From 8b33de0c020935f279aab0ae6b5462037769d870 Mon Sep 17 00:00:00 2001 From: Evan Reichard Date: Wed, 19 Mar 2025 09:13:00 -0400 Subject: [PATCH] add office server + adsb --- flake.nix | 22 ++++- home-manager/nvim/config/lua/llm.lua | 2 +- hosts/{llama-server.nix => office-server.nix} | 94 ++++++++++++------- hosts/usb-image.nix | 46 +++++++++ lib/common-system.nix | 2 +- 5 files changed, 126 insertions(+), 40 deletions(-) rename hosts/{llama-server.nix => office-server.nix} (58%) create mode 100644 hosts/usb-image.nix diff --git a/flake.nix b/flake.nix index 72c8cdd..5d30a72 100644 --- a/flake.nix +++ b/flake.nix @@ -34,16 +34,30 @@ ./hosts/rke2-image.nix ]; }; + + usb-image = nixos-generators.nixosGenerate { + system = "x86_64-linux"; + format = "raw-efi"; + modules = [ + ./hosts/usb-image.nix + ]; + }; }; # NixOS Configurations nixosConfigurations = { - # LLaMA C++ Server - lin-va-llama1 = mkSystem { - systemConfig = ./hosts/llama-server.nix; + # Office Server (LLaMA / ADS-B) + lin-va-office = mkSystem { + systemConfig = ./hosts/office-server.nix; moduleConfig = { - hostName = "lin-va-llama1"; + hostName = "lin-va-office"; mainDiskID = "/dev/disk/by-id/ata-MTFDDAK512MBF-1AN1ZABHA_161212233628"; + network = { + interface = "enp5s0"; + address = "10.0.50.120"; + defaultGateway = "10.0.50.254"; + nameservers = [ "10.0.50.254" ]; + }; }; }; diff --git a/home-manager/nvim/config/lua/llm.lua b/home-manager/nvim/config/lua/llm.lua index a24cc63..2a93118 100644 --- a/home-manager/nvim/config/lua/llm.lua +++ b/home-manager/nvim/config/lua/llm.lua @@ -1,6 +1,6 @@ -- Configure LLama LLM vim.g.llama_config = { - endpoint = "http://10.0.20.158:8080/infill", + endpoint = "http://10.0.50.120:8080/infill", api_key = "", n_prefix = 256, n_suffix = 64, diff --git a/hosts/llama-server.nix b/hosts/office-server.nix similarity index 58% rename from hosts/llama-server.nix rename to hosts/office-server.nix index 4d7e0cc..4d09682 100644 --- a/hosts/llama-server.nix +++ b/hosts/office-server.nix @@ -54,41 +54,66 @@ in nvidiaSettings = true; }; - # Network Configuration - networking.networkmanager.enable = true; - - # Download Model - systemd.services.download-model = { - description = "Download Model"; - wantedBy = [ "multi-user.target" ]; - before = [ "llama-cpp.service" ]; - path = [ pkgs.curl pkgs.coreutils ]; - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; - User = "root"; - Group = "root"; - }; - script = '' - set -euo pipefail - - if [ ! -f "${modelPath}" ]; then - mkdir -p "${modelDir}" - # Add -f flag to follow redirects and -L for location - # Add --fail flag to exit with error on HTTP errors - # Add -C - to resume interrupted downloads - curl -f -L -C - \ - -H "Accept: application/octet-stream" \ - --retry 3 \ - --retry-delay 5 \ - --max-time 1800 \ - "${modelUrl}" \ - -o "${modelPath}.tmp" && \ - mv "${modelPath}.tmp" "${modelPath}" - fi - ''; + # Networking Configuration + networking.firewall = { + enable = true; + allowedTCPPorts = [ + 1234 # RTL-TCP + 8080 # LLama API + ]; }; + # RTL-SDR + hardware.rtl-sdr.enable = true; + + systemd.services = { + # LLama Download Model + download-model = { + description = "Download Model"; + wantedBy = [ "multi-user.target" ]; + before = [ "llama-cpp.service" ]; + path = [ pkgs.curl pkgs.coreutils ]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + User = "root"; + Group = "root"; + }; + script = '' + set -euo pipefail + + if [ ! -f "${modelPath}" ]; then + mkdir -p "${modelDir}" + # Add -f flag to follow redirects and -L for location + # Add --fail flag to exit with error on HTTP errors + # Add -C - to resume interrupted downloads + curl -f -L -C - \ + -H "Accept: application/octet-stream" \ + --retry 3 \ + --retry-delay 5 \ + --max-time 1800 \ + "${modelUrl}" \ + -o "${modelPath}.tmp" && \ + mv "${modelPath}.tmp" "${modelPath}" + fi + ''; + }; + + # RTL-SDR TCP Server Service + rtl-tcp = { + description = "RTL-SDR TCP Server"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + ExecStart = "${pkgs.rtl-sdr}/bin/rtl_tcp -a 0.0.0.0 -f 1090000000 -s 2400000"; + Restart = "on-failure"; + RestartSec = "10s"; + User = "root"; + Group = "root"; + }; + }; + }; # Setup LLama API Service systemd.services.llama-cpp = { @@ -141,7 +166,8 @@ in # System Packages environment.systemPackages = with pkgs; [ htop - nvtop + nvtopPackages.full + rtl-sdr tmux vim wget diff --git a/hosts/usb-image.nix b/hosts/usb-image.nix new file mode 100644 index 0000000..568f569 --- /dev/null +++ b/hosts/usb-image.nix @@ -0,0 +1,46 @@ +{ pkgs, ... }: + +{ + # Basic System + system.stateVersion = "24.11"; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + time.timeZone = "UTC"; + + fileSystems."/" = { + device = "/dev/disk/by-label/nixos"; + fsType = "ext4"; + autoResize = true; + }; + + # SSH + services.openssh = { + enable = true; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "prohibit-password"; + }; + }; + + # Firewall Configuration + networking.firewall = { + enable = true; + allowedTCPPorts = [ + 22 + ]; + }; + + # User Authorized Keys + users.users.root = { + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIe1n9l9pVF5+kjWJCOt3AvBVf1HOSZkEDZxCWVPSIkr evan@reichard" + ]; + hashedPassword = null; + }; + + # System Packages + environment.systemPackages = with pkgs; [ + htop + tmux + vim + ]; +} diff --git a/lib/common-system.nix b/lib/common-system.nix index 9bed555..dfddbab 100644 --- a/lib/common-system.nix +++ b/lib/common-system.nix @@ -87,7 +87,7 @@ }; }) - # Xen Guest + # Xen Guest Configuration (lib.mkIf config.enableXenGuest { services.xe-guest-utilities.enable = true;