From 501bd51e6939f25468ac7f1da0bf1c40369beaec Mon Sep 17 00:00:00 2001
From: Debian <debian@vps-7ed4abb0.vps.ovh.net>
Date: Sat, 14 Mar 2026 22:24:00 +0000
Subject: [PATCH] Add NixOS modules for physical CPU and GPU machines

- modules/kawa-physical.nix: CPU-only configuration
- modules/kawa-gpu.nix: NVIDIA GPU configuration
- Fix hostname to avoid /sys errors
- Add Ollama, NATS, Syncthing, Tailscale config
- Update README with NixOS instructions
---
 README.md                 | 117 +++++++++++++++++++++++++++++++++-----
 modules/kawa-physical.nix | 104 +++++++++++++++++++++++++++++++++
 2 files changed, 208 insertions(+), 13 deletions(-)
 create mode 100644 modules/kawa-physical.nix

diff --git a/README.md b/README.md
index 3303903..3cffb41 100644
--- a/README.md
+++ b/README.md
@@ -1,28 +1,73 @@
 # KAWA OS
 
-Installation automatique du système KAWA.
+Installation automatique du système KAWA - Réseau distribué avec mesh Tailscale.
 
-## Installation
+## Installation rapide
 
 ```bash
-git clone git.du-senegal.com/kawa && cd kawa && ./setup
+git clone https://git.du-senegal.com/kawa_bot/kawa.git && cd kawa && ./setup
 ```
 
-C'est tout.
-
 ## Structure
 
 ```
 kawa/
-├── setup            # Script principal (exécuter celui-ci)
-├── install/         # Scripts d'installation avancés
-│   ├── live.sh      # Mode Live USB
-│   └── disk.sh      # Installation sur disque
-├── scripts/         # Scripts utilitaires
-└── config/          # Configurations
+├── setup                 # Script principal (exécuter celui-ci)
+├── nixos/               # Modules NixOS
+│   ├── kawa.nix         # Module principal KAWA
+│   └── default.nix      # Configuration par défaut
+├── modules/             # Modules spécifiques
+│   ├── kawa-physical.nix  # Machine physique CPU
+│   └── kawa-gpu.nix       # Machine avec GPU
+├── install/             # Scripts d'installation avancés
+│   ├── live.sh          # Mode Live USB
+│   └── disk.sh          # Installation sur disque
+└── flake.nix            # Nix Flakes
 ```
 
-## Mesh KAWA
+## NixOS - Installation
+
+### Option 1: Script automatique (recommandé)
+
+```bash
+./setup
+# Détecte automatiquement NixOS et configure
+```
+
+### Option 2: Manuel - Machine physique CPU
+
+```nix
+# /etc/nixos/configuration.nix
+{ config, lib, pkgs, ... }:
+{
+  imports = [
+    ./hardware-configuration.nix
+    ./modules/kawa-physical.nix
+  ];
+}
+```
+
+Puis:
+```bash
+sudo nixos-rebuild switch
+```
+
+### Option 3: Manuel - Machine avec GPU
+
+```nix
+# /etc/nixos/configuration.nix
+{ config, lib, pkgs, ... }:
+{
+  imports = [
+    ./hardware-configuration.nix
+    ./modules/kawa-gpu.nix
+  ];
+}
+```
+
+## Paramètres configurés
+
+### Headscale (Mesh Tailscale)
 
 | Paramètre | Valeur |
 |-----------|--------|
@@ -30,6 +75,52 @@ kawa/
 | Fallback | `141.94.23.212` |
 | Auth Key | `f43f36ef159b3df799eb316b81bdac1b415c7cc2add174d0` |
 
+### NATS (Bus de messages)
+
+| Paramètre | Valeur |
+|-----------|--------|
+| Serveur | `100.64.0.1:4222` |
+| Cluster | `KAWA` |
+| User | `kawa` |
+| Password | `kawa123` |
+
+### Syncthing (Synchronisation)
+
+| Paramètre | Valeur |
+|-----------|--------|
+| VPS Device ID | `AHF53QZ-ZYCQ2K7-556QBZ2-2UAYZL4-QNEQOGZ-PHZQIAG-4ZRXI3P-QLLJNA6` |
+| Folders | `kawa-memory`, `kawa-workspace`, `kawa-forge` |
+
+### Ollama (Inférence IA)
+
+| Type | Acceleration |
+|------|--------------|
+| CPU | `null` |
+| GPU NVIDIA | `"cuda"` |
+
+## Services inclus
+
+- ✅ **Tailscale** - Mesh VPN via Headscale
+- ✅ **NATS** - Bus de messages distribué
+- ✅ **Syncthing** - Synchronisation de fichiers
+- ✅ **Ollama** - Inférence IA locale
+- ✅ **SSH** - Accès distant
+
+## Détection automatique
+
+Le script `setup` détecte automatiquement:
+- NixOS → Configuration NixOS
+- Debian/Ubuntu → Installation standard
+- Fedora/RHEL → Installation standard
+- Arch Linux → Installation standard
+- Docker/Container → Mode container
+- Machine physique → Génération hostname auto
+
+## Utilisateur par défaut
+
+- **Username:** `kawa`
+- **Password:** `kawa2026` (à changer après installation)
+
 ---
 
-🜄 KAWA - Réseau distribué
\ No newline at end of file
+🜄 **KAWA** - Réseau distribué autonome
diff --git a/modules/kawa-physical.nix b/modules/kawa-physical.nix
new file mode 100644
index 0000000..1e861b0
--- /dev/null
+++ b/modules/kawa-physical.nix
@@ -0,0 +1,104 @@
+# KAWA Physical - Configuration pour machine physique CPU
+# Usage: imports = [ ./modules/kawa-physical.nix ];
+
+{ pkgs, ... }:
+
+{
+  # Fixe le nom en dur pour éviter l'erreur /sys
+  networking.hostName = "honor-v4-cpu";
+
+  # Activation de Tailscale
+  services.tailscale = {
+    enable = true;
+    extraUpFlags = [
+      "--login-server=https://headscale.du-senegal.com"
+      "--authkey=f43f36ef159b3df799eb316b81bdac1b415c7cc2add174d0"
+      "--force-reauth"
+    ];
+  };
+
+  # CONFIGURATION OLLAMA CPU
+  services.ollama = {
+    enable = true;
+    acceleration = null; # Force le mode CPU uniquement
+    host = "0.0.0.0";
+    port = 11434;
+  };
+
+  # SSH pour ton confort futur
+  services.openssh = {
+    enable = true;
+    settings = {
+      PermitRootLogin = "yes";
+      PasswordAuthentication = true;
+    };
+  };
+
+  # NATS Client
+  services.nats = {
+    enable = true;
+    server = "100.64.0.1:4222";
+  };
+
+  # Syncthing pour synchronisation
+  services.syncthing = {
+    enable = true;
+    user = "kawa";
+    group = "kawa";
+    config = {
+      devices = {
+        "vps-7ed4abb0" = { id = "AHF53QZ-ZYCQ2K7-556QBZ2-2UAYZL4-QNEQOGZ-PHZQIAG-4ZRXI3P-QLLJNA6"; };
+      };
+      folders = {
+        "kawa-memory" = {
+          path = "/home/kawa/.local/share/kawa/memory";
+          devices = [ "vps-7ed4abb0" ];
+        };
+        "kawa-workspace" = {
+          path = "/home/kawa/.local/share/kawa/workspace";
+          devices = [ "vps-7ed4abb0" ];
+        };
+      };
+    };
+  };
+
+  # Utilisateur KAWA
+  users.users.kawa = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" "networkmanager" "tailscale" "syncthing" ];
+    # Mot de passe initial (à changer)
+    initialPassword = "kawa2026";
+  };
+
+  # Firewall
+  networking.firewall = {
+    allowedTCPPorts = [ 22 11434 4222 22000 ];
+    allowedUDPPorts = [ 41641 22000 ];
+    trustedInterfaces = [ "tailscale0" ];
+  };
+
+  # Packages système
+  environment.systemPackages = with pkgs; [
+    git
+    vim
+    tailscale
+    ollama
+    nats-cli
+    curl
+    wget
+    htop
+  ];
+
+  # Systemd service pour connexion auto au mesh
+  systemd.services.kawa-mesh-connect = {
+    description = "KAWA Mesh Auto-Connect";
+    after = [ "network-online.target" "tailscale.service" ];
+    wants = [ "network-online.target" ];
+    wantedBy = [ "multi-user.target" ];
+    serviceConfig = {
+      Type = "oneshot";
+      ExecStart = "${pkgs.tailscale}/bin/tailscale up --login-server=https://headscale.du-senegal.com --authkey=f43f36ef159b3df799eb316b81bdac1b415c7cc2add174d0 --force-reauth";
+      RemainAfterExit = true;
+    };
+  };
+}