refactor gnuradio and telegram-decoder options (#9)
Create user-stop-box for dell wyse, first steps to rpi4 image. Refactor parameters passed to gnuradio and telegram-decoder into proper options, make configs stateful (so users can edit them). Rearrage files a bit.
This commit is contained in:
parent
f9500b8b5c
commit
280dc15420
53
flake.nix
53
flake.nix
|
@ -70,7 +70,6 @@
|
|||
|
||||
data-hoarder-modules = [
|
||||
./modules/base.nix
|
||||
./modules/options.nix
|
||||
./modules/data-hoarder/data-accumulator.nix
|
||||
./modules/data-hoarder/nginx.nix
|
||||
./modules/data-hoarder/public_api.nix
|
||||
|
@ -81,6 +80,7 @@
|
|||
./modules/data-hoarder/documentation.nix
|
||||
./modules/data-hoarder/clicky-bunty.nix
|
||||
./modules/data-hoarder/secrets.nix
|
||||
./modules/dump-dvb
|
||||
sops-nix.nixosModules.sops
|
||||
{
|
||||
nixpkgs.overlays = [
|
||||
|
@ -90,8 +90,8 @@
|
|||
docs.overlay."x86_64-linux"
|
||||
clicky-bunty-server.overlay."x86_64-linux"
|
||||
];
|
||||
dvb-dump.stopsJson = "${stops}/stops.json";
|
||||
dvb-dump.graphJson = "${stops}/graph.json";
|
||||
dump-dvb.stopsJson = "${stops}/stops.json";
|
||||
dump-dvb.graphJson = "${stops}/graph.json";
|
||||
}
|
||||
];
|
||||
|
||||
|
@ -125,14 +125,14 @@
|
|||
./hosts/traffic-stop-boxes/hardware-configuration.nix
|
||||
./hardware/configuration-dell-wyse-3040.nix
|
||||
./modules/base.nix
|
||||
./modules/options.nix
|
||||
./modules/traffic-stop-boxes/gnuradio.nix
|
||||
./modules/traffic-stop-boxes/radio_wireguard_client.nix
|
||||
./modules/traffic-stop-boxes/secrets.nix
|
||||
./modules/traffic-stop-boxes/radio-config.nix
|
||||
./modules/dump-dvb
|
||||
{
|
||||
nixpkgs.overlays = [ radio-conf.overlay."x86_64-linux" decode-server.overlay."x86_64-linux" ];
|
||||
dvb-dump.systemNumber = number;
|
||||
dvb-dump.stopsJson = "${stops}/stops.json";
|
||||
dump-dvb.systemNumber = number;
|
||||
dump-dvb.stopsJson = "${stops}/stops.json";
|
||||
}
|
||||
];
|
||||
};
|
||||
|
@ -151,7 +151,7 @@
|
|||
data-hoarder = self.nixosConfigurations.data-hoarder.config.system.build.vm;
|
||||
mobile-box-vm = self.nixosConfigurations.mobile-box.config.system.build.vm;
|
||||
mobile-box-disk = self.nixosConfigurations.mobile-box.config.system.build.diskImage;
|
||||
tsb-dell-user-image = self.nixosConfigurations.tsb-dell-user.config.system.build.diskImage;
|
||||
user-stop-box-wyse-3040-image = self.nixosConfigurations.user-stop-box-wyse-3040.config.system.build.diskImage;
|
||||
staging-microvm = self.nixosConfigurations.staging-data-hoarder.config.microvm.declaredRunner;
|
||||
} // (import ./pkgs/deployment.nix { inherit self pkgs; systems = stop_boxes; });
|
||||
in
|
||||
|
@ -169,8 +169,9 @@
|
|||
./hosts/mobile-box/hardware-configuration.nix
|
||||
./hardware/configuration-dell-wyse-3040.nix
|
||||
./modules/base.nix
|
||||
./modules/options.nix
|
||||
./modules/traffic-stop-boxes/mobile-box.nix
|
||||
./modules/dump-dvb
|
||||
./user-config.nix
|
||||
sops-nix.nixosModules.sops
|
||||
{
|
||||
nixpkgs.overlays = [
|
||||
|
@ -179,8 +180,8 @@
|
|||
data-accumulator.overlay."x86_64-linux"
|
||||
wartrammer.overlay."x86_64-linux"
|
||||
];
|
||||
dvb-dump.stopsJson = "${stops}/stops.json";
|
||||
dvb-dump.systemNumber = 130;
|
||||
dump-dvb.stopsJson = "${stops}/stops.json";
|
||||
dump-dvb.systemNumber = 130;
|
||||
}
|
||||
];
|
||||
};
|
||||
|
@ -201,25 +202,39 @@
|
|||
microvm.nixosModules.microvm
|
||||
] ++ data-hoarder-modules;
|
||||
};
|
||||
tsb-dell-user = nixpkgs.lib.nixosSystem {
|
||||
user-stop-box-wyse-3040 = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
specialArgs = { inherit inputs; };
|
||||
modules = [
|
||||
diskModule
|
||||
./hosts/traffic-stop-boxes/configuration.nix
|
||||
./hosts/traffic-stop-boxes/hardware-configuration.nix
|
||||
./hosts/user-stop-box/configuration.nix
|
||||
./hosts/user-stop-box/hardware-configuration.nix
|
||||
./hardware/configuration-dell-wyse-3040.nix
|
||||
./modules/base.nix
|
||||
./modules/options.nix
|
||||
./modules/traffic-stop-boxes/gnuradio.nix
|
||||
./modules/traffic-stop-boxes/user.nix
|
||||
./modules/dump-dvb
|
||||
./modules/user-stop-box/user.nix
|
||||
./user-config.nix
|
||||
{
|
||||
nixpkgs.overlays = [ radio-conf.overlay."x86_64-linux" decode-server.overlay."x86_64-linux" ];
|
||||
dvb-dump.stopsJson = "${stops}/stops.json";
|
||||
dump-dvb.stopsJson = "${stops}/stops.json";
|
||||
}
|
||||
];
|
||||
};
|
||||
user-stop-box-rpi4 = nixpkgs.lib.nixosSystem {
|
||||
system = "aarch64-linux";
|
||||
specialArgs = { inherit inputs; };
|
||||
modules = [
|
||||
diskModule
|
||||
./hosts/user-stop-box/configuration.nix
|
||||
./hosts/user-stop-box/hardware-configuration.nix
|
||||
./user-config.nix
|
||||
./modules/dump-dvb
|
||||
{
|
||||
nixpkgs.overlays = [ radio-conf.overlay."aarch64-linux" decode-server.overlay."aarch64-linux" ];
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
hydraJobs = {
|
||||
data-hoarder."x86_64-linux" = self.nixosConfigurations.data-hoarder.config.system.build.toplevel;
|
||||
|
@ -228,7 +243,7 @@
|
|||
traffic-stop-box-0-disk."x86_64-linux" = self.nixosConfigurations.traffic-stop-box-0.config.system.build.diskImage;
|
||||
mobile-box."x86_64-linux" = self.nixosConfigurations.mobile-box.config.system.build.toplevel;
|
||||
mobile-box-disk."x86_64-linux" = self.nixosConfigurations.mobile-box.config.system.build.diskImage;
|
||||
tsb-dell-user-image."x86_64-linux" = self.nixosConfigurations.tsb-dell-user.config.system.build.diskImage;
|
||||
user-stop-box-wyse-3040-image."x86_64-linux" = self.nixosConfigurations.user-stop-box-wyse-3040.config.system.build.diskImage;
|
||||
sops-binaries."x86_64-linux" = sops-nix.packages."x86_64-linux".sops-install-secrets;
|
||||
};
|
||||
};
|
||||
|
|
|
@ -18,6 +18,7 @@
|
|||
{
|
||||
device = "/dev/disk/by-label/nixos";
|
||||
fsType = "ext4";
|
||||
autoResize = true;
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
|
|
|
@ -67,7 +67,7 @@
|
|||
# Or disable the firewall altogether.
|
||||
networking.firewall.enable = true;
|
||||
|
||||
dvb-dump.domain = "staging.dvb.solutions";
|
||||
dump-dvb.domain = "staging.dvb.solutions";
|
||||
networking.wg-quick.interfaces.wg-dvb = {
|
||||
address = [ "10.13.37.5/32" ];
|
||||
privateKeyFile = config.sops.secrets.wg-seckey.path;
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
hardware.hackrf.enable = true;
|
||||
hardware.rtl-sdr.enable = true;
|
||||
|
||||
networking.hostName = "traffic-stop-box-${toString config.dvb-dump.systemNumber}"; # Define your hostname.
|
||||
networking.hostName = "traffic-stop-box-${toString config.dump-dvb.systemNumber}"; # Define your hostname.
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
|
|
@ -0,0 +1,40 @@
|
|||
{ config, pkgs, inputs, ... }:
|
||||
|
||||
{
|
||||
boot.tmpOnTmpfs = true;
|
||||
|
||||
hardware.hackrf.enable = true;
|
||||
hardware.rtl-sdr.enable = true;
|
||||
|
||||
networking.hostName = "user-station-box"; # Define your hostname.
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
||||
documentation.enable = false;
|
||||
|
||||
nix = {
|
||||
buildCores = 1;
|
||||
gc = {
|
||||
automatic = true;
|
||||
dates = "daily";
|
||||
};
|
||||
};
|
||||
|
||||
services.journald.extraConfig = ''
|
||||
SystemMaxUse=5M
|
||||
'';
|
||||
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
boot.loader.systemd-boot.configurationLimit = 1;
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "21.11"; # Did you read the comment?
|
||||
|
||||
}
|
|
@ -0,0 +1,33 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" "sdhci_acpi" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{
|
||||
device = "/dev/disk/by-label/nixos";
|
||||
fsType = "ext4";
|
||||
autoResize = true;
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{
|
||||
device = "/dev/disk/by-label/ESP";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
|
@ -69,7 +69,7 @@ in
|
|||
enable = true;
|
||||
recommendedProxySettings = true;
|
||||
virtualHosts = {
|
||||
"management-backend.${config.dvb-dump.domain}" = {
|
||||
"management-backend.${config.dump-dvb.domain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations = {
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
enable = true;
|
||||
recommendedProxySettings = true;
|
||||
virtualHosts = {
|
||||
"docs.${config.dvb-dump.domain}" = {
|
||||
"docs.${config.dump-dvb.domain}" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations = {
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
enable = true;
|
||||
recommendedProxySettings = true;
|
||||
virtualHosts = {
|
||||
"files.${config.dvb-dump.domain}" = {
|
||||
"files.${config.dump-dvb.domain}" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
root = "/var/lib/data-accumulator/";
|
||||
|
|
|
@ -54,7 +54,7 @@
|
|||
params = { module = [ "http_2xx" ]; };
|
||||
static_configs = [{
|
||||
targets = [
|
||||
"api.${config.dvb-dump.domain}"
|
||||
"api.${config.dump-dvb.domain}"
|
||||
];
|
||||
}];
|
||||
relabel_configs = [
|
||||
|
@ -82,7 +82,7 @@
|
|||
# visualizer
|
||||
grafana = {
|
||||
enable = true;
|
||||
domain = "monitoring.${config.dvb-dump.domain}";
|
||||
domain = "monitoring.${config.dump-dvb.domain}";
|
||||
port = 2342;
|
||||
addr = "127.0.0.1";
|
||||
|
||||
|
|
|
@ -4,12 +4,12 @@
|
|||
enable = true;
|
||||
recommendedProxySettings = true;
|
||||
virtualHosts = {
|
||||
"map.${config.dvb-dump.domain}" = {
|
||||
"map.${config.dump-dvb.domain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations = {
|
||||
"/" = {
|
||||
root = if (config.dvb-dump.domain == "dvb.solutions") then "${pkgs.windshield}/bin/" else "${pkgs.windshield-staging}/bin/";
|
||||
root = if (config.dump-dvb.domain == "dvb.solutions") then "${pkgs.windshield}/bin/" else "${pkgs.windshield-staging}/bin/";
|
||||
index = "index.html";
|
||||
};
|
||||
};
|
||||
|
|
|
@ -10,8 +10,8 @@
|
|||
environment = {
|
||||
"GRPC_HOST" = "127.0.0.1:50051";
|
||||
"DEFAULT_WEBSOCKET_HOST" = "127.0.0.1:9001";
|
||||
"GRAPH_FILE" = "${config.dvb-dump.graphJson}";
|
||||
"STOPS_FILE" = "${config.dvb-dump.stopsJson}";
|
||||
"GRAPH_FILE" = "${config.dump-dvb.graphJson}";
|
||||
"STOPS_FILE" = "${config.dump-dvb.stopsJson}";
|
||||
};
|
||||
|
||||
serviceConfig = {
|
||||
|
@ -28,7 +28,7 @@
|
|||
enable = true;
|
||||
recommendedProxySettings = true;
|
||||
virtualHosts = {
|
||||
"socket.${config.dvb-dump.domain}" = {
|
||||
"socket.${config.dump-dvb.domain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations = {
|
||||
|
@ -38,7 +38,7 @@
|
|||
};
|
||||
};
|
||||
};
|
||||
"api.${config.dvb-dump.domain}" = {
|
||||
"api.${config.dump-dvb.domain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations = {
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts = {
|
||||
"${config.dvb-dump.domain}" = {
|
||||
"${config.dump-dvb.domain}" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
{
|
||||
imports = [
|
||||
./gnuradio.nix
|
||||
./telegram-decoder.nix
|
||||
./general-options.nix
|
||||
];
|
||||
}
|
|
@ -1,22 +1,22 @@
|
|||
{ config, lib, ... }:
|
||||
with lib; {
|
||||
options.dvb-dump.systemNumber = mkOption {
|
||||
options.dump-dvb.systemNumber = mkOption {
|
||||
type = types.int;
|
||||
default = 0;
|
||||
description = "number of the system";
|
||||
};
|
||||
options.dvb-dump.stopsJson = mkOption {
|
||||
options.dump-dvb.stopsJson = mkOption {
|
||||
type = types.path;
|
||||
default = ../configs/stops.json;
|
||||
description = "stops conig json";
|
||||
};
|
||||
options.dvb-dump.graphJson = mkOption {
|
||||
options.dump-dvb.graphJson = mkOption {
|
||||
type = types.path;
|
||||
default = ../configs/graph.json;
|
||||
description = "graph json containing the network graphs";
|
||||
};
|
||||
|
||||
options.dvb-dump.domain = mkOption {
|
||||
options.dump-dvb.domain = mkOption {
|
||||
type = types.str;
|
||||
default = "dvb.solutions";
|
||||
description = "domain the server is running on";
|
|
@ -0,0 +1,66 @@
|
|||
{ pkgs, config, lib, ... }:
|
||||
let
|
||||
receiver = pkgs.gnuradio-decoder;
|
||||
cfg = config.services.dump-dvb.gnuradio;
|
||||
in
|
||||
{
|
||||
options.services.dump-dvb.gnuradio = {
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''Wether to enable dump-dvb gnuradio reciever'';
|
||||
};
|
||||
device = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "";
|
||||
example = "hackrf=0";
|
||||
description = ''Device string to pass to gnuradio'';
|
||||
};
|
||||
frequency = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = 170795000;
|
||||
description = ''Frequency to tune radio to'';
|
||||
};
|
||||
offset = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = 19550;
|
||||
description = ''Offset of the signal from center frequency'';
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf config.services.dump-dvb.gnuradio.enable {
|
||||
|
||||
systemd.services."gnuradio" = {
|
||||
enable = true;
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
script = "exec ${receiver}/bin/gnuradio-decoder-cpp ${toString cfg.frequency} ${toString cfg.offset} ${cfg.device} &";
|
||||
|
||||
serviceConfig = {
|
||||
Type = "forking";
|
||||
User = "gnuradio";
|
||||
Restart = "on-failure";
|
||||
StartLimitBurst = "2";
|
||||
StartLimitIntervalSec = "150s";
|
||||
};
|
||||
};
|
||||
|
||||
users.groups.gnuradio = {};
|
||||
users.users.gnuradio = {
|
||||
name = "gnuradio";
|
||||
description = "gnu radio service user";
|
||||
isSystemUser = true;
|
||||
group = "gnuradio";
|
||||
extraGroups = [ "plugdev" ];
|
||||
};
|
||||
|
||||
security.wrappers.gnuradio-decode = {
|
||||
owner = "gnuradio";
|
||||
group = "users";
|
||||
capabilities = "cap_sys_nice+eip";
|
||||
source = "${receiver}/bin/gnuradio-decoder-cpp";
|
||||
};
|
||||
|
||||
};
|
||||
}
|
||||
|
|
@ -0,0 +1,63 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
cfg = config.services.dump-dvb.telegram-decoder;
|
||||
in
|
||||
{
|
||||
options.services.dump-dvb.telegram-decoder = {
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''Wether to enable dump-dvb telegram-decoder'';
|
||||
};
|
||||
server = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [ "https://dump.dvb.solutions/" ];
|
||||
description = ''URL of the dump-dvb websocket'';
|
||||
};
|
||||
configFile = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "/etc/telegram-decoder/settings.json";
|
||||
description = ''Path to telegram-decoder config'';
|
||||
};
|
||||
authTokenFile = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "/etc/telegram-decoder/token";
|
||||
description = ''Path to telegram-decoder auth token'';
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
config = lib.mkIf config.services.dump-dvb.telegram-decoder.enable {
|
||||
|
||||
environment.systemPackages = [ pkgs.telegram-decoder ];
|
||||
|
||||
users.groups.telegram-decoder = {};
|
||||
|
||||
users.users.telegram-decoder = {
|
||||
name = "telegram-decoder";
|
||||
description = "gnu radio service user";
|
||||
group = "telegram-decoder";
|
||||
isSystemUser = true;
|
||||
};
|
||||
|
||||
systemd.services."telegram-decoder" = {
|
||||
enable = true;
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
script = "exec ${pkgs.telegram-decoder}/bin/telegram-decode --config ${cfg.configFile} --server ${builtins.concatStringsSep " " cfg.server} &";
|
||||
|
||||
environment = {
|
||||
AUTHENTICATION_TOKEN_PATH=cfg.authTokenFile;
|
||||
};
|
||||
|
||||
serviceConfig = {
|
||||
Type = "forking";
|
||||
User = "telegram-decoder";
|
||||
Restart = "on-failure";
|
||||
StartLimitBurst = "2";
|
||||
StartLimitIntervalSec = "150s";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
|
@ -1,78 +0,0 @@
|
|||
/*
|
||||
This file contains the configuration for the gnuradio sdr decoding pipeline
|
||||
*/
|
||||
|
||||
{ pkgs, config, lib, ... }:
|
||||
let
|
||||
file = ../../configs + "/config_${toString config.dvb-dump.systemNumber}.json";
|
||||
|
||||
receiver_configs = [
|
||||
{ frequency = "170795000"; offset = "19550"; device = "hackrf=0"; } # dresden - barkhausen
|
||||
{ frequency = "170795000"; offset = "19500"; device = "hackrf=0"; } # dresden - zentralwerk
|
||||
{ frequency = "153850000"; offset = "20000"; device = ""; } # chemnitz
|
||||
{ frequency = "170795000"; offset = "19550"; device = "hackrf=0"; } # dresden unused
|
||||
{ frequency = "170795000"; offset = "19550"; device = "hackrf=0"; } # dresden unused
|
||||
];
|
||||
|
||||
receiver = pkgs.gnuradio-decoder;
|
||||
receiver_config = lib.elemAt receiver_configs config.dvb-dump.systemNumber;
|
||||
in
|
||||
{
|
||||
systemd = {
|
||||
services = {
|
||||
"gnuradio" = {
|
||||
enable = true;
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
script = "exec ${receiver}/bin/gnuradio-decoder-cpp ${receiver_config.frequency} ${receiver_config.offset} ${receiver_config.device} &";
|
||||
|
||||
serviceConfig = {
|
||||
Type = "forking";
|
||||
User = "gnuradio";
|
||||
Restart = "on-failure";
|
||||
StartLimitBurst = "2";
|
||||
StartLimitIntervalSec = "150s";
|
||||
};
|
||||
};
|
||||
|
||||
"telegram-decoder" = {
|
||||
enable = true;
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
script = "exec ${pkgs.telegram-decoder}/bin/telegram-decode --config ${file} --server http://10.13.37.1:8080 http://10.13.37.5:8080 &";
|
||||
|
||||
serviceConfig = {
|
||||
Type = "forking";
|
||||
User = "telegram-decoder";
|
||||
Restart = "on-failure";
|
||||
StartLimitBurst = "2";
|
||||
StartLimitIntervalSec = "150s";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# user accounts for systemd units
|
||||
users.users = {
|
||||
gnuradio = {
|
||||
name = "gnuradio";
|
||||
description = "gnu radio service user";
|
||||
isNormalUser = true;
|
||||
extraGroups = [ "plugdev" ];
|
||||
};
|
||||
telegram-decoder = {
|
||||
name = "telegram-decoder";
|
||||
description = "gnu radio service user";
|
||||
isNormalUser = true;
|
||||
};
|
||||
};
|
||||
|
||||
security.wrappers = {
|
||||
gnuradio-decode = {
|
||||
owner = "gnuradio";
|
||||
group = "users";
|
||||
capabilities = "cap_sys_nice+eip";
|
||||
source = "${receiver}/bin/gnuradio-decoder-cpp";
|
||||
};
|
||||
};
|
||||
}
|
|
@ -110,17 +110,6 @@ in
|
|||
|
||||
# user accounts for systemd units
|
||||
users.users = {
|
||||
gnuradio = {
|
||||
name = "gnuradio";
|
||||
description = "gnu radio service user";
|
||||
isNormalUser = true;
|
||||
extraGroups = [ "plugdev" ];
|
||||
};
|
||||
telegram-decoder = {
|
||||
name = "telegram-decoder";
|
||||
description = "gnu radio service user";
|
||||
isNormalUser = true;
|
||||
};
|
||||
data-accumulator = {
|
||||
name = "data-accumulator";
|
||||
description = "";
|
||||
|
|
|
@ -0,0 +1,28 @@
|
|||
{ config, lib, ... }:
|
||||
let
|
||||
|
||||
file = "/etc/nixos/configs" + "/config_${toString config.dump-dvb.systemNumber}.json"; # make sure that the box has our nix-config checkout, lol
|
||||
receiver_configs = [
|
||||
{ frequency = 170795000; offset = 19550; device = "hackrf=0"; } # dresden - barkhausen
|
||||
{ frequency = 170795000; offset = 19500; device = "hackrf=0"; } # dresden - zentralwerk
|
||||
{ frequency = 153850000; offset = 20000; device = ""; } # chemnitz
|
||||
{ frequency = 170795000; offset = 19550; device = "hackrf=0"; } # dresden unused
|
||||
{ frequency = 170795000; offset = 19550; device = "hackrf=0"; } # dresden unused
|
||||
];
|
||||
|
||||
receiver_config = lib.elemAt receiver_configs config.dump-dvb.systemNumber;
|
||||
in
|
||||
{
|
||||
services.dump-dvb.gnuradio = {
|
||||
enable = true;
|
||||
frequency = receiver_config.frequency;
|
||||
offset = receiver_config.offset;
|
||||
device = receiver_config.device;
|
||||
};
|
||||
services.dump-dvb.telegram-decoder = {
|
||||
enable = true;
|
||||
server = [ "http://10.13.37.1" "http://10.13.37.5" ];
|
||||
configFile = file;
|
||||
};
|
||||
}
|
||||
|
|
@ -4,7 +4,7 @@
|
|||
networking.firewall.allowedUDPPorts = [ 51820 ];
|
||||
|
||||
networking.wg-quick.interfaces.wg-dvb = {
|
||||
address = [ "10.13.37.${toString (config.dvb-dump.systemNumber + 100)}/32" ];
|
||||
address = [ "10.13.37.${toString (config.dump-dvb.systemNumber + 100)}/32" ];
|
||||
privateKeyFile = config.sops.secrets.wg-seckey.path;
|
||||
postUp = ''
|
||||
${pkgs.iputils}/bin/ping -c 10 10.13.37.1 || true
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
sops.defaultSopsFile = ../../secrets/traffic-stop-box-${toString config.dvb-dump.systemNumber}/secrets.yaml;
|
||||
sops.defaultSopsFile = ../../secrets/traffic-stop-box-${toString config.dump-dvb.systemNumber}/secrets.yaml;
|
||||
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
||||
|
||||
sops.secrets.wg-seckey = { };
|
||||
|
|
|
@ -3,9 +3,9 @@
|
|||
users.mutableUsers = true;
|
||||
|
||||
users.users.tramwarrior = {
|
||||
extraGroups = [ "wheel" ];
|
||||
extraGroups = [ "wheel" "plugdev" ];
|
||||
group = "users";
|
||||
home = "/home/grue";
|
||||
home = "/home/tramwarrior";
|
||||
isNormalUser = true;
|
||||
createHome = true;
|
||||
initialPassword = "changeme";
|
|
@ -2,7 +2,7 @@
|
|||
let
|
||||
|
||||
installScript = (system:
|
||||
let ip = "10.13.37.${toString (system.config.dvb-dump.systemNumber + 100)}";
|
||||
let ip = "10.13.37.${toString (system.config.dump-dvb.systemNumber + 100)}";
|
||||
in (pkgs.writeScriptBin "deploy" ''
|
||||
#!${pkgs.runtimeShell}
|
||||
ssh root@${ip} "ps cax | grep \"nixos-rebuild\" > /dev/null"
|
||||
|
|
|
@ -0,0 +1,12 @@
|
|||
{
|
||||
services.dump-dvb.gnuradio = {
|
||||
enable = true;
|
||||
# frequency = 105200000;
|
||||
# offset = 1100;
|
||||
# device = "";
|
||||
};
|
||||
services.dump-dvb.telegram-decoder = {
|
||||
enable = true;
|
||||
};
|
||||
}
|
||||
|
Loading…
Reference in New Issue