weasel: use tent cache

Add nixfmt-rfc-style to common packages
Add packages to user abonerib
2025-09-30 15:38:54 +02:00 · 2025-09-30 15:38:53 +02:00 · 2025-09-30 15:38:53 +02:00 · 2025-09-30 15:38:52 +02:00 · 2025-09-30 15:38:52 +02:00 · 2025-09-30 15:38:51 +02:00
11 changed files with 70 additions and 75 deletions
--- a/doc/trim.sh
+++ b/doc/trim.sh
@@ -1,46 +0,0 @@
-#!/bin/sh
-
-# Trims the jungle repository by moving the website to its own repository and
-# removing it from jungle. It also removes big pdf files and kernel
-# configurations so the jungle repository is small.
-
-set -e
-
-if [ -e oldjungle -o -e newjungle -o -e website ]; then
-  echo "remove oldjungle/, newjungle/ and website/ first"
-  exit 1
-fi
-
-# Clone the old jungle repo
-git clone gitea@tent:rarias/jungle.git oldjungle
-
-# First split the website into a new repository
-mkdir website && git -C website init -b master
-git-filter-repo \
-  --path web \
-  --subdirectory-filter web \
-  --source oldjungle \
-  --target website
-
-# Then remove the website, pdf files and big kernel configs
-mkdir newjungle && git -C newjungle init -b master
-git-filter-repo \
-  --invert-paths \
-  --path web \
-  --path-glob 'doc*.pdf' \
-  --path-glob '**/kernel/configs/lockdep' \
-  --path-glob '**/kernel/configs/defconfig' \
-  --source oldjungle \
-  --target newjungle
-
-set -x
-
-du -sh oldjungle newjungle website
-#  57M  oldjungle
-# 2,3M  newjungle
-# 6,4M  website
-
-du -sh --exclude=.git oldjungle newjungle website
-#  30M  oldjungle
-# 700K  newjungle
-# 3,5M  website
--- a/m/common/base.nix
+++ b/m/common/base.nix
@@ -11,11 +11,13 @@
    ./base/hw.nix
    ./base/net.nix
    ./base/nix.nix
+    ./base/nosv.nix
    ./base/ntp.nix
    ./base/rev.nix
    ./base/ssh.nix
    ./base/users.nix
    ./base/watchdog.nix
    ./base/zsh.nix
+    ./base/fish.nix
  ];
 }
--- a/m/common/base/env.nix
+++ b/m/common/base/env.nix
@@ -5,6 +5,8 @@
    vim wget git htop tmux pciutils tcpdump ripgrep nix-index nixos-option
    nix-diff ipmitool freeipmi ethtool lm_sensors cmake gnumake file tree
    ncdu config.boot.kernelPackages.perf ldns pv
+    nix-output-monitor
+    nixfmt-rfc-style
    # From bsckgs overlay
    osumb
  ];
--- a/m/common/base/fish.nix
+++ b/m/common/base/fish.nix
@@ -0,0 +1,4 @@
+{ ... }:
+{
+  programs.fish.enable = true;
+}
--- a/m/common/base/nosv.nix
+++ b/m/common/base/nosv.nix
@@ -0,0 +1,9 @@
+{ ... }:
+{
+  nix.settings.system-features = [ "nosv" ];
+  programs.nix-required-mounts.enable = true;
+  programs.nix-required-mounts.allowedPatterns.nosv.paths = [
+    "/sys/devices/system/cpu"
+    "/sys/devices/system/node"
+  ];
+}
--- a/m/common/base/users.nix
+++ b/m/common/base/users.nix
@@ -87,6 +87,12 @@
        openssh.authorizedKeys.keys = [
          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIIFiqXqt88VuUfyANkZyLJNiuroIITaGlOOTMhVDKjf abonerib@bsc"
        ];
+        shell = pkgs.fish;
+        packages = with pkgs; [
+          starship
+          jujutsu
+          neovim
+        ];
      };

      vlopez = {
@@ -156,6 +162,7 @@
      };

      csiringo = {
+        # Arbitrary UID but large so it doesn't collide with other users on ssfhead.
        uid = 9653;
        isNormalUser = true;
        home = "/home/Computational/csiringo";
@@ -167,19 +174,6 @@
          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHA65zvvG50iuFEMf+guRwZB65jlGXfGLF4HO+THFaed csiringo@bsc.es"
        ];
      };
-
-      acinca = {
-        uid = 9654;
-        isNormalUser = true;
-        home = "/home/Computational/acinca";
-        description = "Arnau Cinca";
-        group = "Computational";
-        hosts = [ "apex" "hut" "fox" "owl1" "owl2" ];
-        hashedPassword = "$6$S6PUeRpdzYlidxzI$szyvWejQ4hEN76yBYhp1diVO5ew1FFg.cz4lKiXt2Idy4XdpifwrFTCIzLTs5dvYlR62m7ekA5MrhcVxR5F/q/";
-        openssh.authorizedKeys.keys = [
-          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFmMqKqPg4uocNOr3O41kLbZMOMJn3m2ZdN1JvTR96z3 bsccns@arnau-bsc"
-        ];
-      };
    };

    groups = {
--- a/m/hut/nginx.nix
+++ b/m/hut/nginx.nix
@@ -2,13 +2,10 @@
 let
  website = pkgs.stdenv.mkDerivation {
    name = "jungle-web";
-    src = pkgs.fetchgit {
-      url = "https://jungle.bsc.es/git/rarias/jungle-website.git";
-      rev = "739bf0175a7f05380fe7ad7023ff1d60db1710e1";
-      hash = "sha256-ea5DzhYTzZ9TmqD+x95rdNdLbxPnBluqlYH2NmBYmc4=";
-    };
+    src = theFlake;
    buildInputs = [ pkgs.hugo ];
    buildPhase = ''
+      cd web
      rm -rf public/
      hugo
    '';
--- a/m/module/slurm-client.nix
+++ b/m/module/slurm-client.nix
@@ -12,12 +12,6 @@
    # https://github.com/NixOS/nixpkgs/commit/ae93ed0f0d4e7be0a286d1fca86446318c0c6ffb
    # https://bugs.schedmd.com/show_bug.cgi?id=2095#c24
    KillMode = lib.mkForce "control-group";
-
-    # If slurmd fails to contact the control server it will fail, causing the
-    # node to remain out of service until manually restarted. Always try to
-    # restart it.
-    Restart = "always";
-    RestartSec = "30s";
  };

  services.slurm.client.enable = true;
--- a/m/tent/nginx.nix
+++ b/m/tent/nginx.nix
@@ -2,13 +2,10 @@
 let
  website = pkgs.stdenv.mkDerivation {
    name = "jungle-web";
-    src = pkgs.fetchgit {
-      url = "https://jungle.bsc.es/git/rarias/jungle-website.git";
-      rev = "739bf0175a7f05380fe7ad7023ff1d60db1710e1";
-      hash = "sha256-ea5DzhYTzZ9TmqD+x95rdNdLbxPnBluqlYH2NmBYmc4=";
-    };
+    src = theFlake;
    buildInputs = [ pkgs.hugo ];
    buildPhase = ''
+      cd web
      rm -rf public/
      hugo
    '';
--- a/m/weasel/configuration.nix
+++ b/m/weasel/configuration.nix
@@ -4,6 +4,7 @@
  imports = [
    ../common/ssf.nix
    ../module/hut-substituter.nix
+    ./virtualization.nix
  ];

  # Select this using the ID to avoid mismatches
@@ -30,4 +31,5 @@
      prefixLength = 24;
    } ];
  };
+
 }
--- a/m/weasel/virtualization.nix
+++ b/m/weasel/virtualization.nix
@@ -0,0 +1,40 @@
+{
+  lib,
+  pkgs,
+  config,
+  ...
+}:
+
+{
+  # Enable common container config files in /etc/containers
+  virtualisation.containers.enable = true;
+  virtualisation = {
+    podman = {
+      enable = true;
+
+      # Required for containers under podman-compose to be able to talk to each other.
+      defaultNetwork.settings.dns_enabled = true;
+    };
+  };
+
+  # We cannot use /home since nfs does not support fileattrs needed by podman
+  systemd.tmpfiles.settings = {
+    "podman-users" = lib.mapAttrs' (
+      name: value:
+      lib.nameValuePair ("/var/lib/podman-users/" + name) {
+        d = {
+          group = value.group;
+          mode = value.homeMode;
+          user = name;
+        };
+      }
+    ) (lib.filterAttrs (_: x: x.isNormalUser) config.users.users);
+  };
+
+  # Useful other development tools
+  environment.systemPackages = with pkgs; [
+    dive # look into docker image layers
+    podman-tui # status of containers in the terminal
+    podman-compose # start group of containers for dev
+  ];
+}
Author	SHA1	Message	Date
Aleix Boné	c4a63b8ffd	weasel: use tent cache	2025-09-30 15:38:54 +02:00
Aleix Boné	47da32d2cb	Add nixfmt-rfc-style to common packages	2025-09-30 15:38:53 +02:00
Aleix Boné	a0a425b013	Add packages to user abonerib	2025-09-30 15:38:53 +02:00
Aleix Boné	6db0d7e1ef	Add nix-output-monitor to default packages	2025-09-30 15:38:52 +02:00
Aleix Boné	3275646804	Set fish shell for user abonerib	2025-09-30 15:38:52 +02:00
Aleix Boné	b29403db13	weasel: create user folders in /var/lib/podman-users /home is a nfs mount, which does not support extra filesystem arguments needed to run podman. We need to have a local home.	2025-09-30 15:38:51 +02:00
Aleix Boné	8e2d703492	weasel: add podman	2025-09-30 15:38:51 +02:00
Aleix Boné	db6a3faa44	Enable nosv system feature	2025-09-30 15:37:14 +02:00