328 lines
11 KiB
Org Mode
328 lines
11 KiB
Org Mode
:PROPERTIES:
|
|
:ID: 20211120T220054.226284
|
|
:ROAM_ALIASES: Wobserver
|
|
:END:
|
|
#+title: The Wobserver
|
|
#+filetags: :Project:Wobserver:Development:
|
|
|
|
#+ARCOLOGY_KEY: cce/wobserver
|
|
#+ARCOLOGY_ALLOW_CRAWL: t
|
|
|
|
My Wobserver is [[id:20221112T130047.292304][Terra Firma]] and resides in [[id:7fea3caa-5fa0-415a-96c7-45a1d64512fb][Wobscale Technologies]]'s premier datacenter =sea1.wobscale.website=.
|
|
|
|
* NEXT What's a Wobserver? :Writing:
|
|
:PROPERTIES:
|
|
:ID: 20220101T200019.407412
|
|
:END:
|
|
|
|
A wobserver is a homeserver managed in an [[id:arroyo/arroyo][Arroyo System]].
|
|
|
|
** Wobserver in the context of [[id:arroyo/arroyo][Arroyo Systems]]
|
|
:PROPERTIES:
|
|
:ID: 20220101T192455.992359
|
|
:END:
|
|
|
|
The ultimate goal of the Arroyo System is to provide a model for a community homeserver and shared knowledge/thinking system. I think a Wobserver could host a small community of 15-20 people with an ongoing effort of 10 hours a month on an average month. It's reasonable to expect that a larger community could develop a shared consensus environment as a tilde-like server.
|
|
|
|
The Arroyo System extends on to the local workstation. The local expert can provide a set of reasonable defaults for a computer which can accomplish every day tasks using a [[id:arroyo/nixos][Arroyo NixOS Generator]] and every member of the community can then share other modules from a collection like [[id:cce/cce][The Complete Computing Environment]] and share them amongst themselves using [[id:cce/syncthing][Syncthing]] and [[id:1d917282-ecf4-4d4c-ba49-628cbb4bb8cc][The Arcology Project]].
|
|
|
|
The Wobserver in this equation is the "social hub" of an Arroyo System. [[id:c75d20e6-8888-4c5a-ac97-5997e2f1c711][NixOS]] provides packages for Nextcloud, Discourse, Matrix, Mastodon, Mailservers. Let's use them. Let's contribute to them. Let's expand [[roam:The Commons]].
|
|
|
|
* Generating the Wobserver Configuration with [[id:arroyo/nixos][Arroyo Nixos]]
|
|
:PROPERTIES:
|
|
:ID: 20220101T195846.044283
|
|
:ROAM_ALIASES: "My Wobserver Configuration"
|
|
:END:
|
|
|
|
This is a [[id:c75d20e6-8888-4c5a-ac97-5997e2f1c711][NixOS]] configuration which is dynamically extended with [[id:arroyo/arroyo][Arroyo Systems Management]] modules. It behaves like [[id:cce/my_nixos_configuration][My NixOS configuration]] and is pushed to machines using [[id:cce/morph][Morph]]. It can also be built [[id:20220218T213149.100848][in QEMU]] below.
|
|
|
|
#+begin_src nix :tangle ~/arroyo-nix/roles/server/default.nix :noweb yes :mkdirp yes
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
rec {
|
|
imports = [
|
|
<<arroyo_nixos_imports()>>
|
|
];
|
|
|
|
home-manager.users.rrix.imports = [
|
|
<<arroyo_home-manager_imports()>>
|
|
];
|
|
|
|
system.stateVersion = lib.mkDefault "22.11";
|
|
|
|
home-manager.users.rrix = {
|
|
home.stateVersion = config.system.stateVersion;
|
|
# don't ship pinentry-qt
|
|
services.gpg-agent.pinentryFlavor = lib.mkForce "curses";
|
|
};
|
|
|
|
services.openssh.enable = true;
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
pkgs.htop
|
|
];
|
|
|
|
boot = {
|
|
kernelParams = [ "console=ttyS0" "boot.shell_on_fail" ];
|
|
loader.timeout = 5;
|
|
zfs.devNodes = lib.mkForce "/dev/disk/by-id";
|
|
};
|
|
}
|
|
#+end_src
|
|
|
|
** Helpers
|
|
|
|
#+NAME: arroyo_nixos_imports
|
|
#+begin_src emacs-lisp :exports both
|
|
(setenv "ARCOLOGY_DB_PATH" "/home/rrix/org/arcology-django/db.sqlite3")
|
|
(shell-command-to-string "nix run path:/home/rrix/org/arcology-django#arcology -- ingest_files ~/org &>/dev/null")
|
|
(shell-command-to-string "nix run path:/home/rrix/org/arcology-django#arcology -- generate -m nixos -r server 2>/dev/null | sort")
|
|
#+end_src
|
|
|
|
#+results: arroyo_nixos_imports
|
|
#+begin_example
|
|
../../nixos/akkoma.nix
|
|
../../nixos/arcology-config.nix
|
|
../../nixos/cachix.nix
|
|
../../nixos/cups.nix
|
|
../../nixos/emacs.nix
|
|
../../nixos/feedbot.nix
|
|
../../nixos/feediverse.nix
|
|
../../nixos/gitea.nix
|
|
../../nixos/gnupg-pam.nix
|
|
../../nixos/home-manager.nix
|
|
../../nixos/jellyfin.nix
|
|
../../nixos/location.nix
|
|
../../nixos/matrix.nix
|
|
../../nixos/morph-wrapper.nix
|
|
../../nixos/nextcloud.nix
|
|
../../nixos/nginx.nix
|
|
../../nixos/nixos-builder.nix
|
|
../../nixos/nix-path.nix
|
|
../../nixos/nixpkgs.nix
|
|
../../nixos/paperless.nix
|
|
../../nixos/poetry2nix.nix
|
|
../../nixos/postgresql.nix
|
|
../../nixos/restic.nix
|
|
../../nixos/rixpkgs.nix
|
|
../../nixos/rrix.nix
|
|
../../nixos/ssh_client.nix
|
|
../../nixos/syncthing.nix
|
|
../../nixos/tailscale.nix
|
|
../../nixos/ttrss.nix
|
|
../../nixos/vaultwarden.nix
|
|
../../nixos/wallabag.nix
|
|
../../nixos/wobservability.nix
|
|
../../nixos/wobserver-docker.nix
|
|
../../nixos/zfs.nix
|
|
#+end_example
|
|
|
|
#+NAME: arroyo_home-manager_imports
|
|
#+begin_src emacs-lisp :exports both
|
|
(setenv "ARCOLOGY_DB_PATH" "/home/rrix/org/arcology-django/db.sqlite3")
|
|
(shell-command-to-string "nix run path:/home/rrix/org/arcology-django#arcology -- ingest_files ~/org &>/dev/null")
|
|
(->> (arroyo-home-manager-imports "server")
|
|
(s-split "\n")
|
|
(-map (lambda (r) (format "../../%s" r)))
|
|
(butlast)
|
|
(s-join "\n"))
|
|
#+end_src
|
|
|
|
#+results: arroyo_home-manager_imports
|
|
#+begin_example
|
|
../../hm/beets.nix
|
|
../../hm/contacts.nix
|
|
../../hm/datasette.nix
|
|
../../hm/deadgrep.nix
|
|
../../hm/defexpr.nix
|
|
../../hm/emacs-helpers.nix
|
|
../../hm/emacs.nix
|
|
../../hm/emacs-pager.nix
|
|
../../hm/git.nix
|
|
../../hm/gnupg.nix
|
|
../../hm/morph.nix
|
|
../../hm/nix-update.nix
|
|
../../hm/occluded_files.nix
|
|
../../hm/org-fc.nix
|
|
../../hm/org-protocol.nix
|
|
../../hm/org-roam.nix
|
|
../../hm/pass.nix
|
|
../../hm/profile.nix
|
|
../../hm/prompt.nix
|
|
../../hm/python.nix
|
|
../../hm/shell-helpers.nix
|
|
../../hm/spell-check.nix
|
|
../../hm/ssh_client.nix
|
|
../../hm/syncthing.nix
|
|
#+end_example
|
|
|
|
* Packages in the Wobserver
|
|
|
|
NixOS modules:
|
|
|
|
#+begin_src emacs-lisp :results drawer :exports both
|
|
(->>
|
|
(arroyo-nixos-imports "server")
|
|
(--map (caar (arroyo-db-query [:select file :from keywords :where (= value $s1)] it)))
|
|
(--map (car (org-roam-db-query [:select [id title] :from nodes :where (= file $s1) :and (= level 0)] it)))
|
|
(--map (format "- [[id:%s][%s]]" (first it) (second it)))
|
|
(-sort #'string<)
|
|
(s-join "\n")
|
|
)
|
|
#+end_src
|
|
|
|
#+results:
|
|
:results:
|
|
- [[id:20220101T180015.306163][Nextcloud on Wobserver]]
|
|
- [[id:20220101T190353.843667][Wobserver Observability]]
|
|
- [[id:20220210T155158.671084][From Wireguard to Tailscale]]
|
|
- [[id:20220526T143555.660133]["The manual appears to depend on the location of Nixpkgs"]]
|
|
- [[id:20221021T115008.329657][Arroyo Nix Support]]
|
|
- [[id:20221106T113721.266425][CCE in Nix On Droid]]
|
|
- [[id:20221130T103851.207871][Gitea on NixOS]]
|
|
- [[id:20221202T122017.620403][Self-Hosting on the Fediverse with Akkoma]]
|
|
- [[id:20221202T124113.404212][Docker Containers on the Wobserver]]
|
|
- [[id:20230125T143144.011175][Posting Arcology Feeds to the Fediverse Automatically with Feediverse]]
|
|
- [[id:20230201T121604.003311][Storing passwords securely with vaultwarden]]
|
|
- [[id:20230220T204453.685476][Jellyfin on the Wobserver]]
|
|
- [[id:20230310T155744.804329][Tiny-Tiny RSS]]
|
|
- [[id:20230321T143139.441973][My Brother Printer and CUPS Setup]]
|
|
- [[id:20230331T181418.903306][RSS Feed Bot Posting to Matrix.org]]
|
|
- [[id:20230530T120958.265094][Wrapping Morph commands for more ergonomic deployment]]
|
|
- [[id:47ff77f9-3eae-43eb-886c-7513d05f047f][Secure Backup Infrastructure]]
|
|
- [[id:arcology/poetry][Arcology Poetry Pyproject]]
|
|
- [[id:arroyo/emacs][Arroyo Emacs Generator]]
|
|
- [[id:c4c2d068-c5b7-4cbc-b34a-297a68fb7c26][Where I Am At]]
|
|
- [[id:c75d20e6-8888-4c5a-ac97-5997e2f1c711][CCE Nixos Core]]
|
|
- [[id:cce/gnupg_configuration][GnuPG Configuration]]
|
|
- [[id:cce/home-manager][Generate a Dynamic Home Manager Configuration]]
|
|
- [[id:cce/nix_community_cachix][Nix Community Cachix]]
|
|
- [[id:cce/public_keys][My Public Keys and NixOS user]]
|
|
- [[id:cce/ssh_configuration][SSH Configuration]]
|
|
- [[id:cce/syncthing][Nearly Stateless Computing Using Syncthing]]
|
|
- [[id:cce/wobserver/postgres][PostgreSQL on the Wobserver]]
|
|
- [[id:e4998eda-d14a-48ee-9661-3d7d1bead53c][Wobserver Nginx Frontends]]
|
|
:end:
|
|
|
|
Things I need to package:
|
|
|
|
** INPROGRESS [[id:cce/wobserver/matrix][Matrix Synapse]]
|
|
:LOGBOOK:
|
|
- State "INPROGRESS" from [2022-11-18 Fri 00:04]
|
|
:END:
|
|
** INPROGRESS [[id:20220218T215521.617327][Heisenbridge]]
|
|
** INPROGRESS [[id:20220101T190353.843667][Wobserver Observability]]
|
|
** NEXT hydra
|
|
** NEXT Redis
|
|
** NEXT Calibre-Web
|
|
** NEXT Calibre-Server
|
|
** NEXT Docker Registry
|
|
** NEXT Mail Sync
|
|
*** mbsync
|
|
*** dovecot
|
|
** NEXT Universal aggregator
|
|
** NEXT fail2ban
|
|
** NEXT gitea
|
|
** NEXT grocy?
|
|
** CANCELLED wireguard
|
|
:LOGBOOK:
|
|
- State "CANCELLED" from "NEXT" [2022-11-12 Sat 16:44]
|
|
:END:
|
|
** DONE tailscale
|
|
:LOGBOOK:
|
|
- State "DONE" from "NEXT" [2022-11-12 Sat 16:44]
|
|
:END:
|
|
*** Why Tailscale?
|
|
|
|
Arroyo Systems are "self-hosted" -- the org-mode source runs in an Emacs which can be provided through an Arroyo document system, but it also goes to great effort to not rely on third party services, and goes to greater length to avoid proprietary webservices. and yet i'll probably use Tailscale for it, anyways. why?
|
|
|
|
[[id:20220218T224128.038757][Why move to a proprietary solution?]]
|
|
|
|
** music
|
|
*** NEXT mpd
|
|
*** NEXT mpdscribble
|
|
*** NEXT icecast
|
|
|
|
* Building a QEMU image of the Wobserver
|
|
:PROPERTIES:
|
|
:ID: 20220218T213149.100848
|
|
:END:
|
|
|
|
Right now I develop in qemu.
|
|
|
|
[[shell:nix-build '<nixpkgs/nixos>' -A vm --arg configuration nixlib/roles/server/default.nix &][build the VM]] then [[shell:result/bin/run-nixos-vm &][run the VM]]
|
|
|
|
,#+ARROYO_NIXOS_MODULE: nixos/qemu-vm.nix
|
|
,#+ARROYO_SYSTEM_ROLE: server
|
|
|
|
#+begin_src nix :tangle ~/arroyo-nix/nixos/qemu-vm.nix
|
|
{ ... }:
|
|
|
|
{
|
|
imports = <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
|
|
<nixpkgs/nixos/modules/virtualisation/qemu-vm.nix>
|
|
];
|
|
|
|
# simple VM configuration
|
|
virtualisation = {
|
|
diskSize = 1000; # MB
|
|
memorySize = 2048; # MB
|
|
cores = 2;
|
|
writableStoreUseTmpfs = false;
|
|
diskImage = "/home/rrix/wobserver-test.qcow2";
|
|
graphics = false;
|
|
|
|
forwardPorts = [
|
|
{ from = "host";
|
|
host = { address = "127.0.0.1"; port = 2222; };
|
|
guest = { address = "10.0.2.15"; port = 22; };
|
|
}
|
|
{ from = "host";
|
|
host = { address = "127.0.0.1"; port = 8080; };
|
|
guest = { address = "10.0.2.15"; port = 80; };
|
|
}
|
|
];
|
|
};
|
|
networking.firewall.enable = false;
|
|
|
|
# each of these corresponds to an eventual ZFS volume
|
|
virtualisation.sharedDirectories = {
|
|
media = { source = "/media"; target = "/media"; };
|
|
home = { source = "/home/rrix/wobserver-test-env/home"; target = "/home"; };
|
|
# services = { source = "/home/rrix/wobserver-test-env/svc"; target = "/svc"; };
|
|
backups = { source ="/home/rrix/wobserver-test-env/backup"; target = "/backup"; };
|
|
};
|
|
|
|
services.qemuGuest.enable = true;
|
|
boot.growPartition = true;
|
|
|
|
boot.zfs.extraPools = [ "tank" ];
|
|
|
|
fileSystems."/" = {
|
|
device = "terra-firma/root";
|
|
fsType = "zfs";
|
|
};
|
|
|
|
fileSystems."/nix" = {
|
|
device = "terra-firma/nix";
|
|
fsType = "zfs";
|
|
};
|
|
|
|
filesystems."/tank/media" = {
|
|
device = "tank/media";
|
|
fsType = "zfs";
|
|
};
|
|
|
|
filesystems."/home" = {
|
|
device = "tank/home";
|
|
fsType = "zfs";
|
|
};
|
|
|
|
}
|
|
#+end_src
|
|
|
|
Cleanup commands:
|
|
|
|
[[shell:rm ~/wobserver.qcow2]]
|
|
[[shell:mkdir -p ~/wobserver-test-env/{home,svc,backup}]]
|