pwntie: run ollama in a ts reverse proxy

- set OLLAMA_HOST to that by default for gui thing
2024-06-28 08:37:31 -06:00 · 2024-06-28 08:37:31 -06:00 · 6505bbb4ae
commit 6505bbb4ae
parent 33747512ae
2 changed files with 14 additions and 24 deletions
--- a/gui/default.nix
+++ b/gui/default.nix
@ -82,6 +82,7 @@ with lib; {
        etc."traygent.json" = { text = traygentCmds; };
        sessionVariables = {
          SSH_AUTH_SOCK = "$HOME/.traygent";
+          OLLAMA_HOST = "https://ollama.otter-alligator.ts.net";
        };
        systemPackages = with pkgs; (xinlib.filterList [
          alacritty
--- a/hosts/pwntie/default.nix
+++ b/hosts/pwntie/default.nix
@ -1,10 +1,11 @@
 { pkgs
 , config
+, lib
 , ...
 }:
 let
  tsAddr = "100.84.170.57";
-  #myEmacs = pkgs.callPackage ../../configs/emacs.nix { };
+  oLlamaPort = 11434;
  pubKeys = [
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO7v+/xS8832iMqJHCWsxUZ8zYoMWoZhjj++e26g1fLT europa"
  ];
@ -39,12 +40,6 @@ in
      enable = true;
      allowedTCPPorts = [ 22 ];
      checkReversePath = "loose";
-      interfaces = {
-        "tailscale0" =
-          {
-            allowedTCPPorts = [ 11434 ];
-          };
-      };
    };
  };

@ -60,23 +55,12 @@ in
    PATH = [ "\${XDG_BIN_HOME}" ];
  };

-  #nixpkgs.config.allowUnfree = true;
  environment.systemPackages = with pkgs; [
    rtl-sdr
    direwolf
    (callPackage ../../pkgs/rtlamr.nix { })
  ];

-  #programs = {
-  #  steam.enable = true;
-  #  _1password.enable = true;
-  #  _1password-gui = {
-  #    enable = true;
-  #    polkitPolicyOwners = [ "qbit" ];
-  #  };
-  #  dconf.enable = true;
-  #};
-
  xinCI = {
    user = "qbit";
    enable = true;
@ -87,16 +71,26 @@ in
      ollama = {
        environment = {
          OLLAMA_ORIGINS = "*";
+          OLLAMA_HOST = lib.mkForce "0.0.0.0";
        };
      };
    };
  };

  services = {
+    ts-reverse-proxy = {
+      servers = {
+        "ollama-reverse" = {
+          enable = true;
+          reverseName = "ollama";
+          reversePort = oLlamaPort;
+        };
+      };
+    };
    ollama = {
      enable = true;
      acceleration = "rocm";
-      listenAddress = "${tsAddr}:11434";
+      listenAddress = "localhost:${toString oLlamaPort}";
    };
    prometheus = {
      enable = true;
@ -145,11 +139,6 @@ in
        ];
      };
    };
-    #emacs = {
-    #  enable = true;
-    #  package = myEmacs;
-    #  install = true;
-    #};
    fwupd = {
      enable = true;
    };