diff --git a/disko/wheatley/default.nix b/disko/wheatley/default.nix new file mode 100644 index 0000000..0e892ff --- /dev/null +++ b/disko/wheatley/default.nix @@ -0,0 +1,47 @@ +{ + disko = { + devices = { + disk = { + disk1 = { + imageSize = "20G"; + type = "disk"; + device = "/dev/mmcblk0"; + content = { + type = "gpt"; + partitions = { + firmware = { + size = "30M"; + priority = 1; + type = "0700"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/firmware"; + }; + }; + boot = { + size = "1G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + root = { + name = "root"; + size = "100%"; + content = { + type = "filesystem"; + extraArgs = []; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/flake.lock b/flake.lock index ee260bd..d00793b 100644 --- a/flake.lock +++ b/flake.lock @@ -103,11 +103,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1730928062, - "narHash": "sha256-fXwp5vmq313QEu180EsPr0YT0OqVDlcebNYxxZ7mMLw=", + "lastModified": 1732855386, + "narHash": "sha256-IyZzKBcs2NGcbi48NcA/IZG7NUBqnYT4McOWh5uTMnE=", "owner": "koverstreet", "repo": "bcachefs-tools", - "rev": "d4932bf0e32375451e7cfd4b776bb5c470e9afb8", + "rev": "6829fb201072c495ce9e97850664540a0f8294f1", "type": "github" }, "original": { @@ -234,11 +234,11 @@ }, "catppuccin": { "locked": { - "lastModified": 1731232837, - "narHash": "sha256-0aIwr/RC/oe7rYkfJb47xjdEQDSNcqpFGsEa+EPlDEs=", + "lastModified": 1732838231, + "narHash": "sha256-KJTRqfEcGpONBK/6BkMdWmbGth0r/nYWY3k/rvZl4es=", "owner": "catppuccin", "repo": "nix", - "rev": "32359bf226fe874d3b7a0a5753d291a4da9616fe", + "rev": "becc64812c8d6af24dedc2f75c5c63ebf778a115", "type": "github" }, "original": { @@ -503,11 +503,11 @@ ] }, "locked": { - "lastModified": 1732540163, - "narHash": "sha256-5EYzmoTpem2IB9JWzd41sL98pz3lyyCSTiCjv08i4Uk=", + "lastModified": 1732894783, + "narHash": "sha256-7hBU7L07hYPNjamlm/v5scUUwsHQJvyb1a4flozHNt0=", "owner": "nix-community", "repo": "disko", - "rev": "2ed5e30fc7e34adf455db8b02b9151d3922a54ea", + "rev": "a75ba3b87b7ff230ca8b3a1fbfd4ad907a1a5fa2", "type": "github" }, "original": { @@ -1000,11 +1000,11 @@ ] }, "locked": { - "lastModified": 1732482255, - "narHash": "sha256-GUffLwzawz5WRVfWaWCg78n/HrBJrOG7QadFY6rtV8A=", + "lastModified": 1732884235, + "narHash": "sha256-r8j6R3nrvwbT1aUp4EPQ1KC7gm0pu9VcV1aNaB+XG6Q=", "owner": "nix-community", "repo": "home-manager", - "rev": "a9953635d7f34e7358d5189751110f87e3ac17da", + "rev": "819f682269f4e002884702b87e445c82840c68f2", "type": "github" }, "original": { @@ -1041,11 +1041,11 @@ "nixpkgs": "nixpkgs_5" }, "locked": { - "lastModified": 1732606634, - "narHash": "sha256-msRynwdER2LcFXCxxGNKC3vSIZS+xCcBOn1SaSiVDxE=", + "lastModified": 1732739177, + "narHash": "sha256-iL32+TA/8geCzcL1r3uthrH/GPvbUak5QE++WJUkaiI=", "owner": "Jovian-Experiments", "repo": "Jovian-NixOS", - "rev": "39395c7e0105d9d24da7b91b8735cd310671197b", + "rev": "8d7b2149e618696d5100c2683af1ffa893f02a75", "type": "github" }, "original": { @@ -1392,11 +1392,11 @@ }, "nixpkgs-edge": { "locked": { - "lastModified": 1732632271, - "narHash": "sha256-pNaHDLub5HPtAcOzRdOaGRjvHNHWFmwPFwerLu4lQ94=", + "lastModified": 1732896563, + "narHash": "sha256-AxIaGRbQI5x+8dYkCnDItPAiDHqnfa8Dhb/QisJiRPs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8fc978774f5337284c9a9d2ec960df47d8b79c84", + "rev": "e6b629da2735d17d47e32626591f4d6fd3499fe7", "type": "github" }, "original": { @@ -1503,11 +1503,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1732014248, - "narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=", + "lastModified": 1732521221, + "narHash": "sha256-2ThgXBUXAE1oFsVATK1ZX9IjPcS4nKFOAjhPNKuiMn0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "23e89b7da85c3640bbc2173fe04f4bd114342367", + "rev": "4633a7c72337ea8fd23a4f2ba3972865e3ec685d", "type": "github" }, "original": { @@ -1631,11 +1631,11 @@ }, "nixpkgs_7": { "locked": { - "lastModified": 1732014248, - "narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=", + "lastModified": 1732521221, + "narHash": "sha256-2ThgXBUXAE1oFsVATK1ZX9IjPcS4nKFOAjhPNKuiMn0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "23e89b7da85c3640bbc2173fe04f4bd114342367", + "rev": "4633a7c72337ea8fd23a4f2ba3972865e3ec685d", "type": "github" }, "original": { @@ -1686,11 +1686,11 @@ ] }, "locked": { - "lastModified": 1732465698, - "narHash": "sha256-xiue+Kj2Jm8PwyZQcHl4CaYmMIgo5oi37hVHqiw2Unk=", + "lastModified": 1732639391, + "narHash": "sha256-kFtXjoCIqx9xe0ZryPXpqS6l/HVg71aNcuL8Y5e8+pI=", "owner": "pjones", "repo": "plasma-manager", - "rev": "16d65cd02b5de665d1bcfec1616c02c71a1014a6", + "rev": "06e3209d11797d9c741e25df06ab61048746bf93", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index c25d052..1f583fd 100644 --- a/flake.nix +++ b/flake.nix @@ -108,6 +108,7 @@ # Supported systems for your flake packages, shell, etc. systems = [ "x86_64-linux" + "aarch64-linux" ]; # This is a function that generates an attribute by calling a function you # pass to it, with each system as an argument @@ -234,6 +235,24 @@ ]; }; + wheatley = nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + specialArgs = {inherit inputs outputs;}; + modules = [ + ./nixos/hosts/wheatley/configuration.nix + sops-nix.nixosModules.sops + home-manager.nixosModules.home-manager + nixos-hardware.nixosModules.raspberry-pi-4 + catppuccin.nixosModules.catppuccin + stylix.nixosModules.stylix + { + home-manager.sharedModules = [ + inputs.catppuccin.homeManagerModules.catppuccin + ]; + } + ]; + }; + # ISO = nixpkgs.lib.nixosSystem { # system = "x86_64-linux"; # specialArgs = {inherit inputs outputs;}; diff --git a/home-manager/hosts/shodan/lillian.nix b/home-manager/hosts/shodan/lillian.nix index 52f1d3d..c054866 100644 --- a/home-manager/hosts/shodan/lillian.nix +++ b/home-manager/hosts/shodan/lillian.nix @@ -56,6 +56,8 @@ freetube obs-studio vlc + fcast-receiver + fcast-client # System tools: rage diff --git a/home-manager/hosts/wheatley/lillian.nix b/home-manager/hosts/wheatley/lillian.nix index afb1b42..5c9f377 100644 --- a/home-manager/hosts/wheatley/lillian.nix +++ b/home-manager/hosts/wheatley/lillian.nix @@ -11,8 +11,7 @@ # You can also split up your configuration and import pieces of it here: # ./nvim.nix - ../../package-configs/zsh.nix - ../../package-configs/helix.nix + ../../shared ]; nixpkgs = { diff --git a/nixos/desktop/default.nix b/nixos/desktop/default.nix index efdae88..db37969 100644 --- a/nixos/desktop/default.nix +++ b/nixos/desktop/default.nix @@ -170,6 +170,18 @@ dockerCompat = true; }; + services.avahi = { + nssmdns4 = true; + enable = true; + ipv4 = true; + ipv6 = true; + publish = { + enable = true; + addresses = true; + workstation = true; + }; + }; + security.tpm2.enable = true; security.tpm2.pkcs11.enable = true; # expose /run/current-system/sw/lib/libtpm2_pkcs11.so security.tpm2.tctiEnvironment.enable = true; # TPM2TOOLS_TCTI and TPM2_PKCS11_TCTI env variables diff --git a/nixos/hosts/GLaDOS/configuration.nix b/nixos/hosts/GLaDOS/configuration.nix index f4e7041..73ffc6f 100644 --- a/nixos/hosts/GLaDOS/configuration.nix +++ b/nixos/hosts/GLaDOS/configuration.nix @@ -66,6 +66,7 @@ }; boot.loader.systemd-boot.enable = true; + boot.binfmt.emulatedSystems = ["aarch64-linux"]; # boot.lanzaboote = { # enable = true; diff --git a/nixos/hosts/shodan/configuration.nix b/nixos/hosts/shodan/configuration.nix index f89c6a6..7e693da 100644 --- a/nixos/hosts/shodan/configuration.nix +++ b/nixos/hosts/shodan/configuration.nix @@ -124,6 +124,18 @@ services.desktopManager.plasma6.enable = true; programs.kdeconnect.enable = true; + services.avahi = { + nssmdns4 = true; + enable = true; + ipv4 = true; + ipv6 = true; + publish = { + enable = true; + addresses = true; + workstation = true; + }; + }; + services.displayManager.defaultSession = "plasma"; services.displayManager.sddm.wayland.enable = lib.mkForce true; services.displayManager.sddm.settings = { diff --git a/nixos/hosts/wheatley/configuration.nix b/nixos/hosts/wheatley/configuration.nix index b609001..64009a5 100644 --- a/nixos/hosts/wheatley/configuration.nix +++ b/nixos/hosts/wheatley/configuration.nix @@ -12,11 +12,12 @@ imports = [ inputs.home-manager.nixosModules.home-manager - ./armv7l.nix ./hardware-configuration.nix # Import shared configurations ../../shared + # ../../../disko/wheatley + inputs.nixos-hardware.nixosModules.raspberry-pi-4 ]; boot.loader.generic-extlinux-compatible.enable = true; @@ -32,6 +33,10 @@ nixpkgs = { # You can add overlays here overlays = [ + (final: super: { + makeModulesClosure = x: + super.makeModulesClosure (x // {allowMissing = true;}); + }) ]; # Configure your nixpkgs instance config = { @@ -40,6 +45,8 @@ }; }; + hardware.raspberry-pi."4".fkms-3d.enable = true; + sops.defaultSopsFile = ./secrets/sops.yaml; sops.secrets."wireless.env".mode = "0440"; @@ -49,6 +56,7 @@ age git htop + libraspberrypi ]; boot.kernelParams = [ @@ -78,20 +86,21 @@ }; networking.wireless.enable = true; - networking.wireless.environmentFile = config.sops.secrets."wireless.env".path; - networking.wireless.networks."KPNAA6306" = { - hidden = true; - auth = '' - key_mgmt=WPA-PSK - password="@PSK_HOME@" - ''; - }; + networking.networkmanager.wifi.powersave = false; + # networking.wireless.environmentFile = config.sops.secrets."wireless.env".path; + # networking.wireless.networks."KPNAA6306" = { + # hidden = true; + # auth = '' + # key_mgmt=WPA-PSK + # password="@PSK_HOME@" + # ''; + # }; networking.firewall.enable = true; networking.firewall = { - allowedTCPPorts = [22 80 443 5335 8080]; - allowedUDPPorts = [5335]; + allowedTCPPorts = [22 80 443 5335 8080 46899 46898]; + allowedUDPPorts = [5335 46899 46898]; }; # Set your time zone. time.timeZone = "Europe/Amsterdam"; @@ -114,6 +123,8 @@ networking.hostName = "wheatley"; # Define your hostname + boot.kernelPackages = lib.mkForce pkgs.linuxKernel.packages.linux_rpi4; + boot.supportedFilesystems = lib.mkForce ["vfat" "btrfs" "tmpfs"]; networking.wireless.interfaces = ["enu1u1"]; # powerManagement.cpuFreqGovernor = "powersave"; diff --git a/nixos/hosts/wheatley/hardware-configuration.nix b/nixos/hosts/wheatley/hardware-configuration.nix index efbc691..13ea28d 100644 --- a/nixos/hosts/wheatley/hardware-configuration.nix +++ b/nixos/hosts/wheatley/hardware-configuration.nix @@ -1,49 +1,18 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. { - lib, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = ["usbhid"]; - boot.initrd.kernelModules = []; - boot.kernelModules = []; - boot.extraModulePackages = []; - - fileSystems = { - # Prior to 19.09, the boot partition was hosted on the smaller first partition - # Starting with 19.09, the /boot folder is on the main bigger partition. - # The following is to be used only with older images. Note such old images should not be considered supported anymore whatsoever, but if you installed back then, this might be needed - - # "/boot" = { - # device = "/dev/disk/by-label/FIRMWARE"; - # fsType = "vfat"; - # }; - - "/" = { - device = "/dev/disk/by-label/NIXOS_SD"; - fsType = "ext4"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-label/BOOT"; + fsType = "vfat"; }; - swapDevices = [{device = "/dev/disk/by-uuid/b299ad0d-37a0-43d6-9647-5f717aca7b3";}]; + fileSystems."/" = { + device = "/dev/disk/by-label/NIXOS"; + fsType = "ext4"; + options = ["noatime"]; + }; - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enu1u1.useDHCP = lib.mkDefault true; - # networking.interfaces.ip6tnl0.useDHCP = lib.mkDefault true; - # networking.interfaces.sit0.useDHCP = lib.mkDefault true; - # networking.interfaces.wlan0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "armv7l-linux"; - - powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; + swapDevices = [ + { + device = "/dev/disk/by-id/mmc-USD00_0x66b39865-part2"; + } + ]; }