feat: moved ollama, tailscale, and sync into folders following the new storage pattern

2025-11-08 18:28:34 -06:00 · 2025-11-08 18:28:34 -06:00 · d283f88160
commit d283f88160
parent b67be1472a
11 changed files with 215 additions and 117 deletions
--- a/modules/nixos-modules/ollama/default.nix
+++ b/modules/nixos-modules/ollama/default.nix
@ -0,0 +1,6 @@
+{...}: {
+  imports = [
+    ./ollama.nix
+    ./storage.nix
+  ];
+}
--- a/modules/nixos-modules/ollama/ollama.nix
+++ b/modules/nixos-modules/ollama/ollama.nix
@ -0,0 +1,32 @@
+{
+  config,
+  lib,
+  ...
+}: {
+  options = {
+    services.ollama.exposePort = lib.mkEnableOption "should we expose ollama on tailscale";
+  };
+
+  config = lib.mkIf config.services.ollama.enable (
+    lib.mkMerge [
+      {
+        services.ollama = {
+          # TODO: these should match whats set in the users file
+          group = "ollama";
+          user = "ollama";
+        };
+      }
+      (lib.mkIf config.services.ollama.exposePort (let
+        ports = [
+          config.services.ollama.port
+        ];
+      in {
+        services.ollama.host = "0.0.0.0";
+        networking.firewall.interfaces.${config.services.tailscale.interfaceName} = {
+          allowedTCPPorts = ports;
+          allowedUDPPorts = ports;
+        };
+      }))
+    ]
+  );
+}
--- a/modules/nixos-modules/ollama/storage.nix
+++ b/modules/nixos-modules/ollama/storage.nix
@ -0,0 +1,49 @@
+{
+  config,
+  lib,
+  ...
+}: {
+  options = {
+    services.ollama.impermanence.enable = lib.mkOption {
+      type = lib.types.bool;
+      default = config.services.ollama.enable && config.storage.impermanence.enable;
+    };
+  };
+
+  config = lib.mkIf config.services.ollama.enable (
+    lib.mkMerge [
+      (lib.mkIf config.storage.zfs.enable (lib.mkMerge [
+        {
+          # Ollama needs persistent storage for models and configuration
+        }
+        (lib.mkIf (!config.services.ollama.impermanence.enable) {
+          # TODO: placeholder to configure a unique dataset for this service
+        })
+        (lib.mkIf config.services.ollama.impermanence.enable {
+          storage.impermanence.datasets."persist/system/root" = {
+            directories."/var/lib/private/ollama" = {
+              enable = true;
+              owner.name = config.services.ollama.user;
+              group.name = config.services.ollama.group;
+              owner.permissions = {
+                read = true;
+                write = true;
+                execute = false;
+              };
+              group.permissions = {
+                read = false;
+                write = false;
+                execute = false;
+              };
+              other.permissions = {
+                read = false;
+                write = false;
+                execute = false;
+              };
+            };
+          };
+        })
+      ]))
+    ]
+  );
+}