9eebe67402
Limit slurm partition users with AllowGroups
...
CI / build:cross (pull_request) Successful in 8s
CI / build:all (pull_request) Successful in 33s
Fixes #245
2026-03-13 11:57:05 +01:00
76cd6d64b2
Add ssanzmar user to apex and fox
...
CI / build:cross (pull_request) Successful in 8s
CI / build:all (pull_request) Successful in 16s
CI / build:all (push) Successful in 4s
CI / build:cross (push) Successful in 8s
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-02-24 14:06:12 +01:00
958dcd4774
Add emonteir user to apex and fox
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2026-02-04 15:08:08 +01:00
7a6e4232de
Add nom and nixfmt-tree to system packages
...
CI / build:all (pull_request) Successful in 55m38s
CI / build:all (push) Successful in 27m13s
CI / build:cross (push) Successful in 55m5s
CI / build:cross (pull_request) Successful in 8s
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-02-03 15:17:30 +01:00
3b56e905e5
Add standalone home-manager to system packages
...
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-02-03 15:17:29 +01:00
2d41309466
Format and sort default package list
...
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-02-03 15:17:24 +01:00
933c78a80b
Fix moved package linuxPackages.perf is now perf
...
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-01-20 12:15:10 +01:00
779449f1db
Fix renamed option watchdog.runtimeTime
...
The option 'systemd.watchdog.runtimeTime' has been renamed to
'systemd.settings.Manager.RuntimeWatchdogSec'.
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-01-20 12:14:59 +01:00
859eebda98
Change varcila shell to zsh
...
CI / build:all (push) Successful in 59m37s
CI / build:cross (push) Successful in 1h27m33s
CI / build:cross (pull_request) Successful in 1h29m20s
CI / build:all (pull_request) Successful in 1h29m22s
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2026-01-07 13:22:17 +01:00
5ff1b1343b
Add nixgen to all machines
...
CI / build:cross (pull_request) Successful in 5s
CI / build:all (pull_request) Successful in 16s
CI / build:all (push) Successful in 3s
CI / build:cross (push) Successful in 5s
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-10-29 16:28:05 +01:00
f115d611e7
Add aaguirre user
...
CI / build:cross (pull_request) Successful in 6s
CI / build:all (pull_request) Successful in 15s
CI / build:all (push) Successful in 3s
CI / build:cross (push) Successful in 6s
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-10-22 15:28:29 +02:00
4261d327c6
Include agenix module and package directly
...
CI / build:cross (pull_request) Successful in 6s
CI / build:all (pull_request) Successful in 15s
CI / build:all (push) Successful in 4s
CI / build:cross (push) Successful in 6s
Avoids adding an extra flake input only to fetch a single module and
package.
Reviewed-by: Aleix Boné <abonerib@bsc.es >
Tested-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2025-10-14 09:37:47 +02:00
98d17b19d3
Enable custom sys-devices system feature
...
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2025-10-09 11:40:44 +02:00
188ba6df0a
Remove bscpkgs input
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-10-07 16:07:26 +02:00
b040bebd1d
Add acinca user
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-10-01 12:27:43 +02:00
ad1544759f
Remove machine access for user csiringo
...
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2025-09-29 18:23:24 +02:00
f9632c37f8
Remove extra SSH jump configuration
...
We now have direct visibility among nodes so we don't need any extra
SSH configuration to reach them.
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-26 12:28:51 +02:00
1f0cb4ae76
Add raccoon peer to wireguard
...
It routes traffic from fox, apex and the compute nodes so that we can
reach the git servers and tent.
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-09-26 12:28:48 +02:00
6bbfb0d124
Make apex host specific to each machine
...
Allows direct contact via the VPN when accessing from fox, but use
Internet when using the rest of the machines.
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-09-03 12:02:49 +02:00
5ee8623af2
Fix typo in csiringo ssh key
...
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2025-08-27 17:44:20 +02:00
ce25867421
Add csiringo user with access to apex and weasel
...
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2025-08-27 16:02:26 +02:00
343b4f155e
Set power policy to always turn on
...
In all machines, as soon as we recover the power, turn the machine back
on. We cannot rely on the previous state as we will shut them down
before the power is cut to prevent damage on the power supply
monitoring circuit.
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-07-24 11:22:38 +02:00
142985c505
Move August shutdown to 3rd at 22h
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-07-24 11:22:33 +02:00
a1b387e454
Remove package ix as it is gone
...
Fails with: "error: ix has been removed from Nixpkgs, as the ix.io
pastebin has been offline since Dec. 2023".
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-07-16 13:07:06 +02:00
b802f88df9
Rotate anavarro password and SSH key
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-07-15 17:24:41 +02:00
bd94c4ad00
Add weasel machine configuration
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-07-15 17:24:38 +02:00
96661dd0d4
Prevent accidental use of nftables
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-07-15 11:18:42 +02:00
0d291d715c
Add users to apex machine
...
They need to be able to login to apex to access any other machine from
the SSF rack.
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-07-15 11:18:09 +02:00
36ee1f3adc
Add storcli utility to apex
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-07-15 11:17:57 +02:00
25e9c071b0
Add new configuration for apex
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-07-15 11:17:43 +02:00
80cee2dbd0
Add pmartin1 user with access to fox
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-07-03 11:16:43 +02:00
ee92934c74
Add access to fox for rpenacob user
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-07-02 16:58:53 +02:00
db0f3fed91
Revert "Only allow Vincent to access fox for now"
...
This reverts commit e9e3704b67abonerib@bsc.es >
2025-07-02 16:58:49 +02:00
adeaa0484d
Add all terminfo files in environment
...
Fixes problems with the kitty terminal when opening vim or kakoune.
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es >
2025-07-02 16:02:45 +02:00
18461c0d59
Add access to tent to all hut users too
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-06-11 16:04:06 +02:00
7176b066bb
Don't use proxy in base preset
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-06-11 16:04:00 +02:00
e9e3704b67
Only allow Vincent to access fox for now
...
Needed to run benchmarks without interference.
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-06-11 12:08:57 +02:00
f0c4206ab8
Create tracing group and add arocanon in raccoon
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-06-03 11:09:41 +02:00
62ec4e014a
Add dbautist user to raccoon machine
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-06-03 10:45:28 +02:00
43dc336638
Enable linger for user rarias
...
Allows services to run without a login session.
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-06-03 10:45:19 +02:00
2b08fcd21a
Only proxy SSH git remotes via hut in xeon
...
Other machines like raccoon have direct access.
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-06-03 10:44:31 +02:00
5208a3483b
Set keep-outputs to true in all machines
...
From the documentation of keep-outputs, setting it to true would prevent
the GC from removing build time dependencies:
If true, the garbage collector will keep the outputs of non-garbage
derivations. If false (default), outputs will be deleted unless they are
GC roots themselves (or reachable from other roots).
In general, outputs must be registered as roots separately. However,
even if the output of a derivation is registered as a root, the
collector will still delete store paths that are used only at build time
(e.g., the C compiler, or source tarballs downloaded from the network).
To prevent it from doing so, set this option to true.
See: https://nix.dev/manual/nix/2.24/command-ref/conf-file.html#conf-keep-outputs
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2025-04-22 17:27:37 +02:00
d84645f3e1
Add bscpm04.bsc.es SSH host and public key
...
Allows fetching repositories from hut and other machines in jungle
without the need to do any extra configuration.
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-04-15 14:15:45 +02:00
18f25307ab
Add varcila user to hut and fox
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-04-08 17:15:25 +02:00
5c549faaa8
Add abonerib user to fox
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-04-08 17:15:21 +02:00
fe16ea373f
Add users to fox
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-04-08 17:15:13 +02:00
163434af09
Add dalvare1 user
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-04-08 17:15:11 +02:00
d335d69ba6
Add BSC machines to ssh config
...
Reviewed-by: Aleix Boné <abonerib@bsc.es >
2025-01-16 14:23:51 +01:00
260986b9f2
Delay nix-gc until /home is mounted
...
Prevents starting the garbage collector before the remote FS are
mounted, in particular /home. Otherwise, all the gcroots which have
symlinks in /home will be considered stale and they will be removed.
See: #79
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2024-09-20 09:45:30 +02:00
15afbe94bd
Add dbautist user with access to hut
...
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es >
2024-09-20 09:42:02 +02:00
