Migrate sayuri to hitagi

nazuna
Simon Bruder 2022-12-30 19:52:58 +01:00
parent 25a7383a8b
commit 03492fccad
Signed by: simon
GPG Key ID: 8D3C82F9F309F8EC
11 changed files with 62 additions and 136 deletions

View File

@ -10,10 +10,10 @@ in
hardware.common-pc-ssd
];
};
sayuri = {
hitagi = {
system = "x86_64-linux";
extraModules = [
hardware.common-cpu-intel
hardware.common-cpu-amd
hardware.common-pc-ssd
];
};

31
machines/hitagi/README.md Normal file
View File

@ -0,0 +1,31 @@
# hitagi
## Hardware
Custom build.
* Motherboard: GIGABYTE B550 AORUS ELITE V2 (rev 1.0)
* CPU: AMD Ryzen 7 5800X
* RAM: 2×16GB G.Skill Aegis DDR4-3200 CL16 (not because it is anything special)
* PSU: be quiet! System Power 10 750W
* Main SSD: 250GB Samsung 970 Evo Pro NVMe
* Secondary SSD: 256GB micron MTFDDAK256TBN-1AR15ABHA SATA
* HDD: 2TB Toshiba HDWA120
* GPU: Sapphire Nitro+ Radeon RX 480 (8GiB VRAM)
* Case fans: 2 be quiet! Pure Wings 2 140mm (included in case), 3 more with PWM
* CPU Cooler: Noctua NH-U12S with an additional NF-F12 PWM
This replaces sayuri,
which features an enterprise HP firmware without fan control,
an ancient Intel platform that is only usable in YOLO mode (`mitigations=off`)
and proprietary case, motherboard and power supply.
## Purpose
Tasks that require large amounts of CPU power,
a medium amount of GPU power
or have to run while I do other things (on my laptop).
## Name
Senjougahara Hitagi is a student from the *Monogatari Series*.

View File

@ -69,35 +69,9 @@
after = [ "libvirtd.service" ];
};
networking.hostName = "sayuri";
networking.hostName = "hitagi";
system.stateVersion = "20.03";
specialisation = {
foldingathome.configuration = {
services.foldingathome = {
enable = true;
user = "sbruder";
};
};
yolo.configuration = {
# https://make-linux-fast-again.com/
boot.kernelParams = [
"l1tf=off"
"mds=off"
"mitigations=off"
"no_stf_barrier"
"noibpb"
"noibrs"
"nopti"
"nospec_store_bypass_disable"
"nospectre_v1"
"nospectre_v2"
"tsx=on"
"tsx_async_abort=off"
];
};
};
programs.corectrl.enable = true;
}

View File

@ -6,7 +6,7 @@
];
boot = {
kernelModules = [ "kvm-intel" ];
kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ];
loader = {
grub.enable = false;
@ -69,8 +69,6 @@
{ device = "/dev/disk/by-uuid/2774d182-ddc9-4d79-886e-995fcd60a88a"; }
];
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
# GPU
hardware.opengl.extraPackages = with pkgs; [
rocm-opencl-icd
@ -81,4 +79,23 @@
radeontop
rocm-smi
];
# https://www.reddit.com/r/gigabyte/comments/p5ewjn/b550i_pro_ax_f13_bios_sleep_issue_on_linux/
systemd.services.suspend-fix = {
wantedBy = [ "multi-user.target" ];
description = "Fix suspend";
script = ''
if grep -q "GPP0 .* \*enabled" /proc/acpi/wakeup; then
echo GPP0 > /proc/acpi/wakeup
echo "Disabled wakeup for GPP0"
else
echo "Wakeup for GPP0 already disabled"
fi
'';
serviceConfig = {
Type = "oneshot";
};
};
}

View File

@ -65,7 +65,7 @@ in
"mayushii.vpn.sbruder.de:9100"
"nunotaba.vpn.sbruder.de:9100"
"renge.vpn.sbruder.de:9100"
"sayuri.vpn.sbruder.de:9100"
"hitagi.vpn.sbruder.de:9100"
"vueko.vpn.sbruder.de:9100"
];
}
@ -119,7 +119,7 @@ in
rules = map mkAlert [
{
name = "InstanceDown";
expr = ''up{instance!~"(nunotaba|sayuri|mayushii|fuuko).vpn.sbruder.de:.*"} == 0'';
expr = ''up{instance!~"(nunotaba|hitagi|mayushii|fuuko).vpn.sbruder.de:.*"} == 0'';
description = "Instance {{ $labels.instance }} of job {{ $labels.job }} has been down for more than 1 minutes.";
}
{

View File

@ -1,96 +0,0 @@
# sayuri
## Hardware
HP Z440 workstation.
* [Intel Xeon E5-2683 v4](https://ark.intel.com/content/www/us/en/ark/products/91766/intel-xeon-processor-e52683-v4-40m-cache-2-10-ghz.html)
* 4×4GiB DDR4 2400MHz ECC memory
* 250GB Samsung 970 Evo Pro NVMe SSD
* 256GB micron MTFDDAK256TBN-1AR15ABHA SATA SSD
* 2TB Toshiba HDWA120 HDD
* Sapphire Nitro+ Radeon RX 480 (8GiB VRAM)
### Mods
#### Fan
The original fans are really loud if you run them at a higher speed.
What fans are used depend on the exact model of the Z440,
mine had a Delta QUR0912VH as rear case fan,
a Delta AFB0912VH as front fan
and a Foxconn PVA092G12S as CPU fan.
Since the firmware only allows dynamic fan control via Intel QST,
which is not supported in the kernel,
the “minimum fan speed” set in the firmware configuration is always used.
I replaced all three fans (rear case fan, front “PCIe” fan, CPU fan) with aftermarket products.
For the rear case fan and CPU fan I used Noctua NF-A9 PWM fans,
for the front fan an Arctic F9 PWM (for the sole reason that it is cheaper).
Since HP decided to use different connectors for all of the fans
(with the CPU fan connector having a proprietary 6-pin connector),
I had to get creative with plugging them in.
One alternative suggested by Michael Stapelberg in [his article on fan replacement in a HP Z440](https://michael.stapelberg.ch/posts/2021-08-28-silent-hp-z440-workstation/)
is to remove the guard rails of the fans.
Since this is destructive and I might want to sell the fans again if I dont use them anymore,
I decided against this
and instead opted for connecting them manually with cheap jumper cables.
This certainly is not the prettiest solution, but it works.
As for the CPU fan,
the fifth and sixth wire are actually not needed
and a 4-pin PWM fan can be plugged into the connector (with jumpers).
#### CPU
The original CPU that came in my model was an Intel Xeon E5-1620 v4 CPU
with 4 cores (8 threads),
a base clock speed of 3.5GHz
and a boost clock speed of 3.8GHz.
To achieve better multicore performance,
I upgraded it to an Intel Xeon E5-2683 v4, which can be found used for semi-cheap on AliExpress.
It has 16 cores (32 threads),
a base clock speed of 2.1GHz
and a boost clock speed of 3GHz.
While the CPU worked out-of-the box with the 2020 firmware revision I had on it,
it did not offer frequency control in linux (and therefore stayed at its base clock).
Upgrading to the newest firmware did not fix this issue.
A workaround is to enable CPU HWPM in the firmware,
which strips the kernel from frequency control and instead hands it to the firmware,
which at least allows the CPU to reach 2.7GHz
Since this setting makes it impossible to determine the CPU clock via `cpupower frequency-info`,
they have to be obtained by running `grep -E '^cpu MHz' /proc/cpuinfo` (one line for every thread).
However, all CPUs compatible with the socket of this system (2011-3) share the same problem:
They suffer from many security vulnerabilities,
the mitigation of which slows them down massively.
A possible workaround is to disable mitigations (https://make-linux-fast-again.com/),
which, however, makes the CPU vulnerable to all those attacks again!
This is implemented by the `yolo` specialisation,
which can be selected at boot.
The result of this is that,
while it has double the cores and is a desktop/server CPU,
it still is around 15% slower (!) than my laptops Ryzen 7 5850U in multithreaded synthetic workloads.
It looks even worse in single-threaded workloads,
in which my laptop is five times as fast.
#### Memory
I have not yet upgraded the memory for cost reasons.
It still is the original 4 sticks of Hynix HMA451R7AFR8N-UH (4GiB DDR4 2400MHz ECC).
An upgrade is necessary due to many processes memory usage scaling linearily with CPU cores,
the prime example being compiling with `make -j32` et al.
#### Conclusion
Is it worth it?
Probably not, especially as a desktop machine.
It might come in handy at a later time as a server.
## Purpose
Tasks that require a decent amount of GPU power
and/or have to run while I do other things (on my laptop).
## Name
Sayuri Kurata is a student from *Kanon*

View File

@ -8,7 +8,7 @@ in
type = lib.types.attrsOf lib.types.str;
description = "Known public keys that can be used in the configuration";
default = {
"simon@sayuri" = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1kQUoPII8A9/bgPA+OrZGQLPA8MxkdmPSCCsfGMh9qRZfF7BSD8W6VdE/28tLw+39QeUl1+/9VuVvGjZBP1zBAbKIcKx4DjtgxpNXCsfWMjXFtpTGk2dyl71CaY5n72YlADxXYwtEvuwfNixgE2yTCefMbBsfwqYC0GZGiDlFtjxdg+RuUC8jU++C+WFUFct9gj9ieQ0LWjud+Oh0AF0JhyGnou+wVZIIO8mwo7Cc5xiPldXhbc13XiNC3mpNGCLFj+nh1feazk8TeAVDBps6xaDkOd+hDwTBQh8LoimePK7MiShzLvC38Vd/sim5ym/IqY634CjqBDGCMp1KXnqHUTT8CqeifMv10+aRJKUPevVkO3nEE3VoSPt7Ui9ZzLnL4qhZyygoBau+PvD2WCWm+gRwBkvU1uNrYKi4HIGhB/gXcYHKJimqJwLMyqG5Wv1jfuhn3ZZN+uNqTgdAznGgPRU1Q/Mx6nMEDiQip78qdYEc0YGwdb/TldEL6aHRjuNuZPpTW+zakQHiQTRb/0VdZT1bAwyT9yL0Uf40h706Kh/pKiSQ1yq1dlSdl3RlfedbqLqGjspds1iRSrSXyH2MBghPbz/SF7Vt4LW/tXF0rcyV7CU98ZvxJDWeN60OE0vPf/AT5udYyfPO1691y0F8jGKxGYYPg9R/Y5o7J24PbQ==";
"simon@hitagi" = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1kQUoPII8A9/bgPA+OrZGQLPA8MxkdmPSCCsfGMh9qRZfF7BSD8W6VdE/28tLw+39QeUl1+/9VuVvGjZBP1zBAbKIcKx4DjtgxpNXCsfWMjXFtpTGk2dyl71CaY5n72YlADxXYwtEvuwfNixgE2yTCefMbBsfwqYC0GZGiDlFtjxdg+RuUC8jU++C+WFUFct9gj9ieQ0LWjud+Oh0AF0JhyGnou+wVZIIO8mwo7Cc5xiPldXhbc13XiNC3mpNGCLFj+nh1feazk8TeAVDBps6xaDkOd+hDwTBQh8LoimePK7MiShzLvC38Vd/sim5ym/IqY634CjqBDGCMp1KXnqHUTT8CqeifMv10+aRJKUPevVkO3nEE3VoSPt7Ui9ZzLnL4qhZyygoBau+PvD2WCWm+gRwBkvU1uNrYKi4HIGhB/gXcYHKJimqJwLMyqG5Wv1jfuhn3ZZN+uNqTgdAznGgPRU1Q/Mx6nMEDiQip78qdYEc0YGwdb/TldEL6aHRjuNuZPpTW+zakQHiQTRb/0VdZT1bAwyT9yL0Uf40h706Kh/pKiSQ1yq1dlSdl3RlfedbqLqGjspds1iRSrSXyH2MBghPbz/SF7Vt4LW/tXF0rcyV7CU98ZvxJDWeN60OE0vPf/AT5udYyfPO1691y0F8jGKxGYYPg9R/Y5o7J24PbQ==";
"simon@mayushii" = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAJ7qUGZUjiDhQ6Se+aXr9DbgRTG2tx69owqVMkd2bna";
"simon@nunotaba" = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILcOt4mAwIuAGMfRdfeoGX4UFkQDhkbihJcsAgG7JE/j";
};
@ -17,7 +17,7 @@ in
type = lib.types.listOf lib.types.str;
description = "Names of trusted public keys, used to generate <literal>sbruder.pubkeys.trustedKeys</literal>";
default = [
"simon@sayuri"
"simon@hitagi"
"simon@mayushii"
"simon@nunotaba"
];

View File

@ -16,8 +16,8 @@
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIICf9svRenC/PLKIL9nk6K/pxQgoiFC41wTNvoIncOxs";
};
sayuri = {
hostNames = [ "sayuri" "sayuri.home.sbruder.de" "sayuri.vpn.sbruder.de" ];
hitagi = {
hostNames = [ "hitagi" "hitagi.home.sbruder.de" "hitagi.vpn.sbruder.de" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIg/622wS8SFlzS29TPW9li3pNdbdHNjlGb4XTyXR0QR";
};
vueko = {

View File

@ -2,7 +2,7 @@
let
serverHostName = "vueko";
peers = {
sayuri = {
hitagi = {
address = "10.80.0.5";
publicKey = "t7hpd2yZupAKHxYerHtXnlPRUjV1aGbrrzjYakKdOwE=";
};

View File

@ -9,7 +9,7 @@ let
# mayushii is handled separately in sways main configuration.
# See it for more details.
# mayushii = { };
sayuri = {
hitagi = {
home.outputs = lib.singleton {
criteria = "Acer Technologies Acer B277K 0x0000F36C";
mode = "3840x2160";