diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index bbc8b49c43f..213048da500 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -654,6 +654,8 @@ ./services/networking/hylafax/default.nix ./services/networking/i2pd.nix ./services/networking/i2p.nix + ./services/networking/icecream/scheduler.nix + ./services/networking/icecream/daemon.nix ./services/networking/iodine.nix ./services/networking/iperf3.nix ./services/networking/ircd-hybrid/default.nix diff --git a/nixos/modules/services/networking/icecream/daemon.nix b/nixos/modules/services/networking/icecream/daemon.nix new file mode 100644 index 00000000000..2975696f9c2 --- /dev/null +++ b/nixos/modules/services/networking/icecream/daemon.nix @@ -0,0 +1,155 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.icecream.daemon; +in { + + ###### interface + + options = { + + services.icecream.daemon = { + + enable = mkEnableOption "Icecream Daemon"; + + openFirewall = mkOption { + type = types.bool; + description = '' + Whether to automatically open receive port in the firewall. + ''; + }; + + openBroadcast = mkOption { + type = types.bool; + description = '' + Whether to automatically open the firewall for scheduler discovery. + ''; + }; + + cacheLimit = mkOption { + type = types.ints.u16; + default = 256; + description = '' + Maximum size in Megabytes of cache used to store compile environments of compile clients. + ''; + }; + + netName = mkOption { + type = types.str; + default = "ICECREAM"; + description = '' + Network name to connect to. A scheduler with the same name needs to be running. + ''; + }; + + noRemote = mkOption { + type = types.bool; + default = false; + description = '' + Prevent jobs from other nodes being scheduled on this daemon. + ''; + }; + + schedulerHost = mkOption { + type = types.nullOr types.str; + default = null; + description = '' + Explicit scheduler hostname, useful in firewalled environments. + + Uses scheduler autodiscovery via broadcast if set to null. + ''; + }; + + maxProcesses = mkOption { + type = types.nullOr types.ints.u16; + default = null; + description = '' + Maximum number of compile jobs started in parallel for this daemon. + + Uses the number of CPUs if set to null. + ''; + }; + + nice = mkOption { + type = types.int; + default = 5; + description = '' + The level of niceness to use. + ''; + }; + + hostname = mkOption { + type = types.nullOr types.str; + default = null; + description = '' + Hostname of the daemon in the icecream infrastructure. + + Uses the hostname retrieved via uname if set to null. + ''; + }; + + user = mkOption { + type = types.str; + default = "icecc"; + description = '' + User to run the icecream daemon as. Set to root to enable receive of + remote compile environments. + ''; + }; + + package = mkOption { + default = pkgs.icecream; + defaultText = "pkgs.icecream"; + type = types.package; + description = "Icecream package to use."; + }; + + extraArgs = mkOption { + type = types.listOf types.str; + default = []; + description = "Additional command line parameters."; + example = [ "-v" ]; + }; + }; + }; + + ###### implementation + + config = mkIf cfg.enable { + networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ 10245 ]; + networking.firewall.allowedUDPPorts = mkIf cfg.openBroadcast [ 8765 ]; + + systemd.services.icecc-daemon = { + description = "Icecream compile daemon"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + ExecStart = escapeShellArgs ([ + "${getBin cfg.package}/bin/iceccd" + "-b" "$STATE_DIRECTORY" + "-u" "icecc" + (toString cfg.nice) + ] + ++ optionals (cfg.schedulerHost != null) ["-s" cfg.schedulerHost] + ++ optionals (cfg.netName != null) [ "-n" cfg.netName ] + ++ optionals (cfg.cacheLimit != null) [ "--cache-limit" (toString cfg.cacheLimit) ] + ++ optionals (cfg.maxProcesses != null) [ "-m" (toString cfg.maxProcesses) ] + ++ optionals (cfg.hostname != null) [ "-N" (cfg.hostname) ] + ++ optional cfg.noRemote "--no-remote" + ++ cfg.extraArgs); + DynamicUser = true; + User = "icecc"; + Group = "icecc"; + StateDirectory = "icecc"; + RuntimeDirectory = "icecc"; + AmbientCapabilities = "CAP_SYS_CHROOT"; + CapabilityBoundingSet = "CAP_SYS_CHROOT"; + }; + }; + }; + + meta.maintainers = with lib.maintainers; [ emantor ]; +} diff --git a/nixos/modules/services/networking/icecream/scheduler.nix b/nixos/modules/services/networking/icecream/scheduler.nix new file mode 100644 index 00000000000..4ccbf27015d --- /dev/null +++ b/nixos/modules/services/networking/icecream/scheduler.nix @@ -0,0 +1,101 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.icecream.scheduler; +in { + + ###### interface + + options = { + + services.icecream.scheduler = { + enable = mkEnableOption "Icecream Scheduler"; + + netName = mkOption { + type = types.nullOr types.str; + default = null; + description = '' + Network name for the icecream scheduler. + + Uses the default ICECREAM if null. + ''; + }; + + port = mkOption { + type = types.port; + default = 8765; + description = '' + Server port to listen for icecream daemon requests. + ''; + }; + + openFirewall = mkOption { + type = types.bool; + description = '' + Whether to automatically open the daemon port in the firewall. + ''; + }; + + openTelnet = mkOption { + type = types.bool; + default = false; + description = '' + Whether to open the telnet TCP port on 8766. + ''; + }; + + persistentClientConnection = mkOption { + type = types.bool; + default = false; + description = '' + Whether to prevent clients from connecting to a better scheduler. + ''; + }; + + package = mkOption { + default = pkgs.icecream; + defaultText = "pkgs.icecream"; + type = types.package; + description = "Icecream package to use."; + }; + + extraArgs = mkOption { + type = types.listOf types.str; + default = []; + description = "Additional command line parameters"; + example = [ "-v" ]; + }; + }; + }; + + ###### implementation + + config = mkIf cfg.enable { + networking.firewall.allowedTCPPorts = mkMerge [ + (mkIf cfg.openFirewall [ cfg.port ]) + (mkIf cfg.openTelnet [ 8766 ]) + ]; + + systemd.services.icecc-scheduler = { + description = "Icecream scheduling server"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + ExecStart = escapeShellArgs ([ + "${getBin cfg.package}/bin/icecc-scheduler" + "-p" (toString cfg.port) + ] + ++ optionals (cfg.netName != null) [ "-n" (toString cfg.netName) ] + ++ optional cfg.persistentClientConnection "-r" + ++ cfg.extraArgs); + + DynamicUser = true; + }; + }; + }; + + meta.maintainers = with lib.maintainers; [ emantor ]; +} diff --git a/pkgs/applications/networking/icemon/default.nix b/pkgs/applications/networking/icemon/default.nix new file mode 100644 index 00000000000..b757445eb08 --- /dev/null +++ b/pkgs/applications/networking/icemon/default.nix @@ -0,0 +1,24 @@ +{ lib, fetchFromGitHub, mkDerivation, qtbase, cmake, extra-cmake-modules, icecream, libcap_ng, lzo, zstd, libarchive, wrapQtAppsHook }: + +mkDerivation rec { + pname = "icemon"; + version = "3.3"; + + src = fetchFromGitHub { + owner = "icecc"; + repo = pname; + rev = "v${version}"; + sha256 = "09jnipr67dhawbxfn69yh7mmjrkylgiqmd0gmc2limd3z15d7pgc"; + }; + + nativeBuildInputs = [ cmake extra-cmake-modules wrapQtAppsHook ]; + buildInputs = [ icecream qtbase libcap_ng lzo zstd libarchive ]; + + meta = with lib; { + description = "Icecream GUI Monitor"; + inherit (src.meta) homepage; + license = licenses.gpl2; + maintainers = with maintainers; [ emantor ]; + platforms = with platforms; linux ++ darwin; + }; +} diff --git a/pkgs/servers/icecream/default.nix b/pkgs/servers/icecream/default.nix new file mode 100644 index 00000000000..1800700b040 --- /dev/null +++ b/pkgs/servers/icecream/default.nix @@ -0,0 +1,25 @@ +{ stdenv, fetchFromGitHub, autoreconfHook, docbook2x, libarchive, libcap_ng, lzo, zstd, docbook_xml_dtd_45 }: + +stdenv.mkDerivation rec { + pname = "icecream"; + version = "2020-04-15"; + + src = fetchFromGitHub { + owner = "icecc"; + repo = pname; + rev = "c370c4d701d05e1872d44d1c1642a774a7f25807"; + sha256 = "0ld2ihd39irlk4wshpbw7inmgyl3x0gbkgsy10izcm1wwfc0x2ac"; + }; + enableParallelBuilding = true; + + nativeBuildInputs = [ autoreconfHook docbook2x ]; + buildInputs = [ libarchive libcap_ng lzo zstd docbook_xml_dtd_45 ]; + + meta = with stdenv.lib; { + description = "Distributed compiler with a central scheduler to share build load"; + inherit (src.meta) homepage; + license = licenses.gpl2; + maintainers = with maintainers; [ emantor ]; + platforms = with platforms; linux ++ darwin; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index dca2d81b9b2..30a0bedd4c3 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -4777,6 +4777,8 @@ in icecast = callPackage ../servers/icecast { }; + icemon = libsForQt5.callPackage ../applications/networking/icemon { }; + icepeak = haskell.lib.justStaticExecutables haskellPackages.icepeak; iceshelf = callPackage ../tools/backup/iceshelf { }; @@ -17129,6 +17131,8 @@ in hydron = callPackage ../servers/hydron { }; + icecream = callPackage ../servers/icecream { }; + icingaweb2 = callPackage ../servers/icingaweb2 { }; icingaweb2Modules = { theme-april = callPackage ../servers/icingaweb2/theme-april { };