added lain
This commit is contained in:
parent
bbe2030d61
commit
94efe8a7e2
6 changed files with 135 additions and 6 deletions
|
@ -29,11 +29,6 @@ with lib; {
|
||||||
fish.enable = true;
|
fish.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
deployment.tags = [ "all" ];
|
|
||||||
deployment.targetHost = mkDefault config.networking.fqdn;
|
|
||||||
deployment.targetPort = mkDefault 22;
|
|
||||||
deployment.targetUser = mkDefault null;
|
|
||||||
|
|
||||||
security.dhparams.defaultBitSize = 4096;
|
security.dhparams.defaultBitSize = 4096;
|
||||||
|
|
||||||
system.activationScripts.motd.text = let
|
system.activationScripts.motd.text = let
|
||||||
|
|
99
config/hosts/lain/configuration.nix
Normal file
99
config/hosts/lain/configuration.nix
Normal file
|
@ -0,0 +1,99 @@
|
||||||
|
{ config, inputs, lib, pkgs, ... }: {
|
||||||
|
imports = [
|
||||||
|
inputs.nixos-hardware.nixosModules.raspberry-pi-4
|
||||||
|
../../common
|
||||||
|
../../profiles/headless.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
console.enable = false;
|
||||||
|
|
||||||
|
deployment = {
|
||||||
|
targetHost = "192.168.178.170";
|
||||||
|
targetUser = "nixos";
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
kodiPackages.jellyfin
|
||||||
|
kodiPackages.keymap
|
||||||
|
libcec
|
||||||
|
libraspberrypi
|
||||||
|
raspberrypi-eeprom
|
||||||
|
];
|
||||||
|
fileSystems = {
|
||||||
|
"/" = {
|
||||||
|
device = "/dev/disk/by-label/NIXOS_SD";
|
||||||
|
fsType = "ext4";
|
||||||
|
options = [ "noatime" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
hardware = {
|
||||||
|
bluetooth.enable = true;
|
||||||
|
deviceTree.enable = true;
|
||||||
|
raspberry-pi."4" = {
|
||||||
|
audio.enable = false;
|
||||||
|
apply-overlays-dtmerge.enable = true;
|
||||||
|
fkms-3d.enable = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
kyouma.machine-type.physical = true;
|
||||||
|
|
||||||
|
nixpkgs.overlays = [
|
||||||
|
(self: super: { libcec = super.libcec.override { withLibraspberrypi = true; }; })
|
||||||
|
];
|
||||||
|
|
||||||
|
networking.hostName = "lain";
|
||||||
|
networking.networkmanager.enable = true;
|
||||||
|
systemd.network.enable = lib.mkForce false;
|
||||||
|
|
||||||
|
systemd.sockets."cec-client" = {
|
||||||
|
after = [ "dev-vchiq.device" ];
|
||||||
|
bindsTo = [ "dev-vchiq.device" ];
|
||||||
|
wantedBy = [ "sockets.target" ];
|
||||||
|
socketConfig = {
|
||||||
|
ListenFIFO = "/run/cec.fifo";
|
||||||
|
SocketGroup = "video";
|
||||||
|
SocketMode = "0660";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
systemd.services."cec-client" = {
|
||||||
|
after = [ "dev-vchiq.device" ];
|
||||||
|
bindsTo = [ "dev-vchiq.device" ];
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStart = ''${pkgs.libcec}/bin/cec-client -d 1'';
|
||||||
|
ExecStop = ''/bin/sh -c "echo q > /run/cec.fifo"'';
|
||||||
|
StandardInput = "socket";
|
||||||
|
StandardOutput = "journal";
|
||||||
|
Restart="no";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.avahi = {
|
||||||
|
enable = true;
|
||||||
|
ipv6 = true;
|
||||||
|
nssmdns4 = true;
|
||||||
|
publish.enable = true;
|
||||||
|
publish.userServices = true;
|
||||||
|
};
|
||||||
|
services.cage = {
|
||||||
|
enable = true;
|
||||||
|
program = "${pkgs.kodi-wayland}/bin/kodi-standalone";
|
||||||
|
user = "kodi";
|
||||||
|
};
|
||||||
|
services.fstrim.enable = true;
|
||||||
|
services.pipewire = {
|
||||||
|
enable = true;
|
||||||
|
alsa.enable = true;
|
||||||
|
pulse.enable = true;
|
||||||
|
};
|
||||||
|
services.udev.extraRules = ''
|
||||||
|
# allow access to raspi cec device for video group (and optionally register it as a systemd device, used below)
|
||||||
|
KERNEL=="vchiq", GROUP="video", MODE="0660", TAG+="systemd", ENV{SYSTEMD_ALIAS}="/dev/vchiq"
|
||||||
|
'';
|
||||||
|
|
||||||
|
users.mutableUsers = lib.mkForce true;
|
||||||
|
users.users.kodi.extraGroups = [ "video" ];
|
||||||
|
users.extraUsers.kodi.isNormalUser = true;
|
||||||
|
}
|
15
config/hosts/lain/iso.nix
Normal file
15
config/hosts/lain/iso.nix
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
{ config, lib, inputs, ... }: {
|
||||||
|
imports = [
|
||||||
|
"${inputs.nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
|
||||||
|
./configuration.nix
|
||||||
|
];
|
||||||
|
networking.networkmanager.enable = lib.mkForce false;
|
||||||
|
networking.wireless = {
|
||||||
|
enable = true;
|
||||||
|
networks."Fernmeldestelle".psk = null;
|
||||||
|
interfaces = [ "wlan0" ];
|
||||||
|
};
|
||||||
|
users.users.emily = {
|
||||||
|
initialPassword = "changeme";
|
||||||
|
};
|
||||||
|
}
|
|
@ -7,6 +7,7 @@
|
||||||
./disko.nix
|
./disko.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
|
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
|
||||||
boot.extraModprobeConfig = ''
|
boot.extraModprobeConfig = ''
|
||||||
options i915 enable_guc=3
|
options i915 enable_guc=3
|
||||||
'';
|
'';
|
||||||
|
|
|
@ -14,6 +14,7 @@
|
||||||
|
|
||||||
security.pam.services.swaylock = {};
|
security.pam.services.swaylock = {};
|
||||||
|
|
||||||
|
services.dbus.packages = [ pkgs.gcr ];
|
||||||
services.geoclue2.enable = true;
|
services.geoclue2.enable = true;
|
||||||
|
|
||||||
services.pipewire = {
|
services.pipewire = {
|
||||||
|
@ -635,6 +636,7 @@
|
||||||
services.gpg-agent = {
|
services.gpg-agent = {
|
||||||
enable = true;
|
enable = true;
|
||||||
enableSshSupport = true;
|
enableSshSupport = true;
|
||||||
|
pinentryPackage = pkgs.pinentry-gnome3;
|
||||||
};
|
};
|
||||||
|
|
||||||
services.swayidle =
|
services.swayidle =
|
||||||
|
|
19
flake.nix
19
flake.nix
|
@ -23,14 +23,23 @@
|
||||||
|
|
||||||
outputs = { self, nixpkgs, flake-utils, ... }@inputs: {
|
outputs = { self, nixpkgs, flake-utils, ... }@inputs: {
|
||||||
colmena = let
|
colmena = let
|
||||||
hosts = [ "web-dus" "crime" "ryuuko" ];
|
hosts = [ "web-dus" "crime" "ryuuko" "lain" ];
|
||||||
hostCfg = hostname: {
|
hostCfg = hostname: {
|
||||||
imports = [ (./config/hosts/${hostname}/configuration.nix) ];
|
imports = [ (./config/hosts/${hostname}/configuration.nix) ];
|
||||||
|
deployment = with nixpkgs.lib; {
|
||||||
|
tags = [ "all" ];
|
||||||
|
targetHost = mkDefault config.networking.fqdn;
|
||||||
|
targetPort = mkDefault 22;
|
||||||
|
targetUser = mkDefault null;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
meta = {
|
meta = {
|
||||||
allowApplyAll = false;
|
allowApplyAll = false;
|
||||||
nixpkgs = nixpkgs.legacyPackages.x86_64-linux;
|
nixpkgs = nixpkgs.legacyPackages.x86_64-linux;
|
||||||
|
nodeNixpkgs = {
|
||||||
|
lain = nixpkgs.legacyPackages.aarch64-linux;
|
||||||
|
};
|
||||||
specialArgs = { inherit inputs; };
|
specialArgs = { inherit inputs; };
|
||||||
};
|
};
|
||||||
} // (builtins.listToAttrs (builtins.map (hosts: nixpkgs.lib.attrsets.nameValuePair hosts (hostCfg hosts)) hosts));
|
} // (builtins.listToAttrs (builtins.map (hosts: nixpkgs.lib.attrsets.nameValuePair hosts (hostCfg hosts)) hosts));
|
||||||
|
@ -44,7 +53,15 @@
|
||||||
./config/hosts/ryuuko/disko.nix
|
./config/hosts/ryuuko/disko.nix
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
lain = nixpkgs.lib.nixosSystem {
|
||||||
|
system = "aarch64-linux";
|
||||||
|
specialArgs = { inherit inputs; };
|
||||||
|
modules = [
|
||||||
|
./config/hosts/lain/iso.nix
|
||||||
|
];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
images.lain = self.nixosConfigurations.lain.config.system.build.sdImage;
|
||||||
} // flake-utils.lib.eachDefaultSystem (system: let
|
} // flake-utils.lib.eachDefaultSystem (system: let
|
||||||
pkgs = nixpkgs.legacyPackages.${system};
|
pkgs = nixpkgs.legacyPackages.${system};
|
||||||
in {
|
in {
|
||||||
|
|
Loading…
Reference in a new issue