diff --git a/ekman/c0/default.nix b/ekman/c0/default.nix index 69b3b0d..92deaab 100644 --- a/ekman/c0/default.nix +++ b/ekman/c0/default.nix @@ -12,25 +12,6 @@ let compute = { deployment.tags = [ "compute" "c0" ]; - fileSystems = { - "/frontend" = { - device = "10.255.241.100:/home"; - fsType = "nfs4"; - options = [ - "soft" - "defaults" - "noauto" - "x-systemd.automount" - ]; - }; - }; - - systemd.automounts = [ - { - where = "/frontend"; - wantedBy = [ "default.target" ]; - } - ]; }; mkCompute = host: @@ -44,7 +25,7 @@ let mounts = { rdma.enable = true; automount.enable = true; - home = false; + users = true; opt = true; work = true; data = false; @@ -97,7 +78,7 @@ let }; imports = [ hw - ../cluster.nix + ../default.nix ../mounts.nix #./kernel.nix ]; diff --git a/ekman/c0x/default.nix b/ekman/c0x/default.nix index c266fcb..fb345ac 100644 --- a/ekman/c0x/default.nix +++ b/ekman/c0x/default.nix @@ -11,26 +11,6 @@ let compute = { deployment.tags = [ "compute" "c0" ]; - - fileSystems = { - "/frontend" = { - device = "10.255.241.100:/home"; - fsType = "nfs4"; - options = [ - "soft" - "defaults" - "noauto" - "x-systemd.automount" - ]; - }; - }; - - systemd.automounts = [ - { - where = "/frontend"; - wantedBy = [ "default.target" ]; - } - ]; }; mkCompute = host: @@ -44,11 +24,11 @@ let mounts = { rdma.enable = true; automount.enable = true; - home = false; + users = true; opt = true; work = true; - data = true; - backup = true; + data = false; + backup = false; ceph = false; }; }; @@ -97,7 +77,7 @@ let }; imports = [ hw - ../cluster.nix + ../default.nix ../mounts.nix # ./kernel.nix ]; diff --git a/ekman/c1/default.nix b/ekman/c1/default.nix index 85891ea..051eaa2 100644 --- a/ekman/c1/default.nix +++ b/ekman/c1/default.nix @@ -10,13 +10,6 @@ let nodes = import ./nodes.nix; compute = { deployment.tags = [ "compute" "c1" ]; - - systemd.automounts = [ - { - where = "/frontend"; - wantedBy = [ "default.target" ]; - } - ]; }; mkCompute = host: @@ -31,10 +24,10 @@ let rdma.enable = false; gbe100.enable = true; automount.enable = true; - home = true; + users = true; opt = true; work = true; - data = false; + data = true; backup = false; ceph = true; }; @@ -109,7 +102,7 @@ let }; imports = [ hw - ../cluster.nix + ../default.nix ../mounts.nix ]; } diff --git a/ekman/default.nix b/ekman/default.nix index bf663c7..a63f3ee 100644 --- a/ekman/default.nix +++ b/ekman/default.nix @@ -96,7 +96,7 @@ let }; cachix.enable = false; monitoring.nodeExporter.enable = false; - hpc.mft.enable = false; # Mellanox MFT + mft.enable = false; # Mellanox MFT }; networking = { @@ -250,7 +250,7 @@ let hostNames = [ "ekman" "ekman.cluster.local" "ekman.oceanbox.io" "10.255.241.100" "10.255.243.100" ]; - publicKeyFile = ./logon/ssh_host_key.pub; + publicKeyFile = ./login/ssh_host_key.pub; }; fs-work = { hostNames = [ @@ -293,6 +293,18 @@ let permissions = "u+rs,g+rx,o+rx"; }; }; + + # Use nvd to get package diff before apply + system.activationScripts.system-diff = { + supportsDryActivation = true; # safe: only outputs to stdout + text = '' + export PATH="${pkgs.lib.makeBinPath [ pkgs.nixVersions.latest ]}:$PATH" + if [ -e /run/current-system ]; then + ${pkgs.lib.getExe pkgs.nvd} diff '/run/current-system' "$systemConfig" || true + fi + ''; + }; + }; openssh-shosts = pkgs.openssh.overrideAttrs (attrs: { diff --git a/ekman/fs-backup/default.nix b/ekman/fs-backup/default.nix index 9e8c710..50366cb 100644 --- a/ekman/fs-backup/default.nix +++ b/ekman/fs-backup/default.nix @@ -60,7 +60,7 @@ in { mounts = { rdma.enable = false; automount.enable = true; - home = false; + users = false; opt = false; work = false; data = false; @@ -172,7 +172,7 @@ in { imports = [ ./hardware-configuration.nix - ../cluster.nix + ../default.nix ../mounts.nix ]; }; diff --git a/ekman/fs-work/default.nix b/ekman/fs-work/default.nix index 5db73d7..ef3d48b 100644 --- a/ekman/fs-work/default.nix +++ b/ekman/fs-work/default.nix @@ -37,7 +37,7 @@ in { mounts = { rdma.enable = true; automount.enable = true; - home = true; + users = true; opt = false; work = false; data = false; @@ -165,7 +165,7 @@ in { imports = [ ./hardware-configuration.nix - ../cluster.nix + ../default.nix ../mounts.nix ]; }; diff --git a/ekman/hive.nix b/ekman/hive.nix index 4576084..d53db0c 100644 --- a/ekman/hive.nix +++ b/ekman/hive.nix @@ -12,14 +12,14 @@ let allowLocalDeployment = true; targetHost = null; }; - imports = [ ./ekman/manage ]; + imports = [ ./manage ]; }; - ekman-login = import ./ekman/login { inherit pkgs; }; - c0 = import ./ekman/c0 { inherit pkgs; }; - c0x = import ./ekman/c0x { inherit pkgs; }; - c1 = import ./ekman/c1 { inherit pkgs; }; - fs-work = import ./ekman/fs-work { inherit pkgs; }; - fs-backup = import ./ekman/fs-backup { inherit pkgs; }; + login = import ./login { inherit pkgs; }; + c0 = import ./c0 { inherit pkgs; }; + c0x = import ./c0x { inherit pkgs; }; + c1 = import ./c1 { inherit pkgs; }; + fs-work = import ./fs-work { inherit pkgs; }; + fs-backup = import ./fs-backup { inherit pkgs; }; in - { inherit ekman-manage; } // ekman-login // c0 // c0x // c1 // fs-work // fs-backup + { inherit ekman-manage; frontend = ekman-manage; } // login // c0 // c0x // c1 // fs-work // fs-backup diff --git a/ekman/hosts.nix b/ekman/hosts.nix index f800d32..4866b0c 100644 --- a/ekman/hosts.nix +++ b/ekman/hosts.nix @@ -11,7 +11,7 @@ 10.255.241.100 etcd0 etcd0.cluster.local 10.255.241.80 etcd1 etcd1.cluster.local 10.255.241.90 etcd2 etcd2.cluster.local - 10.255.241.99 ekman-manage frontend frontend.cluster.local frontend.cluster.local + 10.255.241.99 ekman-manage frontend ekman-manage.cluster.local frontend.cluster.local 10.255.243.99 ibfrontend ibfrontend.cluster.local ibfrontend.cluster.local 10.255.241.101 c0-1 c0-1.cluster.local diff --git a/ekman/login/default.nix b/ekman/login/default.nix index f244cbd..b493325 100644 --- a/ekman/login/default.nix +++ b/ekman/login/default.nix @@ -22,7 +22,7 @@ in mounts = { rdma.enable = true; automount.enable = true; - home = false; + users = false; opt = false; work = true; data = true; @@ -51,7 +51,7 @@ in hpc = { slurm.server = false; slurm.slurmrestd = false; - frontend = false; + manage = false; login = true; knem = false; }; @@ -193,7 +193,7 @@ in }; fileSystems = { - "/exports/home" = { + "/exports/users" = { device = "/home"; options = [ "bind" ]; }; @@ -213,7 +213,7 @@ in device = "/vol/nfs-provisioner"; options = [ "bind" ]; }; - "/frontend" = { + "/users" = { device = "/home"; options = [ "bind" ]; }; @@ -349,7 +349,7 @@ in imports = [ ./hardware-configuration.nix - ../cluster.nix + ../default.nix ../mounts.nix ../myvnc.nix ]; diff --git a/ekman/manage/default.nix b/ekman/manage/default.nix index e33b888..120f870 100644 --- a/ekman/manage/default.nix +++ b/ekman/manage/default.nix @@ -55,7 +55,7 @@ in { mounts = { rdma.enable = true; automount.enable = true; - home = true; + users = true; opt = true; work = true; data = true; @@ -88,7 +88,7 @@ in { slurm.server = true; slurm.slurmrestd = false; slurm.mungeUid = 996; - frontend = true; + manage = true; }; k8s = { @@ -283,17 +283,6 @@ in { ''; }; - # Use nvd to get package diff before apply - system.activationScripts.system-diff = { - supportsDryActivation = true; # safe: only outputs to stdout - text = '' - export PATH="${pkgs.lib.makeBinPath [ pkgs.nixVersions.latest ]}:$PATH" - if [ -e /run/current-system ]; then - ${pkgs.lib.getExe pkgs.nvd} diff '/run/current-system' "$systemConfig" || true - fi - ''; - }; - # ssh-rsa is deprecated, but putty/winscp users use it services.openssh.extraConfig = '' # pubkeyacceptedalgorithms ssh-rsa,ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,rsa-sha2-512,rsa-sha2-256 diff --git a/ekman/mounts.nix b/ekman/mounts.nix index f3f2d54..cf6a8c6 100644 --- a/ekman/mounts.nix +++ b/ekman/mounts.nix @@ -15,7 +15,7 @@ let users = if cfg.users then { "/users" = { - device = "10.255.241.100:/home"; + device = "10.255.241.100:/users"; fsType = "nfs4"; options = [ "soft"