8785efa9b9
Bind /usr/bin/env in nix-portable
2026-03-10 10:24:17 +01:00
a1e70da04b
Add jungle cache to nix-portable nix.conf
2026-03-10 10:24:17 +01:00
74bf58f576
Use nix bwrap in nix-portable
2026-03-10 10:24:17 +01:00
3b2299d41a
Remove nix-portable tmpbin feature
...
It will not work without the host /lib64/ld
2026-03-10 10:24:17 +01:00
cc2a7da4ea
Add bashInteractive in nix-portable bwrap
2026-03-10 10:24:17 +01:00
84c8f18783
Install netcat, ssh and git in nix-portable
...
These are needed by nix in order to properly
download and build stuff.
busybox's netcat does not work since it doesn't
support -X.
2026-03-10 10:24:17 +01:00
a42fc18456
Only to busybox to /bin/sh in nix-portable
2026-03-10 10:24:16 +01:00
fdc6df8ba7
Remove sgid from .nix-portable and set group
...
This should prevent issues when putting it under
/gpfs/{projects,scratch} that have sgid and group=nobody.
2026-03-10 10:24:16 +01:00
c7a86e52ce
Restrict paths added to bwrap in nix-portable
2026-03-10 10:24:16 +01:00
825805f2b1
Bind proc using --proc in nix-portable
2026-03-10 10:24:16 +01:00
35cfc5a16a
Fix nix-portable pkgStatic symlink handling
2026-03-10 10:24:16 +01:00
a2e9acd756
Add nix-portable
...
repo: https://github.com/DavHau/nix-portable
rev: 91122e3d94ba51d7d83fe990fa81d3de0968fb32
2026-03-10 10:24:16 +01:00
4d627258d6
Re-enable nix-wrap
...
libcap is no longer broken upstream
2026-03-10 10:24:16 +01:00
5c30975b8b
Mount NFS home in tent at /nfs/home
...
CI / build:cross (pull_request) Successful in 8s
CI / build:all (pull_request) Successful in 16s
CI / build:all (push) Successful in 4s
CI / build:cross (push) Successful in 8s
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-03-09 15:27:41 +01:00
d4c00679ee
Increase NFS subnet to allow tent
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-03-09 15:27:41 +01:00
32a576e870
Copy Gitea backup in /ceph too
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-03-09 15:27:37 +01:00
8197221146
Mount /ceph in tent
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-03-09 08:52:11 +01:00
374cd4ce48
Allow tent to reach ceph
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-03-09 08:52:08 +01:00
d3e54b7c99
Rekey secrets adding tent for ceph
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-03-09 08:52:05 +01:00
46b7efb5ac
Rename Gitea backup service and directory
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-03-09 08:51:48 +01:00
56ab099017
Override files in rotating gitea dump service
...
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-03-09 08:51:44 +01:00
2654b9fdd9
Enable rotating gitea backups
...
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-03-09 08:51:23 +01:00
84a5cb09ee
Use host mode for docker network
...
CI / build:cross (pull_request) Successful in 8s
CI / build:all (pull_request) Successful in 16s
CI / build:all (push) Successful in 4s
CI / build:cross (push) Successful in 8s
In order to reduce the traffic of the secondary Ethernet device we need
to be able to directly use the physical device instead of the virtual
one. For now use the host mode and see later if we can revert it.
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-03-05 15:29:23 +01:00
4899d20748
Fix weasel infiniband interface name
...
CI / build:cross (pull_request) Successful in 8s
CI / build:all (pull_request) Successful in 17s
CI / build:all (push) Successful in 4s
CI / build:cross (push) Successful in 8s
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-02-26 10:26:01 +01:00
76cd6d64b2
Add ssanzmar user to apex and fox
...
CI / build:cross (pull_request) Successful in 8s
CI / build:all (pull_request) Successful in 16s
CI / build:all (push) Successful in 4s
CI / build:cross (push) Successful in 8s
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-02-24 14:06:12 +01:00
8dab0d82ba
Update fox documentation in website
...
CI / build:cross (pull_request) Successful in 8s
CI / build:all (pull_request) Successful in 16s
CI / build:all (push) Successful in 3s
CI / build:cross (push) Successful in 8s
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-02-04 15:08:13 +01:00
958dcd4774
Add emonteir user to apex and fox
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-02-04 15:08:08 +01:00
7a6e4232de
Add nom and nixfmt-tree to system packages
...
CI / build:all (pull_request) Successful in 55m38s
CI / build:all (push) Successful in 27m13s
CI / build:cross (push) Successful in 55m5s
CI / build:cross (pull_request) Successful in 8s
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-02-03 15:17:30 +01:00
3b56e905e5
Add standalone home-manager to system packages
...
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-02-03 15:17:29 +01:00
2d41309466
Format and sort default package list
...
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-02-03 15:17:24 +01:00
deb0cd1488
Allow USB access to TC1 from Gitlab Runner
...
CI / build:cross (pull_request) Successful in 8s
CI / build:all (pull_request) Successful in 16s
CI / build:all (push) Successful in 4s
CI / build:cross (push) Successful in 8s
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-01-23 17:56:16 +01:00
cd1f502ecc
Allow user USB access to FTDI device in tent
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-01-23 17:56:11 +01:00
dda6a66782
Fix gitea user to allow sending email
...
CI / build:cross (pull_request) Successful in 8s
CI / build:all (pull_request) Successful in 16s
CI / build:all (push) Successful in 4s
CI / build:cross (push) Successful in 8s
In order to send email, the gitea user needs to be in the mail-robot
group.
Fixes: #220
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-01-20 12:18:52 +01:00
22420e6ac8
Remove unneeded perf package from eudy
...
It is already included in the base list of packages, which is now only
"perf" and doesn't depend on the kernel version.
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-01-20 12:18:49 +01:00
a71cd78b4c
Fix infiniband interface names
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-01-20 12:18:46 +01:00
e84a2cadbb
flake.lock: Update
...
Flake lock file updates:
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/8bb5646e0bed5dbd3ab08c7a7cc15b75ab4e1d0f?narHash=sha256-SqUuBFjhl/kpDiVaKLQBoD8TLD%2B/cTUzzgVFoaHrkqY%3D' (2025-11-30)
→ 'github:NixOS/nixpkgs/3c9db02515ef1d9b6b709fc60ba9a540957f661c?narHash=sha256-2GffSfQxe3sedHzK%2BsTKlYo/NTIAGzbFCIsNMUPAAnk%3D' (2026-01-05)
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-01-20 12:18:41 +01:00
d3e43eb651
Remove conflicting definitions in amd-uprof-driver
...
See: https://lkml.org/lkml/2025/4/9/1709
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-01-20 12:15:18 +01:00
a491546ffb
Mark mcxx as broken and remove from package list
...
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-01-20 12:15:14 +01:00
933c78a80b
Fix moved package linuxPackages.perf is now perf
...
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-01-20 12:15:10 +01:00
150969be9b
Fix replaced nixseparatedebuginfod
...
nixseparatedebuginfod has been replaced by nixseparatedebuginfod2
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-01-20 12:15:06 +01:00
9097729759
Use standard gcc for intel packages
...
This reverts 26f52aa27drodrigo.arias@bsc.es >
2026-01-20 12:15:02 +01:00
779449f1db
Fix renamed option watchdog.runtimeTime
...
The option 'systemd.watchdog.runtimeTime' has been renamed to
'systemd.settings.Manager.RuntimeWatchdogSec'.
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-01-20 12:14:59 +01:00
6cbe33bd80
Replace wrapGAppsHook with wrapGAppsHook3
...
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-01-20 12:14:56 +01:00
3f1f5ae8f2
Fix changed cudaPackages.cuda_cudart output
...
See: https://github.com/NixOS/nixpkgs/pull/437723
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-01-20 12:14:49 +01:00
fe8586e780
Set pyproject=true in buildPythonApplication
...
The buildPythonPackage and buildPythonApplication functions now
require an explicit format attribute. Previously the default format
used setuptools and called setup.py from the source tree, which is
deprecated. The modern alternative is to configure pyproject = true
with build-system = [ setuptools ].
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-01-20 12:14:31 +01:00
8677adba27
Fix renamed llvm bintools
...
Moved from llvmPackages_latest.tools.bintools to
llvmPackages_latest.bintools
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-01-20 12:14:27 +01:00
f614149edf
Upgrade nixpkgs to 25.11
...
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-01-20 12:14:11 +01:00
859eebda98
Change varcila shell to zsh
...
CI / build:all (push) Successful in 59m37s
CI / build:cross (push) Successful in 1h27m33s
CI / build:cross (pull_request) Successful in 1h29m20s
CI / build:all (pull_request) Successful in 1h29m22s
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-01-07 13:22:17 +01:00
c2a201b085
Increase fail2ban ban time on each attempt
...
CI / build:all (push) Has been cancelled
CI / build:cross (push) Has been cancelled
CI / build:all (pull_request) Successful in 1h38m5s
CI / build:cross (pull_request) Successful in 1h38m3s
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-01-07 13:14:34 +01:00
f921f0a4bd
Disable password login via SSH in apex
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-01-07 13:14:30 +01:00
