Browse Source

octopus: Add munge service, initial octopus OS config

pull/2/head
Efraim Flashner 2 years ago
parent
commit
16aeca47b1
Signed by: efraim GPG Key ID: 41AAE7DCCA3D8351
  1. 82
      gn/deploy/octopus.scm
  2. 147
      gn/services/science.scm

82
gn/deploy/octopus.scm

@ -0,0 +1,82 @@
(define-module (gn deploy octopus))
(use-modules (gnu)
(gn services science)
)
(use-service-modules ssh web)
(use-package-modules certs tmux screen vim)
(operating-system
(host-name "octopus")
(timezone "Etc/UTC")
(locale "en_US.utf8")
(bootloader (bootloader-configuration
(bootloader grub-bootloader)
(target "/dev/sda")
(terminal-outputs '(console serial))))
(kernel-arguments '("console=tty1" "console=ttyS0,115200n8"))
(file-systems
(append (list
(file-system
(device "/dev/sda3")
(mount-point "/")
(type "ext4")
(options "errors=remount-ro"))
;(file-system
; (device "/dev/sdb1")
; (mount-point "/mnt/sdb1")
; (type "xfs")
; (flags '(no-exec no-dev no-atime))
; (options "rw,nodiratime,largeio,inode64")
; (create-mount-point? #t))
;(file-system
; (device "octopus01:/home")
; (mount-point "/home")
; (type "nfs"))
)
%base-file-systems))
(swap-devices '("/dev/sda2"))
;; No firmware needed
(firmware '())
(users (cons*
(user-account
(name "efraimf")
(comment "Efraim Flashner")
(uid 1000)
(group "users")
(supplementary-groups '("wheel")))
(user-account
(name "wrk")
(comment "Pjotr Prins")
(uid 502)
(group "users")
(supplementary-groups '("wheel")))
%base-user-accounts))
(packages (cons*
nss-certs
screen
tmux
vim
%base-packages))
(services
(append (list
;; This conflicts with everything when testing in a VM.
;(agetty-service
; (agetty-configuration
; (extra-options '("-L"))
; (baud-rate "115200")
; (term "vt100")
; (tty "ttyS0")))
(service openssh-service-type)
(service munge-service-type)
)
%base-services)))

147
gn/services/science.scm

@ -0,0 +1,147 @@
(define-module (gn services science)
#:export (munge-configuration
munge-configuration?
munge-service-type))
(use-modules (gnu)
(guix records)
(ice-9 match))
(use-service-modules shepherd)
(use-package-modules admin parallel)
(define %munge-accounts
(list (user-group
(name "munge")
(id 900)
(system? #t))
(user-account
(name "munge")
(group "munge")
(uid 900)
(system? #t)
(comment "Munge User")
(home-directory "/var/lib/munge")
(shell (file-append shadow "/sbin/nologin")))))
(define %slurm-accounts
(list (user-group
(name "slurm")
(id 901)
(system? #t))
(user-account
(name "slurm")
(group "slurm")
(uid 901)
(system? #t)
(comment "Slurm User")
(home-directory "/var/lib/slurm"))))
(define-record-type* <munge-configuration>
munge-configuration
make-munge-configuration
munge-configuration?
(package munge-configuration-package
(default munge))
(socket munge-configuration-socket
(default "/var/run/munge/munge.socket.2"))
(pid-file munge-configuration-pid-file
(default "/var/run/munge/munged.pid"))
(log-file munge-configuration-log-file
(default "/var/log/munge/munged.log"))
(key munge-configuration-key
(default "/etc/munge/munge.key")))
(define-record-type* <slurm-configuration>
slurm-configuration
make-slurm-configuration
slurm-configuration?
(package slurm-configuration-package
(default slurm)))
(define (munge-activation config)
"Return the activation GEXP for CONFIG for the munge service."
(with-imported-modules '((guix build utils))
#~(begin
(use-modules (guix build utils)
(rnrs bytevectors)
(rnrs io ports))
(define %user (getpw "munge"))
(let* ((homedir (passwd:dir %user))
(key #$(munge-configuration-key config))
(etc-dir (dirname key))
(run-dir (dirname #$(munge-configuration-pid-file config)))
(log-dir (dirname #$(munge-configuration-log-file config))))
(for-each (lambda (dir)
(unless (file-exists? dir)
(mkdir-p dir))
(chown dir (passwd:uid %user) (passwd:gid %user))
(chmod dir #o700))
(list homedir etc-dir log-dir))
(unless (file-exists? key)
;; Borrowed from /dev/urandom in (gnu services base)
(call-with-input-file "/dev/urandom"
(lambda (urandom)
(let ((buf (make-bytevector 1024)))
(get-bytevector-n! urandom buf 0 1024)
(call-with-output-file key
(lambda (seed)
(put-bytevector seed buf)))))))
(chown key (passwd:uid %user) (passwd:gid %user))
(chmod key #o400)
(unless (file-exists? run-dir)
(mkdir-p run-dir))
(chown run-dir (passwd:uid %user) (passwd:gid %user))))))
(define (slurm-activation config)
"Return the activation GEXP for CONFIG for the slurm service."
(with-imported-modules '((guix build utils))
#~(begin
(use-modules (guix build utils))
(unless (file-exists? "/var/lib/slurm")
(mkdir-p "/var/lib/slurm"))
(chown "/var/lib/slurm" (passwd:uid "slurm") (passwd:gid "slurm")))))
(define munge-shepherd-service
(match-lambda
(($ <munge-configuration> package socket pid-file log-file key)
(list
(shepherd-service
(documentation "Munge server")
(provision '(munge))
(requirement '(loopback user-processes file-systems))
(start #~(make-forkexec-constructor
(list #$(file-append package "/sbin/munged")
"--foreground" ; "--force"
(string-append "--socket=" #$socket)
(string-append "--key-file=" #$key)
(string-append "--pid-file=" #$pid-file)
(string-append "--log-file=" #$log-file))
#:user "munge"
#:group "munge"
#:pid-file #$pid-file
#:log-file #$log-file))
(stop #~(lambda _
(not (and
(list #$(file-append package "/sbin/munged")
(string-append "--socket=" #$socket)
"--stop")
;; This seems to not be removed by default.
(delete-file (string-append #$socket ".lock"))))))
(auto-start? #t))))))
(define munge-service-type
(service-type
(name 'munge)
(extensions
(list
(service-extension shepherd-root-service-type
munge-shepherd-service)
(service-extension activation-service-type
munge-activation)
(service-extension account-service-type
(const %munge-accounts))
(service-extension profile-service-type
(compose list munge-configuration-package))))
(default-value (munge-configuration))
(description
"Run a munge service.")))
Loading…
Cancel
Save