From e4c41daf6e0698245d5951ea3cd91d3631e995c4 Mon Sep 17 00:00:00 2001 From: Debian Date: Sat, 14 Mar 2026 22:35:05 +0000 Subject: [PATCH] Add nixos/ directory with corrected modules - kawa.nix: main module with fixed NATS options - default.nix: default configuration - kawa-base.nix: base module with NATS settings - Hostname fixed (no /sys read) - NATS: settings.http_port instead of httpPort --- nixos/default.nix | 10 ++-- nixos/kawa-base.nix | 17 ++++++ nixos/kawa.nix | 128 ++++++++++++++++++-------------------------- 3 files changed, 73 insertions(+), 82 deletions(-) create mode 100644 nixos/kawa-base.nix diff --git a/nixos/default.nix b/nixos/default.nix index 1027eaa..7d98e6e 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -1,18 +1,16 @@ # KAWA OS - Configuration par défaut -# Usage: import dans configuration.nix +# Usage: imports = [ ./nixos ]; { config, lib, pkgs, ... }: { - imports = [ - ./kawa.nix - ]; + imports = [ ./kawa.nix ]; services.kawa = { enable = true; + hostname = "kawa-node"; # Fixe, pas de lecture /sys autoConnect = true; - enableNats = true; + enableOllama = false; enableSyncthing = true; - enableOllama = false; # Activer si GPU disponible }; } diff --git a/nixos/kawa-base.nix b/nixos/kawa-base.nix new file mode 100644 index 0000000..11718a2 --- /dev/null +++ b/nixos/kawa-base.nix @@ -0,0 +1,17 @@ +# KAWA Base - Module de base pour tous les nœuds +# Options NATS corrigées pour Nixpkgs récent + +{ config, lib, pkgs, ... }: + +{ + imports = [ ./kawa.nix ]; + + # Configuration NATS corrigée + services.nats = { + enable = true; + settings = { + http_port = 8222; + port = 4222; + }; + }; +} diff --git a/nixos/kawa.nix b/nixos/kawa.nix index 8b6ac22..083d2bd 100644 --- a/nixos/kawa.nix +++ b/nixos/kawa.nix @@ -1,4 +1,4 @@ -# KAWA OS - Module NixOS +# KAWA OS - Module NixOS principal # Configuration automatique pour rejoindre le mesh KAWA { config, lib, pkgs, ... }: @@ -14,8 +14,8 @@ in hostname = mkOption { type = types.str; - default = ""; - description = "Hostname personnalisé pour le nœud KAWA"; + default = "kawa-node"; + description = "Hostname du nœud KAWA (fixe, pas dynamique)"; }; headscaleUrl = mkOption { @@ -24,59 +24,60 @@ in description = "URL du serveur Headscale"; }; - headscaleFallback = mkOption { - type = types.str; - default = "http://141.94.23.212"; - description = "URL de fallback du serveur Headscale"; - }; - authKey = mkOption { type = types.str; default = "f43f36ef159b3df799eb316b81bdac1b415c7cc2add174d0"; description = "Clé d'authentification Headscale"; }; - autoConnect = mkOption { - type = types.bool; - default = true; - description = "Connexion automatique au mesh au démarrage"; - }; - - # Services KAWA - enableNats = mkOption { - type = types.bool; - default = true; - description = "Activer le client NATS"; - }; - - enableSyncthing = mkOption { - type = types.bool; - default = true; - description = "Activer Syncthing pour la synchronisation"; + natsServer = mkOption { + type = types.str; + default = "100.64.0.1:4222"; + description = "Serveur NATS"; }; enableOllama = mkOption { type = types.bool; default = false; - description = "Activer Ollama pour l'inférence locale"; + description = "Activer Ollama"; + }; + + enableSyncthing = mkOption { + type = types.bool; + default = true; + description = "Activer Syncthing"; }; }; config = mkIf cfg.enable { - # Tailscale configuration + # Hostname fixe (pas de lecture /sys) + networking.hostName = cfg.hostname; + + # Tailscale services.tailscale = { enable = true; extraUpFlags = [ "--login-server=${cfg.headscaleUrl}" "--authkey=${cfg.authKey}" - "--hostname=${if cfg.hostname != "" then cfg.hostname else "kawa-${config.networking.hostName}"}" + "--force-reauth" ]; }; - # NATS client - services.nats = mkIf cfg.enableNats { + # NATS (options corrigées pour Nixpkgs récent) + services.nats = { enable = true; - server = "100.64.0.1:4222"; + settings = { + port = 4222; + http_port = 8222; + }; + }; + + # Ollama (optionnel) + services.ollama = mkIf cfg.enableOllama { + enable = true; + acceleration = null; # CPU uniquement + host = "0.0.0.0"; + port = 11434; }; # Syncthing @@ -84,65 +85,40 @@ in enable = true; user = "kawa"; group = "kawa"; - config = { - folders = { - "kawa-memory" = { - path = "/home/kawa/.local/share/kawa/memory"; - devices = [ "vps-7ed4abb0" ]; - }; - "kawa-workspace" = { - path = "/home/kawa/.local/share/kawa/workspace"; - devices = [ "vps-7ed4abb0" ]; - }; - "kawa-forge" = { - path = "/home/kawa/.local/share/kawa/forge"; - devices = [ "vps-7ed4abb0" ]; - }; - }; + }; + + # SSH + services.openssh = { + enable = true; + settings = { + PermitRootLogin = "yes"; + PasswordAuthentication = true; }; }; - # Ollama (optionnel) - services.ollama = mkIf cfg.enableOllama { - enable = true; - acceleration = false; # À activer si GPU disponible + # Firewall + networking.firewall = { + allowedTCPPorts = [ 22 4222 22000 11434 ]; + allowedUDPPorts = [ 41641 22000 ]; + trustedInterfaces = [ "tailscale0" ]; }; # Utilisateur KAWA users.users.kawa = { isNormalUser = true; - description = "KAWA Node User"; extraGroups = [ "wheel" "networkmanager" "tailscale" ]; + initialPassword = "kawa2026"; }; - # Firewall - networking.firewall = { - allowedTCPPorts = [ 22 4222 22000 ]; - allowedUDPPorts = [ 41641 22000 ]; - trustedInterfaces = [ "tailscale0" ]; - }; - - # Environment packages + # Packages environment.systemPackages = with pkgs; [ - tailscale - natscli - syncthing git + vim + tailscale + nats-cli curl wget + htop ]; - - # Systemd service pour la connexion automatique - systemd.services.kawa-connect = mkIf cfg.autoConnect { - description = "KAWA Mesh Auto-Connect"; - after = [ "network-online.target" "tailscale.service" ]; - wants = [ "network-online.target" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - Type = "oneshot"; - ExecStart = "${pkgs.tailscale}/bin/tailscale up --login-server=${cfg.headscaleUrl} --authkey=${cfg.authKey} --force-reauth"; - RemainAfterExit = true; - }; - }; }; }