Compare commits

...

42 Commits
main ... main

Author SHA1 Message Date
Ryan Lahfa 61e044607c Merge pull request 'feat: add delroth as root@ for capability building' (#5) from so-it-has-begun into main
Reviewed-on: newtype/newtype-org-configurations#5
7 months ago
Raito Bezarius 6b28da4557 feat: add delroth as root@ for capability building
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
7 months ago
Raito Bezarius 5b76e5a670 fix: debug attempts for the weird reboot issue
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
7 months ago
Raito Bezarius bd1a250b1f chore: disable jobserver
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
7 months ago
Raito Bezarius 877ad54ae2 chore: bump to 24.05-small
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
7 months ago
Raito Bezarius c311ccf80a fix: enable a bunch of startups for sshd
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
7 months ago
Raito Bezarius 332fa23d98 chore: cleanup luj entry
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
7 months ago
Raito Bezarius c06bedc73c feat: add pennae as root and bump jobserver
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
7 months ago
Raito Bezarius 45d660deb5 feat: enable jobserver and cores = 0;
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
7 months ago
Raito Bezarius 7d83f696dd feat: remove hypervisor and bump to jobserver branch
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
7 months ago
Ryan Lahfa 0de523fefb Merge pull request 'feat: add pennae as permanent account' (#4) from pennae into main
Reviewed-on: newtype/newtype-org-configurations#4
7 months ago
Raito Bezarius 7d3f9a0533 fix: make winter permanent as discussed
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
7 months ago
Raito Bezarius 785fe6d92f fix: make jade permanent as discussed
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
7 months ago
Raito Bezarius 0e1ec7f6b5 feat: add pennae as permanent account
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
7 months ago
Raito Bezarius 620375662b feat: make jade account permanent
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
8 months ago
Raito Bezarius 8596f1481f feat: i need to debug Heads.
i yes no.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
8 months ago
Raito Bezarius 177351f7ee friends: bump jade until 1st May
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
9 months ago
Raito Bezarius 86cff4e34f friends: cleanup ninjatrappeur, flokli account
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
9 months ago
Raito Bezarius a8b450dd56 friends: add winterqt until 1st May until final validation
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
9 months ago
Raito Bezarius aab6b67ccc trusted-users: add jade
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
9 months ago
Raito Bezarius 79dadb7e23 friends: add jade until 1st April
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
9 months ago
Raito Bezarius d3505a8b2d docs: update
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
10 months ago
Raito Bezarius 0c4334571c builder: add top secret's project buildbot key
The cgroup will be nerfed and noise should be low, ping me if something goes wrong.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
10 months ago
Raito Bezarius 6c0d19e005 epyc: disable all android cache for now
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
10 months ago
Raito Bezarius 6beda4c58f epyc: move to Nix 2.18, remove discard references exp feature
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
10 months ago
Raito Bezarius 84d0cd52c2 epyc: bump things
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
10 months ago
raito c459d2a744 epyc: disable buildbot
not used

Signed-off-by: raito <federez-infra@lahfa.xyz>
10 months ago
raito f1692a7287 epyc: re-enable postgresql
Signed-off-by: raito <federez-infra@lahfa.xyz>
10 months ago
Raito Bezarius ed5f2cb13f epyc: add flokli account for 3-ish days
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
11 months ago
Raito Bezarius 056f8be2a5 epyc: disable ninjatrappeur's account
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
11 months ago
Raito Bezarius 3cc55253a4 flake: upgrade to 23.11 systems
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
11 months ago
Raito Bezarius b5053ab520 nix: clean up various things for upcoming GC
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
11 months ago
Raito Bezarius 495790a142 android-cache: remove the aosp mirror for now
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
11 months ago
Raito Bezarius 89e64355ea epyc: disable hydra
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
11 months ago
Raito Bezarius ce2c4ef180 epyc: move to latest kernel for snappier performance 12 months ago
Julien Malka b5f4697ad1
rename niklas 12 months ago
Tom Hubrecht 4b452f8818 fix(system.autoUpgrade): Use correct URI 12 months ago
Julien Malka aaef0b57ee
added niklas as friend 12 months ago
Raito Bezarius 4e29b67e29 raito: key update 1 year ago
Ryan Lahfa 5a5e8d31db Merge pull request 'garage: add reverse proxy for S3 access from outside' (#2) from linus/newtype-org-configurations:main into main
Reviewed-on: newtype/newtype-org-configurations#2
1 year ago
Linus Heckemann 0d508468e6 garage: add reverse proxy for S3 access from outside
TODO: subdomains?
1 year ago
Raito Bezarius 1640f74ea9 epyc: change IPv6
We remove the old legacy tunnel from HE.
1 year ago

@ -8,7 +8,6 @@ let
nur
colmena
flake-registry
nixos-hypervisor
nixos-hardware
nixpkgs-unstable
srvos
@ -36,7 +35,7 @@ let
./modules/network.nix
./modules/zsh.nix
./modules/ssh-cursed.nix
./modules/buildbot
# FIXME: ./modules/buildbot — whenever you are ready.
disko.nixosModules.disko
@ -45,8 +44,6 @@ let
srvos.nixosModules.mixins-trusted-nix-caches
srvos.nixosModules.mixins-terminfo
nixos-hypervisor.nixosModules.host
# srvos.nixosModules.mixins-telegraf
# srvos.nixosModules.mixins-terminfo
@ -108,9 +105,6 @@ in
flake.colmena = {
meta.nixpkgs = import nixpkgs {
system = "x86_64-linux";
overlays = [
nixos-hypervisor.overlays.default
];
};
epyc = {
imports =

@ -1,7 +1,7 @@
<?xml version='1.0' encoding='UTF-8'?>
<svg xmlns='http://www.w3.org/2000/svg' xmlns:xlink='http://www.w3.org/1999/xlink' width='1375px' height='386px' viewBox='0 0 1375px 386px' version='1.1'>
<rect id='Machine_0_rect' class='Machine' x='0' y='0' width='1375' height='348' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Machine_0_text' class='Machine' font-family='Monospace' x='7' y='17' fill='rgb(0,0,0)' font-size='10px'>Machine (126GB total)</text>
<svg xmlns='http://www.w3.org/2000/svg' xmlns:xlink='http://www.w3.org/1999/xlink' width='1375px' height='431px' viewBox='0 0 1375px 431px' version='1.1'>
<rect id='Machine_0_rect' class='Machine' x='0' y='0' width='1375' height='393' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Machine_0_text' class='Machine' font-family='Monospace' x='7' y='17' fill='rgb(0,0,0)' font-size='10px'>Machine (252GB total)</text>
<rect id='Package_0_rect' class='Package' x='7' y='24' width='974' height='293' fill='rgb(210,231,164)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Package_0_text' class='Package' font-family='Monospace' x='14' y='41' fill='rgb(0,0,0)' font-size='10px'>Package L#0</text>
<rect id='L3_0_rect' class='L3' x='14' y='79' width='297' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
@ -153,18 +153,18 @@
<text id='PU_127_text' class='PU' font-family='Monospace' x='912' y='282' fill='rgb(0,0,0)' font-size='10px'>PU L#127</text>
<text id='PU_127_text_1' class='PU' font-family='Monospace' x='921' y='296' fill='rgb(0,0,0)' font-size='10px'>P#127</text>
<rect id='NUMANode_0_rect' class='NUMANode' x='14' y='48' width='960' height='24' fill='rgb(239,223,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='NUMANode_0_text' class='NUMANode' font-family='Monospace' x='21' y='65' fill='rgb(0,0,0)' font-size='10px'>NUMANode L#0 P#0 (126GB)</text>
<text id='NUMANode_0_text' class='NUMANode' font-family='Monospace' x='21' y='65' fill='rgb(0,0,0)' font-size='10px'>NUMANode L#0 P#0 (252GB)</text>
<rect id='HostBridge_0_rect' class='HostBridge' x='988' y='24' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='HostBridge_0_line' class='HostBridge' x1='995' y1='27' x2='1002' y2='27' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='HostBridge_0_line_2' class='HostBridge' x1='1002' y1='27' x2='1026' y2='27' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_2' class='HostBridge' font-family='Monospace' x='1005' y='40' fill='rgb(0,0,0)' font-size='10px'>7.9</text>
<line id='HostBridge_0_line_3' class='HostBridge' x1='1002' y1='103' x2='1026' y2='103' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_3' class='HostBridge' font-family='Monospace' x='1005' y='116' fill='rgb(0,0,0)' font-size='10px'>4.0</text>
<line id='HostBridge_0_line_4' class='HostBridge' x1='1002' y1='134' x2='1026' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_4' class='HostBridge' font-family='Monospace' x='1005' y='147' fill='rgb(0,0,0)' font-size='10px'>0.2</text>
<line id='HostBridge_0_line_5' class='HostBridge' x1='1002' y1='165' x2='1026' y2='165' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_5' class='HostBridge' font-family='Monospace' x='1005' y='178' fill='rgb(0,0,0)' font-size='10px'>1.0</text>
<line id='HostBridge_0_line_1' class='HostBridge' x1='1002' y1='27' x2='1002' y2='165' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_3' class='HostBridge' font-family='Monospace' x='1005' y='116' fill='rgb(0,0,0)' font-size='10px'>3.9</text>
<line id='HostBridge_0_line_4' class='HostBridge' x1='1002' y1='179' x2='1026' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_4' class='HostBridge' font-family='Monospace' x='1005' y='192' fill='rgb(0,0,0)' font-size='10px'>0.2</text>
<line id='HostBridge_0_line_5' class='HostBridge' x1='1002' y1='210' x2='1026' y2='210' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_5' class='HostBridge' font-family='Monospace' x='1005' y='223' fill='rgb(0,0,0)' font-size='10px'>1.0</text>
<line id='HostBridge_0_line_1' class='HostBridge' x1='1002' y1='27' x2='1002' y2='210' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCIBridge_1_rect' class='PCIBridge' x='1026' y='24' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_1_line' class='PCIBridge' x1='1033' y1='27' x2='1040' y2='27' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_1_line_2' class='PCIBridge' x1='1040' y1='27' x2='1064' y2='27' stroke='rgb(0,0,0)' stroke-width='1'/>
@ -178,52 +178,56 @@
<rect id='PCIBridge_2_rect' class='PCIBridge' x='1026' y='100' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_2_line' class='PCIBridge' x1='1033' y1='103' x2='1040' y2='103' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_2_line_2' class='PCIBridge' x1='1040' y1='103' x2='1064' y2='103' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_2_text_2' class='PCIBridge' font-family='Monospace' x='1043' y='116' fill='rgb(0,0,0)' font-size='10px'>3.9</text>
<line id='PCIBridge_2_line_1' class='PCIBridge' x1='1040' y1='103' x2='1040' y2='103' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCI_1_rect' class='PCI' x='1064' y='100' width='80' height='24' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_1_text' class='PCI' font-family='Monospace' x='1071' y='117' fill='rgb(0,0,0)' font-size='10px'>PCI 43:00.0</text>
<rect id='PCIBridge_3_rect' class='PCIBridge' x='1026' y='131' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_3_line' class='PCIBridge' x1='1033' y1='134' x2='1040' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_3_line_2' class='PCIBridge' x1='1040' y1='134' x2='1064' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_3_text_2' class='PCIBridge' font-family='Monospace' x='1043' y='147' fill='rgb(0,0,0)' font-size='10px'>0.2</text>
<line id='PCIBridge_3_line_1' class='PCIBridge' x1='1040' y1='134' x2='1040' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCIBridge_4_rect' class='PCIBridge' x='1064' y='131' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_4_line' class='PCIBridge' x1='1071' y1='134' x2='1078' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_4_line_2' class='PCIBridge' x1='1078' y1='134' x2='1102' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_4_line_1' class='PCIBridge' x1='1078' y1='134' x2='1078' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCI_2_rect' class='PCI' x='1102' y='131' width='80' height='24' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_2_text' class='PCI' font-family='Monospace' x='1109' y='148' fill='rgb(0,0,0)' font-size='10px'>PCI 46:00.0</text>
<rect id='PCIBridge_5_rect' class='PCIBridge' x='1026' y='162' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_5_line' class='PCIBridge' x1='1033' y1='165' x2='1040' y2='165' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_5_line_2' class='PCIBridge' x1='1040' y1='165' x2='1064' y2='165' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_5_text_2' class='PCIBridge' font-family='Monospace' x='1043' y='178' fill='rgb(0,0,0)' font-size='10px'>1.0</text>
<line id='PCIBridge_5_line_3' class='PCIBridge' x1='1040' y1='227' x2='1064' y2='227' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_5_text_3' class='PCIBridge' font-family='Monospace' x='1043' y='240' fill='rgb(0,0,0)' font-size='10px'>1.0</text>
<line id='PCIBridge_5_line_1' class='PCIBridge' x1='1040' y1='165' x2='1040' y2='227' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCI_3_rect' class='PCI' x='1064' y='162' width='80' height='55' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_3_text' class='PCI' font-family='Monospace' x='1071' y='179' fill='rgb(0,0,0)' font-size='10px'>PCI 48:00.0</text>
<rect id='Net_1_rect' class='Net' x='1071' y='186' width='62' height='24' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Net_1_text' class='Net' font-family='Monospace' x='1078' y='203' fill='rgb(0,0,0)' font-size='10px'>Net eno1</text>
<rect id='PCI_4_rect' class='PCI' x='1064' y='224' width='80' height='55' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_4_text' class='PCI' font-family='Monospace' x='1071' y='241' fill='rgb(0,0,0)' font-size='10px'>PCI 48:00.1</text>
<rect id='Net_2_rect' class='Net' x='1071' y='248' width='62' height='24' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Net_2_text' class='Net' font-family='Monospace' x='1078' y='265' fill='rgb(0,0,0)' font-size='10px'>Net eno2</text>
<rect id='PCI_1_rect' class='PCI' x='1064' y='100' width='106' height='69' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_1_text' class='PCI' font-family='Monospace' x='1071' y='117' fill='rgb(0,0,0)' font-size='10px'>PCI 42:00.0</text>
<rect id='Block_1_rect' class='Block' x='1071' y='124' width='92' height='38' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Block_1_text' class='Block' font-family='Monospace' x='1078' y='141' fill='rgb(0,0,0)' font-size='10px'>Block nvme1n1</text>
<text id='Block_1_text_1' class='Block' font-family='Monospace' x='1078' y='155' fill='rgb(0,0,0)' font-size='10px'>3726 GB</text>
<rect id='PCIBridge_3_rect' class='PCIBridge' x='1026' y='176' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_3_line' class='PCIBridge' x1='1033' y1='179' x2='1040' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_3_line_2' class='PCIBridge' x1='1040' y1='179' x2='1064' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_3_text_2' class='PCIBridge' font-family='Monospace' x='1043' y='192' fill='rgb(0,0,0)' font-size='10px'>0.2</text>
<line id='PCIBridge_3_line_1' class='PCIBridge' x1='1040' y1='179' x2='1040' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCIBridge_4_rect' class='PCIBridge' x='1064' y='176' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_4_line' class='PCIBridge' x1='1071' y1='179' x2='1078' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_4_line_2' class='PCIBridge' x1='1078' y1='179' x2='1102' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_4_line_1' class='PCIBridge' x1='1078' y1='179' x2='1078' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCI_2_rect' class='PCI' x='1102' y='176' width='80' height='24' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_2_text' class='PCI' font-family='Monospace' x='1109' y='193' fill='rgb(0,0,0)' font-size='10px'>PCI 45:00.0</text>
<rect id='PCIBridge_5_rect' class='PCIBridge' x='1026' y='207' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_5_line' class='PCIBridge' x1='1033' y1='210' x2='1040' y2='210' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_5_line_2' class='PCIBridge' x1='1040' y1='210' x2='1064' y2='210' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_5_text_2' class='PCIBridge' font-family='Monospace' x='1043' y='223' fill='rgb(0,0,0)' font-size='10px'>1.0</text>
<line id='PCIBridge_5_line_3' class='PCIBridge' x1='1040' y1='272' x2='1064' y2='272' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_5_text_3' class='PCIBridge' font-family='Monospace' x='1043' y='285' fill='rgb(0,0,0)' font-size='10px'>1.0</text>
<line id='PCIBridge_5_line_1' class='PCIBridge' x1='1040' y1='210' x2='1040' y2='272' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCI_3_rect' class='PCI' x='1064' y='207' width='94' height='55' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_3_text' class='PCI' font-family='Monospace' x='1071' y='224' fill='rgb(0,0,0)' font-size='10px'>PCI 47:00.0</text>
<rect id='Net_2_rect' class='Net' x='1071' y='231' width='80' height='24' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Net_2_text' class='Net' font-family='Monospace' x='1078' y='248' fill='rgb(0,0,0)' font-size='10px'>Net nat-lan</text>
<rect id='PCI_4_rect' class='PCI' x='1064' y='269' width='80' height='55' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_4_text' class='PCI' font-family='Monospace' x='1071' y='286' fill='rgb(0,0,0)' font-size='10px'>PCI 47:00.1</text>
<rect id='Net_3_rect' class='Net' x='1071' y='293' width='56' height='24' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Net_3_text' class='Net' font-family='Monospace' x='1078' y='310' fill='rgb(0,0,0)' font-size='10px'>Net wan</text>
<rect id='Misc_0_rect' class='Misc' x='1189' y='24' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_0_text' class='Misc' font-family='Monospace' x='1196' y='41' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_1_rect' class='Misc' x='1282' y='24' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_1_text' class='Misc' font-family='Monospace' x='1289' y='41' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_2_rect' class='Misc' x='988' y='286' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_2_text' class='Misc' font-family='Monospace' x='995' y='303' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_3_rect' class='Misc' x='1081' y='286' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_3_text' class='Misc' font-family='Monospace' x='1088' y='303' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_4_rect' class='Misc' x='1174' y='286' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_4_text' class='Misc' font-family='Monospace' x='1181' y='303' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_5_rect' class='Misc' x='988' y='317' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_5_text' class='Misc' font-family='Monospace' x='995' y='334' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_6_rect' class='Misc' x='1081' y='317' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_6_text' class='Misc' font-family='Monospace' x='1088' y='334' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_7_rect' class='Misc' x='1174' y='317' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_7_text' class='Misc' font-family='Monospace' x='1181' y='334' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='anon_rect' x='0' y='348' width='1375' height='38' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='anon_text' font-family='Monospace' x='7' y='365' fill='rgb(0,0,0)' font-size='10px'>Host: epyc</text>
<text id='anon_text_1' font-family='Monospace' x='7' y='379' fill='rgb(0,0,0)' font-size='10px'>Date: Mon 05 Jun 2023 03:19:33 PM UTC</text>
<rect id='Misc_2_rect' class='Misc' x='988' y='331' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_2_text' class='Misc' font-family='Monospace' x='995' y='348' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_3_rect' class='Misc' x='1081' y='331' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_3_text' class='Misc' font-family='Monospace' x='1088' y='348' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_4_rect' class='Misc' x='1174' y='331' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_4_text' class='Misc' font-family='Monospace' x='1181' y='348' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_5_rect' class='Misc' x='988' y='362' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_5_text' class='Misc' font-family='Monospace' x='995' y='379' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_6_rect' class='Misc' x='1081' y='362' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_6_text' class='Misc' font-family='Monospace' x='1088' y='379' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_7_rect' class='Misc' x='1174' y='362' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_7_text' class='Misc' font-family='Monospace' x='1181' y='379' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='anon_rect' x='0' y='393' width='1375' height='38' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='anon_text' font-family='Monospace' x='7' y='410' fill='rgb(0,0,0)' font-size='10px'>Host: epyc</text>
<text id='anon_text_1' font-family='Monospace' x='7' y='424' fill='rgb(0,0,0)' font-size='10px'>Date: Mon 04 Mar 2024 12:28:26 AM UTC</text>
</svg>

Before

Width:  |  Height:  |  Size: 29 KiB

After

Width:  |  Height:  |  Size: 30 KiB

@ -1,20 +1,25 @@
# epyc
```
System: Host: epyc Kernel: 6.1.31 x86_64 bits: 64 compiler: gcc v: 12.2.0
parameters: initrd=\efi\nixos\11cjvasd1nh1dk783alsa14v4w00d467-initrd-linux-6.1.31-initrd.efi
init=/nix/store/9lnrp5ryf7gh3j94q8xn39zyl21kaw9f-nixos-system-epyc-23.05.419.3a70dd92993/init
System: Host: epyc Kernel: 6.7.7 x86_64 bits: 64 compiler: gcc v: 12.3.0
parameters: initrd=\efi\nixos\48dkb2vcxwmxxfk7wpl0qx884ibz5gk5-initrd-linux-6.7.7-initrd.efi
init=/nix/store/vz6r23gya5q3b8lr1yiadkv6h5lcjmmz-nixos-system-epyc-23.11pre-git/init
console=tty0 console=ttyS0,115200 pci=realloc console=ttyS1,115200n8 console=tty1
loglevel=4
Console: N/A Distro: NixOS 23.05 (Stoat)
Console: N/A Distro: NixOS 23.11 (Tapir)
Machine: Type: Server System: Supermicro product: Super Server v: 0123456789 serial: 0123456789
Chassis: type: 17 v: 0123456789 serial: 0123456789
Mobo: Supermicro model: H12SSL-i v: 1.01 serial: WM21AS601818 UEFI: American Megatrends
v: 2.4 date: 04/14/2022
Memory: RAM: total: 125.64 GiB used: 2.32 GiB (1.8%)
Memory: RAM: total: 251.54 GiB used: 4.56 GiB (1.8%)
Array-1: capacity: 4 TiB note: check slots: 8 EC: Multi-bit ECC
max-module-size: 512 GiB note: est.
Device-1: DIMMA1 size: No Module Installed
Device-2: DIMMB1 size: No Module Installed
Device-1: DIMMA1 size: 64 GiB speed: 3200 MT/s type: DDR4
detail: synchronous registered (buffered) bus-width: 64 bits total: 72 bits
manufacturer: Samsung part-no: M393A8G40AB2-CWE serial: H0S100013847D8748B
Device-2: DIMMB1 size: 64 GiB speed: 3200 MT/s type: DDR4
detail: synchronous registered (buffered) bus-width: 64 bits total: 72 bits
manufacturer: Samsung part-no: M393A8G40AB2-CWE serial: H0MK00013847D79D40
Device-3: DIMMC1 size: 64 GiB speed: 3200 MT/s type: DDR4
detail: synchronous registered (buffered) bus-width: 64 bits total: 72 bits
manufacturer: Samsung part-no: M393A8G40AB2-CWE serial: Y10R120249249E38E1
@ -27,7 +32,7 @@ Memory: RAM: total: 125.64 GiB used: 2.32 GiB (1.8%)
Device-8: DIMMH1 size: No Module Installed
PCI Slots: Slot: 1 type: x16 PCI Express 4 x16 CPU SLOT1 PCI-E 4.0 X16 status: Available
length: Long
Slot: 2 type: x8 PCI Express 4 x8 CPU SLOT2 PCI-E 4.0 X8 status: In Use length: Long
Slot: 2 type: x8 PCI Express 4 x8 CPU SLOT2 PCI-E 4.0 X8 status: Available length: Long
Slot: 3 type: x16 PCI Express 4 x16 CPU SLOT3 PCI-E 4.0 X16 status: Available
length: Long
Slot: 4 type: x8 PCI Express 4 x8 CPU SLOT4 PCI-E 4.0 X8 status: Available length: Long
@ -40,16 +45,16 @@ PCI Slots: Slot: 1 type: x16 PCI Express 4 x16 CPU SLOT1 PCI-E 4.0 X16 status: A
Slot: N/A type: x4 M.2 Socket 3 PCI-E M.2-M1 status: Available length: Short
Slot: N/A type: x4 M.2 Socket 3 PCI-E M.2-M2 status: Available length: Short
CPU: Info: 64-Core model: AMD EPYC 7763 socket: SP3 bits: 64 type: MT MCP arch: Zen 3
family: 19 (25) model-id: 1 stepping: 1 microcode: A0011CE cache: L1: 4 MiB L2: 32 MiB
family: 19 (25) model-id: 1 stepping: 1 microcode: A0011D3 cache: L1: 4 MiB L2: 32 MiB
L3: 256 MiB
flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm bogomips: 627203
flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm bogomips: 627200
Speed: 2450 MHz min/max: 1500/2450 MHz base/boost: 2450/3525 boost: enabled
volts: 1.1 V ext-clock: 100 MHz Core speeds (MHz): 1: 2450 2: 2450 3: 2450 4: 2450
5: 2450 6: 2450 7: 2450 8: 2450 9: 2450 10: 2450 11: 2450 12: 2450 13: 2450 14: 2450
15: 2450 16: 2450 17: 2450 18: 2450 19: 2450 20: 2450 21: 1799 22: 2450 23: 2450
15: 2450 16: 2450 17: 2450 18: 2450 19: 2450 20: 2450 21: 2450 22: 2450 23: 2450
24: 2450 25: 2450 26: 2450 27: 2450 28: 2450 29: 2450 30: 2450 31: 2450 32: 2450
33: 2450 34: 2450 35: 2450 36: 2450 37: 2450 38: 2450 39: 2450 40: 2450 41: 2450
42: 2450 43: 2450 44: 3525 45: 2450 46: 2450 47: 2450 48: 2450 49: 2450 50: 2450
42: 2450 43: 2450 44: 2450 45: 3525 46: 2450 47: 2450 48: 2450 49: 2450 50: 2450
51: 2450 52: 2450 53: 2450 54: 2450 55: 2450 56: 2450 57: 2450 58: 2450 59: 2450
60: 2450 61: 2450 62: 2450 63: 2450 64: 2450 65: 2450 66: 2450 67: 2450 68: 2450
69: 2450 70: 2450 71: 2450 72: 2450 73: 2450 74: 2450 75: 2450 76: 2450 77: 2450
@ -57,14 +62,16 @@ CPU: Info: 64-Core model: AMD EPYC 7763 socket: SP3 bits: 64 type: MT MCP
87: 2450 88: 2450 89: 2450 90: 2450 91: 2450 92: 2450 93: 2450 94: 2450 95: 2450
96: 2450 97: 2450 98: 2450 99: 2450 100: 2450 101: 2450 102: 2450 103: 2450 104: 2450
105: 2450 106: 2450 107: 2450 108: 2450 109: 2450 110: 2450 111: 2450 112: 2450
113: 2450 114: 2450 115: 2450 116: 2450 117: 2450 118: 1799 119: 2450 120: 2450
113: 2450 114: 2450 115: 2450 116: 2450 117: 2450 118: 2450 119: 2450 120: 2450
121: 2450 122: 2450 123: 2450 124: 2450 125: 2450 126: 2450 127: 2450 128: 2450
Vulnerabilities: Type: itlb_multihit status: Not affected
Vulnerabilities: Type: gather_data_sampling status: Not affected
Type: itlb_multihit status: Not affected
Type: l1tf status: Not affected
Type: mds status: Not affected
Type: meltdown status: Not affected
Type: mmio_stale_data status: Not affected
Type: retbleed status: Not affected
Type: spec_rstack_overflow mitigation: Safe RET
Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl
Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization
Type: spectre_v2 mitigation: Retpolines, IBPB: conditional, IBRS_FW, STIBP: always-on,
@ -72,50 +79,47 @@ CPU: Info: 64-Core model: AMD EPYC 7763 socket: SP3 bits: 64 type: MT MCP
Type: srbds status: Not affected
Type: tsx_async_abort status: Not affected
Graphics: Device-1: ASPEED Graphics Family vendor: Super Micro H12SSL-i driver: ast v: kernel
bus-ID: 46:00.0 chip-ID: 1a03:2000 class-ID: 0300
bus-ID: 45:00.0 chip-ID: 1a03:2000 class-ID: 0300
Display: server: No display server data found. Headless machine? tty: N/A
Message: Advanced graphics data unavailable in console for root.
Audio: Message: No device data found.
Network: Device-1: Intel 82599ES 10-Gigabit SFI/SFP+ Network driver: N/A modules: ixgbe
port: 1000 bus-ID: 43:00.0 chip-ID: 8086:10fb class-ID: 0200
Network: Device-1: Broadcom NetXtreme BCM5720 Gigabit Ethernet PCIe vendor: Super Micro H12SSL-i
driver: tg3 v: kernel port: N/A bus-ID: 47:00.0 chip-ID: 14e4:165f class-ID: 0200
IF: nat-lan state: up speed: 1000 Mbps duplex: full mac: 3c:ec:ef:7e:bd:c8
IP v4: 10.32.65.13/20 type: dynamic scope: global
IP v6: fe80::3eec:efff:fe7e:bdc8/64 virtual: proto kernel_ll scope: link
Device-2: Broadcom NetXtreme BCM5720 Gigabit Ethernet PCIe vendor: Super Micro H12SSL-i
driver: tg3 v: kernel port: 2000 bus-ID: 48:00.0 chip-ID: 14e4:165f class-ID: 0200
IF: eno1 state: up speed: 1000 Mbps duplex: full mac: 3c:ec:ef:7e:bd:c8
IP v4: 10.32.65.13/20 type: dynamic noprefixroute scope: global broadcast: 10.32.79.255
IP v6: fe80::3eec:efff:fe7e:bdc8/64 scope: link
Device-3: Broadcom NetXtreme BCM5720 Gigabit Ethernet PCIe vendor: Super Micro H12SSL-i
driver: tg3 v: kernel port: 2000 bus-ID: 48:00.1 chip-ID: 14e4:165f class-ID: 0200
IF: eno2 state: up speed: 1000 Mbps duplex: full mac: 3c:ec:ef:7e:bd:c9
IP v4: 169.254.249.6/16 type: noprefixroute scope: global broadcast: 169.254.255.255
IP v6: 2001:470:ca5e:dee:587c:7a50:f36c:cae8/64 type: temporary dynamic scope: global
IP v6: 2001:470:ca5e:dee:3eec:efff:fe7e:bdc9/64 type: dynamic mngtmpaddr noprefixroute
scope: global
IP v6: fe80::3eec:efff:fe7e:bdc9/64 scope: link
IF-ID-1: enp74s0f3u1u2c2 state: unknown speed: -1 duplex: half mac: be:3a:f2:b6:05:9f
IP v4: 169.254.3.1/24 type: dynamic noprefixroute scope: global
broadcast: 169.254.3.255
IP v6: fe80::bc3a:f2ff:feb6:59f/64 scope: link
driver: tg3 v: kernel port: N/A bus-ID: 47:00.1 chip-ID: 14e4:165f class-ID: 0200
IF: wan state: up speed: 1000 Mbps duplex: full mac: 3c:ec:ef:7e:bd:c9
IP v6: 2001:bc8:38ee:100::500/128 scope: global
IP v6: fe80::3eec:efff:fe7e:bdc9/64 virtual: proto kernel_ll scope: link
IF-ID-1: enp73s0f3u1u2c2 state: down mac: be:3a:f2:b6:05:9f
WAN IP: 82.65.118.1
Bluetooth: Device-1: Insyde RNDIS/Ethernet Gadget type: USB driver: rndis_host v: kernel
bus-ID: 7-1.2:4 chip-ID: 0b1f:03ee class-ID: 0a00
Report: This feature requires one of these tools: hciconfig/bt-adapter
Drives: Local Storage: total: 6.19 TiB used: 2.08 GiB (0.0%)
ID-1: /dev/nvme0n1 maj-min: 259:1 vendor: Samsung model: MZWLJ7T6HALA-00AU3
Drives: Local Storage: total: 9.82 TiB used: 1.06 TiB (10.7%)
ID-1: /dev/nvme0n1 maj-min: 259:2 vendor: Samsung model: MZWLJ7T6HALA-00AU3
size: 6.19 TiB block-size: physical: 512 B logical: 512 B rotation: SSD
serial: S5RTNG0T110589 rev: EPK96R5Q temp: 44 Celsius C scheme: GPT
SMART: yes health: PASSED on: 24 hrs cycles: 44 read-units: 1,449,016 [741 GB]
written-units: 13,364,537 [6.84 TB]
Partition: ID-1: / raw-size: 6.18 TiB size: 6.18 TiB (100.00%) used: 2.04 GiB (0.0%) fs: btrfs
serial: S5RTNG0T110589 rev: EPK96R5Q temp: 40 Celsius C scheme: GPT
SMART: yes health: PASSED on: 273d 5h cycles: 113 read-units: 192,543,495 [98.5 TB]
written-units: 258,494,659 [132 TB]
ID-2: /dev/nvme1n1 maj-min: 259:0 vendor: Intel model: SSDPE2KX040T8 size: 3.64 TiB
block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s lanes: 4 rotation: SSD
serial: PHLJ940301WZ4P0DGN rev: VDV10131 temp: 33 Celsius C
SMART: yes health: PASSED on: 2y 188d 9h cycles: 36 read-units: 9,478,214,631 [4.85 PB]
written-units: 9,225,614,032 [4.72 PB]
Partition: ID-1: / raw-size: 6.18 TiB size: 6.18 TiB (100.00%) used: 1.06 TiB (17.1%) fs: btrfs
block-size: 4096 B dev: /dev/dm-0 maj-min: 254:0 mapped: nixroot
ID-2: /boot raw-size: 1023 MiB size: 1021 MiB (99.80%) used: 37 MiB (3.6%) fs: vfat
block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:2
ID-2: /boot raw-size: 1023 MiB size: 1021 MiB (99.80%) used: 23.9 MiB (2.3%) fs: vfat
block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:3
Swap: Kernel: swappiness: 60 (default) cache-pressure: 100 (default)
ID-1: swap-1 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -2
dev: /dev/nvme0n1p2 maj-min: 259:3
dev: /dev/nvme0n1p2 maj-min: 259:4
Sensors: Message: No ipmi sensor data found.
Message: No sensor data found. Is lm-sensors configured?
Info: Processes: 1010 Uptime: 20h 25m wakeups: 0 Init: systemd v: 253
target: multi-user.target tool: systemctl Compilers: gcc: 12.2.0 Packages:
nix-default: 0 nix-sys: 268 lib: 47 nix-usr: 0 Client: Sudo v: 1.9.13p3 inxi: 3.3.04
Info: Processes: 1226 Uptime: N/A wakeups: 0 Init: systemd v: 254 target: multi-user.target
tool: systemctl Compilers: gcc: 12.3.0 Packages: nix-default: 0 nix-sys: 415 lib: 65
nix-usr: 0 Client: Sudo v: 1.9.15p2 inxi: 3.3.04
```
![hardware topology](epyc.lstopo.svg)

@ -6,14 +6,15 @@
"home-manager": "home-manager",
"nixpkgs": [
"nixpkgs"
]
],
"systems": "systems"
},
"locked": {
"lastModified": 1690228878,
"narHash": "sha256-9Xe7JV0krp4RJC9W9W9WutZVlw6BlHTFMiUP/k48LQY=",
"lastModified": 1716561646,
"narHash": "sha256-UIGtLO89RxKt7RF2iEgPikSdU53r6v/6WYB0RW3k89I=",
"owner": "ryantm",
"repo": "agenix",
"rev": "d8c973fd228949736dedf61b7f8cc1ece3236792",
"rev": "c2fc0762bbe8feb06a2e59a364fa81b3a57671c9",
"type": "github"
},
"original": {
@ -31,11 +32,11 @@
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1689457600,
"narHash": "sha256-1XLn2ZZMaqQx+Ys3eel5hQRkgUn3DeHcVb2JT8WYU0A=",
"lastModified": 1711742460,
"narHash": "sha256-0O4v6e4a1toxXZ2gf5INhg4WPE5C5T+SVvsBt+45Mcc=",
"owner": "zhaofengli",
"repo": "attic",
"rev": "4902d57f5dae8ec660ee9ee14c45c2192f9fe8b1",
"rev": "4dbdbee45728d8ce5788db6461aaaa89d98081f0",
"type": "github"
},
"original": {
@ -54,11 +55,11 @@
"stable": "stable"
},
"locked": {
"lastModified": 1688224393,
"narHash": "sha256-rsAvFNhRFzTF7qyb6WprLFghJnRxMFjvD2e5/dqMp4I=",
"lastModified": 1711386353,
"narHash": "sha256-gWEpb8Hybnoqb4O4tmpohGZk6+aerAbJpywKcFIiMlg=",
"owner": "zhaofengli",
"repo": "colmena",
"rev": "19384f3ee2058c56021e4465a3ec57e84a47d8dd",
"rev": "cd65ef7a25cdc75052fbd04b120aeb066c3881db",
"type": "github"
},
"original": {
@ -69,26 +70,17 @@
},
"crane": {
"inputs": {
"flake-compat": [
"attic",
"flake-compat"
],
"flake-utils": [
"attic",
"flake-utils"
],
"nixpkgs": [
"attic",
"nixpkgs"
],
"rust-overlay": "rust-overlay"
]
},
"locked": {
"lastModified": 1677892403,
"narHash": "sha256-/Wi0L1spSWLFj+UQxN3j0mPYMoc7ZoAujpUF/juFVII=",
"lastModified": 1702918879,
"narHash": "sha256-tWJqzajIvYcaRWxn+cLUB9L9Pv4dQ3Bfit/YjU5ze3g=",
"owner": "ipetkov",
"repo": "crane",
"rev": "105e27adb70a9890986b6d543a67761cbc1964a2",
"rev": "7195c00c272fdd92fc74e7d5a0a2844b9fadb2fb",
"type": "github"
},
"original": {
@ -105,11 +97,11 @@
]
},
"locked": {
"lastModified": 1673295039,
"narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=",
"lastModified": 1700795494,
"narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "87b9d090ad39b25b2400029c64825fc2a8868943",
"rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
"type": "github"
},
"original": {
@ -126,11 +118,11 @@
]
},
"locked": {
"lastModified": 1690739034,
"narHash": "sha256-roW02IaiQ3gnEEDMCDWL5YyN+C4nBf/te6vfL7rG0jk=",
"lastModified": 1716431128,
"narHash": "sha256-t3T8HlX3udO6f4ilLcN+j5eC3m2gqsouzSGiriKK6vk=",
"owner": "nix-community",
"repo": "disko",
"rev": "4015740375676402a2ee6adebc3c30ea625b9a94",
"rev": "7ffc4354dfeb37c8c725ae1465f04a9b45ec8606",
"type": "github"
},
"original": {
@ -178,32 +170,11 @@
]
},
"locked": {
"lastModified": 1690933134,
"narHash": "sha256-ab989mN63fQZBFrkk4Q8bYxQCktuHmBIBqUG1jl6/FQ=",
"lastModified": 1715865404,
"narHash": "sha256-/GJvTdTpuDjNn84j82cU6bXztE0MSkdnTWClUCRub78=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "59cf3f1447cfc75087e7273b04b31e689a8599fb",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"nixos-hypervisor",
"nixpkgs"
]
},
"locked": {
"lastModified": 1687762428,
"narHash": "sha256-DIf7mi45PKo+s8dOYF+UlXHzE0Wl/+k3tXUyAoAnoGE=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "37dd7bb15791c86d55c5121740a1887ab55ee836",
"rev": "8dc45382d5206bd292f9c2768b8058a8fd8311d9",
"type": "github"
},
"original": {
@ -215,11 +186,11 @@
"flake-registry": {
"flake": false,
"locked": {
"lastModified": 1689333397,
"narHash": "sha256-g1Nn0sgH/hR/gEAQ1q6bloU+Q+V+Y4HlBBH6CBxC0HM=",
"lastModified": 1705308826,
"narHash": "sha256-Z3xTYZ9EcRIqZAufZbci912MUKB0sD+qxi/KTGMFVwY=",
"owner": "NixOS",
"repo": "flake-registry",
"rev": "5d8dc3eb692809ffd9a2f22cdb8015aa11972905",
"rev": "9c69f7bd2363e71fe5cd7f608113290c7614dcdd",
"type": "github"
},
"original": {
@ -266,11 +237,11 @@
]
},
"locked": {
"lastModified": 1682203081,
"narHash": "sha256-kRL4ejWDhi0zph/FpebFYhzqlOBrk0Pl3dzGEKSAlEw=",
"lastModified": 1703113217,
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "32d3e39c491e2f91152c84f8ad8b003420eab0a1",
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
"type": "github"
},
"original": {
@ -286,27 +257,27 @@
]
},
"locked": {
"lastModified": 1687871164,
"narHash": "sha256-bBFlPthuYX322xOlpJvkjUBz0C+MOBjZdDOOJJ+G2jU=",
"lastModified": 1717527182,
"narHash": "sha256-vWSkg6AMok1UUQiSYVdGMOXKD2cDFnajITiSi0Zjd1A=",
"owner": "rycee",
"repo": "home-manager",
"rev": "07c347bb50994691d7b0095f45ebd8838cf6bc38",
"rev": "845a5c4c073f74105022533907703441e0464bc3",
"type": "github"
},
"original": {
"owner": "rycee",
"ref": "release-23.05",
"ref": "release-24.05",
"repo": "home-manager",
"type": "github"
}
},
"nixos-hardware": {
"locked": {
"lastModified": 1690957133,
"narHash": "sha256-0Y4CiOIszhHDDXHFmvHUpmhUotKOIn0m3jpMlm6zUTE=",
"lastModified": 1716715385,
"narHash": "sha256-fe6Z33pbfqu4TI5ijmcaNc5vRBs633tyxJ12HTghy3w=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "24f9162b26f0debd163f6d94752aa2acb9db395a",
"rev": "2e7d6c568063c83355fe066b8a8917ee758de1b8",
"type": "github"
},
"original": {
@ -315,36 +286,13 @@
"type": "github"
}
},
"nixos-hypervisor": {
"inputs": {
"flake-parts": "flake-parts_2",
"nixpkgs": [
"nixpkgs"
],
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1688428885,
"narHash": "sha256-fVIbXKvHmxSUAKTMiXx799UasQwU2XT+op7bzvtfl8c=",
"ref": "main",
"rev": "9f32a304708fd9c91c081db05eee1b4f2e0226cc",
"revCount": 2,
"type": "git",
"url": "ssh://gitea@git.newtype.fr/newtype/nixos-hypervisor"
},
"original": {
"ref": "main",
"type": "git",
"url": "ssh://gitea@git.newtype.fr/newtype/nixos-hypervisor"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1686519857,
"narHash": "sha256-VkBhuq67aXXiCoEmicziuDLUPPjeOTLQoj6OeVai5zM=",
"lastModified": 1711401922,
"narHash": "sha256-QoQqXoj8ClGo0sqD/qWKFWezgEwUL0SUh37/vY2jNhc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "6b1b72c0f887a478a5aac355674ff6df0fc44f44",
"rev": "07262b18b97000d16a4bdb003418bd2fb067a932",
"type": "github"
},
"original": {
@ -356,27 +304,27 @@
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1685004253,
"narHash": "sha256-AbVL1nN/TDicUQ5wXZ8xdLERxz/eJr7+o8lqkIOVuaE=",
"lastModified": 1711460390,
"narHash": "sha256-akSgjDZL6pVHEfSE6sz1DNSXuYX6hq+P/1Z5IoYWs7E=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3e01645c40b92d29f3ae76344a6d654986a91a91",
"rev": "44733514b72e732bd49f5511bd0203dea9b9a434",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.05",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1691003216,
"narHash": "sha256-Qq/MPkhS12Bl0X060pPvX3v9ac3f2rRQfHjjozPh/Qs=",
"lastModified": 1716715802,
"narHash": "sha256-usk0vE7VlxPX8jOavrtpOqphdfqEQpf9lgedlY/r66c=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4a56ce9727a0c5478a836a0d8a8f641c5b9a3d5f",
"rev": "e2dd4e18cc1c7314e24154331bae07df76eb582f",
"type": "github"
},
"original": {
@ -388,27 +336,27 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1691083802,
"narHash": "sha256-bjWTVGskCWR2BdB0Glnj2FyHooNiFThkFBF4oaAMe2s=",
"lastModified": 1717796960,
"narHash": "sha256-BKjQ9tQdsuoROrojHZb7KTAv95WprqCkNFvuzatfEo0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "096c262bbb73d84b8298d81c7daa9890c6ccd6da",
"rev": "8e0a5f16b7bf7f212be068dd302c49888c6ad68f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-23.05",
"ref": "nixos-24.05-small",
"repo": "nixpkgs",
"type": "github"
}
},
"nur": {
"locked": {
"lastModified": 1691109630,
"narHash": "sha256-NkltnE+ZMABNP7pJVj7ftu/58aTGa5PXxICLr8fjkI4=",
"lastModified": 1716741358,
"narHash": "sha256-4bxptwbmplGKq3W4tl6Zem/bOHsdLP4DSPcm/FfCaFE=",
"owner": "nix-community",
"repo": "NUR",
"rev": "dcd922e7738fc027c73cd2cc110015d38fba9651",
"rev": "c65a3bde6793b437a705edfe5ff8435cbb8307a2",
"type": "github"
},
"original": {
@ -427,40 +375,12 @@
"flake-registry": "flake-registry",
"home-manager": "home-manager_2",
"nixos-hardware": "nixos-hardware",
"nixos-hypervisor": "nixos-hypervisor",
"nixpkgs": "nixpkgs_2",
"nixpkgs-unstable": "nixpkgs-unstable",
"nur": "nur",
"srvos": "srvos"
}
},
"rust-overlay": {
"inputs": {
"flake-utils": [
"attic",
"crane",
"flake-utils"
],
"nixpkgs": [
"attic",
"crane",
"nixpkgs"
]
},
"locked": {
"lastModified": 1675391458,
"narHash": "sha256-ukDKZw922BnK5ohL9LhwtaDAdCsJL7L6ScNEyF1lO9w=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "383a4acfd11d778d5c2efcf28376cbd845eeaedf",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"srvos": {
"inputs": {
"nixpkgs": [
@ -468,11 +388,11 @@
]
},
"locked": {
"lastModified": 1690557184,
"narHash": "sha256-KMGPz3pP7OoUZaUhgcuYG84CtVaJOQw6RK8J0fAtKt0=",
"lastModified": 1716425501,
"narHash": "sha256-BSLhmGYY1khyyBAjraR+N0Pa9Nha/et5yQQlEZxcfkU=",
"owner": "numtide",
"repo": "srvos",
"rev": "ceed433086a85e5540bd73cff46497af5a09e36f",
"rev": "1122cd50a23647e09c3e7a679d37ec02113bc412",
"type": "github"
},
"original": {
@ -483,38 +403,32 @@
},
"stable": {
"locked": {
"lastModified": 1669735802,
"narHash": "sha256-qtG/o/i5ZWZLmXw108N2aPiVsxOcidpHJYNkT45ry9Q=",
"lastModified": 1696039360,
"narHash": "sha256-g7nIUV4uq1TOVeVIDEZLb005suTWCUjSY0zYOlSBsyE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "731cc710aeebecbf45a258e977e8b68350549522",
"rev": "32dcb45f66c0487e92db8303a798ebc548cadedc",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-22.11",
"ref": "nixos-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"nixos-hypervisor",
"nixpkgs"
]
},
"systems": {
"locked": {
"lastModified": 1688026376,
"narHash": "sha256-qJmkr9BWDpqblk4E9/rCsAEl39y2n4Ycw6KRopvpUcY=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "df3f32b0cc253dfc7009b7317e8f0e7ccd70b1cf",
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}

@ -10,13 +10,13 @@
flake-parts.url = "github:hercules-ci/flake-parts";
flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs";
nixpkgs.url = "github:NixOS/nixpkgs/release-23.05";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05-small";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
nixos-hardware.url = "github:NixOS/nixos-hardware";
nur.url = "github:nix-community/NUR";
home-manager.url = "github:rycee/home-manager/release-23.05";
home-manager.url = "github:rycee/home-manager/release-24.05";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
agenix.url = "github:ryantm/agenix";
@ -33,8 +33,8 @@
# Ryan's experimental hypervisor based on cloud-hypervisor
# Private repository, you need a valid SSH key to access it
nixos-hypervisor.url = "git+ssh://gitea@git.newtype.fr/newtype/nixos-hypervisor?ref=main";
nixos-hypervisor.inputs.nixpkgs.follows = "nixpkgs";
# nixos-hypervisor.url = "git+ssh://gitea@git.newtype.fr/newtype/nixos-hypervisor?ref=main";
# nixos-hypervisor.inputs.nixpkgs.follows = "nixpkgs";
flake-registry.url = "github:NixOS/flake-registry";
flake-registry.flake = false;

@ -1,4 +1,4 @@
{ lib, ... }:
{ lib, pkgs, ... }:
let
gcc-system-features = arch: lib.optionals (arch != null) ([ "gccarch-${arch}" ]
++ map (x: "gccarch-${x}") lib.systems.architectures.inferiors.${arch});
@ -20,21 +20,23 @@ in
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
virtualisation.docker = {
enable = true;
rootless.enable = true;
};
# TODO: there's a critical bug on 6.8+ where btrfs won't mount the rootfs at all.
# Do not upgrade until it is fixed. Ping Raito when needed.
# boot.kernelPackages = pkgs.linuxPackage_latest;
# Open public access to our PostgreSQL.
services.postgresql.enable = true;
services.postgresql.enableTCPIP = true;
services.postgresql.authentication = ''
host hydra-nixos-org hydra_ro ::/0 trust
'';
networking.firewall.allowedTCPPorts = [ 5432 ];
virtualisation.nvisor.vms = {
vm01 = {
config = { pkgs, ... }: {
environment.systemPackages = [ pkgs.hello ];
};
};
};
nix.buildMachines = [
{ hostName = "localhost";
systems = [

@ -1,9 +1,9 @@
{ lib, ... }:
let
mirrors = {
"https://android.googlesource.com" = "/var/lib/src/aosp/mirror";
"https://github.com/LineageOS" = "/var/lib/src/lineageos/LineageOS";
"https://github.com/TheMuppets" = "/var/lib/src/themuppets/TheMuppets";
# "https://android.googlesource.com" = "/mnt/aospaosp/mirror";
# "https://github.com/LineageOS" = "/var/lib/src/lineageos/LineageOS";
# "https://github.com/TheMuppets" = "/var/lib/src/themuppets/TheMuppets";
};
in
{

@ -1,7 +1,9 @@
{ pkgs, ... }: {
system.autoUpgrade.enable = true;
system.autoUpgrade.flake = "git:git.newtype.fr/newtype/newtype-org-configurations";
system.autoUpgrade.flags = [ "--option" "accept-flake-config" "true" ];
system.autoUpgrade = {
enable = true;
flake = "git+https://git.newtype.fr/newtype/newtype-org-configurations";
flags = [ "--option" "accept-flake-config" "true" ];
};
# add a random jitter so not all machines reboot at the same time.
systemd.timers.auto-reboot.timerConfig.RandomizedDelaySec = 60 * 20;

@ -5,6 +5,8 @@
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA3hCOyFwuoCLt5W9e9yQSwj9I+VspB0kNNHsoFngbgZ raito@thors"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF07Sy0O+oletFYlrfS0+XtBWJO2F+Rc9J/ocNLBa/OE raito@thorkell"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDu4cEqZzAI/1vZjSQkTJ4ijIg9nuloOuSKUrnkJIOFn buildbot@top-secret" # Top secret's project buildbot key
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIH/LDRUG+U+++UmlxvA2kspioTjktQZ8taDcHq8gVlkfAAAABHNzaDo=" # winterqt
];
uid = 5001;
};

@ -23,4 +23,15 @@
};
};
};
services.nginx = {
enable = true;
virtualHosts."s3.infra.newtype.fr" = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://[::1]:3900/";
};
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
}

@ -8,12 +8,18 @@
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.kernelParams = [ "pci=realloc" ];
boot.kernelParams = [ "pci=realloc" "boot.shell_on_fail" ];
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.initrd.extraUtilsCommands = ''
copy_bin_and_libs ${pkgs.nvme-cli}/bin/nvme
copy_bin_and_libs ${pkgs.util-linux}/bin/blkzone
copy_bin_and_libs ${pkgs.util-linux}/bin/lsblk
'';
boot.initrd.systemd.enable = lib.mkForce false;
fileSystems."/" =
@ -34,7 +40,7 @@
swapDevices =
[ { device = "/dev/disk/by-uuid/93e251e1-1bfc-4bd4-8585-ea2eae7795bf"; }
];
];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;

@ -40,7 +40,7 @@ in
# usually, for each host there is a hostname.dse.in.tum.de and hostname.r domain
networking.newtype.hosts = {
epyc = {
ipv6 = "2001:470:ca5e:dee:587c:7a50:f36c:cae8";
ipv6 = "2001:bc8:38ee:100::500";
};
};
};

@ -1,6 +1,6 @@
{ pkgs, ... }: {
services.hydra = {
enable = true;
enable = false;
hydraURL = "https://hydra.newtype.fr";
notificationSender = "hydra@localhost";
buildMachinesFiles = [ "/etc/nix/machines" ];

@ -1,5 +1,2 @@
{ ... }: {
virtualisation.nvisor = {
enable = true;
};
}

@ -30,6 +30,13 @@ in
{ domain = "*"; item = "nofile"; type = "-"; value = "20480"; }
];
# Makes the computer go faster.
# nixos.jobserver.enable = true;
# TODO(raito): rework this.
# Avoid weird failures for builders.
services.openssh.settings.MaxStartups = 100;
# Memory accounting techniques
systemd.services.nix-daemon.serviceConfig = {
MemoryAccounting = true;
@ -51,18 +58,19 @@ in
gc.randomizedDelaySec = "1800";
# Inchallah, it works.
package = pkgs.nixVersions.nix_2_18;
# package = lib.mkForce inputs.nixpkgs-unstable.legacyPackages.x86_64-linux.nixVersions.nix_2_17;
# should be enough?
nrBuildUsers = 128;
settings = {
keep-outputs = true;
keep-derivations = true;
keep-outputs = false;
keep-derivations = false;
use-cgroups = true;
http-connections = 0;
auto-allocate-uids = true;
cores = 64; # 128 is too much, it will explode the RAM for now. Let's keep it serious.
cores = 0;
max-jobs = 2; # Do not build more than 2 derivations at once in the event, both of them are too big, yes this is stupid, fix it in Nix.
fsync-metadata = true;
substituters = [
@ -76,9 +84,8 @@ in
];
experimental-features = [
"auto-allocate-uids"
"ca-derivations"
# "ca-derivations" this feature is really extremely broken.
"cgroups"
"discard-references"
"fetch-closure"
"impure-derivations"
];

@ -22,7 +22,6 @@ in
luj = {
isNormalUser = true;
home = "/home/luj";
inherit (config.users.users.raito);
extraGroups = extraGroups ++ [ "production-hydra-db" ];
shell = "/run/current-system/sw/bin/zsh";
uid = 1001;
@ -66,6 +65,6 @@ in
};
};
nix.settings.trusted-users = [ "raito" "luj" "gdd" "akechi" "tomate" ];
nix.settings.trusted-users = [ "raito" "luj" "gdd" "akechi" "tomate" "niklas" "jade" "winter" ];
};
}

@ -5,15 +5,8 @@ let
];
in
{
# deleted users: ninjatrappeur, flokli
users.users = {
ninjatrappeur = {
isNormalUser = true;
home = "/home/ninjatrappeur";
shell = "/run/current-system/sw/bin/zsh";
uid = 2000;
extraGroups = trustedFriendGroups;
openssh.authorizedKeys.keyFiles = [ ./keys/ninjatrappeur.keys ];
};
linus = {
isNormalUser = true;
home = "/home/linus";
@ -24,5 +17,68 @@ in
extraGroups = [ "wheel" ] ++ trustedFriendGroups;
openssh.authorizedKeys.keyFiles = [ ./keys/linus.keys ];
};
niklas = {
isNormalUser = true;
home = "/home/niklas";
shell = "/run/current-system/sw/bin/zsh";
uid = 2002;
extraGroups = trustedFriendGroups;
openssh.authorizedKeys.keyFiles = [ ./keys/niklas.keys ];
};
# Raito: Permanent account for Jade who has been driving a lot of good work.
# expires = 2060 because of a convergence bug, I cannot remove the expiration date anymore.
jade = {
isNormalUser = true;
home = "/home/jade";
shell = "/run/current-system/sw/bin/zsh";
uid = 2004;
expires = "2060-05-01";
extraGroups = trustedFriendGroups;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNldAg4t13/i69TD786The+U3wbiNUdW2Kc9KNWvEhgpf4y4x4Sft0oYfkPw5cjX4H3APqfD+b7ItAG0GCbwHw6KMYPoVMNK08zBMJUqt1XExbqGeFLqBaeqDsmEAYXJRbjMTAorpOCtgQdoCKK/DvZ51zUWXxT8UBNHSl19Ryv5Ry5VVdbAE35rqs57DQ9+ma6htXnsBEmmnC+1Zv1FE956m/OpBTId50mor7nS2FguAtPZnDPpTd5zl9kZmJEuWCrmy6iinw5V4Uy1mLeZkQv+/FtozbyifCRCvps9nHpv4mBSU5ABLgnRRvXs+D41Jx7xloNADr1nNgpsNrYaTh hed-bot-ssh-tpm-rsa"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIKYljH8iPMrH00lOb3ETxRrZimdKzPPEdsJQ5D5ovtOwAAAACnNzaDpzc2hrZXk= ssh:sshkey"
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBO4idMfdJxDJuBNOid60d4I+qxj09RHt+YkCYV2eXt6tGrEXg+S8hTQusy/SqooiXUH9pt4tea2RuBPN9+UwrH0= type-a yubikey slot 9a"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHGIBMfUypLctmorlRz9xIzXRgmtqDMxF5T5Fxy4JxNb root@tail-bot"
];
};
# Raito: Permanent account for winter, she was the one in charge of the Darwin build box for a while,
# helped a bunch of people and deserve it :-).
# expires = 2060 because of a convergence bug, I cannot remove the expiration date anymore.
winter = {
isNormalUser = true;
home = "/home/winter";
shell = "/run/current-system/sw/bin/zsh";
uid = 2005;
expires = "2060-05-01";
extraGroups = trustedFriendGroups;
openssh.authorizedKeys.keys = [
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIH/LDRUG+U+++UmlxvA2kspioTjktQZ8taDcHq8gVlkfAAAABHNzaDo="
];
};
# Raito: Permanent account for pennae, they are doing a bunch of excellent Nix work (including performance).
pennae = {
isNormalUser = true;
home = "/home/pennae";
shell = "/run/current-system/sw/bin/zsh";
uid = 2006;
# Raito: Allowed to debug jobserver.
extraGroups = [ "wheel" ] ++ trustedFriendGroups;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC5Wf5/IbyFpdziWfwxkQqxOf3r1L9pYn6xQBEKFwmMY"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIK8icXjHkb4XzbIVN3djH4CE7RvgGd+3xbG4cgh0Yls5AAAABHNzaDo="
];
};
# Raito: Temporary account until next year, for delroth, who is going to work on building capabilities for improving build infrastructure.
delroth = {
isNormalUser = true;
home = "/home/delroth";
shell = "/run/current-system/sw/bin/zsh";
uid = 2007;
# Raito: Allowed to spawn new VMs and do various stuff for isolating the workloads.
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII3tjB4KYDok3KlWxdBp/yEmqhhmybd+w0VO4xUwLKKV"
];
};
};
}

@ -0,0 +1 @@
sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAINHd1ay1FSTHZzE+3XCdUiS5efFmJ9GUvx4+7F5uXVtMAAAABHNzaDo= nikstur

@ -1,3 +1,4 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDcEkYM1r8QVNM/G5CxJInEdoBCWjEHHDdHlzDYNSUIdHHsn04QY+XI67AdMCm8w30GZnLUIj5RiJEWXREUApby0GrfxGGcy8otforygfgtmuUKAUEHdU2MMwrQI7RtTZ8oQ0USRGuqvmegxz3l5caVU7qGvBllJ4NUHXrkZSja2/51vq80RF4MKkDGiz7xUTixI2UcBwQBCA/kQedKV9G28EH+1XfvePqmMivZjl+7VyHsgUVj9eRGA1XWFw59UPZG8a7VkxO/Eb3K9NF297HUAcFMcbY6cPFi9AaBgu3VC4eetDnoN/+xT1owiHi7BReQhGAy/6cdf7C/my5ehZwD
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE0xMwWedkKosax9+7D2OlnMxFL/eV4CvFZLsbLptpXr
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKiXXYkhRh+s7ixZ8rvG8ntIqd6FELQ9hh7HoaHQJRPU
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJFsZ7PMDt80tYXHyScQajNhqH4wuYg/o0OxfOHaZD4rXuT0VIKflKH1M9LslfHWIEH3XNeqhQOziH9r+Ny5JcM=

Loading…
Cancel
Save