forked from c3d2/nix-config
Generate simd variants of each host, delete unused module
This commit is contained in:
parent
6b8d8541c6
commit
b467bb4e74
22
flake.nix
22
flake.nix
|
@ -756,11 +756,23 @@
|
|||
) sops-nix.packages;
|
||||
|
||||
hydraJobs =
|
||||
builtins.mapAttrs (_: nixos.lib.hydraJob) (
|
||||
builtins.mapAttrs (_: nixosSystem:
|
||||
if nixosSystem.config ? microvm.declaredRunner
|
||||
then nixosSystem.config.microvm.declaredRunner
|
||||
else nixosSystem.config.system.build.toplevel
|
||||
lib.mapAttrs (_: nixos.lib.hydraJob) (
|
||||
lib.mapAttrs (_: nixosSystem:
|
||||
nixosSystem.config.microvm.declaredRunner or nixosSystem.config.system.build.toplevel
|
||||
) self.nixosConfigurations
|
||||
// lib.mapAttrs' (hostname: nixosSystem: lib.nameValuePair
|
||||
(hostname + "-simd")
|
||||
(nixosSystem.config.microvm.declaredRunner or nixosSystem.config.system.build.toplevel hostname
|
||||
(nixosSystem (nixosSystem.args // (with nixosSystem.args; {
|
||||
hostname = hostname + "-simd";
|
||||
modules = modules ++ [
|
||||
{
|
||||
sandro.simd.enable = lib.mkForce true;
|
||||
}
|
||||
];
|
||||
inherit (inputs) nixpkgs;
|
||||
})))
|
||||
)
|
||||
) self.nixosConfigurations
|
||||
// nixos.lib.filterAttrs (name: attr:
|
||||
(lib.match ".+-tftproot" name != null && lib.isDerivation attr)
|
||||
|
|
|
@ -80,6 +80,8 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
c3d2.simd.arch = "ivybridge";
|
||||
|
||||
services = {
|
||||
hydra = {
|
||||
enable = true;
|
||||
|
|
|
@ -9,6 +9,7 @@
|
|||
c3d2 = {
|
||||
deployment.microvmBaseZfsDataset = "server10/vm";
|
||||
hq.statistics.enable = true;
|
||||
simd.arch = "ivybridge";
|
||||
};
|
||||
|
||||
boot = {
|
||||
|
|
|
@ -5,6 +5,11 @@
|
|||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
c3d2 = {
|
||||
# deployment.microvmBaseZfsDataset = "tank/storage";
|
||||
hq.statistics.enable = true;
|
||||
simd.arch = "westmere";
|
||||
};
|
||||
|
||||
boot = {
|
||||
loader.grub = {
|
||||
|
@ -28,15 +33,14 @@
|
|||
hostName = "server8";
|
||||
hostId = "08080808";
|
||||
};
|
||||
system.stateVersion = "22.11";
|
||||
services.openssh.enable = true;
|
||||
|
||||
services.zfs.autoScrub.enable = true;
|
||||
services.smartd.enable = true;
|
||||
|
||||
c3d2 = {
|
||||
# deployment.microvmBaseZfsDataset = "tank/storage";
|
||||
hq.statistics.enable = true;
|
||||
services = {
|
||||
openssh.enable = true;
|
||||
smartd.enable = true;
|
||||
zfs.autoScrub.enable = true;
|
||||
};
|
||||
|
||||
skyflake.nomad.client.meta."c3d2.cpuSpeed" = "3";
|
||||
|
||||
system.stateVersion = "22.11";
|
||||
}
|
||||
|
|
|
@ -4,7 +4,14 @@ _:
|
|||
imports = [
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
boot= {
|
||||
|
||||
c3d2 = {
|
||||
deployment.microvmBaseZfsDataset = "tank/storage";
|
||||
hq.statistics.enable = true;
|
||||
simd.arch = "westmere";
|
||||
};
|
||||
|
||||
boot = {
|
||||
loader.grub = {
|
||||
enable = true;
|
||||
version = 2;
|
||||
|
@ -25,23 +32,24 @@ _:
|
|||
hostName = "server9";
|
||||
hostId = "09090909";
|
||||
};
|
||||
system.stateVersion = "21.11";
|
||||
services.openssh.enable = true;
|
||||
|
||||
services.zfs.autoScrub.enable = true;
|
||||
services.smartd.enable = true;
|
||||
# required by libvirtd
|
||||
security.polkit.enable = true;
|
||||
|
||||
c3d2 = {
|
||||
deployment.microvmBaseZfsDataset = "tank/storage";
|
||||
hq.statistics.enable = true;
|
||||
services = {
|
||||
openssh.enable = true;
|
||||
smartd.enable = true;
|
||||
zfs.autoScrub.enable = true;
|
||||
};
|
||||
|
||||
skyflake.nomad.client.meta."c3d2.cpuSpeed" = "3";
|
||||
|
||||
system.stateVersion = "21.11";
|
||||
|
||||
# XXX: enable for zw-ev and poelzi-ha until we find a better solution
|
||||
virtualisation.libvirtd = {
|
||||
enable = true;
|
||||
onShutdown = "shutdown";
|
||||
};
|
||||
# required by libvirtd
|
||||
security.polkit.enable = true;
|
||||
|
||||
}
|
||||
|
|
|
@ -157,6 +157,18 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
simd = {
|
||||
enable = lib.mkEnableOption "optimized builds with simd instructions";
|
||||
arch = lib.mkOption {
|
||||
type = with lib.types; nullOr str;
|
||||
default = null;
|
||||
description = ''
|
||||
Microarchitecture string for nixpkgs.hostPlatform.gcc.march and to generate system-features.
|
||||
Can be determined with: gcc -march=native -Q --help=target | grep march
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
users = mkOption {
|
||||
type = types.attrsOf (types.submodule {
|
||||
options.sshKeys = mkOption {
|
||||
|
|
|
@ -1,121 +0,0 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
# TODO: move to flake
|
||||
nixcloud-webservices = pkgs.fetchFromGitHub {
|
||||
owner = "nixcloud";
|
||||
repo = "nixcloud-webservices";
|
||||
rev = "3a0767f0536fac811065eb87e6342f27eac085aa";
|
||||
sha256 = "vC0vBu+0HchrevuWsmE7giouKnSt/q4F0TffwhuNJv8=";
|
||||
};
|
||||
inherit (import "${nixcloud-webservices}/pkgs" { inherit pkgs; }) nixcloud;
|
||||
|
||||
profilesDir = "/nix/var/nix/profiles/lxc";
|
||||
inherit (config.lxc) containers;
|
||||
inherit (config.nix) nixPath;
|
||||
|
||||
toLxcConfig' = path: a:
|
||||
if builtins.isString a then ''
|
||||
${path} = ${a}
|
||||
'' else if builtins.isInt a then ''
|
||||
${path} = ${toString a}
|
||||
'' else if builtins.isAttrs a then
|
||||
lib.concatMapStrings (name:
|
||||
let path' = if path == "" then name else "${path}.${name}";
|
||||
in toLxcConfig' path' (builtins.getAttr name a)) (builtins.attrNames a)
|
||||
else if builtins.isList a then
|
||||
lib.concatMapStrings (toLxcConfig' path) a
|
||||
else
|
||||
throw "Invalid LXC config value";
|
||||
toLxcConfig = toLxcConfig' "";
|
||||
in {
|
||||
options = with lib.types; {
|
||||
lxc.containers = mkOption {
|
||||
type = attrs;
|
||||
default = { };
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf (containers != { }) {
|
||||
virtualisation.lxc.enable = true;
|
||||
environment.systemPackages = [ nixcloud.container ];
|
||||
|
||||
virtualisation.lxc.defaultConfig = ''
|
||||
lxc.id_map = u 0 100000 65536
|
||||
lxc.id_map = g 0 100000 65536
|
||||
'';
|
||||
users.users.root.subGidRanges = [{
|
||||
count = 65536;
|
||||
startGid = 100000;
|
||||
}];
|
||||
users.users.root.subUidRanges = [{
|
||||
count = 65536;
|
||||
startUid = 100000;
|
||||
}];
|
||||
|
||||
systemd.services = if true then
|
||||
{ }
|
||||
else
|
||||
builtins.foldl' (services: name:
|
||||
let
|
||||
systemDir = "/${profilesDir}/${name}/system";
|
||||
lxcDefaults = {
|
||||
lxc = {
|
||||
uts.name = name;
|
||||
rootfs.path = "/run/current-system/sw/share/lxc/rootfs";
|
||||
mount.entry = [
|
||||
"${systemDir}/init /init none bind,ro 0 0"
|
||||
"/nix/store /nix/store none bind,ro 0 0"
|
||||
];
|
||||
autodev = 1;
|
||||
include = "/run/current-system/sw/share/lxc/config/common.conf";
|
||||
apparmor.profile = "generated";
|
||||
environment = "TERM=linux";
|
||||
};
|
||||
};
|
||||
config = builtins.getAttr name containers;
|
||||
lxcConfig = builtins.toFile "lxc-container-${name}.conf"
|
||||
# TODO: more intelligent merging?
|
||||
(toLxcConfig (lxcDefaults // config.lxc));
|
||||
|
||||
builder = {
|
||||
description = "Build NixOS for lxc container ${name}";
|
||||
wants = [ "nix-daemon.socket" ];
|
||||
after = [ "nix-daemon.service" ];
|
||||
|
||||
path = with pkgs; [ coreutils nix ];
|
||||
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
RemainAfterExit = true;
|
||||
Environment = [ "NIX_PATH=${builtins.concatStringsSep ":" nixPath}" ];
|
||||
};
|
||||
|
||||
script = ''
|
||||
mkdir -p ${profilesDir}/${name}
|
||||
|
||||
nix-env -p ${profilesDir}/${name}/system \
|
||||
-I nixos-config=${config.nixos-config} \
|
||||
-f '<nixpkgs/nixos>' \
|
||||
--set -A system
|
||||
'';
|
||||
};
|
||||
starter = {
|
||||
description = "LXC container ${name}";
|
||||
requires = [ "lxc-container-${name}-builder.service" ];
|
||||
after = [ "lxc-container-${name}-builder.service" ];
|
||||
|
||||
path = with pkgs; [ lxc apparmor-parser ];
|
||||
|
||||
script = ''
|
||||
mkdir -p /var/lib/lxc/${name}
|
||||
ln -fs ${lxcConfig} /var/lib/lxc/${name}/config
|
||||
lxc-start -F -n ${name}
|
||||
'';
|
||||
};
|
||||
in services // {
|
||||
"lxc-container-${name}-builder" = builder;
|
||||
"lxc-container-${name}" = starter;
|
||||
}) { } (builtins.attrNames containers);
|
||||
};
|
||||
}
|
|
@ -1,4 +1,5 @@
|
|||
{ zentralwerk, options, config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
defaultGateways = {
|
||||
serv = "serv-gw";
|
||||
|
@ -26,6 +27,12 @@ let
|
|||
) hosts6 != {}
|
||||
) zentralwerk.lib.config.site.net
|
||||
);
|
||||
|
||||
arch-to-host = rec {
|
||||
server9 = "westmere";
|
||||
server10 = "ivybridge";
|
||||
nomad = server9;
|
||||
};
|
||||
in
|
||||
{
|
||||
options.c3d2.deployment = with lib; {
|
||||
|
@ -157,6 +164,8 @@ in
|
|||
}) {} nets;
|
||||
};
|
||||
|
||||
c3d2.simd.arch = arch-to-host.${config.c3d2.deployment.server};
|
||||
|
||||
system.build = with pkgs; {
|
||||
copyToServer = writeScript "copy-to-${server}" ''
|
||||
#! ${runtimeShell} -e
|
||||
|
|
Loading…
Reference in New Issue
Block a user