Compare commits
20 Commits
feat/kvm-l
...
feat/ups-c
| Author | SHA1 | Date | |
|---|---|---|---|
| 184e01767d | |||
| c73fae7dc1 | |||
| e798c2f16b | |||
| 36359de6aa | |||
|
10b8565fd6 | ||
|
|
f672696b8e | ||
| 0980dca455 | |||
| 96bc20ab70 | |||
| 670ae4f002 | |||
| f785abfd49 | |||
| 6f44aa7f76 | |||
| 8d40f1691f | |||
|
|
2dd2e64986 | ||
|
|
23fc5e0597 | ||
| 0c9c33d735 | |||
| 0bb6890f1c | |||
| 9d5434425f | |||
| 1fb4320dd1 | |||
| 51e9f47fd4 | |||
| 06b3eb840f |
Submodule assets/compose updated: 6b82a26c25...b185d43d67
@@ -36,7 +36,7 @@
|
||||
"transparent_hugepage=always" # because mucho ram
|
||||
];
|
||||
# 2. Load the specific drivers found by sensors-detect
|
||||
boot.kernelModules = [ "nct6775" "lm96163" "iptable_nat" "iptable_filter" "kvm-intel" "kvm" ];
|
||||
boot.kernelModules = [ "nct6775" "lm96163" "iptable_nat" "iptable_filter" ];
|
||||
# 3. Force the nct6775 driver to recognize the chip if it's stubborn
|
||||
boot.extraModprobeConfig = ''
|
||||
options nct6775 force_id=0xd280
|
||||
@@ -207,6 +207,7 @@
|
||||
ai = {
|
||||
path = self + "/assets/compose/ai";
|
||||
envFile = config.age.secrets.containers_env.path;
|
||||
ports = [ 22000 ]; # Syncthing TCP sync
|
||||
};
|
||||
|
||||
cloudstorage = {
|
||||
@@ -328,21 +329,58 @@
|
||||
# Mi50 config
|
||||
hardware.graphics = {
|
||||
enable = true;
|
||||
enable32Bit = true;
|
||||
enable32Bit = true; # Useful for some compatibility layers
|
||||
extraPackages = with pkgs; [
|
||||
rocmPackages.clr.icd
|
||||
rocmPackages.clr.icd # OpenCL/HIP runtime
|
||||
];
|
||||
};
|
||||
nixpkgs.config.rocmTargets = [ "gfx906" ];
|
||||
environment.variables = {
|
||||
# This "tricks" ROCm into supporting the MI50 if using newer versions
|
||||
HSA_OVERRIDE_GFX_VERSION = "9.0.6";
|
||||
# Ensures the system sees both GPUs
|
||||
HIP_VISIBLE_DEVICES = "0,1";
|
||||
};
|
||||
|
||||
# KVM/libvirt for staging VM
|
||||
virtualisation.libvirtd.enable = true;
|
||||
# ── UPS (Uninterruptible Power Supply) ──────────────────────────────
|
||||
# APC Back-UPS BVK1200M2 connected via USB (vendor 051d, product 0002)
|
||||
power.ups = {
|
||||
enable = true;
|
||||
mode = "standalone";
|
||||
|
||||
# Open ports in the firewall.
|
||||
ups = {
|
||||
apc-backups = {
|
||||
driver = "usbhid-ups";
|
||||
port = "auto";
|
||||
description = "APC Back-UPS BVK1200M2";
|
||||
};
|
||||
};
|
||||
|
||||
upsd = {
|
||||
listen = [{
|
||||
address = "127.0.0.1";
|
||||
}];
|
||||
};
|
||||
|
||||
users = {
|
||||
nutmon = {
|
||||
passwordFile = pkgs.writeText "ups-nutmon-password" "ups-nutmon-2025";
|
||||
upsmon = "primary";
|
||||
};
|
||||
};
|
||||
|
||||
upsmon = {
|
||||
monitor = {
|
||||
apc-backups = {
|
||||
system = "apc-backups@localhost";
|
||||
user = "nutmon";
|
||||
type = "master";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# Open ports in the firewall.
|
||||
# networking.firewall.allowedTCPPorts = [ ... ];
|
||||
# networking.firewall.allowedUDPPorts = [ ... ];
|
||||
# Or disable the firewall altogether.
|
||||
@@ -475,7 +513,7 @@
|
||||
services.openssh.settings = {
|
||||
PermitRootLogin = "no";
|
||||
MaxAuthTries = 3;
|
||||
MaxSessions = 10;
|
||||
MaxSessions = 20;
|
||||
LoginGraceTime = 30;
|
||||
ClientAliveInterval = 300;
|
||||
ClientAliveCountMax = 2;
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
group = "ai-worker";
|
||||
home = "/home/ai-worker";
|
||||
createHome = true;
|
||||
extraGroups = [ "docker" "libvirtd" ];
|
||||
extraGroups = [ "docker" ];
|
||||
shell = pkgs.bashInteractive;
|
||||
openssh.authorizedKeys.keys = [
|
||||
keys.users.ai-worker.main
|
||||
|
||||
Reference in New Issue
Block a user