overhauled system deployment
This commit is contained in:
parent
4e75e65e60
commit
d3ad6b1d0c
|
@ -0,0 +1,2 @@
|
|||
result
|
||||
*.qcow2
|
|
@ -12,11 +12,12 @@ This will build a vm which can be used for integration testing.
|
|||
$ nix build
|
||||
```
|
||||
|
||||
for building the `traffic-stop-box` config.
|
||||
for building the `traffic-stop-box-${n}` config.
|
||||
|
||||
|
||||
## Todos
|
||||
|
||||
- [x] easily create and deploy new boxes
|
||||
- [ ] systemd unit running gnu radio scripts
|
||||
- [ ] decode server
|
||||
- [ ] secrets managment
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
{
|
||||
"name": "Barkhausen/Turmlabor",
|
||||
"lat": 51.026107,
|
||||
"lon": 13.623566,
|
||||
"station_id": 0
|
||||
}
|
94
flake.lock
94
flake.lock
|
@ -3,15 +3,17 @@
|
|||
"data-accumulator": {
|
||||
"inputs": {
|
||||
"naersk": "naersk",
|
||||
"nixpkgs": "nixpkgs_2",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"utils": "utils"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1650903092,
|
||||
"narHash": "sha256-J+6hsThaHFuL23fv8lmkBV0o+3qsJetih+lFeTvWxFc=",
|
||||
"lastModified": 1651088753,
|
||||
"narHash": "sha256-VC/MOiVCBJAJt+WyQA9aTld6jkrKIS8XKKbbSwjxc18=",
|
||||
"owner": "dump-dvb",
|
||||
"repo": "data-accumulator",
|
||||
"rev": "78dc5fb8c7daf9c5a281f3b389ff7728bc30e1bd",
|
||||
"rev": "fd93f181268d843193201be2939656a0ae44dda1",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -20,6 +22,28 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"decode-server": {
|
||||
"inputs": {
|
||||
"naersk": "naersk_2",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"utils": "utils_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1651090135,
|
||||
"narHash": "sha256-ZEEgQjMFrK3EC9aq2dQCdXwrKFl8rKTPMxbVq2hpPZE=",
|
||||
"owner": "dump-dvb",
|
||||
"repo": "decode-server",
|
||||
"rev": "c0855c4e1980797ebfb3d2c3fad510d7f72aa3b7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "dump-dvb",
|
||||
"repo": "decode-server",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"naersk": {
|
||||
"inputs": {
|
||||
"nixpkgs": "nixpkgs"
|
||||
|
@ -39,6 +63,24 @@
|
|||
}
|
||||
},
|
||||
"naersk_2": {
|
||||
"inputs": {
|
||||
"nixpkgs": "nixpkgs_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1650265945,
|
||||
"narHash": "sha256-SO8+1db4jTOjnwP++29vVgImLIfETSXyoz0FuLkiikE=",
|
||||
"owner": "nix-community",
|
||||
"repo": "naersk",
|
||||
"rev": "e8f9f8d037774becd82fce2781e1abdb7836d7df",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "naersk",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"naersk_3": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
|
@ -74,27 +116,25 @@
|
|||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1650701402,
|
||||
"narHash": "sha256-XKfstdtqDg+O+gNBx1yGVKWIhLgfEDg/e2lvJSsp9vU=",
|
||||
"lastModified": 1650882267,
|
||||
"narHash": "sha256-BFKiz8srATQIBuFEN2HgS2EHisK29EjZ/HV34wSr2lU=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "bc41b01dd7a9fdffd32d9b03806798797532a5fe",
|
||||
"rev": "2ea2f7b6d0cb7ce0712f2aa80303cda08deb0de2",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
"id": "nixpkgs",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nixpkgs_3": {
|
||||
"locked": {
|
||||
"lastModified": 1650921206,
|
||||
"narHash": "sha256-RGlfTC2ktqLVw0gBvZeCM//B4ig2CdQJm39sDvm0DBQ=",
|
||||
"lastModified": 1650998007,
|
||||
"narHash": "sha256-NcJnbGDBBN023x8s3ll3HZxBcQoPq1ry9E2sjg+4flc=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "3a9e0f239d80fa134e8fcbdee4dfc793902da37e",
|
||||
"rev": "a3917caedfead19f853aa5769de4c3ea4e4db584",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -123,14 +163,14 @@
|
|||
"radio-conf": {
|
||||
"inputs": {
|
||||
"nixpkgs": "nixpkgs_4",
|
||||
"utils": "utils_2"
|
||||
"utils": "utils_3"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1651073944,
|
||||
"narHash": "sha256-ItlWFul57R/NiXerbOEIhpNtApzH2zcmBNX2/mPiSWw=",
|
||||
"lastModified": 1651074465,
|
||||
"narHash": "sha256-r0cg+LcdM8kG9/Afg9yAGWDBtdkRTpKxTUtH6NviRYI=",
|
||||
"owner": "dump-dvb",
|
||||
"repo": "radio-conf",
|
||||
"rev": "ef37c9dca90ec304d8d902920143c6cb1bb793c4",
|
||||
"rev": "69c34e2d2cb70e43dfe9eb32a665d27dcdc39da8",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -142,7 +182,8 @@
|
|||
"root": {
|
||||
"inputs": {
|
||||
"data-accumulator": "data-accumulator",
|
||||
"naersk": "naersk_2",
|
||||
"decode-server": "decode-server",
|
||||
"naersk": "naersk_3",
|
||||
"nixpkgs": "nixpkgs_3",
|
||||
"radio-conf": "radio-conf",
|
||||
"sops-nix": "sops-nix"
|
||||
|
@ -197,6 +238,21 @@
|
|||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"utils_3": {
|
||||
"locked": {
|
||||
"lastModified": 1649676176,
|
||||
"narHash": "sha256-OWKJratjt2RW151VUlJPRALb7OU2S5s+f0vLj4o1bHM=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "a4b154ebbdc88c8498a5c7b01589addc9e9cb678",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
|
|
53
flake.nix
53
flake.nix
|
@ -10,29 +10,56 @@
|
|||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
radio-conf.url = github:dump-dvb/radio-conf;
|
||||
data-accumulator.url = github:dump-dvb/data-accumulator;
|
||||
radio-conf = {
|
||||
url = github:dump-dvb/radio-conf;
|
||||
};
|
||||
|
||||
data-accumulator = {
|
||||
url = github:dump-dvb/data-accumulator;
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
decode-server = {
|
||||
url = github:dump-dvb/decode-server;
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
};
|
||||
|
||||
outputs = { self, nixpkgs, sops-nix, naersk, radio-conf, data-accumulator, ... }@inputs:
|
||||
{
|
||||
defaultPackage."x86_64-linux" = self.nixosConfigurations.traffic-stop-box.config.system.build.vm;
|
||||
packages."x86_64-linux".traffic-stop-box = self.nixosConfigurations.traffic-stop-box.config.system.build.vm;
|
||||
packages."x86_64-linux".data-hoarder = self.nixosConfigurations.data-hoarder.config.system.build.vm;
|
||||
|
||||
nixosConfigurations = {
|
||||
traffic-stop-box = nixpkgs.lib.nixosSystem {
|
||||
outputs = { self, nixpkgs, sops-nix, naersk, radio-conf, data-accumulator, decode-server, ... }@inputs:
|
||||
let
|
||||
generate_system = (number:
|
||||
{"traffic-stop-box-${toString number}" = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
specialArgs = { inherit inputs; };
|
||||
modules = [
|
||||
./hosts/traffic-stop-box/configuration.nix
|
||||
./modules/gnuradio.nix
|
||||
./modules/radio_wireguard_client.nix
|
||||
./modules/numbering.nix
|
||||
{
|
||||
nixpkgs.overlays = [ radio-conf.overlay."x86_64-linux" ];
|
||||
nixpkgs.overlays = [ radio-conf.overlay."x86_64-linux" decode-server.overlay."x86_64-linux" ];
|
||||
dvb-dump.systemNumber = number;
|
||||
}
|
||||
];
|
||||
};
|
||||
}
|
||||
);
|
||||
|
||||
# increment this number if you want to add a new system
|
||||
numberOfSystems = 1;
|
||||
# list of accending system numbers
|
||||
id_list = ((num: if num == 0 then [ num ] else [num] ++ (id_list num - 1)) (numberOfSystems - 1));
|
||||
# list of nixos systems
|
||||
list_of_systems = builtins.map generate_system id_list;
|
||||
# attribute set of all traffic stop boxes
|
||||
stop_boxes = nixpkgs.lib.foldr (x: y: nixpkgs.lib.mergeAttrs x y) {} list_of_systems;
|
||||
in {
|
||||
defaultPackage."x86_64-linux" = self.nixosConfigurations.traffic-stop-box-0.config.system.build.vm;
|
||||
packages."x86_64-linux".traffic-stop-box = self.nixosConfigurations.traffic-stop-box-0.config.system.build.vm;
|
||||
packages."x86_64-linux".data-hoarder = self.nixosConfigurations.data-hoarder.config.system.build.vm;
|
||||
|
||||
nixosConfigurations = (nixpkgs.lib.mergeAttrs stop_boxes
|
||||
{
|
||||
data-hoarder = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
specialArgs = { inherit inputs; };
|
||||
|
@ -40,12 +67,12 @@
|
|||
./hosts/data-hoarder/configuration.nix
|
||||
./modules/data-accumulator.nix
|
||||
./modules/nginx.nix
|
||||
./modules/wireguard_server.nix
|
||||
./modules/wireguard_server.nix
|
||||
{
|
||||
nixpkgs.overlays = [ data-accumulator.overlay."x86_64-linux" ];
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
});
|
||||
};
|
||||
}
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
|
||||
hardware.hackrf.enable = true;
|
||||
|
||||
networking.hostName = "traffic-stop-box"; # Define your hostname.
|
||||
networking.hostName = "traffic-stop-box-${toString config.dvb-dump.systemNumber}"; # Define your hostname.
|
||||
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
||||
|
||||
# Set your time zone.
|
||||
|
|
|
@ -2,7 +2,16 @@
|
|||
This file contains the configuration for the gnuradio sdr decoding pipeline
|
||||
*/
|
||||
|
||||
{ pkgs, config, lib, ... }: {
|
||||
{ pkgs, config, lib, ... }:
|
||||
let
|
||||
#file = ../configs/config_+"${toString config.dvb-dump.systemNumber}.json";
|
||||
configFiles = [
|
||||
../configs/config_0.json
|
||||
];
|
||||
|
||||
file = builtins.elemAt configFiles config.dvb-dump.systemNumber;
|
||||
|
||||
in {
|
||||
systemd = {
|
||||
services = {
|
||||
"gnuradio" = {
|
||||
|
@ -22,8 +31,7 @@
|
|||
enable = true;
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
script = "exec ${pkgs.telegram-decode}/bin/decode_telegrams.py &";
|
||||
environment.PYTHONUNBUFFERED = "1";
|
||||
script = "exec ${pkgs.telegram-decode}/bin/telegra-decode --config ${file} &";
|
||||
|
||||
serviceConfig = {
|
||||
Type = "forking";
|
||||
|
|
|
@ -0,0 +1,10 @@
|
|||
{ config, lib, ... }:
|
||||
with lib; {
|
||||
options.dvb-dump.systemNumber = mkOption {
|
||||
type = types.int;
|
||||
default = 0;
|
||||
description = "number of the system";
|
||||
};
|
||||
}
|
||||
|
||||
|
|
@ -4,7 +4,7 @@
|
|||
networking.firewall.allowedUDPPorts = [ 51820 ];
|
||||
|
||||
networking.wg-quick.interfaces.wg-dvb = {
|
||||
address = [ "10.13.37.5/32" ];
|
||||
address = [ "10.13.37.${toString (config.dvb-dump.systemNumber + 100)}/32" ];
|
||||
privateKeyFile = "/root/wg-seckey";
|
||||
|
||||
peers = [{
|
||||
|
|
Loading…
Reference in New Issue