Add NixOS modules for physical CPU and GPU machines

- modules/kawa-physical.nix: CPU-only configuration - modules/kawa-gpu.nix: NVIDIA GPU configuration - Fix hostname to avoid /sys errors - Add Ollama, NATS, Syncthing, Tailscale config - Update README with NixOS instructions
2026-03-14 22:24:00 +00:00
parent aaa11df19f
commit 501bd51e69
2 changed files with 208 additions and 13 deletions
--- a/modules/kawa-physical.nix
+++ b/modules/kawa-physical.nix
@@ -0,0 +1,104 @@
+# KAWA Physical - Configuration pour machine physique CPU
+# Usage: imports = [ ./modules/kawa-physical.nix ];
+
+{ pkgs, ... }:
+
+{
+  # Fixe le nom en dur pour éviter l'erreur /sys
+  networking.hostName = "honor-v4-cpu";
+
+  # Activation de Tailscale
+  services.tailscale = {
+    enable = true;
+    extraUpFlags = [
+      "--login-server=https://headscale.du-senegal.com"
+      "--authkey=f43f36ef159b3df799eb316b81bdac1b415c7cc2add174d0"
+      "--force-reauth"
+    ];
+  };
+
+  # CONFIGURATION OLLAMA CPU
+  services.ollama = {
+    enable = true;
+    acceleration = null; # Force le mode CPU uniquement
+    host = "0.0.0.0";
+    port = 11434;
+  };
+
+  # SSH pour ton confort futur
+  services.openssh = {
+    enable = true;
+    settings = {
+      PermitRootLogin = "yes";
+      PasswordAuthentication = true;
+    };
+  };
+
+  # NATS Client
+  services.nats = {
+    enable = true;
+    server = "100.64.0.1:4222";
+  };
+
+  # Syncthing pour synchronisation
+  services.syncthing = {
+    enable = true;
+    user = "kawa";
+    group = "kawa";
+    config = {
+      devices = {
+        "vps-7ed4abb0" = { id = "AHF53QZ-ZYCQ2K7-556QBZ2-2UAYZL4-QNEQOGZ-PHZQIAG-4ZRXI3P-QLLJNA6"; };
+      };
+      folders = {
+        "kawa-memory" = {
+          path = "/home/kawa/.local/share/kawa/memory";
+          devices = [ "vps-7ed4abb0" ];
+        };
+        "kawa-workspace" = {
+          path = "/home/kawa/.local/share/kawa/workspace";
+          devices = [ "vps-7ed4abb0" ];
+        };
+      };
+    };
+  };
+
+  # Utilisateur KAWA
+  users.users.kawa = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" "networkmanager" "tailscale" "syncthing" ];
+    # Mot de passe initial (à changer)
+    initialPassword = "kawa2026";
+  };
+
+  # Firewall
+  networking.firewall = {
+    allowedTCPPorts = [ 22 11434 4222 22000 ];
+    allowedUDPPorts = [ 41641 22000 ];
+    trustedInterfaces = [ "tailscale0" ];
+  };
+
+  # Packages système
+  environment.systemPackages = with pkgs; [
+    git
+    vim
+    tailscale
+    ollama
+    nats-cli
+    curl
+    wget
+    htop
+  ];
+
+  # Systemd service pour connexion auto au mesh
+  systemd.services.kawa-mesh-connect = {
+    description = "KAWA Mesh Auto-Connect";
+    after = [ "network-online.target" "tailscale.service" ];
+    wants = [ "network-online.target" ];
+    wantedBy = [ "multi-user.target" ];
+    serviceConfig = {
+      Type = "oneshot";
+      ExecStart = "${pkgs.tailscale}/bin/tailscale up --login-server=https://headscale.du-senegal.com --authkey=f43f36ef159b3df799eb316b81bdac1b415c7cc2add174d0 --force-reauth";
+      RemainAfterExit = true;
+    };
+  };
+}