From fb8b4defa7affd73f94453d08fadac4c8804e0a8 Mon Sep 17 00:00:00 2001
From: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Date: Tue, 10 Sep 2024 15:03:03 +0200
Subject: [PATCH 01/11] Only proxy SSH git remotes via hut in xeon

Other machines like raccoon have direct access.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
---
 m/common/base/ssh.nix | 4 ----
 m/common/xeon.nix     | 3 ++-
 m/common/xeon/ssh.nix | 8 ++++++++
 3 files changed, 10 insertions(+), 5 deletions(-)
 create mode 100644 m/common/xeon/ssh.nix

diff --git a/m/common/base/ssh.nix b/m/common/base/ssh.nix
index b5310762..92c2c70d 100644
--- a/m/common/base/ssh.nix
+++ b/m/common/base/ssh.nix
@@ -13,10 +13,6 @@ in
     Host bscpm02.bsc.es bscpm03.bsc.es bscpm04.bsc.es gitlab-internal.bsc.es alya.gitlab.bsc.es
       User git
       ProxyCommand nc -X connect -x hut:23080 %h %p
-
-    # Connect to BSC machines via hut proxy too
-    Host amdlogin1.bsc.es armlogin1.bsc.es hualogin1.bsc.es glogin1.bsc.es glogin2.bsc.es fpgalogin1.bsc.es
-      ProxyCommand nc -X connect -x hut:23080 %h %p
   '';
 
   programs.ssh.knownHosts = hostsKeys // {
diff --git a/m/common/xeon.nix b/m/common/xeon.nix
index 30cf73c3..146e018c 100644
--- a/m/common/xeon.nix
+++ b/m/common/xeon.nix
@@ -2,8 +2,9 @@
   # Provides the base system for a xeon node.
   imports = [
     ./base.nix
-    ./xeon/fs.nix
     ./xeon/console.nix
+    ./xeon/fs.nix
     ./xeon/net.nix
+    ./xeon/ssh.nix
   ];
 }
diff --git a/m/common/xeon/ssh.nix b/m/common/xeon/ssh.nix
new file mode 100644
index 00000000..86978f97
--- /dev/null
+++ b/m/common/xeon/ssh.nix
@@ -0,0 +1,8 @@
+{
+  # Connect to intranet git hosts via proxy
+  programs.ssh.extraConfig = ''
+    # Connect to BSC machines via hut proxy too
+    Host amdlogin1.bsc.es armlogin1.bsc.es hualogin1.bsc.es glogin1.bsc.es glogin2.bsc.es fpgalogin1.bsc.es
+      ProxyCommand nc -X connect -x hut:23080 %h %p
+  '';
+}
-- 
2.51.2


From b4ab1c836a776ca966e1e447186d12a4963bd0d3 Mon Sep 17 00:00:00 2001
From: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Date: Mon, 14 Oct 2024 19:12:25 +0200
Subject: [PATCH 02/11] Enable linger for user rarias

Allows services to run without a login session.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
---
 m/common/base/users.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/m/common/base/users.nix b/m/common/base/users.nix
index 229be8c7..c84c53c1 100644
--- a/m/common/base/users.nix
+++ b/m/common/base/users.nix
@@ -20,6 +20,7 @@
       rarias = {
         uid = 1880;
         isNormalUser = true;
+        linger = true;
         home = "/home/Computational/rarias";
         description = "Rodrigo Arias";
         group = "Computational";
-- 
2.51.2


From 2a3a7b2fb282bc584972d4e8931c101b46dd626e Mon Sep 17 00:00:00 2001
From: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Date: Tue, 18 Feb 2025 16:19:04 +0100
Subject: [PATCH 03/11] Allow X11 forwarding via SSH

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
---
 m/raccoon/configuration.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/m/raccoon/configuration.nix b/m/raccoon/configuration.nix
index dd15a82b..7ceb4249 100644
--- a/m/raccoon/configuration.nix
+++ b/m/raccoon/configuration.nix
@@ -37,6 +37,8 @@
   nixpkgs.config.nvidia.acceptLicense = true;
   services.xserver.videoDrivers = [ "nvidia" ];
 
+  services.openssh.settings.X11Forwarding = true;
+
   users.motd = ''
     ⠀⠀⠀⠀⠀⠀⠀⣀⣀⣄⣠⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
     ⠀⠀⠀⠀⠀⠀⢰⠇⡀⠀⠙⠻⡿⣦⣀⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⡀⠀⠀⠀⠀
-- 
2.51.2


From a6a1af673acc6fae233dea584ead35f743f6ac5f Mon Sep 17 00:00:00 2001
From: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Date: Tue, 25 Feb 2025 17:11:09 +0100
Subject: [PATCH 04/11] Add node exporter monitoring in raccoon

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
---
 m/raccoon/configuration.nix | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/m/raccoon/configuration.nix b/m/raccoon/configuration.nix
index 7ceb4249..9585aef4 100644
--- a/m/raccoon/configuration.nix
+++ b/m/raccoon/configuration.nix
@@ -39,6 +39,13 @@
 
   services.openssh.settings.X11Forwarding = true;
 
+  services.prometheus.exporters.node = {
+    enable = true;
+    enabledCollectors = [ "systemd" ];
+    port = 9002;
+    listenAddress = "127.0.0.1";
+  };
+
   users.motd = ''
     ⠀⠀⠀⠀⠀⠀⠀⣀⣀⣄⣠⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
     ⠀⠀⠀⠀⠀⠀⢰⠇⡀⠀⠙⠻⡿⣦⣀⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⡀⠀⠀⠀⠀
-- 
2.51.2


From 4e7a9f7ce4ac0bc2c0adc719613131671cd0074c Mon Sep 17 00:00:00 2001
From: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Date: Mon, 3 Mar 2025 13:55:23 +0100
Subject: [PATCH 05/11] Add dbautist user to raccoon machine

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
---
 m/common/base/users.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/m/common/base/users.nix b/m/common/base/users.nix
index c84c53c1..80aeda00 100644
--- a/m/common/base/users.nix
+++ b/m/common/base/users.nix
@@ -108,7 +108,7 @@
         home = "/home/Computational/dbautist";
         description = "Dylan Bautista Cases";
         group = "Computational";
-        hosts = [ "hut" ];
+        hosts = [ "hut" "raccoon" ];
         hashedPassword = "$6$a2lpzMRVkG9nSgIm$12G6.ka0sFX1YimqJkBAjbvhRKZ.Hl090B27pdbnQOW0wzyxVWySWhyDDCILjQELky.HKYl9gqOeVXW49nW7q/";
         openssh.authorizedKeys.keys = [
           "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAb+EQBoS98zrCwnGKkHKwMLdYABMTqv7q9E0+T0QmkS dbautist@bsc-848818791"
-- 
2.51.2


From 3fe138a41884adca67f7e75de96e6f65ea24a2d2 Mon Sep 17 00:00:00 2001
From: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Date: Tue, 18 Mar 2025 16:48:47 +0100
Subject: [PATCH 06/11] Disable nix garbage collector in raccoon

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
---
 m/raccoon/configuration.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/m/raccoon/configuration.nix b/m/raccoon/configuration.nix
index 9585aef4..1a384427 100644
--- a/m/raccoon/configuration.nix
+++ b/m/raccoon/configuration.nix
@@ -37,6 +37,9 @@
   nixpkgs.config.nvidia.acceptLicense = true;
   services.xserver.videoDrivers = [ "nvidia" ];
 
+  # Disable garbage collection for now
+  nix.gc.automatic = lib.mkForce false;
+
   services.openssh.settings.X11Forwarding = true;
 
   services.prometheus.exporters.node = {
-- 
2.51.2


From 37e60afb54367d50f0ab38cba3b35fed91d85850 Mon Sep 17 00:00:00 2001
From: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Date: Fri, 21 Mar 2025 17:51:41 +0100
Subject: [PATCH 07/11] Enable binfmt emulation in raccoon

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
---
 m/raccoon/configuration.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/m/raccoon/configuration.nix b/m/raccoon/configuration.nix
index 1a384427..28fa92dc 100644
--- a/m/raccoon/configuration.nix
+++ b/m/raccoon/configuration.nix
@@ -3,6 +3,7 @@
 {
   imports = [
     ../common/base.nix
+    ../module/emulation.nix
   ];
 
   # Don't install Grub on the disk yet
-- 
2.51.2


From a2535c996d29987445e3cc42b61790bd57b8dfde Mon Sep 17 00:00:00 2001
From: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Date: Mon, 5 May 2025 10:50:43 +0200
Subject: [PATCH 08/11] Make raccoon use performance governor

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
---
 m/raccoon/configuration.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/m/raccoon/configuration.nix b/m/raccoon/configuration.nix
index 28fa92dc..0e11ed42 100644
--- a/m/raccoon/configuration.nix
+++ b/m/raccoon/configuration.nix
@@ -31,6 +31,9 @@
     trusted-public-keys = [ "jungle.bsc.es:pEc7MlAT0HEwLQYPtpkPLwRsGf80ZI26aj29zMw/HH0=" ];
   };
 
+  # Enable performance governor
+  powerManagement.cpuFreqGovernor = "performance";
+
   # Configure Nvidia driver to use with CUDA
   hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.production;
   hardware.graphics.enable = true;
-- 
2.51.2


From 1d555871a51521a401231b95d246677f6af94ffa Mon Sep 17 00:00:00 2001
From: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Date: Tue, 6 May 2025 14:39:48 +0200
Subject: [PATCH 09/11] Enable nixdebuginfod in raccoon

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
---
 m/raccoon/configuration.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/m/raccoon/configuration.nix b/m/raccoon/configuration.nix
index 0e11ed42..18c79fb2 100644
--- a/m/raccoon/configuration.nix
+++ b/m/raccoon/configuration.nix
@@ -4,6 +4,7 @@
   imports = [
     ../common/base.nix
     ../module/emulation.nix
+    ../module/debuginfod.nix
   ];
 
   # Don't install Grub on the disk yet
-- 
2.51.2


From 7247f7e6650dd023bb7a019508aec3e90784f941 Mon Sep 17 00:00:00 2001
From: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Date: Thu, 15 May 2025 12:21:26 +0200
Subject: [PATCH 10/11] Extend perf support in raccoon

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
---
 m/raccoon/configuration.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/m/raccoon/configuration.nix b/m/raccoon/configuration.nix
index 18c79fb2..2482a164 100644
--- a/m/raccoon/configuration.nix
+++ b/m/raccoon/configuration.nix
@@ -5,6 +5,7 @@
     ../common/base.nix
     ../module/emulation.nix
     ../module/debuginfod.nix
+    ../eudy/kernel/perf.nix
   ];
 
   # Don't install Grub on the disk yet
-- 
2.51.2


From b802a598685a744c0029d488478cd7c97bae984a Mon Sep 17 00:00:00 2001
From: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Date: Thu, 15 May 2025 12:24:49 +0200
Subject: [PATCH 11/11] Create tracing group and add arocanon in raccoon

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
---
 m/common/base/users.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/m/common/base/users.nix b/m/common/base/users.nix
index 80aeda00..8e2ca80b 100644
--- a/m/common/base/users.nix
+++ b/m/common/base/users.nix
@@ -40,7 +40,7 @@
         home = "/home/Computational/arocanon";
         description = "Aleix Roca";
         group = "Computational";
-        extraGroups = [ "wheel" ];
+        extraGroups = [ "wheel" "tracing" ];
         hashedPassword = "$6$hliZiW4tULC/tH7p$pqZarwJkNZ7vS0G5llWQKx08UFG9DxDYgad7jplMD8WkZh5k58i4dfPoWtnEShfjTO6JHiIin05ny5lmSXzGM/";
         openssh.authorizedKeys.keys = [
           "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF3zeB5KSimMBAjvzsp1GCkepVaquVZGPYwRIzyzaCba aleix@bsc"
@@ -144,6 +144,7 @@
 
     groups = {
       Computational = { gid = 564; };
+      tracing = { };
     };
   };
 }
-- 
2.51.2