rarias/jungle
2
0
Fork 3
Code Issues 57 Pull Requests 7 Actions Packages Projects Releases Wiki Activity

Compare commits

base: rarias:59cc987954cef3a662b1557fccd08eb3f28deccc
Branches Tags
rarias:master rarias:enableStrictDeps rarias:fox-regression rarias:pkgs/tacuda rarias:pkgs/tasycl rarias:robust-fetchGit rarias:old-master rarias:gitea-lfs rarias:only-restart-logins rarias:monitor-gpfs-home rarias:add-tent-machine rarias:m/raccoon rarias:add-fpga-u280 rarias:maintenance-purchase rarias:add-fox-machine rarias:share-files rarias:shared-nix-store rarias:intro-nix rarias:lake2-ipoib
..
compare: rarias:86e7c72b9ba61a4020eb935eebe48abf1db00ec4
Branches Tags
rarias:master rarias:enableStrictDeps rarias:fox-regression rarias:pkgs/tacuda rarias:pkgs/tasycl rarias:robust-fetchGit rarias:old-master rarias:gitea-lfs rarias:only-restart-logins rarias:monitor-gpfs-home rarias:add-tent-machine rarias:m/raccoon rarias:add-fpga-u280 rarias:maintenance-purchase rarias:add-fox-machine rarias:share-files rarias:shared-nix-store rarias:intro-nix rarias:lake2-ipoib

4 Commits
59cc987954 ... 86e7c72b9b

Author SHA1 Message Date
Rodrigo Arias Mallo
86e7c72b9b Enable open source NVidia driver in fox 
It is recommended for newer versions.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-07-18 09:57:38 +02:00
Rodrigo Arias Mallo
a7dffc33b5 Remove option allowUnfree from fox and raccoon 
It is already set to true for all machines.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-07-18 09:57:21 +02:00
Rodrigo Arias Mallo
6765dba3e4 Ban another scanner trying to connect via SSH 
It is constantly spamming out logs:

apex# journalctl | grep 'Connection closed by 84.88.52.176' | wc -l
2255

Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-07-18 09:51:49 +02:00
Rodrigo Arias Mallo
0acfb7a8e0 Update weasel IPMI hostname for monitoring 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
 2025-07-18 09:51:21 +02:00
2 changed files with 3 additions and 1 deletions
Expand all files Collapse all files

2
m/apex/configuration.nix
View File

@@ -70,6 +70,8 @@
# Blackhole BSC vulnerability scanner (OpenVAS) as it is spamming our
# logs. Insert as first position so we also protect SSH.
iptables -I nixos-fw 1 -p tcp -s 192.168.8.16 -j nixos-fw-refuse
# Same with opsmonweb01.bsc.es which seems to be trying to access via SSH
iptables -I nixos-fw 2 -p tcp -s 84.88.52.176 -j nixos-fw-refuse
'';
};

2
m/hut/targets.yml
View File

@@ -4,7 +4,7 @@
- xeon03-ipmi
- xeon04-ipmi
- koro-ipmi
- xeon06-ipmi
- weasel-ipmi
- hut-ipmi
- eudy-ipmi
# Storage