mirror of
https://github.com/CHN-beta/nixos.git
synced 2026-01-13 00:19:24 +08:00
Compare commits
30 Commits
test-nvidi
...
vps6
| Author | SHA1 | Date | |
|---|---|---|---|
| b201a19c75 | |||
| 1854e294cf | |||
| b45a9c7a62 | |||
| 858f4c68aa | |||
| 37e6d70561 | |||
| f101038f4a | |||
| 412fac9692 | |||
| 4c7d17f001 | |||
| e8d80daee2 | |||
| 8aeb290d0f | |||
| 0f37c886a4 | |||
| 5940da526d | |||
| df2ac86e1a | |||
| 8bf7e2cb30 | |||
| 96f7056d16 | |||
| 5cc40727db | |||
| c4f8e5f61c | |||
| 03be19da5a | |||
| 7657fe3d14 | |||
| 9fee2a8e2a | |||
| db1e825cd6 | |||
| 670126ba0c | |||
| 92ddf86df1 | |||
| bd12de34b7 | |||
| a7b0906488 | |||
| 0ce31201a9 | |||
| 58d927b648 | |||
| 5efee599f7 | |||
| 2c833934e7 | |||
| c5dc456c35 |
@@ -146,14 +146,12 @@ inputs:
|
||||
boot.kernelParams =
|
||||
[
|
||||
"acpi_osi=!" ''acpi_osi="Windows 2015"''
|
||||
"mt7921e.disable_aspm=y" # 避免休眠恢复后无wifi
|
||||
"mt7921e.disable_aspm=y" # 避免休眠恢复后无 wifi,似乎有时还是有问题
|
||||
"amdgpu.sg_display=0" # 混合模式下避免外接屏幕闪烁,和内置外接屏幕延迟
|
||||
"acpi.ec_no_wakeup" # 睡眠时避免开盖唤醒
|
||||
"nvidia.NVreg_EnableGpuFirmware=0"
|
||||
"acpi.ec_no_wakeup" # 睡眠时避免开盖唤醒,似乎没有用
|
||||
];
|
||||
# 禁止鼠标等在睡眠时唤醒
|
||||
systemd.tmpfiles.rules = builtins.map (dev: "w+ /proc/acpi/wakeup - - - - ${dev}")
|
||||
[ "GPP0" "GPP1" "GPP2" "GPP3" "GPP5" "GP17" "XHC0" "XHC1" "XHC2" ] ;
|
||||
services.udev.extraRules = ''ACTION=="add", ATTR{power/wakeup}="disabled"'';
|
||||
networking.extraHosts = "74.211.99.69 mirism.one beta.mirism.one ng01.mirism.one";
|
||||
services.colord.enable = true;
|
||||
environment.persistence."/nix/archive" =
|
||||
@@ -163,7 +161,6 @@ inputs:
|
||||
(dir: { directory = "repo/${dir}"; user = "chn"; group = "chn"; mode = "0755"; })
|
||||
[ "lammps-SiC" "BPD-paper" "kurumi-asmr" "linwei-stuff" "BPD-paper-old" ];
|
||||
};
|
||||
hardware.nvidia.open = inputs.lib.mkForce false;
|
||||
specialisation =
|
||||
{
|
||||
nvidia.configuration =
|
||||
@@ -175,6 +172,11 @@ inputs:
|
||||
};
|
||||
system.nixos.tags = [ "nvidia" ];
|
||||
};
|
||||
xanmod.configuration =
|
||||
{
|
||||
nixos.system.kernel.variant = inputs.lib.mkForce "xanmod-latest";
|
||||
system.nixos.tags = [ "xanmod" ];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
@@ -30,13 +30,13 @@ inputs:
|
||||
nix.substituters = [ "https://cache.nixos.org/" "https://nix-store.chn.moe" ];
|
||||
initrd.sshd.enable = true;
|
||||
networking = { hostname = "vps6"; networkd = {}; };
|
||||
kernel.variant = "cachyos-server";
|
||||
# do not use cachyos kernel, beesd + cachyos kernel + heavy io = system freeze, not sure why
|
||||
};
|
||||
services =
|
||||
{
|
||||
snapper.enable = true;
|
||||
sshd = {};
|
||||
xray.server = { serverName = "vps6.xserver.chn.moe"; userNumber = 18; };
|
||||
xray.server = { serverName = "vps6.xserver.chn.moe"; userNumber = 20; };
|
||||
frpServer = { enable = true; serverName = "frp.chn.moe"; };
|
||||
nginx =
|
||||
{
|
||||
|
||||
@@ -40,6 +40,10 @@ xray-server:
|
||||
user16: ENC[AES256_GCM,data:fo6KJXlPDn7+FmxjEJQo9d79rDYemLFx6LanYZcJpKJR7Gxq,iv:yEUKPNZ9idrSqyVO9fhksP/7bjPMT/LzNK2VSq503/c=,tag:M87D44SIo9JzDB3ZyKu7fA==,type:str]
|
||||
#ENC[AES256_GCM,data:/Kec+CdtnT11EA==,iv:DnmbWfgriaE6XAnMqq2UXhHhN+Rd/3YRodKVUCJo6p4=,tag:NimqZpbslKxwzoljaZqEdw==,type:comment]
|
||||
user17: ENC[AES256_GCM,data:gQInIcNFxJuCSsMDGq4yTp5JdMMmJRy1tY3PGLoLuuIXWV0a,iv:ya4n9Z7T9/bxeHqi5QqwJprEzDMsT6X0BuEXRS67wWk=,tag:RcjQfAHv8uc3PgN5c4bySA==,type:str]
|
||||
#ENC[AES256_GCM,data:h7E4P6BiGjktYg==,iv:DhkK3NNppBqo3sXt9U7kbgfaBPYcSEX2hu6VOAesDiE=,tag:XoVbZklwCmU1EBhv0ujcSw==,type:comment]
|
||||
user18: ENC[AES256_GCM,data:dssxPEv8srXydunolaaDAYYo+BOXhp2PoqidOWH3z6NYBpyB,iv:WCLcMMwQJiHZBwreQpaOZp2saXvjBwgYUqSf7HQhMgA=,tag:5jsAVcgAgO+7JhBINz6tzQ==,type:str]
|
||||
#ENC[AES256_GCM,data:qGsMmWrUIzVdHw==,iv:DXayEA5zquwOzm+TqECYNHM98r0WSzcP3gA8zkzdPy4=,tag:OKTx12RqP9VxJQOnrBLkmw==,type:comment]
|
||||
user19: ENC[AES256_GCM,data:+Mh15DR9xvFAwks86iuHEA9FpObKWTSuVOEzUDpBUS/h0hOz,iv:zYIkic2bibvwCBpomnJ9465mda1rbm3RERBZY9twXuc=,tag:bwdL6DAGgkGYhYFI2C4A+A==,type:str]
|
||||
private-key: ENC[AES256_GCM,data:ts/LRGFAsYqvGvkvlxUI42IW1a8cGsSkpZhMDd3QVceRKvhPb1SRDaXoSw==,iv:6xX9xFIFUNlLBZ6CPBOz9JbHpvC4+QG9ZaCZcWdl12c=,tag:DYIa+QTV8vyl1l7OKKykTw==,type:str]
|
||||
nginx:
|
||||
#ENC[AES256_GCM,data:85LrqdTMIhSa,iv:mIQPYz8VPd5AxeMCQEdTGMD0Iqa5QEAa5+8JVFaj3JM=,tag:TcZd7S3WRPpEV9lHI1fzbw==,type:comment]
|
||||
@@ -83,8 +87,8 @@ sops:
|
||||
ZXFTU3ZCaW1pTVh0RUJzdDdGdHlPYTgK2mlgcX2kEc8+2UDdBnhUm6IIuh8V6agW
|
||||
ooxH9OEPXUVI/4JcDo4v8ZUhAyU1ehLH0Ef7PJCChOZe2KZmWSNbhA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-05-25T09:01:19Z"
|
||||
mac: ENC[AES256_GCM,data:xYK5VTYHwryDcH0fhnezn5aYQ+XAPAJ7PIrL1ygKw3F/rAwRQlWk0/zmqypmpqbPX4mAJKzDfgoTNh8iUtF8ehmfOS+7OPUTuKVRvPI39HfcJbRN3/oOdN40AXSa5cZjgKrAGdhWvwyw0WdDMkRfwJztAR5Jj0dKzZ5THW+5zSs=,iv:Y5UUe1I95ltiVcUPBUcmIpnKHFfAlQmcF8ZlxZht1i4=,tag:3mA/epV254+P7WkkuhDOqg==,type:str]
|
||||
lastmodified: "2024-06-30T10:43:57Z"
|
||||
mac: ENC[AES256_GCM,data:Mg/DZghIkaWM5KEjk5zg3S0L5qPa8/rkc2ooSjA1ewzbDhTKls2tzv7fQqLx2WQtcJiKkoVx22UkiL0AzBwJdCr3473vx93ajTVK9HNu3jqXmuzSiv2iVS21EX9tyBNiL6uWlVAtlVfMMs69PEUF+EJIYY5TkVVPaQjzEebwo5w=,iv:tFON7RVSnNNHo5U4dRuMGDhH5iPGShW9uoda+apiIjI=,tag:3nG/u7vaChFBHoDsLLb23w==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
|
||||
@@ -46,7 +46,7 @@ inputs:
|
||||
matrix = { port = 8009; redisPort = 6380; slidingSyncPort = 9001; };
|
||||
};
|
||||
vaultwarden.enable = true;
|
||||
beesd.instances.root = { device = "/"; hashTableSizeMB = 1024; };
|
||||
beesd.instances.root = { device = "/"; hashTableSizeMB = 1024; loadAverage = 4; };
|
||||
photoprism.enable = true;
|
||||
nextcloud = {};
|
||||
freshrss.enable = true;
|
||||
|
||||
@@ -101,6 +101,7 @@
|
||||
in pkgs.pkgsStatic.localPackages.hpcstat.override
|
||||
{ inherit openssh duc; standalone = true; version = inputs.self.rev or "dirty"; };
|
||||
ufo = pkgs.pkgsStatic.localPackages.ufo.override { version = inputs.self.rev or "dirty"; };
|
||||
chn-bsub = pkgs.pkgsStatic.localPackages.chn-bsub;
|
||||
nixpkgs = pkgs;
|
||||
}
|
||||
// (
|
||||
@@ -207,6 +208,12 @@
|
||||
packages = [ pkgs.clang-tools_18 ];
|
||||
CMAKE_EXPORT_COMPILE_COMMANDS = "1";
|
||||
};
|
||||
chn-bsub = pkgs.mkShell
|
||||
{
|
||||
inputsFrom = with pkgs.localPackages; [ chn-bsub ];
|
||||
buildInputs = [ pkgs.clang-tools_18 ];
|
||||
CMAKE_EXPORT_COMPILE_COMMANDS = "1";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
26
local/pkgs/chn-bsub/CMakeLists.txt
Normal file
26
local/pkgs/chn-bsub/CMakeLists.txt
Normal file
@@ -0,0 +1,26 @@
|
||||
cmake_minimum_required(VERSION 3.14)
|
||||
project(chn-bsub VERSION 0.0.0 LANGUAGES CXX)
|
||||
enable_testing()
|
||||
include(GNUInstallDirs)
|
||||
|
||||
if(NOT CMAKE_BUILD_TYPE AND NOT CMAKE_CONFIGURATION_TYPES)
|
||||
message("Setting build type to 'Release' as none was specified.")
|
||||
set(CMAKE_BUILD_TYPE Release CACHE STRING "Choose the type of build." FORCE)
|
||||
set_property(CACHE CMAKE_BUILD_TYPE PROPERTY STRINGS "Debug" "Release" "MinSizeRel" "RelWithDebInfo")
|
||||
endif()
|
||||
|
||||
find_package(ftxui REQUIRED)
|
||||
find_package(Boost REQUIRED COMPONENTS filesystem iostreams)
|
||||
find_package(range-v3 REQUIRED)
|
||||
find_package(biu REQUIRED)
|
||||
|
||||
add_executable(chn-bsub src/main.cpp)
|
||||
target_compile_features(chn-bsub PUBLIC cxx_std_23)
|
||||
target_link_libraries(chn-bsub PRIVATE fmt::fmt ftxui::screen ftxui::dom ftxui::component Boost::filesystem
|
||||
range-v3::range-v3 biu::biu)
|
||||
|
||||
install(TARGETS chn-bsub RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
|
||||
|
||||
get_property(ImportedTargets DIRECTORY "${CMAKE_SOURCE_DIR}" PROPERTY IMPORTED_TARGETS)
|
||||
message("Imported targets: ${ImportedTargets}")
|
||||
message("List of compile features: ${CMAKE_CXX_COMPILE_FEATURES}")
|
||||
12
local/pkgs/chn-bsub/default.nix
Normal file
12
local/pkgs/chn-bsub/default.nix
Normal file
@@ -0,0 +1,12 @@
|
||||
{
|
||||
stdenv, lib, sbatchConfig ? null, substituteAll, runCommand,
|
||||
cmake, pkg-config, ftxui, biu
|
||||
}:
|
||||
stdenv.mkDerivation
|
||||
{
|
||||
name = "chn-bsub";
|
||||
src = ./.;
|
||||
buildInputs = [ ftxui biu ];
|
||||
nativeBuildInputs = [ cmake pkg-config ];
|
||||
postInstall = "ln -s chn-bsub $out/bin/chn_bsub";
|
||||
}
|
||||
202
local/pkgs/chn-bsub/src/main.cpp
Normal file
202
local/pkgs/chn-bsub/src/main.cpp
Normal file
@@ -0,0 +1,202 @@
|
||||
# include <map>
|
||||
# include <filesystem>
|
||||
# include <ftxui/component/component.hpp>
|
||||
# include <ftxui/component/component_options.hpp>
|
||||
# include <ftxui/component/screen_interactive.hpp>
|
||||
# include <boost/process.hpp>
|
||||
# include <boost/algorithm/string.hpp>
|
||||
# include <biu.hpp>
|
||||
|
||||
using namespace biu::literals;
|
||||
|
||||
int main()
|
||||
{
|
||||
// 需要绑定到界面上的变量
|
||||
struct
|
||||
{
|
||||
std::array<int, 3> vasp_version_selected = {0, 0, 0};
|
||||
std::vector<std::string> vasp_version_entries_level1 = {"640", "631"};
|
||||
std::map<std::string, std::vector<std::string>> vasp_version_entries_level2 =
|
||||
{
|
||||
{"640", {"(default)", "fixc", "optcell_vtst_wannier90", "shmem", "vtst"}},
|
||||
{"631", {"shmem"}}
|
||||
};
|
||||
std::vector<std::string> vasp_version_entries_level3 = {"std", "gam", "ncl"};
|
||||
|
||||
int queue_selected = 0;
|
||||
std::vector<std::string> queue_entries =
|
||||
{
|
||||
"normal_1day", "normal_1week", "normal",
|
||||
"normal_1day_new", "ocean_530_1day", "ocean6226R_1day"
|
||||
};
|
||||
std::map<std::string, std::size_t> max_cores =
|
||||
{
|
||||
{"normal_1day", 28}, {"normal_1week", 28}, {"normal", 20},
|
||||
{"normal_1day_new", 24}, {"ocean_530_1day", 24}, {"ocean6226R_1day", 32}
|
||||
};
|
||||
std::string ncores = "";
|
||||
std::string job_name = []
|
||||
{
|
||||
// /data/gpfs01/jykang/linwei/chn/lammps-SiC
|
||||
std::vector<std::string> paths;
|
||||
boost::split(paths, std::filesystem::current_path().string(),
|
||||
boost::is_any_of("/"));
|
||||
if (paths.size() < 7)
|
||||
return "my-great-job"s;
|
||||
else
|
||||
return paths[5] + "_" + paths.back();
|
||||
}();
|
||||
std::string bsub = "";
|
||||
std::string user_command = "";
|
||||
} state;
|
||||
|
||||
// 为组件增加标题栏
|
||||
auto component_with_title = [](std::string title, ftxui::Component component)
|
||||
{
|
||||
return ftxui::Renderer(component, [title, component]
|
||||
{
|
||||
return ftxui::vbox
|
||||
({
|
||||
ftxui::text(title) | ftxui::bgcolor(ftxui::Color::Blue),
|
||||
component->Render(),
|
||||
ftxui::separator()
|
||||
});
|
||||
});
|
||||
};
|
||||
|
||||
// 构建界面, 需要至少 25 行 47 列
|
||||
auto screen = ftxui::ScreenInteractive::Fullscreen();
|
||||
auto request_interface = [&state, &screen, &component_with_title]
|
||||
{
|
||||
auto vasp_version_level1 = ftxui::Menu
|
||||
(&state.vasp_version_entries_level1, &state.vasp_version_selected[0])
|
||||
| ftxui::size(ftxui::WIDTH, ftxui::EQUAL, 8);
|
||||
std::vector<ftxui::Component> vasp_version_level2_children;
|
||||
for (auto& i : state.vasp_version_entries_level1)
|
||||
vasp_version_level2_children.push_back(ftxui::Menu
|
||||
(
|
||||
&state.vasp_version_entries_level2[i],
|
||||
&state.vasp_version_selected[1]
|
||||
));
|
||||
auto vasp_version_level2 = ftxui::Container::Tab
|
||||
(
|
||||
vasp_version_level2_children,
|
||||
&state.vasp_version_selected[0]
|
||||
) | ftxui::size(ftxui::WIDTH, ftxui::EQUAL, 27);
|
||||
auto vasp_version_level3 = ftxui::Menu
|
||||
(&state.vasp_version_entries_level3, &state.vasp_version_selected[2])
|
||||
| ftxui::size(ftxui::WIDTH, ftxui::EQUAL, 8);
|
||||
auto vasp_version = component_with_title("Select vasp version:",
|
||||
ftxui::Container::Horizontal
|
||||
({vasp_version_level1, vasp_version_level2, vasp_version_level3})
|
||||
| ftxui::size(ftxui::HEIGHT, ftxui::EQUAL, 5));
|
||||
auto queue = component_with_title("Select queue:",
|
||||
ftxui::Menu(&state.queue_entries, &state.queue_selected)
|
||||
| ftxui::size(ftxui::HEIGHT, ftxui::EQUAL, 6));
|
||||
auto ncores = component_with_title("Input cores you want to use:",
|
||||
ftxui::Input(&state.ncores, "(leave blank to use all cores)"))
|
||||
| ftxui::size(ftxui::HEIGHT, ftxui::EQUAL, 3);
|
||||
auto job_name = component_with_title("Job name:",
|
||||
ftxui::Input(&state.job_name, ""))
|
||||
| ftxui::size(ftxui::HEIGHT, ftxui::EQUAL, 3);
|
||||
auto continue_button = ftxui::Button("Continue",
|
||||
[&]{state.user_command = "continue"; screen.ExitLoopClosure()();});
|
||||
auto quit_button = ftxui::Button("Quit",
|
||||
[&]{state.user_command = "quit"; screen.ExitLoopClosure()();});
|
||||
return ftxui::Container::Vertical
|
||||
({
|
||||
vasp_version, queue, ncores, job_name,
|
||||
ftxui::Container::Horizontal({continue_button, quit_button})
|
||||
}) | ftxui::borderHeavy
|
||||
| ftxui::size(ftxui::WIDTH, ftxui::EQUAL, 47)
|
||||
| ftxui::size(ftxui::HEIGHT, ftxui::EQUAL, 24);
|
||||
}();
|
||||
auto confirm_interface = [&state, &screen, &component_with_title]
|
||||
{
|
||||
ftxui::InputOption input_option;
|
||||
input_option.multiline = true;
|
||||
return ftxui::Container::Vertical
|
||||
({
|
||||
component_with_title
|
||||
(
|
||||
"Double check & modify submit command:",
|
||||
ftxui::Input(&state.bsub, "", input_option)
|
||||
)
|
||||
| ftxui::size(ftxui::HEIGHT, ftxui::EQUAL, 7),
|
||||
ftxui::Container::Horizontal
|
||||
({
|
||||
ftxui::Button("Submit",
|
||||
[&]{state.user_command = "submit"; screen.ExitLoopClosure()();}),
|
||||
ftxui::Button("Quit",
|
||||
[&]{state.user_command = "quit"; screen.ExitLoopClosure()();}),
|
||||
ftxui::Button("Back",
|
||||
[&]{state.user_command = "back"; screen.ExitLoopClosure()();})
|
||||
}),
|
||||
ftxui::Renderer([]{return ftxui::vbox
|
||||
({
|
||||
ftxui::separator(),
|
||||
ftxui::text("Source code:"),
|
||||
ftxui::text("https://github.com/CHN-beta/chn_bsub.git"),
|
||||
ftxui::text("Star & PR are welcome!"),
|
||||
});})
|
||||
}) | ftxui::borderHeavy
|
||||
| ftxui::size(ftxui::WIDTH, ftxui::EQUAL, 47)
|
||||
| ftxui::size(ftxui::HEIGHT, ftxui::EQUAL, 14);
|
||||
}();
|
||||
|
||||
// 实际投递任务
|
||||
auto submit = [](std::string bsub)
|
||||
{
|
||||
// replace \n with space
|
||||
boost::replace_all(bsub, "\n", " ");
|
||||
auto process = boost::process::child
|
||||
(
|
||||
boost::process::search_path("sh"), "-c", bsub,
|
||||
boost::process::std_in.close(),
|
||||
boost::process::std_out > stdout,
|
||||
boost::process::std_err > stderr
|
||||
);
|
||||
process.wait();
|
||||
};
|
||||
|
||||
// 进入事件循环
|
||||
while (true)
|
||||
{
|
||||
screen.Loop(request_interface);
|
||||
if (state.user_command == "quit")
|
||||
return EXIT_FAILURE;
|
||||
else if (state.user_command != "continue")
|
||||
throw std::runtime_error("user_command is not recognized");
|
||||
state.bsub = fmt::format
|
||||
(
|
||||
"bsub -J '{}'\n-q {}\n-n {}\n-R 'span[hosts=1]'\n-o 'output.txt'\nchn_vasp.sh {}",
|
||||
state.job_name,
|
||||
state.queue_entries[state.queue_selected],
|
||||
state.ncores.empty() ? state.max_cores[state.queue_entries[state.queue_selected]] :
|
||||
std::stoi(state.ncores),
|
||||
[&]
|
||||
{
|
||||
auto version_level1 = state.vasp_version_entries_level1[state.vasp_version_selected[0]];
|
||||
auto version_level2 = state.vasp_version_entries_level2[version_level1]
|
||||
[state.vasp_version_selected[1]];
|
||||
auto version_level3 = state.vasp_version_entries_level3[state.vasp_version_selected[2]];
|
||||
return fmt::format
|
||||
(
|
||||
"{}{}_{}",
|
||||
version_level1,
|
||||
version_level2 == "(default)" ? ""s : "_" + version_level2,
|
||||
version_level3
|
||||
);
|
||||
}()
|
||||
);
|
||||
screen.Loop(confirm_interface);
|
||||
if (state.user_command == "quit")
|
||||
return EXIT_FAILURE;
|
||||
else if (state.user_command == "back")
|
||||
continue;
|
||||
else if (state.user_command != "submit")
|
||||
throw std::runtime_error("user_command is not recognized");
|
||||
submit(state.bsub);
|
||||
break;
|
||||
}
|
||||
}
|
||||
@@ -73,7 +73,7 @@ inputs: rec
|
||||
{ src = inputs.topInputs.kylin-virtual-keyboard; };
|
||||
biu = inputs.pkgs.callPackage ./biu { inherit nameof zpp-bits; };
|
||||
zxorm = inputs.pkgs.callPackage ./zxorm { src = inputs.topInputs.zxorm; };
|
||||
hpcstat = inputs.pkgs.callPackage ./hpcstat { inherit nameof sqlite-orm zpp-bits date openxlsx biu; };
|
||||
hpcstat = inputs.pkgs.callPackage ./hpcstat { inherit nameof sqlite-orm zpp-bits date biu; };
|
||||
openxlsx = inputs.pkgs.callPackage ./openxlsx { src = inputs.topInputs.openxlsx; };
|
||||
sqlite-orm = inputs.pkgs.callPackage ./sqlite-orm { src = inputs.topInputs.sqlite-orm; };
|
||||
mkPnpmPackage = inputs.pkgs.callPackage ./mkPnpmPackage.nix {};
|
||||
@@ -81,6 +81,7 @@ inputs: rec
|
||||
sbatch-tui = inputs.pkgs.callPackage ./sbatch-tui { inherit biu; };
|
||||
ufo = inputs.pkgs.callPackage ./ufo
|
||||
{ inherit concurrencpp biu glad matplotplusplus zpp-bits; tbb = inputs.pkgs.tbb_2021_11; };
|
||||
chn-bsub = inputs.pkgs.callPackage ./chn-bsub { inherit biu; };
|
||||
|
||||
fromYaml = content: builtins.fromJSON (builtins.readFile
|
||||
(inputs.pkgs.runCommand "toJSON" {}
|
||||
|
||||
@@ -18,7 +18,6 @@ find_path(ZPP_BITS_INCLUDE_DIR zpp_bits.h REQUIRED)
|
||||
find_package(range-v3 REQUIRED)
|
||||
find_path(NAMEOF_INCLUDE_DIR nameof.hpp REQUIRED)
|
||||
find_package(date REQUIRED)
|
||||
find_package(OpenXLSX REQUIRED)
|
||||
find_package(httplib REQUIRED)
|
||||
find_package(termcolor REQUIRED)
|
||||
find_package(biu REQUIRED)
|
||||
@@ -28,7 +27,7 @@ add_executable(hpcstat src/main.cpp src/env.cpp src/keys.cpp src/ssh.cpp src/sql
|
||||
target_compile_features(hpcstat PRIVATE cxx_std_23)
|
||||
target_include_directories(hpcstat PRIVATE ${PROJECT_SOURCE_DIR}/include ${ZPP_BITS_INCLUDE_DIR})
|
||||
target_link_libraries(hpcstat PRIVATE Boost::headers Boost::filesystem sqlite_orm::sqlite_orm
|
||||
nlohmann_json::nlohmann_json range-v3::range-v3 date::date date::date-tz OpenXLSX::OpenXLSX httplib::httplib
|
||||
nlohmann_json::nlohmann_json range-v3::range-v3 date::date date::date-tz httplib::httplib
|
||||
termcolor::termcolor biu::biu)
|
||||
target_compile_definitions(hpcstat PRIVATE HPCSTAT_VERSION="${HPCSTAT_VERSION}")
|
||||
|
||||
|
||||
@@ -1,13 +1,13 @@
|
||||
{
|
||||
stdenv, cmake, pkg-config, standalone ? false, version ? null, makeWrapper, lib,
|
||||
boost, fmt, sqlite-orm, nlohmann_json, zpp-bits, range-v3, nameof, openssh, sqlite, date, openxlsx, httplib, openssl,
|
||||
boost, fmt, sqlite-orm, nlohmann_json, zpp-bits, range-v3, nameof, openssh, sqlite, date, httplib, openssl,
|
||||
termcolor, duc, biu
|
||||
}: stdenv.mkDerivation
|
||||
{
|
||||
name = "hpcstat";
|
||||
src = ./.;
|
||||
buildInputs =
|
||||
[ boost fmt sqlite-orm nlohmann_json zpp-bits range-v3 nameof sqlite date openxlsx httplib termcolor openssl biu ];
|
||||
[ boost fmt sqlite-orm nlohmann_json zpp-bits range-v3 nameof sqlite date httplib termcolor openssl biu ];
|
||||
nativeBuildInputs = [ cmake pkg-config makeWrapper ];
|
||||
cmakeFlags = lib.optionals (version != null) [ "-DHPCSTAT_VERSION=${version}" ];
|
||||
postInstall =
|
||||
|
||||
@@ -62,8 +62,8 @@ namespace hpcstat::sql
|
||||
// 三个字符串分别是序列化后的数据,签名,指纹
|
||||
std::optional<std::vector<std::tuple<std::string, std::string, std::string>>>
|
||||
verify(std::string old_db, std::string new_db);
|
||||
// 将某个月份的数据导出到文件
|
||||
bool export_data(long start_time, long end_time, std::string filename);
|
||||
// 将某个月份的数据导出
|
||||
bool export_data(long start_time, long end_time);
|
||||
// 检查任务状态,返回有变化的任务 id、名称、现在的状态、提交时的 key、subaccount
|
||||
// 如果没有找到提交时的信息,则忽略这个任务
|
||||
std::optional<std::map<unsigned, std::tuple<std::string, std::string, std::string, std::optional<std::string>>>>
|
||||
|
||||
@@ -167,7 +167,7 @@ int main(int argc, const char** argv)
|
||||
auto end = sys_seconds(sys_days(month(month_n) / 1 / year_n + months(1)))
|
||||
.time_since_epoch().count();
|
||||
lock.lock();
|
||||
if (!sql::export_data(begin, end, "hpcstat-{}-{}.xlsx"_f(year_n, month_n)))
|
||||
if (!sql::export_data(begin, end))
|
||||
return 1;
|
||||
}
|
||||
else if (args[1] == "push")
|
||||
|
||||
@@ -7,7 +7,6 @@
|
||||
# include <nameof.hpp>
|
||||
# define SQLITE_ORM_OPTIONAL_SUPPORTED
|
||||
# include <sqlite_orm/sqlite_orm.h>
|
||||
# include <OpenXLSX.hpp>
|
||||
|
||||
namespace hpcstat::sql
|
||||
{
|
||||
@@ -183,29 +182,30 @@ namespace hpcstat::sql
|
||||
}
|
||||
return result;
|
||||
}
|
||||
bool export_data(long start_time, long end_time, std::string filename)
|
||||
bool export_data(long start_time, long end_time)
|
||||
{
|
||||
if (auto conn = connect(); !conn) return false;
|
||||
else
|
||||
{
|
||||
struct StatResult
|
||||
// 对于一个账户的总计
|
||||
struct StatAccount
|
||||
{
|
||||
double CpuTime = 0;
|
||||
unsigned LoginInteractive = 0, LoginNonInteractive = 0, SubmitJob = 0, FinishJobSuccess = 0,
|
||||
FinishJobFailed = 0;
|
||||
StatResult& operator+=(const StatResult& rhs)
|
||||
{
|
||||
CpuTime += rhs.CpuTime;
|
||||
LoginInteractive += rhs.LoginInteractive;
|
||||
LoginNonInteractive += rhs.LoginNonInteractive;
|
||||
SubmitJob += rhs.SubmitJob;
|
||||
FinishJobSuccess += rhs.FinishJobSuccess;
|
||||
FinishJobFailed += rhs.FinishJobFailed;
|
||||
return *this;
|
||||
}
|
||||
unsigned LoginInteractive = 0, LoginNonInteractive = 0, FinishJobSuccess = 0, FinishJobFailed = 0;
|
||||
};
|
||||
// Key SubAccount -> StatResult
|
||||
std::map<std::pair<std::string, std::optional<std::string>>, StatResult> stat;
|
||||
// Key SubAccount -> StatAccount
|
||||
std::map<std::pair<std::string, std::string>, StatAccount> stat_subaccount;
|
||||
// Key -> StatAccount
|
||||
std::map<std::optional<std::string>, StatAccount> stat_account;
|
||||
// 每一个任务
|
||||
struct StatJob
|
||||
{
|
||||
unsigned JobId;
|
||||
std::optional<std::string> Key, SessionId, SubmitDir, JobCommand, Ip;
|
||||
std::string JobResult, SubmitTime;
|
||||
double CpuTime;
|
||||
};
|
||||
std::vector<StatJob> stat_job;
|
||||
// CpuTime & FinishJobSuccess & FinishJobFailed
|
||||
for
|
||||
(
|
||||
@@ -213,14 +213,36 @@ namespace hpcstat::sql
|
||||
(sqlite_orm::between(&FinishJobData::Time, start_time, end_time)))
|
||||
)
|
||||
{
|
||||
auto job_in_submit = search_job_in_submit
|
||||
(conn, it.JobId, it.SubmitTime);
|
||||
std::pair<std::string, std::optional<std::string>> key;
|
||||
if (!job_in_submit) key = { "", {} };
|
||||
else key = std::make_pair(job_in_submit->Key, job_in_submit->Subaccount);
|
||||
stat[key].CpuTime += it.CpuTime / 3600;
|
||||
if (it.JobResult == "DONE") stat[key].FinishJobSuccess++;
|
||||
else stat[key].FinishJobFailed++;
|
||||
stat_job.push_back
|
||||
({ .JobId = it.JobId, .JobResult = it.JobResult, .SubmitTime = it.SubmitTime, .CpuTime = it.CpuTime });
|
||||
if (auto job_in_submit = search_job_in_submit
|
||||
(conn, it.JobId, it.SubmitTime))
|
||||
{
|
||||
{
|
||||
auto& _ = stat_job.back();
|
||||
_.Key = job_in_submit->Key;
|
||||
_.SessionId = job_in_submit->SessionId;
|
||||
_.SubmitDir = job_in_submit->SubmitDir;
|
||||
_.JobCommand = job_in_submit->JobCommand;
|
||||
_.Ip = job_in_submit->Ip;
|
||||
}
|
||||
stat_account[job_in_submit->Key].CpuTime += it.CpuTime / 3600;
|
||||
if (it.JobResult == "DONE") stat_account[job_in_submit->Key].FinishJobSuccess++;
|
||||
else stat_account[job_in_submit->Key].FinishJobFailed++;
|
||||
if (job_in_submit->Subaccount)
|
||||
{
|
||||
stat_subaccount[{job_in_submit->Key, *job_in_submit->Subaccount}].CpuTime += it.CpuTime / 3600;
|
||||
if (it.JobResult == "DONE")
|
||||
stat_subaccount[{job_in_submit->Key, *job_in_submit->Subaccount}].FinishJobSuccess++;
|
||||
else stat_subaccount[{job_in_submit->Key, *job_in_submit->Subaccount}].FinishJobFailed++;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
stat_account[std::nullopt].CpuTime += it.CpuTime / 3600;
|
||||
if (it.JobResult == "DONE") stat_account[std::nullopt].FinishJobSuccess++;
|
||||
else stat_account[std::nullopt].FinishJobFailed++;
|
||||
}
|
||||
}
|
||||
// LoginInteractive & LoginNonInteractive
|
||||
for
|
||||
@@ -229,62 +251,45 @@ namespace hpcstat::sql
|
||||
(sqlite_orm::between(&LoginData::Time, start_time, end_time)))
|
||||
)
|
||||
{
|
||||
auto key = std::make_pair(it.Key, it.Subaccount);
|
||||
if (it.Interactive) stat[key].LoginInteractive++; else stat[key].LoginNonInteractive++;
|
||||
if (Keys[it.Key].Username == "hpcstat") continue;
|
||||
if (it.Interactive) stat_account[it.Key].LoginInteractive++; else stat_account[it.Key].LoginNonInteractive++;
|
||||
if (it.Subaccount)
|
||||
{
|
||||
if (it.Interactive) stat_subaccount[{it.Key, *it.Subaccount}].LoginInteractive++;
|
||||
else stat_subaccount[{it.Key, *it.Subaccount}].LoginNonInteractive++;
|
||||
}
|
||||
}
|
||||
// SubmitJob
|
||||
for
|
||||
(
|
||||
auto& it : conn->get_all<SubmitJobData>(sqlite_orm::where
|
||||
(sqlite_orm::between(&SubmitJobData::Time, start_time, end_time)))
|
||||
)
|
||||
stat[{it.Key,it.Subaccount }].SubmitJob++;
|
||||
// add all result with subaccount into result without subaccount
|
||||
std::map<std::string, StatResult> stat_without_subaccount;
|
||||
for (auto& [key, value] : stat) stat_without_subaccount[key.first] += value;
|
||||
// remove all result without subaccount
|
||||
std::erase_if(stat, [](auto& it) { return !it.first.second; });
|
||||
// write to excel
|
||||
OpenXLSX::XLDocument doc;
|
||||
doc.create(filename);
|
||||
doc.workbook().addWorksheet("Statistics");
|
||||
auto wks1 = doc.workbook().worksheet("Statistics");
|
||||
wks1.row(1).values() = std::vector<std::string>
|
||||
// export to markdown
|
||||
std::cout << "| 账号 | 使用核时 | 登陆次数(交互式) | 登陆次数(非交互式) | 成功任务数 | 失败任务数 | SSH密钥编号::指纹 |\n";
|
||||
std::cout << "| :--: | :--: | :--: | :--: | :--: | :--: | :--: |\n";
|
||||
std::vector<std::pair<std::optional<std::string>, StatAccount>> stat_account_vector
|
||||
(stat_account.begin(), stat_account.end());
|
||||
auto compare = [](auto& a, auto& b)
|
||||
{
|
||||
"Username", "FingerPrint", "CpuTime", "LoginInteractive", "LoginNonInteractive",
|
||||
"SubmitJob", "FinishJobSuccess", "FinishJobFailed"
|
||||
if (a.first)
|
||||
{ if (b.first) return Keys[*a.first].PubkeyFilename < Keys[*b.first].PubkeyFilename; else return true; }
|
||||
else return false;
|
||||
};
|
||||
for
|
||||
(
|
||||
auto [row, it] = std::tuple(2, stat_without_subaccount.begin());
|
||||
it != stat_without_subaccount.end();
|
||||
it++, row++
|
||||
)
|
||||
wks1.row(row).values() = std::vector<std::string>
|
||||
{
|
||||
Keys.contains(it->first) ? Keys[it->first].Username : "(unknown)", it->first,
|
||||
"{:.2f}"_f(it->second.CpuTime), "{}"_f(it->second.LoginInteractive),
|
||||
"{}"_f(it->second.LoginNonInteractive), "{}"_f(it->second.SubmitJob),
|
||||
"{}"_f(it->second.FinishJobSuccess), "{}"_f(it->second.FinishJobFailed)
|
||||
};
|
||||
doc.workbook().addWorksheet("StatisticsWithSubAccount");
|
||||
auto wks2 = doc.workbook().worksheet("StatisticsWithSubAccount");
|
||||
wks2.row(1).values() = std::vector<std::string>
|
||||
{
|
||||
"Username::SubAccount", "CpuTime", "LoginInteractive", "LoginNonInteractive",
|
||||
"SubmitJob", "FinishJobSuccess", "FinishJobFailed"
|
||||
};
|
||||
for (auto [row, it] = std::tuple(2, stat.begin()); it != stat.end(); it++, row++)
|
||||
wks2.row(row).values() = std::vector<std::string>
|
||||
{
|
||||
(Keys.contains(it->first.first) ? Keys[it->first.first].Username : "(unknown)")
|
||||
+ "::" + *it->first.second,
|
||||
"{:.2f}"_f(it->second.CpuTime), "{}"_f(it->second.LoginInteractive),
|
||||
"{}"_f(it->second.LoginNonInteractive), "{}"_f(it->second.SubmitJob),
|
||||
"{}"_f(it->second.FinishJobSuccess), "{}"_f(it->second.FinishJobFailed)
|
||||
};
|
||||
doc.workbook().deleteSheet("Sheet1");
|
||||
doc.save();
|
||||
std::sort(stat_account_vector.begin(), stat_account_vector.end(), compare);
|
||||
for (auto& [key, stat] : stat_account_vector)
|
||||
std::cout << "| {} | {:.2f} | {} | {} | {} | {} | `{}::{}` |\n"_f
|
||||
(
|
||||
key ? Keys[*key].Username : "(unknown)", stat.CpuTime, stat.LoginInteractive, stat.LoginNonInteractive,
|
||||
stat.FinishJobSuccess, stat.FinishJobFailed, key ? Keys[*key].PubkeyFilename : "", key
|
||||
);
|
||||
for (auto& [key_subaccount, stat] : stat_subaccount)
|
||||
std::cout << "| {}::{} | {:.2f} | {} | {} | {} | {} | `{}::{}` |\n"_f
|
||||
(
|
||||
Keys[key_subaccount.first].Username, key_subaccount.second, stat.CpuTime,
|
||||
stat.LoginInteractive, stat.LoginNonInteractive, stat.FinishJobSuccess, stat.FinishJobFailed,
|
||||
Keys[key_subaccount.first].PubkeyFilename, key_subaccount.first
|
||||
);
|
||||
std::cout << "\n";
|
||||
std::cout << "| 任务ID | 任务结果 | 提交时间 | 使用核时 | SSH指纹 | 会话ID | 提交目录 | 任务命令 | TCP连接 |\n";
|
||||
std::cout << "| :--: | :--: | :--: | :--: | :--: | :--: | :--: | :--: | :--: |\n";
|
||||
for (auto& it : stat_job)
|
||||
std::cout << "| {} | {} | {} | {:.2f} | `{}` | `{}` | `{}` | `{}` | `{}` |\n"_f
|
||||
(it.JobId, it.JobResult, it.SubmitTime, it.CpuTime, it.Key, it.SessionId, it.SubmitDir, it.JobCommand, it.Ip);
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -20,6 +20,10 @@ int main()
|
||||
std::vector<std::string> device_type_entries = { "any single GPU", "manually select GPU", "CPU" };
|
||||
std::deque<bool> device_selected = std::deque<bool>(Device.GpuIds.size(), false);
|
||||
std::vector<std::string> device_entries = Device.GpuIds;
|
||||
std::string job_name = std::filesystem::current_path().filename().string();
|
||||
std::string output_file = "output.txt";
|
||||
std::string mpi_threads = std::to_string(Device.CpuMpiThreads);
|
||||
std::string openmp_threads = std::to_string(Device.CpuOpenmpThreads);
|
||||
|
||||
std::string user_command;
|
||||
std::string submit_command;
|
||||
@@ -40,6 +44,12 @@ int main()
|
||||
auto empty = ftxui::emptyElement() | ftxui::flex_grow;
|
||||
return ftxui::vbox(empty, ftxui::hbox(empty, element | ftxui::center, empty), empty);
|
||||
};
|
||||
// 在组件左边增加分割线
|
||||
auto with_separator = [](ftxui::Element element)
|
||||
{ return ftxui::hbox(ftxui::separatorLight(), element); };
|
||||
// 在组件左边增加小标题
|
||||
auto with_subtitle = [](std::string title)
|
||||
{ return [title](ftxui::Element element) { return ftxui::hbox(ftxui::text(title), element); }; };
|
||||
|
||||
// 构建界面
|
||||
auto screen = ftxui::ScreenInteractive::Fullscreen();
|
||||
@@ -66,8 +76,17 @@ int main()
|
||||
devices.push_back(ftxui::Checkbox
|
||||
(state.device_entries[i], &state.device_selected[i], checkbox_option));
|
||||
return devices;
|
||||
}()) | ftxui::Maybe([&]{ return state.device_type_selected == 1; })
|
||||
}()) | with_separator | ftxui::Maybe([&]{ return state.device_type_selected == 1; }),
|
||||
ftxui::Container::Vertical
|
||||
({
|
||||
ftxui::Input(&state.mpi_threads) | ftxui::size(ftxui::WIDTH, ftxui::GREATER_THAN, 3)
|
||||
| with_subtitle("MPI threads: "),
|
||||
ftxui::Input(&state.openmp_threads) | ftxui::size(ftxui::WIDTH, ftxui::GREATER_THAN, 3)
|
||||
| with_subtitle("OpenMP threads: ")
|
||||
}) | with_separator | ftxui::Maybe([&]{ return state.device_type_selected == 2; }),
|
||||
}) | with_title("Select device:"),
|
||||
ftxui::Input(&state.job_name) | with_title("Job name:"),
|
||||
ftxui::Input(&state.output_file) | with_title("Output file:"),
|
||||
ftxui::Container::Horizontal
|
||||
({
|
||||
ftxui::Button("Continue",
|
||||
@@ -107,17 +126,14 @@ int main()
|
||||
if (state.user_command == "quit") return EXIT_FAILURE;
|
||||
else if (state.device_type_selected == 0)
|
||||
state.submit_command =
|
||||
"sbatch --ntasks=1\n--gpus=1\n--job-name='{}'\n--output=output.txt\nvasp-nvidia-{}"_f
|
||||
(
|
||||
std::filesystem::current_path().filename().string(),
|
||||
state.vasp_version_entries[state.vasp_version_selected]
|
||||
);
|
||||
"sbatch --ntasks=1\n--gpus=1\n--job-name='{}'\n--output='{}'\nvasp-nvidia-{}"_f
|
||||
(state.job_name, state.output_file, state.vasp_version_entries[state.vasp_version_selected]);
|
||||
else if (state.device_type_selected == 2)
|
||||
state.submit_command =
|
||||
"sbatch --ntasks={}\n--cpus-per-task={}\n--hint=nomultithread\n--job-name='{}'\n--output=output.txt"
|
||||
"sbatch --ntasks={}\n--cpus-per-task={}\n--hint=nomultithread\n--job-name='{}'\n--output='{}'"
|
||||
"\nvasp-intel-{}"_f
|
||||
(
|
||||
Device.CpuMpiThreads, Device.CpuOpenmpThreads, std::filesystem::current_path().filename().string(),
|
||||
state.mpi_threads, state.openmp_threads, state.job_name, state.output_file,
|
||||
state.vasp_version_entries[state.vasp_version_selected]
|
||||
);
|
||||
else
|
||||
@@ -126,14 +142,13 @@ int main()
|
||||
for (int i = 0; i < state.device_selected.size(); i++)
|
||||
if (state.device_selected[i]) selected_gpus.push_back(state.device_entries[i]);
|
||||
state.submit_command =
|
||||
"sbatch --ntasks={}\n--gres={}\n--job-name='{}'\n--output=output.txt\nvasp-nvidia-{}"_f
|
||||
"sbatch --ntasks={}\n--gres={}\n--job-name='{}'\n--output='{}'\nvasp-nvidia-{}"_f
|
||||
(
|
||||
selected_gpus.size(),
|
||||
selected_gpus
|
||||
| ranges::views::transform([](auto& entry) { return "gpu:{}:1"_f(entry); })
|
||||
| ranges::views::join(',') | ranges::to<std::string>,
|
||||
std::filesystem::current_path().filename().string(),
|
||||
state.vasp_version_entries[state.vasp_version_selected]
|
||||
state.job_name, state.output_file, state.vasp_version_entries[state.vasp_version_selected]
|
||||
);
|
||||
}
|
||||
screen.Loop(confirm_interface);
|
||||
|
||||
@@ -26,11 +26,7 @@ inputs:
|
||||
])];
|
||||
};
|
||||
};
|
||||
programs =
|
||||
{
|
||||
yazi.enable = true;
|
||||
mosh.enable = true;
|
||||
};
|
||||
programs.yazi.enable = true;
|
||||
services.fwupd.enable = true;
|
||||
};
|
||||
}
|
||||
|
||||
@@ -43,6 +43,7 @@ inputs:
|
||||
command-not-found.enable = false;
|
||||
autojump.enable = true;
|
||||
direnv = { enable = true; nix-direnv.enable = true; };
|
||||
mosh.enable = true;
|
||||
};
|
||||
services.udev.packages = with inputs.pkgs; [ yubikey-personalization libfido2 ];
|
||||
home-manager = { useGlobalPkgs = true; useUserPackages = true; };
|
||||
|
||||
137
modules/packages/ssh.nix
Normal file
137
modules/packages/ssh.nix
Normal file
@@ -0,0 +1,137 @@
|
||||
inputs:
|
||||
{
|
||||
config = inputs.lib.mkIf (builtins.elem "server" inputs.config.nixos.packages._packageSets)
|
||||
{
|
||||
services.openssh.knownHosts =
|
||||
let servers =
|
||||
{
|
||||
vps6 =
|
||||
{
|
||||
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIO5ZcvyRyOnUCuRtqrM/Qf+AdUe3a5bhbnfyhw2FSLDZ";
|
||||
hostnames = [ "vps6.chn.moe" "wireguard.vps6.chn.moe" "74.211.99.69" "192.168.83.1" ];
|
||||
};
|
||||
"initrd.vps6" =
|
||||
{
|
||||
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIB4DKB/zzUYco5ap6k9+UxeO04LL12eGvkmQstnYxgnS";
|
||||
hostnames = [ "initrd.vps6.chn.moe" "74.211.99.69" ];
|
||||
};
|
||||
vps7 =
|
||||
{
|
||||
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIF5XkdilejDAlg5hZZD0oq69k8fQpe9hIJylTo/aLRgY";
|
||||
hostnames = [ "vps7.chn.moe" "wireguard.vps7.chn.moe" "ssh.git.chn.moe" "95.111.228.40" "192.168.83.2" ];
|
||||
};
|
||||
"initrd.vps7" =
|
||||
{
|
||||
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIGZyQpdQmEZw3nLERFmk2tS1gpSvXwW0Eish9UfhrRxC";
|
||||
hostnames = [ "initrd.vps7.chn.moe" "95.111.228.40" ];
|
||||
};
|
||||
nas =
|
||||
{
|
||||
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIIktNbEcDMKlibXg54u7QOLt0755qB/P4vfjwca8xY6V";
|
||||
hostnames = [ "wireguard.nas.chn.moe" "[office.chn.moe]:5440" "192.168.1.185" "192.168.83.4" ];
|
||||
};
|
||||
"initrd.nas" =
|
||||
{
|
||||
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIAoMu0HEaFQsnlJL0L6isnkNZdRq0OiDXyaX3+fl3NjT";
|
||||
hostnames = [ "initrd.nas.chn.moe" "[office.chn.moe]:5440" "192.168.1.185" ];
|
||||
};
|
||||
surface =
|
||||
{
|
||||
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIFdm3DcfHdcLP0oSpVrWwIZ/b9lZuakBSPwCFz2BdTJ7";
|
||||
hostnames = [ "192.168.1.166" "wireguard.surface.chn.moe" "192.168.83.5" ];
|
||||
};
|
||||
pc =
|
||||
{
|
||||
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIMSfREi19OSwQnhdsE8wiNwGSFFJwNGN0M5gN+sdrrLJ";
|
||||
hostnames = [ "wireguard.pc.chn.moe" "[office.chn.moe]:3673" "192.168.1.105" "192.168.83.3" ];
|
||||
};
|
||||
hpc =
|
||||
{
|
||||
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIDVpsQW3kZt5alHC6mZhay3ZEe2fRGziG4YJWCv2nn/O";
|
||||
hostnames = [ "hpc.xmu.edu.cn" ];
|
||||
};
|
||||
github =
|
||||
{
|
||||
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl";
|
||||
hostnames = [ "github.com" ];
|
||||
};
|
||||
xmupc1 =
|
||||
{
|
||||
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAINTvfywkKRwMrVp73HfHTfjhac2Tn9qX/lRjLr09ycHp";
|
||||
hostnames = [ "[office.chn.moe]:6007" "[xmupc1.chn.moe]:6007" "wireguard.xmupc1.chn.moe" "192.168.83.6" ];
|
||||
};
|
||||
xmupc2 =
|
||||
{
|
||||
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIJZ/+divGnDr0x+UlknA84Tfu6TPD+zBGmxWZY4Z38P6";
|
||||
hostnames = [ "[xmupc2.chn.moe]:6394" "wireguard.xmupc2.chn.moe" "192.168.83.7" ];
|
||||
};
|
||||
};
|
||||
in builtins.listToAttrs (builtins.map
|
||||
(server:
|
||||
{
|
||||
inherit (server) name;
|
||||
value =
|
||||
{
|
||||
publicKey = "ssh-ed25519 ${server.value.ed25519}";
|
||||
hostNames = server.value.hostnames;
|
||||
};
|
||||
})
|
||||
(inputs.localLib.attrsToList servers));
|
||||
programs.ssh =
|
||||
{
|
||||
startAgent = true;
|
||||
enableAskPassword = true;
|
||||
askPassword = "${inputs.pkgs.systemd}/bin/systemd-ask-password";
|
||||
extraConfig = "AddKeysToAgent yes";
|
||||
};
|
||||
environment.sessionVariables.SSH_ASKPASS_REQUIRE = "prefer";
|
||||
nixos.user.sharedModules =
|
||||
[(hmInputs: {
|
||||
config.programs.ssh =
|
||||
{
|
||||
enable = true;
|
||||
controlMaster = "auto";
|
||||
controlPersist = "1m";
|
||||
compression = true;
|
||||
matchBlocks = builtins.listToAttrs
|
||||
(
|
||||
(builtins.map
|
||||
(host: { name = host; value = { inherit host; hostname = "${host}.chn.moe"; }; })
|
||||
[ "vps6" "wireguard.vps6" "vps7" "wireguard.vps7" "wireguard.nas" ])
|
||||
++ (builtins.map
|
||||
(host: { name = host; value = { inherit host; hostname = "${host}.chn.moe"; forwardX11 = true; }; })
|
||||
[ "wireguard.pc" "wireguard.surface" "wireguard.xmupc1" "wireguard.xmupc2" ])
|
||||
++ (builtins.map
|
||||
(host:
|
||||
{
|
||||
name = host;
|
||||
value =
|
||||
{
|
||||
host = host;
|
||||
hostname = "hpc.xmu.edu.cn";
|
||||
user = host;
|
||||
setEnv.TERM = "chn_unset_ls_colors:xterm-256color";
|
||||
};
|
||||
})
|
||||
[ "wlin" "hwang" ])
|
||||
)
|
||||
// {
|
||||
xmupc1 = { host = "xmupc1"; hostname = "xmupc1.chn.moe"; port = 6007; forwardX11 = true; };
|
||||
xmupc2 = { host = "xmupc2"; hostname = "xmupc2.chn.moe"; port = 6394; forwardX11 = true; };
|
||||
nas = { host = "nas"; hostname = "office.chn.moe"; port = 5440; };
|
||||
pc = { host = "pc"; hostname = "office.chn.moe"; port = 3673; forwardX11 = true; };
|
||||
surface = { host = "surface"; hostname = "192.168.1.166"; forwardX11 = true; };
|
||||
gitea = { host = "gitea"; hostname = "ssh.git.chn.moe"; };
|
||||
jykang =
|
||||
{
|
||||
host = "jykang";
|
||||
hostname = "hpc.xmu.edu.cn";
|
||||
user = "jykang";
|
||||
forwardAgent = true;
|
||||
extraOptions.AddKeysToAgent = "yes";
|
||||
};
|
||||
};
|
||||
};
|
||||
})];
|
||||
};
|
||||
}
|
||||
@@ -1,166 +0,0 @@
|
||||
inputs:
|
||||
{
|
||||
config = inputs.lib.mkIf (builtins.elem "server" inputs.config.nixos.packages._packageSets)
|
||||
{
|
||||
services.openssh.knownHosts =
|
||||
let
|
||||
servers =
|
||||
{
|
||||
vps6 =
|
||||
{
|
||||
ed25519 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO5ZcvyRyOnUCuRtqrM/Qf+AdUe3a5bhbnfyhw2FSLDZ";
|
||||
hostnames = [ "vps6.chn.moe" "wireguard.vps6.chn.moe" "74.211.99.69" "192.168.83.1" ];
|
||||
};
|
||||
"initrd.vps6" =
|
||||
{
|
||||
ed25519 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB4DKB/zzUYco5ap6k9+UxeO04LL12eGvkmQstnYxgnS";
|
||||
hostnames = [ "initrd.vps6.chn.moe" "74.211.99.69" ];
|
||||
};
|
||||
vps7 =
|
||||
{
|
||||
ed25519 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF5XkdilejDAlg5hZZD0oq69k8fQpe9hIJylTo/aLRgY";
|
||||
hostnames = [ "vps7.chn.moe" "wireguard.vps7.chn.moe" "ssh.git.chn.moe" "95.111.228.40" "192.168.83.2" ];
|
||||
};
|
||||
"initrd.vps7" =
|
||||
{
|
||||
ed25519 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGZyQpdQmEZw3nLERFmk2tS1gpSvXwW0Eish9UfhrRxC";
|
||||
hostnames = [ "initrd.vps7.chn.moe" "95.111.228.40" ];
|
||||
};
|
||||
nas =
|
||||
{
|
||||
ed25519 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIktNbEcDMKlibXg54u7QOLt0755qB/P4vfjwca8xY6V";
|
||||
hostnames = [ "wireguard.nas.chn.moe" "[office.chn.moe]:5440" "192.168.1.185" "192.168.83.4" ];
|
||||
};
|
||||
"initrd.nas" =
|
||||
{
|
||||
ed25519 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAoMu0HEaFQsnlJL0L6isnkNZdRq0OiDXyaX3+fl3NjT";
|
||||
hostnames = [ "initrd.nas.chn.moe" "[office.chn.moe]:5440" "192.168.1.185" ];
|
||||
};
|
||||
surface =
|
||||
{
|
||||
ed25519 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFdm3DcfHdcLP0oSpVrWwIZ/b9lZuakBSPwCFz2BdTJ7";
|
||||
hostnames = [ "192.168.1.166" "wireguard.surface.chn.moe" "192.168.83.5" ];
|
||||
};
|
||||
pc =
|
||||
{
|
||||
ed25519 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMSfREi19OSwQnhdsE8wiNwGSFFJwNGN0M5gN+sdrrLJ";
|
||||
hostnames = [ "wireguard.pc.chn.moe" "[office.chn.moe]:3673" "192.168.1.105" "192.168.83.3" ];
|
||||
};
|
||||
hpc =
|
||||
{
|
||||
ed25519 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDVpsQW3kZt5alHC6mZhay3ZEe2fRGziG4YJWCv2nn/O";
|
||||
hostnames = [ "hpc.xmu.edu.cn" ];
|
||||
};
|
||||
github =
|
||||
{
|
||||
ed25519 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl";
|
||||
hostnames = [ "github.com" ];
|
||||
};
|
||||
xmupc1 =
|
||||
{
|
||||
ed25519 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINTvfywkKRwMrVp73HfHTfjhac2Tn9qX/lRjLr09ycHp";
|
||||
hostnames = [ "[office.chn.moe]:6007" "[xmupc1.chn.moe]:6007" "wireguard.xmupc1.chn.moe" "192.168.83.6" ];
|
||||
};
|
||||
xmupc2 =
|
||||
{
|
||||
ed25519 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJZ/+divGnDr0x+UlknA84Tfu6TPD+zBGmxWZY4Z38P6";
|
||||
hostnames = [ "[xmupc2.chn.moe]:6394" "wireguard.xmupc2.chn.moe" "192.168.83.7" ];
|
||||
};
|
||||
};
|
||||
in builtins.listToAttrs (builtins.concatLists (builtins.map
|
||||
(server:
|
||||
(
|
||||
if builtins.pathExists ./ssh/${server.name}_rsa.pub then
|
||||
[{
|
||||
name = "${server.name}-rsa";
|
||||
value =
|
||||
{
|
||||
publicKey = builtins.readFile ./ssh/${server.name}_rsa.pub;
|
||||
hostNames = server.value.hostnames;
|
||||
};
|
||||
}]
|
||||
else []
|
||||
)
|
||||
++ (
|
||||
if builtins.pathExists ./ssh/${server.name}_ecdsa.pub then
|
||||
[{
|
||||
name = "${server.name}-ecdsa";
|
||||
value =
|
||||
{
|
||||
publicKey = builtins.readFile ./ssh/${server.name}_ecdsa.pub;
|
||||
hostNames = server.value.hostnames;
|
||||
};
|
||||
}]
|
||||
else []
|
||||
)
|
||||
++ (
|
||||
if server.value ? ed25519 then
|
||||
[{
|
||||
name = "${server.name}-ed25519";
|
||||
value =
|
||||
{
|
||||
publicKey = server.value.ed25519;
|
||||
hostNames = server.value.hostnames;
|
||||
};
|
||||
}]
|
||||
else []
|
||||
))
|
||||
(inputs.localLib.attrsToList servers)));
|
||||
programs.ssh =
|
||||
{
|
||||
startAgent = true;
|
||||
enableAskPassword = true;
|
||||
askPassword = "${inputs.pkgs.systemd}/bin/systemd-ask-password";
|
||||
extraConfig = "AddKeysToAgent yes";
|
||||
};
|
||||
environment.sessionVariables.SSH_ASKPASS_REQUIRE = "prefer";
|
||||
nixos.user.sharedModules =
|
||||
[(hmInputs: {
|
||||
config.programs.ssh =
|
||||
{
|
||||
enable = true;
|
||||
controlMaster = "auto";
|
||||
controlPersist = "1m";
|
||||
compression = true;
|
||||
matchBlocks = builtins.listToAttrs
|
||||
(
|
||||
(builtins.map
|
||||
(host: { name = host; value = { inherit host; hostname = "${host}.chn.moe"; }; })
|
||||
[
|
||||
"vps6" "wireguard.vps6" "vps7" "wireguard.vps7" "wireguard.pc" "wireguard.nas" "wireguard.surface"
|
||||
"wireguard.xmupc1" "wireguard.xmupc2"
|
||||
])
|
||||
++ (builtins.map
|
||||
(host:
|
||||
{
|
||||
name = host;
|
||||
value =
|
||||
{
|
||||
host = host;
|
||||
hostname = "hpc.xmu.edu.cn";
|
||||
user = host;
|
||||
setEnv.TERM = "chn_unset_ls_colors:xterm-256color";
|
||||
};
|
||||
})
|
||||
[ "wlin" "hwang" ])
|
||||
)
|
||||
// {
|
||||
xmupc1 = { host = "xmupc1"; hostname = "xmupc1.chn.moe"; port = 6007; };
|
||||
xmupc2 = { host = "xmupc2"; hostname = "xmupc2.chn.moe"; port = 6394; };
|
||||
nas = { host = "nas"; hostname = "office.chn.moe"; port = 5440; };
|
||||
pc = { host = "pc"; hostname = "office.chn.moe"; port = 3673; };
|
||||
surface = { host = "surface"; hostname = "192.168.1.166"; };
|
||||
gitea = { host = "gitea"; hostname = "ssh.git.chn.moe"; };
|
||||
jykang =
|
||||
{
|
||||
host = "jykang";
|
||||
hostname = "hpc.xmu.edu.cn";
|
||||
user = "jykang";
|
||||
forwardAgent = true;
|
||||
extraOptions.AddKeysToAgent = "yes";
|
||||
};
|
||||
};
|
||||
};
|
||||
})];
|
||||
};
|
||||
}
|
||||
@@ -1 +0,0 @@
|
||||
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg=
|
||||
@@ -1 +0,0 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk=
|
||||
@@ -1 +0,0 @@
|
||||
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDkkl7A9kWWBoi4b5g6Vus70ja1KhPfcZZjeU1/QbYdN8PRRw/hsGklrhefslKRbym/TMFS0ko0g5WUi9G5vbGw=
|
||||
@@ -1 +0,0 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDgs8MvV2nczjGMZ548tuAhgvCEd4uHu0VhLDSwQG7Nh/UR4Pgc5T9Nf7Vfwg96Lah/pwD5my4RaWis6bLMmlkYyDBKFBOsGYQUe5J5XfZdxk8pz+7L0Hq6gPfAZAdNlUiuFVKsvkE+NF42NgJyXSYQicPbu5LQiFwZGXlW20+LO8uBQ1y1xabKVpg8XGwordduL99VepwEzeLK/st+UVfW+mKgxkf9TuxvD2fuYIDZM7y2rXqcjf4/6OXA5kACsYK1MgZSFxgO/m6+1uCC1qBDseMTA3D+Tsjf9VtcqUE9dMd/dJ/uuILHJ0+oIqkykTCecPLgJY3Vh8rAtln/lbId
|
||||
@@ -1 +0,0 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC0+xafJMnOGCHv6OLljaq8iJ3ZBaIezv7AJ9rVWJXFg/QJRYBwct35c4zaVom7If8F+Ss+BTLMp33HZ8gLpoat6LkjARjy65Ycog3NOnEposX2JjZEYXDbovxEmcJkDXAIVmnaBUi3r22z4UI8OqsHPeRXj017O0yQrQQYEAw/IO/tSNQZt2k8JHxAX50UTqGFdgkriO1fYHBocq48m0nn3sXrMuM3yBe5zy3NngOHxMn7UxjECmAElsuu/nu1x083pRnv5NSa+JxDGJ+S6Zhj3nGGNwZesa51I4cJjsYLxgmO/NxL1J86bDp6HhK9C9799ruG60pGTw6HcvbKTgx7klUgn4936wsy7qukWqp53MvqrLSJkRb/HHU9zZqvzcjbwet+Iv1OAAok5QC88j7Jgenk3nbZw4BNFd2r/8rOZuXheDnMKOa61dXxnvoAO3Euk0RPdZqW1slT/DDyD/kB6TPY7yOywNURNnrwzfSsmravKi6bGA5t2Ehhpf2LETM=
|
||||
@@ -1 +0,0 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDOyU7VvusseL2tDp7JkIXKGxRGQNHpYWVAPraUj17Xls7Z9e7HO6+GBiGP+bB9tZbzsoTNGHdXg8VaJmf98QAhhg0FcUb6IvWmfmPWzQ0MC8L+USqdDpaH7s9SOZF/yveNYCR5GOMmFdSW4OPVYIOrjPltDIe5S1SN2nOXvjxbLmuoMjg+5U4F0ii0ZaCRuMVDskeift+Amxe7iRnSzeDbECd0rJhaUb8gf3shz0Hp9lRUMej7cJH8LLP3m0s3Vk+kasKntz18MpJ6/3n+fR2aK75qkcq9FZaFA4tSIabh9eKoxlRCy7g8Qj6nNStW+ys/a1UYBFgAoTyE7e47o3dpcxR5oMLbeDwhOstWL0YOjEH1K5Wyj3eEOT71C6kuQBPcCJQ9q9hknRpW0mWe9Q6qaAzTgE9LLssijr/yTfYQk7zKEyo0i4f6buOfmyYZfnzfnCB3LiJKa98TVEEzrKYHIO44LwIkNf/YHOMDknzjYpav6HfDy+AebRHZFYhGax1YP/tP0Ve/FSq5rh6Vwuqa/zyfFUPZmZVf+EYXK7DdyuBhEZhBEu6QrjY60NRMTMLpnUZMcZXRAz9byMpAGcCYQv6gjU99ps8AkRjZNkn+FpAtDGT+oJxixQwyZMSxZ+ZuzkZGyBMeMplZXMMLICGZ2LRAgT0bxXLZUxHJBLwwnw==
|
||||
@@ -1 +0,0 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDJAyDl52UVGFPTV/rXFERrXAMY5qZ3g+tpg9HOGdw86G4Nr8Xp/cTxZjF4kSfIkSrGblAV9Lm4US0fW3pGOQu5qQrSAENxqHxdlEyzt7izyF2CklDUeTjs3KHOIZMvSli4z014NPcswBbjwB9Lyrw0fCQ9P1vYkrUHEzL2SMxdack1EQPcMF4MxblDqc+eQhdMCkKE8T1Cb1ZqxeLVMPn9CwjG18JoxL+/xs+MjcsSXYWcoqYTfgfhguMbh0D4Eo32MHS/IzRSxnOHJxhG5xYePcyBlb/CxQuYA+RTqKNE85j7GcL2oEmeZ1b++/9qFT9grwVh+UOBRO2xiMzKDF24nXPJ+eLyd6Z/3swGT4rTVDnrXV5eZUkWLHN093IdLJCTtPVrKV9OxEKr5sU2W0edpirNrlGq7/MYkJX9EbQctDFA69XfQkZlGK9xGutqSgEaVlY54fS0Due+NDrNBPfMKJ9MTmFDOY+NYn05El2rMD39OKbGbCR5ASwSSBlcQeE=
|
||||
@@ -1 +0,0 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDYiP+ELuG5KTmafVjBkY0ZSggJg+mDkvZpF8d7NljMst0YwKWV3IgHnkAGXdTd7jlRgm9HH6oc8rP2R6Q8EJmfr+xcL1IQIWKuYAoddHlpe2Ds4EE74xbgm5Elf7FpdYNHUH9XyVmMmIhVSpLw2N10jUhvYqw+h+xC2nObEKZuBOt/lqrTGbC/EMv3+sDv0ApBh8lKt2yfjt88pnAj1LKPANDgIYSyQOllHQWeUY/eD/5Qc9XWR3uWclslVaxriRmEA0sNZlOFCeRIyDbYpSzQBdcnojkwt7Z5kjhaqGlT9g00fdiqO0OMaeY/G8ki3QxqjONqTEDqK+DpEZFO6jyZARcY6ki0ANc0AO4qosEC3gEbAvVwyPwDFtyDggMTHlTzaw8iakMGSDEk10zKaUOgZYLzC2yCWYYQS5mae9wC1gkXIGD51/laeq2E7NpM+nha6kp9weLVyvwf0DLfwsiP+0qlCLrxBLTSRa0HQ+BnQMi4r16Ss7YJwLf/oXrbOVk=
|
||||
@@ -1 +0,0 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDFwb7qi9/DvhpMvu43LRlTEC+3kPAA0KNeyk4FT4HlpRE/yxMxN6tgrP9vcx2c6TMfkRwIJKDcBuVVtKOVx+SDZo+nQBxpSz73v1qSmqlsy8D4gCk0a7cLgStb3Cvh0UZjJ5nVnxjzqY2CFnpnKYGmxL+a3qTj1KYPuA2wSsxkYVcHUfDj/uTtEDdRPaNTACsUxe1a57T/Tsjp+321+zKldYreozaABEBsexf9Z34+3vZvyQcfDB3QuxlBRPJBLik80QllpNpE1bqol8swoGEPbl/Ac7tNy+GtlwTG9SH1povmoT9K+8tjJaG2pD+z+vvgZQtJQh+aczYmEBJRZp3ksw1JH4eGqTWG/SDat9Isnx2NDhJe12b9izniDciuBScNySAazIDPidsCMUYjc9kgWdSOiODOtodj5IB+KazFVJgfpmzPv97LHVdjvR74usrgbFw2mYCw2YEiL3xjDYpQGmXSNklsQLwJiBe59oyS4QNpNYQzYD9StjgRIdvtmiM=
|
||||
@@ -1 +0,0 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDVbOvoFVaGkqYzIWsmMFlpkE+TDAONOWWaJBQ0K4fiOLy7uh02b/jYNZrbllPDP+Gq+ikYEJnJX2ceDsh9mLtJTznBQXgJOMUZDYy0enu7hYLKMmRTgJntzHjMbZENMhP+I3N9JnQ1PQz7lICg1xkEBQm2CESYCCjo0rJKYplPH1bo02myEazKlKTn6tu40ysrYOoJO8+jwbUDqtWATjSZtgYojuh6dbIoK3O+Ntgwl4W0NqXEqXYXTWpU0qKOqAsP/9F9WJ5d1wVNNbvmcAJ26dkYaiPCNgW4MGTucAgoxM6IPVVj9U+OEZLoCPsqAGCT02vH5MoDNTmGaSv0DjuYOzz5C+jAhMCznXFXCI4bfawvuda/WwGIniB5iKNSBZt3XxYyUw4YBcVCNiWUt9bIgEvnR4E8HYHdjNrbQ0Z58L6DcPSySLQer7C658Vo/nRUlBq6lIWYhcdjxHHkP9iFtuFW1HmoUKkuaLl+uiflrSppX9wt8eaPwGgGIHkLwgc=
|
||||
@@ -1 +0,0 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCa7ZRmIAtuGd58MQXnJnPqmad+6u8JiBKb7+xEfMmVdeVtJ5lEfXCkZ0vbSMxnGZCLL3eVxdejaGToLw+ArEJ1cl6KzZdsdGy1wATFtJj4oYHtZ/MXg+qulNR4nQ6DGWfGR7FEXjZNaJfVuLBFBmUlsbotBdhaAJzw5+nnIxY5d86nfqzsYstMqB/1ZHLRTV9h/jp8XNgnUu1BR/oVk4eMvzTUbr42LedeB1anLnI0+ycAzol/XMpsUNuRLVhYhMbg9rpyoZF1WMBTjG2Jnv9JtCpJlnZaOjzh3eD8PBuyZtGyya7QxVkhH4ULUMNnuyi8E0IOJwdN4cQi61fa7rLtsYfUrN2w0nI/WRLiBxiuPbvq4tKeHi8DpM/MrUbZONY2eFo4CaX9sxYN6U65jDfsbK3x6Za0HhVt8zcPLGgESm4Y6O8YTQrdbpL1ifNFX2Y9B++FQw2iRoqa6U0Wrs6SfVQFp1RqnqSl6fLOCixl16PpHWqRilweKbg3uIMEqEc=
|
||||
@@ -13,14 +13,14 @@ inputs:
|
||||
{
|
||||
virtualisation.oci-containers.containers.huginn =
|
||||
{
|
||||
image = "huginn/huginn:2d5fcafc507da3e8c115c3479e9116a0758c5375";
|
||||
image = "huginn/huginn:5a1509b51188e0d16868be893c983d6fcfd232a5";
|
||||
imageFile = inputs.pkgs.dockerTools.pullImage
|
||||
{
|
||||
imageName = "ghcr.io/huginn/huginn";
|
||||
imageDigest = "sha256:aa694519b196485c6c31582dde007859fc8b8bbe9b1d4d94c6db8558843d0458";
|
||||
sha256 = "0471v20d7ilwx81kyrxjcb90nnmqyyi9mwazbpy3z4rhnzv7pz76";
|
||||
imageDigest = "sha256:6f7a5b41457b94490210221a8bd3aae32d4ebfc2652f97c14919aa8036d7294e";
|
||||
sha256 = "1ha6c6bwdpdl98cwwxw5fan0j77ylgaziidqhnyh6anpzq35f540";
|
||||
finalImageName = "huginn/huginn";
|
||||
finalImageTag = "2d5fcafc507da3e8c115c3479e9116a0758c5375";
|
||||
finalImageTag = "5a1509b51188e0d16868be893c983d6fcfd232a5";
|
||||
};
|
||||
ports = [ "127.0.0.1:3000:3000/tcp" ];
|
||||
extraOptions = [ "--add-host=host.docker.internal:host-gateway" ];
|
||||
|
||||
@@ -36,5 +36,8 @@ inputs:
|
||||
sops.secrets = builtins.listToAttrs (builtins.map
|
||||
(server: { name = "redis/${server.name}"; value.owner = inputs.config.users.users.${server.value.user}.name; })
|
||||
(builtins.filter (server: server.value.passwordFile == null) (inputs.localLib.attrsToList redis.instances)));
|
||||
systemd.services = builtins.listToAttrs (builtins.map
|
||||
(server: { name = "redis-${server}"; value.serviceConfig.TimeoutStartSec = 0; })
|
||||
(builtins.attrNames redis.instances));
|
||||
};
|
||||
}
|
||||
|
||||
@@ -50,7 +50,13 @@ inputs:
|
||||
{
|
||||
services =
|
||||
{
|
||||
xray = { enable = true; settingsFile = inputs.config.sops.templates."xray-client.json".path; };
|
||||
xray =
|
||||
{
|
||||
enable = true;
|
||||
settingsFile = inputs.config.sops.templates."xray-client.json".path;
|
||||
package = inputs.pkgs.xray.overrideAttrs
|
||||
(prev: { patches = prev.patches or [] ++ [ ./disable-splice.patch ];});
|
||||
};
|
||||
dnsmasq =
|
||||
{
|
||||
enable = true;
|
||||
@@ -328,7 +334,13 @@ inputs:
|
||||
(
|
||||
inputs.lib.mkIf (xray.server != null) (let userList = builtins.genList (n: n) xray.server.userNumber; in
|
||||
{
|
||||
services.xray = { enable = true; settingsFile = inputs.config.sops.templates."xray-server.json".path; };
|
||||
services.xray =
|
||||
{
|
||||
enable = true;
|
||||
settingsFile = inputs.config.sops.templates."xray-server.json".path;
|
||||
package = inputs.pkgs.xray.overrideAttrs
|
||||
(prev: { patches = prev.patches or [] ++ [ ./disable-splice.patch ];});
|
||||
};
|
||||
sops =
|
||||
{
|
||||
templates."xray-server.json" =
|
||||
16
modules/services/xray/disable-splice.patch
Normal file
16
modules/services/xray/disable-splice.patch
Normal file
@@ -0,0 +1,16 @@
|
||||
diff --git a/disable-splice.patch b/disable-splice.patch
|
||||
new file mode 100644
|
||||
index 0000000..e69de29
|
||||
diff --git a/proxy/proxy.go b/proxy/proxy.go
|
||||
index 6a5a179..ca71241 100644
|
||||
--- a/proxy/proxy.go
|
||||
+++ b/proxy/proxy.go
|
||||
@@ -474,7 +474,7 @@ func CopyRawConnIfExist(ctx context.Context, readerConn net.Conn, writerConn net
|
||||
readerConn, readCounter, _ := UnwrapRawConn(readerConn)
|
||||
writerConn, _, writeCounter := UnwrapRawConn(writerConn)
|
||||
reader := buf.NewReader(readerConn)
|
||||
- if inbound := session.InboundFromContext(ctx); inbound != nil {
|
||||
+ if inbound := session.InboundFromContext(ctx); false {
|
||||
if tc, ok := writerConn.(*net.TCPConn); ok && readerConn != nil && writerConn != nil && (runtime.GOOS == "linux" || runtime.GOOS == "android") {
|
||||
for inbound.CanSpliceCopy != 3 {
|
||||
if inbound.CanSpliceCopy == 1 {
|
||||
@@ -10,7 +10,6 @@ inputs:
|
||||
(builtins.attrNames inputs.config.users.groups);
|
||||
autoSubUidGidRange = true;
|
||||
hashedPassword = "$y$j9T$xJwVBoGENJEDSesJ0LfkU1$VEExaw7UZtFyB4VY1yirJvl7qS7oiF49KbEBrV0.hhC";
|
||||
openssh.authorizedKeys.keys = [(builtins.readFile ./id_ed25519_sk.pub)];
|
||||
};
|
||||
home-manager.users.chn =
|
||||
{
|
||||
|
||||
1
modules/user/chn/id_ed25519.pub
Normal file
1
modules/user/chn/id_ed25519.pub
Normal file
@@ -0,0 +1 @@
|
||||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOH3AvxMlB3omzH6SFQt0Z5+f05x9nMJpFfSLH4OIYV+ chn@pc
|
||||
@@ -1 +0,0 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDXlhoouWG+arWJz02vBP/lxpG2tUjx8jhGBnDeNyMu0OtGcnHMAWcb3YDP0A2XJIVFBCCZMM2REwnSNbHRSCl1mTdRbelfjA+7Jqn1wnrDXkAOG3S8WYXryPGpvavu6lgW7p+dIhGiTLWwRbFH+epFTn1hZ3A1UofVIWTOPdoOnx6k7DpQtIVMWiIXLg0jIkOZiTMr3jKfzLMBAqQ1xbCV2tVwbEY02yxxyxIznbpSPReyn1RDLWyqqLRd/oqGPzzhEXNGNAZWnSoItkYq9Bxh2AvMBihiTir3FEVPDgDLtS5LUpM93PV1yTr6JyCPAod9UAxpfBYzHKse0KCQFoZH chn@chn-PC
|
||||
@@ -69,7 +69,7 @@ inputs:
|
||||
keys = [ "rsa" "ed25519" "ed25519_sk" ];
|
||||
getKey = user: key: inputs.lib.optional (builtins.pathExists ./${user}/id_${key}.pub)
|
||||
(builtins.readFile ./${user}/id_${key}.pub);
|
||||
in inputs.lib.mkDefault (builtins.concatLists (builtins.map (key: getKey userName key) keys));
|
||||
in builtins.concatLists (builtins.map (key: getKey userName key) keys);
|
||||
};
|
||||
})
|
||||
user.users);
|
||||
@@ -106,7 +106,8 @@ inputs:
|
||||
users.users.root =
|
||||
{
|
||||
shell = inputs.pkgs.zsh;
|
||||
openssh.authorizedKeys.keys = [(builtins.readFile ./chn/id_ed25519_sk.pub)];
|
||||
openssh.authorizedKeys.keys =
|
||||
[ (builtins.readFile ./chn/id_ed25519_sk.pub) (builtins.readFile ./chn/id_ed25519.pub) ];
|
||||
hashedPassword = "$y$j9T$.UyKKvDnmlJaYZAh6./rf/$65dRqishAiqxCE6LEMjqruwJPZte7uiyYLVKpzdZNH5";
|
||||
};
|
||||
home-manager.users.root =
|
||||
|
||||
Reference in New Issue
Block a user