[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
02/02: hydra: Add module for Honeycomb LX2 nodes.
|
From: |
Ricardo Wurmus |
|
Subject: |
02/02: hydra: Add module for Honeycomb LX2 nodes. |
|
Date: |
Fri, 26 Nov 2021 06:17:56 -0500 (EST) |
rekado pushed a commit to branch master
in repository maintenance.
commit d24cedcdf72b145cfdc3864c4436bbebe376df08
Author: Ricardo Wurmus <rekado@elephly.net>
AuthorDate: Fri Nov 26 12:16:18 2021 +0100
hydra: Add module for Honeycomb LX2 nodes.
* hydra/modules/sysadmin/honeycomb.scm: New file.
---
hydra/modules/sysadmin/honeycomb.scm | 223 +++++++++++++++++++++++++++++++++++
1 file changed, 223 insertions(+)
diff --git a/hydra/modules/sysadmin/honeycomb.scm
b/hydra/modules/sysadmin/honeycomb.scm
new file mode 100644
index 0000000..0c4b4be
--- /dev/null
+++ b/hydra/modules/sysadmin/honeycomb.scm
@@ -0,0 +1,223 @@
+;;; SolidRun Honeycomb LX2 build machines.
+;;;
+;;; Copyright © 2016, 2017, 2018, 2020, 2021 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2020, 2021 Mathieu Othacehe <othacehe@gnu.org>
+;;; Copyright © 2021 Christopher Baines <mail@cbaines.net>
+;;; Copyright © 2021 Ricardo Wurmus <rekado@elephly.net>
+;;;
+;;; This program is free software: you can redistribute it and/or modify
+;;; it under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation, either version 3 of the License, or
+;;; (at your option) any later version.
+;;;
+;;; This program is distributed in the hope that it will be useful,
+;;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (sysadmin honeycomb)
+ #:use-module (gnu)
+ #:use-module (gnu bootloader u-boot)
+ #:use-module (gnu packages screen)
+ #:use-module (gnu packages ssh)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages certs)
+ #:use-module (gnu services avahi)
+ #:use-module (gnu services cuirass)
+ #:use-module (gnu services networking)
+ #:use-module (gnu services mcron)
+ #:use-module (gnu services ssh)
+ #:use-module (gnu services vpn)
+ #:use-module (guix base32)
+ #:use-module (guix packages)
+ #:use-module (guix utils)
+ #:export (honeycomb-system))
+
+(define (sysadmin name full-name)
+ (user-account
+ (name name)
+ (comment full-name)
+ (group "users")
+ (supplementary-groups '("wheel" "kvm"))
+ (home-directory (string-append "/home/" name))))
+
+(define %accounts
+ (list (sysadmin "ludo" "Ludovic Courtès")
+ (sysadmin "rekado" "Ricardo Wurmus")
+ (sysadmin "mathieu" "Mathieu Othacehe")
+ (user-account
+ (name "hydra")
+ (comment "Hydra User")
+ (group "users")
+ (home-directory (string-append "/home/" name)))))
+
+(define %authorized-guix-keys
+ ;; List of authorized 'guix archive' keys.
+ (list (local-file "../../keys/guix/berlin.guixsd.org-export.pub")))
+
+(define linux-libre-5.15-version "5.15.5")
+(define linux-libre-5.15-gnu-revision "gnu")
+(define make-linux-libre*
+ (@@ (gnu packages linux) make-linux-libre*))
+(define deblob-scripts-5.15
+ ((@@ (gnu packages linux) linux-libre-deblob-scripts)
+ linux-libre-5.15-version
+ linux-libre-5.15-gnu-revision
+ (base32 "1rfhwfzifmbpnrhmrn3srm736nkm1v6affw915d0fgqzqgi8qfai")
+ (base32 "04fj1x3zmi310cr3m9hxpi26gdcmwfsqciv5yb6q6rrnqjqs1pc0")))
+(define linux-libre-5.15-pristine-source
+ (let ((version linux-libre-5.15-version)
+ (hash (base32 "07w5k2y5hk6ys19zgg3x21g6im9x0pwk5f6f8b0q3b152lq5lmp9")))
+ ((@@ (gnu packages linux) make-linux-libre-source)
+ version ((@@ (gnu packages linux) %upstream-linux-source) version hash)
+ deblob-scripts-5.15)))
+(define linux-libre-5.15-source
+ ((@@ (gnu packages linux) source-with-patches)
+ linux-libre-5.15-pristine-source
+ (list (@@ (gnu packages linux) %boot-logo-patch)
+ (@@ (gnu packages linux)
%linux-libre-arm-export-__sync_icache_dcache-patch))))
+
+(define linux-libre-arm64-honeycomb
+ (make-linux-libre*
+ "5.15.5"
+ linux-libre-5.15-gnu-revision
+ linux-libre-5.15-source
+ '("aarch64-linux")
+ #:extra-version "arm64-honeycomb"
+ #:extra-options
+ ;; See
+ ;;
https://github.com/SolidRun/lx2160a_build/blob/master/configs/linux/lx2k_additions.config
+ (append
+ `(("CONFIG_GPIO_SYSFS" . #true)
+ ("CONFIG_GPIO_MPC8XXX" . #true)
+ ("CONFIG_NET_PKTGEN" . #true)
+ ("CONFIG_USB_SERIAL" . #true)
+ ("CONFIG_USB_SERIAL_CONSOLE" . #true)
+ ("CONFIG_USB_SERIAL_GENERIC" . #true)
+ ("CONFIG_USB_SERIAL_SIMPLE" . #true)
+ ("CONFIG_USB_SERIAL_FTDI_SIO" . #true)
+ ("CONFIG_USB_ACM" . #true)
+ ("CONFIG_USB_NET_DRIVERS" . #true)
+ ("CONFIG_USB_USBNET" . #true)
+ ("CONFIG_USB_NET_CDCETHER" . #true)
+ ("CONFIG_USB_NET_CDC_NCM" . #true)
+ ("CONFIG_USB_NET_NET1080" . #true)
+ ("CONFIG_USB_NET_CDC_SUBSET_ENABLE" . #true)
+ ("CONFIG_USB_NET_CDC_SUBSET" . #true)
+ ("CONFIG_USB_ARMLINUX" . #true)
+ ("CONFIG_BLK_DEV_NVME" . #true)
+ ("CONFIG_NVMEM_BCM_OCOTP" . #true)
+ ("CONFIG_DRM_AMDGPU" . #true)
+ ("CONFIG_DRM_AMDGPU_SI" . #true)
+ ("CONFIG_DRM_AMDGPU_CIK" . #true)
+ ("CONFIG_DRM_AMDGPU_USERPTR" . #true)
+ ("CONFIG_DRM_AMD_DC" . #true)
+ ("CONFIG_CHASH" . #true)
+ ("CONFIG_PMBUS" . #true)
+ ("CONFIG_SENSORS_PMBUS" . #true)
+ ("CONFIG_REGULATOR" . #true)
+ ("CONFIG_REGULATOR_FIXED_VOLTAGE" . #true)
+ ("CONFIG_REGULATOR_PWM" . #true)
+ ("CONFIG_SENSORS_AMC6821" . #true)
+ ("CONFIG_SENSORS_LM90" . #true)
+ ("CONFIG_SENSORS_LTC2978" . #true)
+ ("CONFIG_SENSORS_LTC2978_REGULATOR" . #true)
+ ("CONFIG_TMPFS" . #true)
+ ("CONFIG_TMPFS_POSIX_ACL" . #true)
+ ("CONFIG_TMPFS_XATTR" . #true)
+; ("CONFIG_BLK_DEV_RAM_SIZE" . 524288)
+ ("CONFIG_POWER_RESET_GPIO" . #true)
+ ("CONFIG_CRYPTO_USER_API_HASH" . #true)
+ ("CONFIG_CRYPTO_USER_API_SKCIPHER" . #true)
+ ("CONFIG_CRYPTO_USER_API_RNG" . #true)
+ ("CONFIG_CRYPTO_USER_API_AEAD" . #true)
+
+ ;; For connecting to ci.guix.gnu.org over VPN.
+ ("CONFIG_WIREGUARD" . m))
+ (@@ (gnu packages linux) %default-extra-linux-options))))
+
+(define gc-job
+ ;; Run 'guix gc' at 3AM every day.
+ #~(job '(next-hour '(3)) "guix gc -F 50G"))
+
+(define berlin-peer
+ (wireguard-peer
+ (name "peer")
+ (endpoint "ci.guix.gnu.org:51820")
+ (public-key "wOIfhHqQ+JQmskRS2qSvNRgZGh33UxFDi8uuSXOltF0=")
+ (allowed-ips '("10.0.0.1/32"))))
+
+(define* (honeycomb-system name #:key wireguard-ip)
+ (operating-system
+ (host-name name)
+ (timezone "Europe/Berlin")
+ (locale "en_US.UTF-8")
+
+ (bootloader (bootloader-configuration
+ (bootloader u-boot-bootloader)
+ (target "/boot/efi")))
+
+ (kernel linux-libre-arm64-honeycomb)
+ (initrd-modules '())
+ (kernel-arguments '("arm-smmu.disable_bypass=0"
+ "default_hugepagesz=1024m"
+ "hugepagesz=1024m"
+ "hugepages=2"
+ "isolcpus=1-15"
+ "iommu.passthrough=1"))
+
+ (file-systems (cons* (file-system
+ (device (file-system-label "my-root"))
+ (mount-point "/")
+ (type "ext4"))
+ (file-system
+ (device "/dev/sda1")
+ (mount-point "/boot/efi")
+ (type "vfat"))
+ %base-file-systems))
+
+ ;;(swap-devices '("/swapfile"))
+ (users (append %accounts %base-user-accounts))
+ (services (cons* (service dhcp-client-service-type)
+ (service avahi-service-type)
+ (service openssh-service-type
+ (openssh-configuration
+ (password-authentication? #f)
+ (authorized-keys
+ `(("ludo" ,(local-file
"../../keys/ssh/ludo.pub"))
+ ("rekado" ,(local-file
"../../keys/ssh/rekado.pub"))
+ ("mathieu" ,(local-file
"../../keys/ssh/mathieu.pub"))
+ ("maxim" ,(local-file
"../../keys/ssh/maxim.pub"))))))
+ (service agetty-service-type
+ (agetty-configuration
+ (tty "ttyAMA0")
+ (keep-baud? #t)
+ (term "vt220")
+ (baud-rate "115200,38400,9600")))
+ (service cuirass-remote-worker-service-type
+ (cuirass-remote-worker-configuration
+ (workers 2)
+ (server "10.0.0.1:5555") ;berlin
+ (systems '("armhf-linux" "aarch64-linux"))))
+ (service wireguard-service-type
+ (wireguard-configuration
+ (addresses (list wireguard-ip))
+ (peers
+ (list berlin-peer))))
+
+ (service ntp-service-type)
+ (modify-services %base-services
+ (guix-service-type config =>
+ (guix-configuration
+ (inherit config)
+ (max-silent-time (* 12 3600))
+ (timeout (* 24 3600))
+ (authorized-keys
+ %authorized-guix-keys)
+ (extra-options
+ '("--max-jobs=4"
"--cores=16")))))))
+ (packages (cons* screen openssh strace nss-certs
+ %base-packages))))