diff --git a/nix/pkgs/fr24feed/default.nix b/nix/pkgs/fr24feed/default.nix index 9909c8d73c..44de96c28e 100644 --- a/nix/pkgs/fr24feed/default.nix +++ b/nix/pkgs/fr24feed/default.nix @@ -29,11 +29,6 @@ buildFHSUserEnv { bash ]; - extraBuildCommands = '' - chmod +w etc - ln -s /host/etc/fr24feed.ini etc/fr24feed.ini - ''; - runScript = "${bash}/bin/bash ${ writeText "fr24feed" '' diff --git a/ops/nixos/totoro/adsb.nix b/ops/nixos/totoro/adsb.nix new file mode 100644 index 0000000000..8cbb372830 --- /dev/null +++ b/ops/nixos/totoro/adsb.nix @@ -0,0 +1,145 @@ +{ depot, config, pkgs, ... }: + +{ + boot.blacklistedKernelModules = [ + "dvb_usb_rtl28xxu" + ]; + + users.groups.rtlsdr = {}; + services.udev.extraRules = '' + # 0bda:2838 Realtek Semiconductor Corp. RTL2838 DVB-T + SUBSYSTEM=="usb", ATTRS{idVendor}=="0bda", ATTRS{idProduct}=="2838", GROUP="rtlsdr" + SUBSYSTEM=="usb", ATTRS{idVendor}=="0bda", ATTRS{idProduct}=="2832", GROUP="rtlsdr" + ''; + + systemd.services.readsb = { + description = "readsb ADS-B receiver"; + wantedBy = [ "multi-user.target" ]; + wants = [ "network.target" ]; + after = [ "network.target" ]; + + serviceConfig = { + Type = "simple"; + User = "readsb"; + Group = "rtlsdr"; + DynamicUser = true; + RuntimeDirectory = "readsb"; + RuntimeDirectoryMode = "0755"; + ExecStart = "${depot.nix.pkgs.readsb}/bin/readsb --device-type rtlsdr --gain -10 --fix --enable-agc --aggressive --ppm 0 --max-range 450 --write-json-every 1 --net --net-heartbeat 60 --net-ro-size 1250 --net-ro-interval 0.05 --net-ri-port 30001 --net-ro-port 30002 --net-sbs-port 30003 --net-bi-port 30004,30104 --net-bo-port 30005 --json-location-accuracy 2 --range-outline-hours 24 --write-json /run/readsb --quiet --lat 51.55005 --lon -0.15389"; + Restart = "on-failure"; + RestartSec = 30; + }; + }; + environment.systemPackages = [ + depot.nix.pkgs.readsb + ]; + + # ADSB-Exchange + systemd.services.feed-adsbx = { + description = "feed adsbx"; + wantedBy = [ "multi-user.target" ]; + wants = [ "readsb.service" ]; + after = [ "readsb.service" ]; + + serviceConfig = { + Type = "simple"; + User = "feed-adsbx"; + DynamicUser = true; + RuntimeDirectory = "feed-adsbx"; + RuntimeDirectoryMode = "0755"; + ExecStart = "${depot.nix.pkgs.readsb}/bin/readsb --net --net-only --quiet --write-json /run/feed-adsbx --net-beast-reduce-interval 0.5 --net-connector feed1.adsbexchange.com,30004,beast_reduce_out,feed2.adsbexchange.com,64004 --net-heartbeat 60 --net-ro-size 1280 --net-ro-interval 0.2 --net-ro-port 0 --net-sbs-port 0 --net-bi-port 30154 --net-bo-port 0 --net-ri-port 0 --write-json-every 1 --lat 51.55005 --lon -0.15389 $UUID_FILE --max-range 450 --json-location-accuracy 2 --range-outline-hours 24 --net-connector 127.0.0.1,30978,uat_in,silent_fail --net-connector 127.0.0.1,30005,beast_in,silent_fail"; + Restart = "on-failure"; + RestartSec = 30; + }; + }; + systemd.services.mlat-adsbx = { + description = "mlat-adsbx"; + wantedBy = [ "multi-user.target" ]; + wants = [ "readsb.target" ]; + after = ["readsb.service" ]; + + serviceConfig = { + Type = "simple"; + User = "mlat-adsbx"; + DynamicUser = true; + ExecStart = "${depot.nix.pkgs.mlat-client}/bin/mlat-client --input-type dump1090 --no-udp --input-connect 127.0.0.1:30005 --server feed.adsbexchange.com:31090 --user lukegb --lat 51.55005 --lon -0.15389 --alt 79m --results beast,connect,127.0.0.1:30104 --results basestation,listen,31003 --results beast,listen,30157 --results beast,connect,127.0.0.1:30154"; + Restart = "on-failure"; + RestartSec = 30; + }; + }; + + # PiAware / FlightAware + systemd.services.piaware = { + description = "piaware"; + wantedBy = [ "multi-user.target" ]; + wants = [ "readsb.service" ]; + after = [ "readsb.service" ]; + + serviceConfig = { + Type = "simple"; + User = "piaware"; + DynamicUser = true; + CacheDirectory = "piaware"; + CacheDirectoryMode = "0755"; + ExecStart = "${depot.nix.pkgs.piaware}/bin/piaware -plainlog"; + Restart = "on-failure"; + RestartSec = 30; + }; + }; + + # fr24feed / FlightRadar24 + users.groups.fr24feed-cfg = {}; + systemd.services.fr24feed-populate-config = { + description = "populate configuration for fr24feed"; + wantedBy = [ "multi-user.target" ]; + requires = [ "vault-agent.service" "network.target" ]; + after = [ "vault-agent.service" "network.target" ]; + + script = '' + KEY="$(${pkgs.vault}/bin/vault kv get --address=unix:///run/vault-agent/sock -field=fr24feedKey kv/apps/ads-b)" + cat </etc/fr24feed/fr24feed.ini + receiver="beast-tcp" + host="127.0.0.1:30005" + bs="no" + raw="yes" + logmode="0" + logpath="/host/var/log/fr24feed" + mlat="no" + mlat-without-gps="no" + bind-interface="0.0.0.0" + fr24key="''${KEY}" + EOF + ''; + + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + User = "root"; + Group = "fr24feed-cfg"; + ConfigurationDirectory = "fr24feed"; + ConfigurationDirectoryMode = "0750"; + }; + }; + systemd.services.fr24feed = { + description = "fr24feed"; + wantedBy = [ "multi-user.target" ]; + wants = [ "readsb.service" ]; + after = [ "readsb.service" "fr24feed-populate-config.service" ]; + requires = [ "fr24feed-populate-config.service" ]; + + serviceConfig = { + Type = "simple"; + User = "fr24feed"; + Group = "fr24feed-cfg"; + DynamicUser = true; + LogsDirectory = "fr24feed"; + LogsDirectoryMode = "0755"; + ConfigurationDirectory = "fr24feed"; + ConfigurationDirectoryMode = "0750"; + ExecStart = "${depot.nix.pkgs.fr24feed}/bin/fr24feed --config-file=/host/etc/fr24feed/fr24feed.ini"; + Restart = "on-failure"; + RestartSec = 30; + TimeoutStopSec = 5; + }; + }; +} diff --git a/ops/nixos/totoro/default.nix b/ops/nixos/totoro/default.nix index 38842e0a95..58e9306509 100644 --- a/ops/nixos/totoro/default.nix +++ b/ops/nixos/totoro/default.nix @@ -17,6 +17,7 @@ in { ../lib/plex.nix ./home-assistant.nix ./authentik.nix + ./adsb.nix ]; boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ]; diff --git a/ops/vault/cfg/config.nix b/ops/vault/cfg/config.nix index f1a1762823..955ac41bb1 100644 --- a/ops/vault/cfg/config.nix +++ b/ops/vault/cfg/config.nix @@ -67,10 +67,11 @@ my.apps.authentik = {}; my.apps.gitlab-runner = {}; my.apps.plex-pass = {}; + my.apps.ads-b = {}; my.servers.etheroute-lon01.apps = [ "pomerium" ]; my.servers.porcorosso.apps = [ "quotesdb" ]; - my.servers.totoro.apps = [ "sslrenew-raritan" "deluge" "quotesdb" "authentik" ]; + my.servers.totoro.apps = [ "sslrenew-raritan" "deluge" "quotesdb" "authentik" "ads-b" ]; my.servers.clouvider-fra01.apps = [ "deluge" ]; my.servers.clouvider-lon01.apps = [ "quotesdb" "gitlab-runner" ]; my.servers.bvm-twitterchiver.apps = [ "twitterchiver" ];