Enable meta.cross for mpich related packages

flake.lock

@@ -2,16 +2,16 @@
   "nodes": {
     "nixpkgs": {
       "locked": {
-        "lastModified": 1767634882,
-        "narHash": "sha256-2GffSfQxe3sedHzK+sTKlYo/NTIAGzbFCIsNMUPAAnk=",
+        "lastModified": 1752436162,
+        "narHash": "sha256-Kt1UIPi7kZqkSc5HVj6UY5YLHHEzPBkgpNUByuyxtlw=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "3c9db02515ef1d9b6b709fc60ba9a540957f661c",
+        "rev": "dfcd5b901dbab46c9c6e80b265648481aafb01f8",
         "type": "github"
       },
       "original": {
         "owner": "NixOS",
-        "ref": "nixos-25.11",
+        "ref": "nixos-25.05",
         "repo": "nixpkgs",
         "type": "github"
       }

flake.nix

@@ -1,6 +1,6 @@
 {
   inputs = {
-    nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
   };
 
   outputs = { self, nixpkgs, ... }:

m/apex/configuration.nix

@@ -57,18 +57,6 @@
     };
   };
 
-  services.fail2ban = {
-    enable = true;
-    maxretry = 5;
-    bantime-increment = {
-      enable = true; # Double ban time on each attack
-      maxtime = "7d"; # Ban up to a week
-    };
-  };
-
-  # Disable SSH login with password, allow only keypair
-  services.openssh.settings.PasswordAuthentication = false;
-
   networking.firewall = {
     extraCommands = ''
       # Blackhole BSC vulnerability scanner (OpenVAS) as it is spamming our

m/bay/configuration.nix

@@ -24,7 +24,7 @@
       address = "10.0.40.40";
       prefixLength = 24;
     } ];
-    interfaces.ibs785.ipv4.addresses = [ {
+    interfaces.ibp5s0.ipv4.addresses = [ {
       address = "10.0.42.40";
       prefixLength = 24;
     } ];

m/common/base/env.nix

@@ -1,10 +1,10 @@
-{ pkgs, ... }:
+{ pkgs, config, ... }:
 
 {
   environment.systemPackages = with pkgs; [
     vim wget git htop tmux pciutils tcpdump ripgrep nix-index nixos-option
     nix-diff ipmitool freeipmi ethtool lm_sensors cmake gnumake file tree
-    ncdu perf ldns pv
+    ncdu config.boot.kernelPackages.perf ldns pv
     # From jungle overlay
     osumb nixgen
   ];

m/common/base/users.nix

@@ -139,7 +139,6 @@
         openssh.authorizedKeys.keys = [
           "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKGt0ESYxekBiHJQowmKpfdouw0hVm3N7tUMtAaeLejK vincent@varch"
         ];
-        shell = pkgs.zsh;
       };
 
       pmartin1 = {

m/common/base/watchdog.nix

@@ -5,5 +5,5 @@
   boot.kernelModules = [ "ipmi_watchdog" ];
 
   # Enable systemd watchdog with 30 s interval
-  systemd.settings.Manager.RuntimeWatchdogSec = 30;
+  systemd.watchdog.runtimeTime = "30s";
 }

m/eudy/kernel/perf.nix

@@ -1,6 +1,11 @@
-{ pkgs, lib, ... }:
+{ config, pkgs, lib, ... }:
 
 {
+  # add the perf tool
+  environment.systemPackages = with pkgs; [
+    config.boot.kernelPackages.perf
+  ];
+
   # allow non-root users to read tracing data from the kernel
   boot.kernel.sysctl."kernel.perf_event_paranoid" = -2;
   boot.kernel.sysctl."kernel.kptr_restrict" = 0;

m/fox/configuration.nix

@@ -93,4 +93,20 @@
     wantedBy = [ "multi-user.target" ];
     serviceConfig.ExecStart = script;
   };
+
+  # Only allow SSH connections from users who have a SLURM allocation
+  # See: https://slurm.schedmd.com/pam_slurm_adopt.html
+  security.pam.services.sshd.rules.account.slurm = {
+    control = "required";
+    enable = true;
+    modulePath = "${pkgs.slurm}/lib/security/pam_slurm_adopt.so";
+    args = [ "log_level=debug5" ];
+    order = 999999; # Make it last one
+  };
+
+  # Disable systemd session (pam_systemd.so) as it will conflict with the
+  # pam_slurm_adopt.so module. What happens is that the shell is first adopted
+  # into the slurmstepd task and then into the systemd session, which is not
+  # what we want, otherwise it will linger even if all jobs are gone.
+  security.pam.services.sshd.startSession = lib.mkForce false;
 }

m/hut/configuration.nix

@@ -45,7 +45,7 @@
       address = "10.0.40.7";
       prefixLength = 24;
     } ];
-    interfaces.ibs785.ipv4.addresses = [ {
+    interfaces.ibp5s0.ipv4.addresses = [ {
       address = "10.0.42.7";
       prefixLength = 24;
     } ];

m/lake2/configuration.nix

@@ -46,7 +46,7 @@
       address = "10.0.40.42";
       prefixLength = 24;
     } ];
-    interfaces.ibs785.ipv4.addresses = [ {
+    interfaces.ibp5s0.ipv4.addresses = [ {
       address = "10.0.42.42";
       prefixLength = 24;
     } ];

m/module/debuginfod.nix

@@ -1,10 +1,3 @@
 {
-  services.nixseparatedebuginfod2 = {
-    enable = true;
-    substituters = [
-      "local:"
-      "https://cache.nixos.org"
-      "http://hut/cache"
-    ];
-  };
+  services.nixseparatedebuginfod.enable = true;
 }

m/module/slurm-client.nix

@@ -1,4 +1,4 @@
-{ lib, pkgs, ... }:
+{ lib, ... }:
 
 {
   imports = [
@@ -21,20 +21,4 @@
   };
 
   services.slurm.client.enable = true;
-
-  # Only allow SSH connections from users who have a SLURM allocation
-  # See: https://slurm.schedmd.com/pam_slurm_adopt.html
-  security.pam.services.sshd.rules.account.slurm = {
-    control = "required";
-    enable = true;
-    modulePath = "${pkgs.slurm}/lib/security/pam_slurm_adopt.so";
-    args = [ "log_level=debug5" ];
-    order = 999999; # Make it last one
-  };
-
-  # Disable systemd session (pam_systemd.so) as it will conflict with the
-  # pam_slurm_adopt.so module. What happens is that the shell is first adopted
-  # into the slurmstepd task and then into the systemd session, which is not
-  # what we want, otherwise it will linger even if all jobs are gone.
-  security.pam.services.sshd.startSession = lib.mkForce false;
 }

m/module/slurm-common.nix

@@ -1,6 +1,31 @@
 { config, pkgs, ... }:
 
-{
+let
+  suspendProgram = pkgs.writeShellScript "suspend.sh" ''
+    exec 1>>/var/log/power_save.log 2>>/var/log/power_save.log
+    set -x
+    export "PATH=/run/current-system/sw/bin:$PATH"
+    echo "$(date) Suspend invoked $0 $*" >> /var/log/power_save.log
+    hosts=$(scontrol show hostnames $1)
+    for host in $hosts; do
+      echo Shutting down host: $host
+      ipmitool -I lanplus -H ''${host}-ipmi -P "" -U "" chassis power off
+    done
+  '';
+
+  resumeProgram = pkgs.writeShellScript "resume.sh" ''
+    exec 1>>/var/log/power_save.log 2>>/var/log/power_save.log
+    set -x
+    export "PATH=/run/current-system/sw/bin:$PATH"
+    echo "$(date) Suspend invoked $0 $*" >> /var/log/power_save.log
+    hosts=$(scontrol show hostnames $1)
+    for host in $hosts; do
+      echo Starting host: $host
+      ipmitool -I lanplus -H ''${host}-ipmi -P "" -U "" chassis power on
+    done
+  '';
+
+in {
   services.slurm = {
     controlMachine = "apex";
     clusterName = "jungle";
@@ -34,6 +59,16 @@
       # the resources. Use the task/cgroup plugin to enable process containment.
       TaskPlugin=task/affinity,task/cgroup
 
+      # Power off unused nodes until they are requested
+      SuspendProgram=${suspendProgram}
+      SuspendTimeout=60
+      ResumeProgram=${resumeProgram}
+      ResumeTimeout=300
+      SuspendExcNodes=fox
+
+      # Turn the nodes off after 1 hour of inactivity
+      SuspendTime=3600
+
       # Reduce port range so we can allow only this range in the firewall
       SrunPortRange=60000-61000
 

m/owl1/configuration.nix

@@ -20,7 +20,7 @@
       address = "10.0.40.1";
       prefixLength = 24;
     } ];
-    interfaces.ibs785.ipv4.addresses = [ {
+    interfaces.ibp5s0.ipv4.addresses = [ {
       address = "10.0.42.1";
       prefixLength = 24;
     } ];

m/owl2/configuration.nix

@@ -21,7 +21,7 @@
       prefixLength = 24;
     } ];
     # Watch out! The OmniPath device is not in the same place here:
-    interfaces.ibs801.ipv4.addresses = [ {
+    interfaces.ibp129s0.ipv4.addresses = [ {
       address = "10.0.42.2";
       prefixLength = 24;
     } ];

m/tent/gitea.nix

@@ -27,7 +27,4 @@
       };
     };
   };
-
-  # Allow gitea user to send mail
-  users.users.gitea.extraGroups = [ "mail-robot" ];
 }

overlay.nix

@@ -30,8 +30,7 @@ let
       amd-uprof-driver = _prev.callPackage ./pkgs/amd-uprof/driver.nix { };
     });
     lmbench = callPackage ./pkgs/lmbench/default.nix { };
-    # Broken and unmantained
-    # mcxx = callPackage ./pkgs/mcxx/default.nix { };
+    mcxx = callPackage ./pkgs/mcxx/default.nix { };
     meteocat-exporter = prev.callPackage ./pkgs/meteocat-exporter/default.nix { };
     mpi = final.mpich; # Set MPICH as default
     mpich = callPackage ./pkgs/mpich/default.nix { mpich = prev.mpich; };
@@ -62,14 +61,7 @@ let
     tagaspi = callPackage ./pkgs/tagaspi/default.nix { };
     tampi = callPackage ./pkgs/tampi/default.nix { };
     upc-qaire-exporter = prev.callPackage ./pkgs/upc-qaire-exporter/default.nix { };
-    taopencl = callPackage ./pkgs/taopencl/default.nix { };
     wxparaver = callPackage ./pkgs/paraver/default.nix { };
-
-    _cuda = prev._cuda.extend (_: _prev: final.lib.recursiveUpdate _prev {
-      extensions = _prev.extensions ++ [(finalAttrs: _: {
-        tacuda = finalAttrs.callPackage ./pkgs/tacuda/default.nix { };
-      })];
-    });
   };
 
   tests = rec {
@@ -109,16 +101,14 @@ let
   pkgsTopLevel = filterAttrs (_: isDerivation) bscPkgs;
 
   # Native build in that platform doesn't imply cross build works
-  canCrossCompile = platform: default: pkg:
+  canCrossCompile = platform: pkg:
     (isDerivation pkg) &&
-    # If meta.cross is undefined, use default
-    (pkg.meta.cross or default) &&
-    (meta.availableOn final.pkgsCross.${platform}.stdenv.hostPlatform pkg);
+    # Must be defined explicitly
+    (pkg.meta.cross or false) &&
+    (meta.availableOn platform pkg);
 
   # For now only RISC-V
-  crossSet = genAttrs [ "riscv64" ] (platform:
-    filterAttrs (_: canCrossCompile platform true)
-      final.pkgsCross.${platform}.bsc.pkgsTopLevel);
+  crossSet = { riscv64 = final.pkgsCross.riscv64.bsc.pkgsTopLevel; };
 
   buildList = name: paths:
     final.runCommandLocal name { } ''
@@ -138,7 +128,7 @@ let
   # For now only RISC-V
   crossList = buildList "ci-cross"
     (filter
-      (canCrossCompile "riscv64" false) # opt-in (pkgs with: meta.cross = true)
+      (canCrossCompile final.pkgsCross.riscv64.stdenv.hostPlatform)
         (builtins.attrValues crossSet.riscv64));
 
 in bscPkgs // {

pkgs/amd-uprof/default.nix

@@ -90,7 +90,7 @@ in
     meta = {
       description = "Performance analysis tool-suite for x86 based applications";
       homepage = "https://www.amd.com/es/developer/uprof.html";
-      platforms = [ "x86_64-linux" ];
+      platforms = lib.platforms.linux;
       license = lib.licenses.unfree;
       maintainers = with lib.maintainers.bsc; [ rarias varcila ];
     };

pkgs/amd-uprof/driver.nix

@@ -19,7 +19,7 @@ in stdenv.mkDerivation {
   '';
   hardeningDisable = [ "pic" "format" ];
   nativeBuildInputs = kernel.moduleBuildDependencies;
-  patches = [ ./makefile.patch ./hrtimer.patch ./remove-wr-rdmsrq.patch ];
+  patches = [ ./makefile.patch ./hrtimer.patch ];
   makeFlags = [
     "KERNEL_VERSION=${kernel.modDirVersion}"
     "KERNEL_DIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"

pkgs/amd-uprof/remove-wr-rdmsrq.patch

@@ -1,20 +0,0 @@
-diff --git a/inc/PwrProfAsm.h b/inc/PwrProfAsm.h
-index d77770a..c93a0e9 100644
---- a/inc/PwrProfAsm.h
-+++ b/inc/PwrProfAsm.h
-@@ -347,6 +347,7 @@
- 
- #endif
- 
-+/*
- #define rdmsrq(msr,val1,val2,val3,val4) ({ \
-         __asm__ __volatile__( \
-                               "rdmsr\n" \
-@@ -362,6 +363,7 @@
-                               :"c"(msr), "a"(val1), "d"(val2), "S"(val3), "D"(val4) \
-                             ); \
-     })
-+*/
- 
- #define rdmsrpw(msr,val1,val2,val3,val4) ({ \
-         __asm__ __volatile__( \

pkgs/cudainfo/default.nix

@@ -1,6 +1,5 @@
 {
   stdenv
-, lib
 , cudatoolkit
 , cudaPackages
 , autoAddDriverRunpath
@@ -12,7 +11,7 @@ stdenv.mkDerivation (finalAttrs: {
   src = ./.;
   buildInputs = [
     cudatoolkit # Required for nvcc
-    (lib.getOutput "static" cudaPackages.cuda_cudart) # Required for -lcudart_static
+    cudaPackages.cuda_cudart.static # Required for -lcudart_static
     autoAddDriverRunpath
   ];
   installPhase = ''
@@ -41,9 +40,4 @@ stdenv.mkDerivation (finalAttrs: {
     '';
     installPhase = "touch $out";
   };
-
-  meta = {
-    platforms = [ "x86_64-linux" ];
-    maintainers = with lib.maintainers.bsc; [ rarias ];
-  };
 })

pkgs/gpi-2/default.nix

@@ -43,7 +43,7 @@ stdenv.mkDerivation rec {
 
   configureFlags = [
     "--with-infiniband=${rdma-core-all}"
-    "--with-mpi=yes" # fixes mpi detection when cross-compiling
+    "--with-mpi=yes"
     "--with-slurm"
     "CFLAGS=-fPIC"
     "CXXFLAGS=-fPIC"
@@ -70,6 +70,6 @@ stdenv.mkDerivation rec {
     maintainers = with lib.maintainers.bsc; [ rarias ];
     platforms = lib.platforms.linux;
     license = lib.licenses.gpl3Plus;
-    cross = false; # infiniband detection does not work
+    cross = false;
   };
 }

pkgs/intel-oneapi/2023.nix

@@ -10,7 +10,7 @@
 , zlib
 , autoPatchelfHook
 , libfabric
-, gcc
+, gcc13
 , wrapCCWith
 }:
 
@@ -33,6 +33,8 @@ let
     maintainers = with lib.maintainers.bsc; [ abonerib ];
   };
 
+  gcc = gcc13;
+
   v = {
     hpckit   = "2023.1.0";
     compiler = "2023.1.0";

pkgs/llvm-ompss2/default.nix

@@ -27,10 +27,10 @@ let
   # We need to replace the lld linker from bintools with our linker just built,
   # otherwise we run into incompatibility issues when mixing compiler and linker
   # versions.
-  bintools-unwrapped = llvmPackages_latest.bintools-unwrapped.override {
+  bintools-unwrapped = llvmPackages_latest.tools.bintools-unwrapped.override {
     lld = clangOmpss2Unwrapped;
   };
-  bintools = llvmPackages_latest.bintools.override {
+  bintools = llvmPackages_latest.tools.bintools.override {
     bintools = bintools-unwrapped;
   };
   targetConfig = stdenv.targetPlatform.config;

pkgs/mcxx/default.nix

@@ -65,7 +65,6 @@ stdenv.mkDerivation rec {
   ];
 
   meta = {
-    broken = true;
     homepage = "https://github.com/bsc-pm/mcxx";
     description = "C/C++/Fortran source-to-source compilation infrastructure aimed at fast prototyping";
     maintainers = with lib.maintainers.bsc; [ rpenacob ];

pkgs/meteocat-exporter/default.nix

@@ -1,11 +1,9 @@
 { python3Packages, lib }:
 
-python3Packages.buildPythonApplication {
+python3Packages.buildPythonApplication rec {
   pname = "meteocat-exporter";
   version = "1.0";
 
-  pyproject = true;
-
   src = ./.;
 
   doCheck = false;

pkgs/mpich/default.nix

@@ -12,7 +12,6 @@
 # For each arch
 , enableFortran ? stdenv.hostPlatform == stdenv.buildPlatform
 , perl
-, targetPackages
 }:
 
 let
@@ -46,10 +45,10 @@ in mpich.overrideAttrs (old: {
   ];
 
   preFixup = ''
-    sed -i 's:^CC=.*:CC=${targetPackages.stdenv.cc}/bin/${targetPackages.stdenv.cc.targetPrefix}cc:' $out/bin/mpicc
-    sed -i 's:^CXX=.*:CXX=${targetPackages.stdenv.cc}/bin/${targetPackages.stdenv.cc.targetPrefix}c++:' $out/bin/mpicxx
+    sed -i "s:^CC=.*:CC=''${CC:-gcc}:" $out/bin/mpicc
+    sed -i "s:^CXX=.*:CXX=''${CXX:-g++}:" $out/bin/mpicxx
   '' + lib.optionalString enableFortran ''
-    sed -i 's:^FC=.*:FC=${targetPackages.gfortran or gfortran}/bin/${targetPackages.gfortran.targetPrefix or gfortran.targetPrefix}gfortran:' $out/bin/mpifort
+    sed -i "s:^FC=.*:FC=''${FC:-gfortran}:" $out/bin/mpifort
   '';
 
   hardeningDisable = [ "all" ];

pkgs/osu/default.nix

@@ -32,11 +32,6 @@ stdenv.mkDerivation rec {
       "CXX=mpicxx"
   ];
 
-  env = {
-    MPICH_CC="${stdenv.cc}/bin/${stdenv.cc.targetPrefix}cc";
-    MPICH_CXX="${stdenv.cc}/bin/${stdenv.cc.targetPrefix}c++";
-  };
-
   postInstall = ''
     mkdir -p $out/bin
     for f in $(find $out -executable -type f); do

pkgs/paraver/default.nix

@@ -12,7 +12,7 @@
 , paraverKernel
 , openssl
 , glibcLocales
-, wrapGAppsHook3
+, wrapGAppsHook
 }:
 
 let
@@ -64,7 +64,7 @@ stdenv.mkDerivation rec {
     autoconf
     automake
     autoreconfHook
-    wrapGAppsHook3
+    wrapGAppsHook
   ];
 
   buildInputs = [

pkgs/tacuda/default.nix

@@ -1,72 +0,0 @@
-{
-  backendStdenv,
-  fetchFromGitHub,
-  automake,
-  autoconf,
-  libtool,
-  gnumake,
-  autoreconfHook,
-  boost,
-  cudatoolkit,
-  libcublas,
-  cuda_cudart,
-
-  useGit ? false,
-  gitUrl ? "git@gitlab-internal.bsc.es:task-awareness/tacuda/tacuda.git",
-  gitBranch ? "main",
-  gitCommit ? "35234f9445e6149a2bd38d119841e2485d6ee05e",
-}:
-
-let
-
-  release_ver = "2.1.0";
-  release = {
-    version = release_ver;
-    src = fetchFromGitHub {
-      owner = "bsc-pm";
-      repo = "tacuda";
-      rev = release_ver;
-      hash = "sha256-Cj3EiLVJSLvRv0ydeg7Vp4SpkniEqHkcWF+YOJQ8EcM=";
-    };
-  };
-
-  git = rec {
-    version = src.shortRev;
-    src = builtins.fetchGit {
-      url = gitUrl;
-      ref = gitBranch;
-      rev = gitCommit;
-    };
-  };
-
-  source = if (useGit) then git else release;
-
-in
-
-backendStdenv.mkDerivation {
-  pname = "tacuda";
-  inherit (source) src version;
-
-  enableParallelBuilding = true;
-  separateDebugInfo = true;
-  strictDeps = true;
-
-  nativeBuildInputs = [
-    autoreconfHook
-    automake
-    autoconf
-    libtool
-    gnumake
-  ];
-
-  patches = [ ./fix_config.patch ];
-
-  configureFlags = [ "--with-cuda-include=${cudatoolkit}/include" ];
-
-  buildInputs = [
-    boost
-    libcublas
-    cuda_cudart
-  ];
-
-}

pkgs/tacuda/fix_config.patch

@@ -1,13 +0,0 @@
-diff --git a/m4/cuda.m4 b/m4/cuda.m4
-index 23f5c94..8f9b534 100644
---- a/m4/cuda.m4
-+++ b/m4/cuda.m4
-@@ -40,7 +40,7 @@ search_libs="cuda cublas cudart"
- required_libs=""
- 
- m4_foreach([function],
--           [cuInit,
-+           [
- 	    cublasSgemm,
-             cudaStreamCreate,
-             cudaLaunchKernel,

pkgs/taopencl/default.nix

@@ -1,48 +0,0 @@
-{
-  stdenv,
-  automake,
-  autoconf,
-  libtool,
-  gnumake,
-  boost,
-  mpi,
-  autoreconfHook,
-  ocl-icd,
-  opencl-headers,
-}:
-
-stdenv.mkDerivation (finalAttrs: {
-  pname = "taopencl";
-  version = finalAttrs.src.shortRev;
-
-  src = builtins.fetchGit {
-    url = "git@gitlab-internal.bsc.es:task-awareness/taopencl/taopencl.git";
-    ref = "master";
-    rev = "c3b7b32ae8fa4af7ceff598532a881f8f1490aaf";
-  };
-
-  enableParallelBuilding = true;
-  separateDebugInfo = true;
-  strictDeps = true;
-
-  configureFlags = [
-    "--with-opencl-lib=${ocl-icd}/lib"
-    "--with-opencl-include=${opencl-headers}/include"
-  ];
-
-  nativeBuildInputs = [
-    autoreconfHook
-    automake
-    autoconf
-    libtool
-    gnumake
-  ];
-
-  buildInputs = [
-    boost
-    mpi
-  ];
-
-  dontDisableStatic = true;
-  hardeningDisable = [ "all" ];
-})

pkgs/upc-qaire-exporter/default.nix

@@ -1,11 +1,9 @@
 { python3Packages, lib }:
 
-python3Packages.buildPythonApplication {
+python3Packages.buildPythonApplication rec {
   pname = "upc-qaire-exporter";
   version = "1.0";
 
-  pyproject = true;
-
   src = ./.;
 
   doCheck = false;