Compare commits

..

2 Commits

Author SHA1 Message Date
Raito Bezarius df0771e346 infra(epyc): add my key on builder and iperf3 server 2 years ago
Raito Bezarius f6c1177c38 infra: init vieuxtype.infra.newtype.fr 2 years ago

1
.gitignore vendored

@ -1 +0,0 @@
.direnv

@ -34,59 +34,53 @@ let
./modules/hosts.nix
./modules/network.nix
./modules/zsh.nix
./modules/ssh-cursed.nix
# FIXME: ./modules/buildbot — whenever you are ready.
disko.nixosModules.disko
srvos.nixosModules.server
# srvos.nixosModules.mixins-telegraf
srvos.nixosModules.mixins-trusted-nix-caches
srvos.nixosModules.mixins-terminfo
# srvos.nixosModules.mixins-telegraf
# srvos.nixosModules.mixins-terminfo
agenix.nixosModules.default
({ pkgs
, config
, lib
, ...
}:
let
sopsFile = ./. + "/hosts/${config.networking.hostName}.yml";
in
{
nix.nixPath = [
"home-manager=${home-manager}"
"nixpkgs=${pkgs.path}"
"nur=${nur}"
];
# TODO: share nixpkgs for each machine to speed up local evaluation.
#nixpkgs.pkgs = self.inputs.nixpkgs.legacyPackages.${system};
}: let
sopsFile = ./. + "/hosts/${config.networking.hostName}.yml";
in {
nix.nixPath = [
"home-manager=${home-manager}"
"nixpkgs=${pkgs.path}"
"nur=${nur}"
];
#users.withSops = builtins.pathExists sopsFile;
#sops.secrets = lib.mkIf (config.users.withSops) {
# root-password-hash.neededForUsers = true;
#};
# sops.defaultSopsFile = lib.mkIf (builtins.pathExists sopsFile) sopsFile;
environment.systemPackages = [
pkgs.kitty.terminfo
];
nix.extraOptions = ''
flake-registry = ${flake-registry}/flake-registry.json
builders-use-substitutes = true
'';
# TODO: share nixpkgs for each machine to speed up local evaluation.
#nixpkgs.pkgs = self.inputs.nixpkgs.legacyPackages.${system};
nix.registry = {
home-manager.flake = home-manager;
nixpkgs.flake = nixpkgs;
nur.flake = nur;
};
time.timeZone = "UTC";
#users.withSops = builtins.pathExists sopsFile;
#sops.secrets = lib.mkIf (config.users.withSops) {
# root-password-hash.neededForUsers = true;
#};
# sops.defaultSopsFile = lib.mkIf (builtins.pathExists sopsFile) sopsFile;
environment.systemPackages = [
pkgs.kitty.terminfo
];
})
nix.extraOptions = ''
flake-registry = ${flake-registry}/flake-registry.json
'';
nix.registry = {
home-manager.flake = home-manager;
nixpkgs.flake = nixpkgs;
nur.flake = nur;
};
time.timeZone = "UTC";
})
];
in
{
@ -99,6 +93,15 @@ in
++ [
./hosts/epyc.nix
];
};
vieuxtype = nixosSystem {
system = "x86_64-linux";
modules =
commonModules
++ colmenaModules
++ [
./hosts/vieuxtype.nix
];
};
};
@ -112,6 +115,15 @@ in
++ [
./hosts/epyc.nix
];
};
vieuxtype = {
system = "x86_64-linux";
modules =
commonModules
++ [
./hosts/vieuxtype.nix
];
};
};
}

@ -1,7 +1,7 @@
<?xml version='1.0' encoding='UTF-8'?>
<svg xmlns='http://www.w3.org/2000/svg' xmlns:xlink='http://www.w3.org/1999/xlink' width='1375px' height='431px' viewBox='0 0 1375px 431px' version='1.1'>
<rect id='Machine_0_rect' class='Machine' x='0' y='0' width='1375' height='393' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Machine_0_text' class='Machine' font-family='Monospace' x='7' y='17' fill='rgb(0,0,0)' font-size='10px'>Machine (252GB total)</text>
<svg xmlns='http://www.w3.org/2000/svg' xmlns:xlink='http://www.w3.org/1999/xlink' width='1375px' height='386px' viewBox='0 0 1375px 386px' version='1.1'>
<rect id='Machine_0_rect' class='Machine' x='0' y='0' width='1375' height='348' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Machine_0_text' class='Machine' font-family='Monospace' x='7' y='17' fill='rgb(0,0,0)' font-size='10px'>Machine (126GB total)</text>
<rect id='Package_0_rect' class='Package' x='7' y='24' width='974' height='293' fill='rgb(210,231,164)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Package_0_text' class='Package' font-family='Monospace' x='14' y='41' fill='rgb(0,0,0)' font-size='10px'>Package L#0</text>
<rect id='L3_0_rect' class='L3' x='14' y='79' width='297' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
@ -153,18 +153,18 @@
<text id='PU_127_text' class='PU' font-family='Monospace' x='912' y='282' fill='rgb(0,0,0)' font-size='10px'>PU L#127</text>
<text id='PU_127_text_1' class='PU' font-family='Monospace' x='921' y='296' fill='rgb(0,0,0)' font-size='10px'>P#127</text>
<rect id='NUMANode_0_rect' class='NUMANode' x='14' y='48' width='960' height='24' fill='rgb(239,223,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='NUMANode_0_text' class='NUMANode' font-family='Monospace' x='21' y='65' fill='rgb(0,0,0)' font-size='10px'>NUMANode L#0 P#0 (252GB)</text>
<text id='NUMANode_0_text' class='NUMANode' font-family='Monospace' x='21' y='65' fill='rgb(0,0,0)' font-size='10px'>NUMANode L#0 P#0 (126GB)</text>
<rect id='HostBridge_0_rect' class='HostBridge' x='988' y='24' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='HostBridge_0_line' class='HostBridge' x1='995' y1='27' x2='1002' y2='27' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='HostBridge_0_line_2' class='HostBridge' x1='1002' y1='27' x2='1026' y2='27' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_2' class='HostBridge' font-family='Monospace' x='1005' y='40' fill='rgb(0,0,0)' font-size='10px'>7.9</text>
<line id='HostBridge_0_line_3' class='HostBridge' x1='1002' y1='103' x2='1026' y2='103' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_3' class='HostBridge' font-family='Monospace' x='1005' y='116' fill='rgb(0,0,0)' font-size='10px'>3.9</text>
<line id='HostBridge_0_line_4' class='HostBridge' x1='1002' y1='179' x2='1026' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_4' class='HostBridge' font-family='Monospace' x='1005' y='192' fill='rgb(0,0,0)' font-size='10px'>0.2</text>
<line id='HostBridge_0_line_5' class='HostBridge' x1='1002' y1='210' x2='1026' y2='210' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_5' class='HostBridge' font-family='Monospace' x='1005' y='223' fill='rgb(0,0,0)' font-size='10px'>1.0</text>
<line id='HostBridge_0_line_1' class='HostBridge' x1='1002' y1='27' x2='1002' y2='210' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_3' class='HostBridge' font-family='Monospace' x='1005' y='116' fill='rgb(0,0,0)' font-size='10px'>4.0</text>
<line id='HostBridge_0_line_4' class='HostBridge' x1='1002' y1='134' x2='1026' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_4' class='HostBridge' font-family='Monospace' x='1005' y='147' fill='rgb(0,0,0)' font-size='10px'>0.2</text>
<line id='HostBridge_0_line_5' class='HostBridge' x1='1002' y1='165' x2='1026' y2='165' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='HostBridge_0_text_5' class='HostBridge' font-family='Monospace' x='1005' y='178' fill='rgb(0,0,0)' font-size='10px'>1.0</text>
<line id='HostBridge_0_line_1' class='HostBridge' x1='1002' y1='27' x2='1002' y2='165' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCIBridge_1_rect' class='PCIBridge' x='1026' y='24' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_1_line' class='PCIBridge' x1='1033' y1='27' x2='1040' y2='27' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_1_line_2' class='PCIBridge' x1='1040' y1='27' x2='1064' y2='27' stroke='rgb(0,0,0)' stroke-width='1'/>
@ -178,56 +178,52 @@
<rect id='PCIBridge_2_rect' class='PCIBridge' x='1026' y='100' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_2_line' class='PCIBridge' x1='1033' y1='103' x2='1040' y2='103' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_2_line_2' class='PCIBridge' x1='1040' y1='103' x2='1064' y2='103' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_2_text_2' class='PCIBridge' font-family='Monospace' x='1043' y='116' fill='rgb(0,0,0)' font-size='10px'>3.9</text>
<line id='PCIBridge_2_line_1' class='PCIBridge' x1='1040' y1='103' x2='1040' y2='103' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCI_1_rect' class='PCI' x='1064' y='100' width='106' height='69' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_1_text' class='PCI' font-family='Monospace' x='1071' y='117' fill='rgb(0,0,0)' font-size='10px'>PCI 42:00.0</text>
<rect id='Block_1_rect' class='Block' x='1071' y='124' width='92' height='38' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Block_1_text' class='Block' font-family='Monospace' x='1078' y='141' fill='rgb(0,0,0)' font-size='10px'>Block nvme1n1</text>
<text id='Block_1_text_1' class='Block' font-family='Monospace' x='1078' y='155' fill='rgb(0,0,0)' font-size='10px'>3726 GB</text>
<rect id='PCIBridge_3_rect' class='PCIBridge' x='1026' y='176' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_3_line' class='PCIBridge' x1='1033' y1='179' x2='1040' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_3_line_2' class='PCIBridge' x1='1040' y1='179' x2='1064' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_3_text_2' class='PCIBridge' font-family='Monospace' x='1043' y='192' fill='rgb(0,0,0)' font-size='10px'>0.2</text>
<line id='PCIBridge_3_line_1' class='PCIBridge' x1='1040' y1='179' x2='1040' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCIBridge_4_rect' class='PCIBridge' x='1064' y='176' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_4_line' class='PCIBridge' x1='1071' y1='179' x2='1078' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_4_line_2' class='PCIBridge' x1='1078' y1='179' x2='1102' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_4_line_1' class='PCIBridge' x1='1078' y1='179' x2='1078' y2='179' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCI_2_rect' class='PCI' x='1102' y='176' width='80' height='24' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_2_text' class='PCI' font-family='Monospace' x='1109' y='193' fill='rgb(0,0,0)' font-size='10px'>PCI 45:00.0</text>
<rect id='PCIBridge_5_rect' class='PCIBridge' x='1026' y='207' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_5_line' class='PCIBridge' x1='1033' y1='210' x2='1040' y2='210' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_5_line_2' class='PCIBridge' x1='1040' y1='210' x2='1064' y2='210' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_5_text_2' class='PCIBridge' font-family='Monospace' x='1043' y='223' fill='rgb(0,0,0)' font-size='10px'>1.0</text>
<line id='PCIBridge_5_line_3' class='PCIBridge' x1='1040' y1='272' x2='1064' y2='272' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_5_text_3' class='PCIBridge' font-family='Monospace' x='1043' y='285' fill='rgb(0,0,0)' font-size='10px'>1.0</text>
<line id='PCIBridge_5_line_1' class='PCIBridge' x1='1040' y1='210' x2='1040' y2='272' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCI_3_rect' class='PCI' x='1064' y='207' width='94' height='55' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_3_text' class='PCI' font-family='Monospace' x='1071' y='224' fill='rgb(0,0,0)' font-size='10px'>PCI 47:00.0</text>
<rect id='Net_2_rect' class='Net' x='1071' y='231' width='80' height='24' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Net_2_text' class='Net' font-family='Monospace' x='1078' y='248' fill='rgb(0,0,0)' font-size='10px'>Net nat-lan</text>
<rect id='PCI_4_rect' class='PCI' x='1064' y='269' width='80' height='55' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_4_text' class='PCI' font-family='Monospace' x='1071' y='286' fill='rgb(0,0,0)' font-size='10px'>PCI 47:00.1</text>
<rect id='Net_3_rect' class='Net' x='1071' y='293' width='56' height='24' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Net_3_text' class='Net' font-family='Monospace' x='1078' y='310' fill='rgb(0,0,0)' font-size='10px'>Net wan</text>
<rect id='PCI_1_rect' class='PCI' x='1064' y='100' width='80' height='24' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_1_text' class='PCI' font-family='Monospace' x='1071' y='117' fill='rgb(0,0,0)' font-size='10px'>PCI 43:00.0</text>
<rect id='PCIBridge_3_rect' class='PCIBridge' x='1026' y='131' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_3_line' class='PCIBridge' x1='1033' y1='134' x2='1040' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_3_line_2' class='PCIBridge' x1='1040' y1='134' x2='1064' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_3_text_2' class='PCIBridge' font-family='Monospace' x='1043' y='147' fill='rgb(0,0,0)' font-size='10px'>0.2</text>
<line id='PCIBridge_3_line_1' class='PCIBridge' x1='1040' y1='134' x2='1040' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCIBridge_4_rect' class='PCIBridge' x='1064' y='131' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_4_line' class='PCIBridge' x1='1071' y1='134' x2='1078' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_4_line_2' class='PCIBridge' x1='1078' y1='134' x2='1102' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_4_line_1' class='PCIBridge' x1='1078' y1='134' x2='1078' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCI_2_rect' class='PCI' x='1102' y='131' width='80' height='24' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_2_text' class='PCI' font-family='Monospace' x='1109' y='148' fill='rgb(0,0,0)' font-size='10px'>PCI 46:00.0</text>
<rect id='PCIBridge_5_rect' class='PCIBridge' x='1026' y='162' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_5_line' class='PCIBridge' x1='1033' y1='165' x2='1040' y2='165' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='PCIBridge_5_line_2' class='PCIBridge' x1='1040' y1='165' x2='1064' y2='165' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_5_text_2' class='PCIBridge' font-family='Monospace' x='1043' y='178' fill='rgb(0,0,0)' font-size='10px'>1.0</text>
<line id='PCIBridge_5_line_3' class='PCIBridge' x1='1040' y1='227' x2='1064' y2='227' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCIBridge_5_text_3' class='PCIBridge' font-family='Monospace' x='1043' y='240' fill='rgb(0,0,0)' font-size='10px'>1.0</text>
<line id='PCIBridge_5_line_1' class='PCIBridge' x1='1040' y1='165' x2='1040' y2='227' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCI_3_rect' class='PCI' x='1064' y='162' width='80' height='55' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_3_text' class='PCI' font-family='Monospace' x='1071' y='179' fill='rgb(0,0,0)' font-size='10px'>PCI 48:00.0</text>
<rect id='Net_1_rect' class='Net' x='1071' y='186' width='62' height='24' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Net_1_text' class='Net' font-family='Monospace' x='1078' y='203' fill='rgb(0,0,0)' font-size='10px'>Net eno1</text>
<rect id='PCI_4_rect' class='PCI' x='1064' y='224' width='80' height='55' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_4_text' class='PCI' font-family='Monospace' x='1071' y='241' fill='rgb(0,0,0)' font-size='10px'>PCI 48:00.1</text>
<rect id='Net_2_rect' class='Net' x='1071' y='248' width='62' height='24' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Net_2_text' class='Net' font-family='Monospace' x='1078' y='265' fill='rgb(0,0,0)' font-size='10px'>Net eno2</text>
<rect id='Misc_0_rect' class='Misc' x='1189' y='24' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_0_text' class='Misc' font-family='Monospace' x='1196' y='41' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_1_rect' class='Misc' x='1282' y='24' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_1_text' class='Misc' font-family='Monospace' x='1289' y='41' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_2_rect' class='Misc' x='988' y='331' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_2_text' class='Misc' font-family='Monospace' x='995' y='348' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_3_rect' class='Misc' x='1081' y='331' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_3_text' class='Misc' font-family='Monospace' x='1088' y='348' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_4_rect' class='Misc' x='1174' y='331' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_4_text' class='Misc' font-family='Monospace' x='1181' y='348' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_5_rect' class='Misc' x='988' y='362' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_5_text' class='Misc' font-family='Monospace' x='995' y='379' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_6_rect' class='Misc' x='1081' y='362' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_6_text' class='Misc' font-family='Monospace' x='1088' y='379' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_7_rect' class='Misc' x='1174' y='362' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_7_text' class='Misc' font-family='Monospace' x='1181' y='379' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='anon_rect' x='0' y='393' width='1375' height='38' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='anon_text' font-family='Monospace' x='7' y='410' fill='rgb(0,0,0)' font-size='10px'>Host: epyc</text>
<text id='anon_text_1' font-family='Monospace' x='7' y='424' fill='rgb(0,0,0)' font-size='10px'>Date: Mon 04 Mar 2024 12:28:26 AM UTC</text>
<rect id='Misc_2_rect' class='Misc' x='988' y='286' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_2_text' class='Misc' font-family='Monospace' x='995' y='303' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_3_rect' class='Misc' x='1081' y='286' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_3_text' class='Misc' font-family='Monospace' x='1088' y='303' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_4_rect' class='Misc' x='1174' y='286' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_4_text' class='Misc' font-family='Monospace' x='1181' y='303' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_5_rect' class='Misc' x='988' y='317' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_5_text' class='Misc' font-family='Monospace' x='995' y='334' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_6_rect' class='Misc' x='1081' y='317' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_6_text' class='Misc' font-family='Monospace' x='1088' y='334' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='Misc_7_rect' class='Misc' x='1174' y='317' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_7_text' class='Misc' font-family='Monospace' x='1181' y='334' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='anon_rect' x='0' y='348' width='1375' height='38' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='anon_text' font-family='Monospace' x='7' y='365' fill='rgb(0,0,0)' font-size='10px'>Host: epyc</text>
<text id='anon_text_1' font-family='Monospace' x='7' y='379' fill='rgb(0,0,0)' font-size='10px'>Date: Mon 05 Jun 2023 03:19:33 PM UTC</text>
</svg>

Before

Width:  |  Height:  |  Size: 30 KiB

After

Width:  |  Height:  |  Size: 29 KiB

@ -1,25 +1,20 @@
# epyc
```
System: Host: epyc Kernel: 6.7.7 x86_64 bits: 64 compiler: gcc v: 12.3.0
parameters: initrd=\efi\nixos\48dkb2vcxwmxxfk7wpl0qx884ibz5gk5-initrd-linux-6.7.7-initrd.efi
init=/nix/store/vz6r23gya5q3b8lr1yiadkv6h5lcjmmz-nixos-system-epyc-23.11pre-git/init
console=tty0 console=ttyS0,115200 pci=realloc console=ttyS1,115200n8 console=tty1
System: Host: epyc Kernel: 6.1.31 x86_64 bits: 64 compiler: gcc v: 12.2.0
parameters: initrd=\efi\nixos\11cjvasd1nh1dk783alsa14v4w00d467-initrd-linux-6.1.31-initrd.efi
init=/nix/store/9lnrp5ryf7gh3j94q8xn39zyl21kaw9f-nixos-system-epyc-23.05.419.3a70dd92993/init
loglevel=4
Console: N/A Distro: NixOS 23.11 (Tapir)
Console: N/A Distro: NixOS 23.05 (Stoat)
Machine: Type: Server System: Supermicro product: Super Server v: 0123456789 serial: 0123456789
Chassis: type: 17 v: 0123456789 serial: 0123456789
Mobo: Supermicro model: H12SSL-i v: 1.01 serial: WM21AS601818 UEFI: American Megatrends
v: 2.4 date: 04/14/2022
Memory: RAM: total: 251.54 GiB used: 4.56 GiB (1.8%)
Memory: RAM: total: 125.64 GiB used: 2.32 GiB (1.8%)
Array-1: capacity: 4 TiB note: check slots: 8 EC: Multi-bit ECC
max-module-size: 512 GiB note: est.
Device-1: DIMMA1 size: 64 GiB speed: 3200 MT/s type: DDR4
detail: synchronous registered (buffered) bus-width: 64 bits total: 72 bits
manufacturer: Samsung part-no: M393A8G40AB2-CWE serial: H0S100013847D8748B
Device-2: DIMMB1 size: 64 GiB speed: 3200 MT/s type: DDR4
detail: synchronous registered (buffered) bus-width: 64 bits total: 72 bits
manufacturer: Samsung part-no: M393A8G40AB2-CWE serial: H0MK00013847D79D40
Device-1: DIMMA1 size: No Module Installed
Device-2: DIMMB1 size: No Module Installed
Device-3: DIMMC1 size: 64 GiB speed: 3200 MT/s type: DDR4
detail: synchronous registered (buffered) bus-width: 64 bits total: 72 bits
manufacturer: Samsung part-no: M393A8G40AB2-CWE serial: Y10R120249249E38E1
@ -32,7 +27,7 @@ Memory: RAM: total: 251.54 GiB used: 4.56 GiB (1.8%)
Device-8: DIMMH1 size: No Module Installed
PCI Slots: Slot: 1 type: x16 PCI Express 4 x16 CPU SLOT1 PCI-E 4.0 X16 status: Available
length: Long
Slot: 2 type: x8 PCI Express 4 x8 CPU SLOT2 PCI-E 4.0 X8 status: Available length: Long
Slot: 2 type: x8 PCI Express 4 x8 CPU SLOT2 PCI-E 4.0 X8 status: In Use length: Long
Slot: 3 type: x16 PCI Express 4 x16 CPU SLOT3 PCI-E 4.0 X16 status: Available
length: Long
Slot: 4 type: x8 PCI Express 4 x8 CPU SLOT4 PCI-E 4.0 X8 status: Available length: Long
@ -45,16 +40,16 @@ PCI Slots: Slot: 1 type: x16 PCI Express 4 x16 CPU SLOT1 PCI-E 4.0 X16 status: A
Slot: N/A type: x4 M.2 Socket 3 PCI-E M.2-M1 status: Available length: Short
Slot: N/A type: x4 M.2 Socket 3 PCI-E M.2-M2 status: Available length: Short
CPU: Info: 64-Core model: AMD EPYC 7763 socket: SP3 bits: 64 type: MT MCP arch: Zen 3
family: 19 (25) model-id: 1 stepping: 1 microcode: A0011D3 cache: L1: 4 MiB L2: 32 MiB
family: 19 (25) model-id: 1 stepping: 1 microcode: A0011CE cache: L1: 4 MiB L2: 32 MiB
L3: 256 MiB
flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm bogomips: 627200
flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm bogomips: 627203
Speed: 2450 MHz min/max: 1500/2450 MHz base/boost: 2450/3525 boost: enabled
volts: 1.1 V ext-clock: 100 MHz Core speeds (MHz): 1: 2450 2: 2450 3: 2450 4: 2450
5: 2450 6: 2450 7: 2450 8: 2450 9: 2450 10: 2450 11: 2450 12: 2450 13: 2450 14: 2450
15: 2450 16: 2450 17: 2450 18: 2450 19: 2450 20: 2450 21: 2450 22: 2450 23: 2450
15: 2450 16: 2450 17: 2450 18: 2450 19: 2450 20: 2450 21: 1799 22: 2450 23: 2450
24: 2450 25: 2450 26: 2450 27: 2450 28: 2450 29: 2450 30: 2450 31: 2450 32: 2450
33: 2450 34: 2450 35: 2450 36: 2450 37: 2450 38: 2450 39: 2450 40: 2450 41: 2450
42: 2450 43: 2450 44: 2450 45: 3525 46: 2450 47: 2450 48: 2450 49: 2450 50: 2450
42: 2450 43: 2450 44: 3525 45: 2450 46: 2450 47: 2450 48: 2450 49: 2450 50: 2450
51: 2450 52: 2450 53: 2450 54: 2450 55: 2450 56: 2450 57: 2450 58: 2450 59: 2450
60: 2450 61: 2450 62: 2450 63: 2450 64: 2450 65: 2450 66: 2450 67: 2450 68: 2450
69: 2450 70: 2450 71: 2450 72: 2450 73: 2450 74: 2450 75: 2450 76: 2450 77: 2450
@ -62,16 +57,14 @@ CPU: Info: 64-Core model: AMD EPYC 7763 socket: SP3 bits: 64 type: MT MCP
87: 2450 88: 2450 89: 2450 90: 2450 91: 2450 92: 2450 93: 2450 94: 2450 95: 2450
96: 2450 97: 2450 98: 2450 99: 2450 100: 2450 101: 2450 102: 2450 103: 2450 104: 2450
105: 2450 106: 2450 107: 2450 108: 2450 109: 2450 110: 2450 111: 2450 112: 2450
113: 2450 114: 2450 115: 2450 116: 2450 117: 2450 118: 2450 119: 2450 120: 2450
113: 2450 114: 2450 115: 2450 116: 2450 117: 2450 118: 1799 119: 2450 120: 2450
121: 2450 122: 2450 123: 2450 124: 2450 125: 2450 126: 2450 127: 2450 128: 2450
Vulnerabilities: Type: gather_data_sampling status: Not affected
Type: itlb_multihit status: Not affected
Vulnerabilities: Type: itlb_multihit status: Not affected
Type: l1tf status: Not affected
Type: mds status: Not affected
Type: meltdown status: Not affected
Type: mmio_stale_data status: Not affected
Type: retbleed status: Not affected
Type: spec_rstack_overflow mitigation: Safe RET
Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl
Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization
Type: spectre_v2 mitigation: Retpolines, IBPB: conditional, IBRS_FW, STIBP: always-on,
@ -79,47 +72,50 @@ CPU: Info: 64-Core model: AMD EPYC 7763 socket: SP3 bits: 64 type: MT MCP
Type: srbds status: Not affected
Type: tsx_async_abort status: Not affected
Graphics: Device-1: ASPEED Graphics Family vendor: Super Micro H12SSL-i driver: ast v: kernel
bus-ID: 45:00.0 chip-ID: 1a03:2000 class-ID: 0300
bus-ID: 46:00.0 chip-ID: 1a03:2000 class-ID: 0300
Display: server: No display server data found. Headless machine? tty: N/A
Message: Advanced graphics data unavailable in console for root.
Audio: Message: No device data found.
Network: Device-1: Broadcom NetXtreme BCM5720 Gigabit Ethernet PCIe vendor: Super Micro H12SSL-i
driver: tg3 v: kernel port: N/A bus-ID: 47:00.0 chip-ID: 14e4:165f class-ID: 0200
IF: nat-lan state: up speed: 1000 Mbps duplex: full mac: 3c:ec:ef:7e:bd:c8
IP v4: 10.32.65.13/20 type: dynamic scope: global
IP v6: fe80::3eec:efff:fe7e:bdc8/64 virtual: proto kernel_ll scope: link
Network: Device-1: Intel 82599ES 10-Gigabit SFI/SFP+ Network driver: N/A modules: ixgbe
port: 1000 bus-ID: 43:00.0 chip-ID: 8086:10fb class-ID: 0200
Device-2: Broadcom NetXtreme BCM5720 Gigabit Ethernet PCIe vendor: Super Micro H12SSL-i
driver: tg3 v: kernel port: N/A bus-ID: 47:00.1 chip-ID: 14e4:165f class-ID: 0200
IF: wan state: up speed: 1000 Mbps duplex: full mac: 3c:ec:ef:7e:bd:c9
IP v6: 2001:bc8:38ee:100::500/128 scope: global
IP v6: fe80::3eec:efff:fe7e:bdc9/64 virtual: proto kernel_ll scope: link
IF-ID-1: enp73s0f3u1u2c2 state: down mac: be:3a:f2:b6:05:9f
driver: tg3 v: kernel port: 2000 bus-ID: 48:00.0 chip-ID: 14e4:165f class-ID: 0200
IF: eno1 state: up speed: 1000 Mbps duplex: full mac: 3c:ec:ef:7e:bd:c8
IP v4: 10.32.65.13/20 type: dynamic noprefixroute scope: global broadcast: 10.32.79.255
IP v6: fe80::3eec:efff:fe7e:bdc8/64 scope: link
Device-3: Broadcom NetXtreme BCM5720 Gigabit Ethernet PCIe vendor: Super Micro H12SSL-i
driver: tg3 v: kernel port: 2000 bus-ID: 48:00.1 chip-ID: 14e4:165f class-ID: 0200
IF: eno2 state: up speed: 1000 Mbps duplex: full mac: 3c:ec:ef:7e:bd:c9
IP v4: 169.254.249.6/16 type: noprefixroute scope: global broadcast: 169.254.255.255
IP v6: 2001:470:ca5e:dee:587c:7a50:f36c:cae8/64 type: temporary dynamic scope: global
IP v6: 2001:470:ca5e:dee:3eec:efff:fe7e:bdc9/64 type: dynamic mngtmpaddr noprefixroute
scope: global
IP v6: fe80::3eec:efff:fe7e:bdc9/64 scope: link
IF-ID-1: enp74s0f3u1u2c2 state: unknown speed: -1 duplex: half mac: be:3a:f2:b6:05:9f
IP v4: 169.254.3.1/24 type: dynamic noprefixroute scope: global
broadcast: 169.254.3.255
IP v6: fe80::bc3a:f2ff:feb6:59f/64 scope: link
WAN IP: 82.65.118.1
Bluetooth: Device-1: Insyde RNDIS/Ethernet Gadget type: USB driver: rndis_host v: kernel
bus-ID: 7-1.2:4 chip-ID: 0b1f:03ee class-ID: 0a00
Report: This feature requires one of these tools: hciconfig/bt-adapter
Drives: Local Storage: total: 9.82 TiB used: 1.06 TiB (10.7%)
ID-1: /dev/nvme0n1 maj-min: 259:2 vendor: Samsung model: MZWLJ7T6HALA-00AU3
Drives: Local Storage: total: 6.19 TiB used: 2.08 GiB (0.0%)
ID-1: /dev/nvme0n1 maj-min: 259:1 vendor: Samsung model: MZWLJ7T6HALA-00AU3
size: 6.19 TiB block-size: physical: 512 B logical: 512 B rotation: SSD
serial: S5RTNG0T110589 rev: EPK96R5Q temp: 40 Celsius C scheme: GPT
SMART: yes health: PASSED on: 273d 5h cycles: 113 read-units: 192,543,495 [98.5 TB]
written-units: 258,494,659 [132 TB]
ID-2: /dev/nvme1n1 maj-min: 259:0 vendor: Intel model: SSDPE2KX040T8 size: 3.64 TiB
block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s lanes: 4 rotation: SSD
serial: PHLJ940301WZ4P0DGN rev: VDV10131 temp: 33 Celsius C
SMART: yes health: PASSED on: 2y 188d 9h cycles: 36 read-units: 9,478,214,631 [4.85 PB]
written-units: 9,225,614,032 [4.72 PB]
Partition: ID-1: / raw-size: 6.18 TiB size: 6.18 TiB (100.00%) used: 1.06 TiB (17.1%) fs: btrfs
serial: S5RTNG0T110589 rev: EPK96R5Q temp: 44 Celsius C scheme: GPT
SMART: yes health: PASSED on: 24 hrs cycles: 44 read-units: 1,449,016 [741 GB]
written-units: 13,364,537 [6.84 TB]
Partition: ID-1: / raw-size: 6.18 TiB size: 6.18 TiB (100.00%) used: 2.04 GiB (0.0%) fs: btrfs
block-size: 4096 B dev: /dev/dm-0 maj-min: 254:0 mapped: nixroot
ID-2: /boot raw-size: 1023 MiB size: 1021 MiB (99.80%) used: 23.9 MiB (2.3%) fs: vfat
block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:3
ID-2: /boot raw-size: 1023 MiB size: 1021 MiB (99.80%) used: 37 MiB (3.6%) fs: vfat
block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:2
Swap: Kernel: swappiness: 60 (default) cache-pressure: 100 (default)
ID-1: swap-1 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -2
dev: /dev/nvme0n1p2 maj-min: 259:4
dev: /dev/nvme0n1p2 maj-min: 259:3
Sensors: Message: No ipmi sensor data found.
Message: No sensor data found. Is lm-sensors configured?
Info: Processes: 1226 Uptime: N/A wakeups: 0 Init: systemd v: 254 target: multi-user.target
tool: systemctl Compilers: gcc: 12.3.0 Packages: nix-default: 0 nix-sys: 415 lib: 65
nix-usr: 0 Client: Sudo v: 1.9.15p2 inxi: 3.3.04
Info: Processes: 1010 Uptime: 20h 25m wakeups: 0 Init: systemd v: 253
target: multi-user.target tool: systemctl Compilers: gcc: 12.2.0 Packages:
nix-default: 0 nix-sys: 268 lib: 47 nix-usr: 0 Client: Sudo v: 1.9.13p3 inxi: 3.3.04
```
![hardware topology](epyc.lstopo.svg)

@ -0,0 +1,63 @@
<?xml version='1.0' encoding='UTF-8'?>
<svg xmlns='http://www.w3.org/2000/svg' xmlns:xlink='http://www.w3.org/1999/xlink' width='412px' height='462px' viewBox='0 0 412px 462px' version='1.1'>
<rect id='Machine_0_rect' class='Machine' x='0' y='0' width='412' height='424' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Machine_0_text' class='Machine' font-family='Monospace' x='7' y='17' fill='rgb(0,0,0)' font-size='10px'>Machine (5936MB total)</text>
<rect id='Package_0_rect' class='Package' x='7' y='24' width='178' height='255' fill='rgb(210,231,164)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Package_0_text' class='Package' font-family='Monospace' x='14' y='41' fill='rgb(0,0,0)' font-size='10px'>Package L#0</text>
<rect id='L3_0_rect' class='L3' x='14' y='79' width='80' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='L3_0_text' class='L3' font-family='Monospace' x='21' y='96' fill='rgb(0,0,0)' font-size='10px'>L3 (16MB)</text>
<rect id='L2_0_rect' class='L2' x='14' y='110' width='80' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='L2_0_text' class='L2' font-family='Monospace' x='21' y='127' fill='rgb(0,0,0)' font-size='10px'>L2 (4096KB)</text>
<rect id='L1d_0_rect' class='L1d' x='14' y='141' width='74' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='L1d_0_text' class='L1d' font-family='Monospace' x='21' y='158' fill='rgb(0,0,0)' font-size='10px'>L1d (32KB)</text>
<rect id='L1i_0_rect' class='L1i' x='14' y='172' width='74' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='L1i_0_text' class='L1i' font-family='Monospace' x='21' y='189' fill='rgb(0,0,0)' font-size='10px'>L1i (32KB)</text>
<rect id='Core_0_rect' class='Core' x='14' y='203' width='64' height='69' fill='rgb(190,190,190)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Core_0_text' class='Core' font-family='Monospace' x='21' y='220' fill='rgb(0,0,0)' font-size='10px'>Core L#0</text>
<rect id='PU_0_rect' class='PU' x='21' y='227' width='50' height='38' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PU_0_text' class='PU' font-family='Monospace' x='28' y='244' fill='rgb(0,0,0)' font-size='10px'>PU L#0</text>
<text id='PU_0_text_1' class='PU' font-family='Monospace' x='37' y='258' fill='rgb(0,0,0)' font-size='10px'>P#0</text>
<rect id='NUMANode_0_rect' class='NUMANode' x='14' y='48' width='164' height='24' fill='rgb(239,223,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='NUMANode_0_text' class='NUMANode' font-family='Monospace' x='21' y='65' fill='rgb(0,0,0)' font-size='10px'>NUMANode L#0 P#0 (5936MB)</text>
<rect id='HostBridge_0_rect' class='HostBridge' x='192' y='24' width='7' height='7' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='HostBridge_0_line' class='HostBridge' x1='199' y1='27' x2='206' y2='27' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='HostBridge_0_line_2' class='HostBridge' x1='206' y1='27' x2='230' y2='27' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='HostBridge_0_line_3' class='HostBridge' x1='206' y1='103' x2='230' y2='103' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='HostBridge_0_line_4' class='HostBridge' x1='206' y1='134' x2='230' y2='134' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='HostBridge_0_line_5' class='HostBridge' x1='206' y1='165' x2='230' y2='165' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='HostBridge_0_line_6' class='HostBridge' x1='206' y1='241' x2='230' y2='241' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='HostBridge_0_line_7' class='HostBridge' x1='206' y1='303' x2='230' y2='303' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='HostBridge_0_line_8' class='HostBridge' x1='206' y1='365' x2='230' y2='365' stroke='rgb(0,0,0)' stroke-width='1'/>
<line id='HostBridge_0_line_1' class='HostBridge' x1='206' y1='27' x2='206' y2='365' stroke='rgb(0,0,0)' stroke-width='1'/>
<rect id='PCI_0_rect' class='PCI' x='230' y='24' width='82' height='69' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_0_text' class='PCI' font-family='Monospace' x='237' y='41' fill='rgb(0,0,0)' font-size='10px'>PCI 00:01.1</text>
<rect id='Block_0_rect' class='Block' x='237' y='48' width='68' height='38' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Block_0_text' class='Block' font-family='Monospace' x='244' y='65' fill='rgb(0,0,0)' font-size='10px'>Block sr0</text>
<text id='Block_0_text_1' class='Block' font-family='Monospace' x='244' y='79' fill='rgb(0,0,0)' font-size='10px'>541 MB</text>
<rect id='PCI_1_rect' class='PCI' x='230' y='100' width='80' height='24' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_1_text' class='PCI' font-family='Monospace' x='237' y='117' fill='rgb(0,0,0)' font-size='10px'>PCI 00:02.0</text>
<rect id='PCI_2_rect' class='PCI' x='230' y='131' width='80' height='24' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_2_text' class='PCI' font-family='Monospace' x='237' y='148' fill='rgb(0,0,0)' font-size='10px'>PCI 00:03.0</text>
<rect id='PCI_3_rect' class='PCI' x='230' y='162' width='82' height='69' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_3_text' class='PCI' font-family='Monospace' x='237' y='179' fill='rgb(0,0,0)' font-size='10px'>PCI 00:05.0</text>
<rect id='Block_1_rect' class='Block' x='237' y='186' width='68' height='38' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Block_1_text' class='Block' font-family='Monospace' x='244' y='203' fill='rgb(0,0,0)' font-size='10px'>Block sda</text>
<text id='Block_1_text_1' class='Block' font-family='Monospace' x='244' y='217' fill='rgb(0,0,0)' font-size='10px'>40 GB</text>
<rect id='PCI_4_rect' class='PCI' x='230' y='238' width='82' height='55' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_4_text' class='PCI' font-family='Monospace' x='237' y='255' fill='rgb(0,0,0)' font-size='10px'>PCI 00:12.0</text>
<rect id='Net_2_rect' class='Net' x='237' y='262' width='68' height='24' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Net_2_text' class='Net' font-family='Monospace' x='244' y='279' fill='rgb(0,0,0)' font-size='10px'>Net ens18</text>
<rect id='PCI_5_rect' class='PCI' x='230' y='300' width='82' height='55' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_5_text' class='PCI' font-family='Monospace' x='237' y='317' fill='rgb(0,0,0)' font-size='10px'>PCI 00:13.0</text>
<rect id='Net_3_rect' class='Net' x='237' y='324' width='68' height='24' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Net_3_text' class='Net' font-family='Monospace' x='244' y='341' fill='rgb(0,0,0)' font-size='10px'>Net ens19</text>
<rect id='PCI_6_rect' class='PCI' x='230' y='362' width='82' height='55' fill='rgb(190,210,149)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='PCI_6_text' class='PCI' font-family='Monospace' x='237' y='379' fill='rgb(0,0,0)' font-size='10px'>PCI 00:14.0</text>
<rect id='Net_4_rect' class='Net' x='237' y='386' width='68' height='24' fill='rgb(222,222,222)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Net_4_text' class='Net' font-family='Monospace' x='244' y='403' fill='rgb(0,0,0)' font-size='10px'>Net ens20</text>
<rect id='Misc_0_rect' class='Misc' x='319' y='24' width='86' height='24' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='Misc_0_text' class='Misc' font-family='Monospace' x='326' y='41' fill='rgb(0,0,0)' font-size='10px'>MemoryModule</text>
<rect id='anon_rect' x='0' y='424' width='412' height='38' fill='rgb(255,255,255)' stroke='rgb(0,0,0)' stroke-width='1'/>
<text id='anon_text' font-family='Monospace' x='7' y='441' fill='rgb(0,0,0)' font-size='10px'>Host: vieuxtype</text>
<text id='anon_text_1' font-family='Monospace' x='7' y='455' fill='rgb(0,0,0)' font-size='10px'>Date: Mon 05 Jun 2023 08:15:31 PM CEST</text>
</svg>

After

Width:  |  Height:  |  Size: 7.9 KiB

@ -0,0 +1,83 @@
# vieuxtype
```
System: Host: vieuxtype Kernel: 6.1.31 x86_64 bits: 64 compiler: gcc v: 12.2.0
parameters: initrd=\efi\nixos\mf13ryz0gl48s8672gzg80lvq9yd8189-initrd-linux-6.1.31-initrd.efi
init=/nix/store/5c8yhqcmf24d61m99cpqc3ffjma90cxs-nixos-system-vieuxtype-23.05.553.e7603eba51f/init
console=ttyS0,115200 panic=30 boot.panic_on_fail loglevel=4
Console: N/A Distro: NixOS 23.05 (Stoat)
Machine: Type: Kvm System: QEMU product: Standard PC (i440FX + PIIX, 1996) v: pc-i440fx-7.2
serial: N/A Chassis: type: 1 v: pc-i440fx-7.2 serial: N/A
Mobo: N/A model: N/A serial: N/A UEFI: EFI Development Kit II / OVMF v: 3.20230228-2
date: 04/04/2023
Memory: RAM: total: 5.8 GiB used: 820.6 MiB (13.8%)
Array-1: capacity: 6 GiB slots: 1 EC: Multi-bit ECC max-module-size: 6 GiB note: est.
Device-1: DIMM 0 size: 6 GiB speed: N/A type: RAM detail: other bus-width: Unknown
total: Unknown manufacturer: QEMU part-no: Not Specified serial: Not Specified
PCI Slots: Message: No PCI Slot data found.
CPU: Info: Single Core model: Common KVM bits: 64 type: MCP arch: Netburst Presler
family: F (15) model-id: 6 stepping: 1 microcode: 1 cache: L2: 16 MiB
flags: lm nx pae sse sse2 sse3 bogomips: 5199
Speed: 2600 MHz min/max: N/A base/boost: 2000/2000 Core speed (MHz): 1: 2600
Vulnerabilities: Type: itlb_multihit status: KVM: VMX unsupported
Type: l1tf mitigation: PTE Inversion
Type: mds
status: Vulnerable: Clear CPU buffers attempted, no microcode; SMT Host state unknown
Type: meltdown mitigation: PTI
Type: mmio_stale_data status: Unknown: No mitigations
Type: retbleed status: Not affected
Type: spec_store_bypass status: Vulnerable
Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization
Type: spectre_v2
mitigation: Retpolines, STIBP: disabled, RSB filling, PBRSB-eIBRS: Not affected
Type: srbds status: Not affected
Type: tsx_async_abort status: Not affected
Graphics: Device-1: vendor: Red Hat driver: bochs-drm v: N/A alternate: bochs bus-ID: 00:02.0
chip-ID: 1234:1111 class-ID: 0300
Display: server: No display server data found. Headless machine? tty: N/A
Message: Advanced graphics data unavailable in console for root.
Audio: Message: No device data found.
Network: Device-1: Intel 82371AB/EB/MB PIIX4 ACPI vendor: Red Hat Qemu virtual machine
type: network bridge driver: piix4_smbus v: N/A modules: i2c_piix4 port: 10c0
bus-ID: 00:01.3 chip-ID: 8086:7113 class-ID: 0680
Device-2: Red Hat Virtio network driver: virtio-pci v: 1 modules: virtio_pci port: 10e0
bus-ID: 00:12.0 chip-ID: 1af4:1000 class-ID: 0200
IF: ens18 state: up speed: -1 duplex: unknown mac: da:3e:b0:11:ae:0a
IP v4: 169.254.129.42/16 type: noprefixroute scope: global broadcast: 169.254.255.255
IP v6: 2a01:e0a:5f9:9681:33ba:55f5:6e55:beef/64 type: temporary dynamic scope: global
IP v6: 2a01:e0a:5f9:9681:d83e:b0ff:fe11:ae0a/64 type: dynamic mngtmpaddr scope: global
IP v6: 2a01:e0a:5f9:9681:a498:fffb:e48d:299/64 scope: global
IP v6: fe80::d83e:b0ff:fe11:ae0a/64 scope: link
Device-3: Red Hat Virtio network driver: virtio-pci v: 1 modules: virtio_pci port: 1400
bus-ID: 00:13.0 chip-ID: 1af4:1000 class-ID: 0200
IF: ens19 state: up speed: -1 duplex: unknown mac: 72:38:5f:a6:82:5a
IP v4: 10.32.64.196/20 type: dynamic noprefixroute scope: global
broadcast: 10.32.79.255
IP v6: fe80::7038:5fff:fea6:825a/64 scope: link
Device-4: Red Hat Virtio network driver: virtio-pci v: 1 modules: virtio_pci port: 1420
bus-ID: 00:14.0 chip-ID: 1af4:1000 class-ID: 0200
IF: ens20 state: up speed: -1 duplex: unknown mac: 8e:38:09:a2:8c:9e
IP v4: 10.32.64.224/20 type: dynamic noprefixroute scope: global
broadcast: 10.32.79.255
IP v6: fe80::8c38:9ff:fea2:8c9e/64 scope: link
IF-ID-1: tailscale0 state: unknown speed: -1 duplex: full mac: N/A
IP v6: fe80::7d4f:3369:71cc:66d5/64 virtual: stable-privacy scope: link
WAN IP: 82.65.118.1
Drives: Local Storage: total: 40 GiB used: 10.33 GiB (25.8%)
ID-1: /dev/sda maj-min: 8:0 vendor: QEMU model: HARDDISK size: 40 GiB block-size:
physical: 512 B logical: 512 B speed: <unknown> serial: drive-scsi0 rev: 2.5+
scheme: GPT
SMART: no
Partition: ID-1: / raw-size: 11.5 GiB size: 11.22 GiB (97.55%) used: 10.27 GiB (91.6%) fs: ext4
block-size: 4096 B dev: /dev/sda1 maj-min: 8:1
ID-2: /boot raw-size: 511 MiB size: 510 MiB (99.80%) used: 54.9 MiB (10.8%) fs: vfat
block-size: 512 B dev: /dev/sda3 maj-min: 8:3
Swap: Kernel: swappiness: 60 (default) cache-pressure: 100 (default)
ID-1: swap-1 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -2 dev: /dev/sda2
maj-min: 8:2
Sensors: Message: No sensor data found. Is lm-sensors configured?
Info: Processes: 107 Uptime: N/A wakeups: 1 Init: systemd v: 253 target: multi-user.target
tool: systemctl Compilers: gcc: 12.2.0 Packages: 899 nix-default: 9 nix-sys: 881
lib: 155 nix-usr: 9 lib: 3 Client: Sudo v: 1.9.13p3 inxi: 3.3.04
```
![hardware topology](vieuxtype.lstopo.svg)

@ -6,15 +6,14 @@
"home-manager": "home-manager",
"nixpkgs": [
"nixpkgs"
],
"systems": "systems"
]
},
"locked": {
"lastModified": 1716561646,
"narHash": "sha256-UIGtLO89RxKt7RF2iEgPikSdU53r6v/6WYB0RW3k89I=",
"lastModified": 1684153753,
"narHash": "sha256-PVbWt3qrjYAK+T5KplFcO+h7aZWfEj1UtyoKlvcDxh0=",
"owner": "ryantm",
"repo": "agenix",
"rev": "c2fc0762bbe8feb06a2e59a364fa81b3a57671c9",
"rev": "db5637d10f797bb251b94ef9040b237f4702cde3",
"type": "github"
},
"original": {
@ -23,43 +22,21 @@
"type": "github"
}
},
"attic": {
"colmena": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs",
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1711742460,
"narHash": "sha256-0O4v6e4a1toxXZ2gf5INhg4WPE5C5T+SVvsBt+45Mcc=",
"owner": "zhaofengli",
"repo": "attic",
"rev": "4dbdbee45728d8ce5788db6461aaaa89d98081f0",
"type": "github"
},
"original": {
"owner": "zhaofengli",
"repo": "attic",
"type": "github"
}
},
"colmena": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-utils": "flake-utils_2",
"nixpkgs": [
"nixpkgs"
],
"stable": "stable"
},
"locked": {
"lastModified": 1711386353,
"narHash": "sha256-gWEpb8Hybnoqb4O4tmpohGZk6+aerAbJpywKcFIiMlg=",
"lastModified": 1685163780,
"narHash": "sha256-tMwseHtEFDpO3WKeZKWqrKRAZI6TiEULidxEbzicuFg=",
"owner": "zhaofengli",
"repo": "colmena",
"rev": "cd65ef7a25cdc75052fbd04b120aeb066c3881db",
"rev": "c61bebae1dc1d57237577080b1ca1e37a3fbcebf",
"type": "github"
},
"original": {
@ -68,27 +45,6 @@
"type": "github"
}
},
"crane": {
"inputs": {
"nixpkgs": [
"attic",
"nixpkgs"
]
},
"locked": {
"lastModified": 1702918879,
"narHash": "sha256-tWJqzajIvYcaRWxn+cLUB9L9Pv4dQ3Bfit/YjU5ze3g=",
"owner": "ipetkov",
"repo": "crane",
"rev": "7195c00c272fdd92fc74e7d5a0a2844b9fadb2fb",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
@ -97,11 +53,11 @@
]
},
"locked": {
"lastModified": 1700795494,
"narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
"lastModified": 1673295039,
"narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
"rev": "87b9d090ad39b25b2400029c64825fc2a8868943",
"type": "github"
},
"original": {
@ -118,11 +74,11 @@
]
},
"locked": {
"lastModified": 1716431128,
"narHash": "sha256-t3T8HlX3udO6f4ilLcN+j5eC3m2gqsouzSGiriKK6vk=",
"lastModified": 1685970051,
"narHash": "sha256-F5ZxBD2DeNd+Q0dDKYBhv76kfjVG/X0ccXjSKpa8KdI=",
"owner": "nix-community",
"repo": "disko",
"rev": "7ffc4354dfeb37c8c725ae1465f04a9b45ec8606",
"rev": "29d632d7e8fa86f937153ecdfd7d768411001d2d",
"type": "github"
},
"original": {
@ -132,22 +88,6 @@
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1650374568,
@ -170,11 +110,11 @@
]
},
"locked": {
"lastModified": 1715865404,
"narHash": "sha256-/GJvTdTpuDjNn84j82cU6bXztE0MSkdnTWClUCRub78=",
"lastModified": 1685662779,
"narHash": "sha256-cKDDciXGpMEjP1n6HlzKinN0H+oLmNpgeCTzYnsA2po=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "8dc45382d5206bd292f9c2768b8058a8fd8311d9",
"rev": "71fb97f0d875fd4de4994dfb849f2c75e17eb6c3",
"type": "github"
},
"original": {
@ -186,11 +126,11 @@
"flake-registry": {
"flake": false,
"locked": {
"lastModified": 1705308826,
"narHash": "sha256-Z3xTYZ9EcRIqZAufZbci912MUKB0sD+qxi/KTGMFVwY=",
"lastModified": 1682423975,
"narHash": "sha256-zvOBrH3hwCedgpaWiOSHYSt+fgF/RhaJs8R5qOX6AYc=",
"owner": "NixOS",
"repo": "flake-registry",
"rev": "9c69f7bd2363e71fe5cd7f608113290c7614dcdd",
"rev": "8054bfa00d60437297d670ab3296a117e7059a10",
"type": "github"
},
"original": {
@ -200,21 +140,6 @@
}
},
"flake-utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
@ -237,11 +162,11 @@
]
},
"locked": {
"lastModified": 1703113217,
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
"lastModified": 1682203081,
"narHash": "sha256-kRL4ejWDhi0zph/FpebFYhzqlOBrk0Pl3dzGEKSAlEw=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
"rev": "32d3e39c491e2f91152c84f8ad8b003420eab0a1",
"type": "github"
},
"original": {
@ -257,27 +182,27 @@
]
},
"locked": {
"lastModified": 1717527182,
"narHash": "sha256-vWSkg6AMok1UUQiSYVdGMOXKD2cDFnajITiSi0Zjd1A=",
"lastModified": 1667907331,
"narHash": "sha256-bHkAwkYlBjkupPUFcQjimNS8gxWSWjOTevEuwdnp5m0=",
"owner": "rycee",
"repo": "home-manager",
"rev": "845a5c4c073f74105022533907703441e0464bc3",
"rev": "6639e3a837fc5deb6f99554072789724997bc8e5",
"type": "github"
},
"original": {
"owner": "rycee",
"ref": "release-24.05",
"ref": "release-22.05",
"repo": "home-manager",
"type": "github"
}
},
"nixos-hardware": {
"locked": {
"lastModified": 1716715385,
"narHash": "sha256-fe6Z33pbfqu4TI5ijmcaNc5vRBs633tyxJ12HTghy3w=",
"lastModified": 1684899633,
"narHash": "sha256-NtwerXX8UFsoNy6k+DukJMriWtEjQtMU/Urbff2O2Dg=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "2e7d6c568063c83355fe066b8a8917ee758de1b8",
"rev": "4cc688ee711159b9bcb5a367be44007934e1a49d",
"type": "github"
},
"original": {
@ -288,43 +213,27 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1711401922,
"narHash": "sha256-QoQqXoj8ClGo0sqD/qWKFWezgEwUL0SUh37/vY2jNhc=",
"lastModified": 1685952468,
"narHash": "sha256-YCOr9kttCqoa9IZMjHxX6SlwenTg7FsSmG9TaT76mSE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "07262b18b97000d16a4bdb003418bd2fb067a932",
"rev": "70f7275b32f49bc67ae3532b758b80cb6c27f98a",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1711460390,
"narHash": "sha256-akSgjDZL6pVHEfSE6sz1DNSXuYX6hq+P/1Z5IoYWs7E=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "44733514b72e732bd49f5511bd0203dea9b9a434",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"ref": "release-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1716715802,
"narHash": "sha256-usk0vE7VlxPX8jOavrtpOqphdfqEQpf9lgedlY/r66c=",
"lastModified": 1685938391,
"narHash": "sha256-96Jw6TbWDLSopt5jqCW8w1Fc1cjQyZlhfBnJ3OZGpME=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e2dd4e18cc1c7314e24154331bae07df76eb582f",
"rev": "31cd1b4afbaf0b1e81272ee9c31d1ab606503aed",
"type": "github"
},
"original": {
@ -334,29 +243,13 @@
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1717796960,
"narHash": "sha256-BKjQ9tQdsuoROrojHZb7KTAv95WprqCkNFvuzatfEo0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8e0a5f16b7bf7f212be068dd302c49888c6ad68f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05-small",
"repo": "nixpkgs",
"type": "github"
}
},
"nur": {
"locked": {
"lastModified": 1716741358,
"narHash": "sha256-4bxptwbmplGKq3W4tl6Zem/bOHsdLP4DSPcm/FfCaFE=",
"lastModified": 1685980073,
"narHash": "sha256-7BkreZ2cH488dR1XPcdlALj+2g+NvrZdG9ZhwRt0YFI=",
"owner": "nix-community",
"repo": "NUR",
"rev": "c65a3bde6793b437a705edfe5ff8435cbb8307a2",
"rev": "de817406e39c1f9be28fde1d62c1f1f0c91acb09",
"type": "github"
},
"original": {
@ -368,14 +261,13 @@
"root": {
"inputs": {
"agenix": "agenix",
"attic": "attic",
"colmena": "colmena",
"disko": "disko",
"flake-parts": "flake-parts",
"flake-registry": "flake-registry",
"home-manager": "home-manager_2",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_2",
"nixpkgs": "nixpkgs",
"nixpkgs-unstable": "nixpkgs-unstable",
"nur": "nur",
"srvos": "srvos"
@ -388,11 +280,11 @@
]
},
"locked": {
"lastModified": 1716425501,
"narHash": "sha256-BSLhmGYY1khyyBAjraR+N0Pa9Nha/et5yQQlEZxcfkU=",
"lastModified": 1685966850,
"narHash": "sha256-HaWNbihBIBATmSbuXLzA92C4858tNdS9Q5kRHJNagVo=",
"owner": "numtide",
"repo": "srvos",
"rev": "1122cd50a23647e09c3e7a679d37ec02113bc412",
"rev": "4f22e6fcaf17c6313c2ecdc996760c3e4b14a623",
"type": "github"
},
"original": {
@ -403,34 +295,19 @@
},
"stable": {
"locked": {
"lastModified": 1696039360,
"narHash": "sha256-g7nIUV4uq1TOVeVIDEZLb005suTWCUjSY0zYOlSBsyE=",
"lastModified": 1669735802,
"narHash": "sha256-qtG/o/i5ZWZLmXw108N2aPiVsxOcidpHJYNkT45ry9Q=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "32dcb45f66c0487e92db8303a798ebc548cadedc",
"rev": "731cc710aeebecbf45a258e977e8b68350549522",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.05",
"ref": "nixos-22.11",
"repo": "nixpkgs",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",

@ -1,6 +1,13 @@
{
description = "NixOS configuration with flakes";
nixConfig.extra-substituters = [
"https://newtype.cachix.org"
];
nixConfig.extra-trusted-public-keys = [
"newtype.cachix.org-1:Gd5G2EVFNJslfR3PxA2+JY7mHT6MwVJ6biv5Cg47SD0="
];
# To update all inputs:
# $ nix flake update --recreate-lock-file
inputs = {
@ -10,13 +17,13 @@
flake-parts.url = "github:hercules-ci/flake-parts";
flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05-small";
nixpkgs.url = "github:NixOS/nixpkgs/release-23.05";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
nixos-hardware.url = "github:NixOS/nixos-hardware";
nur.url = "github:nix-community/NUR";
home-manager.url = "github:rycee/home-manager/release-24.05";
home-manager.url = "github:rycee/home-manager/release-22.05";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
agenix.url = "github:ryantm/agenix";
@ -25,17 +32,10 @@
colmena.url = "github:zhaofengli/colmena";
colmena.inputs.nixpkgs.follows = "nixpkgs";
attic.url = "github:zhaofengli/attic";
srvos.url = "github:numtide/srvos";
# actually not used when using the modules but than nothing ever will try to fetch this nixpkgs variant
srvos.inputs.nixpkgs.follows = "nixpkgs";
# Ryan's experimental hypervisor based on cloud-hypervisor
# Private repository, you need a valid SSH key to access it
# nixos-hypervisor.url = "git+ssh://gitea@git.newtype.fr/newtype/nixos-hypervisor?ref=main";
# nixos-hypervisor.inputs.nixpkgs.follows = "nixpkgs";
flake-registry.url = "github:NixOS/flake-registry";
flake-registry.flake = false;
};
@ -83,19 +83,19 @@
] ++ pkgs.lib.optional (pkgs.stdenv.isLinux) pkgs.mkpasswd;
};
packages = {
# netboot = pkgs.callPackage ./modules/netboot/netboot.nix {
# # this nixosSystem is built for x86_64 machines regardless of the host machine
# pkgs = inputs.nixpkgs.legacyPackages.x86_64-linux;
# inherit (inputs.nixpkgs.lib) nixosSystem;
# extraModules = [
# self.inputs.nur.nixosModules.nur
# { _module.args.inputs = self.inputs; }
# ];
# };
# netboot = pkgs.callPackage ./modules/netboot/netboot.nix {
# # this nixosSystem is built for x86_64 machines regardless of the host machine
# pkgs = inputs.nixpkgs.legacyPackages.x86_64-linux;
# inherit (inputs.nixpkgs.lib) nixosSystem;
# extraModules = [
# self.inputs.nur.nixosModules.nur
# { _module.args.inputs = self.inputs; }
# ];
# };
# netboot-pixie-core = pkgs.callPackage ./modules/netboot/netboot-pixie-core.nix {
# inherit (self'.packages) netboot;
# };
# netboot-pixie-core = pkgs.callPackage ./modules/netboot/netboot-pixie-core.nix {
# inherit (self'.packages) netboot;
# };
};
};
flake = {

@ -1,55 +1,14 @@
{ lib, pkgs, ... }:
let
gcc-system-features = arch: lib.optionals (arch != null) ([ "gccarch-${arch}" ]
++ map (x: "gccarch-${x}") lib.systems.architectures.inferiors.${arch});
in
{
imports = [
../modules/ipmi-supermicro.nix
../modules/hardware/supermicro-H12SSL-i.nix
../modules/iperf-server.nix
../modules/hypervisor.nix
../modules/hydra/coordinator.nix
../modules/android-cache.nix
../modules/garage.nix
../modules/users/friends.nix
];
networking.hostName = "epyc";
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
virtualisation.docker = {
enable = true;
rootless.enable = true;
};
# TODO: there's a critical bug on 6.8+ where btrfs won't mount the rootfs at all.
# Do not upgrade until it is fixed. Ping Raito when needed.
# boot.kernelPackages = pkgs.linuxPackage_latest;
# Open public access to our PostgreSQL.
services.postgresql.enable = true;
services.postgresql.enableTCPIP = true;
services.postgresql.authentication = ''
host hydra-nixos-org hydra_ro ::/0 trust
'';
networking.firewall.allowedTCPPorts = [ 5432 ];
nix.buildMachines = [
{ hostName = "localhost";
systems = [
"x86_64-linux"
"riscv64-linux"
];
supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ] ++ gcc-system-features "znver3";
maxJobs = 2;
}
];
boot.binfmt.emulatedSystems = [ "riscv64-linux" "aarch64-linux" "riscv64-linux" ];
simd.arch = "znver3";
system.stateVersion = "23.05";
}

@ -0,0 +1,28 @@
{
imports = [
../modules/hardware/vm.nix
../modules/gitea.nix
../modules/tailscale.nix
../modules/users/yvan.nix
];
fileSystems."/" = {
device = "/dev/disk/by-uuid/fe1d2e0d-9210-4a2d-b584-d1e131747ea3";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/8782-7801";
fsType = "vfat";
};
swapDevices =
[{ device = "/dev/disk/by-uuid/c9511ddb-e41f-436c-ad1f-9b587ed0ba11"; }];
networking.hostName = "vieuxtype";
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
# simd.arch = "znver3";
system.stateVersion = "23.05";
}

@ -1,14 +0,0 @@
{ lib, ... }:
let
mirrors = {
# "https://android.googlesource.com" = "/mnt/aospaosp/mirror";
# "https://github.com/LineageOS" = "/var/lib/src/lineageos/LineageOS";
# "https://github.com/TheMuppets" = "/var/lib/src/themuppets/TheMuppets";
};
in
{
nix.envVars.ROBOTNIX_GIT_MIRRORS = lib.concatStringsSep "|" (lib.mapAttrsToList (local: remote: "${local}=${remote}") mirrors);
# Also add local mirrors to nix sandbox exceptions
nix.sandboxPaths = lib.attrValues mirrors;
}

@ -1,9 +1,7 @@
{ pkgs, ... }: {
system.autoUpgrade = {
enable = true;
flake = "git+https://git.newtype.fr/newtype/newtype-org-configurations";
flags = [ "--option" "accept-flake-config" "true" ];
};
system.autoUpgrade.enable = true;
system.autoUpgrade.flake = "git:git.newtype.fr/newtype/newtype-org-configurations";
system.autoUpgrade.flags = [ "--option" "accept-flake-config" "true" ];
# add a random jitter so not all machines reboot at the same time.
systemd.timers.auto-reboot.timerConfig.RandomizedDelaySec = 60 * 20;

@ -1,59 +0,0 @@
{ lib, pkgs, config, inputs, ... }:
with lib;
let
cfg = config.luj.buildbot;
port = "1810";
package = pkgs.buildbot-worker;
python = package.pythonModule;
home = "/var/lib/buildbot-worker";
buildbotDir = "${home}/worker";
in
{
#buildbot worker
# nix.settings.allowed-users = [ "buildbot-worker" ];
nix.settings.trusted-users = [ "buildbot-worker" ];
users.users.buildbot-worker = {
description = "Buildbot Worker User.";
isSystemUser = true;
createHome = true;
home = "/var/lib/buildbot-worker";
group = "buildbot-worker";
useDefaultShell = true;
};
users.groups.buildbot-worker = { };
systemd.services.buildbot-worker = {
reloadIfChanged = true;
description = "Buildbot Worker.";
after = [ "network.target" "buildbot-master.service" ];
wantedBy = [ "multi-user.target" ];
path = [
pkgs.nix-eval-jobs
pkgs.git
pkgs.gh
pkgs.nix
pkgs.nix-output-monitor
inputs.attic.packages.x86_64-linux.attic
];
environment.PYTHONPATH = "${python.withPackages (_: [package])}/${python.sitePackages}";
environment.MASTER_URL = ''TCP:2a01\\:e34\\:ec2a\\:8e60\\:8ec7\\:b5d2\\:f663\\:a67a:9989'';
environment.BUILDBOT_DIR = buildbotDir;
environment.WORKER_PASSWORD_FILE = "/var/lib/buildbot-worker/password.txt";
serviceConfig = {
Type = "simple";
User = "buildbot-worker";
Group = "buildbot-worker";
WorkingDirectory = home;
# Restart buildbot with a delay. This time way we can use buildbot to deploy itself.
ExecReload = "+${pkgs.systemd}/bin/systemd-run --on-active=60 ${pkgs.systemd}/bin/systemctl restart buildbot-worker";
ExecStart = "${python.pkgs.twisted}/bin/twistd --nodaemon --pidfile= --logfile - --python ${./worker.py}";
};
};
}

@ -1,58 +0,0 @@
#!/usr/bin/env python3
import multiprocessing
import os
import socket
from io import open
from buildbot_worker.bot import Worker
from twisted.application import service
def require_env(key: str) -> str:
val = os.environ.get(key)
assert val is not None, "val is not set"
return val
def setup_worker(application: service.Application, id: int) -> None:
basedir = f"{require_env('BUILDBOT_DIR')}-{id}"
os.makedirs(basedir, mode=0o700, exist_ok=True)
master_url = require_env("MASTER_URL")
hostname = socket.gethostname()
workername = f"{hostname}-{id}"
with open(
require_env("WORKER_PASSWORD_FILE"), "r", encoding="utf-8"
) as passwd_file:
passwd = passwd_file.read().strip("\r\n")
keepalive = 600
umask = None
maxdelay = 300
numcpus = None
allow_shutdown = None
s = Worker(
"2a01:e34:ec2a:8e60:8ec7:b5d2:f663:a67a",
9989,
workername,
passwd,
basedir,
keepalive,
umask=umask,
maxdelay=maxdelay,
numcpus=numcpus,
allow_shutdown=allow_shutdown,
)
s.setServiceParent(application)
# note: this line is matched against to check that this is a worker
# directory; do not edit it.
application = service.Application("buildbot-worker")
for i in range(14):
setup_worker(application, i)

@ -3,10 +3,8 @@
isNormalUser = true;
home = "/home/nix";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAZpEtSfB0GDwcELc5/AKNiBZJV9OVfQ0BMFzBlF+8Yd raito@everywhere"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA3hCOyFwuoCLt5W9e9yQSwj9I+VspB0kNNHsoFngbgZ raito@thors"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF07Sy0O+oletFYlrfS0+XtBWJO2F+Rc9J/ocNLBa/OE raito@thorkell"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDu4cEqZzAI/1vZjSQkTJ4ijIg9nuloOuSKUrnkJIOFn buildbot@top-secret" # Top secret's project buildbot key
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIH/LDRUG+U+++UmlxvA2kspioTjktQZ8taDcHq8gVlkfAAAABHNzaDo=" # winterqt
];
uid = 5001;
};

@ -1,37 +0,0 @@
{ pkgs, ... }: {
services.garage = {
enable = true;
package = pkgs.garage_0_8;
settings = {
db_engine = "lmdb";
block_size = (10 * 1024 * 1024); # 10MB
replication_mode = "none";
rpc_bind_addr = "[::1]:3901";
rpc_public_addr = "[::1]:3901";
rpc_secret = "f5b8ede0abe0a3d454d96e8b352e29a1d94522b64274d23b256d57482441ccc1";
s3_api = {
s3_region = "garage";
api_bind_addr = "[::1]:3900";
root_domain = ".s3.infra.newtype.fr";
};
s3_web = {
bind_addr = "[::1]:3902";
root_domain = ".web.infra.newtype.fr";
index = "index.html";
};
};
};
services.nginx = {
enable = true;
virtualHosts."s3.infra.newtype.fr" = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://[::1]:3900/";
};
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
}

@ -0,0 +1,34 @@
{ ... }: {
services.gitea = {
enable = true;
appName = "Newtype's Git";
mailerPasswordFile = "/var/lib/secrets/gitea/mailpw";
settings = {
server = {
ROOT_URL = "https://git.newtype.fr";
DOMAIN = "git.newtype.fr";
};
service.DISABLE_REGISTRATION = true;
session.COOKIE_SECURE = true;
mailer = {
ENABLED = true;
HOST = "mail.gandi.net:465";
USER = "git@newtype.fr";
FROM = "Newtype's Git <git@newtype.fr>";
IS_TLS_ENABLED = true;
};
};
};
services.nginx = {
enable = true;
virtualHosts."git.newtype.fr" = {
enableACME = true;
forceSSL = true;
locations."/" = { proxyPass = "http://127.0.0.1:3000"; };
};
};
security.acme.certs = { "git.newtype.fr".email = "contact@newtype.fr"; };
security.acme.acceptTerms = true;
}

@ -8,18 +8,12 @@
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.kernelParams = [ "pci=realloc" "boot.shell_on_fail" ];
boot.kernelParams = [ "pci=realloc" ];
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.initrd.extraUtilsCommands = ''
copy_bin_and_libs ${pkgs.nvme-cli}/bin/nvme
copy_bin_and_libs ${pkgs.util-linux}/bin/blkzone
copy_bin_and_libs ${pkgs.util-linux}/bin/lsblk
'';
boot.initrd.systemd.enable = lib.mkForce false;
fileSystems."/" =
@ -40,7 +34,7 @@
swapDevices =
[ { device = "/dev/disk/by-uuid/93e251e1-1bfc-4bd4-8585-ea2eae7795bf"; }
];
];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;

@ -0,0 +1,14 @@
{ lib, modulesPath, ... }: {
imports = [ "${modulesPath}/profiles/qemu-guest.nix" ];
boot.initrd.availableKernelModules =
[ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
services.qemuGuest.enable = true;
# VMs are noisy for this type of thing usually.
nix.settings.max-jobs = lib.mkDefault 1;
}

@ -37,10 +37,13 @@ in
)
"Please add network configuration for ${config.networking.hostName}. None found in ${./hosts.nix}";
# usually, for each host there is a hostname.dse.in.tum.de and hostname.r domain
# usually, for each host there is a hostname.infra.newtype.fr
networking.newtype.hosts = {
epyc = {
ipv6 = "2001:bc8:38ee:100::500";
ipv6 = "2001:470:ca5e:dee:587c:7a50:f36c:cae8";
};
vieuxtype = {
ipv6 = "2a01:e0a:5f9:9681:a498:fffb:e48d:299";
};
};
};

@ -1,81 +0,0 @@
{ pkgs, ... }: {
services.hydra = {
enable = false;
hydraURL = "https://hydra.newtype.fr";
notificationSender = "hydra@localhost";
buildMachinesFiles = [ "/etc/nix/machines" ];
useSubstitutes = true;
};
environment.systemPackages = [ pkgs.nix-prefetch-git ];
nix.trustedUsers = [ "hydra" "hydra-www" ];
services.postgresql = {
enableJIT = true;
settings = {
checkpoint_completion_target = "0.9";
default_statistics_target = 100;
max_connections = 500;
work_mem = "20MB";
maintenance_work_mem = "2GB";
shared_buffers = "8GB";
min_wal_size = "1GB";
max_wal_size = "2GB";
wal_buffers = "16MB";
max_worker_processes = 16;
max_parallel_workers_per_gather = 8;
max_parallel_workers = 16;
# NVMe related performance tuning
effective_io_concurrency = 200;
random_page_cost = "1.1";
# We can risk losing some transactions.
synchronous_commit = "off";
effective_cache_size = "16GB";
# autovacuum and autoanalyze much more frequently:
# at these values vacuum should run approximately
# every 2 mass rebuilds, or a couple times a day
# on the builds table. Some of those queries really
# benefit from frequent vacuums, so this should
# help. In particular, I'm thinking the jobsets
# pages.
autovacuum_vacuum_scale_factor = 0.002;
autovacuum_analyze_scale_factor = 0.001;
shared_preload_libraries = "pg_stat_statements";
compute_query_id = "on";
};
};
security.acme = {
acceptTerms = true;
defaults.email = "ryan@lahfa.xyz";
};
services.nginx = {
enable = true;
recommendedZstdSettings = true;
recommendedBrotliSettings = true;
recommendedGzipSettings = true;
recommendedOptimisation =true;
recommendedTlsSettings = true;
recommendedProxySettings = true;
};
services.nginx.virtualHosts."hydra.newtype.fr" = {
forceSSL = true;
enableACME = true;
# TODO: remove compression for some locations
locations."/".proxyPass = "http://localhost:3000";
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
}

@ -1,2 +0,0 @@
{ ... }: {
}

@ -1,7 +1,6 @@
{ lib
, config
, pkgs
, inputs
, ...
}:
@ -30,24 +29,6 @@ in
{ domain = "*"; item = "nofile"; type = "-"; value = "20480"; }
];
# Makes the computer go faster.
# nixos.jobserver.enable = true;
# TODO(raito): rework this.
# Avoid weird failures for builders.
services.openssh.settings.MaxStartups = 100;
# Memory accounting techniques
systemd.services.nix-daemon.serviceConfig = {
MemoryAccounting = true;
MemoryMax = "225G";
MemoryHigh = "220G";
MemorySwapMax = "2G";
ManagedOOMSwap = "kill";
ManagedOOMMemoryPressure = "kill";
MemoryPressureWatch = "on";
};
nix = {
# Garbage-collect often
gc.automatic = true;
@ -57,22 +38,19 @@ in
# Randomize GC to avoid thundering herd effects.
gc.randomizedDelaySec = "1800";
# Inchallah, it works.
package = pkgs.nixVersions.nix_2_18;
# package = lib.mkForce inputs.nixpkgs-unstable.legacyPackages.x86_64-linux.nixVersions.nix_2_17;
# 2.11, 2.12 suffers from a bug with remote builders…
package = pkgs.nixVersions.nix_2_13;
# should be enough?
nrBuildUsers = 128;
nrBuildUsers = lib.mkDefault 32;
# https://github.com/NixOS/nix/issues/719
settings = {
keep-outputs = false;
keep-derivations = false;
use-cgroups = true;
http-connections = 0;
auto-allocate-uids = true;
cores = 0;
max-jobs = 2; # Do not build more than 2 derivations at once in the event, both of them are too big, yes this is stupid, fix it in Nix.
fsync-metadata = true;
keep-outputs = true;
keep-derivations = true;
# in zfs we trust
fsync-metadata = lib.boolToString (!config.boot.isContainer or config.fileSystems."/".fsType != "zfs");
substituters = [
"https://nix-community.cachix.org"
"https://tum-dse.cachix.org"
@ -82,13 +60,6 @@ in
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"tum-dse.cachix.org-1:v67rK18oLwgO0Z4b69l30SrV1yRtqxKpiHodG4YxhNM="
];
experimental-features = [
"auto-allocate-uids"
# "ca-derivations" this feature is really extremely broken.
"cgroups"
"fetch-closure"
"impure-derivations"
];
};
};

@ -1,12 +1,13 @@
{ pkgs, inputs, ... }: {
{ pkgs, ... }: {
# documentation.dev.enable = true;
# environment.extraOutputsToInstall = [ "info" "man" "devman" ];
# this extends the list from:
# https://github.com/numtide/srvos/blob/master/server.nix#L10
environment.systemPackages = with pkgs; [
socat
whois
nix-output-monitor
inputs.attic.packages.x86_64-linux.attic
jq
psmisc
libarchive
@ -37,7 +38,22 @@
ipmitool
nix-top
(neovim.override {
viAlias = true;
vimAlias = true;
configure = {
packages.myPlugins = with pkgs.vimPlugins; {
start = [ vim-lastplace vim-nix ];
opt = [ ];
};
};
})
# tries to default to soft-float due to out-dated cc-rs
] ++ lib.optional (!stdenv.hostPlatform.isRiscV) bandwhich;
programs.vim.defaultEditor = true;
environment.variables = { EDITOR = "nvim"; };
programs.mosh.enable = true;
programs.tmux.enable = true;
}

@ -1,36 +0,0 @@
{
programs.ssh.extraConfig = ''
Host telecom-bastion
HostName ssh.enst.fr
User jmalka
IdentityFile /home/luj/.ssh/id_ed25519
Host lame11
Hostname lame11.enst.fr
User nix-remote-builder
ProxyJump telecom-bastion
IdentityFile /home/luj/.ssh/id_ed25519
Host lame10
Hostname lame10.enst.fr
User nix-remote-builder
ProxyJump telecom-bastion
IdentityFile /home/luj/.ssh/id_ed25519
Host lame12
Hostname lame12.enst.fr
User nix-remote-builder
ProxyJump telecom-bastion
IdentityFile /home/luj/.ssh/id_ed25519
Host lame16
Hostname lame16.enst.fr
User nix-remote-builder
ProxyJump telecom-bastion
IdentityFile /home/luj/.ssh/id_ed25519
Host lame17
Hostname lame17.enst.fr
User nix-remote-builder
ProxyJump telecom-bastion
IdentityFile /home/luj/.ssh/id_ed25519
'';
}

@ -0,0 +1,5 @@
{ config, ... }: {
services.tailscale.enable = true;
networking.firewall.checkReversePath = "loose";
networking.firewall.allowedUDPPorts = [ config.services.tailscale.port ];
}

@ -13,7 +13,6 @@ in
isNormalUser = true;
home = "/home/raito";
inherit extraGroups;
shell = "/run/current-system/sw/bin/zsh";
uid = 1000;
openssh.authorizedKeys.keyFiles = [ ./keys/raito.keys ];
};
@ -22,8 +21,7 @@ in
luj = {
isNormalUser = true;
home = "/home/luj";
extraGroups = extraGroups ++ [ "production-hydra-db" ];
shell = "/run/current-system/sw/bin/zsh";
inherit (config.users.users.raito) extraGroups;
uid = 1001;
openssh.authorizedKeys.keyFiles = [ ./keys/luj.keys ];
};
@ -33,7 +31,6 @@ in
isNormalUser = true;
home = "/home/gdd";
inherit (config.users.users.raito) extraGroups;
shell = "/run/current-system/sw/bin/zsh";
uid = 1002;
openssh.authorizedKeys.keyFiles = [ ./keys/gdd.keys ];
};
@ -43,7 +40,6 @@ in
isNormalUser = true;
home = "/home/akechi";
inherit (config.users.users.raito) extraGroups;
shell = "/run/current-system/sw/bin/zsh";
uid = 1003;
openssh.authorizedKeys.keyFiles = [ ./keys/akechi.keys ];
};
@ -53,7 +49,6 @@ in
isNormalUser = true;
home = "/home/tomate";
inherit (config.users.users.raito) extraGroups;
shell = "/run/current-system/sw/bin/zsh";
uid = 1004;
openssh.authorizedKeys.keyFiles = [ ./keys/tomate.keys ];
};
@ -65,6 +60,6 @@ in
};
};
nix.settings.trusted-users = [ "raito" "luj" "gdd" "akechi" "tomate" "niklas" "jade" "winter" ];
nix.settings.trusted-users = [ "raito" "luj" "gdd" "akechi" "tomate" ];
};
}

@ -1,84 +0,0 @@
{ ... }:
let
trustedFriendGroups = [
"production-hydra-db"
];
in
{
# deleted users: ninjatrappeur, flokli
users.users = {
linus = {
isNormalUser = true;
home = "/home/linus";
shell = "/run/current-system/sw/bin/zsh";
uid = 2001;
# Raito: I allowed linus to be root to get some stuff done
# on behalf of me.
extraGroups = [ "wheel" ] ++ trustedFriendGroups;
openssh.authorizedKeys.keyFiles = [ ./keys/linus.keys ];
};
niklas = {
isNormalUser = true;
home = "/home/niklas";
shell = "/run/current-system/sw/bin/zsh";
uid = 2002;
extraGroups = trustedFriendGroups;
openssh.authorizedKeys.keyFiles = [ ./keys/niklas.keys ];
};
# Raito: Permanent account for Jade who has been driving a lot of good work.
# expires = 2060 because of a convergence bug, I cannot remove the expiration date anymore.
jade = {
isNormalUser = true;
home = "/home/jade";
shell = "/run/current-system/sw/bin/zsh";
uid = 2004;
expires = "2060-05-01";
extraGroups = trustedFriendGroups;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNldAg4t13/i69TD786The+U3wbiNUdW2Kc9KNWvEhgpf4y4x4Sft0oYfkPw5cjX4H3APqfD+b7ItAG0GCbwHw6KMYPoVMNK08zBMJUqt1XExbqGeFLqBaeqDsmEAYXJRbjMTAorpOCtgQdoCKK/DvZ51zUWXxT8UBNHSl19Ryv5Ry5VVdbAE35rqs57DQ9+ma6htXnsBEmmnC+1Zv1FE956m/OpBTId50mor7nS2FguAtPZnDPpTd5zl9kZmJEuWCrmy6iinw5V4Uy1mLeZkQv+/FtozbyifCRCvps9nHpv4mBSU5ABLgnRRvXs+D41Jx7xloNADr1nNgpsNrYaTh hed-bot-ssh-tpm-rsa"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIKYljH8iPMrH00lOb3ETxRrZimdKzPPEdsJQ5D5ovtOwAAAACnNzaDpzc2hrZXk= ssh:sshkey"
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBO4idMfdJxDJuBNOid60d4I+qxj09RHt+YkCYV2eXt6tGrEXg+S8hTQusy/SqooiXUH9pt4tea2RuBPN9+UwrH0= type-a yubikey slot 9a"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHGIBMfUypLctmorlRz9xIzXRgmtqDMxF5T5Fxy4JxNb root@tail-bot"
];
};
# Raito: Permanent account for winter, she was the one in charge of the Darwin build box for a while,
# helped a bunch of people and deserve it :-).
# expires = 2060 because of a convergence bug, I cannot remove the expiration date anymore.
winter = {
isNormalUser = true;
home = "/home/winter";
shell = "/run/current-system/sw/bin/zsh";
uid = 2005;
expires = "2060-05-01";
extraGroups = trustedFriendGroups;
openssh.authorizedKeys.keys = [
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIH/LDRUG+U+++UmlxvA2kspioTjktQZ8taDcHq8gVlkfAAAABHNzaDo="
];
};
# Raito: Permanent account for pennae, they are doing a bunch of excellent Nix work (including performance).
pennae = {
isNormalUser = true;
home = "/home/pennae";
shell = "/run/current-system/sw/bin/zsh";
uid = 2006;
# Raito: Allowed to debug jobserver.
extraGroups = [ "wheel" ] ++ trustedFriendGroups;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC5Wf5/IbyFpdziWfwxkQqxOf3r1L9pYn6xQBEKFwmMY"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIK8icXjHkb4XzbIVN3djH4CE7RvgGd+3xbG4cgh0Yls5AAAABHNzaDo="
];
};
# Raito: Temporary account until next year, for delroth, who is going to work on building capabilities for improving build infrastructure.
delroth = {
isNormalUser = true;
home = "/home/delroth";
shell = "/run/current-system/sw/bin/zsh";
uid = 2007;
# Raito: Allowed to spawn new VMs and do various stuff for isolating the workloads.
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII3tjB4KYDok3KlWxdBp/yEmqhhmybd+w0VO4xUwLKKV"
];
};
};
}

@ -1,2 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICE7TN5NQKGojNGIeTFiHjLHTDQGT8i05JFqX/zLW2zc
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqnCNhMl5KgERtpFAVUjd11JDsf0uQ/8NY5sj4tnjw5

@ -1,4 +0,0 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDf7hGFfUHhtgYY0G/Dh9isjIxkvUjlAKAMvLIZs5NLXwEfnxDTVZW/ijfF2qDozAmYQHZqbeyhJX7YlO6nYjWRBxqBeqAMHhtu3PkiysSCCUymhJ2uDHUAox+BT8IGE3sCKYIXRdmSFoibgQad9AHsQ6OLoIaNgMV7rspdBcO/CjyCkHN440XhQKz/Sq2SyygI9Qkuz0qDdQOgIraVi//EXDAvij0QXlkmh+3xBJwEqt8Pe1KP9itwvGyzGX/aAheCBSf7HPcLzJUgcWymW6FL4AE0KqNVb8Q8ahaEM5UgbXUCauDON8H4OR1Zngszw128wklwxOr7q5gB++Ks1OQlHMGgiVYZ2wC0DXlx68BKSMNnJRHWCI4r63a3bAWGCqKbcCHpimjPAHisPoaoHffVUaIpj65klj+GkoHAgo/pl0S6o4OqVpOau3Qkn95D1KDbUiE1l0HdgZaRmOKRvTKec1V3tfB2rA83Q1cZCWC5ZSwk3wihYPywMyIo6G8f2M2bFot7k/sS9ZMSle6oZDrc6A8qWnaxMZYbEXdFGy02550vdymshJ9RpSLfK1oBKoKk7yL2hk1UHm6obXYXn/F0KvDr7nAM6gOf9NnOrPHKt14WDb0GsZwNd34g1RCcBUcXewh4ZJOHerzsS2h3D30BNQUNCaF8ZQr6FYXp7v9gnQ==
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN3EmXYSXsimS+vlGYtfTkOGuwvkXU0uHd2yYKLOxD2F
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIJWYrcu8usyqdLv4XO4i5TPaQhB+lH3Xbu2uz64hQe3
sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAICDgQA1A1uHJsqLsSLLkuWNlxXrpGRD6Qx11WBbfP+SmAAAAEXNzaDpsaW51c0BiZWl3ZXJr

@ -1,5 +1,4 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM9Uzb7szWlux7HuxLZej9cBR5MhLz/vaAPPfSoozt2k
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHoYi9YFzovZfwrY3BUA3QqcyBE8gfNTncbs3qqkLbyY
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDCKfPoMNrnyNWH6J1OvQ+n1rvSS9Sc2iZf6E1JQC+L4
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIESMWr29i3rhj32oLV3DKe57YI+jvNaKjZhhpq6dEjsn
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJOCKgHRHAJDSgKqYNfWboL04mnEOM0m0K3TGxBhBNDR
@ -9,5 +8,4 @@ ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILxfFq8wx5Bet5Q0gI28/lc9ryYYFQelpZdPPdzxGBbA
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGa+7n7kNzb86pTqaMn554KiPrkHRGeTJ0asY1NjSbpr
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILKIDLmQQ+P+jE4zVRpdVp8fmYEe4nzPDqYZt6A4eyIi
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAkj2xsN7Qt/Ew2QO+HiF2yOjXPRucZ3SbIdPDLJoh22
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDMBW7rTtfZL9wtrpCVgariKdpN60/VeAzXkh9w3MwbO
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCUt5I3IgONzYsMOFnRXtvR/uLXlIs6oWsCmh6YGgnpGD4M9lFdoYAOeC1faQUnP66sNs6AoacrGlPZ1UkVUqYEoIr2hiNCDRzzLCQ2J/sSaw7Hv0PKT7MWMo8R076M3TrdunCchBJI1noez3waM9aL4b/iYVhxym28ET55QrWjyMQfZL9PXzOKZatNVcK8AmdtSbI+pFrm/tTZPa321drm9PHOo9CL+lG4YmVZcXa0bVfVtk1GXlWwNpCj2ExLmbF1rRpAa05khfnbg3sBSklwf5NRXj11KneodKRF81ji7MtBhIIfoEXSYht7yspdkkS9e9mv16VGV+2ziM8zG3MK/iUq7fg5ksN54D3DNrd9iI5WjQZsLUrK0ypxO2NtvupWGYt3rCyKA/QvynbxOWFp6cy3Evej142hsfbiOcPIgCtGdHIBevp+KmPxkHBqsJPBqb3Y7nOMT1/ggDMtvHZEZJjEI2D2RjZNEXGbq63OPAqEkgmecW0cXlrjLEGhF2E=

@ -1 +0,0 @@
sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAINHd1ay1FSTHZzE+3XCdUiS5efFmJ9GUvx4+7F5uXVtMAAAABHNzaDo= nikstur

@ -1,3 +0,0 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClF9ko5u4zf0CEvleEeRbo9r6BMNgXEGO/rDNZOEHcKxVaeIi+/xF6ZQ5MZbcmH08lswq32hb1XwXg7Gk+ofUdEvCD/kC/vJijt7IFkardy6BNOSWQJLEf6/BpL3LzDQhi7iZXPF46VYoPVGHBh8fKQaAtOCrhbf/8JutfTwCglEztjoiQxY5b8OMfntjBSl6TJwZPJAoQllbJJz9q90sBetvqx6Y08eqIzsSZw6pznpvivRR+TSKU0EkVYS2y2zBAvPK6oyunj5zi01/FACT+Qn70dUkumZAvcPssbl0hCs/xDLgEL6hCEvoszodyMYVn7HS0KwfUlfiGdNUOFHIl
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHzd1XAB7Pc8Tplur5iV3llOXtvlHru8pLtQlbvHzmt1
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOE7oDtq+xt5RuvMigDZMeZQODFr5Otz6HCO8wnI80oo

@ -1,4 +1,3 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDcEkYM1r8QVNM/G5CxJInEdoBCWjEHHDdHlzDYNSUIdHHsn04QY+XI67AdMCm8w30GZnLUIj5RiJEWXREUApby0GrfxGGcy8otforygfgtmuUKAUEHdU2MMwrQI7RtTZ8oQ0USRGuqvmegxz3l5caVU7qGvBllJ4NUHXrkZSja2/51vq80RF4MKkDGiz7xUTixI2UcBwQBCA/kQedKV9G28EH+1XfvePqmMivZjl+7VyHsgUVj9eRGA1XWFw59UPZG8a7VkxO/Eb3K9NF297HUAcFMcbY6cPFi9AaBgu3VC4eetDnoN/+xT1owiHi7BReQhGAy/6cdf7C/my5ehZwD
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE0xMwWedkKosax9+7D2OlnMxFL/eV4CvFZLsbLptpXr
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKiXXYkhRh+s7ixZ8rvG8ntIqd6FELQ9hh7HoaHQJRPU
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJFsZ7PMDt80tYXHyScQajNhqH4wuYg/o0OxfOHaZD4rXuT0VIKflKH1M9LslfHWIEH3XNeqhQOziH9r+Ny5JcM=

@ -1,2 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+EZXYziiaynJX99EW8KesnmRTZMof3BoIs3mdEl8L3
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPM1jpXR7BWQa7Sed7ii3SbvIPRRlKb3G91qC0vOwfJn thubrecht@dell-xps

@ -0,0 +1,17 @@
{ ... }: {
users.users.yvan = {
isNormalUser = true;
home = "/home/yvan";
description = "Yvan's account";
extraGroups = [ "wheel" "www-data" ];
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCdMWQ1D9VJNrIzvgU8QMQwhy7Q/OFI9JNLpo/Kr0uXCeZBtSn9eMzZa88Q8gDaHnlc/BlTnlSomWP/S9u8+j21d+rXgDyPgJUqMjGBxFo4lZue3DlACXKQcwWXiNlGQKFPzSNBN62N3cRwm1R7Won9xVwedS4UnxsXbOGHkBnajQx40Ej3WRVBVbSjKKGaZKKCNO5hfistRP7RtqhwxYK7D/CyOfwnIUuBAnC3QYDYDph7SD2E5OX3rKwPDPnei0zaIMMXyFrMtv/czYOsisOud2H/VX0vipQh59qji/ZNSE31LemF4VcvC1307JX3uEwSfVWiBsWGPGfc/epQ4ixl yvan@X230" # Yvan's X230
];
};
services.mastodon = {
enable = true;
smtp = { host = "mail.gandi.net"; fromAddress = "yvan@sraka.xyz"; };
localDomain = "sraka.xyz";
};
}

@ -4,7 +4,8 @@
programs.zsh.enableGlobalCompInit = false;
programs.zsh.interactiveShellInit = ''
source ${pkgs.zsh-nix-shell}/share/zsh-nix-shell/nix-shell.plugin.zsh
'';
'';
programs.zsh = {
autosuggestions.enable = true;
promptInit = ''