This commit is contained in:
Peder Bergebakken Sundt 2023-11-22 22:18:02 +01:00
parent 2605fbf668
commit bd9352035f
5 changed files with 362 additions and 9 deletions

2
.gitignore vendored
View File

@ -1,2 +1,4 @@
.remote.toml
.direnv/
result
result-*

3
.remoteenv Normal file
View File

@ -0,0 +1,3 @@
#!/usr/bin/env bash
export APPTAINER_BIND="/usr,/lib,/lib64";
export SINGULARITY_BIND="/usr,/lib,/lib64";

11
.remoteignore.toml Normal file
View File

@ -0,0 +1,11 @@
[push]
exclude = []
include = []
[pull]
exclude = []
include = []
[both]
exclude = [ ".remote.toml", "result", "result-*", ".git", ".direnv" ]
include = []

220
flake.lock generated
View File

@ -1,5 +1,110 @@
{
"nodes": {
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"nixpkgs-unfree",
"nixpkgs"
]
},
"locked": {
"lastModified": 1696343447,
"narHash": "sha256-B2xAZKLkkeRFG5XcHHSXXcP7To9Xzr59KXeZiRf4vdQ=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"nixpkgs-unfree",
"hercules-ci-effects",
"hercules-ci-agent",
"nixpkgs"
]
},
"locked": {
"lastModified": 1688466019,
"narHash": "sha256-VeM2akYrBYMsb4W/MmBo1zmaMfgbL4cH3Pu8PGyIwJ0=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "8e8d955c22df93dbe24f19ea04f47a74adbdc5ec",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"haskell-flake": {
"locked": {
"lastModified": 1684780604,
"narHash": "sha256-2uMZsewmRn7rRtAnnQNw1lj0uZBMh4m6Cs/7dV5YF08=",
"owner": "srid",
"repo": "haskell-flake",
"rev": "74210fa80a49f1b6f67223debdbf1494596ff9f2",
"type": "github"
},
"original": {
"owner": "srid",
"ref": "0.3.0",
"repo": "haskell-flake",
"type": "github"
}
},
"hercules-ci-agent": {
"inputs": {
"flake-parts": "flake-parts_2",
"haskell-flake": "haskell-flake",
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1688568579,
"narHash": "sha256-ON0M56wtY/TIIGPkXDlJboAmuYwc73Hi8X9iJGtxOhM=",
"owner": "hercules-ci",
"repo": "hercules-ci-agent",
"rev": "367dd8cd649b57009a6502e878005a1e54ad78c5",
"type": "github"
},
"original": {
"id": "hercules-ci-agent",
"type": "indirect"
}
},
"hercules-ci-effects": {
"inputs": {
"flake-parts": [
"nixpkgs-unfree",
"flake-parts"
],
"hercules-ci-agent": "hercules-ci-agent",
"nixpkgs": [
"nixpkgs-unfree",
"nixpkgs"
]
},
"locked": {
"lastModified": 1695684520,
"narHash": "sha256-yORqGB0i1OtEf9MOCCT2BIbOd8txPZn216CM+ylMmhY=",
"owner": "hercules-ci",
"repo": "hercules-ci-effects",
"rev": "91fae5824f5f1199f61693c6590b4a89abaed9d7",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "hercules-ci-effects",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1696419054,
@ -10,13 +115,122 @@
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-master": {
"locked": {
"lastModified": 1696470233,
"narHash": "sha256-pL/8IjifB2uoWLXdIZK4GuQrKcI6sIDZwC+q39JYUxI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c748544b2f3bc3c7716c91ccedb2b2fef300e789",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "master",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-nixos-unstable": {
"locked": {
"lastModified": 1696193975,
"narHash": "sha256-mnQjUcYgp9Guu3RNVAB2Srr1TqKcPpRXmJf4LJk6KRY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "fdd898f8f79e8d2f99ed2ab6b3751811ef683242",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-nixpkgs-unstable": {
"locked": {
"lastModified": 1696419054,
"narHash": "sha256-EdR+dIKCfqL3voZUDYwcvgRDOektQB9KbhBVcE0/3Mo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "7131f3c223a2d799568e4b278380cd9dac2b8579",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-release": {
"locked": {
"lastModified": 1696374741,
"narHash": "sha256-gt8B3G0ryizT9HSB4cCO8QoxdbsHnrQH+/BdKxOwqF0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8a4c17493e5c39769f79117937c79e1c88de6729",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unfree": {
"inputs": {
"flake-parts": "flake-parts",
"hercules-ci-effects": "hercules-ci-effects",
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-master": "nixpkgs-master",
"nixpkgs-nixos-unstable": "nixpkgs-nixos-unstable",
"nixpkgs-nixpkgs-unstable": "nixpkgs-nixpkgs-unstable",
"nixpkgs-release": "nixpkgs-release"
},
"locked": {
"lastModified": 1696473081,
"narHash": "sha256-XqCeprTkcI86AbZDO24XykeqtahLCwoy/eJSag0h4Ro=",
"owner": "SomeoneSerge",
"repo": "nixpkgs-unfree",
"rev": "a10b2b7f708d54dbc8c25c8d5af2a98feddd3bd0",
"type": "github"
},
"original": {
"owner": "SomeoneSerge",
"repo": "nixpkgs-unfree",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1688322751,
"narHash": "sha256-eW62dC5f33oKZL7VWlomttbUnOTHrAbte9yNUNW8rbk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0fbe93c5a7cac99f90b60bdf5f149383daaa615f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs"
"nixpkgs": "nixpkgs",
"nixpkgs-unfree": "nixpkgs-unfree"
}
}
},

135
flake.nix
View File

@ -1,22 +1,144 @@
{
inputs.nixpkgs.url = github:NixOS/nixpkgs/nixpkgs-unstable;
inputs.nixpkgs-unfree.url = github:SomeoneSerge/nixpkgs-unfree;
inputs.nixpkgs-unfree.inputs.nixpkgs.follows = "nixpkgs";
#inputs.nix2container.url = "github:nlewo/nix2container";
#inputs.nix2container.inputs.nixpkgs.follows = "nixpkgs";
nixConfig.extra-substituters = [
"https://cuda-maintainers.cachix.org"
];
nixConfig.extra-trusted-public-keys = [
"cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E="
];
# TODO: https://www.canva.dev/blog/engineering/supporting-gpu-accelerated-machine-learning-with-kubernetes-and-nix/
outputs = {
self,
nixpkgs,
...
} @ inputs:
nixpkgs-unfree,
... } @ inputs:
let
forSystems = systems: f: nixpkgs.lib.genAttrs systems (system: f rec {
#flake = inputs: system: nixpkgs.lib.mapAttrs (name: flake: {
# nixos = flake.nixosModules
# or null;
# pkgs = flake.packages.${system}
# or flake.legacyPackages.${system}
# or null;
# lib = flake.lib.${system}
# or flake.lib
# or null;
#}) inputs;
forSystems = systems: f: nixpkgs.lib.genAttrs systems (system: f {
inherit system;
pkgs = nixpkgs.legacyPackages.${system};
lib = nixpkgs.legacyPackages.${system}.lib;
pkgs = nixpkgs-unfree.legacyPackages.${system};
#pkgs = nixpkgs.legacyPackages.${system};
#pkgs = nixpkgs { config.allowUnfree = true; config.cudaSupport = true; };
lib = nixpkgs-unfree.legacyPackages.${system}.lib;
# flakes = flake inputs system;
});
forAllSystems = forSystems [
"x86_64-linux"
"aarch64-linux"
];
in {
packages = forAllSystems ({ system, pkgs, lib, ...}: rec {
# to try this, inside the default devShell do:
# apptainer shell $(nix build .#apptainer --print-out-paths --no-link)
apptainer = let
# https://github.com/NixOS/nixpkgs/issues/177908#issuecomment-1495625986
mk-singularity = name: {
contents,
runscript ? "#!/bin/sh\nexec ${pkgs.hello}/bin/hello",
startscript ? "#!/bin/sh\nexec ${pkgs.hello}/bin/hello",
env ? {},
shellHook ? "",
}:
pkgs.runCommand "${name}.sqfs" {
outputs = [ "out" "tree" ];
nativeBuildInputs = [ pkgs.squashfsTools ];
env.shellHookData = shellHook;
env.closureInfo = pkgs.closureInfo {
rootPaths = contents ++ [ pkgs.bashInteractive ];
};
env.environVars = pkgs.writeText "env" (lib.pipe env [
(lib.mapAttrsToList (key: val: "${key}=${lib.escapeShellArg val}"))
(lib.concatStringsSep "\n")
]);
} ''
set -o pipefail
set -x
mkdir -p $tree/{bin,etc/ssl/certs,dev,proc,sys,usr/bin,.singularity.d/{actions,env,libs}}
cd $tree
cp -na --parents $(cat $closureInfo/store-paths) .
touch etc/{passwd,group}
#ln -s /bin usr/
#ln -s ${pkgs.bashInteractive}/bin/bash bin/sh
cp -a ${pkgs.pkgsStatic.bashInteractive}/bin/bash bin/sh
cp -a ${pkgs.pkgsStatic.nix}/bin/* bin/
cp -a ${pkgs.pkgsStatic.nix}/etc/profile.d/nix.sh .singularity.d/env/
cp -a ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt etc/ssl/certs/ca-certificates.crt
for p in ${lib.concatStringsSep " " contents}; do
ln -sn $p/bin/* bin/ || true
done
echo "${runscript}" >.singularity.d/runscript
echo "${startscript}" >.singularity.d/startscript
chmod +x .singularity.d/{runscript,startscript}
cat "$environVars" >.singularity.d/env/99-nix-env.sh
echo "$shellHookData" >.singularity.d/env/99-nix-shell-hook.sh
mksquashfs $tree $out -no-hardlinks -all-root
'';
in mk-singularity "testing123" {
env.PS1 = "\\033[01;32m\\u@\\h\\033[33m(nix) \\033[01;34m\\W\\033[01;32m\\$\\033[00m ";
#shellHook = ''
# export PS1="\033[33m(nix)\033[00m $PS1"
#'';
contents = with pkgs; [
#pkgsStatic.nix
];
};
#} ''
# mkdir unpack
# tar xzvf ${docker-img}/image.tgz -C unpack
# # Singularity can't handle .gz
# tar -C unpack/ -cvf layer.tar .
# # TODO: Allow for module of user defined nightly, opposed to using src
# singularity build $out Singularity.nightly
# '';
#};
# https://nixos.org/manual/nixpkgs/stable/#ssec-pkgs-dockerTools-buildImage
hpc-oci = pkgs.dockerTools.buildLayeredImage {
name = "hpc-oci";
#config.Cmd = [ "${pkgs.mysql}/bin/mysqld" ];
config.Cmd = [ "/bin/bash" ];
config.WorkingDir = "/data";
config.Volumes."/data" = { };
#copyToRoot = pkgs.buildEnv {
# name = "image-root";
# pathsToLink = [ "/bin" ];
# paths = with pkgs; [
# redis
# ];
#};
};
#hpc-oci2 = flakes.nix2container.pkgs.nix2container.buildImage {
# name = "hello";
# config.entrypoint = ["${pkgs.hello}/bin/hello" ];
#};
});
devShells = forAllSystems ({ pkgs, ...}: {
default = pkgs.mkShell {
default = pkgs.mkShellNoCC {
#env.APPTAINER_BINDPATH = ".direnv/nix:/nix";
#env.SINGULARITY_BINDPATH = ".direnv/nix:/nix";
env.APPTAINER_BINDPATH = "/usr,/lib,/lib64,.direnv/nix:/nix";
env.SINGULARITY_BINDPATH = "/usr,/lib,/lib64,.direnv/nix:/nix";
#env.APPTAINER_BINDPATH = "/usr,/lib,/lib64";
#env.SINGULARITY_BINDPATH = "/usr,/lib,/lib64";
packages = with pkgs; [
remote-exec
(python3.withPackages (ps: with ps; [
@ -24,6 +146,7 @@
]))
];
};
});
};
}