diff --git a/.sops.yaml b/.sops.yaml index b3421b9f..b6cdd94a 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -11,6 +11,7 @@ keys: # cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age - &pi3b age1yjgswvexp0x0de0sw4u6hamruzeluxccmx2enxazl6pwhhsr2s9qlxdemq - &pcvm age1jmu4jym0e0xkq5shx2g7ef4xzre94vaxy2n4fcn0kp94dtlupdxqkzyyp7 - &srv1-node0 age1nzetyehldf3gl6pr6mu5d2cv387p8wjqn6wfpll7a3sl8us6n38s0ds633 + - &srv1-node1 age1wj33xt8nj7rhnsenepsf6k3lmq5vk4wn84jwr55qy9cwu05xn5cspg3h7t creation_rules: - path_regex: devices/pc/.*$ key_groups: @@ -67,3 +68,8 @@ creation_rules: - age: - *chn - *srv1-node0 + - path_regex: devices/srv1/node1/.*$ + key_groups: + - age: + - *chn + - *srv1-node1 diff --git a/devices/srv1/node0/default.nix b/devices/srv1/node0/default.nix index fc4775a3..cdec216a 100644 --- a/devices/srv1/node0/default.nix +++ b/devices/srv1/node0/default.nix @@ -13,6 +13,7 @@ inputs: eno145 = { ip = "192.168.1.10"; mask = 24; gateway = "192.168.1.1"; }; eno146 = { ip = "192.168.178.1"; mask = 24; }; }; + cluster.nodeType = "master"; }; services = { @@ -32,7 +33,6 @@ inputs: memoryMB = 122880; }; }; - system.cluster.nodeType = "master"; }; }; } diff --git a/devices/srv1/node1/default.nix b/devices/srv1/node1/default.nix new file mode 100644 index 00000000..98e2a56f --- /dev/null +++ b/devices/srv1/node1/default.nix @@ -0,0 +1,39 @@ +inputs: +{ + config = + { + nixos = + { + system = + { + nixpkgs.march = "broadwell"; + networking.networkd.static = + { + eno1 = { ip = "192.168.1.11"; mask = 24; gateway = "192.168.1.1"; }; + eno2 = { ip = "192.168.178.2"; mask = 24; gateway = "192.168.178.1"; }; + }; + cluster.nodeType = "worker"; + }; + services = + { + beesd.instances.root = { device = "/"; hashTableSizeMB = 256; threads = 4; }; + # slurm = + # { + # enable = true; + # cpu = { sockets = 4; cores = 8; threads = 2; mpiThreads = 4; openmpThreads = 8; }; + # memoryMB = 30720; + # }; + }; + packages = + { + vasp = null; + packages._packages = [(inputs.pkgs.runCommand "master-system" {} + '' + mkdir -p $out/share + ln -s ${inputs.topInputs.self.nixosConfigurations.srv1-node0.config.system.build.toplevel} \ + $out/share/master-system + '')]; + }; + }; + }; +} diff --git a/devices/srv1/node1/secrets/default.yaml b/devices/srv1/node1/secrets/default.yaml new file mode 100644 index 00000000..f17069b8 --- /dev/null +++ b/devices/srv1/node1/secrets/default.yaml @@ -0,0 +1,30 @@ +hello: ENC[AES256_GCM,data:wA==,iv:kLAdTomvGSJRmZiO916Ort8crRCp05vlSamVMJ/gLbU=,tag:QTxIe+dhLWVljw9Svuu7Tg==,type:int] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age19ax6vm3pv8rph5tq3mmehd9sy9jk823tw8svsd790r0lkslycquqvlwz9m + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvaHcyMnpWRTAwRzJ0MTFi + elk3QXNqdXQ2MEttNXhBOGF1Vlk5cW12YTM4ClRkUm5zUUo5NjVrNnBlSFFPOVVR + V3VxVWZQQ0VvTm9KZ2Y1L3BpRkFDTjgKLS0tIDJadStsQ1Vya0FMa21Da3ZhUDVN + RVVTQXY2NkdzbVFLY1pYYTRLSGM5WDgKbFabN/iH2YDJaSXdm+7EebKS/As1zH43 + HjUp2LHN85/WQEx3VheZRGJBwpNn/Tdunhm0yTdNA1jpzQnO9bIMXg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1wj33xt8nj7rhnsenepsf6k3lmq5vk4wn84jwr55qy9cwu05xn5cspg3h7t + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1TTlxNWhMS0dJbkZRSWsv + MitoM1NicmJzbVJBZnhUbnlJejBWVzU1TmpnCkxrVEs2eEE5VnVDN0NNaFZ0b3M0 + SXFmc2JxblAvN29Eb2ZrR1llZkp6cmMKLS0tIGdQMjNIRXY2UGIxdGk2Q2V1MXJO + R1BkT1hoSWo1RlJnU0pCdTFYbDFoZmMKKF7cND1jSo+neTTJ+GwW4T0RTOX9mbME + 58wjAtkrKSD2vDFMQ/vtPNiohAt6RMdClLVm50yh7Oh961YmvJYnbA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-09-16T03:04:24Z" + mac: ENC[AES256_GCM,data:2uq4QvP4l+WvV5G1FOj9nNmC9ZRvJcLUsLU0/Wrh7b6f+30g0lkw5M/WtHFd9CjrfB1O98Cvm3Y3ABsSTue5OLuAjACc+Jz5wvRbuLkWRNRU4HNdaAJIzN5Fqd6w+SR8vzLCe+NTcDlhEjdD0zcrRGD4+aM/cnn228sCTtRw1JY=,iv:MhHsNC/VJVPI8LVN9xuY4JZFlinuDI3C3Igo/O9/gbs=,tag:4jIbeOwspn7yZCrn8xKVrA==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.0 diff --git a/devices/srv1/node1/secrets/munge.key b/devices/srv1/node1/secrets/munge.key new file mode 100644 index 00000000..1e15674b --- /dev/null +++ b/devices/srv1/node1/secrets/munge.key @@ -0,0 +1,24 @@ +{ + "data": "ENC[AES256_GCM,data:GHsftJ/b50XSTy3wCX/ms8iGhs7oQMrqw5R+7PxrjAm/VzcYJbAQjYButIeNYB2/r87IGKDEMAskowocqyuhamTZS9n6eElDBZrEoUXc9J/lZvXrNqBa2pDsR5a58X6Paj2kMn8Ke9M3vwHcgniEgZtC2h5u6VwbgPMZniqYT5w=,iv:KhGKrf0tXdLb0sWc6kB9lXjj9jOU+wsy76xGFRmwdz8=,tag:s+NBphi1n00GflKqujZcfA==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19ax6vm3pv8rph5tq3mmehd9sy9jk823tw8svsd790r0lkslycquqvlwz9m", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPYWdxSzIrQzRaVnh3K292\nVGkwdWUxanpQbEllWlNvaHBoQ2VYR2pXcVZVCk14ZmxlK1pSWnpCZC8yaE84b1Ew\nNTJUTDErTUVxZzBqdGFORDc1TEo0REkKLS0tIFZJeFIvd3BDOGkwenMrWlAyVHdh\nTzRHNU02RWY4clJ4dk1IV3R4c0VTd2cKeX/tLKOnkbcAhkgCY+T4XWBgc7eUFecn\nfqd6Kxfg6P75OT6Z4ACKsHDGznGk8fYk+Ms67MSCGzr1HXaR14/eVQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1wj33xt8nj7rhnsenepsf6k3lmq5vk4wn84jwr55qy9cwu05xn5cspg3h7t", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxODlXSGpsYk5BZ1piSUhX\nUnlTQXpycmV3YlhLM01SMXZ2ZzFXWEU5MVNZCnVUNFRUTTVNaWVUZWY4dklFMmhW\nWUc1azJFNGJTZFVlRkdSZEd0eUozbk0KLS0tIDhUTFE3cHpFblZTa056R0lscHR4\nSXpoT2QrOU9mcDV2ZjR1bjV4cHZCdXMKyVyxBRY9oyhfj0ZMVRtjf8TT0qRJULwN\nosghj6bPqOFl3C9zBne1Xn/2mOj5lkMZP6MAMPtaW8nvsf/LkZx/Hg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2024-09-16T03:08:59Z", + "mac": "ENC[AES256_GCM,data:SjmuJVeJsamHE7Yv5Lvoyjp0CysTo3K1nyJgPI7KKp21H8Xq59g9/zbth4pCdIMHyt43MNUXFkhYD/Ox9ySoDEi2pr7H2kM9fcFM0W/ObM/gm/lt5jTLzzS+OkKys+Yw/WA2nIStSNq7rAb/SKFbHvj1P9YBsJxlOnBzTW7uu8g=,iv:tNjnqRX1D+vY8w7RxZzo+HdfjK9pXJpB5MKnb7EyUXk=,tag:PuLU5zmUH14ZxuTUPIz20Q==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.9.0" + } +} \ No newline at end of file diff --git a/flake/nixos.nix b/flake/nixos.nix index 64ab8012..15cb1c5f 100644 --- a/flake/nixos.nix +++ b/flake/nixos.nix @@ -47,5 +47,5 @@ builtins.listToAttrs ]; }; }) - [ "node0" "node3" ]) + [ "node0" "node1" "node3" ]) )