polen/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

theclaw

Browse source
This commit is contained in:
Polen 2026-02-18 11:07:01 -05:00
parent 143cd6c603
commit 36c73a41ff
17 changed files with 275 additions and 234 deletions
Download patch file Download diff file Expand all files Collapse all files

12
devices/server/configuration.nix
View file

@ -64,7 +64,8 @@ in {
openFirewall = true; # 11434
host = "0.0.0.0";
syncModels = true;
loadModels = [ "mistral:7b" "phi3.5:3.8b" ];
loadModels =
[ "qwen3:4b" "lfm2.5-thinking:1.2b" "ministral-3:8b" "ministral-3:3b" ];
};
};
@ -161,6 +162,7 @@ in {
9000 # mealie
8989 # sonarr
10222 # taskchampion-sync-server
18789 # openclaw
];
firewall.allowedUDPPorts = [
5353 # mDNS
@ -170,12 +172,15 @@ in {
time.timeZone = "America/Toronto";
users.users."${user}" = {
isNormalUser = true;
group = "polen";
extraGroups = [ "wheel" "transmission" "jellyfin" "polensky" "docker" ];
shell = pkgs.zsh;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC6O2MJqR+P/FwRyVSz1HWYhMtIwh16ozBU71Y2vf0oNDQ6DZ5T8Bvp5/4uSJgS8lOl3qYyNy0e0zJMIyfFVJnu89ycKBEdixA4HqWOUQGiyvn1C4s740jHolOzN1xNB24PDXFz0vHcVb+G5nU/xeKeaq0vrszrkK2zctqXshw94/x3ah0m3fr5CwM4S2RY/VODOdt11fllFEvN8HGE2mQTPn5sJzwtGW20npQ5iJ7ShugPbC4D1G2JU1R7MqkvWEpq9OFVb1prTpJM+i/lcqCn3lBv8XxpKKnD3q+48eeO1geosAsG/kgUWPDildbzcSfytgj7/TCTujx2ow4ZUfS4kWUrNaXM3M99SG61rFN7zLMAv14SOSsgegmX3q0ZAwOieUhCifqIqdfFr5QjEUP11ALofYRC6567X1YrEVXZFFnZSXMKGkBKpTxx0jaTTGnFSd6F49kDlI30cKJnVUgAK5nESissdEFn3UGRSFfxmjZkYvhY5l3LqtbO3kEutJU= polen@polen-xps"
];
};
users.groups.polen = { };
# Luna user for OpenClaw AI assistant
users.users.luna = {
@ -197,16 +202,17 @@ in {
defaultSopsFile = ../../secrets/secrets.yaml;
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
secrets = {
luna-telegram-token = {
luna_telegram_token = {
owner = "luna";
group = "luna";
};
luna-gateway-token = {
luna_gateway_token = {
owner = "luna";
group = "luna";
};
};
};
environment.systemPackages = with pkgs; [
neovim
htop-vim

29
devices/server/hardware-configuration.nix
View file

@ -1,30 +1,22 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
{ config, lib, pkgs, modulesPath, ... }: {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = ["uhci_hcd" "ehci_pci" "hpsa" "usb_storage" "usbhid" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules =
[ "uhci_hcd" "ehci_pci" "hpsa" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/a4ba3cce-bbdd-470d-9874-71f3aea9ea13";
fsType = "ext4";
};
swapDevices = [
{device = "/dev/disk/by-uuid/6fc86a5b-ac4b-41ed-a7c9-56f734f5e711";}
];
swapDevices =
[{ device = "/dev/disk/by-uuid/6fc86a5b-ac4b-41ed-a7c9-56f734f5e711"; }];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
@ -37,5 +29,6 @@
# networking.interfaces.enp4s0f1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
}

96
devices/server/luna.nix
View file

@ -7,35 +7,105 @@
home.homeDirectory = "/var/lib/luna";
home.stateVersion = "25.05";
home.packages = with pkgs; [ xmlstarlet ];
programs.openclaw = {
enable = true;
documents = ./luna-documents;
config = {
# Use local Ollama - auto-detected at 127.0.0.1:11434
agents.defaults.model = {
primary = "ollama/mistral:7b";
fallbacks = [ "ollama/phi3.5:3.8b" ];
models = {
providers = {
ollama = {
baseUrl = "http://127.0.0.1:11434/v1";
apiKey = "ollama-local";
api = "openai-completions";
models = [ ];
};
};
};
agents = {
defaults = {
model = { primary = "github-copilot/gpt-5-mini"; };
workspace = "/var/lib/luna/.openclaw/workspace";
maxConcurrent = 4;
subagents = { maxConcurrent = 8; };
models = { "github-copilot/gpt-5-mini" = { }; };
};
};
commands = {
native = "auto";
nativeSkills = "auto";
};
channels = {
telegram = {
dmPolicy = "pairing";
tokenFile = "/run/secrets/luna_telegram_token";
groups = { "*" = { requireMention = true; }; };
allowFrom = [ 1268580775 ];
groupPolicy = "allowlist";
streamMode = "partial";
};
};
gateway = {
mode = "local";
auth = { tokenFile = "/run/secrets/luna-gateway-token"; };
auth = {
token =
"14db7eaede5f363bce5f5efd23baea45fd8c7984fd3d9234d9b98e1d52c88db7";
mode = "token";
};
port = 18789;
bind = "loopback";
tailscale = {
mode = "off";
resetOnExit = false;
};
};
channels.telegram = {
tokenFile = "/run/secrets/luna-telegram-token";
allowFrom = [
1268580775
];
groups = { "*" = { requireMention = true; }; };
plugins = { entries = { telegram = { enabled = true; }; }; };
messages = { ackReactionScope = "group-mentions"; };
auth = {
profiles = {
"github-copilot:github" = {
provider = "github-copilot";
mode = "token";
};
};
};
hooks = {
internal = {
enabled = true;
entries = {
"boot-md" = { enabled = true; };
"command-logger" = { enabled = true; };
"session-memory" = { enabled = true; };
};
};
};
wizard = {
lastRunAt = "2026-02-10T18:36:29.457Z";
lastRunVersion = "2026.2.6-3";
lastRunCommand = "onboard";
lastRunMode = "local";
};
meta = {
lastTouchedVersion = "2026.2.6-3";
lastTouchedAt = "2026-02-10T18:36:29.472Z";
};
};
# Plugins useful for homelab Q&A
bundledPlugins = {
summarize.enable = true; # Summarize docs/web pages
oracle.enable = true; # Web search
oracle.enable = false; # Web search
};
};