rarias/jungle
2
0
Fork 3
Code Issues 57 Pull Requests 7 Actions Packages Projects Releases Wiki Activity

Compare commits

base: rarias:master
Branches Tags
rarias:master rarias:enableStrictDeps rarias:fox-regression rarias:pkgs/tacuda rarias:pkgs/tasycl rarias:robust-fetchGit rarias:old-master rarias:gitea-lfs rarias:only-restart-logins rarias:monitor-gpfs-home rarias:add-tent-machine rarias:m/raccoon rarias:add-fpga-u280 rarias:maintenance-purchase rarias:add-fox-machine rarias:share-files rarias:shared-nix-store rarias:intro-nix rarias:lake2-ipoib
..
compare: rarias:91fa59e397d90ee1c344e6f44bf9d0484d5b1cec
Branches Tags
rarias:master rarias:enableStrictDeps rarias:fox-regression rarias:pkgs/tacuda rarias:pkgs/tasycl rarias:robust-fetchGit rarias:old-master rarias:gitea-lfs rarias:only-restart-logins rarias:monitor-gpfs-home rarias:add-tent-machine rarias:m/raccoon rarias:add-fpga-u280 rarias:maintenance-purchase rarias:add-fox-machine rarias:share-files rarias:shared-nix-store rarias:intro-nix rarias:lake2-ipoib

1 Commits
master ... 91fa59e397

Author SHA1 Message Date
Aleix Boné
91fa59e397 Enable nosv system feature 2025-10-02 15:57:13 +02:00
171 changed files with 288 additions and 50855 deletions
Expand all files Collapse all files

20
.gitea/workflows/ci.yaml
View File

@@ -1,20 +0,0 @@
name: CI
on:
push:
branches:
- master
pull_request:
branches:
- master
jobs:
build:all:
runs-on: native
steps:
- uses: https://gitea.com/ScMi1/checkout@v1.4
- run: nix build -L --no-link --print-out-paths .#bsc.ci.all
build:cross:
runs-on: native
steps:
- uses: https://gitea.com/ScMi1/checkout@v1.4
- run: nix build -L --no-link --print-out-paths .#bsc.ci.cross

2
.gitignore vendored
View File

@@ -1,3 +1,3 @@
**.swp
*.swp
/result
/misc

6
.gitlab-ci.yml
View File

@@ -1,6 +0,0 @@
build:bsc-ci.all:
stage: build
tags:
- nix
script:
- nix build -L --no-link --print-out-paths .#bsc-ci.all

21
COPYING
View File

@@ -1,21 +0,0 @@
Copyright (c) 2020-2025 Barcelona Supercomputing Center
Copyright (c) 2003-2020 Eelco Dolstra and the Nixpkgs/NixOS contributors
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

9
README.md
View File

@@ -1,9 +0,0 @@
# Jungle
This repository provides two components that can be used independently:
- A Nix overlay with packages used at BSC (formerly known as bscpkgs). Access
them directly with `nix shell .#<pkgname>`.
- NixOS configurations for jungle machines. Use `nixos-rebuild switch --flake .`
to upgrade the current machine.

19
default.nix
View File

@@ -1,19 +0,0 @@
let
bscOverlay = import ./overlay.nix;
# read flake.lock and determine revision from there
lock = builtins.fromJSON (builtins.readFile ./flake.lock);
inherit (lock.nodes.nixpkgs.locked) rev narHash;
fetchedNixpkgs = builtins.fetchTarball {
url = "https://github.com/NixOS/nixpkgs/archive/${rev}.tar.gz";
sha256 = narHash;
};
in
{ overlays ? [ ]
, nixpkgs ? fetchedNixpkgs
, ...
}@attrs:
import nixpkgs (
(builtins.removeAttrs attrs [ "overlays" "nixpkgs" ]) //
{ overlays = [ bscOverlay ] ++ overlays; }
)

30
doc/maintainers.md
View File

@@ -1,30 +0,0 @@
# Maintainers
## Role of a maintainer
The responsibilities of maintainers are quite lax, and similar in spirit to
[nixpkgs' maintainers][1]:
The main responsibility of a maintainer is to keep the packages they
maintain in a functioning state, and keep up with updates. In order to do
that, they are empowered to make decisions over the packages they maintain.
That being said, the maintainer is not alone in proposing changes to the
packages. Anybody (both bots and humans) can send PRs to bump or tweak the
package.
In practice, this means that when updating or proposing changes to a package,
we will notify maintainers by mentioning them in Gitea so they can test changes
and give feedback.
Since we do bi-yearly release cycles, there is no expectation from maintainers
to update packages at each upstream release. Nevertheless, on each release cycle
we may request help from maintainers when updating or testing their packages.
## Becoming a maintainer
You'll have to add yourself in the `maintainers.nix` list; your username should
match your `bsc.es` email. Then you can add yourself to the `meta.maintainers`
of any package you are interested in maintaining.
[1]: [https://github.com/NixOS/nixpkgs/tree/nixos-25.05/maintainers]

111
flake.lock generated
View File

@@ -1,25 +1,128 @@
{
"nodes": {
"agenix": {
"inputs": {
"darwin": "darwin",
"home-manager": "home-manager",
"nixpkgs": [
"nixpkgs"
],
"systems": "systems"
},
"locked": {
"lastModified": 1750173260,
"narHash": "sha256-9P1FziAwl5+3edkfFcr5HeGtQUtrSdk/MksX39GieoA=",
"owner": "ryantm",
"repo": "agenix",
"rev": "531beac616433bac6f9e2a19feb8e99a22a66baf",
"type": "github"
},
"original": {
"owner": "ryantm",
"repo": "agenix",
"type": "github"
}
},
"bscpkgs": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1749650500,
"narHash": "sha256-2MHfVPV6RA7qPSCtXh4+KK0F0UjN+J4z8//+n6NK7Xs=",
"ref": "refs/heads/master",
"rev": "9d1944c658929b6f98b3f3803fead4d1b91c4405",
"revCount": 961,
"type": "git",
"url": "https://git.sr.ht/~rodarima/bscpkgs"
},
"original": {
"type": "git",
"url": "https://git.sr.ht/~rodarima/bscpkgs"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1744478979,
"narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "43975d782b418ebf4969e9ccba82466728c2851b",
"type": "github"
},
"original": {
"owner": "lnl7",
"ref": "master",
"repo": "nix-darwin",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1745494811,
"narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1767634882,
"narHash": "sha256-2GffSfQxe3sedHzK+sTKlYo/NTIAGzbFCIsNMUPAAnk=",
"lastModified": 1752436162,
"narHash": "sha256-Kt1UIPi7kZqkSc5HVj6UY5YLHHEzPBkgpNUByuyxtlw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3c9db02515ef1d9b6b709fc60ba9a540957f661c",
"rev": "dfcd5b901dbab46c9c6e80b265648481aafb01f8",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.11",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"agenix": "agenix",
"bscpkgs": "bscpkgs",
"nixpkgs": "nixpkgs"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",

33
flake.nix
View File

@@ -1,22 +1,19 @@
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
agenix.url = "github:ryantm/agenix";
agenix.inputs.nixpkgs.follows = "nixpkgs";
bscpkgs.url = "git+https://git.sr.ht/~rodarima/bscpkgs";
bscpkgs.inputs.nixpkgs.follows = "nixpkgs";
};
outputs = { self, nixpkgs, ... }:
outputs = { self, nixpkgs, agenix, bscpkgs, ... }:
let
mkConf = name: nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit nixpkgs; theFlake = self; };
specialArgs = { inherit nixpkgs bscpkgs agenix; theFlake = self; };
modules = [ "${self.outPath}/m/${name}/configuration.nix" ];
};
# For now we only support x86
system = "x86_64-linux";
pkgs = import nixpkgs {
inherit system;
overlays = [ self.overlays.default ];
config.allowUnfree = true;
};
in
{
nixosConfigurations = {
@@ -34,19 +31,9 @@ in
weasel = mkConf "weasel";
};
bscOverlay = import ./overlay.nix;
overlays.default = self.bscOverlay;
# full nixpkgs with our overlay applied
legacyPackages.${system} = pkgs;
hydraJobs = self.legacyPackages.${system}.bsc.hydraJobs;
# propagate nixpkgs lib, so we can do bscpkgs.lib
lib = nixpkgs.lib // {
maintainers = nixpkgs.lib.maintainers // {
bsc = import ./pkgs/maintainers.nix;
};
packages.x86_64-linux = self.nixosConfigurations.hut.pkgs // {
bscpkgs = bscpkgs.packages.x86_64-linux;
nixpkgs = nixpkgs.legacyPackages.x86_64-linux;
};
};
}

12
m/apex/configuration.nix
View File

@@ -57,18 +57,6 @@
};
};
services.fail2ban = {
enable = true;
maxretry = 5;
bantime-increment = {
enable = true; # Double ban time on each attack
maxtime = "7d"; # Ban up to a week
};
};
# Disable SSH login with password, allow only keypair
services.openssh.settings.PasswordAuthentication = false;
networking.firewall = {
extraCommands = ''
# Blackhole BSC vulnerability scanner (OpenVAS) as it is spamming our

2
m/bay/configuration.nix
View File

@@ -24,7 +24,7 @@
address = "10.0.40.40";
prefixLength = 24;
} ];
interfaces.ibs785.ipv4.addresses = [ {
interfaces.ibp5s0.ipv4.addresses = [ {
address = "10.0.42.40";
prefixLength = 24;
} ];

2
m/common/base.nix
View File

@@ -11,7 +11,7 @@
./base/hw.nix
./base/net.nix
./base/nix.nix
./base/sys-devices.nix
./base/nosv.nix
./base/ntp.nix
./base/rev.nix
./base/ssh.nix

9
m/common/base/agenix.nix
View File

@@ -1,8 +1,9 @@
{ pkgs, ... }:
{ agenix, ... }:
{
imports = [ ../../module/agenix.nix ];
imports = [ agenix.nixosModules.default ];
# Add agenix to system packages
environment.systemPackages = [ pkgs.agenix ];
environment.systemPackages = [
agenix.packages.x86_64-linux.default
];
}

35
m/common/base/env.nix
View File

@@ -1,36 +1,11 @@
{ pkgs, ... }:
{ pkgs, config, ... }:
{
environment.systemPackages = with pkgs; [
cmake
ethtool
file
freeipmi
git
gnumake
home-manager
htop
ipmitool
ldns
lm_sensors
ncdu
nix-diff
nix-index
nix-output-monitor
nixfmt-tree
nixos-option
pciutils
perf
pv
ripgrep
tcpdump
tmux
tree
vim
wget
# From jungle overlay
nixgen
vim wget git htop tmux pciutils tcpdump ripgrep nix-index nixos-option
nix-diff ipmitool freeipmi ethtool lm_sensors cmake gnumake file tree
ncdu config.boot.kernelPackages.perf ldns pv
# From bsckgs overlay
osumb
];

5
m/common/base/nix.nix
View File

@@ -1,8 +1,9 @@
{ pkgs, nixpkgs, theFlake, ... }:
{ pkgs, nixpkgs, bscpkgs, theFlake, ... }:
{
nixpkgs.overlays = [
(import ../../../overlay.nix)
bscpkgs.bscOverlay
(import ../../../pkgs/overlay.nix)
];
nixpkgs.config.allowUnfree = true;

9
m/common/base/nosv.nix Normal file
View File

@@ -0,0 +1,9 @@
{ ... }:
{
nix.settings.system-features = [ "nosv" ];
programs.nix-required-mounts.enable = true;
programs.nix-required-mounts.allowedPatterns.nosv.paths = [
"/sys/devices/system/cpu"
"/sys/devices/system/node"
];
}

9
m/common/base/sys-devices.nix
View File

@@ -1,9 +0,0 @@
{
nix.settings.system-features = [ "sys-devices" ];
programs.nix-required-mounts.enable = true;
programs.nix-required-mounts.allowedPatterns.sys-devices.paths = [
"/sys/devices/system/cpu"
"/sys/devices/system/node"
];
}

27
m/common/base/users.nix
View File

@@ -139,7 +139,6 @@
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKGt0ESYxekBiHJQowmKpfdouw0hVm3N7tUMtAaeLejK vincent@varch"
];
shell = pkgs.zsh;
};
pmartin1 = {
@@ -181,32 +180,6 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFmMqKqPg4uocNOr3O41kLbZMOMJn3m2ZdN1JvTR96z3 bsccns@arnau-bsc"
];
};
aaguirre = {
uid = 9655;
isNormalUser = true;
home = "/home/Computational/aaguirre";
description = "Alejandro Aguirre";
group = "Computational";
hosts = [ "apex" "hut" ];
hashedPassword = "$6$TXRXQT6jjBvxkxU6$E.sh5KspAm1qeG5Ct7OPHpo8REmbGDwjFGvqeGgTVz3GASGOAnPL7UMZsMAsAKBoahOw.v8LNno6XGrTEPzZH1";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOlRX7ZCnqtUJYCxKgWmgSrFCYuA2LHY96rVwqxXPl86 aaguirre@BSC-8488184117"
];
};
emonteir = {
uid = 9656;
isNormalUser = true;
home = "/home/Computational/emonteir";
description = "Erwin Royson Monteiro";
group = "Computational";
hosts = [ "apex" "fox" ];
hashedPassword = "$6$0mU88zd3ZuK5NiJQ$DFWL5RMLH6esQM5UyhBCiiNryw4lDDmvJp7Usz3tmevnsiSJr6u0RsUKAnR/K8GRBFrV1.GocrgNjKjik5GY//";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOKZKot/Y3F5Wq9pQIXlCbyvQuVVeWMCsAC96Nd+LTcG erwin@Oreo"
];
};
};
groups = {

2
m/common/base/watchdog.nix
View File

@@ -5,5 +5,5 @@
boot.kernelModules = [ "ipmi_watchdog" ];
# Enable systemd watchdog with 30 s interval
systemd.settings.Manager.RuntimeWatchdogSec = 30;
systemd.watchdog.runtimeTime = "30s";
}

7
m/eudy/kernel/perf.nix
View File

@@ -1,6 +1,11 @@
{ pkgs, lib, ... }:
{ config, pkgs, lib, ... }:
{
# add the perf tool
environment.systemPackages = with pkgs; [
config.boot.kernelPackages.perf
];
# allow non-root users to read tracing data from the kernel
boot.kernel.sysctl."kernel.perf_event_paranoid" = -2;
boot.kernel.sysctl."kernel.kptr_restrict" = 0;

16
m/fox/configuration.nix
View File

@@ -93,4 +93,20 @@
wantedBy = [ "multi-user.target" ];
serviceConfig.ExecStart = script;
};
# Only allow SSH connections from users who have a SLURM allocation
# See: https://slurm.schedmd.com/pam_slurm_adopt.html
security.pam.services.sshd.rules.account.slurm = {
control = "required";
enable = true;
modulePath = "${pkgs.slurm}/lib/security/pam_slurm_adopt.so";
args = [ "log_level=debug5" ];
order = 999999; # Make it last one
};
# Disable systemd session (pam_systemd.so) as it will conflict with the
# pam_slurm_adopt.so module. What happens is that the shell is first adopted
# into the slurmstepd task and then into the systemd session, which is not
# what we want, otherwise it will linger even if all jobs are gone.
security.pam.services.sshd.startSession = lib.mkForce false;
}

5
m/fox/wireguard.nix
View File

@@ -23,11 +23,11 @@
peers = [
# List of allowed peers.
{
{
name = "apex";
publicKey = "VwhcN8vSOzdJEotQTpmPHBC52x3Hbv1lkFIyKubrnUA=";
# List of IPs assigned to this peer within the tunnel subnet. Used to configure routing.
allowedIPs = [ "10.106.0.30/32" "10.0.40.7/32" ];
allowedIPs = [ "10.106.0.30/32" ];
}
{
name = "raccoon";
@@ -40,7 +40,6 @@
networking.hosts = {
"10.106.0.30" = [ "apex" ];
"10.0.40.7" = [ "hut" ];
"10.106.0.236" = [ "raccoon" ];
"10.0.44.4" = [ "tent" ];
};

3
m/hut/configuration.nix
View File

@@ -17,7 +17,6 @@
./postgresql.nix
./nginx.nix
./p.nix
./ompss2-timer.nix
#./pxe.nix
];
@@ -45,7 +44,7 @@
address = "10.0.40.7";
prefixLength = 24;
} ];
interfaces.ibs785.ipv4.addresses = [ {
interfaces.ibp5s0.ipv4.addresses = [ {
address = "10.0.42.7";
prefixLength = 24;
} ];

3
m/hut/gitea.nix
View File

@@ -29,9 +29,6 @@
};
};
# Allow gitea user to send mail
users.users.gitea.extraGroups = [ "mail-robot" ];
services.gitea-actions-runner.instances = {
runrun = {
enable = true;

5
m/hut/msmtp.nix
View File

@@ -1,11 +1,8 @@
{ config, lib, ... }:
{
# Robot user that can see the password to send mail from jungle-robot
users.groups.mail-robot = {};
age.secrets.jungleRobotPassword = {
file = ../../secrets/jungle-robot-password.age;
group = "mail-robot";
group = "gitea";
mode = "440";
};

4
m/hut/nginx.nix
View File

@@ -4,8 +4,8 @@ let
name = "jungle-web";
src = pkgs.fetchgit {
url = "https://jungle.bsc.es/git/rarias/jungle-website.git";
rev = "5f18335d14126d2fef134c0cd441771436f7dfa1";
hash = "sha256-s9VBF91sQ7hg9+lrwNFPYgoXTTyXaQcAulCiGJgWERo=";
rev = "739bf0175a7f05380fe7ad7023ff1d60db1710e1";
hash = "sha256-ea5DzhYTzZ9TmqD+x95rdNdLbxPnBluqlYH2NmBYmc4=";
};
buildInputs = [ pkgs.hugo ];
buildPhase = ''

85
m/hut/ompss2-timer.nix
View File

@@ -1,85 +0,0 @@
{ config, pkgs, ... }:
{
systemd.timers = {
"ompss2-closing" = {
wantedBy = [ "timers.target" ];
timerConfig = {
Unit = "ompss2-closing.service";
OnCalendar = [ "*-03-15 07:00:00" "*-09-15 07:00:00"];
};
};
"ompss2-freeze" = {
wantedBy = [ "timers.target" ];
timerConfig = {
Unit = "ompss2-freeze.service";
OnCalendar = [ "*-04-15 07:00:00" "*-10-15 07:00:00" ];
};
};
"ompss2-release" = {
wantedBy = [ "timers.target" ];
timerConfig = {
Unit = "ompss2-release.service";
OnCalendar = [ "*-05-15 07:00:00" "*-11-15 07:00:00" ];
};
};
};
systemd.services =
let
closing = pkgs.writeText "closing.txt"
''
Subject: OmpSs-2 release enters closing period
Hi,
You have one month to merge the remaining features for the next OmpSs-2
release. Please, identify what needs to be merged and discuss it in the next
OmpSs-2 meeting.
Thanks!,
Jungle robot
'';
freeze = pkgs.writeText "freeze.txt"
''
Subject: OmpSs-2 release enters freeze period
Hi,
The period to introduce new features or breaking changes is over, only bug
fixes are allowed now. During this time, please prepare the release notes
to be included in the next OmpSs-2 release.
Thanks!,
Jungle robot
'';
release = pkgs.writeText "release.txt"
''
Subject: OmpSs-2 release now
Hi,
The period to introduce bug fixes is now over. Please, proceed to do the
OmpSs-2 release.
Thanks!,
Jungle robot
'';
mkServ = name: mail: {
"ompss2-${name}" = {
script = ''
set -eu
set -o pipefail
cat ${mail} | ${config.security.wrapperDir}/sendmail star@bsc.es
'';
serviceConfig = {
Type = "oneshot";
DynamicUser = true;
Group = "mail-robot";
};
};
};
in
(mkServ "closing" closing) //
(mkServ "freeze" freeze) //
(mkServ "release" release);
}

2
m/lake2/configuration.nix
View File

@@ -46,7 +46,7 @@
address = "10.0.40.42";
prefixLength = 24;
} ];
interfaces.ibs785.ipv4.addresses = [ {
interfaces.ibp5s0.ipv4.addresses = [ {
address = "10.0.42.42";
prefixLength = 24;
} ];

357
m/module/agenix.nix
View File

@@ -1,357 +0,0 @@
{
config,
options,
lib,
pkgs,
...
}:
with lib;
let
cfg = config.age;
isDarwin = lib.attrsets.hasAttrByPath [ "environment" "darwinConfig" ] options;
ageBin = config.age.ageBin;
users = config.users.users;
sysusersEnabled =
if isDarwin then
false
else
options.systemd ? sysusers && (config.systemd.sysusers.enable || config.services.userborn.enable);
mountCommand =
if isDarwin then
''
if ! diskutil info "${cfg.secretsMountPoint}" &> /dev/null; then
num_sectors=1048576
dev=$(hdiutil attach -nomount ram://"$num_sectors" | sed 's/[[:space:]]*$//')
newfs_hfs -v agenix "$dev"
mount -t hfs -o nobrowse,nodev,nosuid,-m=0751 "$dev" "${cfg.secretsMountPoint}"
fi
''
else
''
grep -q "${cfg.secretsMountPoint} ramfs" /proc/mounts ||
mount -t ramfs none "${cfg.secretsMountPoint}" -o nodev,nosuid,mode=0751
'';
newGeneration = ''
_agenix_generation="$(basename "$(readlink ${cfg.secretsDir})" || echo 0)"
(( ++_agenix_generation ))
echo "[agenix] creating new generation in ${cfg.secretsMountPoint}/$_agenix_generation"
mkdir -p "${cfg.secretsMountPoint}"
chmod 0751 "${cfg.secretsMountPoint}"
${mountCommand}
mkdir -p "${cfg.secretsMountPoint}/$_agenix_generation"
chmod 0751 "${cfg.secretsMountPoint}/$_agenix_generation"
'';
chownGroup = if isDarwin then "admin" else "keys";
# chown the secrets mountpoint and the current generation to the keys group
# instead of leaving it root:root.
chownMountPoint = ''
chown :${chownGroup} "${cfg.secretsMountPoint}" "${cfg.secretsMountPoint}/$_agenix_generation"
'';
setTruePath = secretType: ''
${
if secretType.symlink then
''
_truePath="${cfg.secretsMountPoint}/$_agenix_generation/${secretType.name}"
''
else
''
_truePath="${secretType.path}"
''
}
'';
installSecret = secretType: ''
${setTruePath secretType}
echo "decrypting '${secretType.file}' to '$_truePath'..."
TMP_FILE="$_truePath.tmp"
IDENTITIES=()
for identity in ${toString cfg.identityPaths}; do
test -r "$identity" || continue
test -s "$identity" || continue
IDENTITIES+=(-i)
IDENTITIES+=("$identity")
done
test "''${#IDENTITIES[@]}" -eq 0 && echo "[agenix] WARNING: no readable identities found!"
mkdir -p "$(dirname "$_truePath")"
[ "${secretType.path}" != "${cfg.secretsDir}/${secretType.name}" ] && mkdir -p "$(dirname "${secretType.path}")"
(
umask u=r,g=,o=
test -f "${secretType.file}" || echo '[agenix] WARNING: encrypted file ${secretType.file} does not exist!'
test -d "$(dirname "$TMP_FILE")" || echo "[agenix] WARNING: $(dirname "$TMP_FILE") does not exist!"
LANG=${
config.i18n.defaultLocale or "C"
} ${ageBin} --decrypt "''${IDENTITIES[@]}" -o "$TMP_FILE" "${secretType.file}"
)
chmod ${secretType.mode} "$TMP_FILE"
mv -f "$TMP_FILE" "$_truePath"
${optionalString secretType.symlink ''
[ "${secretType.path}" != "${cfg.secretsDir}/${secretType.name}" ] && ln -sfT "${cfg.secretsDir}/${secretType.name}" "${secretType.path}"
''}
'';
testIdentities = map (path: ''
test -f ${path} || echo '[agenix] WARNING: config.age.identityPaths entry ${path} not present!'
'') cfg.identityPaths;
cleanupAndLink = ''
_agenix_generation="$(basename "$(readlink ${cfg.secretsDir})" || echo 0)"
(( ++_agenix_generation ))
echo "[agenix] symlinking new secrets to ${cfg.secretsDir} (generation $_agenix_generation)..."
ln -sfT "${cfg.secretsMountPoint}/$_agenix_generation" ${cfg.secretsDir}
(( _agenix_generation > 1 )) && {
echo "[agenix] removing old secrets (generation $(( _agenix_generation - 1 )))..."
rm -rf "${cfg.secretsMountPoint}/$(( _agenix_generation - 1 ))"
}
'';
installSecrets = builtins.concatStringsSep "\n" (
[ "echo '[agenix] decrypting secrets...'" ]
++ testIdentities
++ (map installSecret (builtins.attrValues cfg.secrets))
++ [ cleanupAndLink ]
);
chownSecret = secretType: ''
${setTruePath secretType}
chown ${secretType.owner}:${secretType.group} "$_truePath"
'';
chownSecrets = builtins.concatStringsSep "\n" (
[ "echo '[agenix] chowning...'" ]
++ [ chownMountPoint ]
++ (map chownSecret (builtins.attrValues cfg.secrets))
);
secretType = types.submodule (
{ config, ... }:
{
options = {
name = mkOption {
type = types.str;
default = config._module.args.name;
defaultText = literalExpression "config._module.args.name";
description = ''
Name of the file used in {option}`age.secretsDir`
'';
};
file = mkOption {
type = types.path;
description = ''
Age file the secret is loaded from.
'';
};
path = mkOption {
type = types.str;
default = "${cfg.secretsDir}/${config.name}";
defaultText = literalExpression ''
"''${cfg.secretsDir}/''${config.name}"
'';
description = ''
Path where the decrypted secret is installed.
'';
};
mode = mkOption {
type = types.str;
default = "0400";
description = ''
Permissions mode of the decrypted secret in a format understood by chmod.
'';
};
owner = mkOption {
type = types.str;
default = "0";
description = ''
User of the decrypted secret.
'';
};
group = mkOption {
type = types.str;
default = users.${config.owner}.group or "0";
defaultText = literalExpression ''
users.''${config.owner}.group or "0"
'';
description = ''
Group of the decrypted secret.
'';
};
symlink = mkEnableOption "symlinking secrets to their destination" // {
default = true;
};
};
}
);
in
{
imports = [
(mkRenamedOptionModule [ "age" "sshKeyPaths" ] [ "age" "identityPaths" ])
];
options.age = {
ageBin = mkOption {
type = types.str;
default = "${pkgs.age}/bin/age";
defaultText = literalExpression ''
"''${pkgs.age}/bin/age"
'';
description = ''
The age executable to use.
'';
};
secrets = mkOption {
type = types.attrsOf secretType;
default = { };
description = ''
Attrset of secrets.
'';
};
secretsDir = mkOption {
type = types.path;
default = "/run/agenix";
description = ''
Folder where secrets are symlinked to
'';
};
secretsMountPoint = mkOption {
type =
types.addCheck types.str (
s:
(builtins.match "[ \t\n]*" s) == null # non-empty
&& (builtins.match ".+/" s) == null
) # without trailing slash
// {
description = "${types.str.description} (with check: non-empty without trailing slash)";
};
default = "/run/agenix.d";
description = ''
Where secrets are created before they are symlinked to {option}`age.secretsDir`
'';
};
identityPaths = mkOption {
type = types.listOf types.path;
default =
if isDarwin then
[
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_rsa_key"
]
else if (config.services.openssh.enable or false) then
map (e: e.path) (
lib.filter (e: e.type == "rsa" || e.type == "ed25519") config.services.openssh.hostKeys
)
else
[ ];
defaultText = literalExpression ''
if isDarwin
then [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_rsa_key"
]
else if (config.services.openssh.enable or false)
then map (e: e.path) (lib.filter (e: e.type == "rsa" || e.type == "ed25519") config.services.openssh.hostKeys)
else [];
'';
description = ''
Path to SSH keys to be used as identities in age decryption.
'';
};
};
config = mkIf (cfg.secrets != { }) (mkMerge [
{
assertions = [
{
assertion = cfg.identityPaths != [ ];
message = "age.identityPaths must be set, for example by enabling openssh.";
}
];
}
(optionalAttrs (!isDarwin) {
# When using sysusers we no longer be started as an activation script
# because those are started in initrd while sysusers is started later.
systemd.services.agenix-install-secrets = mkIf sysusersEnabled {
wantedBy = [ "sysinit.target" ];
after = [ "systemd-sysusers.service" ];
unitConfig.DefaultDependencies = "no";
path = [ pkgs.mount ];
serviceConfig = {
Type = "oneshot";
ExecStart = pkgs.writeShellScript "agenix-install" (concatLines [
newGeneration
installSecrets
chownSecrets
]);
RemainAfterExit = true;
};
};
# Create a new directory full of secrets for symlinking (this helps
# ensure removed secrets are actually removed, or at least become
# invalid symlinks).
system.activationScripts = mkIf (!sysusersEnabled) {
agenixNewGeneration = {
text = newGeneration;
deps = [
"specialfs"
];
};
agenixInstall = {
text = installSecrets;
deps = [
"agenixNewGeneration"
"specialfs"
];
};
# So user passwords can be encrypted.
users.deps = [ "agenixInstall" ];
# Change ownership and group after users and groups are made.
agenixChown = {
text = chownSecrets;
deps = [
"users"
"groups"
];
};
# So other activation scripts can depend on agenix being done.
agenix = {
text = "";
deps = [ "agenixChown" ];
};
};
})
(optionalAttrs isDarwin {
launchd.daemons.activate-agenix = {
script = ''
set -e
set -o pipefail
export PATH="${pkgs.gnugrep}/bin:${pkgs.coreutils}/bin:@out@/sw/bin:/usr/bin:/bin:/usr/sbin:/sbin"
${newGeneration}
${installSecrets}
${chownSecrets}
exit 0
'';
serviceConfig = {
RunAtLoad = true;
KeepAlive.SuccessfulExit = false;
};
};
})
]);
}

9
m/module/debuginfod.nix
View File

@@ -1,10 +1,3 @@
{
services.nixseparatedebuginfod2 = {
enable = true;
substituters = [
"local:"
"https://cache.nixos.org"
"http://hut/cache"
];
};
services.nixseparatedebuginfod.enable = true;
}

18
m/module/slurm-client.nix
View File

@@ -1,4 +1,4 @@
{ lib, pkgs, ... }:
{ lib, ... }:
{
imports = [
@@ -21,20 +21,4 @@
};
services.slurm.client.enable = true;
# Only allow SSH connections from users who have a SLURM allocation
# See: https://slurm.schedmd.com/pam_slurm_adopt.html
security.pam.services.sshd.rules.account.slurm = {
control = "required";
enable = true;
modulePath = "${pkgs.slurm}/lib/security/pam_slurm_adopt.so";
args = [ "log_level=debug5" ];
order = 999999; # Make it last one
};
# Disable systemd session (pam_systemd.so) as it will conflict with the
# pam_slurm_adopt.so module. What happens is that the shell is first adopted
# into the slurmstepd task and then into the systemd session, which is not
# what we want, otherwise it will linger even if all jobs are gone.
security.pam.services.sshd.startSession = lib.mkForce false;
}

41
m/module/slurm-common.nix
View File

@@ -1,6 +1,31 @@
{ config, pkgs, ... }:
{
let
suspendProgram = pkgs.writeShellScript "suspend.sh" ''
exec 1>>/var/log/power_save.log 2>>/var/log/power_save.log
set -x
export "PATH=/run/current-system/sw/bin:$PATH"
echo "$(date) Suspend invoked $0 $*" >> /var/log/power_save.log
hosts=$(scontrol show hostnames $1)
for host in $hosts; do
echo Shutting down host: $host
ipmitool -I lanplus -H ''${host}-ipmi -P "" -U "" chassis power off
done
'';
resumeProgram = pkgs.writeShellScript "resume.sh" ''
exec 1>>/var/log/power_save.log 2>>/var/log/power_save.log
set -x
export "PATH=/run/current-system/sw/bin:$PATH"
echo "$(date) Suspend invoked $0 $*" >> /var/log/power_save.log
hosts=$(scontrol show hostnames $1)
for host in $hosts; do
echo Starting host: $host
ipmitool -I lanplus -H ''${host}-ipmi -P "" -U "" chassis power on
done
'';
in {
services.slurm = {
controlMachine = "apex";
clusterName = "jungle";
@@ -34,6 +59,16 @@
# the resources. Use the task/cgroup plugin to enable process containment.
TaskPlugin=task/affinity,task/cgroup
# Power off unused nodes until they are requested
SuspendProgram=${suspendProgram}
SuspendTimeout=60
ResumeProgram=${resumeProgram}
ResumeTimeout=300
SuspendExcNodes=fox
# Turn the nodes off after 1 hour of inactivity
SuspendTime=3600
# Reduce port range so we can allow only this range in the firewall
SrunPortRange=60000-61000
@@ -51,7 +86,9 @@
# when a task runs (srun) so we can ssh early.
PrologFlags=Alloc,Contain,X11
LaunchParameters=use_interactive_step
# LaunchParameters=ulimit_pam_adopt will set RLIMIT_RSS in processes
# adopted by the external step, similar to tasks running in regular steps
# LaunchParameters=ulimit_pam_adopt
SlurmdDebug=debug5
#DebugFlags=Protocol,Cgroup
'';

27
m/module/tc1-board.nix
View File

@@ -1,27 +0,0 @@
{ lib, pkgs, ... }:
{
# Allow user access to FTDI USB device
services.udev.packages = lib.singleton (pkgs.writeTextFile {
# Needs to be < 73
name = "60-ftdi-tc1.rules";
text = ''
# Bus 003 Device 003: ID 0403:6011 Future Technology Devices International, Ltd FT4232H Quad HS USB-UART/FIFO IC
# Use := to make sure it doesn't get changed later
SUBSYSTEMS=="usb", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6011", MODE:="0666"
'';
destination = "/etc/udev/rules.d/60-ftdi-tc1.rules";
});
# Allow access to USB for docker in GitLab runner
services.gitlab-runner = {
services.gitlab-bsc-docker = {
registrationFlags = [
# We need raw access to the USB port to reboot the board
"--docker-devices /dev/bus/usb/003/003"
# And TTY access for the serial port
"--docker-devices /dev/ttyUSB2"
];
};
};
}

2
m/owl1/configuration.nix
View File

@@ -20,7 +20,7 @@
address = "10.0.40.1";
prefixLength = 24;
} ];
interfaces.ibs785.ipv4.addresses = [ {
interfaces.ibp5s0.ipv4.addresses = [ {
address = "10.0.42.1";
prefixLength = 24;
} ];

2
m/owl2/configuration.nix
View File

@@ -21,7 +21,7 @@
prefixLength = 24;
} ];
# Watch out! The OmniPath device is not in the same place here:
interfaces.ibs801.ipv4.addresses = [ {
interfaces.ibp129s0.ipv4.addresses = [ {
address = "10.0.42.2";
prefixLength = 24;
} ];

1
m/tent/configuration.nix
View File

@@ -16,7 +16,6 @@
../module/p.nix
../module/vpn-dac.nix
../module/hut-substituter.nix
../module/tc1-board.nix
];
# Select the this using the ID to avoid mismatches

3
m/tent/gitea.nix
View File

@@ -27,7 +27,4 @@
};
};
};
# Allow gitea user to send mail
users.users.gitea.extraGroups = [ "mail-robot" ];
}

4
m/tent/nginx.nix
View File

@@ -4,8 +4,8 @@ let
name = "jungle-web";
src = pkgs.fetchgit {
url = "https://jungle.bsc.es/git/rarias/jungle-website.git";
rev = "5f18335d14126d2fef134c0cd441771436f7dfa1";
hash = "sha256-s9VBF91sQ7hg9+lrwNFPYgoXTTyXaQcAulCiGJgWERo=";
rev = "739bf0175a7f05380fe7ad7023ff1d60db1710e1";
hash = "sha256-ea5DzhYTzZ9TmqD+x95rdNdLbxPnBluqlYH2NmBYmc4=";
};
buildInputs = [ pkgs.hugo ];
buildPhase = ''

162
overlay.nix
View File

@@ -1,162 +0,0 @@
final: /* Future last stage */
prev: /* Previous stage */
with final.lib;
let
callPackage = final.callPackage;
bscPkgs = {
agenix = prev.callPackage ./pkgs/agenix/default.nix { };
amd-uprof = prev.callPackage ./pkgs/amd-uprof/default.nix { };
bench6 = callPackage ./pkgs/bench6/default.nix { };
bigotes = callPackage ./pkgs/bigotes/default.nix { };
clangOmpss2 = callPackage ./pkgs/llvm-ompss2/default.nix { };
clangOmpss2Nanos6 = callPackage ./pkgs/llvm-ompss2/default.nix { ompss2rt = final.nanos6; };
clangOmpss2Nodes = callPackage ./pkgs/llvm-ompss2/default.nix { ompss2rt = final.nodes; openmp = final.openmp; };
clangOmpss2NodesOmpv = callPackage ./pkgs/llvm-ompss2/default.nix { ompss2rt = final.nodes; openmp = final.openmpv; };
clangOmpss2Unwrapped = callPackage ./pkgs/llvm-ompss2/clang.nix { };
cudainfo = prev.callPackage ./pkgs/cudainfo/default.nix { };
#extrae = callPackage ./pkgs/extrae/default.nix { }; # Broken and outdated
gpi-2 = callPackage ./pkgs/gpi-2/default.nix { };
intelPackages_2023 = callPackage ./pkgs/intel-oneapi/2023.nix { };
jemallocNanos6 = callPackage ./pkgs/nanos6/jemalloc.nix { };
# FIXME: Extend this to all linuxPackages variants. Open problem, see:
# https://discourse.nixos.org/t/whats-the-right-way-to-make-a-custom-kernel-module-available/4636
linuxPackages = prev.linuxPackages.extend (_final: _prev: {
amd-uprof-driver = _prev.callPackage ./pkgs/amd-uprof/driver.nix { };
});
linuxPackages_latest = prev.linuxPackages_latest.extend(_final: _prev: {
amd-uprof-driver = _prev.callPackage ./pkgs/amd-uprof/driver.nix { };
});
lmbench = callPackage ./pkgs/lmbench/default.nix { };
# Broken and unmantained
# mcxx = callPackage ./pkgs/mcxx/default.nix { };
meteocat-exporter = prev.callPackage ./pkgs/meteocat-exporter/default.nix { };
mpi = final.mpich; # Set MPICH as default
mpich = callPackage ./pkgs/mpich/default.nix { mpich = prev.mpich; };
nanos6 = callPackage ./pkgs/nanos6/default.nix { };
nanos6Debug = final.nanos6.override { enableDebug = true; };
nixtools = callPackage ./pkgs/nixtools/default.nix { };
nixgen = callPackage ./pkgs/nixgen/default.nix { };
# Broken because of pkgsStatic.libcap
# See: https://github.com/NixOS/nixpkgs/pull/268791
#nix-wrap = callPackage ./pkgs/nix-wrap/default.nix { };
nodes = callPackage ./pkgs/nodes/default.nix { };
nosv = callPackage ./pkgs/nosv/default.nix { };
openmp = callPackage ./pkgs/llvm-ompss2/openmp.nix { monorepoSrc = final.clangOmpss2Unwrapped.src; version = final.clangOmpss2Unwrapped.version; };
openmpv = final.openmp.override { enableNosv = true; enableOvni = true; };
osumb = callPackage ./pkgs/osu/default.nix { };
ovni = callPackage ./pkgs/ovni/default.nix { };
ovniGit = final.ovni.override { useGit = true; };
paraverKernel = callPackage ./pkgs/paraver/kernel.nix { };
prometheus-slurm-exporter = prev.callPackage ./pkgs/slurm-exporter/default.nix { };
#pscom = callPackage ./pkgs/parastation/pscom.nix { }; # Unmaintaned
#psmpi = callPackage ./pkgs/parastation/psmpi.nix { }; # Unmaintaned
slurm = import ./pkgs/slurm/default.nix { slurm = prev.slurm; };
sonar = callPackage ./pkgs/sonar/default.nix { };
stdenvClangOmpss2 = final.stdenv.override { cc = final.clangOmpss2; allowedRequisites = null; };
stdenvClangOmpss2Nanos6 = final.stdenv.override { cc = final.clangOmpss2Nanos6; allowedRequisites = null; };
stdenvClangOmpss2Nodes = final.stdenv.override { cc = final.clangOmpss2Nodes; allowedRequisites = null; };
stdenvClangOmpss2NodesOmpv = final.stdenv.override { cc = final.clangOmpss2NodesOmpv; allowedRequisites = null; };
tagaspi = callPackage ./pkgs/tagaspi/default.nix { };
tampi = callPackage ./pkgs/tampi/default.nix { };
upc-qaire-exporter = prev.callPackage ./pkgs/upc-qaire-exporter/default.nix { };
wxparaver = callPackage ./pkgs/paraver/default.nix { };
};
tests = rec {
hwloc = callPackage ./test/bugs/hwloc.nix { };
#sigsegv = callPackage ./test/reproducers/sigsegv.nix { };
hello-c = callPackage ./test/compilers/hello-c.nix { };
hello-cpp = callPackage ./test/compilers/hello-cpp.nix { };
lto = callPackage ./test/compilers/lto.nix { };
asan = callPackage ./test/compilers/asan.nix { };
intel2023-icx-c = hello-c.override { stdenv = final.intelPackages_2023.stdenv; };
intel2023-icc-c = hello-c.override { stdenv = final.intelPackages_2023.stdenv-icc; };
intel2023-icx-cpp = hello-cpp.override { stdenv = final.intelPackages_2023.stdenv; };
intel2023-icc-cpp = hello-cpp.override { stdenv = final.intelPackages_2023.stdenv-icc; };
intel2023-ifort = callPackage ./test/compilers/hello-f.nix {
stdenv = final.intelPackages_2023.stdenv-ifort;
};
clangOmpss2-lto = lto.override { stdenv = final.stdenvClangOmpss2Nanos6; };
clangOmpss2-asan = asan.override { stdenv = final.stdenvClangOmpss2Nanos6; };
clangOmpss2-task = callPackage ./test/compilers/ompss2.nix {
stdenv = final.stdenvClangOmpss2Nanos6;
};
clangNodes-task = callPackage ./test/compilers/ompss2.nix {
stdenv = final.stdenvClangOmpss2Nodes;
};
clangNosvOpenmp-task = callPackage ./test/compilers/clang-openmp.nix {
stdenv = final.stdenvClangOmpss2Nodes;
};
clangNosvOmpv-nosv = callPackage ./test/compilers/clang-openmp-nosv.nix {
stdenv = final.stdenvClangOmpss2NodesOmpv;
};
clangNosvOmpv-ld = callPackage ./test/compilers/clang-openmp-ld.nix {
stdenv = final.stdenvClangOmpss2NodesOmpv;
};
};
# For now, only build toplevel packages in CI/Hydra
pkgsTopLevel = filterAttrs (_: isDerivation) bscPkgs;
# Native build in that platform doesn't imply cross build works
canCrossCompile = platform: default: pkg:
(isDerivation pkg) &&
# If meta.cross is undefined, use default
(pkg.meta.cross or default) &&
(meta.availableOn final.pkgsCross.${platform}.stdenv.hostPlatform pkg);
# For now only RISC-V
crossSet = genAttrs [ "riscv64" ] (platform:
filterAttrs (_: canCrossCompile platform true)
final.pkgsCross.${platform}.bsc.pkgsTopLevel);
buildList = name: paths:
final.runCommandLocal name { } ''
printf '%s\n' ${toString paths} | tee $out
'';
buildList' = name: paths:
final.runCommandLocal name { } ''
deps="${toString paths}"
cat $deps
printf '%s\n' $deps >$out
'';
pkgsList = buildList "ci-pkgs" (builtins.attrValues pkgsTopLevel);
testsList = buildList "ci-tests" (collect isDerivation tests);
allList = buildList' "ci-all" [ pkgsList testsList ];
# For now only RISC-V
crossList = buildList "ci-cross"
(filter
(canCrossCompile "riscv64" false) # opt-in (pkgs with: meta.cross = true)
(builtins.attrValues crossSet.riscv64));
in bscPkgs // {
lib = prev.lib // {
maintainers = prev.lib.maintainers // {
bsc = import ./pkgs/maintainers.nix;
};
};
# Prevent accidental usage of bsc-ci attribute
bsc-ci = throw "the bsc-ci attribute is deprecated, use bsc.ci";
# Internal for our CI tests
bsc = {
# CI targets for nix build
ci = { pkgs = pkgsList; tests = testsList; all = allList; cross = crossList; };
# Direct access to package sets
tests = tests;
pkgs = bscPkgs;
pkgsTopLevel = pkgsTopLevel;
cross = crossSet;
# Hydra uses attribute sets of pkgs
hydraJobs = { tests = tests; pkgs = pkgsTopLevel; cross = crossSet; };
};
}

212
pkgs/agenix/agenix.sh
View File

@@ -1,212 +0,0 @@
#!/usr/bin/env bash
set -Eeuo pipefail
PACKAGE="agenix"
function show_help () {
echo "$PACKAGE - edit and rekey age secret files"
echo " "
echo "$PACKAGE -e FILE [-i PRIVATE_KEY]"
echo "$PACKAGE -r [-i PRIVATE_KEY]"
echo ' '
echo 'options:'
echo '-h, --help show help'
# shellcheck disable=SC2016
echo '-e, --edit FILE edits FILE using $EDITOR'
echo '-r, --rekey re-encrypts all secrets with specified recipients'
echo '-d, --decrypt FILE decrypts FILE to STDOUT'
echo '-i, --identity identity to use when decrypting'
echo '-v, --verbose verbose output'
echo ' '
echo 'FILE an age-encrypted file'
echo ' '
echo 'PRIVATE_KEY a path to a private SSH key used to decrypt file'
echo ' '
echo 'EDITOR environment variable of editor to use when editing FILE'
echo ' '
echo 'If STDIN is not interactive, EDITOR will be set to "cp /dev/stdin"'
echo ' '
echo 'RULES environment variable with path to Nix file specifying recipient public keys.'
echo "Defaults to './secrets.nix'"
echo ' '
echo "agenix version: @version@"
echo "age binary path: @ageBin@"
echo "age version: $(@ageBin@ --version)"
}
function warn() {
printf '%s\n' "$*" >&2
}
function err() {
warn "$*"
exit 1
}
test $# -eq 0 && (show_help && exit 1)
REKEY=0
DECRYPT_ONLY=0
DEFAULT_DECRYPT=(--decrypt)
while test $# -gt 0; do
case "$1" in
-h|--help)
show_help
exit 0
;;
-e|--edit)
shift
if test $# -gt 0; then
export FILE=$1
else
echo "no FILE specified"
exit 1
fi
shift
;;
-i|--identity)
shift
if test $# -gt 0; then
DEFAULT_DECRYPT+=(--identity "$1")
else
echo "no PRIVATE_KEY specified"
exit 1
fi
shift
;;
-r|--rekey)
shift
REKEY=1
;;
-d|--decrypt)
shift
DECRYPT_ONLY=1
if test $# -gt 0; then
export FILE=$1
else
echo "no FILE specified"
exit 1
fi
shift
;;
-v|--verbose)
shift
set -x
;;
*)
show_help
exit 1
;;
esac
done
RULES=${RULES:-./secrets.nix}
function cleanup {
if [ -n "${CLEARTEXT_DIR+x}" ]
then
rm -rf -- "$CLEARTEXT_DIR"
fi
if [ -n "${REENCRYPTED_DIR+x}" ]
then
rm -rf -- "$REENCRYPTED_DIR"
fi
}
trap "cleanup" 0 2 3 15
function keys {
(@nixInstantiate@ --json --eval --strict -E "(let rules = import $RULES; in rules.\"$1\".publicKeys)" | @jqBin@ -r .[]) || exit 1
}
function armor {
(@nixInstantiate@ --json --eval --strict -E "(let rules = import $RULES; in (builtins.hasAttr \"armor\" rules.\"$1\" && rules.\"$1\".armor))") || exit 1
}
function decrypt {
FILE=$1
KEYS=$2
if [ -z "$KEYS" ]
then
err "There is no rule for $FILE in $RULES."
fi
if [ -f "$FILE" ]
then
DECRYPT=("${DEFAULT_DECRYPT[@]}")
if [[ "${DECRYPT[*]}" != *"--identity"* ]]; then
if [ -f "$HOME/.ssh/id_rsa" ]; then
DECRYPT+=(--identity "$HOME/.ssh/id_rsa")
fi
if [ -f "$HOME/.ssh/id_ed25519" ]; then
DECRYPT+=(--identity "$HOME/.ssh/id_ed25519")
fi
fi
if [[ "${DECRYPT[*]}" != *"--identity"* ]]; then
err "No identity found to decrypt $FILE. Try adding an SSH key at $HOME/.ssh/id_rsa or $HOME/.ssh/id_ed25519 or using the --identity flag to specify a file."
fi
@ageBin@ "${DECRYPT[@]}" -- "$FILE" || exit 1
fi
}
function edit {
FILE=$1
KEYS=$(keys "$FILE") || exit 1
ARMOR=$(armor "$FILE") || exit 1
CLEARTEXT_DIR=$(@mktempBin@ -d)
CLEARTEXT_FILE="$CLEARTEXT_DIR/$(basename -- "$FILE")"
DEFAULT_DECRYPT+=(-o "$CLEARTEXT_FILE")
decrypt "$FILE" "$KEYS" || exit 1
[ ! -f "$CLEARTEXT_FILE" ] || cp -- "$CLEARTEXT_FILE" "$CLEARTEXT_FILE.before"
[ -t 0 ] || EDITOR='cp -- /dev/stdin'
$EDITOR "$CLEARTEXT_FILE"
if [ ! -f "$CLEARTEXT_FILE" ]
then
warn "$FILE wasn't created."
return
fi
[ -f "$FILE" ] && [ "$EDITOR" != ":" ] && @diffBin@ -q -- "$CLEARTEXT_FILE.before" "$CLEARTEXT_FILE" && warn "$FILE wasn't changed, skipping re-encryption." && return
ENCRYPT=()
if [[ "$ARMOR" == "true" ]]; then
ENCRYPT+=(--armor)
fi
while IFS= read -r key
do
if [ -n "$key" ]; then
ENCRYPT+=(--recipient "$key")
fi
done <<< "$KEYS"
REENCRYPTED_DIR=$(@mktempBin@ -d)
REENCRYPTED_FILE="$REENCRYPTED_DIR/$(basename -- "$FILE")"
ENCRYPT+=(-o "$REENCRYPTED_FILE")
@ageBin@ "${ENCRYPT[@]}" <"$CLEARTEXT_FILE" || exit 1
mkdir -p -- "$(dirname -- "$FILE")"
mv -f -- "$REENCRYPTED_FILE" "$FILE"
}
function rekey {
FILES=$( (@nixInstantiate@ --json --eval -E "(let rules = import $RULES; in builtins.attrNames rules)" | @jqBin@ -r .[]) || exit 1)
for FILE in $FILES
do
warn "rekeying $FILE..."
EDITOR=: edit "$FILE"
cleanup
done
}
[ $REKEY -eq 1 ] && rekey && exit 0
[ $DECRYPT_ONLY -eq 1 ] && DEFAULT_DECRYPT+=("-o" "-") && decrypt "${FILE}" "$(keys "$FILE")" && exit 0
edit "$FILE" && cleanup && exit 0

66
pkgs/agenix/default.nix
View File

@@ -1,66 +0,0 @@
{
lib,
stdenv,
age,
jq,
nix,
mktemp,
diffutils,
replaceVars,
ageBin ? "${age}/bin/age",
shellcheck,
}:
let
bin = "${placeholder "out"}/bin/agenix";
in
stdenv.mkDerivation rec {
pname = "agenix";
version = "0.15.0";
src = replaceVars ./agenix.sh {
inherit ageBin version;
jqBin = "${jq}/bin/jq";
nixInstantiate = "${nix}/bin/nix-instantiate";
mktempBin = "${mktemp}/bin/mktemp";
diffBin = "${diffutils}/bin/diff";
};
dontUnpack = true;
doInstallCheck = true;
installCheckInputs = [ shellcheck ];
postInstallCheck = ''
shellcheck ${bin}
${bin} -h | grep ${version}
test_tmp=$(mktemp -d 2>/dev/null || mktemp -d -t 'mytmpdir')
export HOME="$test_tmp/home"
export NIX_STORE_DIR="$test_tmp/nix/store"
export NIX_STATE_DIR="$test_tmp/nix/var"
mkdir -p "$HOME" "$NIX_STORE_DIR" "$NIX_STATE_DIR"
function cleanup {
rm -rf "$test_tmp"
}
trap "cleanup" 0 2 3 15
mkdir -p $HOME/.ssh
cp -r "${./example}" $HOME/secrets
chmod -R u+rw $HOME/secrets
(
umask u=rw,g=r,o=r
cp ${./example_keys/user1.pub} $HOME/.ssh/id_ed25519.pub
chown $UID $HOME/.ssh/id_ed25519.pub
)
(
umask u=rw,g=,o=
cp ${./example_keys/user1} $HOME/.ssh/id_ed25519
chown $UID $HOME/.ssh/id_ed25519
)
cd $HOME/secrets
test $(${bin} -d secret1.age) = "hello"
'';
installPhase = ''
install -D $src ${bin}
'';
meta.description = "age-encrypted secrets for NixOS";
}

7
pkgs/agenix/example/-leading-hyphen-filename.age
View File

@@ -1,7 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 V3XmEA zirqdzZZ1E+sedBn7fbEHq4ntLEkokZ4GctarBBOHXY
Rvs5YHaAUeCZyNwPedubPcHClWYIuXXWA5zadXPWY6w
-> ssh-ed25519 KLPP8w BVp4rDkOYSQyn8oVeHFeinSqW+pdVtxBF9+5VM1yORY
bMwppAi8Nhz0328taU4AzUkTVyWtSLvFZG6c5W/Fs78
--- xCbqLhXAcOziO2wmbjTiSQfZvt5Rlsc4SCvF+iEzpQA
<EFBFBD>KB<EFBFBD><EFBFBD>/<2F>Z<><5A>r<EFBFBD>%<01><>4<EFBFBD><34><EFBFBD>Mq5<71><35>_<EFBFBD><5F>ݒ<><DD92><EFBFBD><EFBFBD><EFBFBD>11 ܨqM;& <20><>Lr<4C><72><EFBFBD>f<EFBFBD><66><EFBFBD>]>N

7
pkgs/agenix/example/armored-secret.age
View File

@@ -1,7 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFYzWG1FQSBpZkZW
aFpLNnJxc0VUMHRmZ2dZS0pjMGVENnR3OHd5K0RiT1RjRUhibFZBCnN5UG5vUjA3
SXpsNGtiVUw4T0tIVFo5Wkk5QS9NQlBndzVvektiQ0ozc0kKLS0tIGxyY1Q4dEZ1
VGZEanJyTFNta2JNRmpZb2FnK2JyS1hSVml1UGdMNWZKQXMKYla+wTXcRedyZoEb
LVWaSx49WoUTU0KBPJg9RArxaeC23GoCDzR/aM/1DvYU
-----END AGE ENCRYPTED FILE-----

9
pkgs/agenix/example/passwordfile-user1.age
View File

@@ -1,9 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 KLPP8w s1DYZRlZuSsyhmZCF1lFB+E9vB8bZ/+ZhBRlx8nprwE
nmYVCsVBrX2CFXXPU+D+bbkkIe/foofp+xoUrg9DHZw
-> ssh-ed25519 V3XmEA Pwv3oCwcY0DX8rY48UNfsj9RumWsn4dbgorYHCwObgI
FKxRYkL3JHtJxUwymWDF0rAtJ33BivDI6IfPsfumM90
-> V'v(/u$-grease em/Vgf 2qDuk
7I3iiQLPGi1COML9u/JeYkr7EqbSLoU
--- 57WJRigUGtmcObrssS3s4PvmR8wgh1AOC/ijJn1s3xI
<EFBFBD>'K<>ƷY&<26>7G<37>O<EFBFBD><4F>Fj<13>k<EFBFBD>X<EFBFBD><58>BnuJ<75><4A>:9<>(<><7F><EFBFBD>X<EFBFBD>#<23>A<EFBFBD><41><EFBFBD><EFBFBD>ڧj<DAA7>,<02>_<17><><EFBFBD>?<3F>Z<EFBFBD><17>v<EFBFBD><76>V<EFBFBD>96]oks~%<25>c <04>e^C<>%JQ5<51><H<>z}<7D>C<EFBFBD>,<2C>p<EFBFBD><70>*!W<><57><EFBFBD>A<EFBFBD><41><EFBFBD>҅dC<15>K)<10><>-<2D>y

BIN
pkgs/agenix/example/secret1.age
View File

Binary file not shown.

5
pkgs/agenix/example/secret2.age
View File

@@ -1,5 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 V3XmEA OB4+1FbPhQ3r6iGksM7peWX5it8NClpXIq/o5nnP7GA
FmHVUj+A5i5+bDFgySQskmlvynnosJiWUTJmBRiNA9I
--- tP+3mFVtd7ogVu1Lkboh55zoi5a77Ht08Uc/QuIviv4
<EFBFBD><EFBFBD>X<EFBFBD>{<7B><>O<EFBFBD><4F><1F><04>tMXx<58>vӪ(<28>I<EFBFBD>myP<79><50><EFBFBD><EFBFBD>+3<>S3i

23
pkgs/agenix/example/secrets.nix
View File

@@ -1,23 +0,0 @@
let
user1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL0idNvgGiucWgup/mP78zyC23uFjYq0evcWdjGQUaBH";
system1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPJDyIr/FSz1cJdcoW69R+NrWzwGK/+3gJpqD1t8L2zE";
in
{
"secret1.age".publicKeys = [
user1
system1
];
"secret2.age".publicKeys = [ user1 ];
"passwordfile-user1.age".publicKeys = [
user1
system1
];
"-leading-hyphen-filename.age".publicKeys = [
user1
system1
];
"armored-secret.age" = {
publicKeys = [ user1 ];
armor = true;
};
}

7
pkgs/agenix/example_keys/system1
View File

@@ -1,7 +0,0 @@
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACDyQ8iK/xUs9XCXXKFuvUfja1s8Biv/t4Caag9bfC9sxAAAAJA3yvCWN8rw
lgAAAAtzc2gtZWQyNTUxOQAAACDyQ8iK/xUs9XCXXKFuvUfja1s8Biv/t4Caag9bfC9sxA
AAAEA+J2V6AG1NriAIvnNKRauIEh1JE9HSdhvKJ68a5Fm0w/JDyIr/FSz1cJdcoW69R+Nr
WzwGK/+3gJpqD1t8L2zEAAAADHJ5YW50bUBob21lMQE=
-----END OPENSSH PRIVATE KEY-----

1
pkgs/agenix/example_keys/system1.pub
View File

@@ -1 +0,0 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPJDyIr/FSz1cJdcoW69R+NrWzwGK/+3gJpqD1t8L2zE

7
pkgs/agenix/example_keys/user1
View File

@@ -1,7 +0,0 @@
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACC9InTb4BornFoLqf5j+/M8gtt7hY2KtHr3FnYxkFGgRwAAAJC2JJ8htiSf
IQAAAAtzc2gtZWQyNTUxOQAAACC9InTb4BornFoLqf5j+/M8gtt7hY2KtHr3FnYxkFGgRw
AAAEDxt5gC/s53IxiKAjfZJVCCcFIsdeERdIgbYhLO719+Kb0idNvgGiucWgup/mP78zyC
23uFjYq0evcWdjGQUaBHAAAADHJ5YW50bUBob21lMQE=
-----END OPENSSH PRIVATE KEY-----

1
pkgs/agenix/example_keys/user1.pub
View File

@@ -1 +0,0 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL0idNvgGiucWgup/mP78zyC23uFjYq0evcWdjGQUaBH

23
pkgs/agenix/update.sh
View File

@@ -1,23 +0,0 @@
#!/bin/sh
set -e
# All operations are done relative to root
GITROOT=$(git rev-parse --show-toplevel)
cd "$GITROOT"
REVISION=${1:-main}
TMPCLONE=$(mktemp -d)
trap "rm -rf ${TMPCLONE}" EXIT
git clone https://github.com/ryantm/agenix.git --revision="$REVISION" "$TMPCLONE" --depth=1
cp "${TMPCLONE}/pkgs/agenix.sh" pkgs/agenix/agenix.sh
cp "${TMPCLONE}/pkgs/agenix.nix" pkgs/agenix/default.nix
sed -i 's#../example#./example#' pkgs/agenix/default.nix
cp "${TMPCLONE}/example/"* pkgs/agenix/example/
cp "${TMPCLONE}/example_keys/"* pkgs/agenix/example_keys/
cp "${TMPCLONE}/modules/age.nix" m/module/agenix.nix

9
pkgs/amd-uprof/default.nix
View File

@@ -86,13 +86,4 @@ in
patchelf --add-needed libnuma.so $out/bin/AMDuProfPcm
set +x
'';
meta = {
description = "Performance analysis tool-suite for x86 based applications";
homepage = "https://www.amd.com/es/developer/uprof.html";
platforms = [ "x86_64-linux" ];
license = lib.licenses.unfree;
maintainers = with lib.maintainers.bsc; [ rarias varcila ];
};
}

4
pkgs/amd-uprof/driver.nix
View File

@@ -19,7 +19,7 @@ in stdenv.mkDerivation {
'';
hardeningDisable = [ "pic" "format" ];
nativeBuildInputs = kernel.moduleBuildDependencies;
patches = [ ./makefile.patch ./hrtimer.patch ./remove-wr-rdmsrq.patch ];
patches = [ ./makefile.patch ./hrtimer.patch ];
makeFlags = [
"KERNEL_VERSION=${kernel.modDirVersion}"
"KERNEL_DIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"
@@ -29,7 +29,5 @@ in stdenv.mkDerivation {
description = "AMD Power Profiler Driver";
homepage = "https://www.amd.com/es/developer/uprof.html";
platforms = lib.platforms.linux;
license = lib.licenses.unfree;
maintainers = with lib.maintainers.bsc; [ rarias varcila ];
};
}

20
pkgs/amd-uprof/remove-wr-rdmsrq.patch
View File

@@ -1,20 +0,0 @@
diff --git a/inc/PwrProfAsm.h b/inc/PwrProfAsm.h
index d77770a..c93a0e9 100644
--- a/inc/PwrProfAsm.h
+++ b/inc/PwrProfAsm.h
@@ -347,6 +347,7 @@
#endif
+/*
#define rdmsrq(msr,val1,val2,val3,val4) ({ \
__asm__ __volatile__( \
"rdmsr\n" \
@@ -362,6 +363,7 @@
:"c"(msr), "a"(val1), "d"(val2), "S"(val3), "D"(val4) \
); \
})
+*/
#define rdmsrpw(msr,val1,val2,val3,val4) ({ \
__asm__ __volatile__( \

25
pkgs/babeltrace/default.nix
View File

@@ -1,25 +0,0 @@
{ stdenv, lib, fetchurl, pkg-config, glib, libuuid, popt, elfutils, swig4, python3 }:
stdenv.mkDerivation rec {
name = "babeltrace-1.5.8";
src = fetchurl {
url = "https://www.efficios.com/files/babeltrace/${name}.tar.bz2";
sha256 = "1hkg3phnamxfrhwzmiiirbhdgckzfkqwhajl0lmr1wfps7j47wcz";
};
nativeBuildInputs = [ pkg-config ];
buildInputs = [ glib libuuid popt elfutils swig4 python3 ];
meta = with lib; {
description = "Command-line tool and library to read and convert LTTng tracefiles";
homepage = "https://www.efficios.com/babeltrace";
license = licenses.mit;
platforms = platforms.linux;
maintainers = [ maintainers.bjornfor ];
};
configureFlags = [
"--enable-python-bindings"
];
}

34
pkgs/babeltrace2/default.nix
View File

@@ -1,34 +0,0 @@
{
stdenv
, fetchurl
, pkg-config
, glib
, libuuid
, popt
, elfutils
, python3
, swig4
, ncurses
, breakpointHook
}:
stdenv.mkDerivation rec {
pname = "babeltrace2";
version = "2.0.3";
src = fetchurl {
url = "https://www.efficios.com/files/babeltrace/${pname}-${version}.tar.bz2";
sha256 = "1804pyq7fz6rkcz4r1abkkn0pfnss13m6fd8if32s42l4lajadm5";
};
enableParallelBuilding = true;
nativeBuildInputs = [ pkg-config ];
buildInputs = [ glib libuuid popt elfutils python3 swig4 ncurses breakpointHook ];
hardeningDisable = [ "all" ];
configureFlags = [
"--enable-python-plugins"
"--enable-python-bindings"
];
}

70
pkgs/bench6/default.nix
View File

@@ -1,70 +0,0 @@
{
stdenv
, lib
, bigotes
, cmake
, clangOmpss2
, openmp
, openmpv
, nanos6
, nodes
, nosv
, mpi
, tampi
, openblas
, ovni
, gitBranch ? "master"
, gitURL ? "ssh://git@bscpm04.bsc.es/rarias/bench6.git"
, gitCommit ? "bf29a53113737c3aa74d2fe3d55f59868faea7b4"
}:
stdenv.mkDerivation rec {
pname = "bench6";
version = "${src.shortRev}";
src = builtins.fetchGit {
url = gitURL;
ref = gitBranch;
rev = gitCommit;
};
nativeBuildInputs = [
cmake
clangOmpss2
];
buildInputs = [
bigotes
openmp
openmpv
nanos6
nodes
nosv
mpi
tampi
openblas
openblas.dev
ovni
];
env = {
NANOS6_HOME = nanos6;
NODES_HOME = nodes;
NOSV_HOME = nosv;
};
cmakeFlags = [
"-DCMAKE_C_COMPILER=clang"
"-DCMAKE_CXX_COMPILER=clang++"
];
hardeningDisable = [ "all" ];
dontStrip = true;
meta = {
homepage = "https://gitlab.pm.bsc.es/rarias/bench6";
description = "Set of micro-benchmarks for OmpSs-2 and several mini-apps";
maintainers = with lib.maintainers.bsc; [ rarias ];
platforms = lib.platforms.linux;
license = lib.licenses.gpl3Plus;
};
}

26
pkgs/bigotes/default.nix
View File

@@ -1,26 +0,0 @@
{
stdenv
, lib
, fetchFromGitHub
, cmake
}:
stdenv.mkDerivation {
pname = "bigotes";
version = "9dce13";
src = fetchFromGitHub {
owner = "rodarima";
repo = "bigotes";
rev = "9dce13446a8da30bea552d569d260d54e0188518";
sha256 = "sha256-ktxM3pXiL8YXSK+/IKWYadijhYXqGoLY6adLk36iigE=";
};
nativeBuildInputs = [ cmake ];
meta = {
homepage = "https://github.com/rodarima/bigotes";
description = "Versatile benchmark tool";
maintainers = with lib.maintainers.bsc; [ rarias ];
platforms = lib.platforms.linux;
license = lib.licenses.gpl3Plus;
};
}

54
pkgs/clsync/default.nix
View File

@@ -1,54 +0,0 @@
{ stdenv
, fetchFromGitHub
, libcap
, libcgroup
, libmhash
, doxygen
, graphviz
, autoreconfHook
, pkg-config
, glib
}:
let
version = "0.4.4";
in stdenv.mkDerivation {
pname = "clsync";
inherit version;
src = fetchFromGitHub {
repo = "clsync";
owner = "clsync";
rev = "v${version}";
sha256 = "0sdiyfwp0iqr6l1sirm51pirzmhi4jzgky5pzfj24nn71q3fwqgz";
};
outputs = [ "out" "dev" ];
buildInputs = [
autoreconfHook
libcap
libcgroup
libmhash
doxygen
graphviz
pkg-config
glib
];
preConfigure = ''
./configure --help
'';
enableParallelBuilding = true;
meta = with lib; {
description = "File live sync daemon based on inotify/kqueue/bsm (Linux, FreeBSD), written in GNU C";
homepage = "https://github.com/clsync/clsync";
license = licenses.gpl3Plus;
maintainers = [ ];
platforms = platforms.linux;
};
}

51
pkgs/cn6/default.nix
View File

@@ -1,51 +0,0 @@
{
stdenv
, lib
, babeltrace2
, pkg-config
, uthash
, enableTest ? false
, mpi ? null
, clangOmpss2 ? null
, tampi ? null
}:
with lib;
assert (enableTest -> (mpi != null));
assert (enableTest -> (clangOmpss2 != null));
assert (enableTest -> (tampi != null));
stdenv.mkDerivation rec {
pname = "cn6";
version = "${src.shortRev}";
buildInputs = [
babeltrace2
pkg-config
uthash
mpi
] ++ optionals (enableTest) [ mpi clangOmpss2 tampi ];
src = builtins.fetchGit {
url = "ssh://git@bscpm04.bsc.es/rarias/cn6.git";
ref = "master";
rev = "c72c3b66b720c2a33950f536fc819051c8f20a69";
};
makeFlags = [ "PREFIX=$(out)" ];
postBuild = optionalString (enableTest) ''
(
cd test
make timediff timediff_mpi
)
'';
postInstall = optionalString (enableTest) ''
(
cd test
cp timediff timediff_mpi sync-err.sh $out/bin/
)
'';
}

21
pkgs/cpuid/default.nix
View File

@@ -1,21 +0,0 @@
{
stdenv
, perl # For the pod2man command
}:
stdenv.mkDerivation rec {
version = "20201006";
pname = "cpuid";
buildInputs = [ perl ];
# Replace /usr install directory for $out
postPatch = ''
sed -i "s@/usr@$out@g" Makefile
'';
src = builtins.fetchTarball {
url = "http://www.etallen.com/cpuid/${pname}-${version}.src.tar.gz";
sha256 = "04qhs938gs1kjxpsrnfy6lbsircsprfyh4db62s5cf83a1nrwn9w";
};
}

8
pkgs/cudainfo/default.nix
View File

@@ -1,6 +1,5 @@
{
stdenv
, lib
, cudatoolkit
, cudaPackages
, autoAddDriverRunpath
@@ -12,7 +11,7 @@ stdenv.mkDerivation (finalAttrs: {
src = ./.;
buildInputs = [
cudatoolkit # Required for nvcc
(lib.getOutput "static" cudaPackages.cuda_cudart) # Required for -lcudart_static
cudaPackages.cuda_cudart.static # Required for -lcudart_static
autoAddDriverRunpath
];
installPhase = ''
@@ -41,9 +40,4 @@ stdenv.mkDerivation (finalAttrs: {
'';
installPhase = "touch $out";
};
meta = {
platforms = [ "x86_64-linux" ];
maintainers = with lib.maintainers.bsc; [ rarias ];
};
})

25
pkgs/dummy/default.nix
View File

@@ -1,25 +0,0 @@
{
stdenv
}:
stdenv.mkDerivation rec {
name = "dummy";
src = null;
dontUnpack = true;
dontBuild = true;
programPath = "/bin/dummy";
installPhase = ''
mkdir -p $out/bin
cat > $out/bin/dummy <<EOF
#!/bin/sh
echo Hello worlda!
EOF
chmod +x $out/bin/dummy
'';
}

13
pkgs/extrae/PTR.patch
View File

@@ -1,13 +0,0 @@
diff --git a/src/merger/common/bfd_manager.c b/src/merger/common/bfd_manager.c
index 5f9dacf9..5231e3eb 100644
--- a/src/merger/common/bfd_manager.c
+++ b/src/merger/common/bfd_manager.c
@@ -225,7 +225,7 @@ asymbol **BFDmanager_getDefaultSymbols (void)
*
* @return No return value.
*/
-static void BFDmanager_findAddressInSection (bfd * abfd, asection * section, PTR data)
+static void BFDmanager_findAddressInSection (bfd * abfd, asection * section, void * data)
{
#if HAVE_BFD_GET_SECTION_SIZE || HAVE_BFD_SECTION_SIZE || HAVE_BFD_GET_SECTION_SIZE_BEFORE_RELOC
bfd_size_type size;

123
pkgs/extrae/default.nix
View File

@@ -1,123 +0,0 @@
{ stdenv
, lib
, fetchFromGitHub
, boost
, libdwarf
, libelf
, libxml2
, libunwind
, papi
, binutils-unwrapped
, libiberty
, gfortran
, xml2
, which
, libbfd
, mpi ? null
, cuda ? null
, llvmPackages
, autoreconfHook
#, python3Packages
, installShellFiles
, symlinkJoin
, enablePapi ? stdenv.hostPlatform == stdenv.buildPlatform # Disabled when cross-compiling
}:
let
libdwarfBundle = symlinkJoin {
name = "libdwarfBundle";
paths = [ libdwarf.dev libdwarf.lib libdwarf.out ];
};
in
stdenv.mkDerivation rec {
pname = "extrae";
version = "4.0.1";
src = fetchFromGitHub {
owner = "bsc-performance-tools";
repo = "extrae";
rev = "${version}";
sha256 = "SlMYxNQXJ0Xg90HmpnotUR3tEPVVBXhk1NtEBJwGBR4=";
};
patches = [
# FIXME: Waiting for German to merge this patch. Still not in master, merged
# on 2023-03-01 in devel branch (after 3 years), see:
# https://github.com/bsc-performance-tools/extrae/pull/45
./use-command.patch
# https://github.com/bsc-performance-tools/extrae/issues/71
./PTR.patch
];
enableParallelBuilding = true;
hardeningDisable = [ "all" ];
nativeBuildInputs = [ installShellFiles ];
buildInputs = [
autoreconfHook
gfortran
libunwind
binutils-unwrapped
boost
boost.dev
libiberty
mpi
xml2
which
libxml2.dev
libbfd
#python3Packages.sphinx
]
++ lib.optional stdenv.cc.isClang llvmPackages.openmp;
preConfigure = ''
configureFlagsArray=(
--enable-posix-clock
--with-binutils="${binutils-unwrapped} ${libiberty}"
--with-dwarf=${libdwarfBundle}
--with-elf=${libelf}
--with-boost=${boost.dev}
--enable-instrument-io
--enable-instrument-dynamic-memory
--without-memkind
--enable-merge-in-trace
--disable-online
--without-opencl
--enable-pebs-sampling
--enable-sampling
--with-unwind=${libunwind.dev}
--with-xml-prefix=${libxml2.dev}
${lib.optionalString enablePapi "--with-papi=${papi}"}
${if (mpi != null) then ''--with-mpi=${mpi}''
else ''--without-mpi''}
--without-dyninst)
'';
# Install the manuals only by hand, as we don't want to pull the complete
# LaTeX world
# FIXME: sphinx is broken
#postBuild = ''
# make -C docs man
#'';
#
#postInstall = ''
# installManPage docs/builds/man/*/*
#'';
# ++ (
# if (openmp)
# then [ "--enable-openmp" ]
# else []
# );
meta = {
homepage = "https://github.com/bsc-performance-tools/extrae";
description = "Instrumentation framework to generate execution traces of the most used parallel runtimes";
maintainers = [ ];
broken = true;
platforms = lib.platforms.linux;
license = lib.licenses.lgpl21Plus;
};
}

24
pkgs/extrae/use-command.patch
View File

@@ -1,24 +0,0 @@
diff --git a/substitute b/substitute
index d5615606..82ca91a5 100755
--- a/substitute
+++ b/substitute
@@ -16,7 +16,7 @@ UNAME=`uname`
if [ "${UNAME}" = "Darwin" -o "${UNAME}" = "AIX" ] ; then
TMPFILE=substitute-$$
${SED} "s|${KEY}|${VALUE}|g" < ${FILE} >${TMPFILE}
- /bin/mv -f ${TMPFILE} ${FILE}
+ command mv -f ${TMPFILE} ${FILE}
else
${SED} "s|${KEY}|${VALUE}|g" -i ${FILE}
fi
diff --git a/substitute-all b/substitute-all
index 48c6b76a..eda7a0f2 100755
--- a/substitute-all
+++ b/substitute-all
@@ -23,5 +23,5 @@ fi
echo "Applying modification in ${PATHTOCHANGE} - Key = ${KEY} for value = ${VALUE}"
-/usr/bin/find ${PATHTOCHANGE} -type f -exec ${SCRIPT_LOCATION} "${SED}" "${KEY}" "${VALUE}" {} \;
+command find ${PATHTOCHANGE} -type f -exec ${SCRIPT_LOCATION} "${SED}" "${KEY}" "${VALUE}" {} \;

58
pkgs/fftw/default.nix
View File

@@ -1,58 +0,0 @@
{ fetchurl, stdenv, lib, llvmPackages ? null, precision ? "double", perl, mpi }:
with lib;
assert stdenv.cc.isClang -> llvmPackages != null;
assert elem precision [ "single" "double" "long-double" "quad-precision" ];
let
version = "3.3.8";
withDoc = stdenv.cc.isGNU;
in
stdenv.mkDerivation {
name = "fftw-${precision}-${version}";
src = fetchurl {
urls = [
"http://fftw.org/fftw-${version}.tar.gz"
"ftp://ftp.fftw.org/pub/fftw/fftw-${version}.tar.gz"
];
sha256 = "00z3k8fq561wq2khssqg0kallk0504dzlx989x3vvicjdqpjc4v1";
};
outputs = [ "out" "dev" "man" ]
++ optional withDoc "info"; # it's dev-doc only
outputBin = "dev"; # fftw-wisdom
buildInputs = [ mpi ]
++ lib.optionals stdenv.cc.isClang [
# TODO: This may mismatch the LLVM version sin the stdenv, see #79818.
llvmPackages.openmp
];
configureFlags =
[ "--enable-shared"
"--enable-threads"
"--enable-mpi"
"--disable-openmp"
]
++ optional (precision != "double") "--enable-${precision}"
# all x86_64 have sse2
# however, not all float sizes fit
++ optional (stdenv.isx86_64 && (precision == "single" || precision == "double") ) "--enable-sse2"
# doc generation causes Fortran wrapper generation which hard-codes gcc
++ optional (!withDoc) "--disable-doc";
enableParallelBuilding = true;
checkInputs = [ perl ];
meta = with lib; {
description = "Fastest Fourier Transform in the West library";
homepage = "http://www.fftw.org/";
license = licenses.gpl2Plus;
maintainers = [ maintainers.spwhitt ];
platforms = platforms.unix;
};
}

75
pkgs/gpi-2/default.nix
View File

@@ -1,75 +0,0 @@
{
stdenv
, lib
, fetchurl
, symlinkJoin
, slurm
, rdma-core
, autoconf
, automake
, libtool
, mpi
, gfortran
}:
let
rdma-core-all = symlinkJoin {
name ="rdma-core-all";
paths = [ rdma-core.dev rdma-core.out ];
};
mpiAll = symlinkJoin {
name = "mpi-all";
paths = [ mpi.all ];
};
in
stdenv.mkDerivation rec {
pname = "GPI-2";
version = "tagaspi-2021.11";
src = fetchurl {
url = "https://pm.bsc.es/gitlab/interoperability/extern/GPI-2/-/archive/${version}/GPI-2-${version}.tar.gz";
hash = "sha256-eY2wpyTpnOXRoAcYoAP82Jq9Q7p5WwDpMj+f1vEX5zw=";
};
enableParallelBuilding = true;
patches = [ ./rdma-core.patch ./max-mem.patch ];
preConfigure = ''
patchShebangs autogen.sh
./autogen.sh
'';
configureFlags = [
"--with-infiniband=${rdma-core-all}"
"--with-mpi=yes" # fixes mpi detection when cross-compiling
"--with-slurm"
"CFLAGS=-fPIC"
"CXXFLAGS=-fPIC"
];
nativeBuildInputs = [
autoconf
automake
gfortran
libtool
];
buildInputs = [
slurm
mpiAll
rdma-core-all
];
hardeningDisable = [ "all" ];
meta = {
homepage = "https://pm.bsc.es/gitlab/interoperability/extern/GPI-2";
description = "GPI-2 extended for supporting Task-Aware GASPI (TAGASPI) library";
maintainers = with lib.maintainers.bsc; [ rarias ];
platforms = lib.platforms.linux;
license = lib.licenses.gpl3Plus;
cross = false; # infiniband detection does not work
};
}

10
pkgs/gpi-2/max-mem.patch
View File

@@ -1,10 +0,0 @@
--- a/tests/tests/segments/max_mem.c 2025-09-12 13:30:53.449353591 +0200
+++ b/tests/tests/segments/max_mem.c 2025-09-12 13:33:49.750352401 +0200
@@ -1,5 +1,7 @@
#include <test_utils.h>
+gaspi_size_t gaspi_get_system_mem (void);
+
/* Test allocates 45% of system memory and creates a segment that
large or if several ranks per node exist, divided among that
number */

12
pkgs/gpi-2/rdma-core.patch
View File

@@ -1,12 +0,0 @@
--- a/src/devices/ib/GPI2_IB.h 2025-09-12 13:25:31.564181121 +0200
+++ b/src/devices/ib/GPI2_IB.h 2025-09-12 13:24:49.105422150 +0200
@@ -26,6 +26,9 @@ along with GPI-2. If not, see <http://ww
#include "GPI2_Dev.h"
+/* Missing prototype as driver.h is now private */
+int ibv_read_sysfs_file(const char *dir, const char *file, char *buf, size_t size);
+
#define GASPI_GID_INDEX (0)
#define PORT_LINK_UP (5)
#define MAX_INLINE_BYTES (128)

46
pkgs/groff/0001-Fix-cross-compilation-by-looking-for-ar.patch
View File

@@ -1,46 +0,0 @@
From 1454525f70b43a6957b7c9e1870e997368787da3 Mon Sep 17 00:00:00 2001
From: Samuel Dionne-Riel <samuel@dionne-riel.com>
Date: Fri, 8 Nov 2019 21:59:21 -0500
Subject: [PATCH] Fix cross-compilation by looking for `ar`.
---
Makefile.am | 2 +-
configure.ac | 2 ++
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/Makefile.am b/Makefile.am
index d18c49b8..b1b53338 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -494,7 +494,7 @@ CCC=@CXX@
# INSTALL_INFO
# LN_S
-AR=ar
+AR=@AR@
ETAGS=etags
ETAGSFLAGS=
# Flag that tells etags to assume C++.
diff --git a/configure.ac b/configure.ac
index 28e75f17..2449b9f5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -37,6 +37,7 @@ AC_CONFIG_AUX_DIR([build-aux])
AC_CONFIG_HEADERS([src/include/config.h:src/include/config.hin])
AC_CONFIG_SRCDIR([src/roff/groff/groff.cpp])
+AC_CONFIG_MACRO_DIR([m4])
AC_USE_SYSTEM_EXTENSIONS
@@ -72,6 +73,7 @@ GROFF_DOC_CHECK
GROFF_MAKEINFO
GROFF_TEXI2DVI
AC_PROG_RANLIB
+AC_CHECK_TOOL([AR], [ar], [ar])
GROFF_INSTALL_SH
GROFF_INSTALL_INFO
AC_PROG_INSTALL
--
2.23.0

127
pkgs/groff/default.nix
View File

@@ -1,127 +0,0 @@
{ stdenv, lib, fetchurl, perl
, ghostscript #for postscript and html output
, psutils, netpbm #for html output
, buildPackages
, autoreconfHook
, pkg-config
, texinfo
}:
stdenv.mkDerivation rec {
pname = "groff";
version = "1.22.4";
src = fetchurl {
url = "mirror://gnu/groff/${pname}-${version}.tar.gz";
sha256 = "14q2mldnr1vx0l9lqp9v2f6iww24gj28iyh4j2211hyynx67p3p7";
};
enableParallelBuilding = false;
patches = [
./0001-Fix-cross-compilation-by-looking-for-ar.patch
];
postPatch = lib.optionalString (psutils != null) ''
substituteInPlace src/preproc/html/pre-html.cpp \
--replace "psselect" "${psutils}/bin/psselect"
'' + lib.optionalString (netpbm != null) ''
substituteInPlace src/preproc/html/pre-html.cpp \
--replace "pnmcut" "${lib.getBin netpbm}/bin/pnmcut" \
--replace "pnmcrop" "${lib.getBin netpbm}/bin/pnmcrop" \
--replace "pnmtopng" "${lib.getBin netpbm}/bin/pnmtopng"
substituteInPlace tmac/www.tmac.in \
--replace "pnmcrop" "${lib.getBin netpbm}/bin/pnmcrop" \
--replace "pngtopnm" "${lib.getBin netpbm}/bin/pngtopnm" \
--replace "@PNMTOPS_NOSETPAGE@" "${lib.getBin netpbm}/bin/pnmtops -nosetpage"
'';
buildInputs = [ ghostscript psutils netpbm perl ];
nativeBuildInputs = [ autoreconfHook pkg-config texinfo ];
# Builds running without a chroot environment may detect the presence
# of /usr/X11 in the host system, leading to an impure build of the
# package. To avoid this issue, X11 support is explicitly disabled.
# Note: If we ever want to *enable* X11 support, then we'll probably
# have to pass "--with-appresdir", too.
configureFlags = [
"--without-x"
] ++ lib.optionals (ghostscript != null) [
"--with-gs=${ghostscript}/bin/gs"
] ++ lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [
"ac_cv_path_PERL=${buildPackages.perl}/bin/perl"
];
makeFlags = lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [
# Trick to get the build system find the proper 'native' groff
# http://www.mail-archive.com/bug-groff@gnu.org/msg01335.html
"GROFF_BIN_PATH=${buildPackages.groff}/bin"
"GROFFBIN=${buildPackages.groff}/bin/groff"
];
doCheck = true;
postInstall = ''
for f in 'man.local' 'mdoc.local'; do
cat '${./site.tmac}' >>"$out/share/groff/site-tmac/$f"
done
moveToOutput bin/gropdf $out
moveToOutput bin/pdfmom $out
moveToOutput bin/roff2text $out
moveToOutput bin/roff2pdf $out
moveToOutput bin/roff2ps $out
moveToOutput bin/roff2dvi $out
moveToOutput bin/roff2ps $out
moveToOutput bin/roff2html $out
moveToOutput bin/glilypond $out
moveToOutput bin/mmroff $out
moveToOutput bin/roff2x $out
moveToOutput bin/afmtodit $out
moveToOutput bin/gperl $out
moveToOutput bin/chem $out
moveToOutput share/groff/${version}/font/devpdf $out
# idk if this is needed, but Fedora does it
moveToOutput share/groff/${version}/tmac/pdf.tmac $out
moveToOutput bin/gpinyin $out
moveToOutput lib/groff/gpinyin $out
substituteInPlace $out/bin/gpinyin \
--replace $out/lib/groff/gpinyin $out/lib/groff/gpinyin
moveToOutput bin/groffer $out
moveToOutput lib/groff/groffer $out
substituteInPlace $out/bin/groffer \
--replace $out/lib/groff/groffer $out/lib/groff/groffer
moveToOutput bin/grog $out
moveToOutput lib/groff/grog $out
substituteInPlace $out/bin/grog \
--replace $out/lib/groff/grog $out/lib/groff/grog
'' + lib.optionalString (stdenv.buildPlatform != stdenv.hostPlatform) ''
find $out/ -type f -print0 | xargs --null sed -i 's|${buildPackages.perl}|${perl}|'
'';
meta = with lib; {
homepage = "https://www.gnu.org/software/groff/";
description = "GNU Troff, a typesetting package that reads plain text and produces formatted output";
license = licenses.gpl3Plus;
platforms = platforms.all;
maintainers = with maintainers; [ pSub ];
longDescription = ''
groff is the GNU implementation of troff, a document formatting
system. Included in this release are implementations of troff,
pic, eqn, tbl, grn, refer, -man, -mdoc, -mom, and -ms macros,
and drivers for PostScript, TeX dvi format, HP LaserJet 4
printers, Canon CAPSL printers, HTML and XHTML format (beta
status), and typewriter-like devices. Also included is a
modified version of the Berkeley -me macros, the enhanced
version gxditview of the X11 xditview previewer, and an
implementation of the -mm macros.
'';
};
}

16
pkgs/groff/site.tmac
View File

@@ -1,16 +0,0 @@
.
.if n \{\
. \" Character translations for non-keyboard
. \" characters - to make them searchable
. if '\*[.T]'utf8' \{\
. char \- \N'45'
. char - \N'45'
. char ' \N'39'
. char \' \N'39'
. \}
.
. \" Shut off SGR by default (groff colors)
. \" Require GROFF_SGR envvar defined to turn it on
. if '\V[GROFF_SGR]'' \
. output x X tty: sgr 0
.\}

70
pkgs/hwloc/1.11.6/default.nix
View File

@@ -1,70 +0,0 @@
{ stdenv, lib, fetchurl, pkg-config, expat, ncurses
, pciutils, numactl }:
with lib;
stdenv.mkDerivation rec {
name = "hwloc-1.11.6";
src = fetchurl {
url = "http://www.open-mpi.org/software/hwloc/v1.11/downloads/${name}.tar.bz2";
sha256 = "1yl7dm2qplwmnidd712zy12qfvxk28k8ccs694n42ybwdjwzg1bn";
};
nativeBuildInputs = [ pkg-config ];
# Filter out `null' inputs. This allows users to `.override' the
# derivation and set optional dependencies to `null'.
buildInputs = filter (x: x != null)
([ expat ncurses ]
++ (optionals stdenv.isLinux [ numactl ]));
propagatedBuildInputs =
# Since `libpci' appears in `hwloc.pc', it must be propagated.
optional stdenv.isLinux pciutils;
enableParallelBuilding = true;
postInstall =
optionalString (stdenv.isLinux && numactl != null)
'' if [ -d "${numactl}/lib64" ]
then
numalibdir="${numactl}/lib64"
else
numalibdir="${numactl}/lib"
test -d "$numalibdir"
fi
sed -i "$out/lib/libhwloc.la" \
-e "s|-lnuma|-L$numalibdir -lnuma|g"
'';
# Checks disabled because they're impure (hardware dependent) and
# fail on some build machines.
doCheck = false;
meta = {
description = "Portable abstraction of hierarchical architectures for high-performance computing";
longDescription = ''
hwloc provides a portable abstraction (across OS,
versions, architectures, ...) of the hierarchical topology of
modern architectures, including NUMA memory nodes, sockets,
shared caches, cores and simultaneous multithreading. It also
gathers various attributes such as cache and memory
information. It primarily aims at helping high-performance
computing applications with gathering information about the
hardware so as to exploit it accordingly and efficiently.
hwloc may display the topology in multiple convenient
formats. It also offers a powerful programming interface to
gather information about the hardware, bind processes, and much
more.
'';
# http://www.open-mpi.org/projects/hwloc/license.php
license = licenses.bsd3;
homepage = http://www.open-mpi.org/projects/hwloc/;
maintainers = [ ];
platforms = platforms.all;
};
}

40
pkgs/intel-compiler/default.nix
View File

@@ -1,40 +0,0 @@
{
stdenv
, gcc
, iccUnwrapped
, wrapCCWith
, intelLicense
}:
let
targetConfig = stdenv.targetPlatform.config;
inherit gcc;
in wrapCCWith rec {
cc = iccUnwrapped;
extraBuildCommands = ''
echo "-B${gcc.cc}/lib/gcc/${targetConfig}/${gcc.version}" >> $out/nix-support/cc-cflags
echo "-isystem ${iccUnwrapped}/include" >> $out/nix-support/cc-cflags
echo "-isystem ${iccUnwrapped}/include/intel64" >> $out/nix-support/cc-cflags
echo "-L${gcc.cc}/lib/gcc/${targetConfig}/${gcc.version}" >> $out/nix-support/cc-ldflags
echo "-L${gcc.cc.lib}/lib" >> $out/nix-support/cc-ldflags
cat "${iccUnwrapped}/nix-support/propagated-build-inputs" >> \
$out/nix-support/propagated-build-inputs
echo "export INTEL_LICENSE_FILE=${intelLicense}" \
>> $out/nix-support/setup-hook
# Create the wrappers for icc and icpc
if [ -e $ccPath/icc ]; then
wrap icc $wrapper $ccPath/icc
fi
if [ -e $ccPath/icpc ]; then
wrap icpc $wrapper $ccPath/icpc
fi
if [ -e $ccPath/ifort ]; then
wrap ifort $wrapper $ccPath/ifort
fi
'';
}

71
pkgs/intel-compiler/icc2020.nix
View File

@@ -1,71 +0,0 @@
{ stdenv
, lib
, fetchurl
, rpmextract
, autoPatchelfHook
, gcc
, intel-mpi
}:
stdenv.mkDerivation rec {
version = "${year}.${v_a}.${v_b}";
name = "intel-compiler-${version}";
passthru = {
CC = "icc";
CXX = "icpc";
};
# From Arch Linux PKGBUILD
dir_nr="17114";
year="2020";
v_a="4";
v_b="304";
update="4";
composer_xe_dir="compilers_and_libraries_${year}.${v_a}.${v_b}";
tgz="parallel_studio_xe_2020_update${update}_professional_edition.tgz";
src = fetchurl {
url = "https://registrationcenter-download.intel.com/akdlm/irc_nas/tec/${dir_nr}/${tgz}";
sha256 = "1rn9kk5bjj0jfv853b09dxrx7kzvv8dlyzw3hl9ijx9mqr09lrzr";
};
buildInputs = [
rpmextract
autoPatchelfHook
gcc.cc.lib
gcc
intel-mpi
];
# The gcc package is required for building other programs
propagatedBuildInputs = [ gcc ];
installPhase = ''
pwd
ls -l rpm
rpmextract rpm/intel-icc-*.rpm
rpmextract rpm/intel-comp-*.rpm
rpmextract rpm/intel-c-comp-*.rpm
rpmextract rpm/intel-openmp*.rpm
rpmextract rpm/intel-ifort*.rpm
mkdir -p $out/{bin,lib,include}
pushd ./opt/intel/${composer_xe_dir}/linux/
cp -a bin/intel64/* $out/bin/
cp -a compiler/include/* $out/include/
cp -a compiler/lib/intel64_lin/* $out/lib/
ln -s lib $out/lib_lin
rm $out/lib/*.dbg
popd
'';
meta = {
homepage = "https://www.intel.com/content/www/us/en/developer/tools/overview.html";
description = "Intel compiler";
maintainers = with lib.maintainers.bsc; [ rarias ];
platforms = lib.platforms.linux;
license = lib.licenses.unfree;
};
}

156
pkgs/intel-compiler/icc2021.nix
View File

@@ -1,156 +0,0 @@
{ stdenv
, lib
, fetchurl
, dpkg
, rsync
, libffi
, libelf
, libxml2
, hwloc
, autoPatchelfHook
}:
with lib;
let
getsrc = url: sha256: fetchurl { inherit url sha256; };
version = "2021.2.0";
_debpkgrel = "610";
tbbrel = "357";
# Shorhands
main = "intel-oneapi-dpcpp-cpp";
compiler = "intel-oneapi-compiler-dpcpp-cpp";
shared = "intel-oneapi-compiler-shared";
openmp = "intel-oneapi-openmp";
tbb = "intel-oneapi-tbb";
# From Arch Linux PKGBUILD:
# https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=intel-oneapi-compiler-dpcpp-cpp
debs = [
# From intel-oneapi-compiler-dpcpp-cpp
"${main}-${version}-${version}-${_debpkgrel}_amd64.deb"
"${compiler}-common-${version}-${version}-${_debpkgrel}_all.deb"
"${compiler}-runtime-${version}-${version}-${_debpkgrel}_amd64.deb"
# From intel-oneapi-compiler-shared
"${shared}-${version}-${version}-${_debpkgrel}_amd64.deb"
"${shared}-runtime-${version}-${version}-${_debpkgrel}_amd64.deb"
"${shared}-common-${version}-${version}-${_debpkgrel}_all.deb"
"${shared}-common-runtime-${version}-${version}-${_debpkgrel}_all.deb"
"${compiler}-classic-fortran-shared-runtime-${version}-${version}-${_debpkgrel}_amd64.deb"
# From intel-oneapi-openmp
"${openmp}-${version}-${version}-${_debpkgrel}_amd64.deb"
"${openmp}-common-${version}-${version}-${_debpkgrel}_all.deb"
# From intel-oneapi-tbb
"${tbb}-${version}-${version}-${tbbrel}_amd64.deb"
"${tbb}-devel-${version}-${version}-${tbbrel}_amd64.deb"
"${tbb}-common-${version}-${version}-${tbbrel}_all.deb"
"${tbb}-common-devel-${version}-${version}-${tbbrel}_all.deb"
];
apthost = "https://apt.repos.intel.com/oneapi/pool/main/";
urls = map (x: apthost + x) debs;
sums = [
# From intel-oneapi-compiler-dpcpp-cpp
"0pwsfzkazr9yf6v6lgwb3p2in6ch3rlcc9qcfarkyqn052p760kk"
"0vzsanldhs4ym4gsfn0zjqm03x53ma1zjkj24hpkhpsvlr2r069w"
"0nx62v6g0wl70lqdh7sh7gfgxbynhrrips9gpj9if60ngz6fm21m"
# From intel-oneapi-compiler-shared
"1al80pcy2r3q2r2pm04sva7rd3z6y287mkdv5jq4p5bfd8yi14d4"
"07rp0cjmbgj48wly9dm6ibxzbsanmgrsjjqr7mx688ms6qbhv314"
"1pf4xckyyhssjknhs6hwampjsz2qjlg81jw2fc441zaccwf25yf3"
"0hk0x4wq60g9wnn9j051v25zcmbasjdzp34xfvrihmcvyws0s69g"
"0dhbw8kshw4abqc9zf891z5ic0x13x3kvhk56nrqkqgcfwps9w8a"
# From intel-oneapi-openmp
"1wqy2sjwlqdh72zhfrxl9pm106hjzfdbbm98cxigbg20fb5lbv5a"
"19nbqypvqcf8c3mwriaqrmp5igjpwvwrb9mq2fxa5i40w7bhlxjl"
# From intel-oneapi-tbb
"1dpii3g861kimky0x7dqcj6hg7zb6i5kw1wgwrxdc5yxhi5slbm9"
"0bl1flm6w0w9nzrh34ig4p9qz2gbdgw9q14as2pwp8flicd8p899"
"0w3kip6q713v1xlfc10ai4v15cbwmbqrv8r1f5x6pfqdbb0bpmbv"
"0v95nmddyi0mjjdvm07w9fm3vq4a0wkx7zxlyzn2f4xg38qc5j73"
];
in
stdenv.mkDerivation {
inherit version;
name = "intel-compiler-${version}";
passthru = {
CC = "icc";
CXX = "icpc";
};
srcs = zipListsWith getsrc urls sums;
buildInputs = [
dpkg
rsync
libffi
libelf
libxml2
hwloc
autoPatchelfHook
stdenv.cc.cc.lib
];
dontBuild = true;
dontStrip = true;
# The gcc package is required for building other programs
#propagatedBuildInputs = [ gcc ];
unpackCmd = ''
dpkg -x $curSrc .
'';
# FIXME: Some dependencies are missing
autoPatchelfIgnoreMissingDeps = true;
#autoPatchelfIgnoreMissingDeps = [ "*" ];
# Compiler
installPhase = ''
mkdir -p $out/{bin,lib,include}
pushd intel/oneapi/compiler/${version}/linux
# Binaries
rsync -a bin/ $out/bin/
rsync -a bin/intel64/ $out/bin/
# Libraries
rsync -a --exclude=oclfpga lib/ $out/lib/
rsync -a compiler/lib/intel64_lin/ $out/lib/
# Headers
rsync -a include/ $out/include/
rsync -a compiler/include/ $out/include/
popd
# TBB
pushd intel/oneapi/tbb/${version}
# Libraries
rsync -a lib/intel64/gcc4.8/ $out/lib/
# Headers
rsync -a include/ $out/include/
popd
'';
meta = {
homepage = "https://www.intel.com/content/www/us/en/developer/tools/overview.html";
description = "Intel compiler";
maintainers = with lib.maintainers.bsc; [ rarias ];
platforms = lib.platforms.linux;
license = lib.licenses.unfree;
};
}

39
pkgs/intel-compiler/license.nix
View File

@@ -1,39 +0,0 @@
{ stdenv
, requireFile
}:
stdenv.mkDerivation rec {
name = "intel-compiler-license";
version = "2019.7.217";
src = requireFile {
name = "license.lic";
sha256 = "0rgmsqkhpqcfny8j7msa4sgz3prhh248ylh69gjh12dkra77prsj";
message = ''
The Intel Compiler requires a license. You can get one (free of charge) if
you meet the requeriments at the website:
https://software.intel.com/content/www/us/en/develop/articles/qualify-for-free-software.html#opensourcecontributor
Or you can use your own license. Add it to the store with:
$ nix-store --add-fixed sha256 license.lic
/nix/store/2p9v0nvsl3scshjx348z6j32rh7ac0db-license.lic
Notice that the name must match exactly "license.lic".
Then update the hash in the bsc/intel-compiler/license.nix file using the
nix-hash command with:
$ nix-hash --type sha256 --base32 --flat /nix/store/2p9v0nvsl3scshjx348z6j32rh7ac0db-license.lic
06g2xgm1lch6zqfkhb768wacdx46kf61mfvj5wfpyssw0anr0x9q
'';
};
dontUnpack = true;
installPhase = ''
mkdir -p $out
cp $src $out/
'';
}

29
pkgs/intel-compiler/wrapper2021.nix
View File

@@ -1,29 +0,0 @@
{
stdenv
, gcc
, iccUnwrapped
, wrapCCWith
}:
let
targetConfig = stdenv.targetPlatform.config;
inherit gcc;
in wrapCCWith rec {
cc = iccUnwrapped;
extraBuildCommands = ''
echo "-B${gcc.cc}/lib/gcc/${targetConfig}/${gcc.version}" >> $out/nix-support/cc-cflags
echo "-isystem ${iccUnwrapped}/include" >> $out/nix-support/cc-cflags
echo "-isystem ${iccUnwrapped}/include/icc" >> $out/nix-support/cc-cflags
echo "-isystem ${gcc.cc}/include/c++/${gcc.version}" >> $out/nix-support/cc-cflags
echo "-isystem ${gcc.cc}/include/c++/${gcc.version}/${targetConfig}" >> $out/nix-support/cc-cflags
echo "-L${iccUnwrapped}/lib" >> $out/nix-support/cc-ldflags
echo "-L${gcc.cc}/lib/gcc/${targetConfig}/${gcc.version}" >> $out/nix-support/cc-ldflags
echo "-L${gcc.cc.lib}/lib" >> $out/nix-support/cc-ldflags
# Create the wrappers for icx*
wrap lld $wrapper $ccPath/lld
wrap icx $wrapper $ccPath/icx
wrap icpx $wrapper $ccPath/icpx
'';
}

113
pkgs/intel-mpi/default.nix
View File

@@ -1,113 +0,0 @@
{ stdenv
, lib
, rpmextract
, gcc
, zlib
, ucx
, numactl
, rdma-core
, libpsm2
, patchelf
, autoPatchelfHook
, enableDebug ? false
# The _mt version seems to cause seg-faults and deadlocks with the libpsm2
# provider library with programs that call the MPI library without any locking
# mechanism. See https://pm.bsc.es/gitlab/rarias/bscpkgs/-/issues/28. By
# default, we use the non-mt variant, which provides a big lock. If you want to
# use it, take a look at the I_MPI_THREAD_SPLIT env-var as well.
, enableMt ? false
}:
let
lib_variant = (if enableDebug then "debug" else "release");
# See https://software.intel.com/content/www/us/en/develop/documentation/mpi-developer-reference-linux/top/environment-variable-reference/other-environment-variables.html
lib_mt = (if enableMt then "_mt" else "");
lib_name = "${lib_variant}${lib_mt}";
in
stdenv.mkDerivation rec {
name = "intel-mpi-${version}";
version = "2019.10.317";
dir_nr = "17534";
src = builtins.fetchTarball {
url = "http://registrationcenter-download.intel.com/akdlm/irc_nas/tec/${dir_nr}/l_mpi_${version}.tgz";
sha256 = "00nimgqywr20dv1ns5kg4r8539gvharn0xfj48i7mhbg8kwf8s08";
};
buildInputs = [
rpmextract
autoPatchelfHook
gcc.cc.lib
zlib
ucx
numactl
rdma-core
libpsm2
patchelf
];
postUnpack = ''
pushd $sourceRoot
rpmextract rpm/intel-mpi-*.rpm
# Predictable name
mv opt/intel/compilers_and_libraries_* opt/intel/compilers_and_libraries
popd
sourceRoot="$sourceRoot/opt/intel/compilers_and_libraries/linux/mpi/intel64"
'';
patches = [
./mpicc.patch
./mpicxx.patch
];
postPatch = ''
for i in bin/mpi* ; do
echo "Fixing paths in $i"
sed -i "s:I_MPI_SUBSTITUTE_INSTALLDIR:$out:g" "$i"
done
'';
dontBuild = true;
installPhase = ''
mkdir -p $out
mv etc $out
mv bin $out
mv include $out
mkdir $out/lib
cp -a lib/lib* $out/lib
cp -a lib/${lib_name}/lib* $out/lib
cp -a libfabric/lib/* $out/lib
cp -a libfabric/lib/prov/* $out/lib
cp -a libfabric/bin/* $out/bin
ln -s . $out/intel64
rm $out/lib/libmpi.dbg
# Fixup Intel PSM2 library missing (now located at PSMX2)
ln -s $out/lib/libpsmx2-fi.so $out/lib/libpsm2-fi.so
'';
dontAutoPatchelf = true;
# The rpath of libfabric.so bundled with Intel MPI is patched to include the
# rdma-core lib path, as is required for dlopen to find the rdma components.
# TODO: Try the upstream libfabric library with rdma support, so we can avoid
# this hack.
postFixup = ''
autoPatchelf -- $out
patchelf --set-rpath "$out/lib:${rdma-core}/lib:${libpsm2}/lib" $out/lib/libfabric.so
echo "Patched RPATH in libfabric.so to: $(patchelf --print-rpath $out/lib/libfabric.so)"
'';
meta = {
homepage = "https://www.intel.com/content/www/us/en/developer/tools/overview.html";
description = "Intel MPI";
maintainers = with lib.maintainers.bsc; [ rarias ];
platforms = lib.platforms.linux;
license = lib.licenses.unfree;
};
}

20
pkgs/intel-mpi/mpicc.patch
View File

@@ -1,20 +0,0 @@
--- a/bin/mpicc 2021-02-04 18:15:11.233632360 +0100
+++ b/bin/mpicc 2021-02-05 09:33:49.493598479 +0100
@@ -50,7 +50,7 @@
if [ x"$opt_args" == x"" ]; then
case "${compiler_short_name}" in
icc|icx) "$dir"/mpiicc -cc=$compiler_name "$@" ;;
- cc|*gcc*|clang*) "$dir"/mpigcc -cc=$compiler_name "$@" ;;
+ cc|*gcc*|clang*|mcc|echo) "$dir"/mpigcc -cc=$compiler_name "$@" ;;
mpicc) "$dir"/mpigcc "$@" ;;
*)
echo "Error: unsupported compiler name '$compiler_name'."
@@ -60,7 +60,7 @@
else
case "${compiler_short_name}" in
icc|icx) "$dir"/mpiicc -cc=$compiler_name "$@" $opt_args ;;
- cc|*gcc*|clang*) "$dir"/mpigcc -cc=$compiler_name "$@" $opt_args ;;
+ cc|*gcc*|clang*|mcc|echo) "$dir"/mpigcc -cc=$compiler_name "$@" $opt_args ;;
mpicc) "$dir"/mpigcc "$@" $opt_args ;;
*)
echo "Error: unsupported compiler name '$compiler_name'."

20
pkgs/intel-mpi/mpicxx.patch
View File

@@ -1,20 +0,0 @@
--- a/bin/mpicxx 2021-02-04 18:15:11.233632360 +0100
+++ b/bin/mpicxx 2021-02-05 09:36:21.396922569 +0100
@@ -50,7 +50,7 @@
if [ x"$opt_args" == x"" ]; then
case "${compiler_short_name}" in
icc|icpc|dpcpp) "$dir"/mpiicpc -cxx=$compiler_name "$@" ;;
- *g++*) "$dir"/mpigxx -cxx=$compiler_name "$@" ;;
+ *g++*|clang*++|mcxx|echo) "$dir"/mpigxx -cxx=$compiler_name "$@" ;;
mpicxx) "$dir"/mpigxx "$@" ;;
*)
echo "Error: unsupported compiler name '$compiler_name'."
@@ -60,7 +60,7 @@
else
case "${compiler_short_name}" in
icc|icpc|dpcpp) "$dir"/mpiicpc -cxx=$compiler_name "$@" $opt_args ;;
- *g++*) "$dir"/mpigxx -cxx=$compiler_name "$@" $opt_args ;;
+ *g++*|clang*++|mcxx|echo) "$dir"/mpigxx -cxx=$compiler_name "$@" $opt_args ;;
mpicxx) "$dir"/mpigxx "$@" $opt_args ;;
*)
echo "Error: unsupported compiler name '$compiler_name'."

509
pkgs/intel-oneapi/2023.nix
View File

@@ -1,509 +0,0 @@
{ stdenv
, fetchurl
, lib
, dpkg
, rsync
, libffi_3_3
, libelf
, libxml2
, hwloc
, zlib
, autoPatchelfHook
, libfabric
, gcc
, wrapCCWith
}:
# The distribution of intel packages is a mess. We are doing the installation
# based on the .deb metapackage "intel-hpckit", and follow de dependencies,
# which have mismatching versions.
# Bruno Bzeznik (bzizou) went through the madness of using their .sh installer,
# pulling all the X dependencies here:
# https://github.com/Gricad/nur-packages/blob/4b67c8ad0ce1baa1d2f53ba41ae5bca8e00a9a63/pkgs/intel/oneapi.nix
# But this is an attempt to install the packages from the APT repo
let
meta = {
description = "Intel oneapi hpckit package component";
homepage = "https://www.intel.com/content/www/us/en/developer/tools/oneapi/hpc-toolkit-download.html";
license = lib.licenses.unfree;
maintainers = with lib.maintainers.bsc; [ abonerib ];
};
v = {
hpckit = "2023.1.0";
compiler = "2023.1.0";
tbb = "2021.9.0";
mpi = "2021.9.0";
};
aptPackageIndex = stdenv.mkDerivation {
name = "intel-oneapi-packages";
srcs = [
# Run update.sh to update the package lists
./amd64-packages ./all-packages
];
phases = [ "installPhase" ];
installPhase = ''
awk -F': ' '\
BEGIN { print "[ {" } \
NR>1 && /^Package: / { print "} {"; } \
/: / { printf "%s = \"%s\";\n", $1, $2 } \
END { print "} ]" }' $srcs > $out
'';
};
aptPackages = import aptPackageIndex;
apthost = "https://apt.repos.intel.com/oneapi/";
getSum = pkgList: name:
let
matches = lib.filter (x: name == x.Package) pkgList;
#n = lib.length matches;
#match = builtins.trace (name + " -- ${builtins.toString n}") (lib.elemAt matches 0);
match = lib.elemAt matches 0;
in
match.SHA256;
getUrl = pkgList: name:
let
matches = lib.filter (x: name == x.Package) pkgList;
#match = assert lib.length matches == 1; lib.elemAt matches 0;
n = lib.length matches;
match =
#builtins.trace (name + " -- n=${builtins.toString n}")
(lib.elemAt matches 0);
in
apthost + match.Filename;
uncompressDebs = debs: name: stdenv.mkDerivation {
name = name;
srcs = debs;
nativeBuildInputs = [ dpkg ];
phases = [ "installPhase" ];
installPhase = ''
mkdir -p $out
for src in $srcs; do
echo "unpacking $src"
dpkg -x $src $out
done
'';
inherit meta;
};
joinDebs = name: names:
let
urls = builtins.map (x: getUrl aptPackages x) names;
sums = builtins.map (x: getSum aptPackages x) names;
getsrc = url: sha256: builtins.fetchurl { inherit url sha256; };
debs = lib.zipListsWith getsrc urls sums;
in
uncompressDebs debs "${name}-source";
intel-mpi = stdenv.mkDerivation rec {
version = v.mpi;
pname = "intel-mpi";
src = joinDebs pname [
"intel-oneapi-mpi-devel-${version}"
"intel-oneapi-mpi-${version}"
];
nativeBuildInputs = [
autoPatchelfHook
rsync
];
buildInputs = [
libfabric
zlib
stdenv.cc.cc.lib
];
phases = [ "installPhase" "fixupPhase" ];
dontStrip = true;
installPhase = ''
mkdir -p $out/{bin,etc,lib,include}
mkdir -p $out/share/man
cd $src
# MPI
pushd opt/intel/oneapi/mpi/${version}
rsync -a man/ $out/share/man/
rsync -a etc/ $out/etc/
rsync -a include/ $out/include/
cp -a lib/lib* $out/lib/
# Copy the actual libmpi.so from release
cp -a lib/release/lib* $out/lib
# Broken due missing libze_loader.so.1
rsync -a --exclude IMB-MPI1-GPU bin/ $out/bin/
popd
'';
preFixup = ''
for i in $out/bin/mpi* ; do
echo "Fixing paths in $i"
sed -i "s:I_MPI_SUBSTITUTE_INSTALLDIR:$out:g" "$i"
done
'';
inherit meta;
};
intel-tbb = stdenv.mkDerivation rec {
version = v.tbb;
pname = "intel-tbb";
src = joinDebs pname [
"intel-oneapi-tbb-${version}"
"intel-oneapi-tbb-common-${version}"
];
buildInputs = [
intel-mpi
libffi_3_3
libelf
libxml2
hwloc
stdenv.cc.cc.lib
];
nativeBuildInputs = [
autoPatchelfHook
rsync
];
phases = [ "installPhase" "fixupPhase" ];
dontStrip = true;
autoPatchelfIgnoreMissingDeps = [ "libhwloc.so.5" ];
installPhase = ''
mkdir -p $out/lib
cd $src
pushd opt/intel/oneapi/tbb/${version}
# Libraries
rsync -a lib/intel64/gcc4.8/ $out/lib/
popd
'';
inherit meta;
};
intel-compiler-shared = stdenv.mkDerivation rec {
version = v.compiler;
pname = "intel-compiler-shared";
src = joinDebs pname [
"intel-oneapi-compiler-shared-${version}"
"intel-oneapi-compiler-shared-common-${version}"
"intel-oneapi-compiler-shared-runtime-${version}"
];
buildInputs = [
intel-mpi
intel-tbb
libffi_3_3
libelf
libxml2
zlib
hwloc
stdenv.cc.cc.lib
];
nativeBuildInputs = [
autoPatchelfHook
rsync
];
phases = [ "installPhase" "fixupPhase" ];
dontStrip = true;
autoPatchelfIgnoreMissingDeps = [ "libsycl.so.6" ];
installPhase = ''
mkdir -p $out/{bin,lib,include}
mkdir -p $out/share/man
cd $src
# Compiler
pushd opt/intel/oneapi/compiler/${version}
pushd linux
# Binaries
rsync -a bin/ $out/bin/
rsync -a --exclude libcilkrts.so.5 bin/intel64/ $out/bin/
# Libraries
rsync -a lib/ $out/lib/
rsync -a lib/x64/ $out/lib/
rsync -a compiler/lib/intel64_lin/ $out/lib/
chmod +w $out/lib
cp bin/intel64/libcilkrts.so.5 $out/lib/
ln -s $out/lib/libcilkrts.so.5 $out/lib/libcilkrts.so
# Headers
rsync -a compiler/include/ $out/include/
popd
popd
'';
inherit meta;
};
intel-compiler-fortran = stdenv.mkDerivation rec {
version = v.compiler;
pname = "intel-fortran";
src = joinDebs pname [
"intel-oneapi-compiler-fortran-${version}"
"intel-oneapi-compiler-fortran-common-${version}"
"intel-oneapi-compiler-fortran-runtime-${version}"
"intel-oneapi-compiler-dpcpp-cpp-classic-fortran-shared-runtime-${version}"
#"intel-oneapi-compiler-dpcpp-cpp-and-cpp-classic-${version}"
#"intel-oneapi-compiler-dpcpp-cpp-and-cpp-classic-runtime-${version}"
];
langFortran = true;
buildInputs = [
intel-mpi
intel-compiler-shared
libffi_3_3
libelf
libxml2
hwloc
stdenv.cc.cc.lib
];
nativeBuildInputs = [
autoPatchelfHook
rsync
];
phases = [ "installPhase" "fixupPhase" ];
dontStrip = true;
installPhase = ''
mkdir -p $out/{bin,lib,include}
mkdir -p $out/share/man
cd $src
# Compiler
pushd opt/intel/oneapi/compiler/${version}
pushd linux
# Binaries
rsync -a bin/ $out/bin/
rsync -a bin/intel64/ $out/bin/
# Libraries
rsync -a lib/ $out/lib/
rsync -a compiler/lib/intel64_lin/ $out/lib/
# Headers
rsync -a compiler/include/ $out/include/
popd
# Manuals
rsync -a documentation/en/man/common/ $out/share/man/
# Fix lib_lin
ln -s $out/lib $out/lib_lin
popd
'';
inherit meta;
};
intel-compiler = stdenv.mkDerivation rec {
version = v.compiler;
pname = "intel-compiler";
src = joinDebs pname [
# C/C++
"intel-oneapi-dpcpp-cpp-${version}"
"intel-oneapi-compiler-dpcpp-cpp-${version}"
"intel-oneapi-compiler-dpcpp-cpp-common-${version}"
"intel-oneapi-compiler-dpcpp-cpp-runtime-${version}"
"intel-oneapi-compiler-dpcpp-cpp-and-cpp-classic-${version}"
"intel-oneapi-compiler-dpcpp-cpp-and-cpp-classic-common-${version}"
"intel-oneapi-compiler-dpcpp-cpp-and-cpp-classic-runtime-${version}"
"intel-oneapi-compiler-dpcpp-cpp-classic-fortran-shared-runtime-${version}"
];
dontCheckForBrokenSymlinks = true;
# From https://aur.archlinux.org/packages/intel-oneapi-compiler:
# - intel-oneapi-compiler-cpp-eclipse-cfg-2023.0.0-25370_all.deb
# + intel-oneapi-compiler-dpcpp-cpp-2023.0.0-2023.0.0-25370_amd64.deb
# x intel-oneapi-compiler-dpcpp-cpp-and-cpp-classic-2023.0.0-2023.0.0-25370_amd64.deb (empty)
# + intel-oneapi-compiler-dpcpp-cpp-and-cpp-classic-2023.0.0-25370_amd64.deb
# + intel-oneapi-compiler-dpcpp-cpp-and-cpp-classic-common-2023.0.0-2023.0.0-25370_all.deb
# + intel-oneapi-compiler-dpcpp-cpp-and-cpp-classic-runtime-2023.0.0-2023.0.0-25370_amd64.deb
# + intel-oneapi-compiler-dpcpp-cpp-classic-fortran-shared-runtime-2023.0.0-2023.0.0-25370_amd64.deb
# + intel-oneapi-compiler-dpcpp-cpp-common-2023.0.0-2023.0.0-25370_all.deb
# + intel-oneapi-compiler-dpcpp-cpp-runtime-2023.0.0-2023.0.0-25370_amd64.deb
# - intel-oneapi-compiler-dpcpp-eclipse-cfg-2023.0.0-25370_all.deb
# - intel-oneapi-compiler-fortran-2023.0.0-2023.0.0-25370_amd64.deb
# - intel-oneapi-compiler-fortran-common-2023.0.0-2023.0.0-25370_all.deb
# - intel-oneapi-compiler-fortran-runtime-2023.0.0-2023.0.0-25370_amd64.deb
# - intel-oneapi-compiler-fortran-runtime-2023.0.0-25370_amd64.deb
# - intel-oneapi-compiler-shared-2023.0.0-2023.0.0-25370_amd64.deb
# - intel-oneapi-compiler-shared-common-2023.0.0-2023.0.0-25370_all.deb
# - intel-oneapi-compiler-shared-runtime-2023.0.0-2023.0.0-25370_amd64.deb
# - intel-oneapi-dpcpp-cpp-2023.0.0-2023.0.0-25370_amd64.deb
# - intel-oneapi-openmp-2023.0.0-2023.0.0-25370_amd64.deb
# - intel-oneapi-openmp-common-2023.0.0-2023.0.0-25370_all.deb
buildInputs = [
intel-compiler-shared
libffi_3_3
libelf
libxml2
hwloc
stdenv.cc.cc.lib
];
nativeBuildInputs = [
autoPatchelfHook
rsync
];
autoPatchelfIgnoreMissingDeps = [ "libtbb.so.12" "libtbbmalloc.so.2" "libze_loader.so.1" ];
phases = [ "installPhase" "fixupPhase" ];
dontStrip = true;
installPhase = ''
mkdir -p $out/{bin,lib}
mkdir -p $out/share/man
cd $src
# Compiler
pushd opt/intel/oneapi/compiler/${version}
pushd linux
# Binaries
rsync -a bin/ $out/bin/
rsync -a bin-llvm/ $out/bin/
rsync -a bin/intel64/ $out/bin/
# Libraries
rsync -a --exclude oclfpga lib/ $out/lib/
rsync -a compiler/lib/intel64_lin/ $out/lib/
# Headers
rsync -a compiler/include/ $out/include/ # Intrinsics for icc
rsync -a include/ $out/include/
chmod +w $out/include
ln -s $out/lib/clang/16.0.0/include/ $out/include/icx # For icx
popd
# Manuals
rsync -a documentation/en/man/common/ $out/share/man/
popd
'';
inherit meta;
};
wrapIntel = { cc, mygcc, extraBuild ? "", extraInstall ? "" }:
let
targetConfig = stdenv.targetPlatform.config;
in (wrapCCWith {
cc = cc;
extraBuildCommands = ''
echo "-isystem ${cc}/include" >> $out/nix-support/cc-cflags
echo "-isystem ${cc}/include/intel64" >> $out/nix-support/cc-cflags
echo "-L${mygcc.cc}/lib/gcc/${targetConfig}/${mygcc.version}" >> $out/nix-support/cc-ldflags
echo "-L${mygcc.cc.lib}/lib" >> $out/nix-support/cc-ldflags
echo "-L${intel-compiler-shared}/lib" >> $out/nix-support/cc-ldflags
echo "-L${cc}/lib" >> $out/nix-support/cc-ldflags
# Need the gcc in the path
# FIXME: We should find a better way to modify the PATH instead of using
# this ugly hack. See https://jungle.bsc.es/git/rarias/bscpkgs/issues/9
echo 'path_backup="${mygcc}/bin:$path_backup"' >> $out/nix-support/cc-wrapper-hook
# Disable hardening by default
echo "" > $out/nix-support/add-hardening.sh
'' + extraBuild;
}).overrideAttrs (old: {
installPhase = old.installPhase + extraInstall;
});
icx-wrapper = wrapIntel rec {
cc = intel-compiler;
mygcc = gcc;
extraBuild = ''
wrap icx $wrapper $ccPath/icx
wrap icpx $wrapper $ccPath/icpx
echo "-isystem ${cc}/include/icx" >> $out/nix-support/cc-cflags
echo "--gcc-toolchain=${mygcc.cc}" >> $out/nix-support/cc-cflags
'';
extraInstall = ''
export named_cc="icx"
export named_cxx="icpx"
'';
};
# Legacy
icc-wrapper = wrapIntel rec {
cc = intel-compiler;
# Intel icc classic compiler tries to behave like the gcc found in $PATH.
# EVEN if it doesn't support some of the features. See:
# https://community.intel.com/t5/Intel-C-Compiler/builtin-shuffle-GCC-compatibility-and-has-builtin/td-p/1143619
mygcc = gcc;
extraBuild = ''
wrap icc $wrapper $ccPath/icc
wrap icpc $wrapper $ccPath/icpc
echo "-isystem ${cc}/include/icc" >> $out/nix-support/cc-cflags
'';
extraInstall = ''
export named_cc="icc"
export named_cxx="icpc"
'';
};
ifort-wrapper = wrapIntel rec {
cc = intel-compiler-fortran;
mygcc = gcc;
extraBuild = ''
wrap ifort $wrapper $ccPath/ifort
'';
extraInstall = ''
export named_fc="ifort"
'';
};
stdenv-icc = stdenv.override {
cc = icc-wrapper;
allowedRequisites = null;
};
stdenv-icx = stdenv.override {
cc = icx-wrapper;
allowedRequisites = null;
};
stdenv-ifort = stdenv.override {
cc = ifort-wrapper;
allowedRequisites = null;
};
in
{
inherit intel-mpi;
icx = icx-wrapper;
icc = icc-wrapper;
ifort = ifort-wrapper;
stdenv = stdenv-icx;
stdenv-icc = stdenv-icc;
stdenv-ifort = stdenv-ifort;
}

8769
pkgs/intel-oneapi/all-packages
View File

File diff suppressed because it is too large Load Diff

34075
pkgs/intel-oneapi/amd64-packages
View File

File diff suppressed because it is too large Load Diff

4
pkgs/intel-oneapi/update.sh
View File

@@ -1,4 +0,0 @@
#!/bin/sh
curl https://apt.repos.intel.com/oneapi/dists/all/main/binary-amd64/Packages -o amd64-packages
curl https://apt.repos.intel.com/oneapi/dists/all/main/binary-all/Packages -o all-packages

44
pkgs/libpsm2/default.nix
View File

@@ -1,44 +0,0 @@
{ stdenv, lib, fetchFromGitHub, numactl, pkg-config }:
let
version = "11.2.185";
in
stdenv.mkDerivation {
pname = "libpsm2";
inherit version;
preConfigure= ''
export UDEVDIR=$out/etc/udev
substituteInPlace ./Makefile --replace "udevrulesdir}" "prefix}/etc/udev";
'';
enableParallelBuilding = true;
buildInputs = [ numactl pkg-config ];
installFlags = [
"DESTDIR=$(out)"
"UDEVDIR=/etc/udev"
"LIBPSM2_COMPAT_CONF_DIR=/etc"
];
src = fetchFromGitHub {
owner = "intel";
repo = "opa-psm2";
rev = "PSM2_${version}";
sha256 = "062hg4r6gz7pla9df70nqs5i2a3mp1wszmp4l0g771fykhhrxsjg";
};
postInstall = ''
mv $out/usr/* $out
rmdir $out/usr
'';
meta = with lib; {
homepage = "https://github.com/intel/opa-psm2";
description = "The PSM2 library supports a number of fabric media and stacks";
license = with licenses; [ gpl2 bsd3 ];
platforms = [ "x86_64-linux" ];
maintainers = [ maintainers.bzizou ];
};
}

137
pkgs/llvm-ompss2/clang.nix
View File

@@ -1,137 +0,0 @@
{
llvmPackages_latest
, lib
, fetchFromGitHub
, cmake
, bash
, python3
, perl
, which
, elfutils
, libffi
, zlib
, pkg-config
, gcc # needed to set the rpath of libstdc++ for clang-tblgen
, enableDebug ? false
, useGit ? false
, gitUrl ? "ssh://git@bscpm04.bsc.es/llvm-ompss/llvm-mono.git"
, gitBranch ? "master"
, gitCommit ? "872ba63f86edaefc9787984ef3fae9f2f94e0124" # github-release-2025.11
}:
let
stdenv = llvmPackages_latest.stdenv;
release = rec {
version = "2025.11";
src = fetchFromGitHub {
owner = "bsc-pm";
repo = "llvm";
rev = "refs/tags/github-release-${version}";
hash = "sha256-UgwMTUkM9Z87dDH205swZFBeFhrcbLAxginViG40pBM=";
};
};
git = rec {
version = src.shortRev;
src = builtins.fetchGit {
url = gitUrl;
ref = gitBranch;
rev = gitCommit;
};
};
source = if (useGit) then git else release;
in stdenv.mkDerivation {
pname = "clang-ompss2";
inherit (source) src version;
enableParallelBuilding = true;
passthru = {
CC = "clang";
CXX = "clang++";
isClang = true;
isClangWithOmpss = true;
inherit gcc zlib;
};
nativeBuildInputs = [
bash
cmake
elfutils
llvmPackages_latest.lld
pkg-config
python3
perl
which
zlib
];
buildInputs = [
libffi
zlib
gcc.cc.lib # Required for libstdc++.so.6
];
# Error with -D_FORTIFY_SOURCE=2, see https://bugs.gentoo.org/636604:
# /build/source/compiler-rt/lib/tsan/dd/dd_interceptors.cpp:225:20:
# error: redefinition of 'realpath'
# Requires disabling the "fortify" set of flags, however, for performance we
# disable all:
hardeningDisable = [ "all" ];
cmakeBuildType = if enableDebug then "Debug" else "Release";
dontStrip = enableDebug;
dontUseCmakeBuildDir = true;
# Fix the host triple, as it has changed in a newer config.guess:
# https://git.savannah.gnu.org/gitweb/?p=config.git;a=commitdiff;h=ca9bfb8cc75a2be1819d89c664a867785c96c9ba
preConfigure = ''
mkdir -p build
cd build
cmakeDir="../llvm"
cmakeFlagsArray=(
"-DLLVM_HOST_TRIPLE=${stdenv.targetPlatform.config}"
"-DLLVM_TARGETS_TO_BUILD=host"
"-DLLVM_BUILD_LLVM_DYLIB=ON"
"-DLLVM_LINK_LLVM_DYLIB=ON"
# Required to run clang-ast-dump and clang-tblgen during build
"-DCMAKE_BUILD_RPATH=$PWD/lib:${zlib}/lib:${gcc.cc.lib}/lib"
"-DLLVM_ENABLE_LLD=ON"
"-DCMAKE_CXX_FLAGS_DEBUG=-g -ggnu-pubnames"
"-DCMAKE_EXE_LINKER_FLAGS_DEBUG=-Wl,--gdb-index"
"-DLLVM_LIT_ARGS=-sv --xunit-xml-output=xunit.xml"
"-DLLVM_ENABLE_PROJECTS=clang;compiler-rt;lld"
"-DLLVM_ENABLE_ASSERTIONS=ON"
"-DLLVM_INSTALL_TOOLCHAIN_ONLY=ON"
"-DCMAKE_INSTALL_BINDIR=bin"
"-DLLVM_ENABLE_ZLIB=FORCE_ON"
"-DLLVM_ENABLE_LIBXML2=OFF"
# Set the rpath to include external libraries (zlib) both on build and
# install
"-DCMAKE_INSTALL_RPATH_USE_LINK_PATH=ON"
"-DCMAKE_INSTALL_RPATH=${zlib}/lib:${gcc.cc.lib}/lib"
"-DLLVM_APPEND_VC_REV=ON"
"-DLLVM_FORCE_VC_REVISION=${source.version}"
)
'';
# About "-DCLANG_DEFAULT_NANOS6_HOME=${nanos6}", we could specify a default
# nanos6 installation, but this is would require a recompilation of clang each
# time nanos6 is changed. Better to use the environment variable NANOS6_HOME,
# and specify nanos6 at run time.
meta = {
homepage = "https://gitlab.pm.bsc.es/llvm-ompss/llvm-mono";
description = "C language family frontend for LLVM (for OmpSs-2)";
maintainers = with lib.maintainers.bsc; [ rpenacob ];
platforms = lib.platforms.linux;
license = [ lib.licenses.asl20 lib.licenses.llvm-exception ];
};
}

70
pkgs/llvm-ompss2/default.nix
View File

@@ -1,70 +0,0 @@
{
stdenv
, lib
, gcc
, clangOmpss2Unwrapped
, openmp ? null
, wrapCCWith
, llvmPackages_latest
, ompss2rt ? null
}:
with lib;
let
usingNodesAndOmpv = (openmp.pname == "openmp-v" && ompss2rt.pname == "nodes");
sameNosv = openmp.nosv == ompss2rt.nosv;
in
assert assertMsg (usingNodesAndOmpv -> sameNosv) "OpenMP-V and NODES must share the same nOS-V";
let
homevar = if ompss2rt.pname == "nanos6" then "NANOS6_HOME" else "NODES_HOME";
rtname = if ompss2rt.pname == "nanos6" then "libnanos6" else "libnodes";
ompname = if openmp.pname == "openmp-v" then "libompv" else "libomp";
# We need to replace the lld linker from bintools with our linker just built,
# otherwise we run into incompatibility issues when mixing compiler and linker
# versions.
bintools-unwrapped = llvmPackages_latest.bintools-unwrapped.override {
lld = clangOmpss2Unwrapped;
};
bintools = llvmPackages_latest.bintools.override {
bintools = bintools-unwrapped;
};
targetConfig = stdenv.targetPlatform.config;
inherit gcc;
cc = clangOmpss2Unwrapped;
gccVersion = with versions; let v = gcc.version; in concatStringsSep "." [(major v) (minor v) (patch v)];
in wrapCCWith {
inherit cc bintools;
# extraPackages adds packages to depsTargetTargetPropagated
extraPackages = optional (openmp != null) openmp;
extraBuildCommands = ''
echo "-target ${targetConfig}" >> $out/nix-support/cc-cflags
echo "-B${gcc.cc}/lib/gcc/${targetConfig}/${gccVersion}" >> $out/nix-support/cc-cflags
echo "-L${gcc.cc}/lib/gcc/${targetConfig}/${gccVersion}" >> $out/nix-support/cc-ldflags
echo "-L${gcc.cc.lib}/lib" >> $out/nix-support/cc-ldflags
for dir in ${gcc.cc}/include/c++/*; do
echo "-isystem $dir" >> $out/nix-support/libcxx-cxxflags
done
for dir in ${gcc.cc}/include/c++/*/${targetConfig}; do
echo "-isystem $dir" >> $out/nix-support/libcxx-cxxflags
done
echo "--gcc-toolchain=${gcc}" >> $out/nix-support/cc-cflags
wrap clang++ $wrapper $ccPath/clang++
'' + optionalString (openmp != null) ''
echo "export OPENMP_RUNTIME=${ompname}" >> $out/nix-support/cc-wrapper-hook
'' + optionalString (ompss2rt != null) ''
echo "export OMPSS2_RUNTIME=${rtname}" >> $out/nix-support/cc-wrapper-hook
echo "export ${homevar}=${ompss2rt}" >> $out/nix-support/cc-wrapper-hook
'' + optionalString (ompss2rt != null && ompss2rt.pname == "nodes") ''
echo "export NOSV_HOME=${ompss2rt.nosv}" >> $out/nix-support/cc-wrapper-hook
'';
}

86
pkgs/llvm-ompss2/openmp.nix
View File

@@ -1,86 +0,0 @@
{ lib
, llvmPackages_latest
, monorepoSrc
, runCommand
, cmake
, ninja
, llvm
, perl
, pkg-config
, version
, nosv
, ovni
, python3
, enableNosv ? false
, enableDebug ? false
, enableOvni ? false
}:
assert enableOvni -> enableNosv;
let
stdenv = llvmPackages_latest.stdenv;
in
stdenv.mkDerivation rec {
pname = "openmp" + (lib.optionalString enableNosv "-v");
inherit version;
src = runCommand "${pname}-src" {} ''
mkdir -p "$out"
cp -r ${monorepoSrc}/cmake "$out"
cp -r ${monorepoSrc}/openmp "$out"
'';
sourceRoot = "${src.name}/openmp";
nativeBuildInputs = [
cmake
ninja
perl
pkg-config
python3
] ++ lib.optionals enableNosv [
nosv
] ++ lib.optionals enableOvni [
ovni
];
doCheck = false;
hardeningDisable = [ "all" ];
cmakeBuildType = if enableDebug then "Debug" else "Release";
dontStrip = enableDebug;
separateDebugInfo = true;
cmakeFlags = [
"-DLIBOMP_OMPD_SUPPORT=OFF"
"-DOPENMP_ENABLE_LIBOMPTARGET=OFF"
];
# Remove support for GNU and Intel Openmp.
# Also, remove libomp if building with nosv, as there is no support to build
# only one runtime at a time.
postInstall = ''
rm -f $out/lib/libgomp*
rm -f $out/lib/libiomp*
'' + lib.optionalString enableNosv ''
rm -f $out/lib/libomp.*
rm -f $out/libllvmrt/libomp.*
'';
passthru = {
inherit nosv;
};
meta = {
homepage = "https://gitlab.pm.bsc.es/llvm-ompss/llvm-mono";
description = "Support for the OpenMP language (with nOS-V)";
maintainers = with lib.maintainers.bsc; [ rpenacob ];
platforms = lib.platforms.linux;
license = [ lib.licenses.asl20 lib.licenses.llvm-exception ];
};
}

50
pkgs/lmbench/default.nix
View File

@@ -1,50 +0,0 @@
{
lib,
stdenv,
libtirpc,
fetchFromGitHub
}:
stdenv.mkDerivation rec {
pname = "lmbench";
version = "941a0dcc";
# We use the intel repo as they have fixed some problems
src = fetchFromGitHub {
owner = "intel";
repo = pname;
rev = "941a0dcc0e7bdd9bb0dee05d7f620e77da8c43af";
sha256 = "sha256-SzwplRBO3V0R3m3p15n71ivYBMGoLsajFK2TapYxdqk=";
};
postPatch = ''
sed -i "s@/bin/rm@rm@g" $(find . -name Makefile)
'';
buildInputs = [ libtirpc ];
patches = [ ./fix-install.patch ./gcc-14.patch ];
hardeningDisable = [ "all" ];
enableParallelBuilding = false;
preBuild = ''
makeFlagsArray+=(
-C src
BASE=$out
CFLAGS=-Wno-implicit-int
CPPFLAGS=-I${libtirpc.dev}/include/tirpc
LDFLAGS=-ltirpc
CC=$CC
AR=$AR
)
'';
meta = {
description = "lmbench";
homepage = "https://github.com/intel/lmbench";
maintainers = with lib.maintainers.bsc; [ rarias ];
platforms = lib.platforms.all;
license = lib.licenses.gpl2Plus;
};
}

10
pkgs/lmbench/fix-install.patch
View File

@@ -1,10 +0,0 @@
--- a/src/Makefile
+++ b/src/Makefile
@@ -144,6 +144,7 @@ install-target:
if [ ! -d $(BASE)/include ]; then mkdir $(BASE)/include; fi
if [ ! -d $(BASE)/lib ]; then mkdir $(BASE)/lib; fi
cp $(EXES) $(BASE)/bin
+ cp $(OPT_EXES) $(BASE)/bin
cp $(INCS) $(BASE)/include
cp $O/lmbench.a $(BASE)/lib/libmbench.a
cd ../doc; env MAKEFLAGS="$(MAKEFLAGS)" make CC="${CC}" OS="${OS}" BASE="$(BASE)" install

77
pkgs/lmbench/gcc-14.patch
View File

@@ -1,77 +0,0 @@
From a3c6e7d303cd8368e8d4e35be7cbc1997e801257 Mon Sep 17 00:00:00 2001
From: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Date: Mon, 21 Jul 2025 17:38:58 +0200
Subject: [PATCH] Misc fixes to build with gcc 14
---
src/bench.h | 2 ++
src/lat_select.c | 2 +-
src/lib_debug.c | 1 +
src/lib_sched.c | 2 +-
src/lib_timing.c | 2 +-
5 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/src/bench.h b/src/bench.h
index 8166408..4da9079 100644
--- a/src/bench.h
+++ b/src/bench.h
@@ -320,4 +320,6 @@ extern int handle_scheduler(int childno, int benchproc, int nbenchprocs);
extern char *rpc_xact_1();
extern char *client_rpc_xact_1();
+void lmbench_usage(int argc, char *argv[], char* usage);
+
#endif /* _BENCH_H */
diff --git a/src/lat_select.c b/src/lat_select.c
index 583b505..39df369 100644
--- a/src/lat_select.c
+++ b/src/lat_select.c
@@ -164,7 +164,7 @@ doit(iter_t iterations, void * cookie)
state_t * state = (state_t *)cookie;
fd_set nosave;
static struct timeval tv;
- static count = 0;
+ static int count = 0;
tv.tv_sec = 0;
tv.tv_usec = 0;
diff --git a/src/lib_debug.c b/src/lib_debug.c
index e8347dd..cf65312 100644
--- a/src/lib_debug.c
+++ b/src/lib_debug.c
@@ -1,5 +1,6 @@
#include "bench.h"
#include "lib_debug.h"
+#include <math.h>
/*
* return micro-seconds / iteration at the the fraction point.
diff --git a/src/lib_sched.c b/src/lib_sched.c
index aa83ae0..4f16bbf 100644
--- a/src/lib_sched.c
+++ b/src/lib_sched.c
@@ -91,7 +91,7 @@ handle_scheduler(int childno, int benchproc, int nbenchprocs)
childno * (nbenchprocs + 1) + benchproc);
} else {
/* default action: do nothing */
- return;
+ return 0;
}
return sched_pin(cpu % sched_ncpus());
diff --git a/src/lib_timing.c b/src/lib_timing.c
index af8cf68..7ec9652 100644
--- a/src/lib_timing.c
+++ b/src/lib_timing.c
@@ -1623,7 +1623,7 @@ bread(void* buf, long nbytes)
void
touch(char *buf, int nbytes)
{
- static psize;
+ static int psize;
if (!psize) {
psize = getpagesize();
--
2.49.0

7
pkgs/maintainers.nix
View File

@@ -1,7 +0,0 @@
builtins.mapAttrs (name: value: { email = name + "@bsc.es"; } // value) {
abonerib.name = "Aleix Boné";
arocanon.name = "Aleix Roca";
rarias.name = "Rodrigo Arias";
rpenacob.name = "Raúl Peñacoba";
varcila.name = "Vincent Arcila";
}

75
pkgs/mcxx/default.nix
View File

@@ -1,75 +0,0 @@
{
stdenv
, lib
, fetchFromGitHub
, autoreconfHook
, nanos6
, gperf
, python3
, gfortran
, pkg-config
, sqlite
, flex
, bison
, gcc
}:
stdenv.mkDerivation rec {
pname = "mcxx";
version = "2023.11";
passthru = {
CC = "mcc";
CXX = "mcxx";
};
# mcxx doesn't use tags, so we pick the same version of the ompss2 release
src = fetchFromGitHub {
owner = "bsc-pm";
repo = pname;
rev = "github-release-${version}";
hash = "sha256-GyBvyy/HD3t9rHSXAYZRMhn4o4Nm/HFfjuOS8J0LPu8=";
};
enableParallelBuilding = true;
nativeBuildInputs = [
autoreconfHook
bison
flex
python3
gfortran
pkg-config
gperf
gcc
];
buildInputs = [
nanos6
sqlite.dev
];
patches = [ ./intel.patch ];
preConfigure = ''
export ICC=icc
export ICPC=icpc
export IFORT=ifort
'';
configureFlags = [
"--enable-ompss-2"
"--with-nanos6=${nanos6}"
# Fails with "memory exhausted" with bison 3.7.1
# "--enable-bison-regeneration"
];
meta = {
broken = true;
homepage = "https://github.com/bsc-pm/mcxx";
description = "C/C++/Fortran source-to-source compilation infrastructure aimed at fast prototyping";
maintainers = with lib.maintainers.bsc; [ rpenacob ];
platforms = lib.platforms.linux;
license = lib.licenses.gpl3Plus;
};
}

69
pkgs/mcxx/git.nix
View File

@@ -1,69 +0,0 @@
{
stdenv
, lib
, fetchFromGitHub
, autoreconfHook
, nanos6
, gperf
, python
, gfortran
, pkg-config
, sqlite
, flex
, bison
, gcc
}:
stdenv.mkDerivation rec {
pname = "mcxx";
version = src.shortRev;
passthru = {
CC = "mcc";
CXX = "mcxx";
};
src = builtins.fetchGit {
url = "ssh://git@bscpm04.bsc.es/mercurium/mcxx";
ref = "master";
};
enableParallelBuilding = true;
buildInputs = [
autoreconfHook
nanos6
gperf
python
gfortran
pkg-config
sqlite.dev
bison
flex
gcc
];
# TODO: Not sure if we need this patch anymore (?)
#patches = [ ./intel.patch ];
preConfigure = ''
export ICC=icc
export ICPC=icpc
export IFORT=ifort
'';
configureFlags = [
"--enable-ompss-2"
"--with-nanos6=${nanos6}"
# Fails with "memory exhausted" with bison 3.7.1
# "--enable-bison-regeneration"
];
meta = {
homepage = "https://github.com/bsc-pm/mcxx";
description = "C/C++/Fortran source-to-source compilation infrastructure aimed at fast prototyping";
maintainers = with lib.maintainers.bsc; [ rpenacob ];
platforms = lib.platforms.linux;
license = lib.licenses.gpl3Plus;
};
}

19
pkgs/mcxx/intel.patch
View File

@@ -1,19 +0,0 @@
--- a/configure.ac 2020-07-10 16:15:11.431606455 +0200
+++ b/configure.ac 2020-07-10 16:15:24.291586572 +0200
@@ -367,16 +367,6 @@
[ enable_intel_compilers="yes"])
AC_MSG_RESULT([$enable_intel_compilers])
-
-IFORT=
-ICC=
-ICPC=
-if test x"$enable_intel_compilers" = x"yes";
-then
- AC_CHECK_PROG([IFORT], [ifort], [ifort])
- AC_CHECK_PROG([ICC], [icc], [icc])
- AC_CHECK_PROG([ICPC], [icpc], [icpc])
-fi
dnl --------------- END Intel Compilers ---------------------
mic_compilation="no"

68
pkgs/mcxx/rarias.nix
View File

@@ -1,68 +0,0 @@
{ stdenv
, lib
, fetchgit
, autoreconfHook
, nanos6
, gperf
, python
, gfortran
, pkg-config
, sqlite
, flex
, bison
, gcc
}:
stdenv.mkDerivation rec {
name = "mcxx-rarias";
#version attribute ignored when using fetchgit:
#version = "2.2.0-70a299cf";
#src = /home/Computational/rarias/mcxx;
src = builtins.fetchGit {
url = "ssh://git@bscpm04.bsc.es/rarias/mcxx";
rev = "44129a6ac05b8f78b06e9e2eff71438b5ca4d29f";
};
enableParallelBuilding = true;
buildInputs = [
autoreconfHook
nanos6
gperf
python
gfortran
pkg-config
sqlite.dev
bison
flex
gcc
];
patches = [ ./intel.patch ];
preConfigure = ''
export ICC=icc
export ICPC=icpc
export IFORT=ifort
'';
configureFlags = [
"--enable-ompss-2"
"--with-nanos6=${nanos6}"
# "--enable-bison-regeneration"
];
# Regenerate ia32 builtins to add the ones for gcc9
#preBuild = ''
# make generate_builtins_ia32 GXX_X86_BUILTINS=${gcc}/bin/g++
#'';
#
meta = {
homepage = "https://github.com/bsc-pm/mcxx";
description = "C/C++/Fortran source-to-source compilation infrastructure aimed at fast prototyping";
maintainers = with lib.maintainers.bsc; [ rarias ];
platforms = lib.platforms.linux;
license = lib.licenses.gpl3Plus;
};
}

4
pkgs/meteocat-exporter/default.nix
View File

@@ -1,11 +1,9 @@
{ python3Packages, lib }:
python3Packages.buildPythonApplication {
python3Packages.buildPythonApplication rec {
pname = "meteocat-exporter";
version = "1.0";
pyproject = true;
src = ./.;
doCheck = false;

Some files were not shown because too many files have changed in this diff Show More