Merge pull request #14 from ryan4yin/riscv64

feat: add riscv64 cluster - rolling girls
2026-03-26 11:21:34 +01:00 · 2023-08-16 02:07:38 +08:00
parent f682523804 f5c1148c94
commit b2d19ee218
11 changed files with 471 additions and 14 deletions
--- a/11
+++ b/11
@@ -68,7 +68,10 @@ add-idols-ssh-key:
 	ssh-add ~/.ssh/ai-idols

 idols: add-idols-ssh-key
-	colmena apply --on '@dist-build' --show-trace
+	colmena apply --on '@dist-build'
+
+idols-debug: add-idols-ssh-key
+	colmena apply --on '@dist-build' --verbose --show-trace

 # only used once to setup the virtual machines
 idols-image:
@@ -82,6 +85,12 @@ idols-image:
 	nom build .#kana
 	scp result root@um560:/var/lib/vz/dump/vzdump-qemu-kana.vma.zst

+roll: add-idols-ssh-key
+	colmena apply --on '@riscv' 
+
+roll-debug: add-idols-ssh-key
+	colmena apply --on '@dist-build' --verbose --show-trace
+

 ############################################################################
 #
--- a/flake.lock
+++ b/flake.lock
@@ -461,7 +461,7 @@
    "nix-eval-jobs": {
      "inputs": {
        "flake-parts": "flake-parts_2",
-        "nixpkgs": "nixpkgs_4",
+        "nixpkgs": "nixpkgs_5",
        "treefmt-nix": "treefmt-nix"
      },
      "locked": {
@@ -514,6 +514,25 @@
        "type": "github"
      }
    },
+    "nixos-licheepi4a": {
+      "inputs": {
+        "nixpkgs": "nixpkgs_3",
+        "thead-kernel": "thead-kernel"
+      },
+      "locked": {
+        "lastModified": 1692112611,
+        "narHash": "sha256-dJMd6drX1EISxlrPOdl50cHS2PKkDaEgpq8f3b3wVnA=",
+        "owner": "ryan4yin",
+        "repo": "nixos-licheepi4a",
+        "rev": "d7775148caf626c19fea91c52c5d95140f60e917",
+        "type": "github"
+      },
+      "original": {
+        "owner": "ryan4yin",
+        "repo": "nixos-licheepi4a",
+        "type": "github"
+      }
+    },
    "nixpkgs": {
      "locked": {
        "lastModified": 1677676435,
@@ -582,7 +601,7 @@
        "flake-compat": "flake-compat",
        "lib-aggregate": "lib-aggregate",
        "nix-eval-jobs": "nix-eval-jobs",
-        "nixpkgs": "nixpkgs_5",
+        "nixpkgs": "nixpkgs_6",
        "nixpkgs_sirula": "nixpkgs_sirula"
      },
      "locked": {
@@ -616,6 +635,22 @@
      }
    },
    "nixpkgs_3": {
+      "locked": {
+        "lastModified": 1691280485,
+        "narHash": "sha256-/8Ct9092OC1TTNzHgbcE9ejQdS2QxZYGqrWXEwUxdtQ=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "240472b7e47a641e9e7675f58b64d3626ca7824d",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-23.05-small",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_4": {
      "locked": {
        "lastModified": 1691693223,
        "narHash": "sha256-9t8ZY1XNAsWqxAJmXgg+GXqF5chORMVnBT6PSHaRV3I=",
@@ -631,7 +666,7 @@
        "type": "github"
      }
    },
-    "nixpkgs_4": {
+    "nixpkgs_5": {
      "locked": {
        "lastModified": 1691629382,
        "narHash": "sha256-6bil2OX12qy2CD6dLDxSTKRu6aUKRZfT/Qw3pg1050Q=",
@@ -647,7 +682,7 @@
        "type": "github"
      }
    },
-    "nixpkgs_5": {
+    "nixpkgs_6": {
      "locked": {
        "lastModified": 1691654369,
        "narHash": "sha256-gSILTEx1jRaJjwZxRlnu3ZwMn1FVNk80qlwiCX8kmpo=",
@@ -715,7 +750,8 @@
        "mysecrets": "mysecrets",
        "nix-darwin": "nix-darwin",
        "nixos-generators": "nixos-generators",
-        "nixpkgs": "nixpkgs_3",
+        "nixos-licheepi4a": "nixos-licheepi4a",
+        "nixpkgs": "nixpkgs_4",
        "nixpkgs-darwin": "nixpkgs-darwin",
        "nixpkgs-unstable": "nixpkgs-unstable",
        "nixpkgs-wayland": "nixpkgs-wayland",
@@ -738,6 +774,23 @@
        "type": "github"
      }
    },
+    "thead-kernel": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1687607314,
+        "narHash": "sha256-9R+XY18uDuMWjVzLkg4lTmxDltsvyI51qvm34SNVI4I=",
+        "owner": "revyos",
+        "repo": "thead-kernel",
+        "rev": "9c58afc7addc5a4a5deef24dfe6a4a103549d3da",
+        "type": "github"
+      },
+      "original": {
+        "owner": "revyos",
+        "ref": "lpi4a",
+        "repo": "thead-kernel",
+        "type": "github"
+      }
+    },
    "treefmt-nix": {
      "inputs": {
        "nixpkgs": [
--- a/flake.nix
+++ b/flake.nix
@@ -20,6 +20,7 @@
    nix-darwin,
    home-manager,
    nixos-generators,
+    nixos-licheepi4a,
    ...
  }: let
    username = "ryan";
@@ -28,6 +29,7 @@

    x64_system = "x86_64-linux";
    x64_darwin = "x86_64-darwin";
+    riscv64_system = "riscv64-linux";
    allSystems = [x64_system x64_darwin];

    nixosSystem = import ./lib/nixosSystem.nix;
@@ -77,6 +79,24 @@
    };
    idol_kana_tags = ["dist-build"];

+    # 森友 望未, Moritomo Nozomi
+    rolling_nozomi_modules = {
+      nixos-modules = [
+        ./hosts/rolling_girls/nozomi
+      ];
+      # home-module = import ./home/linux/server-riscv64.nix;
+    };
+    rolling_nozomi_tags = ["riscv"];
+
+    # 小坂 結季奈, Kosaka Yukina
+    rolling_yukina_modules = {
+      nixos-modules = [
+        ./hosts/rolling_girls/yukina
+      ];
+      # home-module = import ./home/linux/server-riscv64.nix;
+    };
+    rolling_yukina_tags = ["riscv"];
+
    x64_specialArgs =
      {
        inherit username userfullname useremail;
@@ -110,20 +130,47 @@

    # colmena - remote deployment via SSH
    colmena = let
-      base_args = {
+      x64_base_args = {
        inherit home-manager;
        nixpkgs = nixpkgs;  # or nixpkgs-unstable
        specialArgs = x64_specialArgs;
      };
+
+      # using the same nixpkgs as nixos-licheepi4a to utilize the cross-compilation cache.
+      lpi4a_pkgs = import nixos-licheepi4a.inputs.nixpkgs { system = x64_system; };
+      lpi4a_specialArgs = {
+        inherit username userfullname useremail;
+        pkgsKernel = nixos-licheepi4a.packages.${x64_system}.pkgsKernelCross;
+      } // inputs;
+      lpi4a_base_args = {
+        inherit home-manager;
+        nixpkgs = nixos-licheepi4a.inputs.nixpkgs;  # or nixpkgs-unstable
+        specialArgs = lpi4a_specialArgs;
+        targetUser = "root";
+      };
    in {
      meta = {
        nixpkgs = import nixpkgs { system = x64_system; };
        specialArgs = x64_specialArgs;
+
+        nodeSpecialArgs = {
+          nozomi = lpi4a_specialArgs;
+          # yukina = lpi4a_specialArgs;
+        };
+        nodeNixpkgs = {
+          nozomi = lpi4a_pkgs;
+          # yukina = lpi4a_pkgs;
+        };
      };

-      aquamarine = colemnaSystem (idol_aquamarine_modules // base_args // { host_tags = idol_aquamarine_tags; });
-      ruby = colemnaSystem (idol_ruby_modules // base_args // { host_tags = idol_ruby_tags; });
-      kana = colemnaSystem (idol_kana_modules // base_args // { host_tags = idol_kana_tags; });
+      # proxmox virtual machines(x86_64)
+      aquamarine = colemnaSystem (idol_aquamarine_modules // x64_base_args // { host_tags = idol_aquamarine_tags; });
+      ruby = colemnaSystem (idol_ruby_modules // x64_base_args // { host_tags = idol_ruby_tags; });
+      kana = colemnaSystem (idol_kana_modules // x64_base_args // { host_tags = idol_kana_tags; });
+
+      # riscv64 SBCs
+      nozomi = colemnaSystem (rolling_nozomi_modules // lpi4a_base_args // { host_tags = rolling_nozomi_tags; });
+      # yukina = colemnaSystem (rolling_yukina_modules // lpi4a_base_args // { host_tags = rolling_yukina_tags; });
    };

    # take system images for idols
@@ -253,6 +300,8 @@
      flake = false;
    };

+    nixos-licheepi4a.url = "github:ryan4yin/nixos-licheepi4a";
+
    # color scheme - catppuccin
    catppuccin-btop = {
      url = "github:catppuccin/btop";
--- a/home/linux/server-riscv64.nix
+++ b/home/linux/server-riscv64.nix
@@ -0,0 +1,24 @@
+{ username, ... }: {
+  imports = [
+  ];
+
+  # Home Manager needs a bit of information about you and the
+  # paths it should manage.
+  home = {
+    username = username;
+    homeDirectory = "/home/${username}";
+
+    # This value determines the Home Manager release that your
+    # configuration is compatible with. This helps avoid breakage
+    # when a new Home Manager release introduces backwards
+    # incompatible changes.
+    #
+    # You can update Home Manager without changing this value. See
+    # the Home Manager release notes for a list of state version
+    # changes in each release.
+    stateVersion = "23.05";
+  };
+
+  # Let Home Manager install and manage itself.
+  programs.home-manager.enable = true;
+}
--- a/hosts/README.md
+++ b/hosts/README.md
@@ -6,6 +6,10 @@
   2. `aquamarine`: My NixOS virtual machine with R9-5900HX(8C16T), for distributed building & testing.
   3. `kana`: Yet another NixOS vm on another physical machine with R5-5625U(6C12T).
   4. `ruby`: Another NixOS vm on another physical machine with R7-5825U(8C16T).
+3. `rolling_girls`: My RISCV64 hosts.
+   1. `nozomi`: Lichee Pi 4A, TH1520(4xC910@2.0G), 8GB RAM + 32G eMMC + 64G SD Card.
+   2. `yukina`: Lichee Pi 4A(Internal Test Version), TH1520(4xC910@2.0G), 8GB RAM + 8G eMMC + 128G SD Card.
+   3. `chiaya`: Milk-V Mars, JH7110(4xU74@1.5 GHz), 4G RAM + No eMMC + 64G SD Card.

 # idols - Oshi no Ko

--- a/hosts/rolling_girls/chiaya/default.nix
+++ b/hosts/rolling_girls/chiaya/default.nix
@@ -0,0 +1,69 @@
+{
+  config,
+  username,
+  # nixos-jh7110,
+  ...
+} @ args:
+#############################################################
+#
+#  Chiaya - NixOS Configuration for Milk-V Mars
+#
+#  WIP, not working yet.
+#
+#############################################################
+{
+  imports = [
+    {
+      # cross-compilation this flake.
+      nixpkgs.crossSystem = {
+        system = "riscv64-linux";
+      };
+    }
+
+    # TODO
+
+    ../../../modules/nixos/core-riscv64.nix
+    ../../../modules/nixos/user-group.nix
+  ];
+
+  users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;
+
+  # Set static IP address / gateway / DNS servers.
+  networking = {
+    hostName = "chiaya"; # Define your hostname.
+    wireless.enable = false;
+
+    # Failed to enable firewall due to the following error:
+    #   firewall-start[2300]: iptables: Failed to initialize nft: Protocol not supported
+    firewall.enable = false;
+
+    defaultGateway = "192.168.5.201";
+    nameservers = [
+      "119.29.29.29" # DNSPod
+      "223.5.5.5" # AliDNS
+    ];
+
+    # Configure network proxy if necessary
+    # proxy.default = "http://user:password@proxy:port/";
+    # proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+
+    # milkv-mars RJ45 port
+    interfaces.end0 = {
+      useDHCP = false;
+      ipv4.addresses = [
+        {
+          address = "192.168.5.106";
+          prefixLength = 24;
+        }
+      ];
+    };
+  };
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "23.05"; # Did you read the comment?
+}
--- a/hosts/rolling_girls/nozomi/default.nix
+++ b/hosts/rolling_girls/nozomi/default.nix
@@ -0,0 +1,80 @@
+{
+  config,
+  username,
+  nixos-licheepi4a,
+  ...
+} @ args:
+#############################################################
+#
+#  Nozomi - NixOS configuration for Lichee Pi 4A
+#
+#############################################################
+{
+  imports = [
+    {
+      # cross-compilation this flake.
+      nixpkgs.crossSystem = {
+        system = "riscv64-linux";
+      };
+    }
+
+    # import the licheepi4a module, which contains the configuration for bootloader/kernel/firmware
+    (nixos-licheepi4a + "/modules/licheepi4a.nix")
+    # import the sd-image module, which contains the fileSystems & kernel parameters for booting from sd card.
+    (nixos-licheepi4a + "/modules/sd-image/sd-image-lp4a.nix")
+
+    ../../../modules/nixos/core-riscv64.nix
+    ../../../modules/nixos/user-group.nix
+  ];
+
+  users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;
+
+  # Set static IP address / gateway / DNS servers.
+  networking = {
+    hostName = "nozomi"; # Define your hostname.
+    wireless.enable = false;
+
+    # Failed to enable firewall due to the following error:
+    #   firewall-start[2300]: iptables: Failed to initialize nft: Protocol not supported
+    firewall.enable = false;
+
+    defaultGateway = "192.168.5.201";
+    nameservers = [
+      "119.29.29.29" # DNSPod
+      "223.5.5.5" # AliDNS
+    ];
+
+    # Configure network proxy if necessary
+    # proxy.default = "http://user:password@proxy:port/";
+    # proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+
+    # LPI4A's first ethernet interface
+    interfaces.end0 = {
+      useDHCP = false;
+      ipv4.addresses = [
+        {
+          address = "192.168.5.104";
+          prefixLength = 24;
+        }
+      ];
+    };
+    # LPI4A's second ethernet interface
+    # interfaces.end1 = {
+    #   useDHCP = false;
+    #   ipv4.addresses = [
+    #     {
+    #       address = "192.168.xx.xx";
+    #       prefixLength = 24;
+    #     }
+    #   ];
+    # };
+  };
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "23.05"; # Did you read the comment?
+}
--- a/hosts/rolling_girls/yukina/default.nix
+++ b/hosts/rolling_girls/yukina/default.nix
@@ -0,0 +1,80 @@
+{
+  config,
+  username,
+  nixos-licheepi4a,
+  ...
+} @ args:
+#############################################################
+#
+#  Yukina - NixOS configuration for Lichee Pi 4A
+#
+#############################################################
+{
+  imports = [
+    {
+      # cross-compilation this flake.
+      nixpkgs.crossSystem = {
+        system = "riscv64-linux";
+      };
+    }
+
+    # import the licheepi4a module, which contains the configuration for bootloader/kernel/firmware
+    (nixos-licheepi4a + "/modules/licheepi4a.nix")
+    # import the sd-image module, which contains the fileSystems & kernel parameters for booting from sd card.
+    (nixos-licheepi4a + "/modules/sd-image/sd-image-lp4a.nix")
+
+    ../../../modules/nixos/core-riscv64.nix
+    ../../../modules/nixos/user-group.nix
+  ];
+
+  users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;
+
+  # Set static IP address / gateway / DNS servers.
+  networking = {
+    hostName = "yukina"; # Define your hostname.
+    wireless.enable = false;
+
+    # Failed to enable firewall due to the following error:
+    #   firewall-start[2300]: iptables: Failed to initialize nft: Protocol not supported
+    firewall.enable = false;
+
+    defaultGateway = "192.168.5.201";
+    nameservers = [
+      "119.29.29.29" # DNSPod
+      "223.5.5.5" # AliDNS
+    ];
+
+    # Configure network proxy if necessary
+    # proxy.default = "http://user:password@proxy:port/";
+    # proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+
+    # LPI4A's first ethernet interface
+    interfaces.end0 = {
+      useDHCP = false;
+      ipv4.addresses = [
+        {
+          address = "192.168.5.105";
+          prefixLength = 24;
+        }
+      ];
+    };
+    # LPI4A's second ethernet interface
+    # interfaces.end1 = {
+    #   useDHCP = false;
+    #   ipv4.addresses = [
+    #     {
+    #       address = "192.168.xx.xx";
+    #       prefixLength = 24;
+    #     }
+    #   ];
+    # };
+  };
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "23.05"; # Did you read the comment?
+}
--- a/lib/colmenaSystem.nix
+++ b/lib/colmenaSystem.nix
@@ -4,15 +4,16 @@
  home-manager,
  specialArgs,
  nixos-modules,
-  home-module,
+  home-module ? null,
  host_tags,
+  targetUser ? specialArgs.username,
 }: let
  username = specialArgs.username;
 in
  { name, nodes, ... }: {
    deployment = {
      targetHost = name;  # hostName or IP address
-      targetUser = username;
+      targetUser = targetUser;
      tags = host_tags;
    };

@@ -26,7 +27,7 @@ in
          environment.etc."nix/inputs/nixpkgs".source = "${nixpkgs}";
          nix.nixPath = ["/etc/nix/inputs"];
        }
-
+      ] ++ (if (home-module != null) then [
        home-manager.nixosModules.home-manager
        {
          home-manager.useGlobalPkgs = true;
@@ -35,5 +36,5 @@ in
          home-manager.extraSpecialArgs = specialArgs;
          home-manager.users."${username}" = home-module;
        }
-      ];
+      ] else []);
  }
--- a/modules/nixos/core-riscv64.nix
+++ b/modules/nixos/core-riscv64.nix
@@ -0,0 +1,74 @@
+{config, pkgs, nixpkgs, ...}: {
+
+  # =========================================================================
+  #      Base NixOS Configuration
+  # =========================================================================
+
+  # Set your time zone.
+  time.timeZone = "Asia/Shanghai";
+
+  # Select internationalisation properties.
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  nix.settings = {
+    # Manual optimise storage: nix-store --optimise
+    # https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-auto-optimise-store
+    auto-optimise-store = true;
+    builders-use-substitutes = true;
+    # enable flakes globally
+    experimental-features = ["nix-command" "flakes"];
+  };
+
+  # List packages installed in system profile. To search, run:
+  # $ nix search wget
+  #
+  # TODO feel free to add or remove packages here.
+  environment.systemPackages = with pkgs; [
+    neovim
+
+    # networking
+    mtr      # A network diagnostic tool
+    iperf3   # A tool for measuring TCP and UDP bandwidth performance
+    nmap     # A utility for network discovery and security auditing
+    ldns     # replacement of dig, it provide the command `drill`
+    socat    # replacement of openbsd-netcat
+    tcpdump  # A powerful command-line packet analyzer
+
+    # archives
+    zip
+    xz
+    unzip
+    p7zip
+    zstd
+    gnutar
+
+    # misc
+    file
+    which
+    tree
+    gnused
+    gawk
+    tmux
+    docker-compose
+  ];
+
+  # replace default editor with neovim
+  environment.variables.EDITOR = "nvim";
+
+  virtualisation.docker = {
+    enable = true;
+    # start dockerd on boot.
+    # This is required for containers which are created with the `--restart=always` flag to work.
+    enableOnBoot = true;
+  };
+
+  services.openssh = {
+    enable = true;
+    settings = {
+      X11Forwarding = true;
+      PermitRootLogin = "prohibit-password";  # disable root login with password
+      PasswordAuthentication = false; # disable password login
+    };
+    openFirewall = true;
+  };
+}
--- a/modules/nixos/remote-building.nix
+++ b/modules/nixos/remote-building.nix
@@ -73,6 +73,7 @@
  # define the host alias for remote builders
  # this config will be written to /etc/ssh/ssh_config
  programs.ssh.extraConfig = ''
+    # idols
    Host ai
      HostName 192.168.5.100
      Port 22
@@ -88,6 +89,19 @@
    Host kana
      HostName 192.168.5.103
      Port 22
+
+    # rolling girls
+    Host nozomi
+      HostName 192.168.5.104
+      Port 22
+
+    Host yukina
+      HostName 192.168.5.105
+      Port 22
+
+    Host chiaya
+      HostName 192.168.5.106
+      Port 22
  '';

  # define the host key for remote builders so that nix can verify all the remote builders