add office server + adsb

flake.nix

@@ -34,16 +34,30 @@
             ./hosts/rke2-image.nix
           ];
         };
+
+        usb-image = nixos-generators.nixosGenerate {
+          system = "x86_64-linux";
+          format = "raw-efi";
+          modules = [
+            ./hosts/usb-image.nix
+          ];
+        };
       };
 
       # NixOS Configurations
       nixosConfigurations = {
-        # LLaMA C++ Server
+        # Office Server (LLaMA / ADS-B)
-        lin-va-llama1 = mkSystem {
+        lin-va-office = mkSystem {
-          systemConfig = ./hosts/llama-server.nix;
+          systemConfig = ./hosts/office-server.nix;
           moduleConfig = {
-            hostName = "lin-va-llama1";
+            hostName = "lin-va-office";
             mainDiskID = "/dev/disk/by-id/ata-MTFDDAK512MBF-1AN1ZABHA_161212233628";
+            network = {
+              interface = "enp5s0";
+              address = "10.0.50.120";
+              defaultGateway = "10.0.50.254";
+              nameservers = [ "10.0.50.254" ];
+            };
           };
         };
 

home-manager/nvim/config/lua/llm.lua

@@ -1,6 +1,6 @@
 -- Configure LLama LLM
 vim.g.llama_config = {
-	endpoint = "http://10.0.20.158:8080/infill",
+	endpoint = "http://10.0.50.120:8080/infill",
 	api_key = "",
 	n_prefix = 256,
 	n_suffix = 64,

hosts/office-server.nix

@@ -54,41 +54,66 @@ in
     nvidiaSettings = true;
   };
 
-  # Network Configuration
+  # Networking Configuration
-  networking.networkmanager.enable = true;
+  networking.firewall = {
-
+    enable = true;
-  # Download Model
+    allowedTCPPorts = [
-  systemd.services.download-model = {
+      1234 # RTL-TCP
-    description = "Download Model";
+      8080 # LLama API
-    wantedBy = [ "multi-user.target" ];
+    ];
-    before = [ "llama-cpp.service" ];
-    path = [ pkgs.curl pkgs.coreutils ];
-    serviceConfig = {
-      Type = "oneshot";
-      RemainAfterExit = true;
-      User = "root";
-      Group = "root";
-    };
-    script = ''
-      set -euo pipefail
-
-      if [ ! -f "${modelPath}" ]; then
-        mkdir -p "${modelDir}"
-        # Add -f flag to follow redirects and -L for location
-        # Add --fail flag to exit with error on HTTP errors
-        # Add -C - to resume interrupted downloads
-        curl -f -L -C - \
-          -H "Accept: application/octet-stream" \
-          --retry 3 \
-          --retry-delay 5 \
-          --max-time 1800 \
-          "${modelUrl}" \
-          -o "${modelPath}.tmp" && \
-        mv "${modelPath}.tmp" "${modelPath}"
-      fi
-    '';
   };
 
+  # RTL-SDR
+  hardware.rtl-sdr.enable = true;
+
+  systemd.services = {
+    # LLama Download Model
+    download-model = {
+      description = "Download Model";
+      wantedBy = [ "multi-user.target" ];
+      before = [ "llama-cpp.service" ];
+      path = [ pkgs.curl pkgs.coreutils ];
+      serviceConfig = {
+        Type = "oneshot";
+        RemainAfterExit = true;
+        User = "root";
+        Group = "root";
+      };
+      script = ''
+        set -euo pipefail
+
+        if [ ! -f "${modelPath}" ]; then
+          mkdir -p "${modelDir}"
+          # Add -f flag to follow redirects and -L for location
+          # Add --fail flag to exit with error on HTTP errors
+          # Add -C - to resume interrupted downloads
+          curl -f -L -C - \
+            -H "Accept: application/octet-stream" \
+            --retry 3 \
+            --retry-delay 5 \
+            --max-time 1800 \
+            "${modelUrl}" \
+            -o "${modelPath}.tmp" && \
+          mv "${modelPath}.tmp" "${modelPath}"
+        fi
+      '';
+    };
+
+    # RTL-SDR TCP Server Service
+    rtl-tcp = {
+      description = "RTL-SDR TCP Server";
+      after = [ "network.target" ];
+      wantedBy = [ "multi-user.target" ];
+
+      serviceConfig = {
+        ExecStart = "${pkgs.rtl-sdr}/bin/rtl_tcp -a 0.0.0.0 -f 1090000000 -s 2400000";
+        Restart = "on-failure";
+        RestartSec = "10s";
+        User = "root";
+        Group = "root";
+      };
+    };
+  };
 
   # Setup LLama API Service
   systemd.services.llama-cpp = {
@@ -141,7 +166,8 @@ in
   # System Packages
   environment.systemPackages = with pkgs; [
     htop
-    nvtop
+    nvtopPackages.full
+    rtl-sdr
     tmux
     vim
     wget

hosts/usb-image.nix

@@ -0,0 +1,46 @@
+{ pkgs, ... }:
+
+{
+  # Basic System
+  system.stateVersion = "24.11";
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+  time.timeZone = "UTC";
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-label/nixos";
+    fsType = "ext4";
+    autoResize = true;
+  };
+
+  # SSH
+  services.openssh = {
+    enable = true;
+    settings = {
+      PasswordAuthentication = false;
+      PermitRootLogin = "prohibit-password";
+    };
+  };
+
+  # Firewall Configuration
+  networking.firewall = {
+    enable = true;
+    allowedTCPPorts = [
+      22
+    ];
+  };
+
+  # User Authorized Keys
+  users.users.root = {
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIe1n9l9pVF5+kjWJCOt3AvBVf1HOSZkEDZxCWVPSIkr evan@reichard"
+    ];
+    hashedPassword = null;
+  };
+
+  # System Packages
+  environment.systemPackages = with pkgs; [
+    htop
+    tmux
+    vim
+  ];
+}

lib/common-system.nix

@@ -87,7 +87,7 @@
       };
     })
 
-    # Xen Guest
+    # Xen Guest Configuration
     (lib.mkIf config.enableXenGuest {
       services.xe-guest-utilities.enable = true;