rarias/jungle
2
0
Fork 3
Code Issues 57 Pull Requests 7 Actions Packages Projects Releases Wiki Activity

WIP: Remove blobs and split website in another repository #186

Closed
rarias wants to merge 458 commits from remove-website into old-master
pull from: remove-website
merge into: rarias:old-master
Conversation 1 Commits 458 Files Changed 143 +26457 -209
rarias commented 2025-10-01 17:24:39 +02:00
Owner
Copy Link

This PR REWRITES THE HISTORY to remove big blob files (PDFs) as well as the website. The idea is to keep this repository small, so we reduce the time to copy it to the store in each evaluation.

Fixes #171

Move the website to another repo: https://jungle.bsc.es/git/rarias/jungle-website

There are two kernel config files which are the largest files now. As they don't seem to be used, maybe we can also get rid of them? @arocanon :

apex% git ls-tree -r --long HEAD | sort -k 4 -n -r | head -20
100644 blob d260acc903aba42a871a67d46ce3e35d27931963  252089    m/eudy/kernel/configs/lockdep
100644 blob 20bdc2b94be6dbfe267e1cca6057c3c394b8f615  251927    m/eudy/kernel/configs/defconfig
100644 blob 815500b5461de132aebaf76814f093556e21c4a4   22881    pkgs/cudainfo/cudainfo.cpp
100644 blob 0c1cb78add8738fa5d63a0ca61cca63ce3904745    8408    m/hut/monitoring.nix
100644 blob 6717fefd47232f5111a61df1dd0f4281c92ca892    7676    m/common/base/users.nix
100644 blob c241806b704c83ee602c0053232b0af43e07a8b2    6480    m/tent/monitoring.nix
100644 blob 38ce71988f3ddc2dcc99767febe48b4a4b1e51b0    6204    m/raccoon/configuration.nix
100644 blob aec0d98fafaa20e7e9963a3027207028ec302a0c    5775    m/module/vpn-dac/client.crt
100644 blob 5cfcb7fba45807203c565f4fd5df1f79578689b9    5167    m/common/base/zsh.nix
100644 blob 2fe7c1cb2d2a24e71e5311b75f1fb449da0f438f    4955    m/hut/gitlab-runner.nix
100644 blob cee67c9c213e186742b951aae725e5b831d91813    4077    doc/install.md
100644 blob 180e2a546b23c551a046575148f6776a318a8c6f    3976    m/module/slurm-common.nix
100644 blob 8c381f86d72128aefc4e72f8dfabb8cfb55493d9    3735    m/fox/configuration.nix
100644 blob 166b8ca5412e04f38cd30aad12bc4d9d6165f559    3611    m/tent/gitlab-runner.nix
100644 blob 7ebd0bb8463355e03b73e266ef180ec10206ecbc    3577    m/map.nix
100644 blob 30ed5ac66892ce7edaedeb6437a039883e4afbfb    3219    flake.lock
100644 blob 47e82644a05b614514711cf26c7888eebc7053a6    2979    m/bay/configuration.nix
100644 blob 8334d5078d3bf06545bd0be5bc6df391af0bf6aa    2621    m/apex/nfs.nix
100644 blob 7e36ceed80b343b1af59b7544199bcc7ea842c97    2621    pkgs/amd-uprof/makefile.patch
100644 blob a67e5aeaf2349dd7afcbe62a039e39224ef864dd    2401    m/lake2/configuration.nix

If I did the math correctly, removing them reduces the size of the reachable objects from 2.78MiB to 2.27MiB:

apex% git rev-list --objects HEAD | git cat-file --batch-check='%(objecttype) %(objectname) %(objectsize) %(rest)' | sort -r --numeric-sort --key=3 | awk '{ n+= $3 } END { print n}'
2781561
apex% git rev-list --objects HEAD | git cat-file --batch-check='%(objecttype) %(objectname) %(objectsize) %(rest)' | sort -r --numeric-sort --key=3 | tail -n +3 | awk '{ n+= $3 } END { print n}'
2277545

And the flake size goes from 1.2MiB to 700KiB which is what is copied to the store:

apex% du -sh /nix/store/r5aihfkzij1vjspm2xmpvph4q39n38hz-source
30M     /nix/store/r5aihfkzij1vjspm2xmpvph4q39n38hz-source # original
apex% du -sh /nix/store/p2a4lscpihd2xbyaifyrfnrd9hbmqp31-source
1,2M    /nix/store/p2a4lscpihd2xbyaifyrfnrd9hbmqp31-source # blobs removed
apex% du -sh /nix/store/7c4hrhlyf1g183nhql5c2mykjn7zhk0g-source
700K    /nix/store/7c4hrhlyf1g183nhql5c2mykjn7zhk0g-source # kernel config removed
Gitea is unable to properly compute the diff, but is here: 
apex% git diff 00fe0f46a1143e23d334250dc47fdee2a9320221 --stat
 doc/Intel_Server_Board_S2600WF_TPS_2_6.pdf                        | Bin 8010543 -> 0 bytes
 doc/R1000WF_SystemIntegration_and_ServiceGuide_Rev2_4.pdf         | Bin 13917196 -> 0 bytes
 doc/SEL_TroubleshootingGuide.pdf                                  | Bin 3516866 -> 0 bytes
 doc/bsc-ssf.pdf                                                   | Bin 687323 -> 0 bytes
 web/.gitignore                                                    |   1 -
 web/archetypes/default.md                                         |   6 -
 web/content/_index.md                                             |  25 --
 web/content/access/cave.jpg                                       | Bin 481271 -> 0 bytes
 web/content/access/index.md                                       |  16 -
 web/content/doc/_index.md                                         |  10 -
 web/content/doc/quickstart.md                                     | 234 -------------
 web/content/eudy/_index.md                                        |  10 -
 web/content/eudy/eudy.jpg                                         | Bin 215556 -> 0 bytes
 web/content/fox/_index.md                                         | 117 -------
 web/content/fox/fox.jpg                                           | Bin 128767 -> 0 bytes
 web/content/git/_index.md                                         |   6 -
 web/content/grafana/_index.md                                     |   6 -
 web/content/hut/_index.md                                         | 127 -------
 web/content/hut/hut.jpg                                           | Bin 182453 -> 0 bytes
 web/content/lake/_index.md                                        |  10 -
 web/content/lake/lake.jpg                                         | Bin 147039 -> 0 bytes
 web/content/lists/_index.md                                       |   6 -
 web/content/owl/_index.md                                         |  18 -
 web/content/owl/owl.jpg                                           | Bin 50084 -> 0 bytes
 web/content/paste/_index.md                                       |  68 ----
 web/content/posts/2023-09-12/_index.md                            |  71 ----
 web/content/posts/2023-09-12/power.png                            | Bin 58985 -> 0 bytes
 web/content/posts/2025-09-26/_index.md                            |  49 ---
 web/content/posts/2025-09-26/temp.png                             | Bin 99349 -> 0 bytes
 web/hugo.toml                                                     |  40 ---
 web/static/hut-big.jpg                                            | Bin 231398 -> 0 bytes
 web/static/jungle.jpg                                             | Bin 332764 -> 0 bytes
 web/static/nodes.jpg                                              | Bin 433858 -> 0 bytes
 web/static/rainforest.jpg                                         | Bin 89494 -> 0 bytes
 web/themes/PaperMod/.github/ISSUE_TEMPLATE/bug_report.md          |  50 ---
 web/themes/PaperMod/.github/ISSUE_TEMPLATE/config.yml             |   5 -
 web/themes/PaperMod/.github/ISSUE_TEMPLATE/new-blank-issue.md     |   7 -
 web/themes/PaperMod/.github/PULL_REQUEST_TEMPLATE.md              |  44 ---
 web/themes/PaperMod/.github/stale.yml                             |  17 -
 web/themes/PaperMod/.github/workflows/gh-pages.yml                |  80 -----
 web/themes/PaperMod/LICENSE                                       |  22 --
 web/themes/PaperMod/README.md                                     | 103 ------
 web/themes/PaperMod/assets/css/common/404.css                     |  11 -
 web/themes/PaperMod/assets/css/common/archive.css                 |  44 ---
 web/themes/PaperMod/assets/css/common/footer.css                  |  60 ----
 web/themes/PaperMod/assets/css/common/header.css                  |  93 ------
 web/themes/PaperMod/assets/css/common/main.css                    |  68 ----
 web/themes/PaperMod/assets/css/common/post-entry.css              | 104 ------
 web/themes/PaperMod/assets/css/common/post-single.css             | 402 ----------------------
 web/themes/PaperMod/assets/css/common/profile-mode.css            |  42 ---
 web/themes/PaperMod/assets/css/common/search.css                  |  45 ---
 web/themes/PaperMod/assets/css/common/terms.css                   |  18 -
 web/themes/PaperMod/assets/css/core/license.css                   |   6 -
 web/themes/PaperMod/assets/css/core/reset.css                     | 116 -------
 web/themes/PaperMod/assets/css/core/theme-vars.css                |  38 ---
 web/themes/PaperMod/assets/css/core/zmedia.css                    |  49 ---
 web/themes/PaperMod/assets/css/extended/blank.css                 |   5 -
 web/themes/PaperMod/assets/css/hljs/an-old-hope.min.css           |  63 ----
 web/themes/PaperMod/assets/css/includes/scroll-bar.css            |  63 ----
 web/themes/PaperMod/assets/js/fastsearch.js                       | 147 --------
 web/themes/PaperMod/assets/js/fuse.basic.min.js                   |   9 -
 web/themes/PaperMod/assets/js/highlight.min.js                    |  44 ---
 web/themes/PaperMod/assets/js/license.js                          |   6 -
 web/themes/PaperMod/go.mod                                        |   3 -
 web/themes/PaperMod/i18n/ar.yaml                                  |  28 --
 web/themes/PaperMod/i18n/be.yaml                                  |  39 ---
 web/themes/PaperMod/i18n/bg.yaml                                  |  16 -
 web/themes/PaperMod/i18n/bn.yaml                                  |  33 --
 web/themes/PaperMod/i18n/ca.yaml                                  |  19 --
 web/themes/PaperMod/i18n/ckb.yaml                                 |  25 --
 web/themes/PaperMod/i18n/da.yaml                                  |  28 --
 web/themes/PaperMod/i18n/de.yaml                                  |  33 --
 web/themes/PaperMod/i18n/el.yaml                                  |  33 --
 web/themes/PaperMod/i18n/en.yaml                                  |  33 --
 web/themes/PaperMod/i18n/eo.yaml                                  |  25 --
 web/themes/PaperMod/i18n/es.yaml                                  |  33 --
 web/themes/PaperMod/i18n/fa.yaml                                  |  28 --
 web/themes/PaperMod/i18n/fr.yaml                                  |  33 --
 web/themes/PaperMod/i18n/he.yaml                                  |  33 --
 web/themes/PaperMod/i18n/hi.yaml                                  |  19 --
 web/themes/PaperMod/i18n/hr.yaml                                  |  33 --
 web/themes/PaperMod/i18n/hu.yaml                                  |  16 -
 web/themes/PaperMod/i18n/id.yaml                                  |  33 --
 web/themes/PaperMod/i18n/it.yaml                                  |  33 --
 web/themes/PaperMod/i18n/ja.yaml                                  |  33 --
 web/themes/PaperMod/i18n/ko.yaml                                  |  33 --
 web/themes/PaperMod/i18n/ku.yaml                                  |  25 --
 web/themes/PaperMod/i18n/mn.yaml                                  |  25 --
 web/themes/PaperMod/i18n/ms.yaml                                  |  28 --
 web/themes/PaperMod/i18n/nl.yaml                                  |  33 --
 web/themes/PaperMod/i18n/pl.yaml                                  |  33 --
 web/themes/PaperMod/i18n/pt.yaml                                  |  33 --
 web/themes/PaperMod/i18n/ru.yaml                                  |  39 ---
 web/themes/PaperMod/i18n/sv.yaml                                  |  28 --
 web/themes/PaperMod/i18n/tr.yaml                                  |  33 --
 web/themes/PaperMod/i18n/uk.yaml                                  |  25 --
 web/themes/PaperMod/i18n/uz.yaml                                  |  20 --
 web/themes/PaperMod/i18n/vi.yaml                                  |  25 --
 web/themes/PaperMod/i18n/zh-tw.yaml                               |  33 --
 web/themes/PaperMod/i18n/zh.yaml                                  |  33 --
 web/themes/PaperMod/images/screenshot.png                         | Bin 141511 -> 0 bytes
 web/themes/PaperMod/images/tn.png                                 | Bin 15898 -> 0 bytes
 web/themes/PaperMod/layouts/404.html                              |   3 -
 web/themes/PaperMod/layouts/_default/_markup/render-image.html    |   1 -
 web/themes/PaperMod/layouts/_default/archives.html                |  67 ----
 web/themes/PaperMod/layouts/_default/baseof.html                  |  23 --
 web/themes/PaperMod/layouts/_default/index.json                   |   7 -
 web/themes/PaperMod/layouts/_default/list.html                    | 114 -------
 web/themes/PaperMod/layouts/_default/rss.xml                      |  51 ---
 web/themes/PaperMod/layouts/_default/search.html                  |  29 --
 web/themes/PaperMod/layouts/_default/single.html                  |  58 ----
 web/themes/PaperMod/layouts/_default/terms.html                   |  27 --
 web/themes/PaperMod/layouts/partials/anchored_headings.html       |   2 -
 web/themes/PaperMod/layouts/partials/author.html                  |   9 -
 web/themes/PaperMod/layouts/partials/breadcrumbs.html             |  19 --
 web/themes/PaperMod/layouts/partials/comments.html                |   3 -
 web/themes/PaperMod/layouts/partials/cover.html                   |  42 ---
 web/themes/PaperMod/layouts/partials/edit_post.html               |   8 -
 web/themes/PaperMod/layouts/partials/extend_footer.html           |   3 -
 web/themes/PaperMod/layouts/partials/extend_head.html             |   4 -
 web/themes/PaperMod/layouts/partials/footer.html                  | 135 --------
 web/themes/PaperMod/layouts/partials/head.html                    | 170 ----------
 web/themes/PaperMod/layouts/partials/header.html                  | 149 ---------
 web/themes/PaperMod/layouts/partials/home_info.html               |  13 -
 web/themes/PaperMod/layouts/partials/index_profile.html           |  58 ----
 web/themes/PaperMod/layouts/partials/post_canonical.html          |   9 -
 web/themes/PaperMod/layouts/partials/post_meta.html               |  21 --
 web/themes/PaperMod/layouts/partials/post_nav_links.html          |  19 --
 web/themes/PaperMod/layouts/partials/share_icons.html             |  71 ----
 web/themes/PaperMod/layouts/partials/social_icons.html            |   7 -
 web/themes/PaperMod/layouts/partials/svg.html                     | 688 --------------------------------------
 web/themes/PaperMod/layouts/partials/templates/opengraph.html     |  52 ---
 web/themes/PaperMod/layouts/partials/templates/schema_json.html   | 119 -------
 web/themes/PaperMod/layouts/partials/templates/twitter_cards.html |  33 --
 web/themes/PaperMod/layouts/partials/toc.html                     |  97 ------
 web/themes/PaperMod/layouts/partials/translation_list.html        |  19 --
 web/themes/PaperMod/layouts/robots.txt                            |   7 -
 web/themes/PaperMod/layouts/shortcodes/collapse.html              |   8 -
 web/themes/PaperMod/layouts/shortcodes/figure.html                |  31 --
 web/themes/PaperMod/layouts/shortcodes/inTextImg.html             |   5 -
 web/themes/PaperMod/layouts/shortcodes/ltr.html                   |  15 -
 web/themes/PaperMod/layouts/shortcodes/rawhtml.html               |   2 -
 web/themes/PaperMod/layouts/shortcodes/rtl.html                   |  15 -
 web/themes/PaperMod/theme.toml                                    |  51 ---
 144 files changed, 5900 deletions(-)
This PR **REWRITES THE HISTORY** to remove big blob files (PDFs) as well as the website. The idea is to keep this repository small, so we reduce the time to copy it to the store in each evaluation. Fixes #171 Move the website to another repo: https://jungle.bsc.es/git/rarias/jungle-website There are two kernel config files which are the largest files now. As they don't seem to be used, maybe we can also get rid of them? @arocanon : ``` apex% git ls-tree -r --long HEAD | sort -k 4 -n -r | head -20 100644 blob d260acc903aba42a871a67d46ce3e35d27931963 252089 m/eudy/kernel/configs/lockdep 100644 blob 20bdc2b94be6dbfe267e1cca6057c3c394b8f615 251927 m/eudy/kernel/configs/defconfig 100644 blob 815500b5461de132aebaf76814f093556e21c4a4 22881 pkgs/cudainfo/cudainfo.cpp 100644 blob 0c1cb78add8738fa5d63a0ca61cca63ce3904745 8408 m/hut/monitoring.nix 100644 blob 6717fefd47232f5111a61df1dd0f4281c92ca892 7676 m/common/base/users.nix 100644 blob c241806b704c83ee602c0053232b0af43e07a8b2 6480 m/tent/monitoring.nix 100644 blob 38ce71988f3ddc2dcc99767febe48b4a4b1e51b0 6204 m/raccoon/configuration.nix 100644 blob aec0d98fafaa20e7e9963a3027207028ec302a0c 5775 m/module/vpn-dac/client.crt 100644 blob 5cfcb7fba45807203c565f4fd5df1f79578689b9 5167 m/common/base/zsh.nix 100644 blob 2fe7c1cb2d2a24e71e5311b75f1fb449da0f438f 4955 m/hut/gitlab-runner.nix 100644 blob cee67c9c213e186742b951aae725e5b831d91813 4077 doc/install.md 100644 blob 180e2a546b23c551a046575148f6776a318a8c6f 3976 m/module/slurm-common.nix 100644 blob 8c381f86d72128aefc4e72f8dfabb8cfb55493d9 3735 m/fox/configuration.nix 100644 blob 166b8ca5412e04f38cd30aad12bc4d9d6165f559 3611 m/tent/gitlab-runner.nix 100644 blob 7ebd0bb8463355e03b73e266ef180ec10206ecbc 3577 m/map.nix 100644 blob 30ed5ac66892ce7edaedeb6437a039883e4afbfb 3219 flake.lock 100644 blob 47e82644a05b614514711cf26c7888eebc7053a6 2979 m/bay/configuration.nix 100644 blob 8334d5078d3bf06545bd0be5bc6df391af0bf6aa 2621 m/apex/nfs.nix 100644 blob 7e36ceed80b343b1af59b7544199bcc7ea842c97 2621 pkgs/amd-uprof/makefile.patch 100644 blob a67e5aeaf2349dd7afcbe62a039e39224ef864dd 2401 m/lake2/configuration.nix ``` If I did the math correctly, removing them reduces the size of the reachable objects from 2.78MiB to 2.27MiB: ``` apex% git rev-list --objects HEAD | git cat-file --batch-check='%(objecttype) %(objectname) %(objectsize) %(rest)' | sort -r --numeric-sort --key=3 | awk '{ n+= $3 } END { print n}' 2781561 apex% git rev-list --objects HEAD | git cat-file --batch-check='%(objecttype) %(objectname) %(objectsize) %(rest)' | sort -r --numeric-sort --key=3 | tail -n +3 | awk '{ n+= $3 } END { print n}' 2277545 ``` And the flake size goes from 1.2MiB to 700KiB which is what is copied to the store: ``` apex% du -sh /nix/store/r5aihfkzij1vjspm2xmpvph4q39n38hz-source 30M /nix/store/r5aihfkzij1vjspm2xmpvph4q39n38hz-source # original apex% du -sh /nix/store/p2a4lscpihd2xbyaifyrfnrd9hbmqp31-source 1,2M /nix/store/p2a4lscpihd2xbyaifyrfnrd9hbmqp31-source # blobs removed apex% du -sh /nix/store/7c4hrhlyf1g183nhql5c2mykjn7zhk0g-source 700K /nix/store/7c4hrhlyf1g183nhql5c2mykjn7zhk0g-source # kernel config removed ``` --- <details> <summary> Gitea is unable to properly compute the diff, but is here: </summary> ``` apex% git diff 00fe0f46a1143e23d334250dc47fdee2a9320221 --stat doc/Intel_Server_Board_S2600WF_TPS_2_6.pdf | Bin 8010543 -> 0 bytes doc/R1000WF_SystemIntegration_and_ServiceGuide_Rev2_4.pdf | Bin 13917196 -> 0 bytes doc/SEL_TroubleshootingGuide.pdf | Bin 3516866 -> 0 bytes doc/bsc-ssf.pdf | Bin 687323 -> 0 bytes web/.gitignore | 1 - web/archetypes/default.md | 6 - web/content/_index.md | 25 -- web/content/access/cave.jpg | Bin 481271 -> 0 bytes web/content/access/index.md | 16 - web/content/doc/_index.md | 10 - web/content/doc/quickstart.md | 234 ------------- web/content/eudy/_index.md | 10 - web/content/eudy/eudy.jpg | Bin 215556 -> 0 bytes web/content/fox/_index.md | 117 ------- web/content/fox/fox.jpg | Bin 128767 -> 0 bytes web/content/git/_index.md | 6 - web/content/grafana/_index.md | 6 - web/content/hut/_index.md | 127 ------- web/content/hut/hut.jpg | Bin 182453 -> 0 bytes web/content/lake/_index.md | 10 - web/content/lake/lake.jpg | Bin 147039 -> 0 bytes web/content/lists/_index.md | 6 - web/content/owl/_index.md | 18 - web/content/owl/owl.jpg | Bin 50084 -> 0 bytes web/content/paste/_index.md | 68 ---- web/content/posts/2023-09-12/_index.md | 71 ---- web/content/posts/2023-09-12/power.png | Bin 58985 -> 0 bytes web/content/posts/2025-09-26/_index.md | 49 --- web/content/posts/2025-09-26/temp.png | Bin 99349 -> 0 bytes web/hugo.toml | 40 --- web/static/hut-big.jpg | Bin 231398 -> 0 bytes web/static/jungle.jpg | Bin 332764 -> 0 bytes web/static/nodes.jpg | Bin 433858 -> 0 bytes web/static/rainforest.jpg | Bin 89494 -> 0 bytes web/themes/PaperMod/.github/ISSUE_TEMPLATE/bug_report.md | 50 --- web/themes/PaperMod/.github/ISSUE_TEMPLATE/config.yml | 5 - web/themes/PaperMod/.github/ISSUE_TEMPLATE/new-blank-issue.md | 7 - web/themes/PaperMod/.github/PULL_REQUEST_TEMPLATE.md | 44 --- web/themes/PaperMod/.github/stale.yml | 17 - web/themes/PaperMod/.github/workflows/gh-pages.yml | 80 ----- web/themes/PaperMod/LICENSE | 22 -- web/themes/PaperMod/README.md | 103 ------ web/themes/PaperMod/assets/css/common/404.css | 11 - web/themes/PaperMod/assets/css/common/archive.css | 44 --- web/themes/PaperMod/assets/css/common/footer.css | 60 ---- web/themes/PaperMod/assets/css/common/header.css | 93 ------ web/themes/PaperMod/assets/css/common/main.css | 68 ---- web/themes/PaperMod/assets/css/common/post-entry.css | 104 ------ web/themes/PaperMod/assets/css/common/post-single.css | 402 ---------------------- web/themes/PaperMod/assets/css/common/profile-mode.css | 42 --- web/themes/PaperMod/assets/css/common/search.css | 45 --- web/themes/PaperMod/assets/css/common/terms.css | 18 - web/themes/PaperMod/assets/css/core/license.css | 6 - web/themes/PaperMod/assets/css/core/reset.css | 116 ------- web/themes/PaperMod/assets/css/core/theme-vars.css | 38 --- web/themes/PaperMod/assets/css/core/zmedia.css | 49 --- web/themes/PaperMod/assets/css/extended/blank.css | 5 - web/themes/PaperMod/assets/css/hljs/an-old-hope.min.css | 63 ---- web/themes/PaperMod/assets/css/includes/scroll-bar.css | 63 ---- web/themes/PaperMod/assets/js/fastsearch.js | 147 -------- web/themes/PaperMod/assets/js/fuse.basic.min.js | 9 - web/themes/PaperMod/assets/js/highlight.min.js | 44 --- web/themes/PaperMod/assets/js/license.js | 6 - web/themes/PaperMod/go.mod | 3 - web/themes/PaperMod/i18n/ar.yaml | 28 -- web/themes/PaperMod/i18n/be.yaml | 39 --- web/themes/PaperMod/i18n/bg.yaml | 16 - web/themes/PaperMod/i18n/bn.yaml | 33 -- web/themes/PaperMod/i18n/ca.yaml | 19 -- web/themes/PaperMod/i18n/ckb.yaml | 25 -- web/themes/PaperMod/i18n/da.yaml | 28 -- web/themes/PaperMod/i18n/de.yaml | 33 -- web/themes/PaperMod/i18n/el.yaml | 33 -- web/themes/PaperMod/i18n/en.yaml | 33 -- web/themes/PaperMod/i18n/eo.yaml | 25 -- web/themes/PaperMod/i18n/es.yaml | 33 -- web/themes/PaperMod/i18n/fa.yaml | 28 -- web/themes/PaperMod/i18n/fr.yaml | 33 -- web/themes/PaperMod/i18n/he.yaml | 33 -- web/themes/PaperMod/i18n/hi.yaml | 19 -- web/themes/PaperMod/i18n/hr.yaml | 33 -- web/themes/PaperMod/i18n/hu.yaml | 16 - web/themes/PaperMod/i18n/id.yaml | 33 -- web/themes/PaperMod/i18n/it.yaml | 33 -- web/themes/PaperMod/i18n/ja.yaml | 33 -- web/themes/PaperMod/i18n/ko.yaml | 33 -- web/themes/PaperMod/i18n/ku.yaml | 25 -- web/themes/PaperMod/i18n/mn.yaml | 25 -- web/themes/PaperMod/i18n/ms.yaml | 28 -- web/themes/PaperMod/i18n/nl.yaml | 33 -- web/themes/PaperMod/i18n/pl.yaml | 33 -- web/themes/PaperMod/i18n/pt.yaml | 33 -- web/themes/PaperMod/i18n/ru.yaml | 39 --- web/themes/PaperMod/i18n/sv.yaml | 28 -- web/themes/PaperMod/i18n/tr.yaml | 33 -- web/themes/PaperMod/i18n/uk.yaml | 25 -- web/themes/PaperMod/i18n/uz.yaml | 20 -- web/themes/PaperMod/i18n/vi.yaml | 25 -- web/themes/PaperMod/i18n/zh-tw.yaml | 33 -- web/themes/PaperMod/i18n/zh.yaml | 33 -- web/themes/PaperMod/images/screenshot.png | Bin 141511 -> 0 bytes web/themes/PaperMod/images/tn.png | Bin 15898 -> 0 bytes web/themes/PaperMod/layouts/404.html | 3 - web/themes/PaperMod/layouts/_default/_markup/render-image.html | 1 - web/themes/PaperMod/layouts/_default/archives.html | 67 ---- web/themes/PaperMod/layouts/_default/baseof.html | 23 -- web/themes/PaperMod/layouts/_default/index.json | 7 - web/themes/PaperMod/layouts/_default/list.html | 114 ------- web/themes/PaperMod/layouts/_default/rss.xml | 51 --- web/themes/PaperMod/layouts/_default/search.html | 29 -- web/themes/PaperMod/layouts/_default/single.html | 58 ---- web/themes/PaperMod/layouts/_default/terms.html | 27 -- web/themes/PaperMod/layouts/partials/anchored_headings.html | 2 - web/themes/PaperMod/layouts/partials/author.html | 9 - web/themes/PaperMod/layouts/partials/breadcrumbs.html | 19 -- web/themes/PaperMod/layouts/partials/comments.html | 3 - web/themes/PaperMod/layouts/partials/cover.html | 42 --- web/themes/PaperMod/layouts/partials/edit_post.html | 8 - web/themes/PaperMod/layouts/partials/extend_footer.html | 3 - web/themes/PaperMod/layouts/partials/extend_head.html | 4 - web/themes/PaperMod/layouts/partials/footer.html | 135 -------- web/themes/PaperMod/layouts/partials/head.html | 170 ---------- web/themes/PaperMod/layouts/partials/header.html | 149 --------- web/themes/PaperMod/layouts/partials/home_info.html | 13 - web/themes/PaperMod/layouts/partials/index_profile.html | 58 ---- web/themes/PaperMod/layouts/partials/post_canonical.html | 9 - web/themes/PaperMod/layouts/partials/post_meta.html | 21 -- web/themes/PaperMod/layouts/partials/post_nav_links.html | 19 -- web/themes/PaperMod/layouts/partials/share_icons.html | 71 ---- web/themes/PaperMod/layouts/partials/social_icons.html | 7 - web/themes/PaperMod/layouts/partials/svg.html | 688 -------------------------------------- web/themes/PaperMod/layouts/partials/templates/opengraph.html | 52 --- web/themes/PaperMod/layouts/partials/templates/schema_json.html | 119 ------- web/themes/PaperMod/layouts/partials/templates/twitter_cards.html | 33 -- web/themes/PaperMod/layouts/partials/toc.html | 97 ------ web/themes/PaperMod/layouts/partials/translation_list.html | 19 -- web/themes/PaperMod/layouts/robots.txt | 7 - web/themes/PaperMod/layouts/shortcodes/collapse.html | 8 - web/themes/PaperMod/layouts/shortcodes/figure.html | 31 -- web/themes/PaperMod/layouts/shortcodes/inTextImg.html | 5 - web/themes/PaperMod/layouts/shortcodes/ltr.html | 15 - web/themes/PaperMod/layouts/shortcodes/rawhtml.html | 2 - web/themes/PaperMod/layouts/shortcodes/rtl.html | 15 - web/themes/PaperMod/theme.toml | 51 --- 144 files changed, 5900 deletions(-) ``` </details>
rarias added 458 commits 2025-10-01 17:24:40 +02:00
Setup slurm and gitlab-runner 907de95e01
Add mio key e31a72eeac
Remove commencted docker settings ec13892ae8
Add some tools and use relaxed for build sandbox a5b4a1b8fb
Add monitoring services da9b350691
Add agenix tool 2437e223e0
Enable gitlab runner monitoring 93b416ff19
Export nix store over nfs 8dff45903f
Enable IPoIB and set the infiniband IP cdc1cf387b
Disable ethernet specific useDHCP 2258c77aac 
Is already configured by default for all interfaces.
Add gitlab-runner secrets using agenix ccae9e96c7
Disable debug from gitlab runner e8133f9dc0
Add nos-v gitlab runner cc32ad0740
Set EDITOR and add nix-diff d2cb42ec80
Run the garbage collector once a week d99af26c48
Use bscpkgs master 91e670500c
Allow wheel users to build derivations 56e785ea24
Add smartctl monitoring d29c33eb66
Move xeon07 configuration to a directory 960e8eeb5a
Add common directory f394c29cca
Move disk selection to configuration.nix 52eb8e818f
Move boot.nix to common 25c9adf5bb
Move fs.nix to common 6f821011b9
Use partition labels for / and swap 2208781c7d
Move filesystems config to common/fs.nix d91efda035
Move boot config to common/boot.nix 65b6ee624a
Move the remaining hw config to common 80f838fa19
Move common options from configuration.nix b26ddbaca8
Move users.nix to common e51240da50
Move overlays.nix to common a42dc88f16
Move ssh.nix to common 7aa9c486c3
Remove host specific network options from net.nix 9d7d47e43b
Move net.nix to common d5c00f204a
Load overlays from /config f848cd3aca
Add configuration for xeon01 c95e5aa689
Add script to rebuild configuration 307af602ca
Remove xeon07 overlay to load upstream slurm 4dc04ecbff
Use xeon07 as control machine 84ea8ba1cb
Enable slurm in xeon01 53521010e9
Test flakes 5bc5b3fe35
Lock flakes and add inputs 578f1e04be
Refacto slurm configuration into compute/control 83f80b2cfd
Add xeon02 configuration 67eb58a8f7
Add minimal netboot module to build kexec image 26344d45af
Add steps in install documentation 3e701b22c2
Update ib interface name in xeon02 b0f0e0e134 
It seems to be plugged in another PCI port
Update nixpkgs 224fb2402f
Update nixpkgs to nixos-unstable 4dbc9a4021
Disable osnoise and hwlat tracer for now 6df8e03a8c 
Reuse nix cache to avoid rebuilding the kernel.
Use the latest kernel 3938218c74
Increase locked memory to 1 GiB b5ae691d4b
Use pmix by default in slurm 4f76bd9ee5
Roolback to bash as default shell 4a2f0ff881 
Zsh doesn't behave properly, it needs further configuration.
Simplify bash prompt f8f94f2604
Allow 5 concurrent buils in the gitlab-runner 95fec816d2
Increase the number of CPUs to 56 for nOS-V docker 201d1c6a22
Add hal ssh key c436a93bfc
Allow public dashboards in grafana e288e3c121
Automatically resume restarted nodes in SLURM 08666ddb5c
Add nixos-config.nix to easily enable nix repl cd1129894a
Add xeon08 basic config eb5bb85cc7
Set intel_pstate=passive and disable frequency boost 755290a032
Add gitignore be2702ebf1
Improve documentation 327837481d
Add ix to common packages e410506722
Add cmake to system packages 2d84a08d38
Add gnumake to system packages e7625328b6
Add file to system packages 736866afa0
Add tree command 14650a1e0d
Serve grafana in https://jungle.bsc.es/grafana 2517f2d0da
xeon08: Add lttng module and tools 6f4b356b73
xeon08: Enable lttng lockdep tracepoints c8e0d87d42
xeon08: Add perf d7f21b39c0
xeon08: Add config for kernel non-voluntary preemption bf5fffb8ca
Move arocanon user from xeon08 to common 1d0f42a93c
Add ncdu to system packages 22372b19f0
Remove profiles older than 30 days with gc 27a6bc1736
Rename xeon07 to hut 2c73c4a7c3
Simplify flake and expose host pkgs 3cb263ea71 
The configuration of the machines is now moved to m/
Add owl and all partition e0ab4e1408
Change owl hostnames ebf45be2b5
Set the name of the slurm cluster to jungle e2aa26a8b3
Add ssh host keys 3a07842480
Update rebuild script for all nodes a4141301ad
Rename xeon08 to eudy 59a29e1af6 
From Eudyptula, a little penguin.
Add eudy host key to known hosts 6df4924b00
Add coments in slurm config 5010746e9c
Add mpich overlay 3985e66fa4
Replace mpi inside bsc attribute cd1fde4760
Use explicit order in overlays 60ee744a54
Add missing parameter to extend d9002dd028
Set mpi to mpich by default in bscpkgs 197c93a2be
flake.lock: Update cced1c2e08 
Flake lock file updates:

• Updated input 'bscpkgs':
    'git+https://pm.bsc.es/gitlab/rarias/bscpkgs.git?ref=refs%2fheads%2fmaster&rev=c775ee4d6f76aded05b08ae13924c302f18f9b2c' (2023-04-26)
  → 'git+https://pm.bsc.es/gitlab/rarias/bscpkgs.git?ref=refs%2fheads%2fmaster&rev=cbe9af5d042e9d5585fe2acef65a1347c68b2fbd' (2023-06-16)
Add osumb to the system packages d200e4b172
Add rpenacob user 952541ff4a
Move authorized keys to users.nix 7db6671ce5
Allow srun to specify the cpu binding 3ea8bdcdf1 
The task/affinity plugin needs to be selected.
Add perf to packages 4997191f30
Set perf paranoid to 0 by default 31eace8400
Lower perf_event_paranoid to -1 a66a4d9a43
Add DNS tools to resolve hosts 01e7a9b8a4
Use our host names first by default cc2160f134
Add the ssfhead node as gateway aaa082390e
Enable NTP using the BSC time server 246226b3d3
eudy: disable all cpu mitigations cb90c9c73f
eudy: Enable memory overcommit 72497a88d4
eudy: Add fcsv3 and intermediate versions for testing b5d3d08706
Add koro node 4878b6fd8b
koro: Add vlopez user b408af0092
Kill slurmd remaining processes on upgrade c8ff31ec08
Upgrade flake: nixpkgs, bscpkgs and agenix 92f5c1ee19
GRUB version no longer needed b698b9da12
Allow access to devices for node_exporter b978839406
Update nixpkgs to fix docker problem ad78e41c8b
Don't set all_proxy b526531f20
Increase prometheus retention time to one year 776a582c10
Monitor power from other nodes via LAN 199358a5e3
Update flake 335c77593d
Add bay node 490cdf7b95
Remove netboot and fixes 817bea45a5
Add the bay host name 1f270d070d
Add ceph config in bay 34ebe09f66
Mount the ceph filesystem in hut 2416ec7806
Add ceph metrics to prometheus bb8bf86051
Add rarias key for secrets 2516559fac
Store ceph secret key in age e8d5eeb5cf 
This allows a node to mount the ceph FS without any extra ceph
configuration in /etc/ceph.
Add agenix to PATH in hut 591a4c774e
Add section to enable serial console 35580a83a0
Add lake2 bootstrap config 43c63f45d7
Prepare lake2 config after bootstrap 9ac05ed4c0 
The disk ID is different under NixOS.
Specify the disk by path d30399d31b
Enable netboot again for PXE 3c030307f1
Add PXE helper 9d15c13a44
Disable pixiecore in hut for now 300690df4c
Remove netboot module d6d3624617
Use the sda for lake2 e46ded9843
Add the lake2 hostname to the hosts e8824bf72e
Enable ceph osd daemons in lake2 7ae2403db8
Move pkgs overlay to overlay.nix 7cd15b9732
Update ceph to 18.2.0 in overlay 3c523572cb
Switch ceph logs to journal a68909f96c
Add ceph tools in hut too a510a41eed
Add fio tool 042e56b5b2
Add monitoring in the bay node a1271f007f
Scrape metrics from bay c47c190c79
Also enable monitoring in lake2 042d85ba61
Scrape lake2 too 4495cbf380
Enable all osd on boot in lake2 a0e447301e
Enable watchdog b9598df864
Enable binary emulation for other architectures 48727d3a88
Store nixos config in /etc/nixos/config.rev 13b2379d97
Configure bscpkgs.nixpkgs to follow nixpkgs ea73a72b79
Keep a log over time with the config commits e334891c41
Enable zsh and fix key bindings 44c1d958f4
Set zsh shell for rarias bfb5363d94
Set zsh inc_append_history option fcddbdb72b
Add anavarro user a7eddecf80
Reorganize secrets and ssh keys 875622ad0f 
The agenix tools needs to read the secrets from a standalone file, but
we also need the same information for the SSH keys.
Move the ceph client config to an external module c13022596a
Clean owl2 configuration 779b591d40
Warn about the owl2 omnipath device 7d9e7e4e83
Mount /ceph in owl1 and owl2 1ea8912d6c
Remove old secrets 8fc87885da
Add agenix module to ceph 3cc7b33c5a
Add agenix to all nodes ae4ad95902
flake.lock: Update 6b526f9827 
Flake lock file updates:

• Updated input 'bscpkgs':
    'git+https://pm.bsc.es/gitlab/rarias/bscpkgs.git?ref=refs/heads/master&rev=18d64c352c10f9ce74aabddeba5a5db02b74ec27' (2023-08-31)
  → 'git+https://pm.bsc.es/gitlab/rarias/bscpkgs.git?ref=refs/heads/master&rev=ee24b910a1cb95bd222e253da43238e843816f2f' (2023-09-01)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/d680ded26da5cf104dd2735a51e88d2d8f487b4d' (2023-08-19)
  → 'github:NixOS/nixpkgs/e56990880811a451abd32515698c712788be5720' (2023-09-02)
Unlock ovni gitlab runners d91c9b7473
flake.lock: Update 52d3794b14 
Flake lock file updates:

• Updated input 'bscpkgs':
    'git+https://pm.bsc.es/gitlab/rarias/bscpkgs.git?ref=refs/heads/master&rev=ee24b910a1cb95bd222e253da43238e843816f2f' (2023-09-01)
  → 'git+https://pm.bsc.es/gitlab/rarias/bscpkgs.git?ref=refs/heads/master&rev=6122fef92701701e1a0622550ac0fc5c2beb5906' (2023-09-07)
Add IB and IPMI node host names 21b38de26d
Poweroff idle slurm nodes after 1 hour bdd03dac60
Block ssfhead from reaching our slurm daemon 1c7ce3fc51
Allow only some ports for srun e41404f619
Make exporters listen in localhost only dd616a7fb1
Remove unused large port hole in firewall a5e81fea95
Add encrypted munge key with agenix b0b04e8fb1
Serve the nix store from hut 826d6263fd
Enable fstrim service a05d87d4b9
Monitor storage nodes via IPMI too de3a28b7df
Update slurm to 23.02.05.1 772e0f00fb
Open ports in firewall of compute nodes 722c0b0eaa
Revert "Update slurm to 23.02.05.1" 010491618e 
This reverts commit aaefddc44a.
flake.lock: Update dbd57ed57f 
Flake lock file updates:

• Updated input 'bscpkgs':
    'git+https://pm.bsc.es/gitlab/rarias/bscpkgs.git?ref=refs/heads/master&rev=6122fef92701701e1a0622550ac0fc5c2beb5906' (2023-09-07)
  → 'git+https://pm.bsc.es/gitlab/rarias/bscpkgs.git?ref=refs/heads/master&rev=3a4062ac04be6263c64a481420d8e768c2521b80' (2023-09-14)
Don't fetch registry flakes from the net c73a337471
Use hut packages as the default package set fefdbe9c55 
Allows the user to directly access nixpkgs and bscpkgs from the top
level as `nix build jungle#htop` and `nix build jungle#bsc.ovni`.
Add bscpkgs and nixpkgs top level attributes 656de00d65 
Allows the evaluation of packages of the intermediate overlays.
Remove bscpkgs from the registry and nixPath e0b3dd961c 
This is done to prevent accidental evaluations where the nixpkgs input
of bscpkgs is still pointing to a different version that the one
specified in the jungle flake. Instead use jungle#bscpkgs.X to get a
package from bscpkgs.
Enable direnv integration 94ead9b759
Mount the hut nix store for SLURM jobs d4c803dbfb
Add prometheus-slurm-exporter package 7b686d0ea4
Enable slurm-exporter service 4ca4e0fae9
Set the SLURM_CONF variable 7aef154dd4
Remove user/group when using DynamicUsers 24c05e5ebf
Allow anonymous access to grafana c3ecba513d
Add runner for gitlab.bsc.es d9511dab22
Temporarily disable pm runners 4d865d7a7e
Monitor PM webpage via blackbox 10101c631d
Monitor gitlab.bsc.es too cfa3e08e4b
Add docker runner too 72658ee5e6
Don't log SLURM connection attempts from ssfhead 18908c3019
Make blackbox exporter use the proxy 734f52e87f 
By default it was trying to reach the targets using the default gateway,
but since the electrical cut of 2023-10-20, the login node has not
enabled forwarding again. So better if we don't rely on it.

Reviewed-By: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Enable proxy for Grafana too 1e9bc4086f 
The alerts need to contact the slack endpoint, so we add the proxy
environment variables to the grafana systemd service.

Reviewed-By: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add ICMP probes 6f5f234480 
These probes check if we can reach several targets via ICMP, which is
not proxied, so they can be used to see if ICMP forwarding is working in
the login node.

In particular, we test if we can reach the Google (8.8.8.8) and
Cloudflare (1.1.1.1) DNS servers, the BSC gateway which responds to ping
only from the intranet and the login node (ssfhead).

Reviewed-By: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Monitor anella instead of gw.bsc.es c307fc9bb3 
The target gw.bsc.es doesn't reply to our ICMP probes from hut. However,
the anella hop in the tracepath is a good candidate to identify cuts
between the login and the provider and between the provider and external
hosts like Google or Cloudflare DNS.

Reviewed-By: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Switch bscpkgs URL to sourcehut 0e1ada08cf 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
flake.lock: Update 838b2d73e9 
Flake lock file updates:

• Updated input 'bscpkgs':
    'git+https://pm.bsc.es/gitlab/rarias/bscpkgs.git?ref=refs/heads/master&rev=3a4062ac04be6263c64a481420d8e768c2521b80' (2023-09-14)
  → 'git+https://git.sr.ht/~rodarima/bscpkgs?ref=refs/heads/master&rev=f605f8e5e4a1f392589f1ea2b9ffe2074f72a538' (2023-10-31)

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
BSC packages are no longer in bsc attribute 2acfd589d4 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
flake.lock: Update e58ffd9652 
Flake lock file updates:

• Updated input 'agenix':
    'github:ryantm/agenix/d8c973fd228949736dedf61b7f8cc1ece3236792' (2023-07-24)
  → 'github:ryantm/agenix/daf42cb35b2dc614d1551e37f96406e4c4a2d3e4' (2023-10-08)
• Updated input 'bscpkgs':
    'git+https://git.sr.ht/~rodarima/bscpkgs?ref=refs/heads/master&rev=f605f8e5e4a1f392589f1ea2b9ffe2074f72a538' (2023-10-31)
  → 'git+https://git.sr.ht/~rodarima/bscpkgs?ref=refs/heads/master&rev=e148de50d68b3eeafc3389b331cf042075971c4b' (2023-11-22)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/e56990880811a451abd32515698c712788be5720' (2023-09-02)
  → 'github:NixOS/nixpkgs/e4ad989506ec7d71f7302cc3067abd82730a4beb' (2023-11-19)

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Remove old Ceph package overlay ea2eeff5f9 
The Ceph package is now integrated in upstream nixpkgs.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Fix warning in slurm exporter using vendorHash 3d67c17cac 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Remove complete ceph package from hut 4d833d2088 
Only the ceph-client is needed.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Enable runners for pm.bsc.es/gitlab too 8c7d37859b 
The old runners for the PM gitlab were disabled in configuration in the
last outage, but they remained working until we reboot the node. With
this change we enable the runners for both PM and gitlab.bsc.es.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Use tmpfs in /tmp f78f1a3ce6 
The /tmp directory was using the SSD disk which is not erased across
boots. Nix will use /tmp to perform the builds, so we want it to be as
fast as possible. In general, all the machines have enough space to
handle large builds like LLVM.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Enable nixseparatedebuginfod module 1c6e5d8f82 
The module is only enabled on Hut and Eudy because we noticed activity
on the debuginfod service even if no debug session was active.

Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Monitor https://pm.bsc.es/gitlab/ too 171f26e192 
The GitLab instance is in the /gitlab endpoint and may fail
independently of https://pm.bsc.es/.

Cc: Víctor López <victor.lopez@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Enable public-inbox at jungle.bsc.es/lists d982b45c26 
The public-inbox service fetches emails from the sourcehut mailing lists
and displays them on the web. The idea is to reduce the dependency on
external services and add a secondary storage for the mailing lists in
case sourcehut goes down or changes the current free plans.

The service is available in https://jungle.bsc.es/lists/ and is open to
the public. It currently mirrors the bscpkgs and jungle mailing list.

We also edited the CSS to improve the readability and have larger fonts
by default.

The service for public-inbox produced by NixOS is not well configured to
fetch emails from an IMAP mail server, so we also manually edit the
service file to enable the network.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Move slurm client in a separate module df5a5e1668 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Add another HTTPS probe for bsc.es bd56c2340d 
As all other HTTPS probes pass through the opsproxy01.bsc.es proxy, we
cannot detect a problem in our proxy or in the BSC one. Adding another
target like bsc.es that doesn't use the ops proxy allows us to discern
where the problem lies.

Instead of monitoring https://www.bsc.es/ directly, which will trigger
the whole Drupal server and take a whole second, we just fetch robots.txt
so the overhead on the server is minimal (and returns in less than 10 ms).

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Use google.com probe instead of bsc.es 67bcf7b2a0 
The main website of the BSC is failing every day around 3:00 AM for
almost one hour, so it is not a very good target. Instead, google.com is
used which should be more reliable. The same robots.txt path is fetched,
as it is smaller than the main page.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
flake.lock: Update 082221f2c3 
Flake lock file updates:

• Updated input 'agenix':
    'github:ryantm/agenix/daf42cb35b2dc614d1551e37f96406e4c4a2d3e4' (2023-10-08)
  → 'github:ryantm/agenix/1381a759b205dff7a6818733118d02253340fd5e' (2024-04-02)
• Updated input 'agenix/darwin':
    'github:lnl7/nix-darwin/87b9d090ad39b25b2400029c64825fc2a8868943' (2023-01-09)
  → 'github:lnl7/nix-darwin/4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d' (2023-11-24)
• Updated input 'agenix/home-manager':
    'github:nix-community/home-manager/32d3e39c491e2f91152c84f8ad8b003420eab0a1' (2023-04-22)
  → 'github:nix-community/home-manager/3bfaacf46133c037bb356193bd2f1765d9dc82c1' (2023-12-20)
• Added input 'agenix/systems':
    'github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e' (2023-04-09)
• Updated input 'bscpkgs':
    'git+https://git.sr.ht/~rodarima/bscpkgs?ref=refs/heads/master&rev=e148de50d68b3eeafc3389b331cf042075971c4b' (2023-11-22)
  → 'git+https://git.sr.ht/~rodarima/bscpkgs?ref=refs/heads/master&rev=de89197a4a7b162db7df9d41c9d07759d87c5709' (2024-04-24)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/e4ad989506ec7d71f7302cc3067abd82730a4beb' (2023-11-19)
  → 'github:NixOS/nixpkgs/6143fc5eeb9c4f00163267708e26191d1e918932' (2024-04-21)
• Updated input 'nixseparatedebuginfod':
    'github:symphorien/nixseparatedebuginfod/232591f5274501b76dbcd83076a57760237fcd64' (2023-11-05)
  → 'github:symphorien/nixseparatedebuginfod/98d79461660f595637fa710d59a654f242b4c3f7' (2024-03-07)
• Removed input 'nixseparatedebuginfod'
• Removed input 'nixseparatedebuginfod/flake-utils'
• Removed input 'nixseparatedebuginfod/flake-utils/systems'
• Removed input 'nixseparatedebuginfod/nixpkgs'

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Remove nixseparatedebuginfod input b5da1c6521 
It has been integrated in nixpkgs, so is no longer required.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Merge pmix outputs for MPICH a2ec4546df 
MPICH expects headers and libraries to be present in the same directory.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Fix SLURM bug in rank integer sign expansion 5f69d51134 
See: https://bugs.schedmd.com/show_bug.cgi?id=19324

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add workaround for MPICH 4.2.0 d93fea8288 
See: https://github.com/pmodels/mpich/issues/6946

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add firewall rules for Ceph and monitoring 3ae2938cad 
The firewall was blocking the monitoring traffic from hut and the Ceph
traffic among OSDs. The rules only allow connecting from the specific
host that they are supposed to be coming from.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add Gitea service 249d3e472f 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Collect Gitea metrics in Prometheus 17fc1b0c9a 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Allow Ceph traffic to lake2 8033531246
Add msmtp to send notifications via email 38255dfa0f 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Enable mail notification in Gitea 2abc1e8fca 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Enable Grafana email alerts 584fe927b6 
Allows sending Grafana alerts via email too, so we have a reduntant
mechanism in case Slack fails to deliver them.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add PostgreSQL DB for performance test results 2f6673cb3e 
The database will hold the performance results of the execution of the
benchmarks. We follow the same setup on knights3 for now.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Control user access to each machine 91a42375e3 
The users.jungleUsers configuration option behaves like the users.users
option, but defines the list attribute `hosts` for each user, which
filters users so that only the user can only access those hosts.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Split xeon specific configuration from base cd3284d1b2 
To accomodate the raccoon knights workstation, some of the configuration
pulled by m/common/main.nix has to be removed. To solve it, the xeon
specific parts are placed into m/common/xeon.nix and only the common
configuration is at m/common/base.nix.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add raccoon motd file b14b4fab1f 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Move vlopez user to jungleUsers for koro host 7b5e4f3978 
Access to other machines can be easily added into the "hosts" attribute
without the need to replicate the configuration.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Monitor raccoon machine via IPMI c781a2262f 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add support for armv7 emulation in hut b0cc9c959e 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
eudy: koro: fcs: Fix fcs unprotected cpuid all 22a7de03a0 
smp_processor_id() was called in a preepmtible context, which could
invalidate the returned value. However, this was not harmful, because
fcs threads in nosv are pinned.

Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Allow incoming traffic to hut proxy 9c686a846f 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Set the default proxy to point to hut e12d99fd46 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Access private repositories via hut SSH proxy 57158b5257 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Grant rpenacob access to owl1 and owl2 nodes af38221cfa 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add abonerib user to hut, raccon, owl1 and owl2 555879f04e 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Allow ptrace to any process of the same user b57bb47aa6 
Allows users to attach GDB to their own processes, without requiring
running the program with GDB from the start. It is only available in
compute nodes, the storage nodes continue with the restricted settings.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
flake.lock: Update 30f1ab9144 
Flake lock file updates:

• Updated input 'agenix':
    'github:ryantm/agenix/1381a759b205dff7a6818733118d02253340fd5e' (2024-04-02)
  → 'github:ryantm/agenix/de96bd907d5fbc3b14fc33ad37d1b9a3cb15edc6' (2024-07-09)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/6143fc5eeb9c4f00163267708e26191d1e918932' (2024-04-21)
  → 'github:NixOS/nixpkgs/693bc46d169f5af9c992095736e82c3488bf7dbb' (2024-07-14)

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Use authentication tokens for PM GitLab runner cd9032bca9 
Starting with GitLab 16, there is a new mechanism to authenticate the
runners via authentication tokens, so use it instead.  Older tokens and
runners are also removed, as they are no longer used.

With the new way of managing tokens, both the tags and the locked state
are managed from the GitLab web page.

See: https://docs.gitlab.com/ee/ci/runners/new_creation_workflow.html
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Allow other jobs to run in unused cores e1967ccda6 
The current select mechanism was using the memory too as a consumable
resource, which by default only sets 1 MiB per node. As each job already
requests 1 MiB, it prevents other jobs from running.

As we are not really concerned with memory usage, we only use the unused
cores in the select criteria.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Set default SLURM job time limit to one hour be802804d1 
Prevents enless jobs from being left forever, while allow users to
request a larger time limit.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Set gitea and grafana log level to warn 2cba78cee1 
Prevents filling the journal logs with information messages.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Enable debuginfod daemon in owl nodes e78021c319 
WARNING: This will introduce noise, as the daemon wakes up from time to
time to check for new packages.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Program shutdown for August 2nd for all machines b04a064583 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Emulate other architectures in owl nodes too 3c1be2d4b4 
Allows cross-compilation of packages for RISC-V that are known to try to
run RISC-V programs in the host.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Don't mount the nix store in owl nodes f7d60c4bbe 
Initially we planned to run jobs in those nodes by sharing the same nix
store from hut. However, these nodes are now used to build packages
which are not available in hut. Users also ssh to the nodes, which
doesn't mount the hut store, so it doesn't make much sense to keep
mounting it.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add 10 min shutdown jitter to avoid spikes bb566b7eeb 
The shutdown timer will fire at slightly different times for the
different nodes, so we slowly decrease the power consumption.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add documentation section about GRUB chain loading 38f0fb7f78 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Remove setLdLibraryPath and driSupport options e5feebbd8f 
They have been removed from NixOS. The "hardware.opengl" group is now
renamed to "hardware.graphics".

See: 98cef4c273
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Set the serial console to ttyS1 in raccoon 439f40240f 
Apparently the ttyS0 console doesn't exist but ttyS1 does:

  raccoon% sudo stty -F /dev/ttyS0
  stty: /dev/ttyS0: Input/output error
  raccoon% sudo stty -F /dev/ttyS1
  speed 9600 baud; line = 0;
  -brkint -imaxbel

The dmesg line agrees:

  00:03: ttyS1 at I/O 0x2f8 (irq = 3, base_baud = 115200) is a 16550A

The console configuration is then moved from base to xeon to allow
changing it for the raccoon machine.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add dbautist user with access to hut 1e90c038a1 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Delay nix-gc until /home is mounted f41771d55f 
Prevents starting the garbage collector before the remote FS are
mounted, in particular /home. Otherwise, all the gcroots which have
symlinks in /home will be considered stale and they will be removed.

See: #79
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Mount the NVME disk in /nvme 0bcac3bca4 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Use nginx to serve website and other services 83830dbfed 
Instead of using multiple tunels to forward all our services to the VM
that serves jungle.bsc.es, just use nginx to redirect the traffic from
hut. This allows adding custom rules for paths that are not posible
otherwise.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add p command to paste files c1617266b6 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Create paste directories in /ceph/p b978f12d19 
Ensure that all hut users have a paste directory in /ceph/p owned by
themselves. We need to wait for the ceph mount point to create them, so
we use a systemd service that waits for the remote-fs.target.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Ignore misc directory 7d25055f98 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Log the client IP not the proxy 95eef3b0c5 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Ignore logging requests from the gitea runner 0e1ea5d504 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Keep host header for Grafana requests 129fa52e9b 
This was breaking requests due to CSRF check.

See: https://github.com/grafana/grafana/issues/45117#issuecomment-1033842787
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Use NVME as root e3f6e67348 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Use SSD for boot, then switch to NVME 4b41b67d25 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Remove exception to fetch task endpoint 4aa011ff85 
It causes the request to go to the website rather than the Gitea
service.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add custom GPFS exporter for MN5 7b9d805d12 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Collect statistics from logged users aa977ee62a 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add BSC machines to ssh config 3e26c69f69 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add script to monitor GPFS 23aa682816 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Set nixpkgs to track nixos-24.11 bb4e42e149 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
flake.lock: Update 90036b8ea2 
Flake lock file updates:

• Updated input 'agenix':
    'github:ryantm/agenix/de96bd907d5fbc3b14fc33ad37d1b9a3cb15edc6' (2024-07-09)
  → 'github:ryantm/agenix/f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41' (2024-08-10)
• Updated input 'bscpkgs':
    'git+https://git.sr.ht/~rodarima/bscpkgs?ref=refs/heads/master&rev=de89197a4a7b162db7df9d41c9d07759d87c5709' (2024-04-24)
  → 'git+https://git.sr.ht/~rodarima/bscpkgs?ref=refs/heads/master&rev=6782fc6c5b5a29e84a7f2c2d1064f4bcb1288c0f' (2024-11-29)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/693bc46d169f5af9c992095736e82c3488bf7dbb' (2024-07-14)
  → 'github:NixOS/nixpkgs/9c6b49aeac36e2ed73a8c472f1546f6d9cf1addc' (2025-01-14)

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Fix MPICH build by fetching upstream patches too 9b183c4202 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Update PM GitLab tokens to new URL e9740c471d 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add new fox machine a0eae1feea 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add fox IPMI monitoring b70d99f479 
Use agenix to store the credentials safely.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Use IPMI host names instead of IP addresses 8766fd8439 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Exclude fox from being suspended by slurm b046baee48 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Mount NVME disks in /nvme{0,1} 9dea4e2379 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add dalvare1 user afe7ae445b 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add users to fox 580bfad9ec 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reject SSH connections without SLURM allocation 8ff54219f6 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Don't move doc in web output b1adbed3de 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add abonerib user to fox b44bdfb10f 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Adjust fox slurm config after disabling SMT 5683fe5be1 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add varcila user to hut and fox 7f395ba2d9 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Remove SLURM partition all db04825a11 
We no longer have homogeneous nodes so it doesn't make much sense to
allocate a mix of them.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add new GitLab runner for gitlab.bsc.es 17e42b3872 
It uses docker based on alpine and the host nix store, so we can perform
builds but isolate them from the system.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Fix nginx /cache regex 097c7bc31f 
`nix-serve` does not handle duplicates in the path:
```
hut$ curl http://127.0.0.1:5000/nix-cache-info
StoreDir: /nix/store
WantMassQuery: 1
Priority: 30
hut$ curl http://127.0.0.1:5000//nix-cache-info
File not found.
```

This meant that the cache was not accessible via:
`curl https://jungle.bsc.es/cache/nix-cache-info` but
`curl https://jungle.bsc.es/cachenix-cache-info` worked.

Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Make nginx listen on all interfaces 563dc575fd 
Needed for local hosts to contact the nix cache via HTTP directly.
We also allow the incoming traffic on port 80.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Clean all iptables rules on stop ad26c63fa2 
Prevents the "iptables: Chain already exists." error by making sure that
we don't leave any chain on start. The ideal solution is to use
iptables-restore instead, which will do the right job. But this needs to
be changed in NixOS entirely.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Use hut nix cache in owl1, owl2 and raccoon 4ed53d4384 
For owl1 and owl2 directly connect to hut via LAN with HTTP, but for
raccoon pass via the proxy using jungle.bsc.es with HTTPS. There is no
risk of tampering as packages are signed.

Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Add bscpm04.bsc.es SSH host and public key a492e06327 
Allows fetching repositories from hut and other machines in jungle
without the need to do any extra configuration.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Allow traffic from docker to enter port 23080 7c901742e0 
Before:

  hut% sudo docker run -it --rm alpine /bin/ash -xc 'true | nc -w 3 -v 10.0.40.7 23080'
  + true
  + nc -w 3 -v 10.0.40.7 23080
  nc: 10.0.40.7 (10.0.40.7:23080): Operation timed out

After:

  hut% sudo docker run -it --rm alpine /bin/ash -xc 'true | nc -w 3 -v 10.0.40.7 23080'
  + true
  + nc -w 3 -v 10.0.40.7 23080
  10.0.40.7 (10.0.40.7:23080) open

Fixes: #94
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Don't forward any docker traffic 614fcfe596 
Access to the 23080 local port will be done by applying the INPUT rules,
which pass through nixos-fw.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Increase data retention to 5 years 7ad4af686b 
Now that we have more space, we can extend the retention time to 5 years
to hold the monitoring metrics. For a year we have:

	# du -sh /var/lib/prometheus2
	13G     /var/lib/prometheus2

So we can expect it to increase to about 65 GiB. In the future we may
want to reduce some adquisition frequency.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add raccoon node exporter monitoring b5d0b34179 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Set keep-outputs to true in all machines 1b77b70074 
From the documentation of keep-outputs, setting it to true would prevent
the GC from removing build time dependencies:

If true, the garbage collector will keep the outputs of non-garbage
derivations. If false (default), outputs will be deleted unless they are
GC roots themselves (or reachable from other roots).

In general, outputs must be registered as roots separately. However,
even if the output of a derivation is registered as a root, the
collector will still delete store paths that are used only at build time
(e.g., the C compiler, or source tarballs downloaded from the network).
To prevent it from doing so, set this option to true.

See: https://nix.dev/manual/nix/2.24/command-ref/conf-file.html#conf-keep-outputs
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add custom nix-daemon exporter 7d10816c98 
Allows us to see which derivations are being built in realtime. It is a
bit of a hack, but it seems to work. We simply look at the environment
of the child processes of nix-daemon (usually bash) and then look for
the $name variable which should hold the current derivation being
built. Needs root to be able to read the environ file of the different
nix-daemon processes as they are owned by the nixbld* users.

See: https://discourse.nixos.org/t/query-ongoing-builds/23486
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add meteocat exporter 3b5781ba63 
Allows us to track ambient temperature changes and estimate the
temperature delta between the server room and exterior temperature.
We should be able to predict when we would need to stop the machines due
to excesive temperature as summer approaches.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add UPC temperature sensor monitoring bbf09ab960 
These sensors are part of their air quality measurements, which just
happen to be very close to our server room.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Remove pam_slurm_adopt from fox dd8d3c508b 
We no longer will be able to use SLURM from jungle.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Remove fox from SLURM b386d30380 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Remove Ceph module from fox 653a197bf4 
It will no longer be accesible from the UPC.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Distrust fox SSH key 7d9340e8cb 
We no longer will share secrets with fox until we can regain our trust.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Rotate fox SSH host key 0b1feca6ac 
Prevent decrypting old secrets by reading the git history.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Rekey all secrets 490977cdc1 
Fox is no longer able to use munge or ceph, so we remove the key and
rekey them.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Disable home via NFS in fox 97e5e5d04b 
It won't be accesible anymore as we won't be in the same LAN.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Update configuration for UPC network 3264788343 
The fox machine will be placed in the UPC network, so we update the
configuration with the new IP and gateway. We won't be able to reach hut
directly so we also remove the host entry and proxy.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Monitor fox, gateway and UPC anella via ICMP 69e1cde614 
Fox should reply once the machine is connected to the UPC network.
Monitoring also the gateway and UPC anella allows us to estimate if the
whole network is down or just fox.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Remove fox monitoring via IPMI e31c80c6c5 
We will need to setup an VPN to be able to access fox in its new
location, so for now we simply remove the IPMI monitoring.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add machine map file 23d3cc5f18 
Documents the location, board and serial numbers so we can track the
machines if they move around. Some information is unkown.

Using the Nix language to encode the machines location and properties
allows us to later use that information in the configuration of the
machines themselves.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Only proxy SSH git remotes via hut in xeon f79debb7a1 
Other machines like raccoon have direct access.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Enable linger for user rarias 57a0d58691 
Allows services to run without a login session.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Allow X11 forwarding via SSH 8d01909666 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add node exporter monitoring in raccoon 1b6c948325 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add dbautist user to raccoon machine 78d7b522bf 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Disable nix garbage collector in raccoon 34d55ea815 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Enable binfmt emulation in raccoon 6f07c93b5a 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Make raccoon use performance governor 1089dd10b7 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Enable nixdebuginfod in raccoon 87e5fc8af6 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Extend perf support in raccoon 007418a52c 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Create tracing group and add arocanon in raccoon 075dd928ad 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Use UPC time servers as others are blocked 59d6742e77 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Use DHCP for Ethernet in fox 0c9f31ffe1 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Use extra- for substituters and trusted-public-keys 08953f64fb 
From the nix manual:

> A configuration setting usually overrides any previous value. However,
> for settings that take a list of items, you can prefix the name of the
> setting by extra- to append to the previous value.

Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Add hut as nix cache in fox 729b781cdd 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Use performance governor in fox c441d4aad7 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Only allow Vincent to access fox for now 10693417a3 
Needed to run benchmarks without interference.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Create specific SSF rack configuration c9b6edb6a9 
Allow xeon machines to optionally inherit SSF configuration such as the
NFS mount point and the network configuration.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add tent machine from xeon04 3734a9210c 
We moved the tent machine to the server room in the BSC building and is
now directly connected to the raccoon via NAT.

Fixes: #106
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Don't use proxy in base preset 5f59a22705 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add hut SSH configuration from outside SSF LAN 70eecd1e39 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add access to tent to all hut users too 6f5dacbcd3 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add software RAID in tent using 3 disks 39a070852f 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Create directories in /vault/home for tent users c89f9d79a0 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add tent host key and admin keys a20e8844c6 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Rekey secrets with tent keys 9d8234024d 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Disable nix garbage collector in tent a208cfbc6f 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Add monitoring in tent a5b5765d57 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add nginx server in tent cdbdef9bb1 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Serve Grafana from subpath 5026f0257e 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Enable nix cache 6bbadc5246 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Remove jungle nix cache from tent f5ac62577e 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add tent key for nix-serve a7b1334dd7 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Enable jungle robot emails for Grafana in tent 67c991fc6f 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add GitLab shell runner in tent for PM f711a26778 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add docker GitLab runner for BSC GitLab 377cc66d16 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add public html files to tent 2f9eb39fac 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Use IPv4 for blackbox exporter 72e475edbb 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Monitor AXLE machine too dec3ab49a7 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add bsc.es to resolve domain names 7a7b847cb9 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Enable gitea in tent 54c595fa62 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Enable public-inbox service in tent 3cc2ed1d18 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add p service for pastes 996602845c 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Move nix-daemon exporter to modules 02da9f1847 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Monitor nix-daemon in tent 415d09600a 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add GitLab runner with debian docker for PM 9f0deec40a 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Enable msmtp configuration in tent 926d443e24 
Allows gitea to send notifications via email.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Disable registration in Gitea b097cbfe2f 
Get rid of all the spam accounts they are trying to register.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Enable SSH X11 forwarding ce5228f696 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Load amd_uncore module in fox 39f6455d8c 
Needed for L3 events in perf.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Disable NUMA balancing in fox 0baec02de3 
See: https://www.kernel.org/doc/html/latest/admin-guide/sysctl/kernel.html#numa-balancing

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Disable kptr_restrict in fox b9ca4fcca3 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add ac.upc.edu as name search server fd49be6033 
Allows referring to fox.ac.upc.edu directly as fox.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add OpenVPN service to connect to fox BMC 23310cbfa9 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Monitor fox via VPN 55b2860b67 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Restrict DAC VPN to fox-ipmi machine only 904bb5f2ba 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Monitor Fox BMC with ICMP probes too 7304c60a98 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add all terminfo files in environment df2f25873f 
Fixes problems with the kitty terminal when opening vim or kakoune.

Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Revert "Only allow Vincent to access fox for now" 9c5c26e94d 
This reverts commit efac36b186.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add access to fox for rpenacob user a1e45941cc 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add pmartin1 user with access to fox 69b7be9026 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add new configuration for apex eebcf2f239 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add storcli utility to apex 76ce684be4 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Remove proxy configuration from environment bb779a9630 
All machines have now direct connection with the outside world.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Remove proxy from hut HTTP probes ba66cb0b71 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add users to apex machine b10504cb59 
They need to be able to login to apex to access any other machine from
the SSF rack.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Remove SSH proxy to access BSC clusters 8623e7c2bc 
We now have direct connection to them.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Disable root_squash from NFS 71e1562a0b 
Allows root to read files in the NFS export, so we can directly run
`nixos-rebuild switch` from /home.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Make NFS mount async to improve latency 8e80ed7034 
Don't wait to flush writes, as we don't care about consistency on a
crash:

> This option allows the NFS server to violate the NFS protocol and
> reply to requests before any changes made by that request have been
> committed to stable storage (e.g. disc drive).
>
> Using this option usually improves performance, but at the cost that
> an unclean server restart (i.e. a crash) can cause data to be lost or
> corrupted.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Use IPv4 in blackbox probes bffa8d94a9 
Otherwise they simply fail as IPv6 doesn't work.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Remove unused blackbox configuration modules cdad30dd55 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add proxy configuration for internal hosts 998a7f839d 
Access internal hosts via apex proxy. From the compute nodes we first
open an SSH connection to apex, and then tunnel it through the HTTP
proxy with netcat.

This way we allow reaching internal GitLab repositories without
requiring the user to have credentials in the remote host, while we can
use multiple remotes to provide redundancy.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Prevent accidental use of nftables 5a4e7d2bdf 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Remove extra flush commands on firewall stop ba425f6647 
They are not needed as they are already flushed when the firewall
starts or stops.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add weasel machine configuration 0a876e7a83 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Rotate anavarro password and SSH key 061bd24453 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Silently ban OpenVAS BSC scanner from apex ef65a49ed1 
It is spamming our logs with refused connection lines:

apex% sudo journalctl -b0 | grep 'refused connection.*SRC=192.168.8.16' | wc -l
13945

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Upgrade nixpkgs to nixos 25.05 871515a736 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
flake.lock: Update f59218c898 
Flake lock file updates:

• Updated input 'agenix':
    'github:ryantm/agenix/f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41?narHash=sha256-b%2Buqzj%2BWa6xgMS9aNbX4I%2BsXeb5biPDi39VgvSFqFvU%3D' (2024-08-10)
  → 'github:ryantm/agenix/531beac616433bac6f9e2a19feb8e99a22a66baf?narHash=sha256-9P1FziAwl5%2B3edkfFcr5HeGtQUtrSdk/MksX39GieoA%3D' (2025-06-17)
• Updated input 'agenix/darwin':
    'github:lnl7/nix-darwin/4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d?narHash=sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0%3D' (2023-11-24)
  → 'github:lnl7/nix-darwin/43975d782b418ebf4969e9ccba82466728c2851b?narHash=sha256-dyN%2BteG9G82G%2Bm%2BPX/aSAagkC%2BvUv0SgUw3XkPhQodQ%3D' (2025-04-12)
• Updated input 'agenix/home-manager':
    'github:nix-community/home-manager/3bfaacf46133c037bb356193bd2f1765d9dc82c1?narHash=sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE%3D' (2023-12-20)
  → 'github:nix-community/home-manager/abfad3d2958c9e6300a883bd443512c55dfeb1be?narHash=sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs%3D' (2025-04-24)
• Updated input 'bscpkgs':
    'git+https://git.sr.ht/~rodarima/bscpkgs?ref=refs/heads/master&rev=6782fc6c5b5a29e84a7f2c2d1064f4bcb1288c0f' (2024-11-29)
  → 'git+https://git.sr.ht/~rodarima/bscpkgs?ref=refs/heads/master&rev=9d1944c658929b6f98b3f3803fead4d1b91c4405' (2025-06-11)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/9c6b49aeac36e2ed73a8c472f1546f6d9cf1addc?narHash=sha256-i/UJ5I7HoqmFMwZEH6vAvBxOrjjOJNU739lnZnhUln8%3D' (2025-01-14)
  → 'github:NixOS/nixpkgs/dfcd5b901dbab46c9c6e80b265648481aafb01f8?narHash=sha256-Kt1UIPi7kZqkSc5HVj6UY5YLHHEzPBkgpNUByuyxtlw%3D' (2025-07-13)

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Remove package ix as it is gone 29071a6020 
Fails with: "error: ix has been removed from Nixpkgs, as the ix.io
pastebin has been offline since Dec. 2023".

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Remove merged MPICH patch c6cc2a7638 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Update weasel IPMI hostname for monitoring 387e1cada7 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Ban another scanner trying to connect via SSH 94f398e661 
It is constantly spamming out logs:

apex# journalctl | grep 'Connection closed by 84.88.52.176' | wc -l
2255

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Remove option allowUnfree from fox and raccoon a9ba65cdca 
It is already set to true for all machines.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Enable open source NVidia driver in fox e8cd0d9f58 
It is recommended for newer versions.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Select proprietary NVIDIA driver in raccoon 7131d82ba2 
The NVIDIA GTX 960 from 2016 has the Maxwell architecture, and NixOS
suggests using the proprietary driver for older than Turing:

> It is suggested to use the open source kernel modules on Turing or
> later GPUs (RTX series, GTX 16xx), and the closed source modules
> otherwise.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Enable automatic Nix GC in raccoon 4e24135d35 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Replace xeon07 by hut in ssh config 4e1fd7b0e0 
The xeon07 machine has been renamed to hut.

Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Move shared nvidia settings to a separate module 7b61cfbe54 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Enable cuda systemFeature in raccoon and fox 6411a94f77 
This allows running derivations which depend on cuda runtime without
breaking the sandbox. We only need to add `requiredSystemFeatures = [ "cuda" ];`
to the derivation.

Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Add missing symlink in cuda sandbox f686797234 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add cudainfo program to test CUDA 8bb09dd061 
The cudainfo program checks that we can initialize the CUDA RT library
and communicate with the driver. It can be used as standalone program or
built with cudainfo.gpuCheck so it is executed inside the build sandbox
to see if it also works fine. It uses the autoAddDriverRunpath hook to
inject in the runpath the location of the library directory for CUDA
libraries.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Disable automatic August shutdown for Fox 9e22760628 
The UPC has different dates for the yearly power cut, and Fox can
recover properly from a power loss, so we don't need to have it turned
off before the power cut. Simply disabling the timer is enough.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Move August shutdown to 3rd at 22h 2e429bf09e 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add NixOS module to control power policy 3d7e8b8a07 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Set power policy to always turn on 0642df0bbd 
In all machines, as soon as we recover the power, turn the machine back
on. We cannot rely on the previous state as we will shut them down
before the power is cut to prevent damage on the power supply
monitoring circuit.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Move StartLimit* options to unit section d1f58a62f5 
The StartLimitBurst and StartLimitIntervalSec options belong to the
[Unit] section, otherwise they are ignored in [Service]:

> Unknown key 'StartLimitIntervalSec' in section [Service], ignoring.

When using [Unit], the limits are properly set:

  apex% systemctl show power-policy.service | grep StartLimit
  StartLimitIntervalUSec=10min
  StartLimitBurst=10
  StartLimitAction=none

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Access gitlab via raccoon in fox dbb7e1fe36 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add csiringo user with access to apex and weasel 5ccfc2411f 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Enable nix-ld in weasel 0fb3cec09c 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Fix typo in csiringo ssh key d71831016e 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Move slurm control server to apex 70da186d15 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Split slurm configuration for client and server 0cc76fc98d 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Only configure apex as slurm server 38a45f20b4 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Remove hut from slurm 4d16e794cd 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add firewall rules to slurm server 1b21a398a8 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Use writeShellScript for suspend.sh and resume.sh ddfb26be5a 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add wireguard server in fox c9669408c5 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Enable wireguard in apex dd4ad901df 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add local host fox in apex 2fbf3ee8b6 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Make apex host specific to each machine f1a98190b5 
Allows direct contact via the VPN when accessing from fox, but use
Internet when using the rest of the machines.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Trust fox for compute node secrets 11f52da199 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Rekey secrets with trusted fox key 71a23ec68b 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add fox machine to SLURM 3f67bc4a2e 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Accept fox connection to slurm controller 02e2470c1a 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Accept connections from apex to fox slurmd 50ae3ab4f0 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Enable fail2ban in fox 7657b860a8 
Protect fox against ssh bruteforce attacks:

fox% sudo lastb | head
root     ssh:notty    200.124.28.102   Mon Sep  1 11:25 - 11:25  (00:00)
root     ssh:notty    200.124.28.102   Mon Sep  1 11:25 - 11:25  (00:00)
root     ssh:notty    200.124.28.102   Mon Sep  1 11:25 - 11:25  (00:00)
root     ssh:notty    200.124.28.102   Mon Sep  1 11:25 - 11:25  (00:00)
root     ssh:notty    200.124.28.102   Mon Sep  1 11:25 - 11:25  (00:00)
root     ssh:notty    200.124.28.102   Mon Sep  1 11:25 - 11:25  (00:00)
root     ssh:notty    200.124.28.102   Mon Sep  1 11:25 - 11:25  (00:00)
root     ssh:notty    200.124.28.102   Mon Sep  1 11:25 - 11:25  (00:00)
root     ssh:notty    200.124.28.102   Mon Sep  1 11:24 - 11:24  (00:00)
root     ssh:notty    200.124.28.102   Mon Sep  1 11:24 - 11:24  (00:00)

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Revert "Remove pam_slurm_adopt from fox" 3a917f75c7 
This reverts commit 64a52801ed.

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Use 10.106.0.0/24 subnet to avoid collisions 7d4ebd8495 
The 106 byte is the code for 'j' (jungle) in ASCII:

	% printf j | od -t d
	0000000         106
	0000001

Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Allow access to NFS via wireguard subnet a22d0d4135 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Mount home via NFS from apex in fox dcffeed542 
Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
Add AMD uProf package and driver 6f958c14cd 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add AMD uProf module and enable it in fox 87bae5b9df 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Use CFLAGS_MODULE instead of EXTRA_CFLAGS 3b7cf58aad 
Fixes the build in Linux 6.15.6, as it was not able to find the include
files.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Fix hrtimer new interface 6c544f79c4 
The hrtimer_init() is now done via hrtimer_setup() with the callback
function as argument.

See: https://lwn.net/Articles/996598/
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Fix amd-uprof dependencies with patchelf e8a3d6d647 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Disable NMI watchdog in fox ff5db631f7 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Fix hidden dependencies for AMDuProfSys 66068bc412 
It tries to dlopen libcrypt.so.1 and libstdc++.so.6, so we make sure
they are available by adding them to the runpath.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add amd_hsmp module in fox for AMD uProf e50fb05df7 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Fix AMDuProfPcm so it finds libnuma.so 3d344a5a4d 
We change the search procedure so it detects NixOS from /etc/os-release
and uses "libnuma.so" when calling dlopen, instead of harcoding a full
path to /usr. The full patch of libnuma is stored in the runpath, so
dlopen can find it.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Tested-by: Vincent Arcila <vincent.arcila@bsc.es>
Share a public folder for documents f2c38f9316 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Use lowercase peer hostnames 04b094a627 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Restrict fox peer to a single IP 405a7a7415 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add raccoon host key 9c39ce006a 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add raccoon peer to wireguard 57f6f7bb10 
It routes traffic from fox, apex and the compute nodes so that we can
reach the git servers and tent.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Remove extra SSH jump configuration e4c0f95906 
We now have direct visibility among nodes so we don't need any extra
SSH configuration to reach them.

Reviewed-by: Aleix Boné <abonerib@bsc.es>
Mount apex /home via NFS in raccoon bf69d242d0 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Remove machine access for user csiringo fce7cb795c 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Use hut substituter in all nodes 0cbcdcbe38 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Lower connect timeout when using hut substituter 98abb3edf2 
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
Restart slurmd on failure ef914953d4 
A failure to reach the control node can cause slurmd to fail and the
unit remains in the failed state until is manually restarted. Instead,
try to restart the service every 30 seconds, forever:

    owl1% systemctl show slurmd | grep -E 'Restart=|RestartUSec='
    Restart=on-failure
    RestartUSec=30s
    owl1% pgrep slurmd
    5903
    owl1% sudo kill -SEGV 5903
    owl1% pgrep slurmd
    6137

Fixes: #177
Reviewed-by: Aleix Boné <abonerib@bsc.es>
Add acinca user ee1b1a7679 
Reviewed-by: Aleix Boné <abonerib@bsc.es>
rarias commented 2025-10-02 13:36:51 +02:00
Author
Owner
Copy Link

I'll close this in favor of #188

I'll close this in favor of https://jungle.bsc.es/git/rarias/jungle/pulls/188
rarias closed this pull request 2025-10-02 13:36:52 +02:00

Pull request closed

This pull request cannot be reopened because the branch was deleted.
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
bug
ceph
ci
config
cross
hw
io
kernel
mpi
net
nix
ops
repair
slurm
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
abonerib arocanon varcila rarias
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: rarias/jungle#186
Delete Branch "remove-website"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?