luj/snowfield
1
0
Fork 0
mirror of https://github.com/JulienMalka/snowfield.git synced 2025-06-08 02:09:04 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: luj:de74b6d27077703685f17ec9c76288c369e9280c
Branches Tags
luj:main
...
compare: luj:31eaab7106cb332bf10b55aa733a5a06ff386c23
Branches Tags
luj:main

4 commits
de74b6d270 ... 31eaab7106

Author SHA1 Message Date
Julien Malka
31eaab7106
chore: multiple xorg change for fischer 2025-06-03 15:15:08 +02:00
Julien Malka
5e739bf9be
fix: properly import artiflakery 2025-06-03 15:08:47 +02:00
Julien Malka
e2f6dc50c1
chore: update deps 2025-06-03 15:08:26 +02:00
Julien Malka
1f8eff3355
feat: deploy artiflakery to gustave 2025-06-03 15:07:00 +02:00
7 changed files with 205 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

2
lib/mkmachine.nix
View file

@ -34,6 +34,7 @@ import "${nixpkgs}/nixos/lib/eval-config.nix" {
(import "${inputs.buildbot-nix}/nix/master.nix") (import "${inputs.buildbot-nix}/nix/master.nix")
(import "${inputs.buildbot-nix}/nix/worker.nix") (import "${inputs.buildbot-nix}/nix/worker.nix")
(import "${inputs.agenix}/modules/age.nix") (import "${inputs.agenix}/modules/age.nix")
(import "${inputs.artiflakery}/module.nix")
(import "${inputs.impermanence}/nixos.nix") (import "${inputs.impermanence}/nixos.nix")
(import inputs.lanzaboote).nixosModules.lanzaboote (import inputs.lanzaboote).nixosModules.lanzaboote
(import inputs.lila).nixosModules.hash-collection (import inputs.lila).nixosModules.hash-collection
@ -52,6 +53,7 @@ import "${nixpkgs}/nixos/lib/eval-config.nix" {
}); });
# Packages comming from other repositories # Packages comming from other repositories
lila-build-hook = (import inputs.lila).packages.${system}.utils; lila-build-hook = (import inputs.lila).packages.${system}.utils;
artiflakery = (import inputs.artiflakery).defaultPackage.${system};
# My own packages # My own packages
keycloak-keywind = prev.pkgs.callPackage ../packages/keycloak-keywind { }; keycloak-keywind = prev.pkgs.callPackage ../packages/keycloak-keywind { };
hydrasect = prev.pkgs.callPackage ../packages/hydrasect { }; hydrasect = prev.pkgs.callPackage ../packages/hydrasect { };

16
lon.lock
View file

@ -11,6 +11,16 @@
"url": "https://github.com/ryantm/agenix/archive/96e078c646b711aee04b82ba01aefbff87004ded.tar.gz", "url": "https://github.com/ryantm/agenix/archive/96e078c646b711aee04b82ba01aefbff87004ded.tar.gz",
"hash": "sha256-bHCFgGeu8XjWlVuaWzi3QONjDW3coZDqSHvnd4l7xus=" "hash": "sha256-bHCFgGeu8XjWlVuaWzi3QONjDW3coZDqSHvnd4l7xus="
}, },
"artiflakery": {
"type": "GitHub",
"fetchType": "tarball",
"owner": "JulienMalka",
"repo": "artiflakery",
"branch": "main",
"revision": "485ef296b4f9ff7bb6edb9ff5fe525a04e422adc",
"url": "https://github.com/JulienMalka/artiflakery/archive/485ef296b4f9ff7bb6edb9ff5fe525a04e422adc.tar.gz",
"hash": "sha256-fADYwTMZuO4S1uH3RSYc9wowvGoa/55mYvG47NmVvbc="
},
"buildbot-nix": { "buildbot-nix": {
"type": "GitHub", "type": "GitHub",
"fetchType": "tarball", "fetchType": "tarball",
@ -127,9 +137,9 @@
"owner": "nikstur", "owner": "nikstur",
"repo": "lon", "repo": "lon",
"branch": "main", "branch": "main",
"revision": "ad3bc97747c651e23fbc12c70a5849d3d8e9fdf4", "revision": "d17d0fe04fb7ce15f0e2e3521b97906514ec1857",
"url": "https://github.com/nikstur/lon/archive/ad3bc97747c651e23fbc12c70a5849d3d8e9fdf4.tar.gz", "url": "https://github.com/nikstur/lon/archive/d17d0fe04fb7ce15f0e2e3521b97906514ec1857.tar.gz",
"hash": "sha256-MgMDxS9xiiSkL/KsCTxLrr9wd9n1S/wq4lrA/NSyqBE=" "hash": "sha256-3wppxmmCMoizu6aemTt2wtakXlPI4E68odEVxU2r2Uc="
}, },
"nix-index-database": { "nix-index-database": {
"type": "GitHub", "type": "GitHub",

14
lon.nix
View file

@ -23,12 +23,24 @@ let
fetchSource = fetchSource =
args@{ fetchType, ... }: args@{ fetchType, ... }:
if fetchType == "git" then if fetchType == "git" then
builtins.fetchGit { builtins.fetchGit (
{
url = args.url; url = args.url;
ref = args.branch; ref = args.branch;
rev = args.revision; rev = args.revision;
narHash = args.hash; narHash = args.hash;
submodules = args.submodules;
} }
// (
if args ? lastModified then
{
inherit (args) lastModified;
shallow = true;
}
else
{ }
)
)
else if fetchType == "tarball" then else if fetchType == "tarball" then
builtins.fetchTarball { builtins.fetchTarball {
url = args.url; url = args.url;

75
machines/fischer/default.nix
View file

@ -126,36 +126,65 @@ in
services.autorandr = { services.autorandr = {
enable = true; enable = true;
matchEdid = true;
ignoreLid = true;
profiles = { profiles = {
default = { default = {
fingerprint = { fingerprint = {
eDP-1-1 = "00ffffffffffff0006af9af900000000141f0104a51e13780363f5a854489d240e505400000001010101010101010101010101010101fa3c80b870b0244010103e002dbc1000001ac83080b870b0244010103e002dbc1000001a000000fe004a38335646804231343055414e0000000000024101b2001100000a410a20200068"; "eDP*" =
"00ffffffffffff0006af9af900000000141f0104a51e13780363f5a854489d240e505400000001010101010101010101010101010101fa3c80b870b0244010103e002dbc1000001ac83080b870b0244010103e002dbc1000001a000000fe004a38335646804231343055414e0000000000024101b2001100000a410a20200068";
}; };
config = { config = {
eDP-1-1.enable = true; "eDP*" = {
enable = true;
primary = true;
position = "0x0";
mode = "1920x1200";
};
}; };
}; };
dock-julien = { dock-julien = {
fingerprint = { fingerprint = {
eDP-1-1 = "00ffffffffffff0006af9af900000000141f0104a51e13780363f5a854489d240e505400000001010101010101010101010101010101fa3c80b870b0244010103e002dbc1000001ac83080b870b0244010103e002dbc1000001a000000fe004a38335646804231343055414e0000000000024101b2001100000a410a20200068"; "eDP*" =
DP-1-5-3 = "00ffffffffffff0010ac42d1425439312021010380351e78eaa3d5ab524f9d240f5054a54b008100b300d100714fa9408180d1c00101565e00a0a0a02950302035000f282100001a000000ff004446354c5459330a2020202020000000fc0044454c4c205032343233440a20000000fd00314b1d711c000a2020202020200107020318b14d010203071112161304141f051065030c001000023a801871382d40582c45000f282100001e011d8018711c1620582c25000f282100009e011d007251d01e206e2855000f282100001e7e3900a080381f4030203a000f282100001a00000000000000000000000000000000000000000000000000000000000000c1"; "00ffffffffffff0006af9af900000000141f0104a51e13780363f5a854489d240e505400000001010101010101010101010101010101fa3c80b870b0244010103e002dbc1000001ac83080b870b0244010103e002dbc1000001a000000fe004a38335646804231343055414e0000000000024101b2001100000a410a20200068";
DP-1-5-1 = "00ffffffffffff0026cd6b610f01010117210104a5351e783be725a8554ea0260d5054bfef80d140d100d1c0b30095009040818081c0565e00a0a0a02950302035000f282100001a000000ff0031323134383332333030313335000000fd00314b0f5a19000a202020202020000000fc00504c32343933510a202020202001c5020320f153101f051404131e1d121116150f0e030207060123097f0783010000394e00a0a0a02250302035000f282100001a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000079"; "DP*-3" =
"00ffffffffffff0010ac42d1425439312021010380351e78eaa3d5ab524f9d240f5054a54b008100b300d100714fa9408180d1c00101565e00a0a0a02950302035000f282100001a000000ff004446354c5459330a2020202020000000fc0044454c4c205032343233440a20000000fd00314b1d711c000a2020202020200107020318b14d010203071112161304141f051065030c001000023a801871382d40582c45000f282100001e011d8018711c1620582c25000f282100009e011d007251d01e206e2855000f282100001e7e3900a080381f4030203a000f282100001a00000000000000000000000000000000000000000000000000000000000000c1";
"DP*-1" =
"00ffffffffffff0026cd6b610f01010117210104a5351e783be725a8554ea0260d5054bfef80d140d100d1c0b30095009040818081c0565e00a0a0a02950302035000f282100001a000000ff0031323134383332333030313335000000fd00314b0f5a19000a202020202020000000fc00504c32343933510a202020202001c5020320f153101f051404131e1d121116150f0e030207060123097f0783010000394e00a0a0a02250302035000f282100001a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000079";
}; };
config = { config = {
eDP-1-1.enable = false; "eDP*".enable = false;
DP-1-5-1 = { "DP*-1" = {
enable = true; enable = true;
primary = true; primary = true;
position = "0x0"; position = "0x0";
mode = "2560x1440"; mode = "2560x1440";
}; };
DP-1-5-3 = { "DP*3" = {
enable = true; enable = true;
position = "2560x0"; position = "2560x0";
mode = "2560x1440"; mode = "2560x1440";
}; };
}; };
}; };
dock-theo = {
fingerprint = {
"eDP*" =
"00ffffffffffff0006af9af900000000141f0104a51e13780363f5a854489d240e505400000001010101010101010101010101010101fa3c80b870b0244010103e002dbc1000001ac83080b870b0244010103e002dbc1000001a000000fe004a38335646804231343055414e0000000000024101b2001100000a410a20200068";
"DP*-1" =
"00ffffffffffff0010ac4042424d34412d200104a53c22783ac525aa534f9d25105054a54b00714f8180a9c0d1c081c081cf01010101023a801871382d40582c450056502100001e000000ff0039464c505a4e330a2020202020000000fc0044454c4c205032373232480a20000000fd00384c1e5311010a2020202020200000";
};
config = {
"eDP*".enable = false;
"DP*-1" = {
enable = true;
primary = true;
position = "0x0";
mode = "1920x1080";
};
};
};
}; };
}; };
@ -170,7 +199,10 @@ in
# Load nvidia driver for Xorg and Wayland # Load nvidia driver for Xorg and Wayland
services.xserver.videoDrivers = [ "nvidia" ]; services.xserver.videoDrivers = [ "nvidia" ];
services.xserver.autoRepeatDelay = 250;
services.xserver.autoRepeatInterval = 30;
hardware.nvidia.forceFullCompositionPipeline = true;
services.libinput.touchpad.tapping = false; services.libinput.touchpad.tapping = false;
hardware.nvidia.prime = { hardware.nvidia.prime = {
@ -179,14 +211,33 @@ in
nvidiaBusId = "PCI:1:0:0"; nvidiaBusId = "PCI:1:0:0";
}; };
hardware.nvidia = { nix = {
distributedBuilds = true;
buildMachines = [
{
hostName = "epyc.infra.newtype.fr";
maxJobs = 100;
systems = [
"x86_64-linux"
"aarch64-linux"
];
sshUser = "root";
sshKey = "/home/julien/.ssh/id_ed25519";
supportedFeatures = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
];
speedFactor = 2;
}
];
};
hardware.nvidia = {
modesetting.enable = true; modesetting.enable = true;
powerManagement.enable = true;
#powerManagement.finegrained = true;
open = true; open = true;
nvidiaSettings = true; nvidiaSettings = true;
dynamicBoost.enable = true;
package = config.boot.kernelPackages.nvidiaPackages.beta; package = config.boot.kernelPackages.nvidiaPackages.beta;
}; };

108
machines/gustave/artiflakery.nix Normal file
View file

@ -0,0 +1,108 @@
{ config, lib, ... }:
{
age.secrets."artiflakery-auth" = {
file = ../../secrets/artiflakery-auth.age;
owner = "artiflakery";
};
services.nginx.virtualHosts."static.luj.fr" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:8090";
};
};
users.users.artiflakery.isSystemUser = lib.mkForce false;
users.users.artiflakery.isNormalUser = lib.mkForce true;
services.artiflakery = {
enable = true;
authFile = config.age.secrets."artiflakery-auth".path;
routes = {
"papers/2024/increasing-trust-scc-rb-fpm/" = {
flakeref = "git+ssh://git@gitlab.enst.fr/julien.malka/phd.git?dir=productions/papers/2024-ICSE-doctoral-symposium&ref=main";
access = [
"public"
];
};
"papers/2024/reproducibility-env-space-time/" = {
flakeref = "git+ssh://git@gitlab.enst.fr/julien.malka/phd.git?dir=productions/papers/2024-ICSE-reproducibility-build-env-space-time&ref=main";
access = [
"public"
];
};
"papers/2025/bitwise-reproducibility-at-scale/" = {
flakeref = "git+ssh://git@gitlab.enst.fr/julien.malka/phd.git?dir=productions/papers/2025-MSR-reproducibility&ref=main";
access = [
"public"
];
};
"papers/WIP/xz-mitigation-rb/" = {
flakeref = "git+ssh://git@gitlab.enst.fr/julien.malka/phd.git?dir=productions/papers/2025-xz-reproducible-builds&ref=main";
access = [
"phd"
"julien"
];
};
"posters/2024/ICSE-DS/" = {
flakeref = "git+ssh://git@gitlab.enst.fr/julien.malka/phd.git?dir=productions/posters/2024-ICSE-DS&ref=main";
access = [
"public"
];
};
"posters/2025/MSR/" = {
flakeref = "git+ssh://git@gitlab.enst.fr/julien.malka/phd.git?dir=productions/posters/2025-MSR&ref=main";
access = [
"public"
];
};
"slides/2023/journee-gdr-gpl/" = {
flakeref = "git+ssh://git@gitlab.enst.fr/julien.malka/phd.git?dir=productions/slides/2023-gdr-gpl-days&ref=main";
access = [
"public"
];
};
"slides/2024/csi-year-1/" = {
flakeref = "git+ssh://git@gitlab.enst.fr/julien.malka/phd.git?dir=productions/slides/2024-csi-year-1&ref=main";
access = [
"phd"
"julien"
];
};
"slides/2024/phd-symposium-infres/" = {
flakeref = "git+ssh://git@gitlab.enst.fr/julien.malka/phd.git?dir=productions/slides/2024-phd-symposium-infres&ref=main";
access = [
"public"
];
};
"slides/2024/point-etape-mai/" = {
flakeref = "git+ssh://git@gitlab.enst.fr/julien.malka/phd.git?dir=productions/slides/2024-point-etape-main&ref=main";
access = [
"phd"
"julien"
];
};
"slides/2024/reading-group-build-systems/" = {
flakeref = "git+ssh://git@gitlab.enst.fr/julien.malka/phd.git?dir=productions/slides/2024-reading-group-build-systems&ref=main";
access = [
"aces"
];
};
"slides/2024/reading-group-vulnerabilities-ssc/" = {
flakeref = "git+ssh://git@gitlab.enst.fr/julien.malka/phd.git?dir=productions/slides/2024-reading-group-vulnerabilities-ssc&ref=main";
access = [
"aces"
];
};
"slides/2025/assert-june-workshop/" = {
flakeref = "git+ssh://forgejo@git.luj.fr/luj/assert-prez.git?ref=main";
access = [
"assert"
];
};
};
};
}

1
machines/gustave/default.nix
View file

@ -18,6 +18,7 @@
./nextcloud.nix ./nextcloud.nix
./glance.nix ./glance.nix
./syncthing.nix ./syncthing.nix
./artiflakery.nix
"${inputs.unstable}/nixos/modules/services/web-apps/readeck.nix" "${inputs.unstable}/nixos/modules/services/web-apps/readeck.nix"
]; ];

BIN
secrets/artiflakery-auth.age Normal file
View file

Binary file not shown.