Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Plano routing gateway

Dubnium owns the system/runtime side of Plano. User-level client configuration lives in ryjen/dotfiles through Home Manager modules.

Boundary

Dubnium
  systemd service lifecycle
  compute target integration
  vLLM/Ollama local model endpoint
  ai.slice placement
  runtime state under /var/lib and /var/cache

ryjen/dotfiles
  Home Manager user config
  ~/.config/planoai/dubnium.yaml
  ~/.config/model-router/profiles/local-first-dev.yaml
  shell environment and helper scripts

ryjen/model-router
  source policy schemas
  route-decision record semantics
  governance-oriented model-router design

Service model

The Plano workload module is defined at:

modules/workloads/plano.nix

It creates:

plano.service

When enabled, the service is attached to:

compute.target
ai.slice

It is intentionally disabled by default in hosts/workstation/default.nix.

Defaults

dubnium.plano = {
  enable = false;
  runtime = "external";
  externalExecutable = "/var/lib/plano/venv/bin/planoai";
  host = "127.0.0.1";
  port = 12000;
  localBaseUrl = "http://127.0.0.1:8000/v1";
  exposeOnTailscale = false;
};

The default local model endpoint assumes vllm.service is serving an OpenAI-compatible API on port 8000.

Enablement

Enable once the Plano executable exists:

dubnium.plano.enable = true;

For the current external runtime default, verify:

test -x /var/lib/plano/venv/bin/planoai

If Plano becomes available as a Nix package or overlay, switch to:

dubnium.plano = {
  enable = true;
  runtime = "package";
  package = pkgs.<plano-package>;
};

Validation

Dry-build the workstation target:

sudo nixos-rebuild build --flake .#workstation

Then inspect the generated unit:

systemctl cat plano.service

When enabled and in compute mode:

sudo mode request compute
systemctl status vllm.service
systemctl status plano.service

Check the gateway endpoint:

curl http://127.0.0.1:12000

The exact health endpoint may differ depending on Plano’s runtime API.

Security notes

  • Keep exposeOnTailscale = false until the gateway behavior is validated
  • Do not store cloud provider secrets in the generated config
  • Prefer environment files managed by sops-nix or another host secret provider
  • Treat Plano as routing infrastructure, not an authorization layer
  • Privacy and route policy belong above the gateway in model-router/Anthesis semantics

Failure behavior

The service fails closed if the configured Plano executable is missing because ExecStartPre checks that the executable exists.

Fallback between models must not bypass privacy, budget, safety, or approval failures. Those are policy failures, not operational retry events.