Compare commits
	
		
			18 Commits
		
	
	
		
			master
			...
			weasel-hyd
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 0b047b7272 | |||
| 354c11c329 | |||
| 6a01158c43 | |||
| d7f92a9126 | |||
| ed6cb7e6ea | |||
| ed8eafba79 | |||
| 937f08d11c | |||
| 71b8198e4a | |||
| 1a5ba3b930 | |||
| a057c2e5f5 | |||
| 7e4fb6bccf | |||
| b5b90826a7 | |||
| b5140eda17 | |||
| 6a89c4de90 | |||
| 8369b1207e | |||
| f2bf4970c9 | |||
| 4b4fe9bb3d | |||
| 510d9046ce | 
| @ -11,11 +11,13 @@ | ||||
|     ./base/hw.nix | ||||
|     ./base/net.nix | ||||
|     ./base/nix.nix | ||||
|     ./base/sys-devices.nix | ||||
|     ./base/ntp.nix | ||||
|     ./base/rev.nix | ||||
|     ./base/ssh.nix | ||||
|     ./base/users.nix | ||||
|     ./base/watchdog.nix | ||||
|     ./base/zsh.nix | ||||
|     ./base/fish.nix | ||||
|   ]; | ||||
| } | ||||
|  | ||||
| @ -5,6 +5,8 @@ | ||||
|     vim wget git htop tmux pciutils tcpdump ripgrep nix-index nixos-option | ||||
|     nix-diff ipmitool freeipmi ethtool lm_sensors cmake gnumake file tree | ||||
|     ncdu config.boot.kernelPackages.perf ldns pv | ||||
|     nix-output-monitor | ||||
|     nixfmt-rfc-style | ||||
|     # From bsckgs overlay | ||||
|     osumb | ||||
|   ]; | ||||
|  | ||||
							
								
								
									
										4
									
								
								m/common/base/fish.nix
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								m/common/base/fish.nix
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,4 @@ | ||||
| { ... }: | ||||
| { | ||||
|   programs.fish.enable = true; | ||||
| } | ||||
							
								
								
									
										9
									
								
								m/common/base/sys-devices.nix
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										9
									
								
								m/common/base/sys-devices.nix
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,9 @@ | ||||
| { | ||||
|   nix.settings.system-features = [ "sys-devices" ]; | ||||
| 
 | ||||
|   programs.nix-required-mounts.enable = true; | ||||
|   programs.nix-required-mounts.allowedPatterns.sys-devices.paths = [ | ||||
|     "/sys/devices/system/cpu" | ||||
|     "/sys/devices/system/node" | ||||
|   ]; | ||||
| } | ||||
| @ -87,6 +87,12 @@ | ||||
|         openssh.authorizedKeys.keys = [ | ||||
|           "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIIFiqXqt88VuUfyANkZyLJNiuroIITaGlOOTMhVDKjf abonerib@bsc" | ||||
|         ]; | ||||
|         shell = pkgs.fish; | ||||
|         packages = with pkgs; [ | ||||
|           starship | ||||
|           jujutsu | ||||
|           neovim | ||||
|         ]; | ||||
|       }; | ||||
| 
 | ||||
|       vlopez = { | ||||
|  | ||||
| @ -1,9 +1,11 @@ | ||||
| { lib, ... }: | ||||
| { lib, pkgs, ... }: | ||||
| 
 | ||||
| { | ||||
|   imports = [ | ||||
|     ../common/ssf.nix | ||||
|     ../module/hut-substituter.nix | ||||
|     ./virtualization.nix | ||||
|     ./hydra.nix | ||||
|   ]; | ||||
| 
 | ||||
|   # Select this using the ID to avoid mismatches | ||||
| @ -30,4 +32,23 @@ | ||||
|       prefixLength = 24; | ||||
|     } ]; | ||||
|   }; | ||||
| 
 | ||||
|   services.nix-serve = { | ||||
|     enable = true; | ||||
|     bindAddress = "0.0.0.0"; | ||||
|     port = 5000; | ||||
|     package = pkgs.haskell.lib.overrideSrc (pkgs.haskell.packages.ghc96.nix-serve-ng.override { nix = pkgs.nixVersions.nix_2_28; }) { | ||||
|       src = pkgs.fetchgit { | ||||
|         url = "https://jungle.bsc.es/git/abonerib/nix-serve-ng.git"; | ||||
|         rev = "9c056641300a826db66b66d7e584b2541d38927a"; | ||||
|         hash = "sha256-y69ZchFiZOU71eyeljcQgLxkLk5JUzZfanq8Yzw4MkI="; | ||||
|       }; | ||||
|       version = "unstable"; | ||||
|     }; | ||||
| 
 | ||||
|     secretKeyFile = "/var/cache-priv-key.pem"; | ||||
|     # Public key: | ||||
|     # 10.0.40.6:8jBhIdXEBap+Qo+vc1/fnV9vj43A2oDk839EEheRr/U= | ||||
|   }; | ||||
| 
 | ||||
| } | ||||
|  | ||||
							
								
								
									
										52
									
								
								m/weasel/hydra.nix
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										52
									
								
								m/weasel/hydra.nix
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,52 @@ | ||||
| { config, pkgs, lib, ... }: | ||||
| { | ||||
|   services.hydra = { | ||||
|     enable = true; | ||||
| 
 | ||||
|     # Wrap hydra so it puts quiet flag every time... This is dumb and annoying, | ||||
|     # but i can't override the systemd ExecStart without running into infinite | ||||
|     # recursion. | ||||
|     package = pkgs.symlinkJoin { | ||||
|       name = "hydra-quiet"; | ||||
|       paths = [ pkgs.hydra ]; | ||||
|       postBuild = '' | ||||
|         for prog in hydra-queue-runner hydra-evaluator ; do | ||||
|           prev=$(realpath $out/bin/$prog) | ||||
|           rm $out/bin/$prog | ||||
|           cat >$out/bin/$prog <<EOF | ||||
|         #!/bin/sh | ||||
|         args=() | ||||
|         for arg in "\$@"; do | ||||
|           if [ "\$arg" != "-v" ]; then | ||||
|             args+=("\$arg") | ||||
|           fi | ||||
|         done | ||||
|         exec $prev --quiet "\''${args[@]}" | ||||
|         EOF | ||||
| 
 | ||||
|           chmod +x $out/bin/$prog | ||||
|         done | ||||
|       ''; | ||||
|     }; | ||||
| 
 | ||||
|     hydraURL = "http://localhost:3001"; # externally visible URL | ||||
|     notificationSender = "hydra@jungle.bsc.es"; # e-mail of Hydra service | ||||
|     port = 3001; | ||||
|     # a standalone Hydra will require you to unset the buildMachinesFiles list to avoid using a nonexistant /etc/nix/machines | ||||
|     buildMachinesFiles = [ ]; | ||||
|     # you will probably also want, otherwise *everything* will be built from scratch | ||||
|     useSubstitutes = true; | ||||
|     listenHost = "0.0.0.0"; # Force IPv4 | ||||
|   }; | ||||
| 
 | ||||
|   systemd.services.hydra-send-stats.enable = lib.mkForce false; | ||||
| 
 | ||||
|   networking.firewall.allowedTCPPorts = [ config.services.hydra.port ]; | ||||
| 
 | ||||
|   nix.settings.extra-allowed-uris = [ | ||||
|     "git+ssh://git@bscpm04.bsc.es" | ||||
|     "git+ssh://git@gitlab-internal.bsc.es" | ||||
|     "https://github.com" | ||||
|     "git+ssh://github.com" | ||||
|   ]; | ||||
| } | ||||
							
								
								
									
										40
									
								
								m/weasel/virtualization.nix
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										40
									
								
								m/weasel/virtualization.nix
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,40 @@ | ||||
| { | ||||
|   lib, | ||||
|   pkgs, | ||||
|   config, | ||||
|   ... | ||||
| }: | ||||
| 
 | ||||
| { | ||||
|   # Enable common container config files in /etc/containers | ||||
|   virtualisation.containers.enable = true; | ||||
|   virtualisation = { | ||||
|     podman = { | ||||
|       enable = true; | ||||
| 
 | ||||
|       # Required for containers under podman-compose to be able to talk to each other. | ||||
|       defaultNetwork.settings.dns_enabled = true; | ||||
|     }; | ||||
|   }; | ||||
| 
 | ||||
|   # We cannot use /home since nfs does not support fileattrs needed by podman | ||||
|   systemd.tmpfiles.settings = { | ||||
|     "podman-users" = lib.mapAttrs' ( | ||||
|       name: value: | ||||
|       lib.nameValuePair ("/var/lib/podman-users/" + name) { | ||||
|         d = { | ||||
|           group = value.group; | ||||
|           mode = value.homeMode; | ||||
|           user = name; | ||||
|         }; | ||||
|       } | ||||
|     ) (lib.filterAttrs (_: x: x.isNormalUser) config.users.users); | ||||
|   }; | ||||
| 
 | ||||
|   # Useful other development tools | ||||
|   environment.systemPackages = with pkgs; [ | ||||
|     dive # look into docker image layers | ||||
|     podman-tui # status of containers in the terminal | ||||
|     podman-compose # start group of containers for dev | ||||
|   ]; | ||||
| } | ||||
| @ -62,7 +62,7 @@ let | ||||
|   }; | ||||
| 
 | ||||
|   tests = rec { | ||||
|     #hwloc = callPackage ./test/bugs/hwloc.nix { }; # Broken, no /sys | ||||
|     hwloc = callPackage ./test/bugs/hwloc.nix { }; | ||||
|     #sigsegv = callPackage ./test/reproducers/sigsegv.nix { }; | ||||
|     hello-c = callPackage ./test/compilers/hello-c.nix { }; | ||||
|     hello-cpp = callPackage ./test/compilers/hello-cpp.nix { }; | ||||
|  | ||||
| @ -6,6 +6,7 @@ | ||||
| 
 | ||||
| stdenv.mkDerivation { | ||||
|   name = "hwloc-test"; | ||||
|   requiredSystemFeatures = [ "sys-devices" ]; | ||||
| 
 | ||||
|   src = ./.; | ||||
| 
 | ||||
| @ -14,7 +15,7 @@ stdenv.mkDerivation { | ||||
|   buildPhase = '' | ||||
|     ls -l /sys | ||||
|     gcc -lhwloc hwloc.c -o hwloc | ||||
|     strace ./hwloc | ||||
|     strace ./hwloc > $out | ||||
|   ''; | ||||
| 
 | ||||
| } | ||||
|  | ||||
| @ -23,9 +23,8 @@ in stdenv.mkDerivation { | ||||
|   dontUnpack = true; | ||||
|   dontConfigure = true; | ||||
| 
 | ||||
|   # nOS-V requires access to /sys/devices to request NUMA information. It will | ||||
|   # fail to run otherwise, so we disable the sandbox for this test. | ||||
|   __noChroot = true; | ||||
|   # nOS-V requires access to /sys/devices to request NUMA information | ||||
|   requiredSystemFeatures = [ "sys-devices" ]; | ||||
| 
 | ||||
|   buildInputs = [ openmp ]; | ||||
| 
 | ||||
|  | ||||
| @ -36,9 +36,8 @@ in stdenv.mkDerivation { | ||||
|   dontUnpack = true; | ||||
|   dontConfigure = true; | ||||
| 
 | ||||
|   # nOS-V requires access to /sys/devices to request NUMA information. It will | ||||
|   # fail to run otherwise, so we disable the sandbox for this test. | ||||
|   __noChroot = true; | ||||
|   # nOS-V requires access to /sys/devices to request NUMA information | ||||
|   requiredSystemFeatures = [ "sys-devices" ]; | ||||
| 
 | ||||
|   buildInputs = [ nosv ]; | ||||
| 
 | ||||
|  | ||||
| @ -24,9 +24,8 @@ in stdenv.mkDerivation { | ||||
|   dontUnpack = true; | ||||
|   dontConfigure = true; | ||||
| 
 | ||||
|   # nOS-V requires access to /sys/devices to request NUMA information. It will | ||||
|   # fail to run otherwise, so we disable the sandbox for this test. | ||||
|   __noChroot = true; | ||||
|   # nOS-V requires access to /sys/devices to request NUMA information | ||||
|   requiredSystemFeatures = [ "sys-devices" ]; | ||||
| 
 | ||||
|   buildPhase = '' | ||||
|     set -x | ||||
|  | ||||
| @ -25,9 +25,10 @@ stdenv.mkDerivation rec { | ||||
|   hardeningDisable = [ "all" ]; | ||||
|   #NIX_DEBUG = 1; | ||||
|   buildInputs = [ ]; #strace gdb; | ||||
|   # NODES requires access to /sys/devices to request NUMA information. It will | ||||
|   # fail to run otherwise, so we disable the sandbox for this test. | ||||
|   __noChroot = true; | ||||
| 
 | ||||
|   # NODES requires access to /sys/devices to request NUMA information | ||||
|   requiredSystemFeatures = [ "sys-devices" ]; | ||||
| 
 | ||||
|   buildPhase = '' | ||||
|     set -x | ||||
|     #$CC -v | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user