overhauled system deployment

2022-04-28 14:43:40 +02:00 · 2022-04-28 14:43:40 +02:00 · d3ad6b1d0c
parent 4e75e65e60
commit d3ad6b1d0c
9 changed files with 148 additions and 38 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,2 @@
+result
+*.qcow2
--- a/README.md
+++ b/README.md
@ -12,11 +12,12 @@ This will build a vm which can be used for integration testing.
    $ nix build
 ```

-for building the `traffic-stop-box` config.
+for building the `traffic-stop-box-${n}` config.


 ## Todos

+- [x] easily create and deploy new boxes
 - [ ] systemd unit running gnu radio scripts
 - [ ] decode server
 - [ ] secrets managment
--- a/configs/config_0.json
+++ b/configs/config_0.json
@ -0,0 +1,6 @@
+{
+    "name": "Barkhausen/Turmlabor",
+    "lat": 51.026107,
+    "lon": 13.623566,
+    "station_id": 0
+}
--- a/flake.lock
+++ b/flake.lock
@ -3,15 +3,17 @@
    "data-accumulator": {
      "inputs": {
        "naersk": "naersk",
-        "nixpkgs": "nixpkgs_2",
+        "nixpkgs": [
+          "nixpkgs"
+        ],
        "utils": "utils"
      },
      "locked": {
-        "lastModified": 1650903092,
-        "narHash": "sha256-J+6hsThaHFuL23fv8lmkBV0o+3qsJetih+lFeTvWxFc=",
+        "lastModified": 1651088753,
+        "narHash": "sha256-VC/MOiVCBJAJt+WyQA9aTld6jkrKIS8XKKbbSwjxc18=",
        "owner": "dump-dvb",
        "repo": "data-accumulator",
-        "rev": "78dc5fb8c7daf9c5a281f3b389ff7728bc30e1bd",
+        "rev": "fd93f181268d843193201be2939656a0ae44dda1",
        "type": "github"
      },
      "original": {
@ -20,6 +22,28 @@
        "type": "github"
      }
    },
+    "decode-server": {
+      "inputs": {
+        "naersk": "naersk_2",
+        "nixpkgs": [
+          "nixpkgs"
+        ],
+        "utils": "utils_2"
+      },
+      "locked": {
+        "lastModified": 1651090135,
+        "narHash": "sha256-ZEEgQjMFrK3EC9aq2dQCdXwrKFl8rKTPMxbVq2hpPZE=",
+        "owner": "dump-dvb",
+        "repo": "decode-server",
+        "rev": "c0855c4e1980797ebfb3d2c3fad510d7f72aa3b7",
+        "type": "github"
+      },
+      "original": {
+        "owner": "dump-dvb",
+        "repo": "decode-server",
+        "type": "github"
+      }
+    },
    "naersk": {
      "inputs": {
        "nixpkgs": "nixpkgs"
@ -39,6 +63,24 @@
      }
    },
    "naersk_2": {
+      "inputs": {
+        "nixpkgs": "nixpkgs_2"
+      },
+      "locked": {
+        "lastModified": 1650265945,
+        "narHash": "sha256-SO8+1db4jTOjnwP++29vVgImLIfETSXyoz0FuLkiikE=",
+        "owner": "nix-community",
+        "repo": "naersk",
+        "rev": "e8f9f8d037774becd82fce2781e1abdb7836d7df",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "naersk",
+        "type": "github"
+      }
+    },
+    "naersk_3": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs"
@ -74,27 +116,25 @@
    },
    "nixpkgs_2": {
      "locked": {
-        "lastModified": 1650701402,
-        "narHash": "sha256-XKfstdtqDg+O+gNBx1yGVKWIhLgfEDg/e2lvJSsp9vU=",
+        "lastModified": 1650882267,
+        "narHash": "sha256-BFKiz8srATQIBuFEN2HgS2EHisK29EjZ/HV34wSr2lU=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "bc41b01dd7a9fdffd32d9b03806798797532a5fe",
+        "rev": "2ea2f7b6d0cb7ce0712f2aa80303cda08deb0de2",
        "type": "github"
      },
      "original": {
-        "owner": "NixOS",
-        "ref": "nixos-unstable",
-        "repo": "nixpkgs",
-        "type": "github"
+        "id": "nixpkgs",
+        "type": "indirect"
      }
    },
    "nixpkgs_3": {
      "locked": {
-        "lastModified": 1650921206,
-        "narHash": "sha256-RGlfTC2ktqLVw0gBvZeCM//B4ig2CdQJm39sDvm0DBQ=",
+        "lastModified": 1650998007,
+        "narHash": "sha256-NcJnbGDBBN023x8s3ll3HZxBcQoPq1ry9E2sjg+4flc=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "3a9e0f239d80fa134e8fcbdee4dfc793902da37e",
+        "rev": "a3917caedfead19f853aa5769de4c3ea4e4db584",
        "type": "github"
      },
      "original": {
@ -123,14 +163,14 @@
    "radio-conf": {
      "inputs": {
        "nixpkgs": "nixpkgs_4",
-        "utils": "utils_2"
+        "utils": "utils_3"
      },
      "locked": {
-        "lastModified": 1651073944,
-        "narHash": "sha256-ItlWFul57R/NiXerbOEIhpNtApzH2zcmBNX2/mPiSWw=",
+        "lastModified": 1651074465,
+        "narHash": "sha256-r0cg+LcdM8kG9/Afg9yAGWDBtdkRTpKxTUtH6NviRYI=",
        "owner": "dump-dvb",
        "repo": "radio-conf",
-        "rev": "ef37c9dca90ec304d8d902920143c6cb1bb793c4",
+        "rev": "69c34e2d2cb70e43dfe9eb32a665d27dcdc39da8",
        "type": "github"
      },
      "original": {
@ -142,7 +182,8 @@
    "root": {
      "inputs": {
        "data-accumulator": "data-accumulator",
-        "naersk": "naersk_2",
+        "decode-server": "decode-server",
+        "naersk": "naersk_3",
        "nixpkgs": "nixpkgs_3",
        "radio-conf": "radio-conf",
        "sops-nix": "sops-nix"
@ -197,6 +238,21 @@
        "repo": "flake-utils",
        "type": "github"
      }
+    },
+    "utils_3": {
+      "locked": {
+        "lastModified": 1649676176,
+        "narHash": "sha256-OWKJratjt2RW151VUlJPRALb7OU2S5s+f0vLj4o1bHM=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "a4b154ebbdc88c8498a5c7b01589addc9e9cb678",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
    }
  },
  "root": "root",
--- a/flake.nix
+++ b/flake.nix
@ -10,29 +10,56 @@
      inputs.nixpkgs.follows = "nixpkgs";
    };

-    radio-conf.url = github:dump-dvb/radio-conf;
-    data-accumulator.url = github:dump-dvb/data-accumulator;
+    radio-conf = {
+      url = github:dump-dvb/radio-conf;
+    };
+
+    data-accumulator = {
+      url = github:dump-dvb/data-accumulator;
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
+    decode-server = {
+      url = github:dump-dvb/decode-server;
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
  };

-  outputs = { self, nixpkgs, sops-nix, naersk, radio-conf, data-accumulator, ... }@inputs:
-    {
-      defaultPackage."x86_64-linux" = self.nixosConfigurations.traffic-stop-box.config.system.build.vm;
-      packages."x86_64-linux".traffic-stop-box = self.nixosConfigurations.traffic-stop-box.config.system.build.vm;
-      packages."x86_64-linux".data-hoarder = self.nixosConfigurations.data-hoarder.config.system.build.vm;
-
-      nixosConfigurations = {
-        traffic-stop-box = nixpkgs.lib.nixosSystem {
+  outputs = { self, nixpkgs, sops-nix, naersk, radio-conf, data-accumulator, decode-server, ... }@inputs:
+  let
+    generate_system = (number: 
+      {"traffic-stop-box-${toString number}" = nixpkgs.lib.nixosSystem {
          system = "x86_64-linux";
          specialArgs = { inherit inputs; };
          modules = [
            ./hosts/traffic-stop-box/configuration.nix
            ./modules/gnuradio.nix
            ./modules/radio_wireguard_client.nix
+            ./modules/numbering.nix
            {
-              nixpkgs.overlays = [ radio-conf.overlay."x86_64-linux" ];
+              nixpkgs.overlays = [ radio-conf.overlay."x86_64-linux" decode-server.overlay."x86_64-linux" ];
+              dvb-dump.systemNumber = number;
            }
          ];
        };
+      }
+      );
+
+    # increment this number if you want to add a new system
+    numberOfSystems = 1;
+    # list of accending system numbers
+    id_list = ((num: if num == 0 then [ num ] else [num] ++ (id_list num - 1)) (numberOfSystems - 1));
+    # list of nixos systems
+    list_of_systems = builtins.map generate_system id_list;
+    # attribute set of all traffic stop boxes
+    stop_boxes = nixpkgs.lib.foldr (x: y: nixpkgs.lib.mergeAttrs x y) {} list_of_systems;
+  in {
+      defaultPackage."x86_64-linux" = self.nixosConfigurations.traffic-stop-box-0.config.system.build.vm;
+      packages."x86_64-linux".traffic-stop-box = self.nixosConfigurations.traffic-stop-box-0.config.system.build.vm;
+      packages."x86_64-linux".data-hoarder = self.nixosConfigurations.data-hoarder.config.system.build.vm;
+
+      nixosConfigurations = (nixpkgs.lib.mergeAttrs stop_boxes
+      {
        data-hoarder = nixpkgs.lib.nixosSystem {
          system = "x86_64-linux";
          specialArgs = { inherit inputs; };
@ -40,12 +67,12 @@
            ./hosts/data-hoarder/configuration.nix
            ./modules/data-accumulator.nix
            ./modules/nginx.nix
-	    ./modules/wireguard_server.nix
+	        ./modules/wireguard_server.nix
            {
              nixpkgs.overlays = [ data-accumulator.overlay."x86_64-linux" ];
            }
          ];
        };
-      };
+      });
    };
 }
--- a/hosts/traffic-stop-box/configuration.nix
+++ b/hosts/traffic-stop-box/configuration.nix
@ -25,7 +25,7 @@

  hardware.hackrf.enable = true;

-  networking.hostName = "traffic-stop-box"; # Define your hostname.
+  networking.hostName = "traffic-stop-box-${toString config.dvb-dump.systemNumber}"; # Define your hostname.
  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.

  # Set your time zone.
--- a/modules/gnuradio.nix
+++ b/modules/gnuradio.nix
@ -2,7 +2,16 @@
  This file contains the configuration for the gnuradio sdr decoding pipeline
 */

-{ pkgs, config, lib, ... }: {
+{ pkgs, config, lib, ... }: 
+let
+  #file = ../configs/config_+"${toString config.dvb-dump.systemNumber}.json";
+  configFiles = [
+    ../configs/config_0.json
+  ];
+  
+  file = builtins.elemAt configFiles config.dvb-dump.systemNumber;
+
+in { 
  systemd = {
    services = {
      "gnuradio" = {
@ -22,8 +31,7 @@
        enable = true;
        wantedBy = [ "multi-user.target" ];

-        script = "exec ${pkgs.telegram-decode}/bin/decode_telegrams.py &";
-        environment.PYTHONUNBUFFERED = "1";
+        script = "exec ${pkgs.telegram-decode}/bin/telegra-decode --config ${file} &";

        serviceConfig = {
          Type = "forking";
--- a/modules/numbering.nix
+++ b/modules/numbering.nix
@ -0,0 +1,10 @@
+{ config, lib, ... }:
+with lib; {
+  options.dvb-dump.systemNumber = mkOption {
+    type = types.int;
+    default = 0;
+    description = "number of the system";
+  };
+}
+
+
--- a/modules/radio_wireguard_client.nix
+++ b/modules/radio_wireguard_client.nix
@ -4,7 +4,7 @@
  networking.firewall.allowedUDPPorts = [ 51820 ];

  networking.wg-quick.interfaces.wg-dvb = {
-    address = [ "10.13.37.5/32" ];
+    address = [ "10.13.37.${toString (config.dvb-dump.systemNumber + 100)}/32" ];
    privateKeyFile = "/root/wg-seckey";

    peers = [{