add office server + adsb

2025-03-19 09:13:00 -04:00 · 2025-03-19 09:13:00 -04:00 · 8b33de0c02
commit 8b33de0c02
parent 7529990566
5 changed files with 126 additions and 40 deletions
--- a/flake.nix
+++ b/flake.nix
@ -34,16 +34,30 @@
            ./hosts/rke2-image.nix
          ];
        };
+
+        usb-image = nixos-generators.nixosGenerate {
+          system = "x86_64-linux";
+          format = "raw-efi";
+          modules = [
+            ./hosts/usb-image.nix
+          ];
+        };
      };

      # NixOS Configurations
      nixosConfigurations = {
-        # LLaMA C++ Server
-        lin-va-llama1 = mkSystem {
-          systemConfig = ./hosts/llama-server.nix;
+        # Office Server (LLaMA / ADS-B)
+        lin-va-office = mkSystem {
+          systemConfig = ./hosts/office-server.nix;
          moduleConfig = {
-            hostName = "lin-va-llama1";
+            hostName = "lin-va-office";
            mainDiskID = "/dev/disk/by-id/ata-MTFDDAK512MBF-1AN1ZABHA_161212233628";
+            network = {
+              interface = "enp5s0";
+              address = "10.0.50.120";
+              defaultGateway = "10.0.50.254";
+              nameservers = [ "10.0.50.254" ];
+            };
          };
        };

--- a/home-manager/nvim/config/lua/llm.lua
+++ b/home-manager/nvim/config/lua/llm.lua
@ -1,6 +1,6 @@
 -- Configure LLama LLM
 vim.g.llama_config = {
-	endpoint = "http://10.0.20.158:8080/infill",
+	endpoint = "http://10.0.50.120:8080/infill",
 	api_key = "",
 	n_prefix = 256,
 	n_suffix = 64,
--- a/hosts/office-server.nix
+++ b/hosts/office-server.nix
@ -54,41 +54,66 @@ in
    nvidiaSettings = true;
  };

-  # Network Configuration
-  networking.networkmanager.enable = true;
-
-  # Download Model
-  systemd.services.download-model = {
-    description = "Download Model";
-    wantedBy = [ "multi-user.target" ];
-    before = [ "llama-cpp.service" ];
-    path = [ pkgs.curl pkgs.coreutils ];
-    serviceConfig = {
-      Type = "oneshot";
-      RemainAfterExit = true;
-      User = "root";
-      Group = "root";
-    };
-    script = ''
-      set -euo pipefail
-
-      if [ ! -f "${modelPath}" ]; then
-        mkdir -p "${modelDir}"
-        # Add -f flag to follow redirects and -L for location
-        # Add --fail flag to exit with error on HTTP errors
-        # Add -C - to resume interrupted downloads
-        curl -f -L -C - \
-          -H "Accept: application/octet-stream" \
-          --retry 3 \
-          --retry-delay 5 \
-          --max-time 1800 \
-          "${modelUrl}" \
-          -o "${modelPath}.tmp" && \
-        mv "${modelPath}.tmp" "${modelPath}"
-      fi
-    '';
+  # Networking Configuration
+  networking.firewall = {
+    enable = true;
+    allowedTCPPorts = [
+      1234 # RTL-TCP
+      8080 # LLama API
+    ];
  };

+  # RTL-SDR
+  hardware.rtl-sdr.enable = true;
+
+  systemd.services = {
+    # LLama Download Model
+    download-model = {
+      description = "Download Model";
+      wantedBy = [ "multi-user.target" ];
+      before = [ "llama-cpp.service" ];
+      path = [ pkgs.curl pkgs.coreutils ];
+      serviceConfig = {
+        Type = "oneshot";
+        RemainAfterExit = true;
+        User = "root";
+        Group = "root";
+      };
+      script = ''
+        set -euo pipefail
+
+        if [ ! -f "${modelPath}" ]; then
+          mkdir -p "${modelDir}"
+          # Add -f flag to follow redirects and -L for location
+          # Add --fail flag to exit with error on HTTP errors
+          # Add -C - to resume interrupted downloads
+          curl -f -L -C - \
+            -H "Accept: application/octet-stream" \
+            --retry 3 \
+            --retry-delay 5 \
+            --max-time 1800 \
+            "${modelUrl}" \
+            -o "${modelPath}.tmp" && \
+          mv "${modelPath}.tmp" "${modelPath}"
+        fi
+      '';
+    };
+
+    # RTL-SDR TCP Server Service
+    rtl-tcp = {
+      description = "RTL-SDR TCP Server";
+      after = [ "network.target" ];
+      wantedBy = [ "multi-user.target" ];
+
+      serviceConfig = {
+        ExecStart = "${pkgs.rtl-sdr}/bin/rtl_tcp -a 0.0.0.0 -f 1090000000 -s 2400000";
+        Restart = "on-failure";
+        RestartSec = "10s";
+        User = "root";
+        Group = "root";
+      };
+    };
+  };

  # Setup LLama API Service
  systemd.services.llama-cpp = {
@ -141,7 +166,8 @@ in
  # System Packages
  environment.systemPackages = with pkgs; [
    htop
-    nvtop
+    nvtopPackages.full
+    rtl-sdr
    tmux
    vim
    wget
--- a/hosts/usb-image.nix
+++ b/hosts/usb-image.nix
@ -0,0 +1,46 @@
+{ pkgs, ... }:
+
+{
+  # Basic System
+  system.stateVersion = "24.11";
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+  time.timeZone = "UTC";
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-label/nixos";
+    fsType = "ext4";
+    autoResize = true;
+  };
+
+  # SSH
+  services.openssh = {
+    enable = true;
+    settings = {
+      PasswordAuthentication = false;
+      PermitRootLogin = "prohibit-password";
+    };
+  };
+
+  # Firewall Configuration
+  networking.firewall = {
+    enable = true;
+    allowedTCPPorts = [
+      22
+    ];
+  };
+
+  # User Authorized Keys
+  users.users.root = {
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIe1n9l9pVF5+kjWJCOt3AvBVf1HOSZkEDZxCWVPSIkr evan@reichard"
+    ];
+    hashedPassword = null;
+  };
+
+  # System Packages
+  environment.systemPackages = with pkgs; [
+    htop
+    tmux
+    vim
+  ];
+}
--- a/lib/common-system.nix
+++ b/lib/common-system.nix
@ -87,7 +87,7 @@
      };
    })

-    # Xen Guest
+    # Xen Guest Configuration
    (lib.mkIf config.enableXenGuest {
      services.xe-guest-utilities.enable = true;