feat: run ai agents on homelab (#251)

* feat: run ai agents on kana & ruby

* fix: upload vm

hosts/idols-akane/packages.nix

@@ -1,5 +1,31 @@
 { pkgs, ... }:
 {
+  # https://github.com/Mic92/nix-ld
+  #
+  # nix-ld will install itself at `/lib64/ld-linux-x86-64.so.2` so that
+  # it can be used as the dynamic linker for non-NixOS binaries.
+  #
+  # nix-ld works like a middleware between the actual link loader located at `/nix/store/.../ld-linux-x86-64.so.2`
+  # and the non-NixOS binaries. It will:
+  #
+  #   1. read the `NIX_LD` environment variable and use it to find the actual link loader.
+  #   2. read the `NIX_LD_LIBRARY_PATH` environment variable and use it to set the `LD_LIBRARY_PATH` environment variable
+  #      for the actual link loader.
+  #
+  # nix-ld's nixos module will set default values for `NIX_LD` and `NIX_LD_LIBRARY_PATH` environment variables, so
+  # it can work out of the box:
+  #
+  #  - https://github.com/NixOS/nixpkgs/blob/nixos-25.11/nixos/modules/programs/nix-ld.nix#L37-L40
+  #
+  # You can overwrite `NIX_LD_LIBRARY_PATH` in the environment where you run the non-NixOS binaries to customize the
+  # search path for shared libraries.
+  programs.nix-ld = {
+    enable = true;
+    libraries = with pkgs; [
+      stdenv.cc.cc
+    ];
+  };
+
   environment.systemPackages = with pkgs; [
     nodejs_24
     pnpm

hosts/idols-kana/README.md

@@ -1,3 +1,3 @@
 # Idols - Kana
 
-TODO
+Run AI Agents

hosts/idols-kana/default.nix

@@ -14,8 +14,11 @@ let
   inherit (myvars.networking) proxyGateway proxyGateway6 nameservers;
   inherit (myvars.networking.hostsAddr.${hostName}) iface ipv4;
   ipv4WithMask = "${ipv4}/24";
-in {
+in
-  imports = mylib.scanPaths ./.;
+{
+  imports = [
+    ../idols-ruby/packages.nix
+  ];
 
   # supported file systems, so we can mount any removable disks with these filesystems
   boot.supportedFilesystems = [
@@ -29,7 +32,7 @@ in {
     "exfat"
   ];
 
-  boot.kernelModules = ["kvm-amd"];
+  boot.kernelModules = [ "kvm-amd" ];
   boot.extraModprobeConfig = "options kvm_amd nested=1"; # for amd cpu
 
   networking = {
@@ -44,9 +47,9 @@ in {
   systemd.network.enable = true;
 
   systemd.network.networks."10-${iface}" = {
-    matchConfig.Name = [iface];
+    matchConfig.Name = [ iface ];
     networkConfig = {
-      Address = [ipv4WithMask];
+      Address = [ ipv4WithMask ];
       DNS = nameservers;
       DHCP = "ipv6"; # enable DHCPv6 only, so we can get a GUA.
       IPv6AcceptRA = true; # for Stateless IPv6 Autoconfiguraton (SLAAC)

hosts/idols-kana/home.nix

@@ -0,0 +1,3 @@
+{
+  imports = [ ../idols-ruby/home.nix ];
+}

hosts/idols-ruby/README.md

@@ -1,3 +1,3 @@
 # Idols - Ruby
 
-TODO
+Run AI Agents

hosts/idols-ruby/default.nix

@@ -14,8 +14,11 @@ let
   inherit (myvars.networking) proxyGateway proxyGateway6 nameservers;
   inherit (myvars.networking.hostsAddr.${hostName}) iface ipv4;
   ipv4WithMask = "${ipv4}/24";
-in {
+in
-  imports = mylib.scanPaths ./.;
+{
+  imports = [
+    ./packages.nix
+  ];
 
   # Enable binfmt emulation of aarch64-linux, this is required for cross compilation.
   boot.binfmt.emulatedSystems = [
@@ -38,7 +41,7 @@ in {
     "exfat"
   ];
 
-  boot.kernelModules = ["kvm-amd"];
+  boot.kernelModules = [ "kvm-amd" ];
   boot.extraModprobeConfig = "options kvm_amd nested=1"; # for amd cpu
 
   networking = {
@@ -53,9 +56,9 @@ in {
   systemd.network.enable = true;
 
   systemd.network.networks."10-${iface}" = {
-    matchConfig.Name = [iface];
+    matchConfig.Name = [ iface ];
     networkConfig = {
-      Address = [ipv4WithMask];
+      Address = [ ipv4WithMask ];
       DNS = nameservers;
       DHCP = "ipv6"; # enable DHCPv6 only, so we can get a GUA.
       IPv6AcceptRA = true; # for Stateless IPv6 Autoconfiguraton (SLAAC)

hosts/idols-ruby/home.nix

@@ -0,0 +1,21 @@
+{
+  programs.gh.enable = true;
+  programs.git.enable = true;
+
+  programs.zellij.enable = true;
+  programs.bash.enable = true;
+  programs.nushell.enable = true;
+
+  programs.starship = {
+    enable = true;
+    enableBashIntegration = true;
+    enableNushellIntegration = true;
+  };
+  programs.neovim = {
+    enable = true;
+    viAlias = true;
+    vimAlias = true;
+  };
+
+  home.stateVersion = "25.11";
+}

hosts/idols-ruby/packages.nix

@@ -0,0 +1,81 @@
+{ pkgs, ... }:
+{
+  # https://github.com/Mic92/nix-ld
+  #
+  # nix-ld will install itself at `/lib64/ld-linux-x86-64.so.2` so that
+  # it can be used as the dynamic linker for non-NixOS binaries.
+  #
+  # nix-ld works like a middleware between the actual link loader located at `/nix/store/.../ld-linux-x86-64.so.2`
+  # and the non-NixOS binaries. It will:
+  #
+  #   1. read the `NIX_LD` environment variable and use it to find the actual link loader.
+  #   2. read the `NIX_LD_LIBRARY_PATH` environment variable and use it to set the `LD_LIBRARY_PATH` environment variable
+  #      for the actual link loader.
+  #
+  # nix-ld's nixos module will set default values for `NIX_LD` and `NIX_LD_LIBRARY_PATH` environment variables, so
+  # it can work out of the box:
+  #
+  #  - https://github.com/NixOS/nixpkgs/blob/nixos-25.11/nixos/modules/programs/nix-ld.nix#L37-L40
+  #
+  # You can overwrite `NIX_LD_LIBRARY_PATH` in the environment where you run the non-NixOS binaries to customize the
+  # search path for shared libraries.
+  programs.nix-ld = {
+    enable = true;
+    libraries = with pkgs; [
+      stdenv.cc.cc
+    ];
+  };
+
+  environment.systemPackages = with pkgs; [
+    nodejs_24
+    pnpm
+
+    #-- python
+    conda
+    uv # python project package manager
+    pipx # Install and Run Python Applications in Isolated Environments
+    (python313.withPackages (
+      ps: with ps; [
+        pandas
+        requests
+        pyquery
+        pyyaml
+        numpy
+
+        # model downloaders
+        huggingface-hub
+        modelscope
+      ]
+    ))
+
+    rustc
+    cargo # rust package manager
+    go
+
+    # cryptography
+    age
+    sops
+    rclone
+    gnupg
+
+    # cloud-native
+    kubectl
+    istioctl
+    kubevirt # virtctl
+    kubernetes-helm
+    fluxcd
+    terraform
+
+    # db related
+    pgcli
+    mongosh
+    sqlite
+
+    yt-dlp # youtube/bilibili/soundcloud/... video/music downloader
+
+    # need to run `conda-install` before using it
+    # need to run `conda-shell` before using command `conda`
+    # conda is not available for MacOS
+    conda
+  ];
+}

outputs/x86_64-linux/src/idols-kana.nix

@@ -31,6 +31,10 @@ let
       ])
       ++ [
       ];
+    home-modules = map mylib.relativeToRoot [
+      # host specific
+      "hosts/idols-${name}/home.nix"
+    ];
   };
 
   systemArgs = modules // args;

outputs/x86_64-linux/src/idols-ruby.nix

@@ -32,7 +32,8 @@ let
       ++ [
       ];
     home-modules = map mylib.relativeToRoot [
-      "home/linux/tui.nix"
+      # host specific
+      "hosts/idols-${name}/home.nix"
     ];
   };
 

utils.nu

@@ -81,7 +81,7 @@ export def upload-vm [
         nix build $target
     }
 
-    let remote = $"ryan@rakushun:/data/caddy/fileserver/vms/kubevirt-($name).qcow2"
+    let remote = $"root@192.168.5.178:/data/caddy/fileserver/vms/kubevirt-($name).qcow2"
-    rsync -avz --progress --copy-links --checksum result $remote
+    rsync -avz --progress --copy-links --checksum result/nixos-image-*.qcow2 $remote
 }