dump-dvb/nix-config
dump-dvb
/
nix-config
mirror of https://github.com/dump-dvb/nix-config.git
3
0
Fork 0
Code Issues Projects Releases Wiki Activity

start to move traffic-stop-boxes to registry

This commit is contained in:
Markus Schmidl 2023-11-25 22:59:51 +01:00
parent 0b67c90d2a
commit 2b3d6cb7d1
17 changed files with 105 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
flake.nix
View File

@ -129,6 +129,7 @@
pkgs = nixpkgs.legacyPackages."x86_64-linux";
lib = pkgs.lib;
registry = import ./registry;
data-hoarder-modules = [
./modules/data-hoarder
@ -168,19 +169,16 @@
];
# function that generates a system with the given number
generate_system = (id: arch: monitoring:
generate_system = (id:
let
myRegistry = registry.traffic-stop-box."${toString id}";
in
{
"traffic-stop-box-${toString id}" = nixpkgs.lib.nixosSystem
"${myRegistry.hostName}" = nixpkgs.lib.nixosSystem
{
system = arch;
specialArgs = inputs;
system = myRegistry.arch;
specialArgs = { inherit self inputs; registry = myRegistry; };
modules =
let
monitoring-mod =
if monitoring
then { deployment-TLMS.monitoring.enable = true; }
else { deployment-TLMS.monitoring.enable = false; };
in
[
# box-specific config
./hosts/traffic-stop-box/${toString id}
@ -190,49 +188,18 @@
./modules/traffic-stop-box
./modules/TLMS
{
deployment-TLMS.systemNumber = id;
deployment-TLMS.monitoring.enable = myRegistry.monitoring;
}
monitoring-mod
] ++ stop-box-modules;
};
}
);
id_list = [
{
# Barkhausen Bau
id = 0;
arch = "x86_64-linux";
monitoring = true;
}
{
# Zentralwerk
id = 1;
arch = "x86_64-linux";
monitoring = true;
}
{
# Wundstr. 9
id = 4;
arch = "x86_64-linux";
monitoring = true;
}
{
# Hannover Bredero Hochhaus City
id = 8;
arch = "aarch64-linux";
monitoring = false;
}
{
# Hannover Bredero Hochhaus Wider Area
id = 9;
arch = "aarch64-linux";
monitoring = false;
}
];
# list of traffic-stop-box-$id that will be built
stop_box_ids = [ 0 1 4 8 9 ];
# attribute set of all traffic stop boxes
stop_boxes = nixpkgs.lib.foldl (x: y: nixpkgs.lib.mergeAttrs x (generate_system y.id y.arch y.monitoring)) { } id_list;
stop_boxes = nixpkgs.lib.foldl (x: id: nixpkgs.lib.mergeAttrs x (generate_system id)) { } stop_box_ids;
packages = {
staging-microvm = self.nixosConfigurations.staging-data-hoarder.config.microvm.declaredRunner;
@ -240,8 +207,6 @@
}
// (import ./pkgs/deployment.nix { inherit self pkgs lib; })
// (lib.foldl (x: y: lib.mergeAttrs x { "${y.config.system.name}-vm" = y.config.system.build.vm; }) { } (lib.attrValues self.nixosConfigurations));
registry = import ./registry;
in
{

2
hosts/traffic-stop-box/0/default.nix
View File

@ -3,7 +3,5 @@
"${self}/hardware/dell-wyse-3040.nix"
];
deployment-TLMS.net.wg.publicKey = "qyStvzZdoqcjJJQckw4ZwvsQUa+8TBWtnsRxURqanno=";
TLMS.telegramDecoder.errorCorrection = false;
}

2
hosts/traffic-stop-box/1/default.nix
View File

@ -3,7 +3,5 @@
"${self}/hardware/dell-wyse-3040.nix"
];
deployment-TLMS.net.wg.publicKey = "dOPobdvfphx0EHmU7dd5ihslFzZi17XgRDQLMIUYa1w=";
TLMS.telegramDecoder.errorCorrection = false;
}

2
hosts/traffic-stop-box/10/default.nix
View File

@ -2,6 +2,4 @@
imports = [
"${self}/hardware/dell-wyse-3040.nix"
];
deployment-TLMS.net.wg.publicKey = "dL9JGsBhaTOmXgGEH/N/GCHbQgVHEjBvIMaRtCsHBHw=";
}

2
hosts/traffic-stop-box/2/default.nix
View File

@ -2,6 +2,4 @@
imports = [
"${self}/hardware/dell-wyse-3040.nix"
];
deployment-TLMS.net.wg.publicKey = "4TUQCToGNhjsCgV9elYE/91Vd/RvMgvMXtF/1Dzlvxo=";
}

2
hosts/traffic-stop-box/3/default.nix
View File

@ -2,6 +2,4 @@
imports = [
"${self}/hardware/rpi-3b-4b.nix"
];
deployment-TLMS.net.wg.publicKey = "w3AT3EahW1sCK8ZsR7sDTcQj1McXYeWx7fnfQFA7i3o=";
}

2
hosts/traffic-stop-box/4/default.nix
View File

@ -23,7 +23,5 @@ let eth = "enp1s0"; in
];
};
deployment-TLMS.net.wg.publicKey = "B0wPH0jUxaatRncHMkgDEQ+DzvlbTBrVJY4etxqQgG8=";
TLMS.telegramDecoder.errorCorrection = false;
}

2
hosts/traffic-stop-box/6/default.nix
View File

@ -10,6 +10,4 @@
"sk-ssh-ed25519@openssh.com aaaagnnrlxnzac1lzdi1nte5qg9wzw5zc2guy29taaaaili3ylty7fwvohtwx8511v+gbtlzzmuv505fi1pj53v6aaaabhnzado="
"sk-ssh-ed25519@openssh.com aaaagnnrlxnzac1lzdi1nte5qg9wzw5zc2guy29taaaaipzbd00cbfpxzuc8eb6sljaafnf1hgs6vci1rzcncyocaaaabhnzado="
];
deployment-TLMS.net.wg.publicKey = "NuLDNmxuHHzDXJSIOPSoihEhLWjARRtavuQvWirNR2I=";
}

2
hosts/traffic-stop-box/7/default.nix
View File

@ -10,6 +10,4 @@
"sk-ssh-ed25519@openssh.com aaaagnnrlxnzac1lzdi1nte5qg9wzw5zc2guy29taaaaili3ylty7fwvohtwx8511v+gbtlzzmuv505fi1pj53v6aaaabhnzado="
"sk-ssh-ed25519@openssh.com aaaagnnrlxnzac1lzdi1nte5qg9wzw5zc2guy29taaaaipzbd00cbfpxzuc8eb6sljaafnf1hgs6vci1rzcncyocaaaabhnzado="
];
deployment-TLMS.net.wg.publicKey = "sMsdY7dSjlYeIFMqjkh4pJ/ftAYXlyRuxDGbdnGLpEQ=";
}

2
hosts/traffic-stop-box/8/default.nix
View File

@ -9,6 +9,4 @@
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJO/8PRzEqW20vnADv5xJrV5AlQ9bS8251AyQACyFMz+ dumbdvb_clarity"
];
deployment-TLMS.net.wg.publicKey = "dL9JGsBhaTOmXgGEH/N/GCHbQgVHEjBvIMaRtCsHBHw=";
}

2
hosts/traffic-stop-box/9/default.nix
View File

@ -9,6 +9,4 @@
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJO/8PRzEqW20vnADv5xJrV5AlQ9bS8251AyQACyFMz+ dumbdvb_clarity"
];
deployment-TLMS.net.wg.publicKey = "j2hGr2rVv7T9kJE15c2IFWjmk0dXuJPev2BXiHZUKk8=";
}

4
modules/traffic-stop-box/configuration.nix
View File

@ -1,9 +1,9 @@
{ pkgs, config, self, ... }:
{ pkgs, config, registry, ... }:
{
boot.tmp.useTmpfs = true;
networking.hostName = "traffic-stop-box-${toString config.deployment-TLMS.systemNumber}"; # Define your hostname.
networking.hostName = registry.hostName;
# reboot 60 seconds after kernel panic
boot.kernel.sysctl."kernel.panic" = 60;

26
modules/traffic-stop-box/radio-config.nix
View File

@ -1,33 +1,13 @@
{ config, lib, self, ... }:
{ config, lib, self, registry, ... }:
let
file = with config.deployment-TLMS; "${self}/hosts/traffic-stop-box/${toString systemNumber}/config_${toString systemNumber}.json";
receiver_configs = [
{ frequency = 170790000; offset = 20000; device = ""; RF = 0; IF = 0; BB = 32; } # dresden - barkhausen
{ frequency = 170790000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; } # dresden - zentralwerk
{ frequency = 153850000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; } # chemnitz
{ frequency = 170795000; offset = 19400; device = ""; RF = 14; IF = 32; BB = 42; } # dresden unused
{ frequency = 170790000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; } # dresden Wundstr. 9
{ frequency = 170790000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; } # dresden test box
{ frequency = 150827500; offset = 19550; device = ""; RF = 14; IF = 32; BB = 42; } # warpzone münster
{ frequency = 150827500; offset = 19550; device = ""; RF = 14; IF = 32; BB = 42; } # drehturm aachen
{ frequency = 150890000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; } # Hannover Bredero Hochhaus City
{ frequency = 152830000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; } # Hannover Bredero Hochaus Umland
{ frequency = 153850000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; } # CLT
];
receiver_config = lib.elemAt receiver_configs config.deployment-TLMS.systemNumber;
in
{
TLMS.gnuradio = {
enable = true;
frequency = receiver_config.frequency;
offset = receiver_config.offset;
device = receiver_config.device;
RF = receiver_config.RF;
IF = receiver_config.IF;
BB = receiver_config.BB;
};
} // registry.gnuradio;
TLMS.telegramDecoder = {
enable = true;
server = [ "http://10.13.37.1:8080" "http://10.13.37.5:8080" "http://10.13.37.7:8080" ];

4
modules/traffic-stop-box/secrets.nix
View File

@ -1,6 +1,6 @@
{ config, self, ... }:
{ config, self, registry, ... }:
{
sops.defaultSopsFile = self + /secrets/traffic-stop-box-${toString config.deployment-TLMS.systemNumber}/secrets.yaml;
sops.defaultSopsFile = self + /secrets/${registry.hostName}/secrets.yaml;
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
sops.secrets.telegram-decoder-token.owner = config.users.users.telegram-decoder.name;

7
modules/traffic-stop-box/wireguard-client.nix
View File

@ -1,5 +1,5 @@
{ config, lib, ... }:
# pubkey of the box goes to hosts/traffic-stop-box/${id}.nix!
{ config, lib, registry, ... }:
# pubkey of the box goes to registry/traffic-stop-box/default.nix!
{
networking.useNetworkd = lib.mkForce true;
@ -8,7 +8,8 @@
};
deployment-TLMS.net.wg = {
addr4 = lib.mkDefault "10.13.37.${toString (config.deployment-TLMS.systemNumber + 100)}";
addr4 = registry.wgAddr4;
publicKey = registry.wireguardPublicKey;
prefix4 = 24;
privateKeyFile = lib.mkDefault config.sops.secrets.wg-seckey.path;
};

5
registry/default.nix
View File

@ -1 +1,4 @@
{ data-hoarder = import ./data-hoarder; }
{
data-hoarder = import ./data-hoarder;
traffic-stop-box = import ./traffic-stop-box;
}

78
registry/traffic-stop-box/default.nix Normal file
View File

@ -0,0 +1,78 @@
{
# Barkhausen Bau
"0" = {
wireguardPublicKey = "qyStvzZdoqcjJJQckw4ZwvsQUa+8TBWtnsRxURqanno=";
hostName = "traffic-stop-box-0";
gnuradio = { frequency = 170790000; offset = 20000; device = ""; RF = 0; IF = 0; BB = 32; }; # dresden - barkhausen
wgAddr4 = "10.13.37.100";
arch = "x86_64-linux";
monitoring = true;
};
# Zentralwerk
"1" = {
wireguardPublicKey = "dOPobdvfphx0EHmU7dd5ihslFzZi17XgRDQLMIUYa1w=";
hostName = "traffic-stop-box-1";
gnuradio = { frequency = 170790000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; }; # dresden - zentralwerk
wgAddr4 = "10.13.37.101";
arch = "x86_64-linux";
monitoring = true;
};
"2" = {
wireguardPublicKey = "4TUQCToGNhjsCgV9elYE/91Vd/RvMgvMXtF/1Dzlvxo=";
hostName = "traffic-stop-box-2";
gnuradio = { frequency = 153850000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; }; # chemnitz
wgAddr4 = "10.13.37.102";
};
"3" = {
wireguardPublicKey = "w3AT3EahW1sCK8ZsR7sDTcQj1McXYeWx7fnfQFA7i3o=";
hostName = "traffic-stop-box-3";
gnuradio = { frequency = 170795000; offset = 19400; device = ""; RF = 14; IF = 32; BB = 42; }; # dresden unused
wgAddr4 = "10.13.37.103";
};
# Wundstr. 9
"4" = {
wireguardPublicKey = "B0wPH0jUxaatRncHMkgDEQ+DzvlbTBrVJY4etxqQgG8=";
hostName = "traffic-stop-box-4";
gnuradio = { frequency = 170790000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; }; # dresden Wundstr. 9
wgAddr4 = "10.13.37.104";
arch = "x86_64-linux";
monitoring = true;
};
# number 5 is missing
"6" = {
wireguardPublicKey = "NuLDNmxuHHzDXJSIOPSoihEhLWjARRtavuQvWirNR2I=";
hostName = "traffic-stop-box-6";
gnuradio = { frequency = 150827500; offset = 19550; device = ""; RF = 14; IF = 32; BB = 42; }; # warpzone münster
wgAddr4 = "10.13.37.106";
};
"7" = {
wireguardPublicKey = "sMsdY7dSjlYeIFMqjkh4pJ/ftAYXlyRuxDGbdnGLpEQ=";
hostName = "traffic-stop-box-7";
gnuradio = { frequency = 150827500; offset = 19550; device = ""; RF = 14; IF = 32; BB = 42; }; # drehturm aachen
wgAddr4 = "10.13.37.107";
};
# Hannover Bredero Hochhaus City
"8" = {
wireguardPublicKey = "dL9JGsBhaTOmXgGEH/N/GCHbQgVHEjBvIMaRtCsHBHw=";
hostName = "traffic-stop-box-8";
gnuradio = { frequency = 150890000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; }; # Hannover Bredero Hochhaus City
wgAddr4 = "10.13.37.108";
arch = "aarch64-linux";
monitoring = false;
};
# Hannover Bredero Hochhaus Wider Area
"9" = {
wireguardPublicKey = "j2hGr2rVv7T9kJE15c2IFWjmk0dXuJPev2BXiHZUKk8=";
hostName = "traffic-stop-box-9";
gnuradio = { frequency = 152830000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; }; # Hannover Bredero Hochaus Umland
wgAddr4 = "10.13.37.109";
arch = "aarch64-linux";
monitoring = false;
};
"10" = {
wireguardPublicKey = "dL9JGsBhaTOmXgGEH/N/GCHbQgVHEjBvIMaRtCsHBHw=";
hostName = "traffic-stop-box-10";
gnuradio = { frequency = 153850000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; }; # CLT
wgAddr4 = "10.13.37.110";
};
}