From 6505bbb4ae602cb237231218e38e4c6e540f3c78 Mon Sep 17 00:00:00 2001
From: Aaron Bieber <aaron@bolddaemon.com>
Date: Fri, 28 Jun 2024 08:37:31 -0600
Subject: [PATCH] pwntie: run ollama in a ts reverse proxy

- set OLLAMA_HOST to that by default for gui thing
---
 gui/default.nix          |  1 +
 hosts/pwntie/default.nix | 37 +++++++++++++------------------------
 2 files changed, 14 insertions(+), 24 deletions(-)

diff --git a/gui/default.nix b/gui/default.nix
index 03bd68a..7acb954 100644
--- a/gui/default.nix
+++ b/gui/default.nix
@@ -82,6 +82,7 @@ with lib; {
         etc."traygent.json" = { text = traygentCmds; };
         sessionVariables = {
           SSH_AUTH_SOCK = "$HOME/.traygent";
+          OLLAMA_HOST = "https://ollama.otter-alligator.ts.net";
         };
         systemPackages = with pkgs; (xinlib.filterList [
           alacritty
diff --git a/hosts/pwntie/default.nix b/hosts/pwntie/default.nix
index 25c6184..9c88a10 100644
--- a/hosts/pwntie/default.nix
+++ b/hosts/pwntie/default.nix
@@ -1,10 +1,11 @@
 { pkgs
 , config
+, lib
 , ...
 }:
 let
   tsAddr = "100.84.170.57";
-  #myEmacs = pkgs.callPackage ../../configs/emacs.nix { };
+  oLlamaPort = 11434;
   pubKeys = [
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO7v+/xS8832iMqJHCWsxUZ8zYoMWoZhjj++e26g1fLT europa"
   ];
@@ -39,12 +40,6 @@ in
       enable = true;
       allowedTCPPorts = [ 22 ];
       checkReversePath = "loose";
-      interfaces = {
-        "tailscale0" =
-          {
-            allowedTCPPorts = [ 11434 ];
-          };
-      };
     };
   };
 
@@ -60,23 +55,12 @@ in
     PATH = [ "\${XDG_BIN_HOME}" ];
   };
 
-  #nixpkgs.config.allowUnfree = true;
   environment.systemPackages = with pkgs; [
     rtl-sdr
     direwolf
     (callPackage ../../pkgs/rtlamr.nix { })
   ];
 
-  #programs = {
-  #  steam.enable = true;
-  #  _1password.enable = true;
-  #  _1password-gui = {
-  #    enable = true;
-  #    polkitPolicyOwners = [ "qbit" ];
-  #  };
-  #  dconf.enable = true;
-  #};
-
   xinCI = {
     user = "qbit";
     enable = true;
@@ -87,16 +71,26 @@ in
       ollama = {
         environment = {
           OLLAMA_ORIGINS = "*";
+          OLLAMA_HOST = lib.mkForce "0.0.0.0";
         };
       };
     };
   };
 
   services = {
+    ts-reverse-proxy = {
+      servers = {
+        "ollama-reverse" = {
+          enable = true;
+          reverseName = "ollama";
+          reversePort = oLlamaPort;
+        };
+      };
+    };
     ollama = {
       enable = true;
       acceleration = "rocm";
-      listenAddress = "${tsAddr}:11434";
+      listenAddress = "localhost:${toString oLlamaPort}";
     };
     prometheus = {
       enable = true;
@@ -145,11 +139,6 @@ in
         ];
       };
     };
-    #emacs = {
-    #  enable = true;
-    #  package = myEmacs;
-    #  install = true;
-    #};
     fwupd = {
       enable = true;
     };