feat(architect/llm.nix): add OLLAMA_KV_CACHE_TYPE environment variable

- Added `OLLAMA_KV_CACHE_TYPE` with value `"q8_0"` to the environment variables in `llm.nix`
bump: flake lock
2024-12-08 12:01:01 +00:00 · 2024-12-08 11:53:26 +00:00 · 2024-12-07 17:10:04 +00:00 · 2024-12-07 10:52:52 +00:00 · 2024-12-06 23:30:35 +00:00
9 changed files with 98 additions and 12 deletions
--- a/flake.lock
+++ b/flake.lock
@ -250,11 +250,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1733482664,
-        "narHash": "sha256-ZD+h1fwvZs+Xvg46lzTWveAqyDe18h9m7wZnTIJfFZ4=",
+        "lastModified": 1733572789,
+        "narHash": "sha256-zjO6m5BqxXIyjrnUziAzk4+T4VleqjstNudSqWcpsHI=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "e38d3dd1d355a003cc63e8fe6ff66ef2257509ed",
+        "rev": "c7ffc9727d115e433fd884a62dc164b587ff651d",
        "type": "github"
      },
      "original": {
@ -331,11 +331,11 @@
    },
    "nixos-unstable": {
      "locked": {
-        "lastModified": 1733505731,
-        "narHash": "sha256-B3jYxAIMhBdH5ayiSVoXsi4zvInRbZB5eEUac5mboUQ=",
+        "lastModified": 1733656628,
+        "narHash": "sha256-dLQKmK5Sn3sWOKSg8EnDGdUUnv5M26YM1D8OIQuEvSo=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "f145dbde156efee66276502a2ecbfd60ed81c18d",
+        "rev": "e6eb5fff7256ffc39233dd5ffe2fea16d4e0b81f",
        "type": "github"
      },
      "original": {
@ -363,11 +363,11 @@
    },
    "nixpkgs_2": {
      "locked": {
-        "lastModified": 1733506536,
-        "narHash": "sha256-hmTCczt4tDKyKNtm0UOp78oHSDnJU3qZHX80KEEu1lI=",
+        "lastModified": 1733654877,
+        "narHash": "sha256-CNZ8bOvXSR/v5Q83sv3IO+ZcKZpDZuOnPJz64QDNtIM=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "260a02d2ee673c2e4a4cfe8bc6c78ce8ea39c08c",
+        "rev": "1b6d067c32f00c0c4ee5083a3137e9feff7009ef",
        "type": "github"
      },
      "original": {
--- a/hosts/architect/default.nix
+++ b/hosts/architect/default.nix
@ -39,6 +39,7 @@ in
    ./jellyseer.nix
    ./teslamate.nix
    ./postgres.nix
+    ./netdata.nix
  ];

  age.identityPaths = [ "/root/.ssh/id_ed25519" ];
--- a/hosts/architect/dns.nix
+++ b/hosts/architect/dns.nix
@ -39,8 +39,21 @@ let
  allDomains = config.architect.vhost // {
    "architect.devs.giugl.io" = { dnsInterfaces = [ "lan" "tailscale" ]; };
  };
+  domain = "adguard.giugl.io";
 in
 {
+  architect.vhost.${domain} = with config.architect.networks; {
+    dnsInterfaces = [ "tailscale" "lan" ];
+    locations."/" = {
+      port = config.services.adguardhome.port;
+      allowLan = true;
+
+      allow = [
+        tailscale.net
+      ];
+    };
+  };
+
  services = {
    coredns = {
      enable = true;
--- a/hosts/architect/llm.nix
+++ b/hosts/architect/llm.nix
@ -21,6 +21,7 @@ in
    environmentVariables = {
      OLLAMA_FLASH_ATTENTION = "1";
      OLLAMA_NUM_PARALLEL = "2";
+      OLLAMA_KV_CACHE_TYPE = "q8_0";
    };
  };

--- a/hosts/architect/netdata.nix
+++ b/hosts/architect/netdata.nix
@ -0,0 +1,26 @@
+{ config, pkgs, ... }:
+
+let
+  domain = "monitor.giugl.io";
+in
+{
+  services.netdata = {
+    enable = true;
+    package = pkgs.unstablePkgs.netdata;
+    config = {
+      db.mode = "dbengine";
+    };
+  };
+
+  architect.vhost.${domain} = with config.architect.networks; {
+    dnsInterfaces = [ "tailscale" "lan" ];
+
+    locations."/" = {
+      port = 19999;
+      allowLan = true;
+      allow = [
+        tailscale.net
+      ];
+    };
+  };
+}
--- a/hosts/architect/options.nix
+++ b/hosts/architect/options.nix
@ -129,7 +129,7 @@ with lib;
    services.nginx.virtualHosts = mapAttrs
      (domain: conf: {
        forceSSL = true;
-        enableACME = true;
+        useACMEHost= "giugl.io";
        locations = mapAttrs
          (path: location: {
            proxyPass = "http://${location.host}:${toString location.port}${location.path}";
--- a/roles/acme.nix
+++ b/roles/acme.nix
@ -1,10 +1,25 @@
-{ options, lib, config, ... }:
+{ config, ... }:

+let
+  giuglioDomain = "giugl.io";
+in
 {
-  config.security.acme = {
+  age.secrets.ovh = {
+    file = ../secrets/ovh.age;
+    owner = "acme";
+  };
+  security.acme = {
    acceptTerms = true;
+    certs.${giuglioDomain} =
+      {
+        dnsProvider = "ovh";
+        environmentFile = config.age.secrets.ovh.path;
+        extraDomainNames = [ "*.${giuglioDomain}" ];
+      };
    defaults = {
      email = "letsencrypt@depasquale.giugl.io";
+      dnsProvider = "ovh";
+      environmentFile = config.age.secrets.ovh.path;
    };
  };
 }
--- a/secrets/ovh.age
+++ b/secrets/ovh.age
@ -0,0 +1,29 @@
+age-encryption.org/v1
+-> ssh-rsa QXZdow
+aYgowxTfdGOqTYOZBbkg/dH7f+m6nvVF/8qZX0DE4hazln/QS9maWbkOwD7FLldm
+HRNV/YwZZEhbujHbDqgxnXk7Q11KOA72864B6mF2VZUruyo0cnACqo7OyzwApqv/
+LPjGb9h/gCJpQ3a5Jdh202FfaNGAh358fZVDyd37XPSOykiIAAxgMlDyn+96OiM
+P2vsyduWXDsqzCqtiNQrKVjryI5CIGOTAcYTgQ35S3uXFD8Gu27KfagUwZp2hdyp
+3WmGl+ZTrPNdOwzLWGj/RXaeTslABn1Owmq1naASRvJpp97ToynRzkDA50rBqUyR
+vGVB9IJxSjkSm3BJ4UAI6rpoz/6t2jkfNNE1cPix4AYjPAMyU+uiUSaZ/UBkwlXw
+08rM1eGcBaErB1ExcDV5+jUCdJBfi6Q9vIG7Ty4wbN1PfztAhzEyzT0L1bTn1AKC
+4S9n5lqFa1CdraK9eh2A+o9CNlkta+Z24ctPTVqBYtImBTKHOTofhr0omQdFV6M2
+bhxsOoAAoNhwn/lWC2fAcgfPQrUOW524+eHyPjsvf4rNNv0bk5EP1J4vMrWr9rqJ
+v5GEQ77YVXYQthiyg74XYc3Eo8sbtE+ncDoOquzdT385POd870qi1ht+JMY6OEmj
+q8lxVau2SFTKPkkmZKmtoNrYdKp5+DsB3nOUKcIXofs
+-> ssh-ed25519 7eGqHw cCrhq1kfav4TYAUOpP4O6fQ958O37Uad2jX9SUrnxn4
+TSiMyrYsdblB5SFwZpw7HhmicWX1vNomhBP4HtlvHJo
+-> ssh-rsa tO3rGg
+J6oPMt6hiry6ks3hlAjUAY1AzEYU+7voto5XC+I6Fmyfabz9zaJ3TtbCPVF5BRNR
+DOYLiD24EbcVoqECn2A2MRK1xH4owBD5YaE3Il2NwSJHhC+ZhROaMTu5mHxbzK/u
+BF2MLRZ0Bwwq4szaHoFf12TFwNtIRZXS9m6l4jHdsxWj6x0iui18p3JLxij1cVwE
+03rSWz+9c8bpZ6LHuPJAhatBZHSZwkKwH8Dn8NOxCLmVNRM4PyvJsj9lRn7fMwRY
+64QI2z6bRAry6oINbVAAOsPlM0Ix+7hbFs/UstnENFqfcDvPzrrhALDhuDLIJpGu
+WgAaMStZGjydy0oqHJceuduxVreqTlfiki7yruRFqRBgjMopwOsw5i9UPWR6SZ+E
+cUCFeEynUMrmFSp5qvDX0WtkU2G/GRFEPaB+k+UN+JduIRb2RBCLt2uG0249TwO8
+T4sq098XTM8wARgOv6n51lHFCPpM3iSbP5KMCYH9FhsJV0Qu9Q7157McNZuVL9Ie
+
+--- KYLAPCcTkg/tF2c2ni4UaBTV5AhUleg8GgJH0oRQSK0
+½;¬jŒ<6A>aç¾„ïÓÄ<C393>5`hÂŒø»æy;JúãÈå³C¢µ‡£ÏwX:eßøw³ù»ÜH
+L<EFBFBD>he’jCÓ2¨ì"#Ëµ„=Î/Ç²ˆ1ÒÅÿ¼™^Nû$ÃéM·úqN…v1µØÁ–Ç”ç¸T¦ÌñÙ—Ç0FsÕ(WeõöË…¡˜Ý8|^‹iYFQæ3œ ¡Õ
+A¤1ïEÜÂÚM_=;•¸‚×jFÜVý[Ýät°¬{©
w×…Ê<E280A6>Ö)
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -11,4 +11,5 @@ in
  "nextcloud-database.age".publicKeys = pubkeys;
  "restic-environment.age".publicKeys = pubkeys;
  "restic-passwords.age".publicKeys = pubkeys;
+  "ovh.age".publicKeys = pubkeys;
 }
Author	SHA1	Message	Date
Giulio De Pasquale	29c2526e6a	feat(architect/llm.nix): add OLLAMA_KV_CACHE_TYPE environment variable - Added `OLLAMA_KV_CACHE_TYPE` with value `"q8_0"` to the environment variables in `llm.nix`	2024-12-08 12:01:01 +00:00
Giulio De Pasquale	109c738594	bump: flake lock	2024-12-08 11:53:26 +00:00
Giulio De Pasquale	5a6bd41afd	feat(architect/dns.nix): add configuration for adguard.giugl.io - Added configuration for `adguard.giugl.io` with specified DNS interfaces and location settings - Configured to use the port from `config.services.adguardhome.port` - Allowed LAN access and specified allowed networks (`tailscale.net`)	2024-12-07 17:10:04 +00:00
Giulio De Pasquale	c14ae459ff	feat(roles/acme.nix): add DNS provider configuration for OVH	2024-12-07 10:52:52 +00:00
Giulio De Pasquale	1cc6cf9f95	feat(architect): add netdata monitoring service	2024-12-06 23:30:35 +00:00