153 lines
5.5 KiB
Nix
153 lines
5.5 KiB
Nix
{
|
|
inputs.nixpkgs.url = github:NixOS/nixpkgs/nixpkgs-unstable;
|
|
inputs.nixpkgs-unfree.url = github:SomeoneSerge/nixpkgs-unfree;
|
|
inputs.nixpkgs-unfree.inputs.nixpkgs.follows = "nixpkgs";
|
|
#inputs.nix2container.url = "github:nlewo/nix2container";
|
|
#inputs.nix2container.inputs.nixpkgs.follows = "nixpkgs";
|
|
|
|
nixConfig.extra-substituters = [
|
|
"https://cuda-maintainers.cachix.org"
|
|
];
|
|
nixConfig.extra-trusted-public-keys = [
|
|
"cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E="
|
|
];
|
|
|
|
# TODO: https://www.canva.dev/blog/engineering/supporting-gpu-accelerated-machine-learning-with-kubernetes-and-nix/
|
|
|
|
outputs = {
|
|
self,
|
|
nixpkgs,
|
|
nixpkgs-unfree,
|
|
... } @ inputs:
|
|
let
|
|
#flake = inputs: system: nixpkgs.lib.mapAttrs (name: flake: {
|
|
# nixos = flake.nixosModules
|
|
# or null;
|
|
# pkgs = flake.packages.${system}
|
|
# or flake.legacyPackages.${system}
|
|
# or null;
|
|
# lib = flake.lib.${system}
|
|
# or flake.lib
|
|
# or null;
|
|
#}) inputs;
|
|
forSystems = systems: f: nixpkgs.lib.genAttrs systems (system: f {
|
|
inherit system;
|
|
pkgs = nixpkgs-unfree.legacyPackages.${system};
|
|
#pkgs = nixpkgs.legacyPackages.${system};
|
|
#pkgs = nixpkgs { config.allowUnfree = true; config.cudaSupport = true; };
|
|
lib = nixpkgs-unfree.legacyPackages.${system}.lib;
|
|
# flakes = flake inputs system;
|
|
});
|
|
forAllSystems = forSystems [
|
|
"x86_64-linux"
|
|
"aarch64-linux"
|
|
];
|
|
in {
|
|
packages = forAllSystems ({ system, pkgs, lib, ...}: rec {
|
|
|
|
# to try this, inside the default devShell do:
|
|
# apptainer shell $(nix build .#apptainer --print-out-paths --no-link)
|
|
apptainer = let
|
|
# https://github.com/NixOS/nixpkgs/issues/177908#issuecomment-1495625986
|
|
mk-singularity = name: {
|
|
contents,
|
|
runscript ? "#!/bin/sh\nexec ${pkgs.hello}/bin/hello",
|
|
startscript ? "#!/bin/sh\nexec ${pkgs.hello}/bin/hello",
|
|
env ? {},
|
|
shellHook ? "",
|
|
}:
|
|
pkgs.runCommand "${name}.sqfs" {
|
|
outputs = [ "out" "tree" ];
|
|
nativeBuildInputs = [ pkgs.squashfsTools ];
|
|
env.shellHookData = shellHook;
|
|
env.closureInfo = pkgs.closureInfo {
|
|
rootPaths = contents ++ [ pkgs.bashInteractive ];
|
|
};
|
|
env.environVars = pkgs.writeText "env" (lib.pipe env [
|
|
(lib.mapAttrsToList (key: val: "${key}=${lib.escapeShellArg val}"))
|
|
(lib.concatStringsSep "\n")
|
|
]);
|
|
} ''
|
|
set -o pipefail
|
|
set -x
|
|
mkdir -p $tree/{bin,etc/ssl/certs,dev,proc,sys,usr/bin,.singularity.d/{actions,env,libs}}
|
|
cd $tree
|
|
cp -na --parents $(cat $closureInfo/store-paths) .
|
|
touch etc/{passwd,group}
|
|
#ln -s /bin usr/
|
|
#ln -s ${pkgs.bashInteractive}/bin/bash bin/sh
|
|
cp -a ${pkgs.pkgsStatic.bashInteractive}/bin/bash bin/sh
|
|
cp -a ${pkgs.pkgsStatic.nix}/bin/* bin/
|
|
cp -a ${pkgs.pkgsStatic.nix}/etc/profile.d/nix.sh .singularity.d/env/
|
|
cp -a ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt etc/ssl/certs/ca-certificates.crt
|
|
for p in ${lib.concatStringsSep " " contents}; do
|
|
ln -sn $p/bin/* bin/ || true
|
|
done
|
|
echo "${runscript}" >.singularity.d/runscript
|
|
echo "${startscript}" >.singularity.d/startscript
|
|
chmod +x .singularity.d/{runscript,startscript}
|
|
cat "$environVars" >.singularity.d/env/99-nix-env.sh
|
|
echo "$shellHookData" >.singularity.d/env/99-nix-shell-hook.sh
|
|
mksquashfs $tree $out -no-hardlinks -all-root
|
|
'';
|
|
in mk-singularity "testing123" {
|
|
env.PS1 = "\\033[01;32m\\u@\\h\\033[33m(nix) \\033[01;34m\\W\\033[01;32m\\$\\033[00m ";
|
|
#shellHook = ''
|
|
# export PS1="\033[33m(nix)\033[00m $PS1"
|
|
#'';
|
|
contents = with pkgs; [
|
|
#pkgsStatic.nix
|
|
];
|
|
};
|
|
#} ''
|
|
# mkdir unpack
|
|
# tar xzvf ${docker-img}/image.tgz -C unpack
|
|
# # Singularity can't handle .gz
|
|
# tar -C unpack/ -cvf layer.tar .
|
|
# # TODO: Allow for module of user defined nightly, opposed to using src
|
|
# singularity build $out Singularity.nightly
|
|
# '';
|
|
#};
|
|
|
|
# https://nixos.org/manual/nixpkgs/stable/#ssec-pkgs-dockerTools-buildImage
|
|
hpc-oci = pkgs.dockerTools.buildLayeredImage {
|
|
name = "hpc-oci";
|
|
#config.Cmd = [ "${pkgs.mysql}/bin/mysqld" ];
|
|
config.Cmd = [ "/bin/bash" ];
|
|
config.WorkingDir = "/data";
|
|
config.Volumes."/data" = { };
|
|
#copyToRoot = pkgs.buildEnv {
|
|
# name = "image-root";
|
|
# pathsToLink = [ "/bin" ];
|
|
# paths = with pkgs; [
|
|
# redis
|
|
# ];
|
|
#};
|
|
};
|
|
#hpc-oci2 = flakes.nix2container.pkgs.nix2container.buildImage {
|
|
# name = "hello";
|
|
# config.entrypoint = ["${pkgs.hello}/bin/hello" ];
|
|
#};
|
|
});
|
|
devShells = forAllSystems ({ pkgs, ...}: {
|
|
|
|
|
|
default = pkgs.mkShellNoCC {
|
|
#env.APPTAINER_BINDPATH = ".direnv/nix:/nix";
|
|
#env.SINGULARITY_BINDPATH = ".direnv/nix:/nix";
|
|
env.APPTAINER_BINDPATH = "/usr,/lib,/lib64,.direnv/nix:/nix";
|
|
env.SINGULARITY_BINDPATH = "/usr,/lib,/lib64,.direnv/nix:/nix";
|
|
#env.APPTAINER_BINDPATH = "/usr,/lib,/lib64";
|
|
#env.SINGULARITY_BINDPATH = "/usr,/lib,/lib64";
|
|
packages = with pkgs; [
|
|
remote-exec
|
|
(python3.withPackages (ps: with ps; [
|
|
typer
|
|
]))
|
|
];
|
|
};
|
|
|
|
});
|
|
};
|
|
}
|