Remove conflicting definitions in amd-uprof-driver

See: https://lkml.org/lkml/2025/4/9/1709

flake.lock

@@ -2,11 +2,11 @@
   "nodes": {
     "nixpkgs": {
       "locked": {
-        "lastModified": 1767634882,
-        "narHash": "sha256-2GffSfQxe3sedHzK+sTKlYo/NTIAGzbFCIsNMUPAAnk=",
+        "lastModified": 1764522689,
+        "narHash": "sha256-SqUuBFjhl/kpDiVaKLQBoD8TLD+/cTUzzgVFoaHrkqY=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "3c9db02515ef1d9b6b709fc60ba9a540957f661c",
+        "rev": "8bb5646e0bed5dbd3ab08c7a7cc15b75ab4e1d0f",
         "type": "github"
       },
       "original": {

m/apex/configuration.nix

@@ -57,18 +57,6 @@
     };
   };
 
-  services.fail2ban = {
-    enable = true;
-    maxretry = 5;
-    bantime-increment = {
-      enable = true; # Double ban time on each attack
-      maxtime = "7d"; # Ban up to a week
-    };
-  };
-
-  # Disable SSH login with password, allow only keypair
-  services.openssh.settings.PasswordAuthentication = false;
-
   networking.firewall = {
     extraCommands = ''
       # Blackhole BSC vulnerability scanner (OpenVAS) as it is spamming our

m/bay/configuration.nix

@@ -24,7 +24,7 @@
       address = "10.0.40.40";
       prefixLength = 24;
     } ];
-    interfaces.ibs785.ipv4.addresses = [ {
+    interfaces.ibp5s0.ipv4.addresses = [ {
       address = "10.0.42.40";
       prefixLength = 24;
     } ];

m/common/base/env.nix

@@ -2,36 +2,11 @@
 
 {
   environment.systemPackages = with pkgs; [
-    cmake
-    ethtool
-    file
-    freeipmi
-    git
-    gnumake
-    home-manager
-    htop
-    ipmitool
-    ldns
-    lm_sensors
-    ncdu
-    nix-diff
-    nix-index
-    nix-output-monitor
-    nixfmt-tree
-    nixos-option
-    pciutils
-    perf
-    pv
-    ripgrep
-    tcpdump
-    tmux
-    tree
-    vim
-    wget
-
+    vim wget git htop tmux pciutils tcpdump ripgrep nix-index nixos-option
+    nix-diff ipmitool freeipmi ethtool lm_sensors cmake gnumake file tree
+    ncdu perf ldns pv
     # From jungle overlay
-    nixgen
-    osumb
+    osumb nixgen
   ];
 
   programs.direnv.enable = true;

m/common/base/users.nix

@@ -139,7 +139,6 @@
         openssh.authorizedKeys.keys = [
           "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKGt0ESYxekBiHJQowmKpfdouw0hVm3N7tUMtAaeLejK vincent@varch"
         ];
-        shell = pkgs.zsh;
       };
 
       pmartin1 = {
@@ -194,19 +193,6 @@
           "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOlRX7ZCnqtUJYCxKgWmgSrFCYuA2LHY96rVwqxXPl86 aaguirre@BSC-8488184117"
         ];
       };
-
-      emonteir = {
-        uid = 9656;
-        isNormalUser = true;
-        home = "/home/Computational/emonteir";
-        description = "Erwin Royson Monteiro";
-        group = "Computational";
-        hosts = [ "apex" "fox" ];
-        hashedPassword = "$6$0mU88zd3ZuK5NiJQ$DFWL5RMLH6esQM5UyhBCiiNryw4lDDmvJp7Usz3tmevnsiSJr6u0RsUKAnR/K8GRBFrV1.GocrgNjKjik5GY//";
-        openssh.authorizedKeys.keys = [
-          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOKZKot/Y3F5Wq9pQIXlCbyvQuVVeWMCsAC96Nd+LTcG erwin@Oreo"
-        ];
-      };
     };
 
     groups = {

m/eudy/kernel/perf.nix

@@ -1,6 +1,11 @@
-{ pkgs, lib, ... }:
+{ config, pkgs, lib, ... }:
 
 {
+  # add the perf tool
+  environment.systemPackages = with pkgs; [
+    config.boot.kernelPackages.perf
+  ];
+
   # allow non-root users to read tracing data from the kernel
   boot.kernel.sysctl."kernel.perf_event_paranoid" = -2;
   boot.kernel.sysctl."kernel.kptr_restrict" = 0;

m/hut/configuration.nix

@@ -45,7 +45,7 @@
       address = "10.0.40.7";
       prefixLength = 24;
     } ];
-    interfaces.ibs785.ipv4.addresses = [ {
+    interfaces.ibp5s0.ipv4.addresses = [ {
       address = "10.0.42.7";
       prefixLength = 24;
     } ];

m/hut/nginx.nix

@@ -4,8 +4,8 @@ let
     name = "jungle-web";
     src = pkgs.fetchgit {
       url = "https://jungle.bsc.es/git/rarias/jungle-website.git";
-      rev = "5f18335d14126d2fef134c0cd441771436f7dfa1";
-      hash = "sha256-s9VBF91sQ7hg9+lrwNFPYgoXTTyXaQcAulCiGJgWERo=";
+      rev = "52abaf4d71652a9ef77a0b098db14ca33bffff4c";
+      hash = "sha256-/ul9GazbOrOkmlvSgDz/+2W+V+ir5725Y7mVLc3rb0M=";
     };
     buildInputs = [ pkgs.hugo ];
     buildPhase = ''

m/lake2/configuration.nix

@@ -46,7 +46,7 @@
       address = "10.0.40.42";
       prefixLength = 24;
     } ];
-    interfaces.ibs785.ipv4.addresses = [ {
+    interfaces.ibp5s0.ipv4.addresses = [ {
       address = "10.0.42.42";
       prefixLength = 24;
     } ];

m/module/tc1-board.nix

@@ -1,27 +0,0 @@
-{ lib, pkgs, ... }:
-
-{
-  # Allow user access to FTDI USB device
-  services.udev.packages = lib.singleton (pkgs.writeTextFile {
-    # Needs to be < 73
-    name = "60-ftdi-tc1.rules";
-    text = ''
-      # Bus 003 Device 003: ID 0403:6011 Future Technology Devices International, Ltd FT4232H Quad HS USB-UART/FIFO IC
-      # Use := to make sure it doesn't get changed later
-      SUBSYSTEMS=="usb", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6011", MODE:="0666"
-    '';
-    destination = "/etc/udev/rules.d/60-ftdi-tc1.rules";
-  });
-
-  # Allow access to USB for docker in GitLab runner
-  services.gitlab-runner = {
-    services.gitlab-bsc-docker = {
-      registrationFlags = [
-        # We need raw access to the USB port to reboot the board
-        "--docker-devices /dev/bus/usb/003/003"
-        # And TTY access for the serial port
-        "--docker-devices /dev/ttyUSB2"
-      ];
-    };
-  };
-}

m/owl1/configuration.nix

@@ -20,7 +20,7 @@
       address = "10.0.40.1";
       prefixLength = 24;
     } ];
-    interfaces.ibs785.ipv4.addresses = [ {
+    interfaces.ibp5s0.ipv4.addresses = [ {
       address = "10.0.42.1";
       prefixLength = 24;
     } ];

m/owl2/configuration.nix

@@ -21,7 +21,7 @@
       prefixLength = 24;
     } ];
     # Watch out! The OmniPath device is not in the same place here:
-    interfaces.ibs801.ipv4.addresses = [ {
+    interfaces.ibp129s0.ipv4.addresses = [ {
       address = "10.0.42.2";
       prefixLength = 24;
     } ];

m/tent/configuration.nix

@@ -11,15 +11,11 @@
     ./nix-serve.nix
     ./gitlab-runner.nix
     ./gitea.nix
-    ./openproject.nix
-    ./redmine.nix
-    ./vikunja.nix
     ../hut/public-inbox.nix
     ../hut/msmtp.nix
     ../module/p.nix
     ../module/vpn-dac.nix
     ../module/hut-substituter.nix
-    ../module/tc1-board.nix
   ];
 
   # Select the this using the ID to avoid mismatches

m/tent/gitea.nix

@@ -27,7 +27,4 @@
       };
     };
   };
-
-  # Allow gitea user to send mail
-  users.users.gitea.extraGroups = [ "mail-robot" ];
 }

m/tent/nginx.nix

@@ -4,8 +4,8 @@ let
     name = "jungle-web";
     src = pkgs.fetchgit {
       url = "https://jungle.bsc.es/git/rarias/jungle-website.git";
-      rev = "5f18335d14126d2fef134c0cd441771436f7dfa1";
-      hash = "sha256-s9VBF91sQ7hg9+lrwNFPYgoXTTyXaQcAulCiGJgWERo=";
+      rev = "52abaf4d71652a9ef77a0b098db14ca33bffff4c";
+      hash = "sha256-/ul9GazbOrOkmlvSgDz/+2W+V+ir5725Y7mVLc3rb0M=";
     };
     buildInputs = [ pkgs.hugo ];
     buildPhase = ''
@@ -52,16 +52,6 @@ in
           proxy_pass http://127.0.0.1:8081;
           proxy_redirect http:// $scheme://;
         }
-        location /op {
-          proxy_pass http://127.0.0.1:8080;
-          proxy_pass_header  Server;
-          proxy_redirect     off;
-          proxy_set_header   X-Forwarded-Proto https;          
-          proxy_set_header   Host $host;
-          proxy_set_header   X-Real-IP $remote_addr;
-          proxy_set_header   X-Scheme $scheme;
-          proxy_pass_request_headers on;
-        }
         location /grafana {
           proxy_pass http://127.0.0.1:2342;
           proxy_redirect http:// $scheme://;

m/tent/openproject.nix

@@ -1,51 +0,0 @@
-{ pkgs, ... }:
-
-let
-  dataDir = "/var/lib/openproject/assets";
-in
-{
-  # TODO: Create a new user and group to run openproject
-
-  # Ensure directory exists
-  systemd.tmpfiles.rules = [
-    "d ${dataDir} 777 root root"
-  ];
-
-  systemd.services.openproject = let
-    openprojectSrc = pkgs.fetchFromGitHub {
-      owner = "opf";
-      repo = "openproject-docker-compose";
-      rev = "b66694f26020a205fbefd697530fee287d1ddea2"; # branch stable/17
-      sha256 = "sha256-m23vM0NyaTA54sjAHlFJ8mOhOjqp9CAciLx4UxzFfHI=";
-    };
-    envFile = pkgs.writeText ".env" ''
-    # https://www.openproject.org/docs/installation-and-operations/configuration/environment/
-    TAG=17-slim
-    OPENPROJECT_HTTPS=true
-    SECRET_KEY_BASE=OVERWRITE_ME
-    OPENPROJECT_HOST__NAME=jungle.bsc.es
-    PORT=127.0.0.1:8080
-    OPENPROJECT_RAILS__RELATIVE__URL__ROOT=/op
-    IMAP_ENABLED=false
-    DATABASE_URL=postgres://postgres:p4ssw0rd@db/openproject?pool=20&encoding=unicode&reconnect=true
-    RAILS_MIN_THREADS=4
-    RAILS_MAX_THREADS=16
-    PGDATA="/var/lib/postgresql/data"
-    OPDATA="${dataDir}"
-    COLLABORATIVE_SERVER_URL=ws://localhost:8080/hocuspocus
-    COLLABORATIVE_SERVER_SECRET=secret12345
-    '';
-  in {
-    # Needs docker-compose package
-    path = with pkgs; [ docker-compose ];
-    script = ''
-      docker-compose \
-        -p openproject \
-        -f ${openprojectSrc}/docker-compose.yml \
-        --env-file ${envFile} \
-        up --build --pull always
-    '';
-    wantedBy = [ "multi-user.target" ];
-    after = [ "docker.service" "docker.socket" ];
-  };
-}

m/tent/redmine.nix

@@ -1,10 +0,0 @@
-{ pkgs, ... }:
-
-{
-  services.redmine = {
-    enable = true;
-    port = 3003;
-    database.type = "sqlite3";
-    # Redmine::Utils::relative_url_root = "/redmine" 
-  };
-}

m/tent/vikunja.nix

@@ -1,13 +0,0 @@
-{ pkgs, ... }:
-{
-  services.vikunja.enable = true;
-  services.vikunja.frontendScheme = "http";
-  services.vikunja.frontendHostname = "localhost";
-
-  # To run vikunja from a subdirectory we need to *sigh* rebuild it with the
-  # variable "VIKUNJA_FRONTEND_BASE" set to the subpath.
-  # See https://vikunja.io/docs/running-vikunja-in-a-subdirectory/
-  # services.vikunja.package = pkgs.vikunja.overrideAttrs (old: {
-  # });
-  #services.nginx.virtualHosts."jungle.bsc.es".locations."/vikunja".extraConfig
-}