[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
03/03: hydra: Rename 'berlin-new.scm' to 'berlin.scm'.
From: |
Ludovic Courtθs |
Subject: |
03/03: hydra: Rename 'berlin-new.scm' to 'berlin.scm'. |
Date: |
Sat, 17 Feb 2018 19:26:05 -0500 (EST) |
civodul pushed a commit to branch master
in repository maintenance.
commit 945e2d194e7d56fe14a4807df8da989fda52f88b
Author: Ludovic Courtès <address@hidden>
Date: Sun Feb 18 01:25:24 2018 +0100
hydra: Rename 'berlin-new.scm' to 'berlin.scm'.
The old 'berlin.scm' was no longer useful.
* hydra/berlin-new.scm: Rename to...
* hydra/berlin.scm: ... this.
---
hydra/berlin-new.scm | 161 ---------------------------------------------------
hydra/berlin.scm | 39 ++++++++-----
2 files changed, 24 insertions(+), 176 deletions(-)
diff --git a/hydra/berlin-new.scm b/hydra/berlin-new.scm
deleted file mode 100644
index d5bdaf4..0000000
--- a/hydra/berlin-new.scm
+++ /dev/null
@@ -1,161 +0,0 @@
-;; OS configuration for "berlin", the frontend of the compile farm
-;; hosted at the MDC.
-
-(use-modules (gnu) (guix) (sysadmin services) (sysadmin people))
-(use-service-modules base networking admin shepherd)
-(use-package-modules admin certs emacs linux ssh tls vim package-management
- web wget ci rsync)
-
-(define %sysadmins
- ;; The sysadmins.
- (list (sysadmin (name "ludo")
- (full-name "Ludovic Courtès")
- (ssh-public-key (local-file "keys/ssh/ludo.pub")))
- (sysadmin (name "rekado")
- (full-name "Ricardo Wurmus")
- (ssh-public-key (local-file "keys/ssh/rekado.pub")))
- (sysadmin (name "andreas")
- (full-name "Andreas Enge")
- (ssh-public-key (local-file "keys/ssh/andreas.pub")))))
-
-(define %nginx-config
- ;; Our nginx configuration directory. It expects 'guix publish' to be
- ;; running on port 3000.
- (computed-file "nginx-config"
- (with-imported-modules '((guix build utils))
- #~(begin
- (use-modules (guix build utils))
-
- (mkdir #$output)
- (chdir #$output)
- (symlink #$(local-file "nginx/berlin.conf")
- "berlin.conf")
- (copy-file #$(local-file
- "nginx/berlin-locations.conf")
- "berlin-locations.conf")
- (substitute* "berlin-locations.conf"
- (("@WWWROOT@")
- #$(local-file "nginx/html/berlin" #:recursive?
#t)))))))
-
-
-
-;;;
-;;; Operating system.
-;;;
-
-(define %motd
- ;; Message of the day!
- (plain-file "motd"
- "\
- βββ βββ
- βββββββββββββ βββββββββββββ
- ββββββββββββββ βββββββββββββ
- βββββββββββ ββββββββββ
- ββββββ ββββββ
- βββββ ββββββ
- βββββ βββββ
- ββββββ βββββ Welcome to berlin!
- βββββ βββββ
- βββββ βββββ
- βββββββββββ
- βββββββββ
- βββββββ
-
-Best practices:
-
- 1. Store everything in guix-maintenance.git.
- 2. Use the Git checkouts of Guix and guix-maintenance in ~root.
- 3. Notify address@hidden when reconfiguring.
- 4. Notify address@hidden when something goes wrong.
-
- 5. Notify address@hidden or address@hidden when the
- machine doesn't respond. Only Ricardo has access to the serial console
- to reset the machine.
-
-Happy hacking!\n"))
-
-
-(operating-system
- (host-name "berlin.guixsd.org")
- (timezone "Europe/Berlin")
- (locale "en_US.utf8")
-
- ;; Allow access through the serial console at 141.80.167.201; the
- ;; management interface can only be accessed through selected
- ;; servers within the MDC campus network.
- (kernel-arguments '("console=tty0"
- "console=ttyS0,115200"))
-
- ;; The Dell server need these kernel modules for the
- ;; RAID controller.
- (initrd (lambda (fs . args)
- (apply base-initrd fs
- #:extra-modules
- (list "megaraid_sas" "libsas" "scsi_transport_sas")
- args)))
-
- ;; Show the GRUB menu on the serial interface.
- (bootloader (grub-configuration (device "/dev/sda")
- (terminal-inputs '(serial))
- (terminal-outputs '(serial))))
-
- ;; Just a single disk, no RAID :-/
- (file-systems (cons (file-system
- (device "my-root")
- (title 'label)
- (mount-point "/")
- (type "ext4"))
- %base-file-systems))
-
- ;; Local admin account for MDC maintenance.
- (users (cons (user-account
- (name "bi-admin")
- (comment "Local admin")
- (group "users")
- (supplementary-groups '("wheel"))
- (home-directory "/home/bi-admin"))
- %base-user-accounts))
-
- (packages (cons* certbot emacs wget iptables
- jnettop openssh rsync
- ;; This is needed to set GIT_SSL_CAINFO allowing
- ;; Cuirass to fetch sources via HTTPS.
- nss-certs
- %base-packages))
-
- (services (cons*
- ;; Connection to the DMZ for public access
- (static-networking-service "eno1"
- "141.80.181.40"
- #:netmask "255.255.255.0"
- #:gateway "141.80.181.1")
- ;; Connection to build nodes
- (static-networking-service "eno3"
- "141.80.167.131"
- #:netmask "255.255.255.192")
- ;; Connection to storage head
- ;; TODO: This should become a bonded interface with
- ;; enp4s0f0 and enp4s0f1.
- (static-networking-service "enp4s0f1"
- "192.168.168.2"
- #:netmask "255.255.255.0")
-
- ;; Allow login over serial console.
- (agetty-service (agetty-configuration
- (tty "ttyS0")
- (baud-rate "115200")))
-
- ;; Make SSH and HTTP/HTTPS available over Tor.
- (tor-hidden-service "http"
- '((22 "127.0.0.1:22")
- (80 "127.0.0.1:80")
- (443 "127.0.0.1:443")))
- (tor-service)
-
- (frontend-services %sysadmins
- #:systems '("x86_64-linux" "i686-linux"
- "aarch64-linux")
- #:motd %motd
- #:nginx-config-file
- (file-append %nginx-config "/berlin.conf")
- #:max-jobs 20))))
diff --git a/hydra/berlin.scm b/hydra/berlin.scm
index ce3fa9d..d5bdaf4 100644
--- a/hydra/berlin.scm
+++ b/hydra/berlin.scm
@@ -18,7 +18,6 @@
(full-name "Andreas Enge")
(ssh-public-key (local-file "keys/ssh/andreas.pub")))))
-
(define %nginx-config
;; Our nginx configuration directory. It expects 'guix publish' to be
;; running on port 3000.
@@ -32,7 +31,7 @@
(symlink #$(local-file "nginx/berlin.conf")
"berlin.conf")
(copy-file #$(local-file
- "nginx/bayfront-locations.conf")
+ "nginx/berlin-locations.conf")
"berlin-locations.conf")
(substitute* "berlin-locations.conf"
(("@WWWROOT@")
@@ -81,17 +80,18 @@ Happy hacking!\n"))
(timezone "Europe/Berlin")
(locale "en_US.utf8")
- ;; Allow access through the serial console at 141.80.113.141; the
+ ;; Allow access through the serial console at 141.80.167.201; the
;; management interface can only be accessed through selected
;; servers within the MDC campus network.
(kernel-arguments '("console=tty0"
- "console=ttyS1,9600n8"))
+ "console=ttyS0,115200"))
- ;; The SunFire X2200 M2 servers need this kernel module for their
- ;; disk controllers.
+ ;; The Dell server need these kernel modules for the
+ ;; RAID controller.
(initrd (lambda (fs . args)
(apply base-initrd fs
- #:extra-modules (list "sata_nv")
+ #:extra-modules
+ (list "megaraid_sas" "libsas" "scsi_transport_sas")
args)))
;; Show the GRUB menu on the serial interface.
@@ -124,20 +124,26 @@ Happy hacking!\n"))
%base-packages))
(services (cons*
- ;; TODO: configure the second network interface once it's
- ;; hooked up to the switch.
- (static-networking-service "enp6s4f0"
+ ;; Connection to the DMZ for public access
+ (static-networking-service "eno1"
"141.80.181.40"
#:netmask "255.255.255.0"
#:gateway "141.80.181.1")
- (static-networking-service "enp0s8"
- "192.168.0.1"
+ ;; Connection to build nodes
+ (static-networking-service "eno3"
+ "141.80.167.131"
+ #:netmask "255.255.255.192")
+ ;; Connection to storage head
+ ;; TODO: This should become a bonded interface with
+ ;; enp4s0f0 and enp4s0f1.
+ (static-networking-service "enp4s0f1"
+ "192.168.168.2"
#:netmask "255.255.255.0")
;; Allow login over serial console.
(agetty-service (agetty-configuration
- (tty "ttyS1")
- (baud-rate "9600")))
+ (tty "ttyS0")
+ (baud-rate "115200")))
;; Make SSH and HTTP/HTTPS available over Tor.
(tor-hidden-service "http"
@@ -147,6 +153,9 @@ Happy hacking!\n"))
(tor-service)
(frontend-services %sysadmins
+ #:systems '("x86_64-linux" "i686-linux"
+ "aarch64-linux")
#:motd %motd
#:nginx-config-file
- (file-append %nginx-config "/berlin.conf")))))
+ (file-append %nginx-config "/berlin.conf")
+ #:max-jobs 20))))