start to move traffic-stop-boxes to registry

2023-11-25 22:59:51 +01:00 · 2023-11-25 22:59:51 +01:00 · 2b3d6cb7d1
parent 0b67c90d2a
commit 2b3d6cb7d1
17 changed files with 105 additions and 98 deletions
--- a/flake.nix
+++ b/flake.nix
@ -129,6 +129,7 @@
      pkgs = nixpkgs.legacyPackages."x86_64-linux";
      lib = pkgs.lib;
      registry = import ./registry;
      data-hoarder-modules = [
        ./modules/data-hoarder
@ -168,19 +169,16 @@
      ];
      # function that generates a system with the given number
-      generate_system = (id: arch: monitoring:
+      generate_system = (id:
      let
        myRegistry = registry.traffic-stop-box."${toString id}";
      in
        {
-          "traffic-stop-box-${toString id}" = nixpkgs.lib.nixosSystem
+          "${myRegistry.hostName}" = nixpkgs.lib.nixosSystem
            {
-              system = arch;
+              system = myRegistry.arch;
-              specialArgs = inputs;
+              specialArgs = { inherit self inputs; registry = myRegistry; };
              modules =
                let
                  monitoring-mod =
                    if monitoring
                    then { deployment-TLMS.monitoring.enable = true; }
                    else { deployment-TLMS.monitoring.enable = false; };
                in
                [
                  # box-specific config
                  ./hosts/traffic-stop-box/${toString id}
@ -190,49 +188,18 @@
                  ./modules/traffic-stop-box
                  ./modules/TLMS
                  {
-                    deployment-TLMS.systemNumber = id;
+                    deployment-TLMS.monitoring.enable = myRegistry.monitoring;
                  }
                  monitoring-mod
                ] ++ stop-box-modules;
            };
        }
      );
-      id_list = [
+      # list of traffic-stop-box-$id that will be built
-        {
+      stop_box_ids = [ 0 1 4 8 9 ];
          # Barkhausen Bau
          id = 0;
          arch = "x86_64-linux";
          monitoring = true;
        }
        {
          # Zentralwerk
          id = 1;
          arch = "x86_64-linux";
          monitoring = true;
        }
        {
          # Wundstr. 9
          id = 4;
          arch = "x86_64-linux";
          monitoring = true;
        }
        {
          # Hannover Bredero Hochhaus City
          id = 8;
          arch = "aarch64-linux";
          monitoring = false;
        }
        {
          # Hannover Bredero Hochhaus Wider Area
          id = 9;
          arch = "aarch64-linux";
          monitoring = false;
        }
      ];
      # attribute set of all traffic stop boxes
-      stop_boxes = nixpkgs.lib.foldl (x: y: nixpkgs.lib.mergeAttrs x (generate_system y.id y.arch y.monitoring)) { } id_list;
+      stop_boxes = nixpkgs.lib.foldl (x: id: nixpkgs.lib.mergeAttrs x (generate_system id)) { } stop_box_ids;
      packages = {
        staging-microvm = self.nixosConfigurations.staging-data-hoarder.config.microvm.declaredRunner;
@ -240,8 +207,6 @@
      }
      // (import ./pkgs/deployment.nix { inherit self pkgs lib; })
      // (lib.foldl (x: y: lib.mergeAttrs x { "${y.config.system.name}-vm" = y.config.system.build.vm; }) { } (lib.attrValues self.nixosConfigurations));
      registry = import ./registry;
    in
    {
--- a/hosts/traffic-stop-box/0/default.nix
+++ b/hosts/traffic-stop-box/0/default.nix
@ -3,7 +3,5 @@
    "${self}/hardware/dell-wyse-3040.nix"
  ];
  deployment-TLMS.net.wg.publicKey = "qyStvzZdoqcjJJQckw4ZwvsQUa+8TBWtnsRxURqanno=";
  TLMS.telegramDecoder.errorCorrection = false;
 }
--- a/hosts/traffic-stop-box/1/default.nix
+++ b/hosts/traffic-stop-box/1/default.nix
@ -3,7 +3,5 @@
    "${self}/hardware/dell-wyse-3040.nix"
  ];
  deployment-TLMS.net.wg.publicKey = "dOPobdvfphx0EHmU7dd5ihslFzZi17XgRDQLMIUYa1w=";
  TLMS.telegramDecoder.errorCorrection = false;
 }
--- a/hosts/traffic-stop-box/10/default.nix
+++ b/hosts/traffic-stop-box/10/default.nix
@ -2,6 +2,4 @@
  imports = [
    "${self}/hardware/dell-wyse-3040.nix"
  ];
  deployment-TLMS.net.wg.publicKey = "dL9JGsBhaTOmXgGEH/N/GCHbQgVHEjBvIMaRtCsHBHw=";
 }
--- a/hosts/traffic-stop-box/2/default.nix
+++ b/hosts/traffic-stop-box/2/default.nix
@ -2,6 +2,4 @@
  imports = [
    "${self}/hardware/dell-wyse-3040.nix"
  ];
  deployment-TLMS.net.wg.publicKey = "4TUQCToGNhjsCgV9elYE/91Vd/RvMgvMXtF/1Dzlvxo=";
 }
--- a/hosts/traffic-stop-box/3/default.nix
+++ b/hosts/traffic-stop-box/3/default.nix
@ -2,6 +2,4 @@
  imports = [
    "${self}/hardware/rpi-3b-4b.nix"
  ];
  deployment-TLMS.net.wg.publicKey = "w3AT3EahW1sCK8ZsR7sDTcQj1McXYeWx7fnfQFA7i3o=";
 }
--- a/hosts/traffic-stop-box/4/default.nix
+++ b/hosts/traffic-stop-box/4/default.nix
@ -23,7 +23,5 @@ let eth = "enp1s0"; in
    ];
  };
  deployment-TLMS.net.wg.publicKey = "B0wPH0jUxaatRncHMkgDEQ+DzvlbTBrVJY4etxqQgG8=";
  TLMS.telegramDecoder.errorCorrection = false;
 }
--- a/hosts/traffic-stop-box/6/default.nix
+++ b/hosts/traffic-stop-box/6/default.nix
@ -10,6 +10,4 @@
    "sk-ssh-ed25519@openssh.com aaaagnnrlxnzac1lzdi1nte5qg9wzw5zc2guy29taaaaili3ylty7fwvohtwx8511v+gbtlzzmuv505fi1pj53v6aaaabhnzado="
    "sk-ssh-ed25519@openssh.com aaaagnnrlxnzac1lzdi1nte5qg9wzw5zc2guy29taaaaipzbd00cbfpxzuc8eb6sljaafnf1hgs6vci1rzcncyocaaaabhnzado="
  ];
  deployment-TLMS.net.wg.publicKey = "NuLDNmxuHHzDXJSIOPSoihEhLWjARRtavuQvWirNR2I=";
 }
--- a/hosts/traffic-stop-box/7/default.nix
+++ b/hosts/traffic-stop-box/7/default.nix
@ -10,6 +10,4 @@
    "sk-ssh-ed25519@openssh.com aaaagnnrlxnzac1lzdi1nte5qg9wzw5zc2guy29taaaaili3ylty7fwvohtwx8511v+gbtlzzmuv505fi1pj53v6aaaabhnzado="
    "sk-ssh-ed25519@openssh.com aaaagnnrlxnzac1lzdi1nte5qg9wzw5zc2guy29taaaaipzbd00cbfpxzuc8eb6sljaafnf1hgs6vci1rzcncyocaaaabhnzado="
  ];
  deployment-TLMS.net.wg.publicKey = "sMsdY7dSjlYeIFMqjkh4pJ/ftAYXlyRuxDGbdnGLpEQ=";
 }
--- a/hosts/traffic-stop-box/8/default.nix
+++ b/hosts/traffic-stop-box/8/default.nix
@ -9,6 +9,4 @@
  users.users.root.openssh.authorizedKeys.keys = [
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJO/8PRzEqW20vnADv5xJrV5AlQ9bS8251AyQACyFMz+ dumbdvb_clarity"
  ];
  deployment-TLMS.net.wg.publicKey = "dL9JGsBhaTOmXgGEH/N/GCHbQgVHEjBvIMaRtCsHBHw=";
 }
--- a/hosts/traffic-stop-box/9/default.nix
+++ b/hosts/traffic-stop-box/9/default.nix
@ -9,6 +9,4 @@
  users.users.root.openssh.authorizedKeys.keys = [
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJO/8PRzEqW20vnADv5xJrV5AlQ9bS8251AyQACyFMz+ dumbdvb_clarity"
  ];
  deployment-TLMS.net.wg.publicKey = "j2hGr2rVv7T9kJE15c2IFWjmk0dXuJPev2BXiHZUKk8=";
 }
--- a/modules/traffic-stop-box/configuration.nix
+++ b/modules/traffic-stop-box/configuration.nix
@ -1,9 +1,9 @@
-{ pkgs, config, self, ... }:
+{ pkgs, config, registry, ... }:
 {
  boot.tmp.useTmpfs = true;
-  networking.hostName = "traffic-stop-box-${toString config.deployment-TLMS.systemNumber}"; # Define your hostname.
+  networking.hostName = registry.hostName;
  # reboot 60 seconds after kernel panic
  boot.kernel.sysctl."kernel.panic" = 60;
--- a/modules/traffic-stop-box/radio-config.nix
+++ b/modules/traffic-stop-box/radio-config.nix
@ -1,33 +1,13 @@
-{ config, lib, self, ... }:
+{ config, lib, self, registry, ... }:
 let
  file = with config.deployment-TLMS; "${self}/hosts/traffic-stop-box/${toString systemNumber}/config_${toString systemNumber}.json";
  receiver_configs = [
    { frequency = 170790000; offset = 20000; device = ""; RF = 0; IF = 0; BB = 32; } # dresden - barkhausen
    { frequency = 170790000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; } # dresden - zentralwerk
    { frequency = 153850000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; } # chemnitz
    { frequency = 170795000; offset = 19400; device = ""; RF = 14; IF = 32; BB = 42; } # dresden unused
    { frequency = 170790000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; } # dresden Wundstr. 9
    { frequency = 170790000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; } # dresden test box
    { frequency = 150827500; offset = 19550; device = ""; RF = 14; IF = 32; BB = 42; } # warpzone münster
    { frequency = 150827500; offset = 19550; device = ""; RF = 14; IF = 32; BB = 42; } # drehturm aachen
    { frequency = 150890000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; } # Hannover Bredero Hochhaus City
    { frequency = 152830000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; } # Hannover Bredero Hochaus Umland
    { frequency = 153850000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; } #  CLT
  ];
  receiver_config = lib.elemAt receiver_configs config.deployment-TLMS.systemNumber;
 in
 {
  TLMS.gnuradio = {
    enable = true;
-    frequency = receiver_config.frequency;
+  } // registry.gnuradio;
-    offset = receiver_config.offset;
+
    device = receiver_config.device;
    RF = receiver_config.RF;
    IF = receiver_config.IF;
    BB = receiver_config.BB;
  };
  TLMS.telegramDecoder = {
    enable = true;
    server = [ "http://10.13.37.1:8080" "http://10.13.37.5:8080" "http://10.13.37.7:8080" ];
--- a/modules/traffic-stop-box/secrets.nix
+++ b/modules/traffic-stop-box/secrets.nix
@ -1,6 +1,6 @@
-{ config, self, ... }:
+{ config, self, registry, ... }:
 {
-  sops.defaultSopsFile = self + /secrets/traffic-stop-box-${toString config.deployment-TLMS.systemNumber}/secrets.yaml;
+  sops.defaultSopsFile = self + /secrets/${registry.hostName}/secrets.yaml;
  sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
  sops.secrets.telegram-decoder-token.owner = config.users.users.telegram-decoder.name;
--- a/modules/traffic-stop-box/wireguard-client.nix
+++ b/modules/traffic-stop-box/wireguard-client.nix
@ -1,5 +1,5 @@
-{ config, lib, ... }:
+{ config, lib, registry, ... }:
-# pubkey of the box goes to hosts/traffic-stop-box/${id}.nix!
+# pubkey of the box goes to registry/traffic-stop-box/default.nix!
 {
  networking.useNetworkd = lib.mkForce true;
@ -8,7 +8,8 @@
  };
  deployment-TLMS.net.wg = {
-    addr4 = lib.mkDefault "10.13.37.${toString (config.deployment-TLMS.systemNumber + 100)}";
+    addr4 = registry.wgAddr4;
    publicKey = registry.wireguardPublicKey;
    prefix4 = 24;
    privateKeyFile = lib.mkDefault config.sops.secrets.wg-seckey.path;
  };
--- a/registry/default.nix
+++ b/registry/default.nix
@ -1 +1,4 @@
-{ data-hoarder = import ./data-hoarder; }
+{
  data-hoarder = import ./data-hoarder;
  traffic-stop-box = import ./traffic-stop-box;
 }
--- a/registry/traffic-stop-box/default.nix
+++ b/registry/traffic-stop-box/default.nix
@ -0,0 +1,78 @@
 {
  # Barkhausen Bau
  "0" = {
    wireguardPublicKey = "qyStvzZdoqcjJJQckw4ZwvsQUa+8TBWtnsRxURqanno=";
    hostName = "traffic-stop-box-0";
    gnuradio = { frequency = 170790000; offset = 20000; device = ""; RF = 0; IF = 0; BB = 32; }; # dresden - barkhausen
    wgAddr4 = "10.13.37.100";
    arch = "x86_64-linux";
    monitoring = true;
  };
  # Zentralwerk
  "1" = {
    wireguardPublicKey = "dOPobdvfphx0EHmU7dd5ihslFzZi17XgRDQLMIUYa1w=";
    hostName = "traffic-stop-box-1";
    gnuradio = { frequency = 170790000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; }; # dresden - zentralwerk
    wgAddr4 = "10.13.37.101";
    arch = "x86_64-linux";
    monitoring = true;
  };
  "2" = {
    wireguardPublicKey = "4TUQCToGNhjsCgV9elYE/91Vd/RvMgvMXtF/1Dzlvxo=";
    hostName = "traffic-stop-box-2";
    gnuradio = { frequency = 153850000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; }; # chemnitz
    wgAddr4 = "10.13.37.102";
  };
  "3" = {
    wireguardPublicKey = "w3AT3EahW1sCK8ZsR7sDTcQj1McXYeWx7fnfQFA7i3o=";
    hostName = "traffic-stop-box-3";
    gnuradio = { frequency = 170795000; offset = 19400; device = ""; RF = 14; IF = 32; BB = 42; }; # dresden unused
    wgAddr4 = "10.13.37.103";
  };
  # Wundstr. 9
  "4" = {
    wireguardPublicKey = "B0wPH0jUxaatRncHMkgDEQ+DzvlbTBrVJY4etxqQgG8=";
    hostName = "traffic-stop-box-4";
    gnuradio = { frequency = 170790000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; }; # dresden Wundstr. 9
    wgAddr4 = "10.13.37.104";
    arch = "x86_64-linux";
    monitoring = true;
  };
  # number 5 is missing
  "6" = {
    wireguardPublicKey = "NuLDNmxuHHzDXJSIOPSoihEhLWjARRtavuQvWirNR2I=";
    hostName = "traffic-stop-box-6";
    gnuradio = { frequency = 150827500; offset = 19550; device = ""; RF = 14; IF = 32; BB = 42; }; # warpzone münster
    wgAddr4 = "10.13.37.106";
  };
  "7" = {
    wireguardPublicKey = "sMsdY7dSjlYeIFMqjkh4pJ/ftAYXlyRuxDGbdnGLpEQ=";
    hostName = "traffic-stop-box-7";
    gnuradio = { frequency = 150827500; offset = 19550; device = ""; RF = 14; IF = 32; BB = 42; }; # drehturm aachen
    wgAddr4 = "10.13.37.107";
  };
  # Hannover Bredero Hochhaus City
  "8" = {
    wireguardPublicKey = "dL9JGsBhaTOmXgGEH/N/GCHbQgVHEjBvIMaRtCsHBHw=";
    hostName = "traffic-stop-box-8";
    gnuradio = { frequency = 150890000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; }; # Hannover Bredero Hochhaus City
    wgAddr4 = "10.13.37.108";
    arch = "aarch64-linux";
    monitoring = false;
  };
  # Hannover Bredero Hochhaus Wider Area
  "9" = {
    wireguardPublicKey = "j2hGr2rVv7T9kJE15c2IFWjmk0dXuJPev2BXiHZUKk8=";
    hostName = "traffic-stop-box-9";
    gnuradio = { frequency = 152830000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; }; # Hannover Bredero Hochaus Umland
    wgAddr4 = "10.13.37.109";
    arch = "aarch64-linux";
    monitoring = false;
  };
  "10" = {
    wireguardPublicKey = "dL9JGsBhaTOmXgGEH/N/GCHbQgVHEjBvIMaRtCsHBHw=";
    hostName = "traffic-stop-box-10";
    gnuradio = { frequency = 153850000; offset = 20000; device = ""; RF = 14; IF = 32; BB = 42; }; # CLT
    wgAddr4 = "10.13.37.110";
  };
 }