Dustin Frisch
1 year ago
commit
ce8862bf37
No known key found for this signature in database
GPG Key ID: B4C3BF012D9B26BE
27 changed files with 1520 additions and 0 deletions
-
4.envrc
-
5.sops.yaml
-
453flake.lock
-
95flake.nix
-
38machines.nix
-
5machines/manager/autoinstall.nix
-
29machines/manager/beegfs.nix
-
23machines/manager/cache.nix
-
35machines/manager/default.nix
-
40machines/manager/disk.nix
-
4machines/manager/gateway.nix
-
44machines/manager/ldap.nix
-
8machines/manager/nfs.nix
-
5machines/manager/ntp.nix
-
24machines/node/default.nix
-
39machines/node/disk.nix
-
22machines/node/users.nix
-
227modules/beegfs.nix
-
5modules/default.nix
-
185packages/beegfs/001-build.patch
-
77packages/beegfs/default.nix
-
45packages/beegfs/module.nix
-
31secrets.yaml
-
21secrets/cache-priv-key.pem
-
35shared/default.nix
-
10shared/network.nix
-
11shared/root.nix
@ -0,0 +1,4 @@ |
|||
use flake |
|||
|
|||
watch_file "flake.nix" |
|||
watch_file "flake.lock" |
@ -0,0 +1,5 @@ |
|||
creation_rules: |
|||
- key_groups: |
|||
- pgp: |
|||
- 3237CA7A1744B4DCE96B409FB4C3BF012D9B26BE |
|||
path_regex: ^(secrets\.yaml|secrets/.+)$ |
@ -0,0 +1,453 @@ |
|||
{ |
|||
"nodes": { |
|||
"colmena": { |
|||
"inputs": { |
|||
"flake-compat": "flake-compat", |
|||
"flake-utils": "flake-utils", |
|||
"nixpkgs": [ |
|||
"nixpkgs" |
|||
], |
|||
"stable": "stable" |
|||
}, |
|||
"locked": { |
|||
"lastModified": 1684127527, |
|||
"narHash": "sha256-tAzgb2jgmRaX9HETry38h2OvBf9YkHEH1fFvIJQV9A0=", |
|||
"owner": "zhaofengli", |
|||
"repo": "colmena", |
|||
"rev": "caf33af7d854c8d9b88a8f3dae7adb1c24c1407b", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "zhaofengli", |
|||
"repo": "colmena", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"disko": { |
|||
"inputs": { |
|||
"nixpkgs": [ |
|||
"nixpkgs" |
|||
] |
|||
}, |
|||
"locked": { |
|||
"lastModified": 1684783210, |
|||
"narHash": "sha256-hxRbwwBTu1G1u1EdI9nEo/n4HIsQIfNi+2BQ1nEoj/o=", |
|||
"owner": "nix-community", |
|||
"repo": "disko", |
|||
"rev": "f0b9f374bb42fdcd57baa7d4448ac5d4788226bd", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "nix-community", |
|||
"repo": "disko", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"flake-compat": { |
|||
"flake": false, |
|||
"locked": { |
|||
"lastModified": 1650374568, |
|||
"narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", |
|||
"owner": "edolstra", |
|||
"repo": "flake-compat", |
|||
"rev": "b4a34015c698c7793d592d66adbab377907a2be8", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "edolstra", |
|||
"repo": "flake-compat", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"flake-compat_2": { |
|||
"flake": false, |
|||
"locked": { |
|||
"lastModified": 1673956053, |
|||
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", |
|||
"owner": "edolstra", |
|||
"repo": "flake-compat", |
|||
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "edolstra", |
|||
"repo": "flake-compat", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"flake-utils": { |
|||
"locked": { |
|||
"lastModified": 1659877975, |
|||
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", |
|||
"owner": "numtide", |
|||
"repo": "flake-utils", |
|||
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "numtide", |
|||
"repo": "flake-utils", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"flake-utils_2": { |
|||
"locked": { |
|||
"lastModified": 1653893745, |
|||
"narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=", |
|||
"owner": "numtide", |
|||
"repo": "flake-utils", |
|||
"rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "numtide", |
|||
"repo": "flake-utils", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"flake-utils_3": { |
|||
"locked": { |
|||
"lastModified": 1653893745, |
|||
"narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=", |
|||
"owner": "numtide", |
|||
"repo": "flake-utils", |
|||
"rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "numtide", |
|||
"repo": "flake-utils", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"flake-utils_4": { |
|||
"locked": { |
|||
"lastModified": 1653893745, |
|||
"narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=", |
|||
"owner": "numtide", |
|||
"repo": "flake-utils", |
|||
"rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "numtide", |
|||
"repo": "flake-utils", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"flake-utils_5": { |
|||
"locked": { |
|||
"lastModified": 1653893745, |
|||
"narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=", |
|||
"owner": "numtide", |
|||
"repo": "flake-utils", |
|||
"rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "numtide", |
|||
"repo": "flake-utils", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"flake-utils_6": { |
|||
"locked": { |
|||
"lastModified": 1667395993, |
|||
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", |
|||
"owner": "numtide", |
|||
"repo": "flake-utils", |
|||
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "numtide", |
|||
"repo": "flake-utils", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"gitignore": { |
|||
"inputs": { |
|||
"nixpkgs": [ |
|||
"pre-commit-hooks", |
|||
"nixpkgs" |
|||
] |
|||
}, |
|||
"locked": { |
|||
"lastModified": 1660459072, |
|||
"narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", |
|||
"owner": "hercules-ci", |
|||
"repo": "gitignore.nix", |
|||
"rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "hercules-ci", |
|||
"repo": "gitignore.nix", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"nixago": { |
|||
"inputs": { |
|||
"flake-utils": [ |
|||
"utils" |
|||
], |
|||
"nixago-exts": "nixago-exts", |
|||
"nixpkgs": [ |
|||
"nixpkgs" |
|||
] |
|||
}, |
|||
"locked": { |
|||
"lastModified": 1683210100, |
|||
"narHash": "sha256-bhGDOlkWtlhVECpoOog4fWiFJmLCpVEg09a40aTjCbw=", |
|||
"owner": "nix-community", |
|||
"repo": "nixago", |
|||
"rev": "1da60ad9412135f9ed7a004669fdcf3d378ec630", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "nix-community", |
|||
"repo": "nixago", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"nixago-exts": { |
|||
"inputs": { |
|||
"flake-utils": "flake-utils_2", |
|||
"nixago": "nixago_2", |
|||
"nixpkgs": [ |
|||
"nixago", |
|||
"nixpkgs" |
|||
] |
|||
}, |
|||
"locked": { |
|||
"lastModified": 1676070308, |
|||
"narHash": "sha256-QaJ65oc2l8iwQIGWUJ0EKjCeSuuCM/LqR8RauxZUUkc=", |
|||
"owner": "nix-community", |
|||
"repo": "nixago-extensions", |
|||
"rev": "e5380cb0456f4ea3c86cf94e3039eb856bf07d0b", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "nix-community", |
|||
"repo": "nixago-extensions", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"nixago-exts_2": { |
|||
"inputs": { |
|||
"flake-utils": "flake-utils_4", |
|||
"nixago": "nixago_3", |
|||
"nixpkgs": [ |
|||
"nixago", |
|||
"nixago-exts", |
|||
"nixago", |
|||
"nixpkgs" |
|||
] |
|||
}, |
|||
"locked": { |
|||
"lastModified": 1655508669, |
|||
"narHash": "sha256-BDDdo5dZQMmwNH/GNacy33nPBnCpSIydWFPZs0kkj/g=", |
|||
"owner": "nix-community", |
|||
"repo": "nixago-extensions", |
|||
"rev": "3022a932ce109258482ecc6568c163e8d0b426aa", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "nix-community", |
|||
"repo": "nixago-extensions", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"nixago_2": { |
|||
"inputs": { |
|||
"flake-utils": "flake-utils_3", |
|||
"nixago-exts": "nixago-exts_2", |
|||
"nixpkgs": [ |
|||
"nixago", |
|||
"nixago-exts", |
|||
"nixpkgs" |
|||
] |
|||
}, |
|||
"locked": { |
|||
"lastModified": 1676070010, |
|||
"narHash": "sha256-iYzJIWptE1EUD8VINAg66AAMUajizg8JUYN3oBmb8no=", |
|||
"owner": "nix-community", |
|||
"repo": "nixago", |
|||
"rev": "d480ba6c0c16e2c5c0bd2122852d6a0c9ad1ed0e", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "nix-community", |
|||
"ref": "rename-config-data", |
|||
"repo": "nixago", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"nixago_3": { |
|||
"inputs": { |
|||
"flake-utils": "flake-utils_5", |
|||
"nixpkgs": [ |
|||
"nixago", |
|||
"nixago-exts", |
|||
"nixago", |
|||
"nixago-exts", |
|||
"nixpkgs" |
|||
] |
|||
}, |
|||
"locked": { |
|||
"lastModified": 1655405483, |
|||
"narHash": "sha256-Crd49aZWNrpczlRTOwWGfwBMsTUoG9vlHDKQC7cx264=", |
|||
"owner": "nix-community", |
|||
"repo": "nixago", |
|||
"rev": "e6a9566c18063db5b120e69e048d3627414e327d", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "nix-community", |
|||
"repo": "nixago", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"nixpkgs": { |
|||
"locked": { |
|||
"lastModified": 1684858140, |
|||
"narHash": "sha256-dQStox5GYrVlVNMvxxXs3xX9bXG7J7ttSjqUcVm8EaA=", |
|||
"owner": "NixOS", |
|||
"repo": "nixpkgs", |
|||
"rev": "a17f99dfcb9643200b3884ca195c69ae41d7f059", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "NixOS", |
|||
"ref": "nixos-22.11", |
|||
"repo": "nixpkgs", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"nixpkgs-stable": { |
|||
"locked": { |
|||
"lastModified": 1678872516, |
|||
"narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=", |
|||
"owner": "NixOS", |
|||
"repo": "nixpkgs", |
|||
"rev": "9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "NixOS", |
|||
"ref": "nixos-22.11", |
|||
"repo": "nixpkgs", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"pre-commit-hooks": { |
|||
"inputs": { |
|||
"flake-compat": "flake-compat_2", |
|||
"flake-utils": "flake-utils_6", |
|||
"gitignore": "gitignore", |
|||
"nixpkgs": [ |
|||
"nixpkgs" |
|||
], |
|||
"nixpkgs-stable": "nixpkgs-stable" |
|||
}, |
|||
"locked": { |
|||
"lastModified": 1684842236, |
|||
"narHash": "sha256-rYWsIXHvNhVQ15RQlBUv67W3YnM+Pd+DuXGMvCBq2IE=", |
|||
"owner": "cachix", |
|||
"repo": "pre-commit-hooks.nix", |
|||
"rev": "61e567d6497bc9556f391faebe5e410e6623217f", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "cachix", |
|||
"repo": "pre-commit-hooks.nix", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"root": { |
|||
"inputs": { |
|||
"colmena": "colmena", |
|||
"disko": "disko", |
|||
"nixago": "nixago", |
|||
"nixpkgs": "nixpkgs", |
|||
"pre-commit-hooks": "pre-commit-hooks", |
|||
"sops": "sops", |
|||
"utils": "utils" |
|||
} |
|||
}, |
|||
"sops": { |
|||
"inputs": { |
|||
"nixpkgs": [ |
|||
"nixpkgs" |
|||
], |
|||
"nixpkgs-stable": [ |
|||
"nixpkgs" |
|||
] |
|||
}, |
|||
"locked": { |
|||
"lastModified": 1684637723, |
|||
"narHash": "sha256-0vAxL7MVMhGbTkAyvzLvleELHjVsaS43p+PR1h9gzNQ=", |
|||
"owner": "Mic92", |
|||
"repo": "sops-nix", |
|||
"rev": "4ccdfb573f323a108a44c13bb7730e42baf962a9", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "Mic92", |
|||
"repo": "sops-nix", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"stable": { |
|||
"locked": { |
|||
"lastModified": 1669735802, |
|||
"narHash": "sha256-qtG/o/i5ZWZLmXw108N2aPiVsxOcidpHJYNkT45ry9Q=", |
|||
"owner": "NixOS", |
|||
"repo": "nixpkgs", |
|||
"rev": "731cc710aeebecbf45a258e977e8b68350549522", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "NixOS", |
|||
"ref": "nixos-22.11", |
|||
"repo": "nixpkgs", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"systems": { |
|||
"locked": { |
|||
"lastModified": 1681028828, |
|||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", |
|||
"owner": "nix-systems", |
|||
"repo": "default", |
|||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "nix-systems", |
|||
"repo": "default", |
|||
"type": "github" |
|||
} |
|||
}, |
|||
"utils": { |
|||
"inputs": { |
|||
"systems": "systems" |
|||
}, |
|||
"locked": { |
|||
"lastModified": 1681202837, |
|||
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", |
|||
"owner": "numtide", |
|||
"repo": "flake-utils", |
|||
"rev": "cfacdce06f30d2b68473a46042957675eebb3401", |
|||
"type": "github" |
|||
}, |
|||
"original": { |
|||
"owner": "numtide", |
|||
"repo": "flake-utils", |
|||
"type": "github" |
|||
} |
|||
} |
|||
}, |
|||
"root": "root", |
|||
"version": 7 |
|||
} |
@ -0,0 +1,95 @@ |
|||
{ |
|||
inputs = { |
|||
nixpkgs = { |
|||
type = "github"; |
|||
owner = "NixOS"; |
|||
repo = "nixpkgs"; |
|||
ref = "nixos-22.11"; |
|||
}; |
|||
|
|||
colmena = { |
|||
type = "github"; |
|||
owner = "zhaofengli"; |
|||
repo = "colmena"; |
|||
|
|||
inputs.nixpkgs.follows = "nixpkgs"; |
|||
}; |
|||
|
|||
nixago = { |
|||
type = "github"; |
|||
owner = "nix-community"; |
|||
repo = "nixago"; |
|||
|
|||
inputs.nixpkgs.follows = "nixpkgs"; |
|||
inputs.flake-utils.follows = "utils"; |
|||
}; |
|||
|
|||
pre-commit-hooks = { |
|||
type = "github"; |
|||
owner = "cachix"; |
|||
repo = "pre-commit-hooks.nix"; |
|||
|
|||
inputs.nixpkgs.follows = "nixpkgs"; |
|||
}; |
|||
|
|||
sops = { |
|||
type = "github"; |
|||
owner = "Mic92"; |
|||
repo = "sops-nix"; |
|||
|
|||
inputs.nixpkgs.follows = "nixpkgs"; |
|||
inputs.nixpkgs-stable.follows = "nixpkgs"; |
|||
}; |
|||
|
|||
utils = { |
|||
type = "github"; |
|||
owner = "numtide"; |
|||
repo = "flake-utils"; |
|||
}; |
|||
|
|||
disko = { |
|||
type = "github"; |
|||
owner = "nix-community"; |
|||
repo = "disko"; |
|||
|
|||
inputs.nixpkgs.follows = "nixpkgs"; |
|||
}; |
|||
}; |
|||
|
|||
outputs = { nixpkgs, utils, ... }@inputs: { |
|||
colmena = import ./machines.nix inputs; |
|||
|
|||
devShell = utils.lib.eachSystemMap utils.lib.allSystems (system: |
|||
let |
|||
pkgs = nixpkgs.legacyPackages.${system}; |
|||
|
|||
pre-commit-hooks = inputs.pre-commit-hooks.lib.${system}.run { |
|||
src = ./.; |
|||
hooks = { |
|||
nixpkgs-fmt.enable = true; |
|||
statix.enable = true; |
|||
shellcheck.enable = true; |
|||
}; |
|||
}; |
|||
in |
|||
pkgs.mkShell { |
|||
buildInputs = [ |
|||
inputs.colmena.defaultPackage.${system} |
|||
] ++ (with pkgs; [ |
|||
bash |
|||
gitAndTools.git |
|||
gnutar |
|||
gzip |
|||
nixUnstable |
|||
openssh |
|||
sops |
|||
age |
|||
]); |
|||
|
|||
shellHook = '' |
|||
${pre-commit-hooks.shellHook} |
|||
''; |
|||
}); |
|||
}; |
|||
} |
|||
|
@ -0,0 +1,38 @@ |
|||
{ nixpkgs, disko, sops, ... }@inputs: |
|||
|
|||
let |
|||
deploymentPkgs = import nixpkgs { |
|||
localSystem.system = "x86_64-linux"; |
|||
}; |
|||
|
|||
in with deploymentPkgs.lib; let |
|||
|
|||
mkMachine = type: opts: { lib, ... }: |
|||
let |
|||
machine = import ./machines/${type} opts; |
|||
in { |
|||
imports = [ |
|||
./shared |
|||
./modules |
|||
machine |
|||
sops.nixosModules.sops |
|||
disko.nixosModules.disko |
|||
]; |
|||
}; |
|||
|
|||
machines = { |
|||
manager = mkMachine "manager" {}; |
|||
} // (listToAttrs (genList (i: nameValuePair |
|||
"node-${fixedWidthNumber 2 i}" |
|||
(mkMachine "node" { id = i; }) |
|||
) 16)); |
|||
|
|||
in { |
|||
meta = { |
|||
nixpkgs = deploymentPkgs; |
|||
|
|||
specialArgs = { |
|||
inherit inputs; |
|||
}; |
|||
}; |
|||
} // machines |
@ -0,0 +1,5 @@ |
|||
# TFTP boot with shared image |
|||
# Requests store path to install from master |
|||
# Runs disko and nixos-install |
|||
|
|||
{} |
@ -0,0 +1,29 @@ |
|||
{ pkgs, config, lib, ... }: |
|||
|
|||
with lib; |
|||
|
|||
let |
|||
connAuth = toString (pkgs.writeText "beegfs-conn-auth" "asdasdasdasd"); |
|||
# connAuth = ${config.sops.secrets."beegfs/connection".path} |
|||
|
|||
in |
|||
{ |
|||
nixpkgs.config.allowUnfree = true; |
|||
|
|||
hpc.beegfs = { |
|||
connAuthFile = connAuth; |
|||
|
|||
mgmtdHost = "manager.hpc.informatik.hs-fulda.de"; |
|||
|
|||
client = { |
|||
enable = true; |
|||
mountPoint = "/projects"; |
|||
}; |
|||
|
|||
mgmtd.enable = true; |
|||
meta.enable = true; |
|||
storage.enable = true; |
|||
}; |
|||
|
|||
sops.secrets."beegfs/connection" = {}; |
|||
} |
@ -0,0 +1,23 @@ |
|||
{ config, ... }: |
|||
|
|||
{ |
|||
services.nix-serve = { |
|||
enable = true; |
|||
secretKeyFile = config.sops.secrets."cache/privateKey".path; |
|||
}; |
|||
|
|||
sops.secrets."cache/privateKey" = { |
|||
format = "binary"; |
|||
sopsFile = ../../secrets/cache-priv-key.pem; |
|||
}; |
|||
|
|||
services.nginx = { |
|||
enable = true; |
|||
recommendedProxySettings = true; |
|||
virtualHosts = { |
|||
"cache.hpc.informatik.hs-fulda.de" = { |
|||
locations."/".proxyPass = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}"; |
|||
}; |
|||
}; |
|||
}; |
|||
} |
@ -0,0 +1,35 @@ |
|||
{ ... }: |
|||
{ lib, config, ... }: |
|||
|
|||
with lib; |
|||
|
|||
{ |
|||
imports = [ |
|||
./disk.nix |
|||
./nfs.nix |
|||
#./ldap.nix |
|||
#./beegfs.nix |
|||
#./ntp.nix |
|||
#./gateway.nix |
|||
#./autoinstall.nix |
|||
#./cache.nix |
|||
]; |
|||
|
|||
users.users."root".password = "asdasd123"; |
|||
|
|||
virtualisation.useDefaultFilesystems = false; |
|||
virtualisation.fileSystems."/" = { |
|||
device = config.virtualisation.bootDevice; |
|||
fsType = "btrfs"; |
|||
autoFormat = true; |
|||
}; |
|||
|
|||
deployment = { |
|||
targetHost = "10.32.30.240"; |
|||
targetUser = "root"; |
|||
|
|||
tags = [ "manager" ]; |
|||
}; |
|||
|
|||
networking.hostName = "manager"; |
|||
} |
@ -0,0 +1,40 @@ |
|||
{ ... }: |
|||
|
|||
{ |
|||
disko.devices = { |
|||
disk.sda = { |
|||
device = "/dev/nvme0n1"; |
|||
type = "disk"; |
|||
content = { |
|||
type = "table"; |
|||
format = "gpt"; |
|||
partitions = [ |
|||
{ |
|||
name = "root"; |
|||
start = "100MiB"; |
|||
end = "100%"; |
|||
part-type = "primary"; |
|||
bootable = true; |
|||
content = { |
|||
type = "filesystem"; |
|||
format = "ext4"; |
|||
#format = "btrfs"; |
|||
mountpoint = "/"; |
|||
}; |
|||
} |
|||
{ |
|||
name = "ESP"; |
|||
start = "1MiB"; |
|||
end = "100MiB"; |
|||
bootable = true; |
|||
content = { |
|||
type = "filesystem"; |
|||
format = "vfat"; |
|||
mountpoint = "/boot"; |
|||
}; |
|||
} |
|||
]; |
|||
}; |
|||
}; |
|||
}; |
|||
} |
@ -0,0 +1,4 @@ |
|||
# DHCP server for nodes |
|||
# NAT gateway for nodes |
|||
|
|||
{} |
@ -0,0 +1,44 @@ |
|||
{ config, ... }: |
|||
|
|||
{ |
|||
services.openldap = { |
|||
enable = true; |
|||
settings = { |
|||
children = { |
|||
"cn=schema".includes = [ |
|||
"${config.services.openldap.package}/etc/schema/core.ldif" |
|||
"${config.services.openldap.package}/etc/schema/cosine.ldif" |
|||
"${config.services.openldap.package}/etc/schema/inetorgperson.ldif" |
|||
"${config.services.openldap.package}/etc/schema/nis.ldif" |
|||
]; |
|||
"olcDatabase={1}mdb" = { |
|||
attrs = { |
|||
objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ]; |
|||
|
|||
olcDatabase = "{1}mdb"; |
|||
olcDbDirectory = "/var/lib/openldap/db"; |
|||
|
|||
olcSuffix = "dc=sc,dc=informatik,dc=hs-fulda,dc=de"; |
|||
|
|||
olcRootDN = "cn=root,dc=sc,dc=informatik,dc=hs-fulda,dc=de"; |
|||
olcRootPW.path = config.sops.secrets."ldap/root/password".path; |
|||
|
|||
olcAccess = [ |
|||
# Custom access rules for userPassword attributes |
|||
''{0}to attrs=userPassword |
|||
by self write |
|||
by anonymous auth |
|||
by * none'' |
|||
|
|||
# Allow read on anything else |
|||
''{1}to * |
|||
by * read'' |
|||
]; |
|||
}; |
|||
}; |
|||
}; |
|||
}; |
|||
}; |
|||
|
|||
sops.secrets."ldap/root/password" = { }; |
|||
} |
@ -0,0 +1,8 @@ |
|||
{ |
|||
services.nfs.server = { |
|||
enable = true; |
|||
exports = '' |
|||
/home node*.hpc.informatik.hs-fulda.de(rw) |
|||
''; |
|||
}; |
|||
} |
@ -0,0 +1,5 @@ |
|||
{ |
|||
services.chrony = { |
|||
enable = true; |
|||
}; |
|||
} |
@ -0,0 +1,24 @@ |
|||
{ id, ... }: |
|||
{ lib, ... }: |
|||
|
|||
with lib; |
|||
|
|||
{ |
|||
imports = [ |
|||
./disk.nix |
|||
]; |
|||
|
|||
boot.loader.systemd-boot.enable = true; |
|||
boot.loader.efi.canTouchEfiVariables = true; |
|||
|
|||
networking.hostName = "node-${fixedWidthNumber 2 id}"; |
|||
|
|||
nix.settings = { |
|||
substituters = [ |
|||
"http://cache.hpc.informatik.hs-fulda.de" |
|||
]; |
|||
trusted-public-keys = [ |
|||
"cache.hpc.informatik.hs-fulda.de:dc2abEGJAQfaZiBXhjvjPU0jx/wosQwAOQoz48/G6cA=" |
|||
]; |
|||
}; |
|||
} |
@ -0,0 +1,39 @@ |
|||
{ ... }: |
|||
|
|||
{ |
|||
disko.devices = { |
|||
disk.sda = { |
|||
device = "/dev/sda"; |
|||
type = "disk"; |
|||
content = { |
|||
type = "table"; |
|||
format = "gpt"; |
|||
partitions = [ |
|||
{ |
|||
name = "root"; |
|||
start = "100MiB"; |
|||
end = "100%"; |
|||
part-type = "primary"; |
|||
bootable = true; |
|||
content = { |
|||
type = "filesystem"; |
|||
format = "btrfs"; |
|||
mountpoint = "/"; |
|||
}; |
|||
} |
|||
{ |
|||
name = "ESP"; |
|||
start = "1MiB"; |
|||
end = "100MiB"; |
|||
bootable = true; |
|||
content = { |
|||
type = "filesystem"; |
|||
format = "vfat"; |
|||
mountpoint = "/boot"; |
|||
}; |
|||
} |
|||
]; |
|||
}; |
|||
}; |
|||
}; |
|||
} |
@ -0,0 +1,22 @@ |
|||
{ |
|||
users.ldap = { |
|||
enable = true; |
|||
|
|||
server = "ldap://manager.hpc.informatik.hs-fulda.de/"; |
|||
base = "dc=hpc,dc=informatik,dc=hs-fulda,dc=de"; |
|||
|
|||
daemon.enable = true; |
|||
}; |
|||
|
|||
filesystem."home" = { |
|||
mountPoint = "/home"; |
|||
device = "manager.hpc.informatik.hs-fulda.de:/home"; |
|||
fsType = "nfs"; |
|||
options = [ |
|||
"nfsvers=4.2" |
|||
"noauto" |
|||
"x-systemd.automount" |
|||
"x-systemd.idle-timeout=600" |
|||
]; |
|||
}; |
|||
} |
@ -0,0 +1,227 @@ |
|||
{ pkgs, config, lib, ... }: |
|||
|
|||
with lib; |
|||
|
|||
{ |
|||
options.hpc.beegfs = { |
|||
package = mkOption { |
|||
description = '' |
|||
BeeGFS package. |
|||
''; |
|||
type = types.package; |
|||
default = config.boot.kernelPackages.callPackage ../packages/beegfs/default.nix { }; |
|||
}; |
|||
|
|||
mgmtdHost = mkOption { |
|||
description = '' |
|||
Hostname of the management host. |
|||
''; |
|||
type = types.str; |
|||
}; |
|||
|
|||
connAuthFile = mkOption { |
|||
description = '' |
|||
File containing shared secret authentication. |
|||
''; |
|||
type = types.str; |
|||
}; |
|||
|
|||
client = { |
|||
enable = mkEnableOption "BeeGFS client"; |
|||
|
|||
mountPoint = mkOption { |
|||
description = '' |
|||
Mount point under which the BeeGFS filesystem is mounted. |
|||
''; |
|||
type = types.nullOr types.str; |
|||
default = null; |
|||
}; |
|||
}; |
|||
|
|||
mgmtd = { |
|||
enable = mkEnableOption "BeeGFS management server daemon"; |
|||
}; |
|||
|
|||
meta = { |
|||
enable = mkEnableOption "BeeGFS meta-data server daemon"; |
|||
}; |
|||
|
|||
storage = { |
|||
enable = mkEnableOption "BeeGFS storage server daemon"; |
|||
}; |
|||
}; |
|||
|
|||
config = mkMerge [ |
|||
(mkIf config.hpc.beegfs.client.enable { |
|||
boot.kernelModules = [ "beegfs" ]; |
|||
boot.extraModulePackages = [ config.hpc.beegfs.package.module ]; |
|||
|
|||
environment.etc."beegfs-client" = { |
|||
enable = true; |
|||
target = "beegfs/client.conf"; |
|||
text = '' |
|||
sysMgmtdHost = ${config.hpc.beegfs.mgmtdHost} |
|||
connAuthFile = ${config.hpc.beegfs.connAuthFile} |
|||
''; |
|||
}; |
|||
|
|||
systemd.mounts = mkIf (config.hpc.beegfs.client.mountPoint != null) [ { |
|||
where = config.hpc.beegfs.client.mountPoint; |
|||
what = "beegfs_nodev"; |
|||
type = "beegfs"; |
|||
|
|||
options = "cfgFile=/etc/beegfs/client.conf,_netdev"; |
|||
|
|||
requires = [ "beegfs-helperd.service" ]; |
|||
after = [ "beegfs-helperd.service" ]; |
|||
} ]; |
|||
|
|||
systemd.services."beegfs-helperd" = let |
|||
cfgFile = pkgs.writeText "beegfs-helperd.conf" '' |
|||
connAuthFile = ${config.hpc.beegfs.connAuthFile} |
|||
logType = syslog |
|||
''; |
|||
in { |
|||
wantedBy = [ "multi-user.target" ]; |
|||
requires = [ "network-online.target" ]; |
|||
after = [ "network-online.target" ]; |
|||
|
|||
serviceConfig = rec { |
|||
ExecStart = '' |
|||
${config.hpc.beegfs.package}/bin/beegfs-helperd \ |
|||
cfgFile=${cfgFile} \ |
|||
pidFile=${PIDFile} \ |
|||
runDaemonized=false |
|||
''; |
|||
PIDFile = "/run/beegfs-helperd.pid"; |
|||
TimeoutStopSec = "300"; |
|||
}; |
|||
}; |
|||
|
|||
environment.systemPackages = [ (pkgs.runCommandLocal "beegfs-utils" { |
|||
nativeBuildInputs = [ pkgs.makeWrapper ]; |
|||
} '' |
|||
mkdir -p $out/bin |
|||
|
|||
makeWrapper ${config.hpc.beegfs.package}/bin/beegfs-check-servers \ |
|||
$out/bin/beegfs-check-servers \ |
|||
--add-flags "-c /etc/beegfs/client.conf" \ |
|||
--prefix PATH : ${lib.makeBinPath [ config.hpc.beegfs.package ]} |
|||
|
|||
makeWrapper ${config.hpc.beegfs.package}/bin/beegfs-ctl \ |
|||
$out/bin/beegfs-ctl \ |
|||
--add-flags "--cfgFile=/etc/beegfs/client.conf" |
|||
|
|||
makeWrapper ${config.hpc.beegfs.package}/bin/beegfs-ctl \ |
|||
$out/bin/beegfs-df \ |
|||
--add-flags "--cfgFile=/etc/beegfs/client.conf" \ |
|||
--add-flags --listtargets \ |
|||
--add-flags --hidenodeid \ |
|||
--add-flags --pools \ |
|||
--add-flags --spaceinfo |
|||
|
|||
makeWrapper ${config.hpc.beegfs.package}/bin/fsck.beegfs \ |
|||
$out/bin/beegfs-fsck \ |
|||
--add-flags "--cfgFile=/etc/beegfs/client.conf" |
|||
'') ]; |
|||
}) |
|||
|
|||
(mkIf config.hpc.beegfs.mgmtd.enable (let |
|||
cfgFile = pkgs.writeText "beegfs-mgmtd.conf" '' |
|||
storeMgmtdDirectory = /var/lib/beegs/mgmtd |
|||
storeAllowFirstRunInit = false |
|||
connAuthFile = ${config.hpc.beegfs.connAuthFile} |
|||
logType = syslog |
|||
''; |
|||
in { |
|||
systemd.services."beegfs-mgmtd" = { |
|||
wantedBy = [ "multi-user.target" ]; |
|||
requires = [ "network-online.target" ]; |
|||
after = [ "network-online.target" "rdma.service" "opensmd.service" "opensm.service" ]; |
|||
|
|||
preStart = '' |
|||
if ! test -e /var/lib/beegs/mgmtd; then |
|||
${config.hpc.beegfs.package}/bin/beegfs-setup-mgmtd -C -p /var/lib/beegs/mgmtd |
|||
fi |
|||
''; |
|||
|
|||
serviceConfig = rec { |
|||
ExecStart = '' |
|||
${config.hpc.beegfs.package}/bin/beegfs-mgmtd \ |
|||
cfgFile=${cfgFile} \ |
|||
pidFile=${PIDFile} \ |
|||
runDaemonized=false |
|||
''; |
|||
PIDFile = "/run/beegfs-mgmtd.pid"; |
|||
TimeoutStopSec = "300"; |
|||
}; |
|||
}; |
|||
})) |
|||
|
|||
(mkIf config.hpc.beegfs.meta.enable (let |
|||
cfgFile = pkgs.writeText "beegfs-meta.conf" '' |
|||
storeMetaDirectory = /var/lib/beegs/meta |
|||
storeAllowFirstRunInit = false |
|||
sysMgmtdHost = ${config.hpc.beegfs.mgmtdHost} |
|||
connAuthFile = ${config.hpc.beegfs.connAuthFile} |
|||
logType = syslog |
|||
''; |
|||
in { |
|||
systemd.services."beegfs-meta" = { |
|||
wantedBy = [ "multi-user.target" ]; |
|||
requires = [ "network-online.target" ]; |
|||
after = [ "network-online.target" "beegfs-mgmt.service" "beegfs-storage.service" "rdma.service" "opensmd.service" "opensm.service" ]; |
|||
|
|||
preStart = '' |
|||
if ! test -e /var/lib/beegs/meta; then |
|||
${config.hpc.beegfs.package}/bin/beegfs-setup-meta -C -p /var/lib/beegs/meta |
|||
fi |
|||
''; |
|||
|
|||
serviceConfig = rec { |
|||
ExecStart = '' |
|||
${config.hpc.beegfs.package}/bin/beegfs-meta \ |
|||
cfgFile=${cfgFile} \ |
|||
pidFile=${PIDFile} \ |
|||
runDaemonized=false |
|||
''; |
|||
PIDFile = "/run/beegfs-meta.pid"; |
|||
TimeoutStopSec = "300"; |
|||
}; |
|||
}; |
|||
})) |
|||
|
|||
(mkIf config.hpc.beegfs.storage.enable (let |
|||
cfgFile = pkgs.writeText "beegfs-storage.conf" '' |
|||
storeStorageDirectory = /var/lib/beegs/storage |
|||
storeAllowFirstRunInit = false |
|||
sysMgmtdHost = ${config.hpc.beegfs.mgmtdHost} |
|||
connAuthFile = ${config.hpc.beegfs.connAuthFile} |
|||
logType = syslog |
|||
''; |
|||
in { |
|||
systemd.services."beegfs-storage" = { |
|||
wantedBy = [ "multi-user.target" ]; |
|||
requires = [ "network-online.target" ]; |
|||
after = [ "network-online.target" "beegfs-mgmt.service" "rdma.service" "opensmd.service" "opensm.service" ]; |
|||
|
|||
preStart = '' |
|||
if ! test -e /var/lib/beegs/storage; then |
|||
${config.hpc.beegfs.package}/bin/beegfs-setup-storage -C -p /var/lib/beegs/storage |
|||
fi |
|||
''; |
|||
|
|||
serviceConfig = rec { |
|||
ExecStart = '' |
|||
${config.hpc.beegfs.package}/bin/beegfs-storage \ |
|||
cfgFile=${cfgFile} \ |
|||
pidFile=${PIDFile} \ |
|||
runDaemonized=false |
|||
''; |
|||
PIDFile = "/run/beegfs-storage.pid"; |
|||
TimeoutStopSec = "300"; |
|||
}; |
|||
}; |
|||
})) |
|||
]; |
|||
} |
@ -0,0 +1,5 @@ |
|||
{ |
|||
imports = [ |
|||
./beegfs.nix |
|||
]; |
|||
} |
@ -0,0 +1,185 @@ |
|||
diff -r -u a/CMakeLists.txt b/CMakeLists.txt
|
|||
--- a/CMakeLists.txt 2023-03-15 12:09:15.000000000 +0100
|
|||
+++ b/CMakeLists.txt 2023-05-27 21:27:08.991487355 +0200
|
|||
@@ -85,10 +85,8 @@
|
|||
add_subdirectory("thirdparty/source/gtest") |
|||
endif() |
|||
|
|||
-set(CMAKE_INSTALL_PREFIX "/")
|
|||
-
|
|||
-add_subdirectory("beeond")
|
|||
-add_subdirectory("beeond_thirdparty_gpl")
|
|||
+# add_subdirectory("beeond")
|
|||
+# add_subdirectory("beeond_thirdparty_gpl")
|
|||
# add_subdirectory("client_devel") |
|||
# add_subdirectory("client_module") |
|||
add_subdirectory("common") |
|||
diff -r -u a/common/CMakeLists.txt b/common/CMakeLists.txt
|
|||
--- a/common/CMakeLists.txt 2023-03-15 12:09:15.000000000 +0100
|
|||
+++ b/common/CMakeLists.txt 2023-05-29 10:57:53.502540650 +0200
|
|||
@@ -572,6 +572,5 @@
|
|||
|
|||
install( |
|||
TARGETS beegfs_ib |
|||
- DESTINATION "usr/lib"
|
|||
COMPONENT "libbeegfs-ib" |
|||
) |
|||
diff -r -u a/ctl/CMakeLists.txt b/ctl/CMakeLists.txt
|
|||
--- a/ctl/CMakeLists.txt 2023-03-15 12:09:15.000000000 +0100
|
|||
+++ b/ctl/CMakeLists.txt 2023-05-29 10:57:13.297068443 +0200
|
|||
@@ -149,6 +149,5 @@
|
|||
|
|||
install( |
|||
TARGETS beegfs-ctl |
|||
- DESTINATION "usr/bin"
|
|||
COMPONENT "utils" |
|||
) |
|||
diff -r -u a/event_listener/CMakeLists.txt b/event_listener/CMakeLists.txt
|
|||
--- a/event_listener/CMakeLists.txt 2023-03-15 12:09:15.000000000 +0100
|
|||
+++ b/event_listener/CMakeLists.txt 2023-05-29 10:57:16.262103203 +0200
|
|||
@@ -10,13 +10,12 @@
|
|||
|
|||
install( |
|||
TARGETS beegfs-event-listener |
|||
- DESTINATION "usr/sbin"
|
|||
COMPONENT "event-listener" |
|||
) |
|||
|
|||
install( |
|||
FILES "include/beegfs/beegfs_file_event_log.hpp" |
|||
- DESTINATION "usr/include/beegfs"
|
|||
+ DESTINATION "${CMAKE_INSTALL_INCLUDEDIR}/beegfs"
|
|||
COMPONENT "event-listener" |
|||
) |
|||
|
|||
Only in v7-7.3.3: foo |
|||
diff -r -u a/fsck/CMakeLists.txt b/fsck/CMakeLists.txt
|
|||
--- a/fsck/CMakeLists.txt 2023-03-15 12:09:15.000000000 +0100
|
|||
+++ b/fsck/CMakeLists.txt 2023-05-29 10:57:18.938134583 +0200
|
|||
@@ -148,6 +148,5 @@
|
|||
|
|||
install( |
|||
TARGETS fsck.beegfs |
|||
- DESTINATION "sbin"
|
|||
COMPONENT "utils" |
|||
) |
|||
diff -r -u a/helperd/CMakeLists.txt b/helperd/CMakeLists.txt
|
|||
--- a/helperd/CMakeLists.txt 2023-03-15 12:09:15.000000000 +0100
|
|||
+++ b/helperd/CMakeLists.txt 2023-05-29 10:57:21.185160939 +0200
|
|||
@@ -59,6 +59,5 @@
|
|||
|
|||
install( |
|||
TARGETS beegfs-helperd |
|||
- DESTINATION "usr/sbin"
|
|||
COMPONENT "helperd" |
|||
) |
|||
diff -r -u a/meta/CMakeLists.txt b/meta/CMakeLists.txt
|
|||
--- a/meta/CMakeLists.txt 2023-03-15 12:09:15.000000000 +0100
|
|||
+++ b/meta/CMakeLists.txt 2023-05-29 11:00:36.501472258 +0200
|
|||
@@ -326,13 +326,12 @@
|
|||
|
|||
install( |
|||
TARGETS beegfs-meta |
|||
- DESTINATION "usr/sbin"
|
|||
COMPONENT "meta" |
|||
) |
|||
|
|||
install( |
|||
PROGRAMS "build/dist/sbin/beegfs-setup-meta" |
|||
- DESTINATION "usr/sbin"
|
|||
+ TYPE BIN
|
|||
COMPONENT "meta" |
|||
) |
|||
|
|||
@@ -347,10 +346,3 @@
|
|||
DESTINATION "etc/beegfs" |
|||
COMPONENT "meta" |
|||
) |
|||
-
|
|||
-install(
|
|||
- PROGRAMS "build/beegfs-meta.sh"
|
|||
- RENAME "beegfs-meta"
|
|||
- DESTINATION "opt/beegfs/sbin"
|
|||
- COMPONENT "meta"
|
|||
-)
|
|||
diff -r -u a/mgmtd/CMakeLists.txt b/mgmtd/CMakeLists.txt
|
|||
--- a/mgmtd/CMakeLists.txt 2023-03-15 12:09:15.000000000 +0100
|
|||
+++ b/mgmtd/CMakeLists.txt 2023-05-29 11:00:44.428566811 +0200
|
|||
@@ -161,13 +161,12 @@
|
|||
|
|||
install( |
|||
TARGETS beegfs-mgmtd |
|||
- DESTINATION "usr/sbin"
|
|||
COMPONENT "mgmtd" |
|||
) |
|||
|
|||
install( |
|||
PROGRAMS "build/dist/sbin/beegfs-setup-mgmtd" |
|||
- DESTINATION "usr/sbin"
|
|||
+ TYPE BIN
|
|||
COMPONENT "mgmtd" |
|||
) |
|||
|
|||
@@ -182,10 +181,3 @@
|
|||
DESTINATION "etc/beegfs" |
|||
COMPONENT "mgmtd" |
|||
) |
|||
-
|
|||
-install(
|
|||
- PROGRAMS "build/beegfs-mgmtd.sh"
|
|||
- RENAME "beegfs-mgmtd"
|
|||
- DESTINATION "opt/beegfs/sbin"
|
|||
- COMPONENT "mgmtd"
|
|||
-)
|
|||
diff -r -u a/storage/CMakeLists.txt b/storage/CMakeLists.txt
|
|||
--- a/storage/CMakeLists.txt 2023-03-15 12:09:15.000000000 +0100
|
|||
+++ b/storage/CMakeLists.txt 2023-05-29 11:00:53.385673711 +0200
|
|||
@@ -188,7 +188,6 @@
|
|||
|
|||
install( |
|||
TARGETS beegfs-storage |
|||
- DESTINATION "usr/sbin"
|
|||
COMPONENT "storage" |
|||
) |
|||
|
|||
@@ -200,7 +199,7 @@
|
|||
|
|||
install( |
|||
PROGRAMS "build/dist/sbin/beegfs-setup-storage" |
|||
- DESTINATION "usr/sbin"
|
|||
+ TYPE BIN
|
|||
COMPONENT "storage" |
|||
) |
|||
|
|||
@@ -209,10 +208,3 @@
|
|||
DESTINATION "etc/beegfs" |
|||
COMPONENT "storage" |
|||
) |
|||
-
|
|||
-install(
|
|||
- PROGRAMS "build/beegfs-storage.sh"
|
|||
- RENAME "beegfs-storage"
|
|||
- DESTINATION "opt/beegfs/sbin"
|
|||
- COMPONENT "storage"
|
|||
-)
|
|||
diff -r -u a/upgrade/beegfs_mirror_md/CMakeLists.txt b/upgrade/beegfs_mirror_md/CMakeLists.txt
|
|||
--- a/upgrade/beegfs_mirror_md/CMakeLists.txt 2023-03-15 12:09:15.000000000 +0100
|
|||
+++ b/upgrade/beegfs_mirror_md/CMakeLists.txt 2023-05-29 10:57:40.926392744 +0200
|
|||
@@ -15,6 +15,5 @@
|
|||
|
|||
install( |
|||
TARGETS "beegfs-mirror-md" |
|||
- DESTINATION "usr/sbin"
|
|||
COMPONENT "beegfs-mirror-md" |
|||
) |
|||
diff -r -u a/utils/CMakeLists.txt b/utils/CMakeLists.txt
|
|||
--- a/utils/CMakeLists.txt 2023-03-15 12:09:15.000000000 +0100
|
|||
+++ b/utils/CMakeLists.txt 2023-05-29 11:01:05.123813896 +0200
|
|||
@@ -6,6 +6,6 @@
|
|||
|
|||
install( |
|||
PROGRAMS "scripts/beegfs-check-servers" "scripts/beegfs-df" "scripts/beegfs-net" |
|||
- DESTINATION "usr/bin"
|
|||
+ TYPE BIN
|
|||
COMPONENT "utils" |
|||
) |
@ -0,0 +1,77 @@ |
|||
{ stdenv |
|||
, fetchurl |
|||
, pkgconfig |
|||
, util-linux |
|||
, which |
|||
, libuuid |
|||
, attr |
|||
, xfsprogs |
|||
, rdma-core |
|||
, zlib |
|||
, openssl |
|||
, openssh |
|||
, curl |
|||
, cmake |
|||
, callPackage |
|||
, kernel ? null |
|||
, ... } : |
|||
|
|||
stdenv.mkDerivation (final: rec { |
|||
pname = "beegfs"; |
|||
version = "7.3.3"; |
|||
|
|||
src = fetchurl { |
|||
url = "https://git.beegfs.io/pub/v7/-/archive/${version}/v7-${version}.tar.gz"; |
|||
sha256 = "sha256-XfZY6ge4KWNJn9UE41b7ds2YCMz9FNXFqZd51qCatig="; |
|||
}; |
|||
|
|||
nativeBuildInputs = [ |
|||
pkgconfig |
|||
which |
|||
cmake |
|||
]; |
|||
|
|||
buildInputs = [ |
|||
util-linux |
|||
libuuid |
|||
attr |
|||
xfsprogs |
|||
zlib |
|||
openssl |
|||
rdma-core |
|||
openssh |
|||
curl |
|||
]; |
|||
|
|||
patches = [ |
|||
./001-build.patch |
|||
]; |
|||
|
|||
dontFixCmake = true; |
|||
|
|||
cmakeFlags = [ |
|||
"-DBEEGFS_VERSION=${version}" |
|||
"-DBEEGFS_SKIP_TESTS=true" |
|||
"-DCMAKE_BUILD_TYPE=Release" |
|||
"-DCMAKE_INSTALL_PREFIX=${placeholder "out"}" |
|||
"-DCMAKE_INSTALL_LIBDIR=lib" |
|||
]; |
|||
|
|||
hardeningDisable = [ "format" ]; |
|||
|
|||
passthru.module = callPackage ./module.nix { |
|||
inherit kernel; |
|||
beegfs = final; |
|||
}; |
|||
|
|||
meta = with stdenv.lib; { |
|||
description = "High performance distributed filesystem with RDMA support"; |
|||
homepage = "https://www.beegfs.io"; |
|||
platforms = [ "i686-linux" "x86_64-linux" ]; |
|||
license = { |
|||
fullName = "BeeGFS_EULA"; |
|||
url = "https://www.beegfs.io/docs/BeeGFS_EULA.txt"; |
|||
free = false; |
|||
}; |
|||
}; |
|||
}) |
@ -0,0 +1,45 @@ |
|||
{ beegfs |
|||
, kmod |
|||
, kernel |
|||
, ... } : |
|||
|
|||
kernel.stdenv.mkDerivation rec { |
|||
name = "beegfs-module-${beegfs.version}-${kernel.version}"; |
|||
|
|||
inherit (beegfs) src; |
|||
|
|||
nativeBuildInputs = [ |
|||
kmod |
|||
]; |
|||
|
|||
buildInputs = kernel.moduleBuildDependencies; |
|||
|
|||
hardeningDisable = [ "fortify" "pic" "stackprotector" ]; |
|||
|
|||
sourceRoot = "v7-${beegfs.version}/client_module/build"; |
|||
|
|||
makeFlags = [ |
|||
"KERNELRELEASE=${kernel.modDirVersion}" |
|||
"KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build/" |
|||
"BEEGFS_VERSION=${beegfs.version}-nixos1" |
|||
]; |
|||
|
|||
postPatch = '' |
|||
patchShebangs ./ |
|||
|
|||
find -type f -name Makefile -exec sed -i "s:/bin/true:true:" \{} \; |
|||
find -type f -name "*.mk" -exec sed -i "s:/bin/true:true:" \{} \; |
|||
''; |
|||
|
|||
installPhase = '' |
|||
mkdir -p $out/lib/modules/${kernel.modDirVersion}/extras/fs/beegfs |
|||
install -t $out/lib/modules/${kernel.modDirVersion}/extras/fs/beegfs beegfs.ko |
|||
''; |
|||
|
|||
enableParallelBuilding = true; |
|||
|
|||
meta = with kernel.stdenv.lib; { |
|||
description = beegfs.meta.description + " (kernel module)"; |
|||
inherit (beegfs.meta) homepage license platforms; |
|||
}; |
|||
} |
@ -0,0 +1,31 @@ |
|||
ldap: |
|||
root: |
|||
password: ENC[AES256_GCM,data:bYuw+9ywfRDNVt0nrLDmWE8+f8aHQvGd,iv:JHU3MxmNdxI2a62Dcky8xhHhjhcxyjM0Z0xLEnLxJwU=,tag:3VW0zTlRFxLDI8WxGu1lew==,type:str] |
|||
beegfs: |
|||
connection: ENC[AES256_GCM,data:YTHMg76+5Azb+ex5ArUHt4xP+YYWr9Ph,iv:TEf8i+yezPsaW12Lg5jRnhds9uW9WhV6duZPdxeW9co=,tag:bPGsl7ofwE1Jh+FTyHJqzQ==,type:str] |
|||
sops: |
|||
kms: [] |
|||
gcp_kms: [] |
|||
azure_kv: [] |
|||
hc_vault: [] |
|||
age: [] |
|||
lastmodified: "2023-05-29T12:51:30Z" |
|||
mac: ENC[AES256_GCM,data:02jKHbEZGs3QiNzXEQxcB8v/i5UVB/pCciz4hSI220+GEYPgQK6qR1cZJaMAyrHKjzJLhNZq3Gfgsj4zfA+FMg/d12vp2QNTMRrVD/hSh67NgloZ/iTmJC//S8OJfiHEPdGKkq7zXCVajnkGMT/0yLNWAKISAwL451ohgMzMQYw=,iv:8hqKXUolNA7WatnnYwwUN2EgOyZjTISG2bfToENYc7c=,tag:5y43RQJgZbPK8g3Cw8CBzQ==,type:str] |
|||
pgp: |
|||
- created_at: "2023-05-24T20:04:49Z" |
|||
enc: | |
|||
-----BEGIN PGP MESSAGE----- |
|||
|
|||
hQEMA5ntoryXZPD4AQf6A69nF8BRpYRdz3ea8acqryKoMe5p2A44drykDQR0NO9r |
|||
I6j0Hg9AksgC+rGRIQtCuj18gYybDFXgYLCE8MYfgh2NSyqeGzq2+kPDqAXRong/ |
|||
Wrg1+KRlDbvIqH7IZ5BS40TGdphh/U8BIUcO8N4tgP60G6C7z9FqfjiA5YByqau3 |
|||
7uAtKg3kR6lL13Cf0AUnMrQ8AOZ+6p+BwdTcXeUW2bScw8ScbEQsw/MtoiEN9Een |
|||
jvPhqTczdcZLIgTV+DvmimwYmH8xwFiMNFBrt4uzsBMv9N4pb0EzL8TcKIOuE8iw |
|||
YserGEi/sMx5QzqYmS2yPvNxwcXsZi28SQrHOs4Lv9JeAdpqwrqJjAaV3pN0OgSy |
|||
31XV/oDL8GJ3SfNqUZEULB06gkemRZscehMOi0tN+UX1gd7fJGsqsDK6geuqpShP |
|||
IpfMLriGoQb6Zy4fwEq9N5+AfWXfSZ9Kb8ab8ksvuA== |
|||
=Wm8a |
|||
-----END PGP MESSAGE----- |
|||
fp: 3237CA7A1744B4DCE96B409FB4C3BF012D9B26BE |
|||
unencrypted_suffix: _unencrypted |
|||
version: 3.7.3 |
@ -0,0 +1,21 @@ |
|||
{ |
|||
"data": "ENC[AES256_GCM,data:zFVNY6fYkVEvHcZ/IaWvcmIkf+NwZ9p45XEy7/sxpSvr62F80pzxAiC99IX+1+XLH83zk5dqm1vMUuX9NdNAxB0Mousyp1YdkF0Zqi5/il9B/p7R24AIfgeQCa46qo5MbYVWRgs6R1rp9Y573+6/SbPtDqoChvE1Kic=,iv:uQa4O9WnyFZ+kPvp/ozXilCTyUJcLvwlVWF7rmTi9w8=,tag:2MuFj4/Mn9LECE7cToQwVQ==,type:str]", |
|||
"sops": { |
|||
"kms": null, |
|||
"gcp_kms": null, |
|||
"azure_kv": null, |
|||
"hc_vault": null, |
|||
"age": null, |
|||
"lastmodified": "2023-05-26T08:59:34Z", |
|||
"mac": "ENC[AES256_GCM,data:8h8NREXye3DDL7DpvT7sVr1lyaAfEgDwOoaDMuCzzRyHFWPSELQHnjLjEjmexoRrrsE/U608/h62PU7m9EDSYuWlJsvuNBZ+HezR/Ve8oFrZ5ZE3HIoEt2aeM2enSEHGP+aYFL4jEZJJDn9xoW3chFu3JLTSez0NOAhuejghjnU=,iv:Dfxlfa/mwKswYL077oPV+rylKk5y67qKPz+6UFCje9c=,tag:lmM0U8H5FlVRMO51mqTZgg==,type:str]", |
|||
"pgp": [ |
|||
{ |
|||
"created_at": "2023-05-26T08:54:32Z", |
|||
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQEMA5ntoryXZPD4AQf/WmHVgATZ4cl/zI+aRMYGrWyAHAWJ/gtXzTbY2oGHdonw\nx4+5XBsFg28JcJXlI9Aq643e8+/2BPie4tawyrNfWBcaovHbFzEvc4EK0wPbx0Ax\nYW2P237lKyCfOhC4uzeghlr/IpX+SGZGvSDmg6R99/sXZ8pnPFG6PwPp2rdE1JMJ\nZRupMzZfSgJWgZXQIxJhiymHh1ddAMGuLhDzRSj7eVZiN8kl39Y0wEKzmCqCSvIl\n5nn3EmGsB2sSNo8W6C91WQRyxRBP48wWUSZ0P7lHXQEqJW9ioLGq+1qLaL2ZVA3h\nr++vjXf+v9yIsOSGVJAehVV4rXF1pJJJSDMewG6bJdJeAQOiR8+mLvdtwIQOfEFM\nQVvNJ6RfRKSYIrRxBqBJx4vDKTUtktmcBRZJazB7s+TWkhAtrFHyZXCcO9L9Uz7/\nePJ8xD8z6SDZTUa7Y2mJx416mVZwvz7yEWThIBrGGA==\n=Xn2g\n-----END PGP MESSAGE-----\n", |
|||
"fp": "3237CA7A1744B4DCE96B409FB4C3BF012D9B26BE" |
|||
} |
|||
], |
|||
"unencrypted_suffix": "_unencrypted", |
|||
"version": "3.7.3" |
|||
} |
|||
} |
@ -0,0 +1,35 @@ |
|||
{ pkgs, modulesPath, ... }: |
|||
|
|||
{ |
|||
imports = [ |
|||
./network.nix |
|||
./root.nix |
|||
|
|||
#"${modulesPath}/profiles/headless.nix" |
|||
"${modulesPath}/profiles/all-hardware.nix" |
|||
]; |
|||
|
|||
sops = { |
|||
defaultSopsFile = ../secrets.yaml; |
|||
defaultSopsFormat = "yaml"; |
|||
|
|||
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; |
|||
}; |
|||
|
|||
boot.loader.systemd-boot.enable = true; |
|||
boot.loader.efi.canTouchEfiVariables = true; |
|||
|
|||
boot.initrd.systemd.enable = true; |
|||
|
|||
time.timeZone = "Europe/Berlin"; |
|||
console.keyMap = "de"; |
|||
|
|||
environment.systemPackages = with pkgs; [ |
|||
vim |
|||
wget |
|||
curl |
|||
tmux |
|||
]; |
|||
|
|||
system.stateVersion = "22.11"; |
|||
} |
@ -0,0 +1,10 @@ |
|||
{ |
|||
networking.domain = "hpc.informatik.hs-fulda.de"; |
|||
|
|||
networking.useDHCP = true; |
|||
|
|||
services.openssh = { |
|||
enable = true; |
|||
permitRootLogin = "without-password"; |
|||
}; |
|||
} |
@ -0,0 +1,11 @@ |
|||
{ |
|||
users.mutableUsers = false; |
|||
|
|||
users.users."root" = { |
|||
hashedPassword = "$y$j9T$tz8ojZ2gVOQ5AUp6GMhoj.$mAeE0eTGGsKNGddC7ebk/zFr5IMDyIpOpMP/6o.GI6D"; |
|||
|
|||
openssh.authorizedKeys.keys = [ |
|||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK2nkarN0+uSuP5sGwDCb9KRu+FCjO/+da4VypGanPUZ fooker@k-2so" |
|||
]; |
|||
}; |
|||
} |
Write
Preview
Loading…
Cancel
Save
Reference in new issue