starred/nix-config
1
0
Fork 0
mirror of https://github.com/ryan4yin/nix-config.git synced 2026-04-25 02:08:29 +02:00
Code Issues Packages Projects Releases 10 Wiki Activity

feat: add riscv64 cluster - rolling girls

Browse Source
This commit is contained in:
Ryan Yin
2023-08-16 01:22:15 +08:00
parent f682523804
commit f5c1148c94
11 changed files with 471 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
Makefile
View File

@@ -68,7 +68,10 @@ add-idols-ssh-key:
ssh-add ~/.ssh/ai-idols ssh-add ~/.ssh/ai-idols
idols: add-idols-ssh-key idols: add-idols-ssh-key
colmena apply --on '@dist-build' --show-trace colmena apply --on '@dist-build'
idols-debug: add-idols-ssh-key
colmena apply --on '@dist-build' --verbose --show-trace
# only used once to setup the virtual machines # only used once to setup the virtual machines
idols-image: idols-image:
@@ -82,6 +85,12 @@ idols-image:
nom build .#kana nom build .#kana
scp result root@um560:/var/lib/vz/dump/vzdump-qemu-kana.vma.zst scp result root@um560:/var/lib/vz/dump/vzdump-qemu-kana.vma.zst
roll: add-idols-ssh-key
colmena apply --on '@riscv'
roll-debug: add-idols-ssh-key
colmena apply --on '@dist-build' --verbose --show-trace
############################################################################ ############################################################################
# #

63
flake.lock generated
View File

@@ -461,7 +461,7 @@
"nix-eval-jobs": { "nix-eval-jobs": {
"inputs": { "inputs": {
"flake-parts": "flake-parts_2", "flake-parts": "flake-parts_2",
"nixpkgs": "nixpkgs_4", "nixpkgs": "nixpkgs_5",
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
@@ -514,6 +514,25 @@
"type": "github" "type": "github"
} }
}, },
"nixos-licheepi4a": {
"inputs": {
"nixpkgs": "nixpkgs_3",
"thead-kernel": "thead-kernel"
},
"locked": {
"lastModified": 1692112611,
"narHash": "sha256-dJMd6drX1EISxlrPOdl50cHS2PKkDaEgpq8f3b3wVnA=",
"owner": "ryan4yin",
"repo": "nixos-licheepi4a",
"rev": "d7775148caf626c19fea91c52c5d95140f60e917",
"type": "github"
},
"original": {
"owner": "ryan4yin",
"repo": "nixos-licheepi4a",
"type": "github"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1677676435, "lastModified": 1677676435,
@@ -582,7 +601,7 @@
"flake-compat": "flake-compat", "flake-compat": "flake-compat",
"lib-aggregate": "lib-aggregate", "lib-aggregate": "lib-aggregate",
"nix-eval-jobs": "nix-eval-jobs", "nix-eval-jobs": "nix-eval-jobs",
"nixpkgs": "nixpkgs_5", "nixpkgs": "nixpkgs_6",
"nixpkgs_sirula": "nixpkgs_sirula" "nixpkgs_sirula": "nixpkgs_sirula"
}, },
"locked": { "locked": {
@@ -616,6 +635,22 @@
} }
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": {
"lastModified": 1691280485,
"narHash": "sha256-/8Ct9092OC1TTNzHgbcE9ejQdS2QxZYGqrWXEwUxdtQ=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "240472b7e47a641e9e7675f58b64d3626ca7824d",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-23.05-small",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": { "locked": {
"lastModified": 1691693223, "lastModified": 1691693223,
"narHash": "sha256-9t8ZY1XNAsWqxAJmXgg+GXqF5chORMVnBT6PSHaRV3I=", "narHash": "sha256-9t8ZY1XNAsWqxAJmXgg+GXqF5chORMVnBT6PSHaRV3I=",
@@ -631,7 +666,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_4": { "nixpkgs_5": {
"locked": { "locked": {
"lastModified": 1691629382, "lastModified": 1691629382,
"narHash": "sha256-6bil2OX12qy2CD6dLDxSTKRu6aUKRZfT/Qw3pg1050Q=", "narHash": "sha256-6bil2OX12qy2CD6dLDxSTKRu6aUKRZfT/Qw3pg1050Q=",
@@ -647,7 +682,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_5": { "nixpkgs_6": {
"locked": { "locked": {
"lastModified": 1691654369, "lastModified": 1691654369,
"narHash": "sha256-gSILTEx1jRaJjwZxRlnu3ZwMn1FVNk80qlwiCX8kmpo=", "narHash": "sha256-gSILTEx1jRaJjwZxRlnu3ZwMn1FVNk80qlwiCX8kmpo=",
@@ -715,7 +750,8 @@
"mysecrets": "mysecrets", "mysecrets": "mysecrets",
"nix-darwin": "nix-darwin", "nix-darwin": "nix-darwin",
"nixos-generators": "nixos-generators", "nixos-generators": "nixos-generators",
"nixpkgs": "nixpkgs_3", "nixos-licheepi4a": "nixos-licheepi4a",
"nixpkgs": "nixpkgs_4",
"nixpkgs-darwin": "nixpkgs-darwin", "nixpkgs-darwin": "nixpkgs-darwin",
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable",
"nixpkgs-wayland": "nixpkgs-wayland", "nixpkgs-wayland": "nixpkgs-wayland",
@@ -738,6 +774,23 @@
"type": "github" "type": "github"
} }
}, },
"thead-kernel": {
"flake": false,
"locked": {
"lastModified": 1687607314,
"narHash": "sha256-9R+XY18uDuMWjVzLkg4lTmxDltsvyI51qvm34SNVI4I=",
"owner": "revyos",
"repo": "thead-kernel",
"rev": "9c58afc7addc5a4a5deef24dfe6a4a103549d3da",
"type": "github"
},
"original": {
"owner": "revyos",
"ref": "lpi4a",
"repo": "thead-kernel",
"type": "github"
}
},
"treefmt-nix": { "treefmt-nix": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [

57
flake.nix
View File

@@ -20,6 +20,7 @@
nix-darwin, nix-darwin,
home-manager, home-manager,
nixos-generators, nixos-generators,
nixos-licheepi4a,
... ...
}: let }: let
username = "ryan"; username = "ryan";
@@ -28,6 +29,7 @@
x64_system = "x86_64-linux"; x64_system = "x86_64-linux";
x64_darwin = "x86_64-darwin"; x64_darwin = "x86_64-darwin";
riscv64_system = "riscv64-linux";
allSystems = [x64_system x64_darwin]; allSystems = [x64_system x64_darwin];
nixosSystem = import ./lib/nixosSystem.nix; nixosSystem = import ./lib/nixosSystem.nix;
@@ -77,6 +79,24 @@
}; };
idol_kana_tags = ["dist-build"]; idol_kana_tags = ["dist-build"];
# 森友 望未, Moritomo Nozomi
rolling_nozomi_modules = {
nixos-modules = [
./hosts/rolling_girls/nozomi
];
# home-module = import ./home/linux/server-riscv64.nix;
};
rolling_nozomi_tags = ["riscv"];
# 小坂 結季奈, Kosaka Yukina
rolling_yukina_modules = {
nixos-modules = [
./hosts/rolling_girls/yukina
];
# home-module = import ./home/linux/server-riscv64.nix;
};
rolling_yukina_tags = ["riscv"];
x64_specialArgs = x64_specialArgs =
{ {
inherit username userfullname useremail; inherit username userfullname useremail;
@@ -110,20 +130,47 @@
# colmena - remote deployment via SSH # colmena - remote deployment via SSH
colmena = let colmena = let
base_args = { x64_base_args = {
inherit home-manager; inherit home-manager;
nixpkgs = nixpkgs; # or nixpkgs-unstable nixpkgs = nixpkgs; # or nixpkgs-unstable
specialArgs = x64_specialArgs; specialArgs = x64_specialArgs;
}; };
# using the same nixpkgs as nixos-licheepi4a to utilize the cross-compilation cache.
lpi4a_pkgs = import nixos-licheepi4a.inputs.nixpkgs { system = x64_system; };
lpi4a_specialArgs = {
inherit username userfullname useremail;
pkgsKernel = nixos-licheepi4a.packages.${x64_system}.pkgsKernelCross;
} // inputs;
lpi4a_base_args = {
inherit home-manager;
nixpkgs = nixos-licheepi4a.inputs.nixpkgs; # or nixpkgs-unstable
specialArgs = lpi4a_specialArgs;
targetUser = "root";
};
in { in {
meta = { meta = {
nixpkgs = import nixpkgs { system = x64_system; }; nixpkgs = import nixpkgs { system = x64_system; };
specialArgs = x64_specialArgs; specialArgs = x64_specialArgs;
nodeSpecialArgs = {
nozomi = lpi4a_specialArgs;
# yukina = lpi4a_specialArgs;
};
nodeNixpkgs = {
nozomi = lpi4a_pkgs;
# yukina = lpi4a_pkgs;
};
}; };
aquamarine = colemnaSystem (idol_aquamarine_modules // base_args // { host_tags = idol_aquamarine_tags; }); # proxmox virtual machines(x86_64)
ruby = colemnaSystem (idol_ruby_modules // base_args // { host_tags = idol_ruby_tags; }); aquamarine = colemnaSystem (idol_aquamarine_modules // x64_base_args // { host_tags = idol_aquamarine_tags; });
kana = colemnaSystem (idol_kana_modules // base_args // { host_tags = idol_kana_tags; }); ruby = colemnaSystem (idol_ruby_modules // x64_base_args // { host_tags = idol_ruby_tags; });
kana = colemnaSystem (idol_kana_modules // x64_base_args // { host_tags = idol_kana_tags; });
# riscv64 SBCs
nozomi = colemnaSystem (rolling_nozomi_modules // lpi4a_base_args // { host_tags = rolling_nozomi_tags; });
# yukina = colemnaSystem (rolling_yukina_modules // lpi4a_base_args // { host_tags = rolling_yukina_tags; });
}; };
# take system images for idols # take system images for idols
@@ -253,6 +300,8 @@
flake = false; flake = false;
}; };
nixos-licheepi4a.url = "github:ryan4yin/nixos-licheepi4a";
# color scheme - catppuccin # color scheme - catppuccin
catppuccin-btop = { catppuccin-btop = {
url = "github:catppuccin/btop"; url = "github:catppuccin/btop";

24
home/linux/server-riscv64.nix Normal file
View File

@@ -0,0 +1,24 @@
{ username, ... }: {
imports = [
];
# Home Manager needs a bit of information about you and the
# paths it should manage.
home = {
username = username;
homeDirectory = "/home/${username}";
# This value determines the Home Manager release that your
# configuration is compatible with. This helps avoid breakage
# when a new Home Manager release introduces backwards
# incompatible changes.
#
# You can update Home Manager without changing this value. See
# the Home Manager release notes for a list of state version
# changes in each release.
stateVersion = "23.05";
};
# Let Home Manager install and manage itself.
programs.home-manager.enable = true;
}

4
hosts/README.md
View File

@@ -6,6 +6,10 @@
2. `aquamarine`: My NixOS virtual machine with R9-5900HX(8C16T), for distributed building & testing. 2. `aquamarine`: My NixOS virtual machine with R9-5900HX(8C16T), for distributed building & testing.
3. `kana`: Yet another NixOS vm on another physical machine with R5-5625U(6C12T). 3. `kana`: Yet another NixOS vm on another physical machine with R5-5625U(6C12T).
4. `ruby`: Another NixOS vm on another physical machine with R7-5825U(8C16T). 4. `ruby`: Another NixOS vm on another physical machine with R7-5825U(8C16T).
3. `rolling_girls`: My RISCV64 hosts.
1. `nozomi`: Lichee Pi 4A, TH1520(4xC910@2.0G), 8GB RAM + 32G eMMC + 64G SD Card.
2. `yukina`: Lichee Pi 4A(Internal Test Version), TH1520(4xC910@2.0G), 8GB RAM + 8G eMMC + 128G SD Card.
3. `chiaya`: Milk-V Mars, JH7110(4xU74@1.5 GHz), 4G RAM + No eMMC + 64G SD Card.
# idols - Oshi no Ko # idols - Oshi no Ko

69
hosts/rolling_girls/chiaya/default.nix Normal file
View File

@@ -0,0 +1,69 @@
{
config,
username,
# nixos-jh7110,
...
} @ args:
#############################################################
#
# Chiaya - NixOS Configuration for Milk-V Mars
#
# WIP, not working yet.
#
#############################################################
{
imports = [
{
# cross-compilation this flake.
nixpkgs.crossSystem = {
system = "riscv64-linux";
};
}
# TODO
../../../modules/nixos/core-riscv64.nix
../../../modules/nixos/user-group.nix
];
users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;
# Set static IP address / gateway / DNS servers.
networking = {
hostName = "chiaya"; # Define your hostname.
wireless.enable = false;
# Failed to enable firewall due to the following error:
# firewall-start[2300]: iptables: Failed to initialize nft: Protocol not supported
firewall.enable = false;
defaultGateway = "192.168.5.201";
nameservers = [
"119.29.29.29" # DNSPod
"223.5.5.5" # AliDNS
];
# Configure network proxy if necessary
# proxy.default = "http://user:password@proxy:port/";
# proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# milkv-mars RJ45 port
interfaces.end0 = {
useDHCP = false;
ipv4.addresses = [
{
address = "192.168.5.106";
prefixLength = 24;
}
];
};
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}

80
hosts/rolling_girls/nozomi/default.nix Normal file
View File

@@ -0,0 +1,80 @@
{
config,
username,
nixos-licheepi4a,
...
} @ args:
#############################################################
#
# Nozomi - NixOS configuration for Lichee Pi 4A
#
#############################################################
{
imports = [
{
# cross-compilation this flake.
nixpkgs.crossSystem = {
system = "riscv64-linux";
};
}
# import the licheepi4a module, which contains the configuration for bootloader/kernel/firmware
(nixos-licheepi4a + "/modules/licheepi4a.nix")
# import the sd-image module, which contains the fileSystems & kernel parameters for booting from sd card.
(nixos-licheepi4a + "/modules/sd-image/sd-image-lp4a.nix")
../../../modules/nixos/core-riscv64.nix
../../../modules/nixos/user-group.nix
];
users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;
# Set static IP address / gateway / DNS servers.
networking = {
hostName = "nozomi"; # Define your hostname.
wireless.enable = false;
# Failed to enable firewall due to the following error:
# firewall-start[2300]: iptables: Failed to initialize nft: Protocol not supported
firewall.enable = false;
defaultGateway = "192.168.5.201";
nameservers = [
"119.29.29.29" # DNSPod
"223.5.5.5" # AliDNS
];
# Configure network proxy if necessary
# proxy.default = "http://user:password@proxy:port/";
# proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# LPI4A's first ethernet interface
interfaces.end0 = {
useDHCP = false;
ipv4.addresses = [
{
address = "192.168.5.104";
prefixLength = 24;
}
];
};
# LPI4A's second ethernet interface
# interfaces.end1 = {
# useDHCP = false;
# ipv4.addresses = [
# {
# address = "192.168.xx.xx";
# prefixLength = 24;
# }
# ];
# };
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}

80
hosts/rolling_girls/yukina/default.nix Normal file
View File

@@ -0,0 +1,80 @@
{
config,
username,
nixos-licheepi4a,
...
} @ args:
#############################################################
#
# Yukina - NixOS configuration for Lichee Pi 4A
#
#############################################################
{
imports = [
{
# cross-compilation this flake.
nixpkgs.crossSystem = {
system = "riscv64-linux";
};
}
# import the licheepi4a module, which contains the configuration for bootloader/kernel/firmware
(nixos-licheepi4a + "/modules/licheepi4a.nix")
# import the sd-image module, which contains the fileSystems & kernel parameters for booting from sd card.
(nixos-licheepi4a + "/modules/sd-image/sd-image-lp4a.nix")
../../../modules/nixos/core-riscv64.nix
../../../modules/nixos/user-group.nix
];
users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;
# Set static IP address / gateway / DNS servers.
networking = {
hostName = "yukina"; # Define your hostname.
wireless.enable = false;
# Failed to enable firewall due to the following error:
# firewall-start[2300]: iptables: Failed to initialize nft: Protocol not supported
firewall.enable = false;
defaultGateway = "192.168.5.201";
nameservers = [
"119.29.29.29" # DNSPod
"223.5.5.5" # AliDNS
];
# Configure network proxy if necessary
# proxy.default = "http://user:password@proxy:port/";
# proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# LPI4A's first ethernet interface
interfaces.end0 = {
useDHCP = false;
ipv4.addresses = [
{
address = "192.168.5.105";
prefixLength = 24;
}
];
};
# LPI4A's second ethernet interface
# interfaces.end1 = {
# useDHCP = false;
# ipv4.addresses = [
# {
# address = "192.168.xx.xx";
# prefixLength = 24;
# }
# ];
# };
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}

9
lib/colmenaSystem.nix
View File

@@ -4,15 +4,16 @@
home-manager, home-manager,
specialArgs, specialArgs,
nixos-modules, nixos-modules,
home-module, home-module ? null,
host_tags, host_tags,
targetUser ? specialArgs.username,
}: let }: let
username = specialArgs.username; username = specialArgs.username;
in in
{ name, nodes, ... }: { { name, nodes, ... }: {
deployment = { deployment = {
targetHost = name; # hostName or IP address targetHost = name; # hostName or IP address
targetUser = username; targetUser = targetUser;
tags = host_tags; tags = host_tags;
}; };
@@ -26,7 +27,7 @@ in
environment.etc."nix/inputs/nixpkgs".source = "${nixpkgs}"; environment.etc."nix/inputs/nixpkgs".source = "${nixpkgs}";
nix.nixPath = ["/etc/nix/inputs"]; nix.nixPath = ["/etc/nix/inputs"];
} }
] ++ (if (home-module != null) then [
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;
@@ -35,5 +36,5 @@ in
home-manager.extraSpecialArgs = specialArgs; home-manager.extraSpecialArgs = specialArgs;
home-manager.users."${username}" = home-module; home-manager.users."${username}" = home-module;
} }
]; ] else []);
} }

74
modules/nixos/core-riscv64.nix Normal file
View File

@@ -0,0 +1,74 @@
{config, pkgs, nixpkgs, ...}: {
# =========================================================================
# Base NixOS Configuration
# =========================================================================
# Set your time zone.
time.timeZone = "Asia/Shanghai";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
nix.settings = {
# Manual optimise storage: nix-store --optimise
# https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-auto-optimise-store
auto-optimise-store = true;
builders-use-substitutes = true;
# enable flakes globally
experimental-features = ["nix-command" "flakes"];
};
# List packages installed in system profile. To search, run:
# $ nix search wget
#
# TODO feel free to add or remove packages here.
environment.systemPackages = with pkgs; [
neovim
# networking
mtr # A network diagnostic tool
iperf3 # A tool for measuring TCP and UDP bandwidth performance
nmap # A utility for network discovery and security auditing
ldns # replacement of dig, it provide the command `drill`
socat # replacement of openbsd-netcat
tcpdump # A powerful command-line packet analyzer
# archives
zip
xz
unzip
p7zip
zstd
gnutar
# misc
file
which
tree
gnused
gawk
tmux
docker-compose
];
# replace default editor with neovim
environment.variables.EDITOR = "nvim";
virtualisation.docker = {
enable = true;
# start dockerd on boot.
# This is required for containers which are created with the `--restart=always` flag to work.
enableOnBoot = true;
};
services.openssh = {
enable = true;
settings = {
X11Forwarding = true;
PermitRootLogin = "prohibit-password"; # disable root login with password
PasswordAuthentication = false; # disable password login
};
openFirewall = true;
};
}

14
modules/nixos/remote-building.nix
View File

@@ -73,6 +73,7 @@
# define the host alias for remote builders # define the host alias for remote builders
# this config will be written to /etc/ssh/ssh_config # this config will be written to /etc/ssh/ssh_config
programs.ssh.extraConfig = '' programs.ssh.extraConfig = ''
# idols
Host ai Host ai
HostName 192.168.5.100 HostName 192.168.5.100
Port 22 Port 22
@@ -88,6 +89,19 @@
Host kana Host kana
HostName 192.168.5.103 HostName 192.168.5.103
Port 22 Port 22
# rolling girls
Host nozomi
HostName 192.168.5.104
Port 22
Host yukina
HostName 192.168.5.105
Port 22
Host chiaya
HostName 192.168.5.106
Port 22
''; '';
# define the host key for remote builders so that nix can verify all the remote builders # define the host key for remote builders so that nix can verify all the remote builders