added lain

This commit is contained in:
emily 2024-03-27 23:39:09 +01:00
parent bbe2030d61
commit 94efe8a7e2
Signed by: emily
GPG key ID: F6F4C66207FCF995
6 changed files with 135 additions and 6 deletions

View file

@ -29,11 +29,6 @@ with lib; {
fish.enable = true; fish.enable = true;
}; };
deployment.tags = [ "all" ];
deployment.targetHost = mkDefault config.networking.fqdn;
deployment.targetPort = mkDefault 22;
deployment.targetUser = mkDefault null;
security.dhparams.defaultBitSize = 4096; security.dhparams.defaultBitSize = 4096;
system.activationScripts.motd.text = let system.activationScripts.motd.text = let

View file

@ -0,0 +1,99 @@
{ config, inputs, lib, pkgs, ... }: {
imports = [
inputs.nixos-hardware.nixosModules.raspberry-pi-4
../../common
../../profiles/headless.nix
];
boot.loader.efi.canTouchEfiVariables = true;
console.enable = false;
deployment = {
targetHost = "192.168.178.170";
targetUser = "nixos";
};
environment.systemPackages = with pkgs; [
kodiPackages.jellyfin
kodiPackages.keymap
libcec
libraspberrypi
raspberrypi-eeprom
];
fileSystems = {
"/" = {
device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4";
options = [ "noatime" ];
};
};
hardware = {
bluetooth.enable = true;
deviceTree.enable = true;
raspberry-pi."4" = {
audio.enable = false;
apply-overlays-dtmerge.enable = true;
fkms-3d.enable = true;
};
};
kyouma.machine-type.physical = true;
nixpkgs.overlays = [
(self: super: { libcec = super.libcec.override { withLibraspberrypi = true; }; })
];
networking.hostName = "lain";
networking.networkmanager.enable = true;
systemd.network.enable = lib.mkForce false;
systemd.sockets."cec-client" = {
after = [ "dev-vchiq.device" ];
bindsTo = [ "dev-vchiq.device" ];
wantedBy = [ "sockets.target" ];
socketConfig = {
ListenFIFO = "/run/cec.fifo";
SocketGroup = "video";
SocketMode = "0660";
};
};
systemd.services."cec-client" = {
after = [ "dev-vchiq.device" ];
bindsTo = [ "dev-vchiq.device" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = ''${pkgs.libcec}/bin/cec-client -d 1'';
ExecStop = ''/bin/sh -c "echo q > /run/cec.fifo"'';
StandardInput = "socket";
StandardOutput = "journal";
Restart="no";
};
};
services.avahi = {
enable = true;
ipv6 = true;
nssmdns4 = true;
publish.enable = true;
publish.userServices = true;
};
services.cage = {
enable = true;
program = "${pkgs.kodi-wayland}/bin/kodi-standalone";
user = "kodi";
};
services.fstrim.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
pulse.enable = true;
};
services.udev.extraRules = ''
# allow access to raspi cec device for video group (and optionally register it as a systemd device, used below)
KERNEL=="vchiq", GROUP="video", MODE="0660", TAG+="systemd", ENV{SYSTEMD_ALIAS}="/dev/vchiq"
'';
users.mutableUsers = lib.mkForce true;
users.users.kodi.extraGroups = [ "video" ];
users.extraUsers.kodi.isNormalUser = true;
}

15
config/hosts/lain/iso.nix Normal file
View file

@ -0,0 +1,15 @@
{ config, lib, inputs, ... }: {
imports = [
"${inputs.nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
./configuration.nix
];
networking.networkmanager.enable = lib.mkForce false;
networking.wireless = {
enable = true;
networks."Fernmeldestelle".psk = null;
interfaces = [ "wlan0" ];
};
users.users.emily = {
initialPassword = "changeme";
};
}

View file

@ -7,6 +7,7 @@
./disko.nix ./disko.nix
]; ];
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
boot.extraModprobeConfig = '' boot.extraModprobeConfig = ''
options i915 enable_guc=3 options i915 enable_guc=3
''; '';

View file

@ -14,6 +14,7 @@
security.pam.services.swaylock = {}; security.pam.services.swaylock = {};
services.dbus.packages = [ pkgs.gcr ];
services.geoclue2.enable = true; services.geoclue2.enable = true;
services.pipewire = { services.pipewire = {
@ -635,6 +636,7 @@
services.gpg-agent = { services.gpg-agent = {
enable = true; enable = true;
enableSshSupport = true; enableSshSupport = true;
pinentryPackage = pkgs.pinentry-gnome3;
}; };
services.swayidle = services.swayidle =

View file

@ -23,14 +23,23 @@
outputs = { self, nixpkgs, flake-utils, ... }@inputs: { outputs = { self, nixpkgs, flake-utils, ... }@inputs: {
colmena = let colmena = let
hosts = [ "web-dus" "crime" "ryuuko" ]; hosts = [ "web-dus" "crime" "ryuuko" "lain" ];
hostCfg = hostname: { hostCfg = hostname: {
imports = [ (./config/hosts/${hostname}/configuration.nix) ]; imports = [ (./config/hosts/${hostname}/configuration.nix) ];
deployment = with nixpkgs.lib; {
tags = [ "all" ];
targetHost = mkDefault config.networking.fqdn;
targetPort = mkDefault 22;
targetUser = mkDefault null;
};
}; };
in { in {
meta = { meta = {
allowApplyAll = false; allowApplyAll = false;
nixpkgs = nixpkgs.legacyPackages.x86_64-linux; nixpkgs = nixpkgs.legacyPackages.x86_64-linux;
nodeNixpkgs = {
lain = nixpkgs.legacyPackages.aarch64-linux;
};
specialArgs = { inherit inputs; }; specialArgs = { inherit inputs; };
}; };
} // (builtins.listToAttrs (builtins.map (hosts: nixpkgs.lib.attrsets.nameValuePair hosts (hostCfg hosts)) hosts)); } // (builtins.listToAttrs (builtins.map (hosts: nixpkgs.lib.attrsets.nameValuePair hosts (hostCfg hosts)) hosts));
@ -44,7 +53,15 @@
./config/hosts/ryuuko/disko.nix ./config/hosts/ryuuko/disko.nix
]; ];
}; };
lain = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
specialArgs = { inherit inputs; };
modules = [
./config/hosts/lain/iso.nix
];
};
}; };
images.lain = self.nixosConfigurations.lain.config.system.build.sdImage;
} // flake-utils.lib.eachDefaultSystem (system: let } // flake-utils.lib.eachDefaultSystem (system: let
pkgs = nixpkgs.legacyPackages.${system}; pkgs = nixpkgs.legacyPackages.${system};
in { in {