gortium/infra
1
1
Fork 0
Code Issues 13 Pull Requests 20 Actions Packages Projects 1 Releases Wiki Activity
150 Commits 48 Branches 0 Tags
7e3b2520eb28969e24ced5c31ad959ae37d9bede
Commit Graph

150 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hermes
7e3b2520eb fix: use nixos-raspberrypi.lib.nixosSystem + sd-image module directly 2026-06-12 21:47:29 -04:00
Hermes
80efb68428 feat(uconsole): add flashable SD image package (SSH+WiFi+keys) 2026-06-12 21:42:51 -04:00
Hermes
3d86af76b9 fix: remove non-existent ssh opts for nixpkgs-25.11 2026-06-12 20:55:42 -04:00
Hermes
656570b39e fix: use plain string for bootloader setting 2026-06-12 20:54:19 -04:00
Hermes
8b6990ceee deploy1(uconsole): revert rasberry-pi-5.base removal — keep minimal SSH+WiFi config 2026-06-12 20:52:11 -04:00
Hermes
a312c29221 fix: remove boot.loader.raspberry-pi reference (option removed with rasberry-pi-5.base) 2026-06-12 20:48:30 -04:00
Hermes
053dd535d3 deploy1(uconsole): minimal config — no rasberry-pi-5.base, just SSH + WiFi + keys 2026-06-12 20:47:11 -04:00
Hermes
35e4155b8c fix(uconsole): remove configtxt module (conflicting overlays) — use extra-config only 2026-06-12 20:20:39 -04:00
Hermes
e8218c322a fix(uconsole): set ignore_lcd=0 + disable conflicting dt-overlays 2026-06-12 20:19:21 -04:00
Hermes
931ed2ac27 fix(uconsole): clean config.txt — clear conflicting defaults, single [pi5] section 2026-06-12 20:16:50 -04:00
Hermes
052081616c test: remove self.submodules to check Lix compatibility 2026-06-12 19:24:43 -04:00
Hermes
d3d7cdff44 Revert "fix: remove self.submodules (not supported by Lix)" 
This reverts commit 5202bc1fcb.
 2026-06-12 18:59:04 -04:00
Hermes
5202bc1fcb fix: remove self.submodules (not supported by Lix) 2026-06-12 18:56:44 -04:00
Hermes
9319e32683 fix(uconsole): cross-compile Lix instead of using native aarch64 flake package 2026-06-12 18:41:44 -04:00
Hermes
7da46d5769 refactor(uconsole): use standard inject-overlays helpers instead of manual overlay list 2026-06-12 18:21:45 -04:00
Hermes
8ea6be7ac1 fix: remove rpi-cross-overlay import from uconsole-cm5 modules 2026-06-12 17:11:17 -04:00
Hermes
b455bf6866 chore: remove rpi-cross-overlay — fork nixpkgs-rpi.nix already handles cross-compile 2026-06-12 17:10:19 -04:00
Hermes
ce7c594562 feat: enable ca-derivations experimental feature on lazyworkhorse 2026-06-12 16:50:16 -04:00
Hermes
eb5e64ec67 Revert "chore: ignore hyperspace files from feat/hyperspace-pods-module" 
This reverts commit ec44012a64.
 2026-06-12 16:47:15 -04:00
Hermes
ec44012a64 chore: ignore hyperspace files from feat/hyperspace-pods-module 2026-06-12 16:46:17 -04:00
Hermes
16acc6a153 fix(uconsole): resolve conflicting SSH options + properly override nixos-uconsole's nixos-raspberrypi input 
- mkForce on PermitRootLogin and PasswordAuthentication
- nixos-uconsole.inputs.nixos-raspberrypi follows our fork
 2026-06-12 16:43:33 -04:00
Hermes
5ee644e9dd feat(uconsole): add rpi-cross-overlay module + Lix 
- rpi-cross-overlay.nix: override pkgs.rpi with cross-compilation
  when buildPlatform != hostPlatform (0 QEMU)
- Lix nix daemon for uConsole (aarch64-linux)
- Remove broken inline overlay from flake.nix
 2026-06-12 16:36:49 -04:00
Thierry Pouplier
efc50d23c4 Added home wifi infos 2026-06-12 16:19:57 -04:00
Hermes
a527b65eae fix(uconsole): rename secret to home_wifi (shared across hosts, not uconsole-specific) 2026-06-12 16:17:48 -04:00
Hermes
698d3f91eb feat(uconsole): add agenix secret for WiFi credentials 
- age.secrets.uconsole-wifi (SSID+password in encrypted file)
- systemd service ensure-wifi reads decrypted secret and configures NM
- agenix.nixosModules.default imported for uconsole-cm5
- uconsole-wifi.age declared in secrets/secrets.nix
 2026-06-12 16:15:37 -04:00
Hermes
1f99ca0d37 feat(uconsole): add cm5 cross-compiled nixosConfiguration 
- New host: uconsole-cm5 (aarch64-linux, cross-built from x86_64)
- SSH authorizedKeys: gortium.main + ai-worker.main
- NetworkManager enabled (WiFi password via agenix later)
- Display: vc4/panel_cwu50/rp1_dsi with empty initrd
- Config.txt [pi5] section (not [cm5])
- Backlight fix service
- nixos-raspberrypi → gortium/cm5-cross-v1 fork (PR #197)
- nixpkgs-uconsole pinned to nixos-25.11 (kernel patch compat)

V3 branch saved as archive/uconsole-cm5-v3 (Reticulum/SDR/HAM config).
 2026-06-12 16:02:13 -04:00
Thierry Pouplier
36359de6aa Merge pull request 'feat: add Syncthing firewall port and update compose submodule' (#47) from feat/syncthing-org-sync into master 
Reviewed-on: #47
 2026-05-19 00:34:42 +00:00
Robert
10b8565fd6 Merge branch 'master' into feat/syncthing-org-sync 2026-05-18 20:33:29 -04:00
Robert
f672696b8e Update submodule for syncthing 2026-05-18 20:31:07 -04:00
Hermes
0980dca455 fix: update compose submodule to Traefik-routed Syncthing 2026-05-14 21:40:12 -04:00
Hermes
96bc20ab70 feat: add Syncthing firewall port and update compose submodule 2026-05-14 21:36:26 -04:00
Thierry Pouplier
670ae4f002 Merge pull request 'fix: update compose submodule — use ln -sf for iptables-nft' (#46) from fix/vpn-iptables-nft-v3 into master 
Reviewed-on: #46
 2026-05-13 17:00:16 +00:00
Hermes
f785abfd49 fix: update compose submodule — use ln -sf for iptables-nft 2026-05-13 12:59:04 -04:00
Thierry Pouplier
6f44aa7f76 Merge pull request 'fix: update compose submodule — remove apk add iptables-nft' (#45) from fix/vpn-iptables-nft-v2 into master 
Reviewed-on: #45
 2026-05-13 16:49:39 +00:00
Hermes
8d40f1691f fix: update compose submodule — remove apk add iptables-nft 2026-05-13 12:49:14 -04:00
Robert
2dd2e64986 Merge remote-tracking branch 'origin/master' 2026-05-13 12:42:54 -04:00
Robert
23fc5e0597 Give a little more ssh room for tramp 2026-05-13 12:41:09 -04:00
Thierry Pouplier
0c9c33d735 Merge pull request 'fix: update wg-easy to official ghcr image with iptables-nft' (#44) from fix/vpn-iptables-nft-upstream into master 
Reviewed-on: #44
 2026-05-13 16:39:56 +00:00
Hermes
0bb6890f1c chore: merge master into branch 2026-05-13 12:39:05 -04:00
Hermes
9d5434425f fix: update compose submodule for wg-easy iptables-nft fix 
Updates the assets/compose submodule to point to the fix/vpn-iptables-nft-upstream
branch which contains:
- Switch FROM weejewel/wg-easy:latest (Alpine 3.11, stale 4yr) to
  ghcr.io/wg-easy/wg-easy:latest (actively maintained, Alpine krypton)
- Use update-alternatives instead of raw ln -sf to flip iptables
  from legacy to nftables backend
- Fix compose build context: ./vpn -> . (Dockerfile is at same level)
 2026-05-13 12:30:47 -04:00
Thierry Pouplier
1fb4320dd1 Merge pull request 'feat: update compose submodule for custom tools startup' (#43) from feat/update-compose-submodule-custom-tools into master 
Reviewed-on: #43
 2026-05-13 13:58:27 +00:00
Hermes
51e9f47fd4 feat: update compose submodule for custom tools startup 2026-05-13 09:56:24 -04:00
Hermes
06b3eb840f fix: update compose submodule for wg-easy iptables-nft fix 2026-05-12 16:29:51 -04:00
Thierry Pouplier
28ab52209c Merge pull request 'Add restricted AI worker access with deployment capabilities' (#1) from ai-worker-restricted-access into master 
Reviewed-on: #1
 2026-05-11 00:48:29 +00:00
Robert
e6f7f0c263 Merge branch 'ai-worker-restricted-access' of ssh://code.lazyworkhorse.net:2222/gortium/infra into ai-worker-restricted-access 2026-05-10 18:06:46 -04:00
Robert
5c136e0765 Merge remote-tracking branch 'origin/master' into ai-worker-restricted-access 2026-05-10 17:06:58 -04:00
Robert
f722af7803 New ollama model creator module version 2026-05-10 16:56:09 -04:00
Robert
c07debf088 Added wireguard keys 2026-05-10 16:51:32 -04:00
Hermes
6806898f04 feat: update compose submodule for ollama-gfx906 (v0.23.2) + add ollama Dockerfile 2026-05-10 10:12:34 -04:00
Hermes
96e77c5ef2 Revert "feat: add ai-optimizer benchmark plan and state tracking for ollama GPU benchmarking" 
This reverts commit ff7303cf6a.
 2026-05-09 20:19:26 +00:00