raito/shared-public-infra
0
1
Fork 3
Code Issues Pull requests 1 Packages Projects Releases Wiki Activity

Compare commits

merge into: raito:vieuxtype
Branches Tags
raito:main
raito:jade/lix-update-cleanup
raito:disable-autoUpgrade
raito:so-it-has-begun
raito:pennae
raito:vieuxtype
...
pull from: raito:main
Branches Tags
raito:main
raito:jade/lix-update-cleanup
raito:disable-autoUpgrade
raito:so-it-has-begun
raito:pennae
raito:vieuxtype

117 commits
vieuxtype ... main

Author SHA1 Message Date
raito 5aeb620a66 chore: disable the lix bug details plz patch 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-10-19 12:29:43 +02:00
raito 8e72e4585e chore: lix can sometimes… have no patch! 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-10-19 12:29:01 +02:00
raito 852d0c107b chore: get rid of the deadlock factory 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-10-19 12:27:56 +02:00
Linus Heckemann fe3e4a50fb nix-daemon: set MaxSessions to 100 
This makes more simultaneous remote builds possible when using a
multiplexed SSH connection.
 2024-10-19 10:24:25 +00:00
jade c1f9e26c06 nix config: misc tidying 
Let's be real, I am doing this because I got impatient with the
gratuitous copy to the store this eliminates caused by pkgs.path.

Also gets rid of stuff in nix.extraOptions which is deprecated.
 2024-10-19 10:21:17 +00:00
jade 227e8a381a lix: link debuginfo into the closure 
This is to ease debugging of lix-project/lix#549
 2024-10-19 10:21:17 +00:00
jade 4ae36d6b79 lix: use the lix module 
This is primarily to banish CppNix from Colmena's closure among other
places.
 2024-10-19 10:21:17 +00:00
raito 7248adf458 chore: update lix 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-10-19 12:17:03 +02:00
Julien Malka 9602ab9539
chore: remove PII 2024-10-12 20:27:00 +02:00
Julien Malka be798718ce
chore(luj): switch shell to bash 2024-10-12 20:26:26 +02:00
Julien Malka 74ae6096fd
chore: drop ssh-cursed module 2024-10-12 20:24:27 +02:00
Julien Malka e018572545
chore: update lix 2024-10-12 20:22:06 +02:00
Julien Malka 2b0bd95587
chore: update luj keys 2024-10-12 20:21:53 +02:00
raito 5c6e3b2715 feat: introduce cutting edge Lix 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-09-27 13:07:31 +02:00
raito 23831441b3 flake: update srvos 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-08-30 08:56:43 +02:00
raito 60b1cef998 Merge pull request 'epyc: hack in better lix logging for debugging our CI problems' (#5) from jade/raito-shared-public-infra:jade/logs-pls into main 
Reviewed-on: #5
 2024-08-30 06:54:00 +00:00
jade fdc980208d epyc: hack in better lix logging for debugging our CI problems 
Sample broken thing:

https://buildbot.lix.systems/#/builders/40/builds/3400/steps/1/logs/stdio

I have a suspicion it's that the path vanished due to GC or something,
and I want to catch the next occurrence.

The error:

error: build of '/nix/store/f02iygmil30yfy92xf8cwp224lcr2nay-nixos-test-driver-nix-copy-closure.drv' on 'ssh-ng://nix@epyc.infra.newtype.fr' failed: error: some dependencies of '/nix/store/f02iygmil30yfy92xf8cwp224lcr2nay-nixos-test-driver-nix-copy-closure.drv' are missing

This is because nrFailed is not zero, which we don't have any god damned
idea why that is because there is NO LOG for those. So we don't even
know what goal type failed to begin with.

----

WARNING: this updates nixpkgs by two months!! You will potentially
experience other breakage.
 2024-08-29 23:33:54 -07:00
raito 0a1d7fe2e1 feat: use Lix ffs 
I ran into a bug with Nix 2.18.2.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-08-22 18:23:53 +02:00
raito ea74128e31 feat: add jmarquet account for the next week 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-08-22 15:47:59 +02:00
raito 2f09831cd8 Merge pull request 'akechi: update ssh keys' (#4) from akechishiro/shared-public-infra:update-ssh-keys into main 
Reviewed-on: #4
 2024-07-09 18:48:38 +00:00
AkechiShiro 9af56ee89f akechi: update ssh keys 2024-07-09 20:46:52 +02:00
raito 353ea2a57b feat: add perf & pwru 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-07-08 16:25:42 +02:00
Pierre Bourdon d5cf620e0a bagel-container: provision a user with Nix store perms for remote builds 2024-07-04 19:45:48 +00:00
raito 1b1c6b2849 feat: cleanup post btrfs epic crash 
BTRFS had a bug and we know how it goes.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-07-04 21:25:14 +02:00
raito c96bce2975 fix: pin kernel to 6.7.5 
6.7.6, 6.7.7 are not working for unknown reasons
even though a previous NixOS stable 23.11 revision with 6.7.7 worked…

Let's keep it that way for now, pending bisection between 6.7.5..6.7.6.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-06-30 14:15:30 +02:00
raito edf11d7650 Merge pull request 'bagel factory: init' (#2) from delroth/raito-shared-public-infra:container-prep into main 
Reviewed-on: #2
 2024-06-23 18:26:57 +00:00
Pierre Bourdon a1c645a1e6
bagel-container: provide IPv4 NAT for outbound access 2024-06-23 20:24:46 +02:00
Pierre Bourdon 7d9d2a93df
modules: add bagel-container 2024-06-23 19:33:00 +02:00
Pierre Bourdon 9e609128af
network: add a wan bridge for VMs/containers 2024-06-23 19:33:00 +02:00
Pierre Bourdon 6fe7c98069
gitignore: also ignore Nix result/ and colmena .gcroots/ 2024-06-23 03:13:50 +02:00
Pierre Bourdon f7902ae1c7
Bump nixpkgs to unstable and only pin for kernelPackages. 2024-06-23 03:13:50 +02:00
Julien Malka 9ff0d194aa
disable auto-upgrade 2024-06-17 21:18:17 +02:00
Julien Malka 544e12c33f
pin kernel to 6.7.7 2024-06-14 22:17:49 +02:00
Ryan Lahfa 61e044607c Merge pull request 'feat: add delroth as root@ for capability building' (#5) from so-it-has-begun into main 
Reviewed-on: https://git.newtype.fr/newtype/newtype-org-configurations/pulls/5
 2024-06-08 14:08:03 +02:00
raito 6b28da4557 feat: add delroth as root@ for capability building 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-06-08 12:33:25 +02:00
raito 5b76e5a670 fix: debug attempts for the weird reboot issue 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-06-08 12:32:29 +02:00
raito bd1a250b1f chore: disable jobserver 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-06-08 12:28:13 +02:00
raito 877ad54ae2 chore: bump to 24.05-small 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-06-08 12:28:13 +02:00
raito c311ccf80a fix: enable a bunch of startups for sshd 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-06-08 12:28:13 +02:00
raito 332fa23d98 chore: cleanup luj entry 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-06-08 12:28:13 +02:00
raito c06bedc73c feat: add pennae as root and bump jobserver 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-05-22 13:26:07 +02:00
raito 45d660deb5 feat: enable jobserver and cores = 0; 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-05-20 17:39:23 +02:00
raito 7d83f696dd feat: remove hypervisor and bump to jobserver branch 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-05-20 17:39:16 +02:00
Ryan Lahfa 0de523fefb Merge pull request 'feat: add pennae as permanent account' (#4) from pennae into main 
Reviewed-on: https://git.newtype.fr/newtype/newtype-org-configurations/pulls/4
 2024-05-13 23:09:32 +02:00
raito 7d3f9a0533 fix: make winter permanent as discussed 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-05-13 22:50:31 +02:00
raito 785fe6d92f fix: make jade permanent as discussed 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-05-13 22:50:31 +02:00
raito 0e1ec7f6b5 feat: add pennae as permanent account 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-05-13 22:50:31 +02:00
raito 620375662b feat: make jade account permanent 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-05-12 03:00:52 +02:00
raito 8596f1481f feat: i need to debug Heads. 
i yes no.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-04-30 16:56:04 +02:00
raito 177351f7ee friends: bump jade until 1st May 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-04-08 09:39:11 +02:00
raito 86cff4e34f friends: cleanup ninjatrappeur, flokli account 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-03-27 16:38:45 +01:00
raito a8b450dd56 friends: add winterqt until 1st May until final validation 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-03-27 16:33:35 +01:00
raito aab6b67ccc trusted-users: add jade 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-03-24 22:45:42 +01:00
raito 79dadb7e23 friends: add jade until 1st April 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-03-24 21:52:36 +01:00
raito d3505a8b2d docs: update 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-03-04 01:28:44 +01:00
raito 0c4334571c builder: add top secret's project buildbot key 
The cgroup will be nerfed and noise should be low, ping me if something goes wrong.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-03-04 00:59:45 +01:00
raito 6c0d19e005 epyc: disable all android cache for now 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-03-04 00:59:21 +01:00
raito 6beda4c58f epyc: move to Nix 2.18, remove discard references exp feature 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-03-04 00:59:16 +01:00
raito 84d0cd52c2 epyc: bump things 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-03-04 00:59:08 +01:00
raito c459d2a744 epyc: disable buildbot 
not used

Signed-off-by: raito <federez-infra@lahfa.xyz>
 2024-02-12 19:08:12 +01:00
raito f1692a7287 epyc: re-enable postgresql 
Signed-off-by: raito <federez-infra@lahfa.xyz>
 2024-02-12 19:07:59 +01:00
raito ed5f2cb13f epyc: add flokli account for 3-ish days 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-01-27 19:18:06 +01:00
raito 056f8be2a5 epyc: disable ninjatrappeur's account 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-01-27 19:18:06 +01:00
raito 3cc55253a4 flake: upgrade to 23.11 systems 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-01-27 19:18:06 +01:00
raito b5053ab520 nix: clean up various things for upcoming GC 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-01-27 19:13:13 +01:00
raito 495790a142 android-cache: remove the aosp mirror for now 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-01-27 19:13:04 +01:00
raito 89e64355ea epyc: disable hydra 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-01-27 19:12:59 +01:00
raito ce2c4ef180 epyc: move to latest kernel for snappier performance 2024-01-05 18:02:27 +01:00
Julien Malka b5f4697ad1
rename niklas 2024-01-04 23:34:56 +01:00
Tom Hubrecht 4b452f8818 fix(system.autoUpgrade): Use correct URI 2024-01-04 23:15:13 +01:00
Julien Malka aaef0b57ee
added niklas as friend 2023-12-29 17:54:33 +01:00
raito 4e29b67e29 raito: key update 2023-12-06 10:46:10 +01:00
Ryan Lahfa 5a5e8d31db Merge pull request 'garage: add reverse proxy for S3 access from outside' (#2) from linus/newtype-org-configurations:main into main 
Reviewed-on: https://git.newtype.fr/newtype/newtype-org-configurations/pulls/2
 2023-09-22 16:26:06 +02:00
Linus Heckemann 0d508468e6 garage: add reverse proxy for S3 access from outside 
TODO: subdomains?
 2023-09-22 16:26:06 +02:00
raito 1640f74ea9 epyc: change IPv6 
We remove the old legacy tunnel from HE.
 2023-09-22 16:23:14 +02:00
Julien Malka df7c5aa2f9
luj: key update 2023-09-18 15:49:56 +02:00
raito 80099f64ab users/friends: allow linus to be root 2023-09-18 09:59:22 +02:00
raito 5a1aa0eef7 epyc: add garage node 2023-09-15 14:56:40 +02:00
raito 8d57383bc3 epyc: add raito@thorkell in builder 2023-09-12 14:08:03 +02:00
Julien Malka 3dcb366c3b
I need to hydraing 2023-09-11 19:56:06 +02:00
Julien Malka b152bd7826
added luj x2100 key 2023-09-06 11:22:23 +02:00
raito 279344c454 epyc: add TheMuppets 2023-08-26 19:00:04 +02:00
raito 39134145c0 epyc: add linageOS better 2023-08-25 15:06:19 +02:00
raito 07e223048d epyc: add lineageOS again 2023-08-24 19:46:56 +02:00
gabriel-doriath-dohler eff88f398d keys: gdd quality 2023-08-24 23:59:59 +00:00
raito 47e322b416 epyc: disable lineageOS for now 2023-08-23 14:58:50 +02:00
raito 6228f5a2df epyc: add android cache 2023-08-23 13:00:22 +02:00
raito 6eec25d2bb epyc: let authentication remote 2023-08-22 21:17:36 +02:00
raito 69aac159fa epyc: open postgresql publicly 2023-08-22 21:17:36 +02:00
raito 7c1ab12829 friends: init with linus 2023-08-22 19:41:34 +02:00
Julien Malka 6ae5f622fb
removed builbot from trusted users 2023-08-21 13:57:34 +02:00
Julien Malka e460e8ca8a
Added nom to packages 2023-08-21 13:57:12 +02:00
raito 62e37c45ea keys: ninjaTrappeur → ninjatrappeur 2023-08-16 15:32:04 +02:00
raito a812707b62 friends: init with ninjatrappeur 2023-08-16 15:29:28 +02:00
raito 85154e3d19 flake: bump 2023-08-13 01:24:14 +02:00
raito 38e86907c8 epyc: maybe we can afford 2 jobs on localhost for Hydra? 2023-08-13 01:24:09 +02:00
raito 0e8785863e epyc: nerf it 2023-08-13 01:21:41 +02:00
raito ada25e575f flake: bump 2023-08-13 01:21:41 +02:00
raito 14ec5cc6fe epyc: add nix-top 2023-08-13 01:21:41 +02:00
Julien Malka 65c58a00bb
added attic to buildbot 2023-08-07 14:46:46 +02:00
raito 88873083d5 epyc: 64 → 42 max jobs otherwise RAM explodes too quickly with browsers and whatever 2023-08-04 02:52:46 +02:00
raito d9d32e0194 epyc: init hydra settings properly 2023-08-03 22:56:37 +02:00
raito 567b99aa57 epyc: add hydra.newtype.fr 2023-08-01 17:04:03 +02:00
raito 81cf3e0769 epyc: add riscv64-linux emulation support 2023-08-01 17:00:14 +02:00
Julien Malka ebea10d242
added buildbot workers 2023-08-01 16:48:49 +02:00
Julien Malka c208537f49
Updated hypervisor input 2023-07-23 13:44:48 +02:00
raito 8d187d1ef0 infra: boot a simple VM 2023-07-02 19:45:17 +02:00
raito 444a655fec infra: enable experimental hypervisor on EPYC machine 2023-07-02 17:46:01 +02:00
raito e3f59ee35f flake: add nixos-hypervisor input 
Private repository for now.
 2023-07-02 17:43:56 +02:00
Julien Malka 147ca052d4
import ssh-cursed module 2023-07-01 16:46:53 +02:00
Julien Malka c898d56781
added luj's remote builders 2023-07-01 16:44:29 +02:00
raito 5e9b7b7732 nix-daemon: improve open files for NixOS VM tests and thundering effects for GC 2023-07-01 13:00:27 +02:00
raito 7fd10c28cb zsh: use grml configuration by default 2023-07-01 13:00:07 +02:00
raito 02fa2102d6 configurations: add trusted cache, terminfo and kitty's terminfo 2023-07-01 13:00:00 +02:00
Tom Hubrecht 820adcfa31 misc: Add .gitignore 2023-06-28 14:13:55 +02:00
Tom Hubrecht 379d764490 infra(epyc): Add an ssh key for tomate 2023-06-28 14:13:28 +02:00
raito 696929edb4 infra(epyc): add my key on builder and iperf3 server 2023-06-08 17:44:08 +02:00
35 changed files with 1191 additions and 307 deletions
Show stats Expand all files Collapse all files

3
.gitignore vendored Normal file
View file

@ -0,0 +1,3 @@
.direnv
result
.gcroots

74
configurations.nix
View file

@ -3,13 +3,13 @@ let
inherit
(self.inputs)
nixpkgs
lix-module
home-manager
agenix
nur
colmena
flake-registry
nixos-hardware
nixpkgs-unstable
srvos
disko
;
@ -29,52 +29,62 @@ let
./modules/users/admins.nix
./modules/packages.nix
./modules/nix-daemon.nix
./modules/auto-upgrade.nix
./modules/tor-ssh.nix
./modules/hosts.nix
./modules/network.nix
./modules/zsh.nix
# FIXME: ./modules/buildbot — whenever you are ready.
disko.nixosModules.disko
srvos.nixosModules.server
srvos.nixosModules.mixins-trusted-nix-caches
srvos.nixosModules.mixins-terminfo
# srvos.nixosModules.mixins-telegraf
# srvos.nixosModules.mixins-terminfo
# use lix
lix-module.nixosModules.default
agenix.nixosModules.default
({ pkgs
, config
, lib
, ...
}: let
sopsFile = ./. + "/hosts/${config.networking.hostName}.yml";
in {
nix.nixPath = [
"home-manager=${home-manager}"
"nixpkgs=${pkgs.path}"
"nur=${nur}"
];
# TODO: share nixpkgs for each machine to speed up local evaluation.
#nixpkgs.pkgs = self.inputs.nixpkgs.legacyPackages.${system};
}:
let
sopsFile = ./. + "/hosts/${config.networking.hostName}.yml";
in
{
nix.nixPath = [
"home-manager=${home-manager}"
"nixpkgs=flake:nixpkgs"
"nur=${nur}"
];
# TODO: share nixpkgs for each machine to speed up local evaluation.
#nixpkgs.pkgs = self.inputs.nixpkgs.legacyPackages.${system};
#users.withSops = builtins.pathExists sopsFile;
#sops.secrets = lib.mkIf (config.users.withSops) {
# root-password-hash.neededForUsers = true;
#};
# sops.defaultSopsFile = lib.mkIf (builtins.pathExists sopsFile) sopsFile;
#users.withSops = builtins.pathExists sopsFile;
#sops.secrets = lib.mkIf (config.users.withSops) {
# root-password-hash.neededForUsers = true;
#};
# sops.defaultSopsFile = lib.mkIf (builtins.pathExists sopsFile) sopsFile;
nix.extraOptions = ''
flake-registry = ${flake-registry}/flake-registry.json
'';
nix.settings.builders-use-substitutes = true;
nix.registry = {
home-manager.flake = home-manager;
nixpkgs.flake = nixpkgs;
nur.flake = nur;
};
time.timeZone = "UTC";
})
nix.registry = {
home-manager.flake = home-manager;
nixpkgs.flake = nixpkgs;
nur.flake = nur;
};
time.timeZone = "UTC";
environment.systemPackages = [
pkgs.kitty.terminfo
];
})
];
in
{
@ -87,12 +97,18 @@ in
++ [
./hosts/epyc.nix
];
};
};
};
flake.colmena = {
meta.nixpkgs = import nixpkgs {
system = "x86_64-linux";
# yikes, this overlay has to be listed twice since colmena makes us
# import nixpkgs explicitly here
overlays = [
# bonking cppnix out of the closure as much as possible
lix-module.overlays.default
];
};
epyc = {
imports =
@ -100,6 +116,6 @@ in
++ [
./hosts/epyc.nix
];
};
};
};
}

110
docs/epyc.lstopo.svg
View file

@ -1,7 +1,7 @@
<?xml version='1.0' encoding='UTF-8'?>
<svg xmlns='http://www.w3.org/2000/svg' xmlns:xlink='http://www.w3.org/1999/xlink' width='1375px' height='386px' viewBox='0 0 1375px 386px' version='1.1'>
<rect id='Machine_0_rect' class='Machine' x='0' y='0' width='1375' height='348' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Machine_0_text' class='Machine' font-family='Monospace' x='7' y='17' fill='rgb(0,0,0)' font-size='10px'>Machine (126GB total)</text>
<svg xmlns='http://www.w3.org/2000/svg' xmlns:xlink='http://www.w3.org/1999/xlink' width='1375px' height='431px' viewBox='0 0 1375px 431px' version='1.1'>
<rect id='Machine_0_rect' class='Machine' x='0' y='0' width='1375' height='393' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Machine_0_text' class='Machine' font-family='Monospace' x='7' y='17' fill='rgb(0,0,0)' font-size='10px'>Machine (252GB total)</text>
<rect id='Package_0_rect' class='Package' x='7' y='24' width='974' height='293' fill='rgb(210,231,164)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Package_0_text' class='Package' font-family='Monospace' x='14' y='41' fill='rgb(0,0,0)' font-size='10px'>Package L#0</text>
<rect id='L3_0_rect' class='L3' x='14' y='79' width='297' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
@ -153,18 +153,18 @@
<text id='PU_127_text' class='PU' font-family='Monospace' x='912' y='282' fill='rgb(0,0,0)' font-size='10px'>PU L#127</text>
<text id='PU_127_text_1' class='PU' font-family='Monospace' x='921' y='296' fill='rgb(0,0,0)' font-size='10px'>P#127</text>
<rect id='NUMANode_0_rect' class='NUMANode' x='14' y='48' width='960' height='24' fill='rgb(239,223,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='NUMANode_0_text' class='NUMANode' font-family='Monospace' x='21' y='65' fill='rgb(0,0,0)' font-size='10px'>NUMANode L#0 P#0 (126GB)</text>
<text id='NUMANode_0_text' class='NUMANode' font-family='Monospace' x='21' y='65' fill='rgb(0,0,0)' font-size='10px'>NUMANode L#0 P#0 (252GB)</text>
<rect id='HostBridge_0_rect' class='HostBridge' x='988' y='24' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='HostBridge_0_line' class='HostBridge' x1='995' y1='27' x2='1002' y2='27' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='HostBridge_0_line_2' class='HostBridge' x1='1002' y1='27' x2='1026' y2='27' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_2' class='HostBridge' font-family='Monospace' x='1005' y='40' fill='rgb(0,0,0)' font-size='10px'>7.9</text>
<line id='HostBridge_0_line_3' class='HostBridge' x1='1002' y1='103' x2='1026' y2='103' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_3' class='HostBridge' font-family='Monospace' x='1005' y='116' fill='rgb(0,0,0)' font-size='10px'>4.0</text>
<line id='HostBridge_0_line_4' class='HostBridge' x1='1002' y1='134' x2='1026' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_4' class='HostBridge' font-family='Monospace' x='1005' y='147' fill='rgb(0,0,0)' font-size='10px'>0.2</text>
<line id='HostBridge_0_line_5' class='HostBridge' x1='1002' y1='165' x2='1026' y2='165' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_5' class='HostBridge' font-family='Monospace' x='1005' y='178' fill='rgb(0,0,0)' font-size='10px'>1.0</text>
<line id='HostBridge_0_line_1' class='HostBridge' x1='1002' y1='27' x2='1002' y2='165' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_3' class='HostBridge' font-family='Monospace' x='1005' y='116' fill='rgb(0,0,0)' font-size='10px'>3.9</text>
<line id='HostBridge_0_line_4' class='HostBridge' x1='1002' y1='179' x2='1026' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_4' class='HostBridge' font-family='Monospace' x='1005' y='192' fill='rgb(0,0,0)' font-size='10px'>0.2</text>
<line id='HostBridge_0_line_5' class='HostBridge' x1='1002' y1='210' x2='1026' y2='210' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_5' class='HostBridge' font-family='Monospace' x='1005' y='223' fill='rgb(0,0,0)' font-size='10px'>1.0</text>
<line id='HostBridge_0_line_1' class='HostBridge' x1='1002' y1='27' x2='1002' y2='210' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCIBridge_1_rect' class='PCIBridge' x='1026' y='24' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_1_line' class='PCIBridge' x1='1033' y1='27' x2='1040' y2='27' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_1_line_2' class='PCIBridge' x1='1040' y1='27' x2='1064' y2='27' stroke='rgb(0,0,0)' stroke-width='1'/>
@ -178,52 +178,56 @@
<rect id='PCIBridge_2_rect' class='PCIBridge' x='1026' y='100' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_2_line' class='PCIBridge' x1='1033' y1='103' x2='1040' y2='103' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_2_line_2' class='PCIBridge' x1='1040' y1='103' x2='1064' y2='103' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_2_text_2' class='PCIBridge' font-family='Monospace' x='1043' y='116' fill='rgb(0,0,0)' font-size='10px'>3.9</text>
<line id='PCIBridge_2_line_1' class='PCIBridge' x1='1040' y1='103' x2='1040' y2='103' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCI_1_rect' class='PCI' x='1064' y='100' width='80' height='24' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_1_text' class='PCI' font-family='Monospace' x='1071' y='117' fill='rgb(0,0,0)' font-size='10px'>PCI 43:00.0</text>
<rect id='PCIBridge_3_rect' class='PCIBridge' x='1026' y='131' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_3_line' class='PCIBridge' x1='1033' y1='134' x2='1040' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_3_line_2' class='PCIBridge' x1='1040' y1='134' x2='1064' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_3_text_2' class='PCIBridge' font-family='Monospace' x='1043' y='147' fill='rgb(0,0,0)' font-size='10px'>0.2</text>
<line id='PCIBridge_3_line_1' class='PCIBridge' x1='1040' y1='134' x2='1040' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCIBridge_4_rect' class='PCIBridge' x='1064' y='131' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_4_line' class='PCIBridge' x1='1071' y1='134' x2='1078' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_4_line_2' class='PCIBridge' x1='1078' y1='134' x2='1102' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_4_line_1' class='PCIBridge' x1='1078' y1='134' x2='1078' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCI_2_rect' class='PCI' x='1102' y='131' width='80' height='24' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_2_text' class='PCI' font-family='Monospace' x='1109' y='148' fill='rgb(0,0,0)' font-size='10px'>PCI 46:00.0</text>
<rect id='PCIBridge_5_rect' class='PCIBridge' x='1026' y='162' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_5_line' class='PCIBridge' x1='1033' y1='165' x2='1040' y2='165' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_5_line_2' class='PCIBridge' x1='1040' y1='165' x2='1064' y2='165' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_5_text_2' class='PCIBridge' font-family='Monospace' x='1043' y='178' fill='rgb(0,0,0)' font-size='10px'>1.0</text>
<line id='PCIBridge_5_line_3' class='PCIBridge' x1='1040' y1='227' x2='1064' y2='227' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_5_text_3' class='PCIBridge' font-family='Monospace' x='1043' y='240' fill='rgb(0,0,0)' font-size='10px'>1.0</text>
<line id='PCIBridge_5_line_1' class='PCIBridge' x1='1040' y1='165' x2='1040' y2='227' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCI_3_rect' class='PCI' x='1064' y='162' width='80' height='55' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_3_text' class='PCI' font-family='Monospace' x='1071' y='179' fill='rgb(0,0,0)' font-size='10px'>PCI 48:00.0</text>
<rect id='Net_1_rect' class='Net' x='1071' y='186' width='62' height='24' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Net_1_text' class='Net' font-family='Monospace' x='1078' y='203' fill='rgb(0,0,0)' font-size='10px'>Net eno1</text>
<rect id='PCI_4_rect' class='PCI' x='1064' y='224' width='80' height='55' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_4_text' class='PCI' font-family='Monospace' x='1071' y='241' fill='rgb(0,0,0)' font-size='10px'>PCI 48:00.1</text>
<rect id='Net_2_rect' class='Net' x='1071' y='248' width='62' height='24' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Net_2_text' class='Net' font-family='Monospace' x='1078' y='265' fill='rgb(0,0,0)' font-size='10px'>Net eno2</text>
<rect id='PCI_1_rect' class='PCI' x='1064' y='100' width='106' height='69' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_1_text' class='PCI' font-family='Monospace' x='1071' y='117' fill='rgb(0,0,0)' font-size='10px'>PCI 42:00.0</text>
<rect id='Block_1_rect' class='Block' x='1071' y='124' width='92' height='38' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Block_1_text' class='Block' font-family='Monospace' x='1078' y='141' fill='rgb(0,0,0)' font-size='10px'>Block nvme1n1</text>
<text id='Block_1_text_1' class='Block' font-family='Monospace' x='1078' y='155' fill='rgb(0,0,0)' font-size='10px'>3726 GB</text>
<rect id='PCIBridge_3_rect' class='PCIBridge' x='1026' y='176' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_3_line' class='PCIBridge' x1='1033' y1='179' x2='1040' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_3_line_2' class='PCIBridge' x1='1040' y1='179' x2='1064' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_3_text_2' class='PCIBridge' font-family='Monospace' x='1043' y='192' fill='rgb(0,0,0)' font-size='10px'>0.2</text>
<line id='PCIBridge_3_line_1' class='PCIBridge' x1='1040' y1='179' x2='1040' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCIBridge_4_rect' class='PCIBridge' x='1064' y='176' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_4_line' class='PCIBridge' x1='1071' y1='179' x2='1078' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_4_line_2' class='PCIBridge' x1='1078' y1='179' x2='1102' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_4_line_1' class='PCIBridge' x1='1078' y1='179' x2='1078' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCI_2_rect' class='PCI' x='1102' y='176' width='80' height='24' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_2_text' class='PCI' font-family='Monospace' x='1109' y='193' fill='rgb(0,0,0)' font-size='10px'>PCI 45:00.0</text>
<rect id='PCIBridge_5_rect' class='PCIBridge' x='1026' y='207' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_5_line' class='PCIBridge' x1='1033' y1='210' x2='1040' y2='210' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_5_line_2' class='PCIBridge' x1='1040' y1='210' x2='1064' y2='210' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_5_text_2' class='PCIBridge' font-family='Monospace' x='1043' y='223' fill='rgb(0,0,0)' font-size='10px'>1.0</text>
<line id='PCIBridge_5_line_3' class='PCIBridge' x1='1040' y1='272' x2='1064' y2='272' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_5_text_3' class='PCIBridge' font-family='Monospace' x='1043' y='285' fill='rgb(0,0,0)' font-size='10px'>1.0</text>
<line id='PCIBridge_5_line_1' class='PCIBridge' x1='1040' y1='210' x2='1040' y2='272' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCI_3_rect' class='PCI' x='1064' y='207' width='94' height='55' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_3_text' class='PCI' font-family='Monospace' x='1071' y='224' fill='rgb(0,0,0)' font-size='10px'>PCI 47:00.0</text>
<rect id='Net_2_rect' class='Net' x='1071' y='231' width='80' height='24' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Net_2_text' class='Net' font-family='Monospace' x='1078' y='248' fill='rgb(0,0,0)' font-size='10px'>Net nat-lan</text>
<rect id='PCI_4_rect' class='PCI' x='1064' y='269' width='80' height='55' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_4_text' class='PCI' font-family='Monospace' x='1071' y='286' fill='rgb(0,0,0)' font-size='10px'>PCI 47:00.1</text>
<rect id='Net_3_rect' class='Net' x='1071' y='293' width='56' height='24' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Net_3_text' class='Net' font-family='Monospace' x='1078' y='310' fill='rgb(0,0,0)' font-size='10px'>Net wan</text>
<rect id='Misc_0_rect' class='Misc' x='1189' y='24' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_0_text' class='Misc' font-family='Monospace' x='1196' y='41' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_1_rect' class='Misc' x='1282' y='24' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_1_text' class='Misc' font-family='Monospace' x='1289' y='41' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_2_rect' class='Misc' x='988' y='286' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_2_text' class='Misc' font-family='Monospace' x='995' y='303' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_3_rect' class='Misc' x='1081' y='286' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_3_text' class='Misc' font-family='Monospace' x='1088' y='303' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_4_rect' class='Misc' x='1174' y='286' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_4_text' class='Misc' font-family='Monospace' x='1181' y='303' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_5_rect' class='Misc' x='988' y='317' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_5_text' class='Misc' font-family='Monospace' x='995' y='334' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_6_rect' class='Misc' x='1081' y='317' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_6_text' class='Misc' font-family='Monospace' x='1088' y='334' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_7_rect' class='Misc' x='1174' y='317' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_7_text' class='Misc' font-family='Monospace' x='1181' y='334' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='anon_rect' x='0' y='348' width='1375' height='38' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='anon_text' font-family='Monospace' x='7' y='365' fill='rgb(0,0,0)' font-size='10px'>Host: epyc</text>
<text id='anon_text_1' font-family='Monospace' x='7' y='379' fill='rgb(0,0,0)' font-size='10px'>Date: Mon 05 Jun 2023 03:19:33 PM UTC</text>
<rect id='Misc_2_rect' class='Misc' x='988' y='331' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_2_text' class='Misc' font-family='Monospace' x='995' y='348' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_3_rect' class='Misc' x='1081' y='331' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_3_text' class='Misc' font-family='Monospace' x='1088' y='348' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_4_rect' class='Misc' x='1174' y='331' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_4_text' class='Misc' font-family='Monospace' x='1181' y='348' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_5_rect' class='Misc' x='988' y='362' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_5_text' class='Misc' font-family='Monospace' x='995' y='379' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_6_rect' class='Misc' x='1081' y='362' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_6_text' class='Misc' font-family='Monospace' x='1088' y='379' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_7_rect' class='Misc' x='1174' y='362' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_7_text' class='Misc' font-family='Monospace' x='1181' y='379' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='anon_rect' x='0' y='393' width='1375' height='38' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='anon_text' font-family='Monospace' x='7' y='410' fill='rgb(0,0,0)' font-size='10px'>Host: epyc</text>
<text id='anon_text_1' font-family='Monospace' x='7' y='424' fill='rgb(0,0,0)' font-size='10px'>Date: Mon 04 Mar 2024 12:28:26 AM UTC</text>
</svg>

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 29 KiB

After

Width:  |  Height:  |  Size: 30 KiB

94
docs/epyc.md
View file

@ -1,20 +1,25 @@
# epyc
```
System: Host: epyc Kernel: 6.1.31 x86_64 bits: 64 compiler: gcc v: 12.2.0
parameters: initrd=\efi\nixos\11cjvasd1nh1dk783alsa14v4w00d467-initrd-linux-6.1.31-initrd.efi
init=/nix/store/9lnrp5ryf7gh3j94q8xn39zyl21kaw9f-nixos-system-epyc-23.05.419.3a70dd92993/init
System: Host: epyc Kernel: 6.7.7 x86_64 bits: 64 compiler: gcc v: 12.3.0
parameters: initrd=\efi\nixos\48dkb2vcxwmxxfk7wpl0qx884ibz5gk5-initrd-linux-6.7.7-initrd.efi
init=/nix/store/vz6r23gya5q3b8lr1yiadkv6h5lcjmmz-nixos-system-epyc-23.11pre-git/init
console=tty0 console=ttyS0,115200 pci=realloc console=ttyS1,115200n8 console=tty1
loglevel=4
Console: N/A Distro: NixOS 23.05 (Stoat)
Console: N/A Distro: NixOS 23.11 (Tapir)
Machine: Type: Server System: Supermicro product: Super Server v: 0123456789 serial: 0123456789
Chassis: type: 17 v: 0123456789 serial: 0123456789
Mobo: Supermicro model: H12SSL-i v: 1.01 serial: WM21AS601818 UEFI: American Megatrends
v: 2.4 date: 04/14/2022
Memory: RAM: total: 125.64 GiB used: 2.32 GiB (1.8%)
Memory: RAM: total: 251.54 GiB used: 4.56 GiB (1.8%)
Array-1: capacity: 4 TiB note: check slots: 8 EC: Multi-bit ECC
max-module-size: 512 GiB note: est.
Device-1: DIMMA1 size: No Module Installed
Device-2: DIMMB1 size: No Module Installed
Device-1: DIMMA1 size: 64 GiB speed: 3200 MT/s type: DDR4
detail: synchronous registered (buffered) bus-width: 64 bits total: 72 bits
manufacturer: Samsung part-no: M393A8G40AB2-CWE serial: H0S100013847D8748B
Device-2: DIMMB1 size: 64 GiB speed: 3200 MT/s type: DDR4
detail: synchronous registered (buffered) bus-width: 64 bits total: 72 bits
manufacturer: Samsung part-no: M393A8G40AB2-CWE serial: H0MK00013847D79D40
Device-3: DIMMC1 size: 64 GiB speed: 3200 MT/s type: DDR4
detail: synchronous registered (buffered) bus-width: 64 bits total: 72 bits
manufacturer: Samsung part-no: M393A8G40AB2-CWE serial: Y10R120249249E38E1
@ -27,7 +32,7 @@ Memory: RAM: total: 125.64 GiB used: 2.32 GiB (1.8%)
Device-8: DIMMH1 size: No Module Installed
PCI Slots: Slot: 1 type: x16 PCI Express 4 x16 CPU SLOT1 PCI-E 4.0 X16 status: Available
length: Long
Slot: 2 type: x8 PCI Express 4 x8 CPU SLOT2 PCI-E 4.0 X8 status: In Use length: Long
Slot: 2 type: x8 PCI Express 4 x8 CPU SLOT2 PCI-E 4.0 X8 status: Available length: Long
Slot: 3 type: x16 PCI Express 4 x16 CPU SLOT3 PCI-E 4.0 X16 status: Available
length: Long
Slot: 4 type: x8 PCI Express 4 x8 CPU SLOT4 PCI-E 4.0 X8 status: Available length: Long
@ -40,16 +45,16 @@ PCI Slots: Slot: 1 type: x16 PCI Express 4 x16 CPU SLOT1 PCI-E 4.0 X16 status: A
Slot: N/A type: x4 M.2 Socket 3 PCI-E M.2-M1 status: Available length: Short
Slot: N/A type: x4 M.2 Socket 3 PCI-E M.2-M2 status: Available length: Short
CPU: Info: 64-Core model: AMD EPYC 7763 socket: SP3 bits: 64 type: MT MCP arch: Zen 3
family: 19 (25) model-id: 1 stepping: 1 microcode: A0011CE cache: L1: 4 MiB L2: 32 MiB
family: 19 (25) model-id: 1 stepping: 1 microcode: A0011D3 cache: L1: 4 MiB L2: 32 MiB
L3: 256 MiB
flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm bogomips: 627203
flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm bogomips: 627200
Speed: 2450 MHz min/max: 1500/2450 MHz base/boost: 2450/3525 boost: enabled
volts: 1.1 V ext-clock: 100 MHz Core speeds (MHz): 1: 2450 2: 2450 3: 2450 4: 2450
5: 2450 6: 2450 7: 2450 8: 2450 9: 2450 10: 2450 11: 2450 12: 2450 13: 2450 14: 2450
15: 2450 16: 2450 17: 2450 18: 2450 19: 2450 20: 2450 21: 1799 22: 2450 23: 2450
15: 2450 16: 2450 17: 2450 18: 2450 19: 2450 20: 2450 21: 2450 22: 2450 23: 2450
24: 2450 25: 2450 26: 2450 27: 2450 28: 2450 29: 2450 30: 2450 31: 2450 32: 2450
33: 2450 34: 2450 35: 2450 36: 2450 37: 2450 38: 2450 39: 2450 40: 2450 41: 2450
42: 2450 43: 2450 44: 3525 45: 2450 46: 2450 47: 2450 48: 2450 49: 2450 50: 2450
42: 2450 43: 2450 44: 2450 45: 3525 46: 2450 47: 2450 48: 2450 49: 2450 50: 2450
51: 2450 52: 2450 53: 2450 54: 2450 55: 2450 56: 2450 57: 2450 58: 2450 59: 2450
60: 2450 61: 2450 62: 2450 63: 2450 64: 2450 65: 2450 66: 2450 67: 2450 68: 2450
69: 2450 70: 2450 71: 2450 72: 2450 73: 2450 74: 2450 75: 2450 76: 2450 77: 2450
@ -57,14 +62,16 @@ CPU: Info: 64-Core model: AMD EPYC 7763 socket: SP3 bits: 64 type: MT MCP
87: 2450 88: 2450 89: 2450 90: 2450 91: 2450 92: 2450 93: 2450 94: 2450 95: 2450
96: 2450 97: 2450 98: 2450 99: 2450 100: 2450 101: 2450 102: 2450 103: 2450 104: 2450
105: 2450 106: 2450 107: 2450 108: 2450 109: 2450 110: 2450 111: 2450 112: 2450
113: 2450 114: 2450 115: 2450 116: 2450 117: 2450 118: 1799 119: 2450 120: 2450
113: 2450 114: 2450 115: 2450 116: 2450 117: 2450 118: 2450 119: 2450 120: 2450
121: 2450 122: 2450 123: 2450 124: 2450 125: 2450 126: 2450 127: 2450 128: 2450
Vulnerabilities: Type: itlb_multihit status: Not affected
Vulnerabilities: Type: gather_data_sampling status: Not affected
Type: itlb_multihit status: Not affected
Type: l1tf status: Not affected
Type: mds status: Not affected
Type: meltdown status: Not affected
Type: mmio_stale_data status: Not affected
Type: retbleed status: Not affected
Type: spec_rstack_overflow mitigation: Safe RET
Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl
Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization
Type: spectre_v2 mitigation: Retpolines, IBPB: conditional, IBRS_FW, STIBP: always-on,
@ -72,50 +79,47 @@ CPU: Info: 64-Core model: AMD EPYC 7763 socket: SP3 bits: 64 type: MT MCP
Type: srbds status: Not affected
Type: tsx_async_abort status: Not affected
Graphics: Device-1: ASPEED Graphics Family vendor: Super Micro H12SSL-i driver: ast v: kernel
bus-ID: 46:00.0 chip-ID: 1a03:2000 class-ID: 0300
bus-ID: 45:00.0 chip-ID: 1a03:2000 class-ID: 0300
Display: server: No display server data found. Headless machine? tty: N/A
Message: Advanced graphics data unavailable in console for root.
Audio: Message: No device data found.
Network: Device-1: Intel 82599ES 10-Gigabit SFI/SFP+ Network driver: N/A modules: ixgbe
port: 1000 bus-ID: 43:00.0 chip-ID: 8086:10fb class-ID: 0200
Network: Device-1: Broadcom NetXtreme BCM5720 Gigabit Ethernet PCIe vendor: Super Micro H12SSL-i
driver: tg3 v: kernel port: N/A bus-ID: 47:00.0 chip-ID: 14e4:165f class-ID: 0200
IF: nat-lan state: up speed: 1000 Mbps duplex: full mac: 3c:ec:ef:7e:bd:c8
IP v4: 10.32.65.13/20 type: dynamic scope: global
IP v6: fe80::3eec:efff:fe7e:bdc8/64 virtual: proto kernel_ll scope: link
Device-2: Broadcom NetXtreme BCM5720 Gigabit Ethernet PCIe vendor: Super Micro H12SSL-i
driver: tg3 v: kernel port: 2000 bus-ID: 48:00.0 chip-ID: 14e4:165f class-ID: 0200
IF: eno1 state: up speed: 1000 Mbps duplex: full mac: 3c:ec:ef:7e:bd:c8
IP v4: 10.32.65.13/20 type: dynamic noprefixroute scope: global broadcast: 10.32.79.255
IP v6: fe80::3eec:efff:fe7e:bdc8/64 scope: link
Device-3: Broadcom NetXtreme BCM5720 Gigabit Ethernet PCIe vendor: Super Micro H12SSL-i
driver: tg3 v: kernel port: 2000 bus-ID: 48:00.1 chip-ID: 14e4:165f class-ID: 0200
IF: eno2 state: up speed: 1000 Mbps duplex: full mac: 3c:ec:ef:7e:bd:c9
IP v4: 169.254.249.6/16 type: noprefixroute scope: global broadcast: 169.254.255.255
IP v6: 2001:470:ca5e:dee:587c:7a50:f36c:cae8/64 type: temporary dynamic scope: global
IP v6: 2001:470:ca5e:dee:3eec:efff:fe7e:bdc9/64 type: dynamic mngtmpaddr noprefixroute
scope: global
IP v6: fe80::3eec:efff:fe7e:bdc9/64 scope: link
IF-ID-1: enp74s0f3u1u2c2 state: unknown speed: -1 duplex: half mac: be:3a:f2:b6:05:9f
IP v4: 169.254.3.1/24 type: dynamic noprefixroute scope: global
broadcast: 169.254.3.255
IP v6: fe80::bc3a:f2ff:feb6:59f/64 scope: link
driver: tg3 v: kernel port: N/A bus-ID: 47:00.1 chip-ID: 14e4:165f class-ID: 0200
IF: wan state: up speed: 1000 Mbps duplex: full mac: 3c:ec:ef:7e:bd:c9
IP v6: 2001:bc8:38ee:100::500/128 scope: global
IP v6: fe80::3eec:efff:fe7e:bdc9/64 virtual: proto kernel_ll scope: link
IF-ID-1: enp73s0f3u1u2c2 state: down mac: be:3a:f2:b6:05:9f
WAN IP: 82.65.118.1
Bluetooth: Device-1: Insyde RNDIS/Ethernet Gadget type: USB driver: rndis_host v: kernel
bus-ID: 7-1.2:4 chip-ID: 0b1f:03ee class-ID: 0a00
Report: This feature requires one of these tools: hciconfig/bt-adapter
Drives: Local Storage: total: 6.19 TiB used: 2.08 GiB (0.0%)
ID-1: /dev/nvme0n1 maj-min: 259:1 vendor: Samsung model: MZWLJ7T6HALA-00AU3
Drives: Local Storage: total: 9.82 TiB used: 1.06 TiB (10.7%)
ID-1: /dev/nvme0n1 maj-min: 259:2 vendor: Samsung model: MZWLJ7T6HALA-00AU3
size: 6.19 TiB block-size: physical: 512 B logical: 512 B rotation: SSD
serial: S5RTNG0T110589 rev: EPK96R5Q temp: 44 Celsius C scheme: GPT
SMART: yes health: PASSED on: 24 hrs cycles: 44 read-units: 1,449,016 [741 GB]
written-units: 13,364,537 [6.84 TB]
Partition: ID-1: / raw-size: 6.18 TiB size: 6.18 TiB (100.00%) used: 2.04 GiB (0.0%) fs: btrfs
serial: S5RTNG0T110589 rev: EPK96R5Q temp: 40 Celsius C scheme: GPT
SMART: yes health: PASSED on: 273d 5h cycles: 113 read-units: 192,543,495 [98.5 TB]
written-units: 258,494,659 [132 TB]
ID-2: /dev/nvme1n1 maj-min: 259:0 vendor: Intel model: SSDPE2KX040T8 size: 3.64 TiB
block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s lanes: 4 rotation: SSD
serial: PHLJ940301WZ4P0DGN rev: VDV10131 temp: 33 Celsius C
SMART: yes health: PASSED on: 2y 188d 9h cycles: 36 read-units: 9,478,214,631 [4.85 PB]
written-units: 9,225,614,032 [4.72 PB]
Partition: ID-1: / raw-size: 6.18 TiB size: 6.18 TiB (100.00%) used: 1.06 TiB (17.1%) fs: btrfs
block-size: 4096 B dev: /dev/dm-0 maj-min: 254:0 mapped: nixroot
ID-2: /boot raw-size: 1023 MiB size: 1021 MiB (99.80%) used: 37 MiB (3.6%) fs: vfat
block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:2
ID-2: /boot raw-size: 1023 MiB size: 1021 MiB (99.80%) used: 23.9 MiB (2.3%) fs: vfat
block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:3
Swap: Kernel: swappiness: 60 (default) cache-pressure: 100 (default)
ID-1: swap-1 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -2
dev: /dev/nvme0n1p2 maj-min: 259:3
dev: /dev/nvme0n1p2 maj-min: 259:4
Sensors: Message: No ipmi sensor data found.
Message: No sensor data found. Is lm-sensors configured?
Info: Processes: 1010 Uptime: 20h 25m wakeups: 0 Init: systemd v: 253
target: multi-user.target tool: systemctl Compilers: gcc: 12.2.0 Packages:
nix-default: 0 nix-sys: 268 lib: 47 nix-usr: 0 Client: Sudo v: 1.9.13p3 inxi: 3.3.04
Info: Processes: 1226 Uptime: N/A wakeups: 0 Init: systemd v: 254 target: multi-user.target
tool: systemctl Compilers: gcc: 12.3.0 Packages: nix-default: 0 nix-sys: 415 lib: 65
nix-usr: 0 Client: Sudo v: 1.9.15p2 inxi: 3.3.04
```
![hardware topology](epyc.lstopo.svg)

384
flake.lock
View file

@ -6,14 +6,15 @@
"home-manager": "home-manager",
"nixpkgs": [
"nixpkgs"
]
],
"systems": "systems"
},
"locked": {
"lastModified": 1684153753,
"narHash": "sha256-PVbWt3qrjYAK+T5KplFcO+h7aZWfEj1UtyoKlvcDxh0=",
"lastModified": 1718371084,
"narHash": "sha256-abpBi61mg0g+lFFU0zY4C6oP6fBwPzbHPKBGw676xsA=",
"owner": "ryantm",
"repo": "agenix",
"rev": "db5637d10f797bb251b94ef9040b237f4702cde3",
"rev": "3a56735779db467538fb2e577eda28a9daacaca6",
"type": "github"
},
"original": {
@ -22,21 +23,43 @@
"type": "github"
}
},
"colmena": {
"attic": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs",
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1717279440,
"narHash": "sha256-kH04ReTjxOpQumgWnqy40vvQLSnLGxWP6RF3nq5Esrk=",
"owner": "zhaofengli",
"repo": "attic",
"rev": "717cc95983cdc357bc347d70be20ced21f935843",
"type": "github"
},
"original": {
"owner": "zhaofengli",
"repo": "attic",
"type": "github"
}
},
"colmena": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-utils": "flake-utils_2",
"nixpkgs": [
"nixpkgs"
],
"stable": "stable"
},
"locked": {
"lastModified": 1685163780,
"narHash": "sha256-tMwseHtEFDpO3WKeZKWqrKRAZI6TiEULidxEbzicuFg=",
"lastModified": 1711386353,
"narHash": "sha256-gWEpb8Hybnoqb4O4tmpohGZk6+aerAbJpywKcFIiMlg=",
"owner": "zhaofengli",
"repo": "colmena",
"rev": "c61bebae1dc1d57237577080b1ca1e37a3fbcebf",
"rev": "cd65ef7a25cdc75052fbd04b120aeb066c3881db",
"type": "github"
},
"original": {
@ -45,6 +68,27 @@
"type": "github"
}
},
"crane": {
"inputs": {
"nixpkgs": [
"attic",
"nixpkgs"
]
},
"locked": {
"lastModified": 1717025063,
"narHash": "sha256-dIubLa56W9sNNz0e8jGxrX3CAkPXsq7snuFA/Ie6dn8=",
"owner": "ipetkov",
"repo": "crane",
"rev": "480dff0be03dac0e51a8dfc26e882b0d123a450e",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
@ -53,11 +97,11 @@
]
},
"locked": {
"lastModified": 1673295039,
"narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=",
"lastModified": 1700795494,
"narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "87b9d090ad39b25b2400029c64825fc2a8868943",
"rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
"type": "github"
},
"original": {
@ -74,11 +118,11 @@
]
},
"locked": {
"lastModified": 1685970051,
"narHash": "sha256-F5ZxBD2DeNd+Q0dDKYBhv76kfjVG/X0ccXjSKpa8KdI=",
"lastModified": 1718846788,
"narHash": "sha256-9dtXYtEkmXoUJV+PGLqscqF7qTn4AIhAKpFWRFU2NYs=",
"owner": "nix-community",
"repo": "disko",
"rev": "29d632d7e8fa86f937153ecdfd7d768411001d2d",
"rev": "e1174d991944a01eaaa04bc59c6281edca4c0e6e",
"type": "github"
},
"original": {
@ -88,6 +132,22 @@
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1650374568,
@ -103,6 +163,22 @@
"type": "github"
}
},
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
@ -110,11 +186,11 @@
]
},
"locked": {
"lastModified": 1685662779,
"narHash": "sha256-cKDDciXGpMEjP1n6HlzKinN0H+oLmNpgeCTzYnsA2po=",
"lastModified": 1717285511,
"narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "71fb97f0d875fd4de4994dfb849f2c75e17eb6c3",
"rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8",
"type": "github"
},
"original": {
@ -123,23 +199,22 @@
"type": "github"
}
},
"flake-registry": {
"flake": false,
"locked": {
"lastModified": 1682423975,
"narHash": "sha256-zvOBrH3hwCedgpaWiOSHYSt+fgF/RhaJs8R5qOX6AYc=",
"owner": "NixOS",
"repo": "flake-registry",
"rev": "8054bfa00d60437297d670ab3296a117e7059a10",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "flake-registry",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
@ -154,6 +229,39 @@
"type": "github"
}
},
"flake-utils_3": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flakey-profile": {
"locked": {
"lastModified": 1712898590,
"narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=",
"owner": "lf-",
"repo": "flakey-profile",
"rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d",
"type": "github"
},
"original": {
"owner": "lf-",
"repo": "flakey-profile",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@ -162,11 +270,11 @@
]
},
"locked": {
"lastModified": 1682203081,
"narHash": "sha256-kRL4ejWDhi0zph/FpebFYhzqlOBrk0Pl3dzGEKSAlEw=",
"lastModified": 1703113217,
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "32d3e39c491e2f91152c84f8ad8b003420eab0a1",
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
"type": "github"
},
"original": {
@ -182,27 +290,92 @@
]
},
"locked": {
"lastModified": 1667907331,
"narHash": "sha256-bHkAwkYlBjkupPUFcQjimNS8gxWSWjOTevEuwdnp5m0=",
"lastModified": 1718530513,
"narHash": "sha256-BmO8d0r+BVlwWtMLQEYnwmngqdXIuyFzMwvmTcLMee8=",
"owner": "rycee",
"repo": "home-manager",
"rev": "6639e3a837fc5deb6f99554072789724997bc8e5",
"rev": "a1fddf0967c33754271761d91a3d921772b30d0e",
"type": "github"
},
"original": {
"owner": "rycee",
"ref": "release-22.05",
"ref": "release-24.05",
"repo": "home-manager",
"type": "github"
}
},
"lix": {
"inputs": {
"flake-compat": "flake-compat_3",
"nix2container": "nix2container",
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-regression": "nixpkgs-regression",
"pre-commit-hooks": "pre-commit-hooks"
},
"locked": {
"lastModified": 1729296222,
"narHash": "sha256-fwJyGrkTemR1SwkAPXfxlY0RYCxy34NedmR35amytCc=",
"ref": "refs/heads/main",
"rev": "60578b4d7d0dfc296c61cae963b6b2763422788e",
"revCount": 16362,
"type": "git",
"url": "https://git.lix.systems/lix-project/lix.git"
},
"original": {
"ref": "refs/heads/main",
"rev": "60578b4d7d0dfc296c61cae963b6b2763422788e",
"type": "git",
"url": "https://git.lix.systems/lix-project/lix.git"
}
},
"lix-module": {
"inputs": {
"flake-utils": "flake-utils_3",
"flakey-profile": "flakey-profile",
"lix": [
"lix"
],
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1727752861,
"narHash": "sha256-jowmo2aEzrEpPSM96IWtajuogdJm7DjAWxFTEb7Ct0s=",
"rev": "fd186f535a4ac7ae35d98c1dd5d79f0a81b7976d",
"type": "tarball",
"url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/fd186f535a4ac7ae35d98c1dd5d79f0a81b7976d.tar.gz?rev=fd186f535a4ac7ae35d98c1dd5d79f0a81b7976d"
},
"original": {
"type": "tarball",
"url": "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz"
}
},
"nix2container": {
"flake": false,
"locked": {
"lastModified": 1724996935,
"narHash": "sha256-njRK9vvZ1JJsP8oV2OgkBrpJhgQezI03S7gzskCcHos=",
"owner": "nlewo",
"repo": "nix2container",
"rev": "fa6bb0a1159f55d071ba99331355955ae30b3401",
"type": "github"
},
"original": {
"owner": "nlewo",
"repo": "nix2container",
"type": "github"
}
},
"nixos-hardware": {
"locked": {
"lastModified": 1684899633,
"narHash": "sha256-NtwerXX8UFsoNy6k+DukJMriWtEjQtMU/Urbff2O2Dg=",
"lastModified": 1719069430,
"narHash": "sha256-d9KzCJv3UG6nX9Aur5OSEf4Uj+ywuxojhiCiRKYVzXA=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "4cc688ee711159b9bcb5a367be44007934e1a49d",
"rev": "e8232c132a95ddc62df9d404120ad4ff53862910",
"type": "github"
},
"original": {
@ -213,27 +386,59 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1685952468,
"narHash": "sha256-YCOr9kttCqoa9IZMjHxX6SlwenTg7FsSmG9TaT76mSE=",
"lastModified": 1711401922,
"narHash": "sha256-QoQqXoj8ClGo0sqD/qWKFWezgEwUL0SUh37/vY2jNhc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "70f7275b32f49bc67ae3532b758b80cb6c27f98a",
"rev": "07262b18b97000d16a4bdb003418bd2fb067a932",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-23.05",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"nixpkgs-regression": {
"locked": {
"lastModified": 1685938391,
"narHash": "sha256-96Jw6TbWDLSopt5jqCW8w1Fc1cjQyZlhfBnJ3OZGpME=",
"lastModified": 1643052045,
"narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "31cd1b4afbaf0b1e81272ee9c31d1ab606503aed",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1711460390,
"narHash": "sha256-akSgjDZL6pVHEfSE6sz1DNSXuYX6hq+P/1Z5IoYWs7E=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "44733514b72e732bd49f5511bd0203dea9b9a434",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1724932487,
"narHash": "sha256-zzbqHmY1mt21omyk1+14QbAkII1B7OHlwKLcczVq22w=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b4f7fb71438d00539b21f1b1e6968c0eac060127",
"type": "github"
},
"original": {
@ -245,11 +450,11 @@
},
"nur": {
"locked": {
"lastModified": 1685980073,
"narHash": "sha256-7BkreZ2cH488dR1XPcdlALj+2g+NvrZdG9ZhwRt0YFI=",
"lastModified": 1719099906,
"narHash": "sha256-xo1cNkVBW7NxTU5zMu0B7ZkismtkHfTRWfhBXbNnp9g=",
"owner": "nix-community",
"repo": "NUR",
"rev": "de817406e39c1f9be28fde1d62c1f1f0c91acb09",
"rev": "315cf1f8c5f5e92150d81ccafba7525c54327094",
"type": "github"
},
"original": {
@ -258,17 +463,34 @@
"type": "github"
}
},
"pre-commit-hooks": {
"flake": false,
"locked": {
"lastModified": 1726745158,
"narHash": "sha256-D5AegvGoEjt4rkKedmxlSEmC+nNLMBPWFxvmYnVLhjk=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "4e743a6920eab45e8ba0fbe49dc459f1423a4b74",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"root": {
"inputs": {
"agenix": "agenix",
"attic": "attic",
"colmena": "colmena",
"disko": "disko",
"flake-parts": "flake-parts",
"flake-registry": "flake-registry",
"home-manager": "home-manager_2",
"lix": "lix",
"lix-module": "lix-module",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs",
"nixpkgs-unstable": "nixpkgs-unstable",
"nixpkgs": "nixpkgs_2",
"nur": "nur",
"srvos": "srvos"
}
@ -280,34 +502,64 @@
]
},
"locked": {
"lastModified": 1685966850,
"narHash": "sha256-HaWNbihBIBATmSbuXLzA92C4858tNdS9Q5kRHJNagVo=",
"owner": "numtide",
"lastModified": 1724920817,
"narHash": "sha256-qWXS+4M9kHXxG1HgZuv+3gm3KQc1aPdBZUPnLLev8w0=",
"owner": "nix-community",
"repo": "srvos",
"rev": "4f22e6fcaf17c6313c2ecdc996760c3e4b14a623",
"rev": "977841b31ddbd3c919f56767a6f85d0615440759",
"type": "github"
},
"original": {
"owner": "numtide",
"owner": "nix-community",
"repo": "srvos",
"type": "github"
}
},
"stable": {
"locked": {
"lastModified": 1669735802,
"narHash": "sha256-qtG/o/i5ZWZLmXw108N2aPiVsxOcidpHJYNkT45ry9Q=",
"lastModified": 1696039360,
"narHash": "sha256-g7nIUV4uq1TOVeVIDEZLb005suTWCUjSY0zYOlSBsyE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "731cc710aeebecbf45a258e977e8b68350549522",
"rev": "32dcb45f66c0487e92db8303a798ebc548cadedc",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-22.11",
"ref": "nixos-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",

155
flake.nix
View file

@ -1,29 +1,28 @@
{
description = "NixOS configuration with flakes";
nixConfig.extra-substituters = [
"https://newtype.cachix.org"
];
nixConfig.extra-trusted-public-keys = [
"newtype.cachix.org-1:Gd5G2EVFNJslfR3PxA2+JY7mHT6MwVJ6biv5Cg47SD0="
];
# To update all inputs:
# $ nix flake update --recreate-lock-file
inputs = {
lix.url = "git+https://git.lix.systems/lix-project/lix.git?ref=refs/heads/main&rev=60578b4d7d0dfc296c61cae963b6b2763422788e";
lix.inputs.nixpkgs.follows = "nixpkgs";
lix-module.url = "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz";
lix-module.inputs.nixpkgs.follows = "nixpkgs";
lix-module.inputs.lix.follows = "lix";
disko.url = "github:nix-community/disko";
disko.inputs.nixpkgs.follows = "nixpkgs";
flake-parts.url = "github:hercules-ci/flake-parts";
flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs";
nixpkgs.url = "github:NixOS/nixpkgs/release-23.05";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
nixos-hardware.url = "github:NixOS/nixos-hardware";
nur.url = "github:nix-community/NUR";
home-manager.url = "github:rycee/home-manager/release-22.05";
home-manager.url = "github:rycee/home-manager/release-24.05";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
agenix.url = "github:ryantm/agenix";
@ -32,77 +31,103 @@
colmena.url = "github:zhaofengli/colmena";
colmena.inputs.nixpkgs.follows = "nixpkgs";
srvos.url = "github:numtide/srvos";
attic.url = "github:zhaofengli/attic";
srvos.url = "github:nix-community/srvos";
# actually not used when using the modules but than nothing ever will try to fetch this nixpkgs variant
srvos.inputs.nixpkgs.follows = "nixpkgs";
flake-registry.url = "github:NixOS/flake-registry";
flake-registry.flake = false;
# Ryan's experimental hypervisor based on cloud-hypervisor
# Private repository, you need a valid SSH key to access it
# nixos-hypervisor.url = "git+ssh://gitea@git.newtype.fr/newtype/nixos-hypervisor?ref=main";
# nixos-hypervisor.inputs.nixpkgs.follows = "nixpkgs";
};
outputs =
{ flake-parts
, ...
} @ inputs:
(flake-parts.lib.evalFlakeModule
{ inherit inputs; }
({ self, inputs, ... }: {
systems = [ "x86_64-linux" "aarch64-linux" "aarch64-darwin" ];
{
flake-parts,
...
}@inputs:
(flake-parts.lib.evalFlakeModule { inherit inputs; } (
{ self, inputs, ... }:
{
systems = [
"x86_64-linux"
"aarch64-linux"
"aarch64-darwin"
];
imports = [
./configurations.nix
# ./modules/monitoring/flake-module.nix
# ./pkgs/flake-module.nix
# ./templates
];
perSystem = { self', pkgs, ... }: {
devShells.default = pkgs.mkShellNoCC {
buildInputs = [
pkgs.ipmitool
pkgs.colmena
pkgs.python3.pkgs.invoke
#Until nixos-anywhere is packaged
pkgs.python3.pkgs.deploykit
pkgs.mypy
pkgs.pixiecore
pkgs.dnsmasq
pkgs.python3.pkgs.netaddr
pkgs.qemu_kvm
pkgs.openssh
pkgs.gitMinimal # for git flakes
pkgs.rsync
pkgs.nix
pkgs.coreutils
pkgs.curl # when uploading tarballs
pkgs.gnugrep
pkgs.findutils
pkgs.gnused # needed by ssh-copy-id
# sops dependencies
pkgs.age
pkgs.yq-go
] ++ pkgs.lib.optional (pkgs.stdenv.isLinux) pkgs.mkpasswd;
};
packages = {
# netboot = pkgs.callPackage ./modules/netboot/netboot.nix {
# # this nixosSystem is built for x86_64 machines regardless of the host machine
# pkgs = inputs.nixpkgs.legacyPackages.x86_64-linux;
# inherit (inputs.nixpkgs.lib) nixosSystem;
# extraModules = [
# self.inputs.nur.nixosModules.nur
# { _module.args.inputs = self.inputs; }
# ];
# };
# provide debug, allSystems, currentSystem in the resulting flake
debug = true;
# netboot-pixie-core = pkgs.callPackage ./modules/netboot/netboot-pixie-core.nix {
# inherit (self'.packages) netboot;
# };
perSystem =
{ self', pkgs, system, ... }:
{
# apply the lix overlay to banish CppNix
_module.args.pkgs = import inputs.nixpkgs {
inherit system;
overlays = [ inputs.lix-module.overlays.default ];
};
devShells.default = pkgs.mkShellNoCC {
buildInputs = [
pkgs.ipmitool
pkgs.colmena
pkgs.python3.pkgs.invoke
#Until nixos-anywhere is packaged
pkgs.python3.pkgs.deploykit
pkgs.mypy
pkgs.pixiecore
pkgs.dnsmasq
pkgs.python3.pkgs.netaddr
pkgs.qemu_kvm
pkgs.openssh
pkgs.gitMinimal # for git flakes
pkgs.rsync
pkgs.nix
pkgs.coreutils
pkgs.curl # when uploading tarballs
pkgs.gnugrep
pkgs.findutils
pkgs.gnused # needed by ssh-copy-id
# sops dependencies
pkgs.age
pkgs.yq-go
] ++ pkgs.lib.optional (pkgs.stdenv.isLinux) pkgs.mkpasswd;
};
packages = {
# netboot = pkgs.callPackage ./modules/netboot/netboot.nix {
# # this nixosSystem is built for x86_64 machines regardless of the host machine
# pkgs = inputs.nixpkgs.legacyPackages.x86_64-linux;
# inherit (inputs.nixpkgs.lib) nixosSystem;
# extraModules = [
# self.inputs.nur.nixosModules.nur
# { _module.args.inputs = self.inputs; }
# ];
# };
# netboot-pixie-core = pkgs.callPackage ./modules/netboot/netboot-pixie-core.nix {
# inherit (self'.packages) netboot;
# };
};
};
};
flake = {
hydraJobs = inputs.nixpkgs.lib.mapAttrs' (name: config: inputs.nixpkgs.lib.nameValuePair "nixos-${name}" config.config.system.build.toplevel) self.nixosConfigurations // {
devShells = self.devShells.x86_64-linux.default;
};
hydraJobs =
inputs.nixpkgs.lib.mapAttrs' (
name: config: inputs.nixpkgs.lib.nameValuePair "nixos-${name}" config.config.system.build.toplevel
) self.nixosConfigurations
// {
devShells = self.devShells.x86_64-linux.default;
};
};
})).config.flake;
}
)).config.flake;
}

37
hosts/epyc.nix
View file

@ -1,13 +1,50 @@
{ inputs, lib, pkgs, ... }:
let
gcc-system-features = arch: lib.optionals (arch != null) ([ "gccarch-${arch}" ]
++ map (x: "gccarch-${x}") lib.systems.architectures.inferiors.${arch});
in
{
imports = [
../modules/ipmi-supermicro.nix
../modules/hardware/supermicro-H12SSL-i.nix
../modules/iperf-server.nix
../modules/hypervisor.nix
../modules/android-cache.nix
../modules/garage.nix
../modules/users/friends.nix
../modules/bagel-container.nix
../modules/lix-bug-details-pls
];
# Include debuginfo for Lix
environment.systemPackages = [
pkgs.lix.debug
pkgs.lix.passthru.capnproto-lix.debug
];
environment.pathsToLink = [
"/lib/debug"
];
networking.hostName = "epyc";
security.acme.acceptTerms = true;
security.acme.defaults.email = "epyc@lahfa.xyz";
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.kernelPackages = pkgs.linuxPackages_latest;
# Open public access to our PostgreSQL.
services.postgresql.enable = true;
services.postgresql.enableTCPIP = true;
services.postgresql.authentication = ''
host hydra-nixos-org hydra_ro ::/0 trust
'';
networking.firewall.allowedTCPPorts = [ 5432 ];
boot.binfmt.emulatedSystems = [ "riscv64-linux" "aarch64-linux" ];
simd.arch = "znver3";
system.stateVersion = "23.05";
}

14
modules/android-cache.nix Normal file
View file

@ -0,0 +1,14 @@
{ lib, ... }:
let
mirrors = {
# "https://android.googlesource.com" = "/mnt/aospaosp/mirror";
# "https://github.com/LineageOS" = "/var/lib/src/lineageos/LineageOS";
# "https://github.com/TheMuppets" = "/var/lib/src/themuppets/TheMuppets";
};
in
{
nix.envVars.ROBOTNIX_GIT_MIRRORS = lib.concatStringsSep "|" (lib.mapAttrsToList (local: remote: "${local}=${remote}") mirrors);
# Also add local mirrors to nix sandbox exceptions
nix.sandboxPaths = lib.attrValues mirrors;
}

8
modules/auto-upgrade.nix
View file

@ -1,7 +1,9 @@
{ pkgs, ... }: {
system.autoUpgrade.enable = true;
system.autoUpgrade.flake = "git:git.newtype.fr/newtype/newtype-org-configurations";
system.autoUpgrade.flags = [ "--option" "accept-flake-config" "true" ];
system.autoUpgrade = {
enable = true;
flake = "git+https://git.newtype.fr/newtype/newtype-org-configurations";
flags = [ "--option" "accept-flake-config" "true" ];
};
# add a random jitter so not all machines reboot at the same time.
systemd.timers.auto-reboot.timerConfig.RandomizedDelaySec = 60 * 20;

46
modules/bagel-container.nix Normal file
View file

@ -0,0 +1,46 @@
# Stateful/mutable container used for Bagel (tm) related infra (mostly
# rebuilding nixpkgs a lot).
#
# System image is stored at /var/lib/machines/bagel.
{
systemd.nspawn.bagel = {
execConfig = {
Boot = true;
Ephemeral = false;
PrivateUsers = true;
NotifyReady = true;
LinkJournal = "try-guest";
};
networkConfig = {
Bridge = "wan-br";
VirtualEthernetExtra = "vb-bagel-v4:host1";
};
};
systemd.services."systemd-nspawn@bagel" = {
wantedBy = [ "machines.target" ];
wants = [ "network.target" ];
after = [ "network.target" ];
overrideStrategy = "asDropin";
};
systemd.network.networks."20-vb-bagel-v4" = {
matchConfig.Name = "vb-bagel-v4";
networkConfig.Address = [ "172.16.100.1/24" ];
networkConfig.IPMasquerade = true;
};
# Configure a local Nix builder account, since getting sandboxing and KVM
# working inside the container will be tricky.
users.users.bagel-builder = {
isSystemUser = true;
group = "nogroup";
home = "/var/empty";
shell = "/bin/sh";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAvUT9YBig9LQPHgypIBHQuC32XqDKxlFZ2CfgDi0ZKx"
];
};
nix.settings.trusted-users = [ "bagel-builder" ];
}

58
modules/buildbot/default.nix Normal file
View file

@ -0,0 +1,58 @@
{ lib, pkgs, config, inputs, ... }:
with lib;
let
cfg = config.luj.buildbot;
port = "1810";
package = pkgs.buildbot-worker;
python = package.pythonModule;
home = "/var/lib/buildbot-worker";
buildbotDir = "${home}/worker";
in
{
#buildbot worker
# nix.settings.allowed-users = [ "buildbot-worker" ];
nix.settings.trusted-users = [ "buildbot-worker" ];
users.users.buildbot-worker = {
description = "Buildbot Worker User.";
isSystemUser = true;
createHome = true;
home = "/var/lib/buildbot-worker";
group = "buildbot-worker";
useDefaultShell = true;
};
users.groups.buildbot-worker = { };
systemd.services.buildbot-worker = {
reloadIfChanged = true;
description = "Buildbot Worker.";
after = [ "network.target" "buildbot-master.service" ];
wantedBy = [ "multi-user.target" ];
path = [
pkgs.nix-eval-jobs
pkgs.git
pkgs.gh
pkgs.nix
pkgs.nix-output-monitor
];
environment.PYTHONPATH = "${python.withPackages (_: [package])}/${python.sitePackages}";
environment.MASTER_URL = ''TCP:2a01\\:e34\\:ec2a\\:8e60\\:8ec7\\:b5d2\\:f663\\:a67a:9989'';
environment.BUILDBOT_DIR = buildbotDir;
environment.WORKER_PASSWORD_FILE = "/var/lib/buildbot-worker/password.txt";
serviceConfig = {
Type = "simple";
User = "buildbot-worker";
Group = "buildbot-worker";
WorkingDirectory = home;
# Restart buildbot with a delay. This time way we can use buildbot to deploy itself.
ExecReload = "+${pkgs.systemd}/bin/systemd-run --on-active=60 ${pkgs.systemd}/bin/systemctl restart buildbot-worker";
ExecStart = "${python.pkgs.twisted}/bin/twistd --nodaemon --pidfile= --logfile - --python ${./worker.py}";
};
};
}

58
modules/buildbot/worker.py Normal file
View file

@ -0,0 +1,58 @@
#!/usr/bin/env python3
import multiprocessing
import os
import socket
from io import open
from buildbot_worker.bot import Worker
from twisted.application import service
def require_env(key: str) -> str:
val = os.environ.get(key)
assert val is not None, "val is not set"
return val
def setup_worker(application: service.Application, id: int) -> None:
basedir = f"{require_env('BUILDBOT_DIR')}-{id}"
os.makedirs(basedir, mode=0o700, exist_ok=True)
master_url = require_env("MASTER_URL")
hostname = socket.gethostname()
workername = f"{hostname}-{id}"
with open(
require_env("WORKER_PASSWORD_FILE"), "r", encoding="utf-8"
) as passwd_file:
passwd = passwd_file.read().strip("\r\n")
keepalive = 600
umask = None
maxdelay = 300
numcpus = None
allow_shutdown = None
s = Worker(
"2a01:e34:ec2a:8e60:8ec7:b5d2:f663:a67a",
9989,
workername,
passwd,
basedir,
keepalive,
umask=umask,
maxdelay=maxdelay,
numcpus=numcpus,
allow_shutdown=allow_shutdown,
)
s.setServiceParent(application)
# note: this line is matched against to check that this is a worker
# directory; do not edit it.
application = service.Application("buildbot-worker")
for i in range(14):
setup_worker(application, i)

5
modules/builder.nix
View file

@ -3,7 +3,10 @@
isNormalUser = true;
home = "/home/nix";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAZpEtSfB0GDwcELc5/AKNiBZJV9OVfQ0BMFzBlF+8Yd raito@everywhere"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA3hCOyFwuoCLt5W9e9yQSwj9I+VspB0kNNHsoFngbgZ raito@thors"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF07Sy0O+oletFYlrfS0+XtBWJO2F+Rc9J/ocNLBa/OE raito@thorkell"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDu4cEqZzAI/1vZjSQkTJ4ijIg9nuloOuSKUrnkJIOFn buildbot@top-secret" # Top secret's project buildbot key
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIH/LDRUG+U+++UmlxvA2kspioTjktQZ8taDcHq8gVlkfAAAABHNzaDo=" # winterqt
];
uid = 5001;
};

37
modules/garage.nix Normal file
View file

@ -0,0 +1,37 @@
{ pkgs, ... }: {
services.garage = {
enable = true;
package = pkgs.garage_0_8;
settings = {
db_engine = "lmdb";
block_size = (10 * 1024 * 1024); # 10MB
replication_mode = "none";
rpc_bind_addr = "[::1]:3901";
rpc_public_addr = "[::1]:3901";
rpc_secret = "f5b8ede0abe0a3d454d96e8b352e29a1d94522b64274d23b256d57482441ccc1";
s3_api = {
s3_region = "garage";
api_bind_addr = "[::1]:3900";
root_domain = ".s3.infra.newtype.fr";
};
s3_web = {
bind_addr = "[::1]:3902";
root_domain = ".web.infra.newtype.fr";
index = "index.html";
};
};
};
services.nginx = {
enable = true;
virtualHosts."s3.infra.newtype.fr" = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://[::1]:3900/";
};
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
}

36
modules/hardware/supermicro-H12SSL-i.nix
View file

@ -8,28 +8,44 @@
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.kernelParams = [ "pci=realloc" ];
boot.kernelParams = [ "pci=realloc" "boot.shell_on_fail" ];
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.initrd.systemd.enable = lib.mkForce false;
boot.initrd.services.lvm.enable = true;
boot.initrd.systemd.enable = true;
fileSystems."/" =
{ device = "/dev/disk/by-uuid/3a81ba8f-f5bb-446c-89a3-ad77e354dae0";
fsType = "btrfs";
fileSystems."/experiments" =
{ device = "/dev/disk/by-uuid/40ef7d25-91c5-41e4-a40f-b0fb93658ffe";
fsType = "ext4";
};
boot.initrd.luks.devices."nixroot" = {
device = "/dev/disk/by-uuid/c10d2822-cb83-4666-98f8-0aa04be259bc";
keyFile = "/dev/zero";
keyFileSize = 1;
};
fileSystems."/" =
{ device = "/dev/disk/by-uuid/53cc33a3-1488-44c4-8f5d-a2bc67914274";
fsType = "xfs";
};
fileSystems."/nix" =
{ device = "/dev/disk/by-uuid/cee7b903-53f6-4967-b95d-654d34ccd460";
fsType = "xfs";
};
fileSystems."/home" =
{ device = "/dev/disk/by-uuid/5625935d-579b-41e4-be35-03df8437bc2c";
fsType = "xfs";
};
fileSystems."/var" =
{ device = "/dev/disk/by-uuid/33bf7f4e-37f5-4121-84ac-70d06964ea21";
fsType = "xfs";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/AFF2-3149";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
swapDevices =

2
modules/hosts.nix
View file

@ -40,7 +40,7 @@ in
# usually, for each host there is a hostname.dse.in.tum.de and hostname.r domain
networking.newtype.hosts = {
epyc = {
ipv6 = "2001:470:ca5e:dee:587c:7a50:f36c:cae8";
ipv6 = "2001:bc8:38ee:100::500";
};
};
};

81
modules/hydra/coordinator.nix Normal file
View file

@ -0,0 +1,81 @@
{ pkgs, ... }: {
services.hydra = {
enable = false;
hydraURL = "https://hydra.newtype.fr";
notificationSender = "hydra@localhost";
buildMachinesFiles = [ "/etc/nix/machines" ];
useSubstitutes = true;
};
environment.systemPackages = [ pkgs.nix-prefetch-git ];
nix.trustedUsers = [ "hydra" "hydra-www" ];
services.postgresql = {
enableJIT = true;
settings = {
checkpoint_completion_target = "0.9";
default_statistics_target = 100;
max_connections = 500;
work_mem = "20MB";
maintenance_work_mem = "2GB";
shared_buffers = "8GB";
min_wal_size = "1GB";
max_wal_size = "2GB";
wal_buffers = "16MB";
max_worker_processes = 16;
max_parallel_workers_per_gather = 8;
max_parallel_workers = 16;
# NVMe related performance tuning
effective_io_concurrency = 200;
random_page_cost = "1.1";
# We can risk losing some transactions.
synchronous_commit = "off";
effective_cache_size = "16GB";
# autovacuum and autoanalyze much more frequently:
# at these values vacuum should run approximately
# every 2 mass rebuilds, or a couple times a day
# on the builds table. Some of those queries really
# benefit from frequent vacuums, so this should
# help. In particular, I'm thinking the jobsets
# pages.
autovacuum_vacuum_scale_factor = 0.002;
autovacuum_analyze_scale_factor = 0.001;
shared_preload_libraries = "pg_stat_statements";
compute_query_id = "on";
};
};
security.acme = {
acceptTerms = true;
defaults.email = "ryan@lahfa.xyz";
};
services.nginx = {
enable = true;
recommendedZstdSettings = true;
recommendedBrotliSettings = true;
recommendedGzipSettings = true;
recommendedOptimisation =true;
recommendedTlsSettings = true;
recommendedProxySettings = true;
};
services.nginx.virtualHosts."hydra.newtype.fr" = {
forceSSL = true;
enableACME = true;
# TODO: remove compression for some locations
locations."/".proxyPass = "http://localhost:3000";
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
}

2
modules/hypervisor.nix Normal file
View file

@ -0,0 +1,2 @@
{ ... }: {
}

6
modules/iperf-server.nix Normal file
View file

@ -0,0 +1,6 @@
{ ... }: {
services.iperf3 = {
enable = true;
openFirewall = true;
};
}

40
modules/lix-bug-details-pls/0001-wip-complain-about-failing-goals-at-warn-level.patch Normal file
View file

@ -0,0 +1,40 @@
From 96937c58232ad6eaa11d1370220101c3ce2d00c3 Mon Sep 17 00:00:00 2001
From: Jade Lovelace <lix@jade.fyi>
Date: Thu, 29 Aug 2024 23:04:39 -0700
Subject: [PATCH] wip: complain about failing goals at warn level
I want to fix the bug that appears here:
error: build of '/nix/store/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-nixos-test-driver-nix-copy-closure.drv' on 'ssh-ng://nix@epyc.infra.newtype.fr' failed: error: some dependencies of '/nix/store/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-nixos-test-driver-nix-copy-closure.drv' are missing
error: builder for '/nix/store/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-nixos-test-driver-nix-copy-closure.drv' failed with exit code 1
error: 1 dependencies of derivation '/nix/store/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb-vm-test-run-nix-copy-closure.drv' failed to build
However, this is conditional on nrFailed, and I cannot for the life of
me figure out *who* is failing and *why*.
Hopefully with these data I can narrow down why this bug is happening
Change-Id: I7dca71b1c8ac92e7cc40c47ab37c952a7673cf42
---
src/libstore/build/worker.cc | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/libstore/build/worker.cc b/src/libstore/build/worker.cc
index 1b4633e64..a93be28a6 100644
--- a/src/libstore/build/worker.cc
+++ b/src/libstore/build/worker.cc
@@ -160,7 +160,10 @@ void Worker::goalFinished(GoalPtr goal, Goal::Finished & f)
waiting->trace(fmt("waitee '%s' done; %d left", goal->name, waiting->waitees.size()));
- if (f.result != Goal::ecSuccess) ++waiting->nrFailed;
+ if (f.result != Goal::ecSuccess) {
+ ++waiting->nrFailed;
+ warn("Waiter %s experienced non-success of waitee %s with result %d", waiting->getName(), goal->getName(), f.result);
+ }
if (f.result == Goal::ecNoSubstituters) ++waiting->nrNoSubstituters;
if (f.result == Goal::ecIncompleteClosure) ++waiting->nrIncompleteClosure;
--
2.44.1

22
modules/lix-bug-details-pls/default.nix Normal file
View file

@ -0,0 +1,22 @@
{ ... }:
{
# jade: this exists because of a Lix bug that has me losing my damn mind and we really cannot debug it without either:
# * debug logs (infeasible. they are way too spammy)
# * patching lix (well look where we are)
#
# I don't really think it's necessarily appropriate to log at info level when
# a derivation fails on `main`, so here we have a yolopatch to get the damn
# thing in the log.
#
# I suspect it is a race condition with the garbage collector.
nixpkgs.overlays = [
(final: prev: {
lix = prev.lix.overrideAttrs (old: {
patches = (old.patches or [ ]) ++ [
# This patch doesn't apply anymore.
# ./0001-wip-complain-about-failing-goals-at-warn-level.patch
];
});
})
];
}

25
modules/network.nix
View file

@ -14,8 +14,8 @@
'')
config.networking.newtype.hosts);
# leave container interfaces alone
systemd.network.networks."05-veth".extraConfig = ''
# leave container interfaces alone unless otherwise specified
systemd.network.networks."95-veth".extraConfig = ''
[Match]
Driver = veth
@ -34,12 +34,29 @@
linkConfig.Name = "nat-lan";
};
systemd.network.networks."10-wan" = {
matchConfig.Name = "wan";
systemd.network.netdevs."10-wan-br" = {
netdevConfig.Name = "wan-br";
netdevConfig.Kind = "bridge";
netdevConfig.MACAddress = "none";
bridgeConfig.MulticastSnooping = false;
};
systemd.network.links."10-wan-br" = {
matchConfig.Name = "wan-br";
linkConfig.MACAddressPolicy = "none";
};
systemd.network.networks."10-wan-br" = {
matchConfig.Name = "wan-br";
linkConfig.RequiredForOnline = true;
networkConfig.Address = [ config.networking.newtype.currentHost.ipv6 ];
};
systemd.network.networks."10-wan" = {
matchConfig.Name = "wan";
networkConfig.Bridge = "wan-br";
};
systemd.network.links."10-wan" = {
matchConfig.MACAddress = "3c:ec:ef:7e:bd:c9";
linkConfig.Name = "wan";

55
modules/nix-daemon.nix
View file

@ -24,25 +24,51 @@ in
config = {
warnings = lib.optionals (config.simd.arch == null) [ "Please set simd.arch for ${config.networking.hostName}" ];
# Allow more open files for non-root users to run NixOS VM tests.
security.pam.loginLimits = [
{ domain = "*"; item = "nofile"; type = "-"; value = "20480"; }
];
# Makes the computer go faster.
# nixos.jobserver.enable = true;
# TODO(raito): rework this.
# Avoid weird failures for builders.
services.openssh.settings.MaxStartups = 100;
services.openssh.settings.MaxSessions = 100;
# Memory accounting techniques
systemd.services.nix-daemon.serviceConfig = {
MemoryAccounting = true;
MemoryMax = "225G";
MemoryHigh = "220G";
MemorySwapMax = "2G";
ManagedOOMSwap = "kill";
ManagedOOMMemoryPressure = "kill";
MemoryPressureWatch = "on";
};
nix = {
# Garbage-collect often
gc.automatic = true;
gc.dates = "03:15";
gc.options = "--delete-older-than 30d";
gc.dates = "*:45";
gc.options = ''--max-freed "$((128 * 1024**3 - 1024 * $(df -P -k /nix/store | tail -n 1 | ${pkgs.gawk}/bin/awk '{ print $4 }')))"'';
# 2.11, 2.12 suffers from a bug with remote builders…
package = pkgs.nixVersions.nix_2_13;
# Randomize GC to avoid thundering herd effects.
gc.randomizedDelaySec = "1800";
# should be enough?
nrBuildUsers = lib.mkDefault 32;
# https://github.com/NixOS/nix/issues/719
nrBuildUsers = 128;
settings = {
keep-outputs = true;
keep-derivations = true;
# in zfs we trust
fsync-metadata = lib.boolToString (!config.boot.isContainer or config.fileSystems."/".fsType != "zfs");
keep-outputs = false;
keep-derivations = false;
use-cgroups = true;
http-connections = 0;
auto-allocate-uids = true;
cores = 0;
max-jobs = 2; # Do not build more than 2 derivations at once in the event, both of them are too big, yes this is stupid, fix it in Nix.
fsync-metadata = true;
substituters = [
"https://nix-community.cachix.org"
"https://tum-dse.cachix.org"
@ -52,6 +78,13 @@ in
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"tum-dse.cachix.org-1:v67rK18oLwgO0Z4b69l30SrV1yRtqxKpiHodG4YxhNM="
];
experimental-features = [
"auto-allocate-uids"
# "ca-derivations" this feature is really extremely broken.
"cgroups"
"fetch-closure"
"impure-derivations"
];
};
};

6
modules/packages.nix
View file

@ -1,10 +1,11 @@
{ pkgs, ... }: {
{ pkgs, config, inputs, ... }: {
# this extends the list from:
# https://github.com/numtide/srvos/blob/master/server.nix#L10
environment.systemPackages = with pkgs; [
socat
whois
nix-output-monitor
jq
psmisc
libarchive
@ -33,6 +34,9 @@
ethtool
usbutils
config.boot.kernelPackages.perf
pwru
ipmitool
# tries to default to soft-float due to out-dated cc-rs
] ++ lib.optional (!stdenv.hostPlatform.isRiscV) bandwhich;

8
modules/users/admins.nix
View file

@ -18,12 +18,12 @@ in
openssh.authorizedKeys.keyFiles = [ ./keys/raito.keys ];
};
# Julien Malka
# Luj
luj = {
isNormalUser = true;
home = "/home/luj";
inherit (config.users.users.raito) extraGroups;
shell = "/run/current-system/sw/bin/zsh";
extraGroups = extraGroups ++ [ "production-hydra-db" ];
shell = "/run/current-system/sw/bin/bash";
uid = 1001;
openssh.authorizedKeys.keyFiles = [ ./keys/luj.keys ];
};
@ -65,6 +65,6 @@ in
};
};
nix.settings.trusted-users = [ "raito" "luj" "gdd" "akechi" "tomate" ];
nix.settings.trusted-users = [ "raito" "luj" "gdd" "akechi" "tomate" "niklas" "jade" "winter" ];
};
}

94
modules/users/friends.nix Normal file
View file

@ -0,0 +1,94 @@
{ ... }:
let
trustedFriendGroups = [
"production-hydra-db"
];
in
{
# deleted users: ninjatrappeur, flokli
users.users = {
linus = {
isNormalUser = true;
home = "/home/linus";
shell = "/run/current-system/sw/bin/zsh";
uid = 2001;
# Raito: I allowed linus to be root to get some stuff done
# on behalf of me.
extraGroups = [ "wheel" ] ++ trustedFriendGroups;
openssh.authorizedKeys.keyFiles = [ ./keys/linus.keys ];
};
niklas = {
isNormalUser = true;
home = "/home/niklas";
shell = "/run/current-system/sw/bin/zsh";
uid = 2002;
extraGroups = trustedFriendGroups;
openssh.authorizedKeys.keyFiles = [ ./keys/niklas.keys ];
};
# Raito: Permanent account for Jade who has been driving a lot of good work.
# expires = 2060 because of a convergence bug, I cannot remove the expiration date anymore.
jade = {
isNormalUser = true;
home = "/home/jade";
shell = "/run/current-system/sw/bin/zsh";
uid = 2004;
expires = "2060-05-01";
extraGroups = trustedFriendGroups;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNldAg4t13/i69TD786The+U3wbiNUdW2Kc9KNWvEhgpf4y4x4Sft0oYfkPw5cjX4H3APqfD+b7ItAG0GCbwHw6KMYPoVMNK08zBMJUqt1XExbqGeFLqBaeqDsmEAYXJRbjMTAorpOCtgQdoCKK/DvZ51zUWXxT8UBNHSl19Ryv5Ry5VVdbAE35rqs57DQ9+ma6htXnsBEmmnC+1Zv1FE956m/OpBTId50mor7nS2FguAtPZnDPpTd5zl9kZmJEuWCrmy6iinw5V4Uy1mLeZkQv+/FtozbyifCRCvps9nHpv4mBSU5ABLgnRRvXs+D41Jx7xloNADr1nNgpsNrYaTh hed-bot-ssh-tpm-rsa"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIKYljH8iPMrH00lOb3ETxRrZimdKzPPEdsJQ5D5ovtOwAAAACnNzaDpzc2hrZXk= ssh:sshkey"
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBO4idMfdJxDJuBNOid60d4I+qxj09RHt+YkCYV2eXt6tGrEXg+S8hTQusy/SqooiXUH9pt4tea2RuBPN9+UwrH0= type-a yubikey slot 9a"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHGIBMfUypLctmorlRz9xIzXRgmtqDMxF5T5Fxy4JxNb root@tail-bot"
];
};
# Raito: Permanent account for winter, she was the one in charge of the Darwin build box for a while,
# helped a bunch of people and deserve it :-).
# expires = 2060 because of a convergence bug, I cannot remove the expiration date anymore.
winter = {
isNormalUser = true;
home = "/home/winter";
shell = "/run/current-system/sw/bin/zsh";
uid = 2005;
expires = "2060-05-01";
extraGroups = trustedFriendGroups;
openssh.authorizedKeys.keys = [
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIH/LDRUG+U+++UmlxvA2kspioTjktQZ8taDcHq8gVlkfAAAABHNzaDo="
];
};
# Raito: Permanent account for pennae, they are doing a bunch of excellent Nix work (including performance).
pennae = {
isNormalUser = true;
home = "/home/pennae";
shell = "/run/current-system/sw/bin/zsh";
uid = 2006;
# Raito: Allowed to debug jobserver.
extraGroups = [ "wheel" ] ++ trustedFriendGroups;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC5Wf5/IbyFpdziWfwxkQqxOf3r1L9pYn6xQBEKFwmMY"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIK8icXjHkb4XzbIVN3djH4CE7RvgGd+3xbG4cgh0Yls5AAAABHNzaDo="
];
};
# Raito: Temporary account until next year, for delroth, who is going to work on building capabilities for improving build infrastructure.
delroth = {
isNormalUser = true;
home = "/home/delroth";
shell = "/run/current-system/sw/bin/zsh";
uid = 2007;
# Raito: Allowed to spawn new VMs and do various stuff for isolating the workloads.
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII3tjB4KYDok3KlWxdBp/yEmqhhmybd+w0VO4xUwLKKV"
];
};
# Raito: Temporary account for the next week, for VM testing in the context of the systemd-hardening project.
jmarquet = {
isNormalUser = true;
home = "/home/jmarquet";
uid = 2008;
expires = "2024-08-30";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFe4tx0+lNX2w7kG94c9u7U0wHuOc2A6zpHcbyAs+w/d thejohncrafter@system76-pc"
];
};
};
}

3
modules/users/keys/akechi.keys
View file

@ -1,2 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDmC/lBooMyJZnyuU0/f6Qufi48DCEQ1RNT1l25cbvZWCXRrAJuQUTgb7u2nl8SEiQTRbZy/FTesaoPNBRWtWXK/8M0K58DeTMdNeTV8joW+vwEzRF3LPb9gU3FqCuuFFRqhJNC16cFBxXMCyjmktl8EG9o5yVcT/6HdwvXRKlas+EqXHlZblXxYQfCjWkpd3vzIoEfPwkUpQFlvLltTBT+EUWTiysvF8cCCuBx7EXHX++fNNySDoB9bQJ+sYoAvuhtfZ5eYNePpYQCV71KMEPYBqJ7AQpvdbMa34Rx7mghGCLk580qWTuXf/vqKRD4EAsvPYtK/xJNyjrCTX99TL60NIsBgNzQvvFFIaAsD91nD13gaEvybOjIo1lbzSZhbreX1qdWeUCR32HDUH4fEVv81VSaPbH2zxWqIf8bLDMJ7pCLKncyCZD1yVFCXsDV/J8BQq0c3GtFh3eEt59bkk6iU+LXv9dvwJtCvsp087Yh4qhj0L9z2zgczeljKJtFFTZhWbY3WEKiureoI7iPEJvLB8B6pGF0qQmIjbIIx6gtBoJc891w+XUmaXfHhWsVV7eq2y/AU7BvXAZp3LigWvosmPpoYsgjS0RNp2RJo2ufN6wKBtq+qv0xM+S6JvXo5pf2Oe11qp8hxF32MNv+djFK3Qf/JMkZAQd1Y/vW/Gg8Xw==
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK5vbxUd8I+uF/OY/PpPhSzrLN14Waq82uyQXNPYpHjA
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICRDM7fyeGRgYzuW+falRZayYSf5xMwj2d2PI9vSyjOD

1
modules/users/keys/gdd.keys
View file

@ -1 +1,2 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICE7TN5NQKGojNGIeTFiHjLHTDQGT8i05JFqX/zLW2zc
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqnCNhMl5KgERtpFAVUjd11JDsf0uQ/8NY5sj4tnjw5

4
modules/users/keys/linus.keys Normal file
View file

@ -0,0 +1,4 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDf7hGFfUHhtgYY0G/Dh9isjIxkvUjlAKAMvLIZs5NLXwEfnxDTVZW/ijfF2qDozAmYQHZqbeyhJX7YlO6nYjWRBxqBeqAMHhtu3PkiysSCCUymhJ2uDHUAox+BT8IGE3sCKYIXRdmSFoibgQad9AHsQ6OLoIaNgMV7rspdBcO/CjyCkHN440XhQKz/Sq2SyygI9Qkuz0qDdQOgIraVi//EXDAvij0QXlkmh+3xBJwEqt8Pe1KP9itwvGyzGX/aAheCBSf7HPcLzJUgcWymW6FL4AE0KqNVb8Q8ahaEM5UgbXUCauDON8H4OR1Zngszw128wklwxOr7q5gB++Ks1OQlHMGgiVYZ2wC0DXlx68BKSMNnJRHWCI4r63a3bAWGCqKbcCHpimjPAHisPoaoHffVUaIpj65klj+GkoHAgo/pl0S6o4OqVpOau3Qkn95D1KDbUiE1l0HdgZaRmOKRvTKec1V3tfB2rA83Q1cZCWC5ZSwk3wihYPywMyIo6G8f2M2bFot7k/sS9ZMSle6oZDrc6A8qWnaxMZYbEXdFGy02550vdymshJ9RpSLfK1oBKoKk7yL2hk1UHm6obXYXn/F0KvDr7nAM6gOf9NnOrPHKt14WDb0GsZwNd34g1RCcBUcXewh4ZJOHerzsS2h3D30BNQUNCaF8ZQr6FYXp7v9gnQ==
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN3EmXYSXsimS+vlGYtfTkOGuwvkXU0uHd2yYKLOxD2F
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIJWYrcu8usyqdLv4XO4i5TPaQhB+lH3Xbu2uz64hQe3
sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAICDgQA1A1uHJsqLsSLLkuWNlxXrpGRD6Qx11WBbfP+SmAAAAEXNzaDpsaW51c0BiZWl3ZXJr

14
modules/users/keys/luj.keys
View file

@ -1,11 +1,3 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM9Uzb7szWlux7HuxLZej9cBR5MhLz/vaAPPfSoozt2k
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDCKfPoMNrnyNWH6J1OvQ+n1rvSS9Sc2iZf6E1JQC+L4
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIESMWr29i3rhj32oLV3DKe57YI+jvNaKjZhhpq6dEjsn
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJOCKgHRHAJDSgKqYNfWboL04mnEOM0m0K3TGxBhBNDR
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOpGHx430EpJmbtJc8+lF1CpQ1gXeHT9OeZ08O8yzohF
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEaCGndojnmS5IoqHVMEPRfKuBZotMyqo7wNkAZJWigp
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILxfFq8wx5Bet5Q0gI28/lc9ryYYFQelpZdPPdzxGBbA
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGa+7n7kNzb86pTqaMn554KiPrkHRGeTJ0asY1NjSbpr
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILKIDLmQQ+P+jE4zVRpdVp8fmYEe4nzPDqYZt6A4eyIi
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAkj2xsN7Qt/Ew2QO+HiF2yOjXPRucZ3SbIdPDLJoh22
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCUt5I3IgONzYsMOFnRXtvR/uLXlIs6oWsCmh6YGgnpGD4M9lFdoYAOeC1faQUnP66sNs6AoacrGlPZ1UkVUqYEoIr2hiNCDRzzLCQ2J/sSaw7Hv0PKT7MWMo8R076M3TrdunCchBJI1noez3waM9aL4b/iYVhxym28ET55QrWjyMQfZL9PXzOKZatNVcK8AmdtSbI+pFrm/tTZPa321drm9PHOo9CL+lG4YmVZcXa0bVfVtk1GXlWwNpCj2ExLmbF1rRpAa05khfnbg3sBSklwf5NRXj11KneodKRF81ji7MtBhIIfoEXSYht7yspdkkS9e9mv16VGV+2ziM8zG3MK/iUq7fg5ksN54D3DNrd9iI5WjQZsLUrK0ypxO2NtvupWGYt3rCyKA/QvynbxOWFp6cy3Evej142hsfbiOcPIgCtGdHIBevp+KmPxkHBqsJPBqb3Y7nOMT1/ggDMtvHZEZJjEI2D2RjZNEXGbq63OPAqEkgmecW0cXlrjLEGhF2E=
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGa+7n7kNzb86pTqaMn554KiPrkHRGeTJ0asY1NjSbpr julien@tower
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIADCpuBL/kSZShtXD6p/Nq9ok4w1DnlSoxToYgdOvUqo julien@fischer
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMAa0wll9ildhgPiV0DhgJXXtw3TQr5VkNxxxPspHSbX julien@gallifrey

1
modules/users/keys/niklas.keys Normal file
View file

@ -0,0 +1 @@
sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAINHd1ay1FSTHZzE+3XCdUiS5efFmJ9GUvx4+7F5uXVtMAAAABHNzaDo= nikstur

3
modules/users/keys/ninjatrappeur.keys Normal file
View file

@ -0,0 +1,3 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClF9ko5u4zf0CEvleEeRbo9r6BMNgXEGO/rDNZOEHcKxVaeIi+/xF6ZQ5MZbcmH08lswq32hb1XwXg7Gk+ofUdEvCD/kC/vJijt7IFkardy6BNOSWQJLEf6/BpL3LzDQhi7iZXPF46VYoPVGHBh8fKQaAtOCrhbf/8JutfTwCglEztjoiQxY5b8OMfntjBSl6TJwZPJAoQllbJJz9q90sBetvqx6Y08eqIzsSZw6pznpvivRR+TSKU0EkVYS2y2zBAvPK6oyunj5zi01/FACT+Qn70dUkumZAvcPssbl0hCs/xDLgEL6hCEvoszodyMYVn7HS0KwfUlfiGdNUOFHIl
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHzd1XAB7Pc8Tplur5iV3llOXtvlHru8pLtQlbvHzmt1
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOE7oDtq+xt5RuvMigDZMeZQODFr5Otz6HCO8wnI80oo

1
modules/users/keys/raito.keys
View file

@ -1,3 +1,4 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDcEkYM1r8QVNM/G5CxJInEdoBCWjEHHDdHlzDYNSUIdHHsn04QY+XI67AdMCm8w30GZnLUIj5RiJEWXREUApby0GrfxGGcy8otforygfgtmuUKAUEHdU2MMwrQI7RtTZ8oQ0USRGuqvmegxz3l5caVU7qGvBllJ4NUHXrkZSja2/51vq80RF4MKkDGiz7xUTixI2UcBwQBCA/kQedKV9G28EH+1XfvePqmMivZjl+7VyHsgUVj9eRGA1XWFw59UPZG8a7VkxO/Eb3K9NF297HUAcFMcbY6cPFi9AaBgu3VC4eetDnoN/+xT1owiHi7BReQhGAy/6cdf7C/my5ehZwD
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE0xMwWedkKosax9+7D2OlnMxFL/eV4CvFZLsbLptpXr
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKiXXYkhRh+s7ixZ8rvG8ntIqd6FELQ9hh7HoaHQJRPU
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJFsZ7PMDt80tYXHyScQajNhqH4wuYg/o0OxfOHaZD4rXuT0VIKflKH1M9LslfHWIEH3XNeqhQOziH9r+Ny5JcM=

1
modules/users/keys/tomate.keys
View file

@ -1 +1,2 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+EZXYziiaynJX99EW8KesnmRTZMof3BoIs3mdEl8L3
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPM1jpXR7BWQa7Sed7ii3SbvIPRRlKb3G91qC0vOwfJn thubrecht@dell-xps

10
modules/zsh.nix
View file

@ -4,5 +4,13 @@
programs.zsh.enableGlobalCompInit = false;
programs.zsh.interactiveShellInit = ''
source ${pkgs.zsh-nix-shell}/share/zsh-nix-shell/nix-shell.plugin.zsh
'';
'';
programs.zsh = {
autosuggestions.enable = true;
promptInit = ''
source ${pkgs.grml-zsh-config}/etc/zsh/zshrc
'';
};
users.defaultUserShell = pkgs.zsh;
}