to access fox for now" 
This reverts commit efac36b186efe6c3814278ae0a284ae346ff9d83.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Aleix Boné
5318fb1a0d Add all terminfo files in environment 
Fixes problems with the kitty terminal when opening vim or kakoune.

Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
ad834cebd6 Monitor Fox BMC with ICMP probes too 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
43c20c544d Restrict DAC VPN to fox-ipmi machine only 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
5928c68720 Monitor fox via VPN 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
8eb14acdf9 Add OpenVPN service to connect to fox BMC 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
d83ad5decb Add ac.upc.edu as name search server 
Allows referring to fox.ac.upc.edu directly as fox.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
bc64d62a7f Update access instructions 
We no longer need to request a petition through BSC, as we will be in
charge of the login. Remove link to the old repository as well and
prefer only email.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
d07855e5c5 Disable kptr_restrict in fox 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
98b882507b Disable NUMA balancing in fox 
See: https://www.kernel.org/doc/html/latest/admin-guide/sysctl/kernel.html#numa-balancing

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
e6f526bbc6 Load amd_uncore module in fox 
Needed for L3 events in perf.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
df70515bc8 Enable SSH X11 forwarding 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
dfee33038b Disable registration in Gitea 
Get rid of all the spam accounts they are trying to register.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
6e316e57be Enable msmtp configuration in tent 
Allows gitea to send notifications via email.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
28e094d4c1 Add GitLab runner with debian docker for PM 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
1210d96ae9 Monitor nix-daemon in tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
d5227db996 Move nix-daemon exporter to modules 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
eeb8557b96 Add p service for pastes 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
e94ef5a08d Enable public-inbox service in tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
e1359d134e Enable gitea in tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
2e94b6795b Add bsc.es to resolve domain names 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
965dca422a Monitor AXLE machine too 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
03209b6bfc Use IPv4 for blackbox exporter 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
a4328fe380 Add public html files to tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
085b92ce0f Add docker GitLab runner for BSC GitLab 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
96d7f186d2 Add GitLab shell runner in tent for PM 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
01891b9bef Enable jungle robot emails for Grafana in tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
71bbdd5922 Add tent key for nix-serve 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
c51ca035b7 Remove jungle nix cache from tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
8b2c9dcacd Enable nix cache 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
017b57670b Serve Grafana from subpath 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
de99ff3414 Add nginx server in tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
5d25805c6a Add monitoring in tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
 2025-10-01 16:40:17 +02:00
Aleix Roca Nonell
ef2f31510c Disable nix garbage collector in tent 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
59961d1351 Rekey secrets with tent keys 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
3cb9563738 Add tent host key and admin keys 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
2006a5fb05 Create directories in /vault/home for tent users 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
ddcf158758 Add software RAID in tent using 3 disks 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
df0ce98526 Add access to tent to all hut users too 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
0022dfab63 Add hut SSH configuration from outside SSF LAN 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00
Rodrigo Arias Mallo
5dce13c512 Don't use proxy in base preset 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-10-01 16:40:17 +02:00