{ pkgs ? import {} }: let name = "fs-backup"; address = "10.255.241.80"; etcdCluster = import ../etcdCluster.nix; in { fs-backup = { config, pkgs, ... }: with pkgs; { deployment.tags = [ "fs" "fs-backup" ]; deployment.targetHost = address; system.autoUpgrade.enable = lib.mkForce false; systemd.targets = { sleep.enable = false; suspend.enable = false; hibernate.enable = false; hybrid-sleep.enable = false; }; # services.udev.extraRules = '' # KERNEL=="ibp65s0", SUBSYSTEM=="net", ATTR{create_child}:="0x7666" # ''; environment.systemPackages = with pkgs; [ rdma-core hwloc xfsprogs ]; boot.swraid = { enable = true; mdadmConf = '' DEVICE partitions ARRAY /dev/md/0 metadata=1.2 UUID=b743fdd4:5b339cc7:7c43f50f:3b81243e name=fs2:0 ''; }; systemd.services.restart-md0 = { description = "restart /dev/md0"; wantedBy = [ "multi-user.target" ]; after = [ "sys-devices-virtual-block-md0.device" "-.mount" ]; before = [ "backup.mount" ]; path = [ "/run/current-system/sw/" ]; serviceConfig = { Type = "oneshot"; }; script = '' restart=0 ${util-linux}/bin/lsblk -o MAJ:MIN -n /dev/md0 | grep -q "254:" || restart=1 if [ $restart = 1 ]; then ${mdadm}/bin/mdadm --stop /dev/md0 ${mdadm}/bin/mdadm --assemble /dev/md0 sleep 1 fi ''; }; cluster = { k8sNode = true; slurm = false; mounts = { rdma.enable = false; automount.enable = true; home = false; opt = false; work = false; data = false; backup = false; ceph = false; }; }; features.hpc.slurm.mungeUid = 996; features = { host = { inherit address; inherit name; }; os = { externalInterface = "eno1"; nfs.enable = true; nfs.exports = '' /exports 10.255.241.0/24(insecure,rw,async,no_subtree_check,crossmnt,fsid=0,no_root_squash) /exports 10.255.243.0/24(insecure,rw,async,no_subtree_check,crossmnt,fsid=0,no_root_squash) /exports 10.255.244.0/24(insecure,rw,async,no_subtree_check,crossmnt,fsid=0,no_root_squash) ''; }; k8s = { enable = true; node.enable = true; master.enable = false; inherit etcdCluster; }; }; systemd.services.rc-local = { description = "rc.local script"; wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; path = [ "/run/current-system/sw/" ]; serviceConfig = { Type = "oneshot"; }; script = '' # if [ -e /sys/block/md126 ]; then # echo "deadline" > /sys/block/md126/queue/scheduler # # echo "4096" > /sys/block/md126/queue/nr_requests # echo "4096" > /sys/block/md126/queue/read_ahead_kb # echo "always" > /sys/kernel/mm/transparent_hugepage/enabled # echo "always" > /sys/kernel/mm/transparent_hugepage/defrag # fi grep -q rdma /proc/fs/nfsd/portlist || echo "rdma 20049" > /proc/fs/nfsd/portlist grep -q tcp /proc/fs/nfsd/portlist || echo "tcp 2049" > /proc/fs/nfsd/portlist ''; }; boot.kernel.sysctl = { "vm.dirty_background_ratio" = 5; "vm.dirty_ratio" = 10; "vm.vfs_cache_pressure" = 50; "vm.min_free_kbytes" = 262144; }; networking = { hostName = name; interfaces.eno1 = { useDHCP = false; ipv4.addresses = [ { address = address; prefixLength = 24; } ]; ipv4.routes = [ { address = "10.255.244.0"; prefixLength = 24; via = "10.255.241.99"; } ]; }; interfaces.ibp59s0 = { useDHCP = false; ipv4.addresses = [ { address = "10.255.243.80"; prefixLength = 24; } ]; }; firewall = { allowedTCPPorts = []; allowedUDPPorts = []; extraCommands = '' iptables -t nat -A POSTROUTING -s 10.255.243.0/24 -j MASQUERADE ''; }; }; services.rpcbind.enable = true; fileSystems = { "/exports/backup" = { device = "/backup"; options = [ "bind" ]; }; "/exports/ekman" = { device = "/backup/ekman-nfs"; options = [ "bind" ]; }; }; programs.singularity.enable = true; imports = [ ./hardware-configuration.nix ../cluster.nix ../mounts.nix ]; }; }