forked from c3d2/nix-config
Generate simd variants of each host, delete unused module
This commit is contained in:
parent
6b8d8541c6
commit
b467bb4e74
22
flake.nix
22
flake.nix
|
@ -756,11 +756,23 @@
|
||||||
) sops-nix.packages;
|
) sops-nix.packages;
|
||||||
|
|
||||||
hydraJobs =
|
hydraJobs =
|
||||||
builtins.mapAttrs (_: nixos.lib.hydraJob) (
|
lib.mapAttrs (_: nixos.lib.hydraJob) (
|
||||||
builtins.mapAttrs (_: nixosSystem:
|
lib.mapAttrs (_: nixosSystem:
|
||||||
if nixosSystem.config ? microvm.declaredRunner
|
nixosSystem.config.microvm.declaredRunner or nixosSystem.config.system.build.toplevel
|
||||||
then nixosSystem.config.microvm.declaredRunner
|
) self.nixosConfigurations
|
||||||
else nixosSystem.config.system.build.toplevel
|
// lib.mapAttrs' (hostname: nixosSystem: lib.nameValuePair
|
||||||
|
(hostname + "-simd")
|
||||||
|
(nixosSystem.config.microvm.declaredRunner or nixosSystem.config.system.build.toplevel hostname
|
||||||
|
(nixosSystem (nixosSystem.args // (with nixosSystem.args; {
|
||||||
|
hostname = hostname + "-simd";
|
||||||
|
modules = modules ++ [
|
||||||
|
{
|
||||||
|
sandro.simd.enable = lib.mkForce true;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
inherit (inputs) nixpkgs;
|
||||||
|
})))
|
||||||
|
)
|
||||||
) self.nixosConfigurations
|
) self.nixosConfigurations
|
||||||
// nixos.lib.filterAttrs (name: attr:
|
// nixos.lib.filterAttrs (name: attr:
|
||||||
(lib.match ".+-tftproot" name != null && lib.isDerivation attr)
|
(lib.match ".+-tftproot" name != null && lib.isDerivation attr)
|
||||||
|
|
|
@ -80,6 +80,8 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
c3d2.simd.arch = "ivybridge";
|
||||||
|
|
||||||
services = {
|
services = {
|
||||||
hydra = {
|
hydra = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -9,6 +9,7 @@
|
||||||
c3d2 = {
|
c3d2 = {
|
||||||
deployment.microvmBaseZfsDataset = "server10/vm";
|
deployment.microvmBaseZfsDataset = "server10/vm";
|
||||||
hq.statistics.enable = true;
|
hq.statistics.enable = true;
|
||||||
|
simd.arch = "ivybridge";
|
||||||
};
|
};
|
||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
|
|
|
@ -5,6 +5,11 @@
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
|
c3d2 = {
|
||||||
|
# deployment.microvmBaseZfsDataset = "tank/storage";
|
||||||
|
hq.statistics.enable = true;
|
||||||
|
simd.arch = "westmere";
|
||||||
|
};
|
||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
loader.grub = {
|
loader.grub = {
|
||||||
|
@ -28,15 +33,14 @@
|
||||||
hostName = "server8";
|
hostName = "server8";
|
||||||
hostId = "08080808";
|
hostId = "08080808";
|
||||||
};
|
};
|
||||||
system.stateVersion = "22.11";
|
|
||||||
services.openssh.enable = true;
|
|
||||||
|
|
||||||
services.zfs.autoScrub.enable = true;
|
services = {
|
||||||
services.smartd.enable = true;
|
openssh.enable = true;
|
||||||
|
smartd.enable = true;
|
||||||
c3d2 = {
|
zfs.autoScrub.enable = true;
|
||||||
# deployment.microvmBaseZfsDataset = "tank/storage";
|
|
||||||
hq.statistics.enable = true;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
skyflake.nomad.client.meta."c3d2.cpuSpeed" = "3";
|
skyflake.nomad.client.meta."c3d2.cpuSpeed" = "3";
|
||||||
|
|
||||||
|
system.stateVersion = "22.11";
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,7 +4,14 @@ _:
|
||||||
imports = [
|
imports = [
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
];
|
];
|
||||||
boot= {
|
|
||||||
|
c3d2 = {
|
||||||
|
deployment.microvmBaseZfsDataset = "tank/storage";
|
||||||
|
hq.statistics.enable = true;
|
||||||
|
simd.arch = "westmere";
|
||||||
|
};
|
||||||
|
|
||||||
|
boot = {
|
||||||
loader.grub = {
|
loader.grub = {
|
||||||
enable = true;
|
enable = true;
|
||||||
version = 2;
|
version = 2;
|
||||||
|
@ -25,23 +32,24 @@ _:
|
||||||
hostName = "server9";
|
hostName = "server9";
|
||||||
hostId = "09090909";
|
hostId = "09090909";
|
||||||
};
|
};
|
||||||
system.stateVersion = "21.11";
|
|
||||||
services.openssh.enable = true;
|
|
||||||
|
|
||||||
services.zfs.autoScrub.enable = true;
|
# required by libvirtd
|
||||||
services.smartd.enable = true;
|
security.polkit.enable = true;
|
||||||
|
|
||||||
c3d2 = {
|
services = {
|
||||||
deployment.microvmBaseZfsDataset = "tank/storage";
|
openssh.enable = true;
|
||||||
hq.statistics.enable = true;
|
smartd.enable = true;
|
||||||
|
zfs.autoScrub.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
skyflake.nomad.client.meta."c3d2.cpuSpeed" = "3";
|
skyflake.nomad.client.meta."c3d2.cpuSpeed" = "3";
|
||||||
|
|
||||||
|
system.stateVersion = "21.11";
|
||||||
|
|
||||||
# XXX: enable for zw-ev and poelzi-ha until we find a better solution
|
# XXX: enable for zw-ev and poelzi-ha until we find a better solution
|
||||||
virtualisation.libvirtd = {
|
virtualisation.libvirtd = {
|
||||||
enable = true;
|
enable = true;
|
||||||
onShutdown = "shutdown";
|
onShutdown = "shutdown";
|
||||||
};
|
};
|
||||||
# required by libvirtd
|
|
||||||
security.polkit.enable = true;
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -157,6 +157,18 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
simd = {
|
||||||
|
enable = lib.mkEnableOption "optimized builds with simd instructions";
|
||||||
|
arch = lib.mkOption {
|
||||||
|
type = with lib.types; nullOr str;
|
||||||
|
default = null;
|
||||||
|
description = ''
|
||||||
|
Microarchitecture string for nixpkgs.hostPlatform.gcc.march and to generate system-features.
|
||||||
|
Can be determined with: gcc -march=native -Q --help=target | grep march
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
users = mkOption {
|
users = mkOption {
|
||||||
type = types.attrsOf (types.submodule {
|
type = types.attrsOf (types.submodule {
|
||||||
options.sshKeys = mkOption {
|
options.sshKeys = mkOption {
|
||||||
|
|
|
@ -1,121 +0,0 @@
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
let
|
|
||||||
# TODO: move to flake
|
|
||||||
nixcloud-webservices = pkgs.fetchFromGitHub {
|
|
||||||
owner = "nixcloud";
|
|
||||||
repo = "nixcloud-webservices";
|
|
||||||
rev = "3a0767f0536fac811065eb87e6342f27eac085aa";
|
|
||||||
sha256 = "vC0vBu+0HchrevuWsmE7giouKnSt/q4F0TffwhuNJv8=";
|
|
||||||
};
|
|
||||||
inherit (import "${nixcloud-webservices}/pkgs" { inherit pkgs; }) nixcloud;
|
|
||||||
|
|
||||||
profilesDir = "/nix/var/nix/profiles/lxc";
|
|
||||||
inherit (config.lxc) containers;
|
|
||||||
inherit (config.nix) nixPath;
|
|
||||||
|
|
||||||
toLxcConfig' = path: a:
|
|
||||||
if builtins.isString a then ''
|
|
||||||
${path} = ${a}
|
|
||||||
'' else if builtins.isInt a then ''
|
|
||||||
${path} = ${toString a}
|
|
||||||
'' else if builtins.isAttrs a then
|
|
||||||
lib.concatMapStrings (name:
|
|
||||||
let path' = if path == "" then name else "${path}.${name}";
|
|
||||||
in toLxcConfig' path' (builtins.getAttr name a)) (builtins.attrNames a)
|
|
||||||
else if builtins.isList a then
|
|
||||||
lib.concatMapStrings (toLxcConfig' path) a
|
|
||||||
else
|
|
||||||
throw "Invalid LXC config value";
|
|
||||||
toLxcConfig = toLxcConfig' "";
|
|
||||||
in {
|
|
||||||
options = with lib.types; {
|
|
||||||
lxc.containers = mkOption {
|
|
||||||
type = attrs;
|
|
||||||
default = { };
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
config = lib.mkIf (containers != { }) {
|
|
||||||
virtualisation.lxc.enable = true;
|
|
||||||
environment.systemPackages = [ nixcloud.container ];
|
|
||||||
|
|
||||||
virtualisation.lxc.defaultConfig = ''
|
|
||||||
lxc.id_map = u 0 100000 65536
|
|
||||||
lxc.id_map = g 0 100000 65536
|
|
||||||
'';
|
|
||||||
users.users.root.subGidRanges = [{
|
|
||||||
count = 65536;
|
|
||||||
startGid = 100000;
|
|
||||||
}];
|
|
||||||
users.users.root.subUidRanges = [{
|
|
||||||
count = 65536;
|
|
||||||
startUid = 100000;
|
|
||||||
}];
|
|
||||||
|
|
||||||
systemd.services = if true then
|
|
||||||
{ }
|
|
||||||
else
|
|
||||||
builtins.foldl' (services: name:
|
|
||||||
let
|
|
||||||
systemDir = "/${profilesDir}/${name}/system";
|
|
||||||
lxcDefaults = {
|
|
||||||
lxc = {
|
|
||||||
uts.name = name;
|
|
||||||
rootfs.path = "/run/current-system/sw/share/lxc/rootfs";
|
|
||||||
mount.entry = [
|
|
||||||
"${systemDir}/init /init none bind,ro 0 0"
|
|
||||||
"/nix/store /nix/store none bind,ro 0 0"
|
|
||||||
];
|
|
||||||
autodev = 1;
|
|
||||||
include = "/run/current-system/sw/share/lxc/config/common.conf";
|
|
||||||
apparmor.profile = "generated";
|
|
||||||
environment = "TERM=linux";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
config = builtins.getAttr name containers;
|
|
||||||
lxcConfig = builtins.toFile "lxc-container-${name}.conf"
|
|
||||||
# TODO: more intelligent merging?
|
|
||||||
(toLxcConfig (lxcDefaults // config.lxc));
|
|
||||||
|
|
||||||
builder = {
|
|
||||||
description = "Build NixOS for lxc container ${name}";
|
|
||||||
wants = [ "nix-daemon.socket" ];
|
|
||||||
after = [ "nix-daemon.service" ];
|
|
||||||
|
|
||||||
path = with pkgs; [ coreutils nix ];
|
|
||||||
|
|
||||||
serviceConfig = {
|
|
||||||
Type = "oneshot";
|
|
||||||
RemainAfterExit = true;
|
|
||||||
Environment = [ "NIX_PATH=${builtins.concatStringsSep ":" nixPath}" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
script = ''
|
|
||||||
mkdir -p ${profilesDir}/${name}
|
|
||||||
|
|
||||||
nix-env -p ${profilesDir}/${name}/system \
|
|
||||||
-I nixos-config=${config.nixos-config} \
|
|
||||||
-f '<nixpkgs/nixos>' \
|
|
||||||
--set -A system
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
starter = {
|
|
||||||
description = "LXC container ${name}";
|
|
||||||
requires = [ "lxc-container-${name}-builder.service" ];
|
|
||||||
after = [ "lxc-container-${name}-builder.service" ];
|
|
||||||
|
|
||||||
path = with pkgs; [ lxc apparmor-parser ];
|
|
||||||
|
|
||||||
script = ''
|
|
||||||
mkdir -p /var/lib/lxc/${name}
|
|
||||||
ln -fs ${lxcConfig} /var/lib/lxc/${name}/config
|
|
||||||
lxc-start -F -n ${name}
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
in services // {
|
|
||||||
"lxc-container-${name}-builder" = builder;
|
|
||||||
"lxc-container-${name}" = starter;
|
|
||||||
}) { } (builtins.attrNames containers);
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,4 +1,5 @@
|
||||||
{ zentralwerk, options, config, lib, pkgs, ... }:
|
{ zentralwerk, options, config, lib, pkgs, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
defaultGateways = {
|
defaultGateways = {
|
||||||
serv = "serv-gw";
|
serv = "serv-gw";
|
||||||
|
@ -26,6 +27,12 @@ let
|
||||||
) hosts6 != {}
|
) hosts6 != {}
|
||||||
) zentralwerk.lib.config.site.net
|
) zentralwerk.lib.config.site.net
|
||||||
);
|
);
|
||||||
|
|
||||||
|
arch-to-host = rec {
|
||||||
|
server9 = "westmere";
|
||||||
|
server10 = "ivybridge";
|
||||||
|
nomad = server9;
|
||||||
|
};
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
options.c3d2.deployment = with lib; {
|
options.c3d2.deployment = with lib; {
|
||||||
|
@ -157,6 +164,8 @@ in
|
||||||
}) {} nets;
|
}) {} nets;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
c3d2.simd.arch = arch-to-host.${config.c3d2.deployment.server};
|
||||||
|
|
||||||
system.build = with pkgs; {
|
system.build = with pkgs; {
|
||||||
copyToServer = writeScript "copy-to-${server}" ''
|
copyToServer = writeScript "copy-to-${server}" ''
|
||||||
#! ${runtimeShell} -e
|
#! ${runtimeShell} -e
|
||||||
|
|
Loading…
Reference in New Issue
Block a user