weather-sdr: add system
This commit is contained in:
parent
c10fff2e9c
commit
d30b827284
13 changed files with 351 additions and 8 deletions
13
agenix/hosts/weather-sdr/config.nix
Normal file
13
agenix/hosts/weather-sdr/config.nix
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
{
|
||||||
|
age.secrets = {
|
||||||
|
user-daniel-password = {
|
||||||
|
file = ./user/danielPassword.age;
|
||||||
|
};
|
||||||
|
|
||||||
|
mosquitto-password-weewx-proxy = {
|
||||||
|
file = ./mosquitto/passwordWeewxProxy.age;
|
||||||
|
owner = "mosquitto";
|
||||||
|
group = "mosquitto";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
11
agenix/hosts/weather-sdr/mosquitto/passwordWeewxProxy.age
Normal file
11
agenix/hosts/weather-sdr/mosquitto/passwordWeewxProxy.age
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 MtGp6g WRSqF1tKQCdUJlHLIdzA6W+Eoo+uQsagnwrtpXv3/H8
|
||||||
|
+E3l47/j9tzSbypAp9+xvr4Vh9mgT542QWJ1pVtzjY0
|
||||||
|
-> ssh-ed25519 8p8j7w VYVm4fkclMDq7sz3OHlt3A7itVjsQYJ/1yJPZQFVVBc
|
||||||
|
q+NPC3W+evfRkY3UInK3+48pq14JmSJgZeixy+Q6E+g
|
||||||
|
-> .8!-grease HI mxy0[ KQrv@
|
||||||
|
51b57TzuFS57aikb3+k
|
||||||
|
--- SIBUVUW3p9fWRo97kQF+P80PY2BFw23AORw2Hu42RtY
|
||||||
|
ƒæS]‘Lù:ÚSZ±š’j<E28099>攎à'¨28Mt¢Û6xèí:zQXÓ‘ðjû·ù®8<C2AE>)G²5$YP¼)1ŠÖyj—«¯Á+ñžû¤÷â
|
||||||
|
,0ê4~¸°a–BàÑ‘Á·0ðráìÃÆ6±
|
||||||
|
‚!¼½Œ2ó¢aHüð€þ©H¸›FZòvl½¨ä«:
|
BIN
agenix/hosts/weather-sdr/user/danielPassword.age
Normal file
BIN
agenix/hosts/weather-sdr/user/danielPassword.age
Normal file
Binary file not shown.
|
@ -64,6 +64,11 @@
|
||||||
inherit inputs;
|
inherit inputs;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
weather-sdr = import ./system/flakes/weather-sdr.nix {
|
||||||
|
inherit (inputs) nixpkgs deploy-rs home-manager agenix;
|
||||||
|
inherit inputs;
|
||||||
|
};
|
||||||
|
|
||||||
adsb-antenna = import ./system/flakes/adsb-antenna.nix {
|
adsb-antenna = import ./system/flakes/adsb-antenna.nix {
|
||||||
inherit (inputs) nixpkgs deploy-rs home-manager;
|
inherit (inputs) nixpkgs deploy-rs home-manager;
|
||||||
inherit inputs;
|
inherit inputs;
|
||||||
|
@ -79,6 +84,7 @@
|
||||||
attic = attic.system;
|
attic = attic.system;
|
||||||
mediaserver = mediaserver.system;
|
mediaserver = mediaserver.system;
|
||||||
argon = argon.system;
|
argon = argon.system;
|
||||||
|
weather-sdr = weather-sdr.system;
|
||||||
adsb-antenna = adsb-antenna.system;
|
adsb-antenna = adsb-antenna.system;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -87,6 +93,7 @@
|
||||||
attic = attic.deployment;
|
attic = attic.deployment;
|
||||||
mediaserver = mediaserver.deployment;
|
mediaserver = mediaserver.deployment;
|
||||||
argon = argon.deployment;
|
argon = argon.deployment;
|
||||||
|
weather-sdr = weather-sdr.deployment;
|
||||||
adsb-antenna = adsb-antenna.deployment;
|
adsb-antenna = adsb-antenna.deployment;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
44
hardware/hosts/weather-sdr.nix
Normal file
44
hardware/hosts/weather-sdr.nix
Normal file
|
@ -0,0 +1,44 @@
|
||||||
|
{ config, lib, pkgs, modulesPath, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
||||||
|
|
||||||
|
boot = {
|
||||||
|
initrd = {
|
||||||
|
availableKernelModules = [ "usbhid" ];
|
||||||
|
kernelModules = [ ];
|
||||||
|
};
|
||||||
|
|
||||||
|
#kernelPackages = pkgs.linuxKernel.packages.linux_rpi3;
|
||||||
|
kernelModules = [ "tcp_bbr" ];
|
||||||
|
|
||||||
|
extraModulePackages = [ ];
|
||||||
|
blacklistedKernelModules = [ "rtl2832" "dvb_usb_rtl28xxu" "rtl2832_sdr" ];
|
||||||
|
|
||||||
|
kernel.sysctl = {
|
||||||
|
"net.core.default_qdisc" = "fq";
|
||||||
|
"net.ipv4.tcp_congestion_control" = "bbr";
|
||||||
|
"net.ipv4.tcp_syncookies" = 0;
|
||||||
|
"net.ipv4.tcp_timestamps" = 1;
|
||||||
|
"net.ipv4.tcp_window_scaling" = 1;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/" = {
|
||||||
|
device = "/dev/disk/by-label/NIXOS_SD";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices = [
|
||||||
|
{
|
||||||
|
device = "/var/lib/swapfile";
|
||||||
|
size = 4096;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
networking.useDHCP = lib.mkDefault true;
|
||||||
|
# networking.interfaces.eth0.useDHCP = lib.mkDefault true;
|
||||||
|
# networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
|
||||||
|
|
||||||
|
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
|
||||||
|
}
|
|
@ -1,8 +1,5 @@
|
||||||
args@{ pkgs, ... }:
|
args@{ pkgs, ... }:
|
||||||
|
|
||||||
let
|
|
||||||
secret = import ../../secret/hosts/adsb-antenna.nix;
|
|
||||||
in
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../programs/fish.nix
|
../programs/fish.nix
|
||||||
|
|
26
home/hosts/weather-sdr.nix
Normal file
26
home/hosts/weather-sdr.nix
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
args@{ pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
../programs/fish.nix
|
||||||
|
../programs/starship.nix
|
||||||
|
|
||||||
|
../programs/git.nix
|
||||||
|
|
||||||
|
../programs/bat.nix
|
||||||
|
|
||||||
|
../programs/fzf.nix
|
||||||
|
|
||||||
|
../programs/jq.nix
|
||||||
|
|
||||||
|
../programs/scripts.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
home = {
|
||||||
|
stateVersion = "22.11";
|
||||||
|
|
||||||
|
packages = with pkgs; [
|
||||||
|
ripgrep
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
|
@ -33,15 +33,17 @@
|
||||||
identitiesOnly = true;
|
identitiesOnly = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
"piboat.lan" = {
|
"adsb-antenna" = {
|
||||||
|
hostname = "adsb-antenna.laniot";
|
||||||
port = 22;
|
port = 22;
|
||||||
user = "pi";
|
user = "daniel";
|
||||||
|
forwardAgent = true;
|
||||||
identityFile = "~/.ssh/LAN.pub";
|
identityFile = "~/.ssh/LAN.pub";
|
||||||
identitiesOnly = true;
|
identitiesOnly = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
"adsb-antenna" = {
|
"weather-sdr" = {
|
||||||
hostname = "adsb-antenna.laniot";
|
hostname = "weather-sdr.laniot";
|
||||||
port = 22;
|
port = 22;
|
||||||
user = "daniel";
|
user = "daniel";
|
||||||
forwardAgent = true;
|
forwardAgent = true;
|
||||||
|
|
|
@ -5,11 +5,13 @@ let
|
||||||
system-attic = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHe6N3LfPxu7KNsyuI8YE3R0OHLTxNw5+WhuQjKL6PUr";
|
system-attic = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHe6N3LfPxu7KNsyuI8YE3R0OHLTxNw5+WhuQjKL6PUr";
|
||||||
system-mediaserver = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDlB0cL5CtTOyARWSE2yUsNU4JHUPmr71710mZHzsmbX";
|
system-mediaserver = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDlB0cL5CtTOyARWSE2yUsNU4JHUPmr71710mZHzsmbX";
|
||||||
system-argon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPP9ygczyi6g8abvj1I0eAj7N2Rli9UMlkC8VT6SnWLU";
|
system-argon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPP9ygczyi6g8abvj1I0eAj7N2Rli9UMlkC8VT6SnWLU";
|
||||||
|
system-weather-sdr = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBHuAdx5u9R2DyK065DUxdwhEOi0at1WNkY5f4JtrOzk";
|
||||||
|
|
||||||
sail = [ user-daniel system-sail ];
|
sail = [ user-daniel system-sail ];
|
||||||
attic = [ user-daniel system-attic ];
|
attic = [ user-daniel system-attic ];
|
||||||
mediaserver = [ user-daniel system-mediaserver ];
|
mediaserver = [ user-daniel system-mediaserver ];
|
||||||
argon = [ user-daniel system-argon ];
|
argon = [ user-daniel system-argon ];
|
||||||
|
weather-sdr = [ user-daniel system-weather-sdr ];
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
# sail
|
# sail
|
||||||
|
@ -84,4 +86,9 @@ in
|
||||||
"agenix/hosts/argon/adguardhome-sync/environment.age".publicKeys = argon;
|
"agenix/hosts/argon/adguardhome-sync/environment.age".publicKeys = argon;
|
||||||
|
|
||||||
"agenix/hosts/argon/weewx-proxy/environment.age".publicKeys = argon;
|
"agenix/hosts/argon/weewx-proxy/environment.age".publicKeys = argon;
|
||||||
|
|
||||||
|
# weather-sdr
|
||||||
|
"agenix/hosts/weather-sdr/user/danielPassword.age".publicKeys = weather-sdr;
|
||||||
|
|
||||||
|
"agenix/hosts/weather-sdr/mosquitto/passwordWeewxProxy.age".publicKeys = weather-sdr;
|
||||||
}
|
}
|
||||||
|
|
59
system/flakes/weather-sdr.nix
Normal file
59
system/flakes/weather-sdr.nix
Normal file
|
@ -0,0 +1,59 @@
|
||||||
|
{ nixpkgs, deploy-rs, home-manager, agenix, inputs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
default-system = "aarch64-linux";
|
||||||
|
|
||||||
|
overlay-attic = inputs.attic.overlays.default;
|
||||||
|
overlay-deploy-rs = _: _: { inherit (inputs.deploy-rs.packages.${default-system}) deploy-rs; };
|
||||||
|
overlay-nifoc = inputs.nifoc-overlay.overlay;
|
||||||
|
|
||||||
|
nixpkgsConfig = {
|
||||||
|
overlays = [
|
||||||
|
overlay-attic
|
||||||
|
overlay-deploy-rs
|
||||||
|
overlay-nifoc
|
||||||
|
];
|
||||||
|
|
||||||
|
config = {
|
||||||
|
allowUnfree = true;
|
||||||
|
allowBroken = true;
|
||||||
|
|
||||||
|
permittedInsecurePackages = [
|
||||||
|
"openssl-1.1.1t"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
in
|
||||||
|
rec {
|
||||||
|
system = nixpkgs.lib.nixosSystem {
|
||||||
|
system = default-system;
|
||||||
|
modules = [
|
||||||
|
../hosts/weather-sdr.nix
|
||||||
|
|
||||||
|
home-manager.nixosModules.home-manager
|
||||||
|
|
||||||
|
agenix.nixosModules.default
|
||||||
|
|
||||||
|
{
|
||||||
|
nixpkgs = nixpkgsConfig;
|
||||||
|
nix.nixPath = [ "nixpkgs=${nixpkgs}" ];
|
||||||
|
nix.registry.nixpkgs.flake = nixpkgs;
|
||||||
|
home-manager.useGlobalPkgs = true;
|
||||||
|
home-manager.useUserPackages = true;
|
||||||
|
home-manager.users.daniel = import ../../home/hosts/weather-sdr.nix;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
deployment = {
|
||||||
|
hostname = "weather-sdr";
|
||||||
|
sshUser = "root";
|
||||||
|
remoteBuild = true;
|
||||||
|
autoRollback = false;
|
||||||
|
magicRollback = false;
|
||||||
|
|
||||||
|
profiles.system = {
|
||||||
|
path = deploy-rs.lib.${default-system}.activate.nixos system;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -43,7 +43,7 @@ in
|
||||||
gc = {
|
gc = {
|
||||||
automatic = true;
|
automatic = true;
|
||||||
dates = "weekly";
|
dates = "weekly";
|
||||||
options = "--delete-older-than 14d";
|
options = "--delete-older-than 7d";
|
||||||
};
|
};
|
||||||
|
|
||||||
extraOptions = ''
|
extraOptions = ''
|
||||||
|
|
124
system/hosts/weather-sdr.nix
Normal file
124
system/hosts/weather-sdr.nix
Normal file
|
@ -0,0 +1,124 @@
|
||||||
|
args@{ pkgs, config, lib, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
ssh-keys = import ../shared/ssh-keys.nix;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
../../hardware/hosts/weather-sdr.nix
|
||||||
|
../../agenix/hosts/weather-sdr/config.nix
|
||||||
|
../shared/show-update-changelog.nix
|
||||||
|
../nixos/raspberry.nix
|
||||||
|
../nixos/ssh.nix
|
||||||
|
|
||||||
|
../nixos/git.nix
|
||||||
|
|
||||||
|
../nixos/mosquitto.nix
|
||||||
|
|
||||||
|
../nixos/rtl_433.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
system.stateVersion = "22.11";
|
||||||
|
|
||||||
|
nix = {
|
||||||
|
package = pkgs.nixVersions.stable;
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
auto-optimise-store = true;
|
||||||
|
|
||||||
|
substituters = [
|
||||||
|
"https://attic.cache.daniel.sx/nifoc-systems"
|
||||||
|
"https://nifoc.cachix.org"
|
||||||
|
"https://nix-community.cachix.org"
|
||||||
|
];
|
||||||
|
|
||||||
|
trusted-public-keys = [
|
||||||
|
"nifoc-systems:eDDqVP5BFR6/1KvXbF9oUL8JahDdmbrsYtxlQ57LOTU="
|
||||||
|
"nifoc.cachix.org-1:ymuftq7RgN/lf/iWXFK8gpwDSAGFaGBeliWe9u6q8II="
|
||||||
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
gc = {
|
||||||
|
automatic = true;
|
||||||
|
dates = "weekly";
|
||||||
|
options = "--delete-older-than 7d";
|
||||||
|
};
|
||||||
|
|
||||||
|
extraOptions = ''
|
||||||
|
experimental-features = nix-command flakes
|
||||||
|
keep-derivations = true
|
||||||
|
keep-outputs = true
|
||||||
|
post-build-hook = ${../../home/programs/scripts/attic-system-cache}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.etc."nix/netrc".source = ../../secret/shared/nix-netrc;
|
||||||
|
|
||||||
|
boot = {
|
||||||
|
loader = {
|
||||||
|
grub.enable = false;
|
||||||
|
generic-extlinux-compatible.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
tmp.cleanOnBoot = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
networking = {
|
||||||
|
hostName = "weather-sdr";
|
||||||
|
useNetworkd = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.network = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
networks = {
|
||||||
|
"10-iot" = {
|
||||||
|
matchConfig.Name = "enu1u1u1";
|
||||||
|
networkConfig = {
|
||||||
|
DHCP = "yes";
|
||||||
|
IPv6AcceptRA = false;
|
||||||
|
};
|
||||||
|
linkConfig.RequiredForOnline = "routable";
|
||||||
|
|
||||||
|
ntp = [
|
||||||
|
"ptbtime1.ptb.de"
|
||||||
|
"ptbtime2.ptb.de"
|
||||||
|
"ptbtime3.ptb.de"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
wait-online.extraArgs = [
|
||||||
|
"--interface=enu1u1u1"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
services.journald.extraConfig = ''
|
||||||
|
SystemMaxUse=512M
|
||||||
|
'';
|
||||||
|
|
||||||
|
documentation = {
|
||||||
|
nixos.enable = false;
|
||||||
|
doc.enable = false;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.hardware.argonone.enable = true;
|
||||||
|
programs.fish.enable = true;
|
||||||
|
|
||||||
|
users.users = {
|
||||||
|
root = {
|
||||||
|
openssh.authorizedKeys.keys = [ ssh-keys.LAN ];
|
||||||
|
};
|
||||||
|
|
||||||
|
daniel = {
|
||||||
|
passwordFile = config.age.secrets.user-daniel-password.path;
|
||||||
|
isNormalUser = true;
|
||||||
|
home = "/home/daniel";
|
||||||
|
description = "Daniel";
|
||||||
|
extraGroups = [ "wheel" ];
|
||||||
|
shell = pkgs.fish;
|
||||||
|
openssh.authorizedKeys.keys = [ ssh-keys.LAN ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
53
system/nixos/rtl_433.nix
Normal file
53
system/nixos/rtl_433.nix
Normal file
|
@ -0,0 +1,53 @@
|
||||||
|
{ pkgs, config, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
systemd.services.rtl_433 = {
|
||||||
|
description = "rtl_433 service";
|
||||||
|
after = [ "mosquitto.service" ];
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
|
||||||
|
serviceConfig = {
|
||||||
|
Type = "exec";
|
||||||
|
ExecStart = "${pkgs.rtl_433}/bin/rtl_433 -f868.3M -Yclassic -Mtime:utc -R78 -Fmqtt://127.0.0.1:1883,user=rtl,pass=didYouFindThis,retain=0,events=rtl433";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.mosquitto.listeners = [
|
||||||
|
{
|
||||||
|
address = "0.0.0.0";
|
||||||
|
port = 1883;
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
protocol = "mqtt";
|
||||||
|
};
|
||||||
|
|
||||||
|
users = {
|
||||||
|
rtl = {
|
||||||
|
password = "didYouFindThis";
|
||||||
|
acl = [ "write rtl433" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
weewx-proxy = {
|
||||||
|
hashedPasswordFile = config.age.secrets.mosquitto-password-weewx-proxy.path;
|
||||||
|
acl = [ "read rtl433" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
networking.firewall.interfaces =
|
||||||
|
let
|
||||||
|
mosquittoPorts = [ 1883 ];
|
||||||
|
in
|
||||||
|
{
|
||||||
|
"enu1u1u1".allowedTCPPorts = mosquittoPorts;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.udev.extraRules = ''
|
||||||
|
# original RTL2832U vid/pid (hama nano, for example)
|
||||||
|
SUBSYSTEMS=="usb", ATTRS{idVendor}=="0bda", ATTRS{idProduct}=="2832", ENV{ID_SOFTWARE_RADIO}="1", MODE="0660", GROUP="plugdev"
|
||||||
|
|
||||||
|
# RTL2832U OEM vid/pid, e.g. ezcap EzTV668 (E4000), Newsky TV28T (E4000/R820T) etc.
|
||||||
|
SUBSYSTEMS=="usb", ATTRS{idVendor}=="0bda", ATTRS{idProduct}=="2838", ENV{ID_SOFTWARE_RADIO}="1", MODE="0660", GROUP="plugdev"
|
||||||
|
'';
|
||||||
|
}
|
Loading…
Reference in a new issue