From db3d17f176b3e5f0c510e8fee22835e5b1321882 Mon Sep 17 00:00:00 2001 From: Lillian-Violet Date: Sun, 1 Dec 2024 01:02:32 +0100 Subject: [PATCH 1/9] add fcast stuff to shodan --- home-manager/hosts/shodan/lillian.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/home-manager/hosts/shodan/lillian.nix b/home-manager/hosts/shodan/lillian.nix index 52f1d3d..c054866 100644 --- a/home-manager/hosts/shodan/lillian.nix +++ b/home-manager/hosts/shodan/lillian.nix @@ -56,6 +56,8 @@ freetube obs-studio vlc + fcast-receiver + fcast-client # System tools: rage From ba59542e9769c46dd4b1401a7511621424379899 Mon Sep 17 00:00:00 2001 From: Lillian-Violet Date: Sun, 1 Dec 2024 01:40:11 +0100 Subject: [PATCH 2/9] add and enable avahi --- nixos/desktop/default.nix | 12 ++++++++++++ nixos/hosts/shodan/configuration.nix | 12 ++++++++++++ 2 files changed, 24 insertions(+) diff --git a/nixos/desktop/default.nix b/nixos/desktop/default.nix index efdae88..eec7786 100644 --- a/nixos/desktop/default.nix +++ b/nixos/desktop/default.nix @@ -170,6 +170,18 @@ dockerCompat = true; }; + services.avahi = { + nssmdns = true; + enable = true; + ipv4 = true; + ipv6 = true; + publish = { + enable = true; + addresses = true; + workstation = true; + }; + }; + security.tpm2.enable = true; security.tpm2.pkcs11.enable = true; # expose /run/current-system/sw/lib/libtpm2_pkcs11.so security.tpm2.tctiEnvironment.enable = true; # TPM2TOOLS_TCTI and TPM2_PKCS11_TCTI env variables diff --git a/nixos/hosts/shodan/configuration.nix b/nixos/hosts/shodan/configuration.nix index f89c6a6..d6c4998 100644 --- a/nixos/hosts/shodan/configuration.nix +++ b/nixos/hosts/shodan/configuration.nix @@ -124,6 +124,18 @@ services.desktopManager.plasma6.enable = true; programs.kdeconnect.enable = true; + services.avahi = { + nssmdns = true; + enable = true; + ipv4 = true; + ipv6 = true; + publish = { + enable = true; + addresses = true; + workstation = true; + }; + }; + services.displayManager.defaultSession = "plasma"; services.displayManager.sddm.wayland.enable = lib.mkForce true; services.displayManager.sddm.settings = { From 965fbba1eba774ee5983f202e4406455107851cf Mon Sep 17 00:00:00 2001 From: Lillian-Violet Date: Sun, 1 Dec 2024 01:42:34 +0100 Subject: [PATCH 3/9] renamed apparently --- nixos/desktop/default.nix | 2 +- nixos/hosts/shodan/configuration.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/nixos/desktop/default.nix b/nixos/desktop/default.nix index eec7786..db37969 100644 --- a/nixos/desktop/default.nix +++ b/nixos/desktop/default.nix @@ -171,7 +171,7 @@ }; services.avahi = { - nssmdns = true; + nssmdns4 = true; enable = true; ipv4 = true; ipv6 = true; diff --git a/nixos/hosts/shodan/configuration.nix b/nixos/hosts/shodan/configuration.nix index d6c4998..7e693da 100644 --- a/nixos/hosts/shodan/configuration.nix +++ b/nixos/hosts/shodan/configuration.nix @@ -125,7 +125,7 @@ programs.kdeconnect.enable = true; services.avahi = { - nssmdns = true; + nssmdns4 = true; enable = true; ipv4 = true; ipv6 = true; From ef6fd0bafd2b0fdf3646e94d69a69457878cc424 Mon Sep 17 00:00:00 2001 From: Lillian-Violet Date: Mon, 2 Dec 2024 20:44:03 +0100 Subject: [PATCH 4/9] add wheatley stuff, and aarch64 emulation on GLaDOS --- disko/wheatley/default.nix | 47 ++++++++++++++ flake.lock | 54 ++++++++-------- flake.nix | 19 ++++++ home-manager/hosts/wheatley/lillian.nix | 3 +- nixos/hosts/GLaDOS/configuration.nix | 1 + nixos/hosts/wheatley/configuration.nix | 22 +++---- .../hosts/wheatley/hardware-configuration.nix | 61 ++++++------------- 7 files changed, 125 insertions(+), 82 deletions(-) create mode 100644 disko/wheatley/default.nix diff --git a/disko/wheatley/default.nix b/disko/wheatley/default.nix new file mode 100644 index 0000000..0e892ff --- /dev/null +++ b/disko/wheatley/default.nix @@ -0,0 +1,47 @@ +{ + disko = { + devices = { + disk = { + disk1 = { + imageSize = "20G"; + type = "disk"; + device = "/dev/mmcblk0"; + content = { + type = "gpt"; + partitions = { + firmware = { + size = "30M"; + priority = 1; + type = "0700"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/firmware"; + }; + }; + boot = { + size = "1G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + root = { + name = "root"; + size = "100%"; + content = { + type = "filesystem"; + extraArgs = []; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/flake.lock b/flake.lock index ee260bd..d00793b 100644 --- a/flake.lock +++ b/flake.lock @@ -103,11 +103,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1730928062, - "narHash": "sha256-fXwp5vmq313QEu180EsPr0YT0OqVDlcebNYxxZ7mMLw=", + "lastModified": 1732855386, + "narHash": "sha256-IyZzKBcs2NGcbi48NcA/IZG7NUBqnYT4McOWh5uTMnE=", "owner": "koverstreet", "repo": "bcachefs-tools", - "rev": "d4932bf0e32375451e7cfd4b776bb5c470e9afb8", + "rev": "6829fb201072c495ce9e97850664540a0f8294f1", "type": "github" }, "original": { @@ -234,11 +234,11 @@ }, "catppuccin": { "locked": { - "lastModified": 1731232837, - "narHash": "sha256-0aIwr/RC/oe7rYkfJb47xjdEQDSNcqpFGsEa+EPlDEs=", + "lastModified": 1732838231, + "narHash": "sha256-KJTRqfEcGpONBK/6BkMdWmbGth0r/nYWY3k/rvZl4es=", "owner": "catppuccin", "repo": "nix", - "rev": "32359bf226fe874d3b7a0a5753d291a4da9616fe", + "rev": "becc64812c8d6af24dedc2f75c5c63ebf778a115", "type": "github" }, "original": { @@ -503,11 +503,11 @@ ] }, "locked": { - "lastModified": 1732540163, - "narHash": "sha256-5EYzmoTpem2IB9JWzd41sL98pz3lyyCSTiCjv08i4Uk=", + "lastModified": 1732894783, + "narHash": "sha256-7hBU7L07hYPNjamlm/v5scUUwsHQJvyb1a4flozHNt0=", "owner": "nix-community", "repo": "disko", - "rev": "2ed5e30fc7e34adf455db8b02b9151d3922a54ea", + "rev": "a75ba3b87b7ff230ca8b3a1fbfd4ad907a1a5fa2", "type": "github" }, "original": { @@ -1000,11 +1000,11 @@ ] }, "locked": { - "lastModified": 1732482255, - "narHash": "sha256-GUffLwzawz5WRVfWaWCg78n/HrBJrOG7QadFY6rtV8A=", + "lastModified": 1732884235, + "narHash": "sha256-r8j6R3nrvwbT1aUp4EPQ1KC7gm0pu9VcV1aNaB+XG6Q=", "owner": "nix-community", "repo": "home-manager", - "rev": "a9953635d7f34e7358d5189751110f87e3ac17da", + "rev": "819f682269f4e002884702b87e445c82840c68f2", "type": "github" }, "original": { @@ -1041,11 +1041,11 @@ "nixpkgs": "nixpkgs_5" }, "locked": { - "lastModified": 1732606634, - "narHash": "sha256-msRynwdER2LcFXCxxGNKC3vSIZS+xCcBOn1SaSiVDxE=", + "lastModified": 1732739177, + "narHash": "sha256-iL32+TA/8geCzcL1r3uthrH/GPvbUak5QE++WJUkaiI=", "owner": "Jovian-Experiments", "repo": "Jovian-NixOS", - "rev": "39395c7e0105d9d24da7b91b8735cd310671197b", + "rev": "8d7b2149e618696d5100c2683af1ffa893f02a75", "type": "github" }, "original": { @@ -1392,11 +1392,11 @@ }, "nixpkgs-edge": { "locked": { - "lastModified": 1732632271, - "narHash": "sha256-pNaHDLub5HPtAcOzRdOaGRjvHNHWFmwPFwerLu4lQ94=", + "lastModified": 1732896563, + "narHash": "sha256-AxIaGRbQI5x+8dYkCnDItPAiDHqnfa8Dhb/QisJiRPs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8fc978774f5337284c9a9d2ec960df47d8b79c84", + "rev": "e6b629da2735d17d47e32626591f4d6fd3499fe7", "type": "github" }, "original": { @@ -1503,11 +1503,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1732014248, - "narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=", + "lastModified": 1732521221, + "narHash": "sha256-2ThgXBUXAE1oFsVATK1ZX9IjPcS4nKFOAjhPNKuiMn0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "23e89b7da85c3640bbc2173fe04f4bd114342367", + "rev": "4633a7c72337ea8fd23a4f2ba3972865e3ec685d", "type": "github" }, "original": { @@ -1631,11 +1631,11 @@ }, "nixpkgs_7": { "locked": { - "lastModified": 1732014248, - "narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=", + "lastModified": 1732521221, + "narHash": "sha256-2ThgXBUXAE1oFsVATK1ZX9IjPcS4nKFOAjhPNKuiMn0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "23e89b7da85c3640bbc2173fe04f4bd114342367", + "rev": "4633a7c72337ea8fd23a4f2ba3972865e3ec685d", "type": "github" }, "original": { @@ -1686,11 +1686,11 @@ ] }, "locked": { - "lastModified": 1732465698, - "narHash": "sha256-xiue+Kj2Jm8PwyZQcHl4CaYmMIgo5oi37hVHqiw2Unk=", + "lastModified": 1732639391, + "narHash": "sha256-kFtXjoCIqx9xe0ZryPXpqS6l/HVg71aNcuL8Y5e8+pI=", "owner": "pjones", "repo": "plasma-manager", - "rev": "16d65cd02b5de665d1bcfec1616c02c71a1014a6", + "rev": "06e3209d11797d9c741e25df06ab61048746bf93", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index c25d052..1f583fd 100644 --- a/flake.nix +++ b/flake.nix @@ -108,6 +108,7 @@ # Supported systems for your flake packages, shell, etc. systems = [ "x86_64-linux" + "aarch64-linux" ]; # This is a function that generates an attribute by calling a function you # pass to it, with each system as an argument @@ -234,6 +235,24 @@ ]; }; + wheatley = nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + specialArgs = {inherit inputs outputs;}; + modules = [ + ./nixos/hosts/wheatley/configuration.nix + sops-nix.nixosModules.sops + home-manager.nixosModules.home-manager + nixos-hardware.nixosModules.raspberry-pi-4 + catppuccin.nixosModules.catppuccin + stylix.nixosModules.stylix + { + home-manager.sharedModules = [ + inputs.catppuccin.homeManagerModules.catppuccin + ]; + } + ]; + }; + # ISO = nixpkgs.lib.nixosSystem { # system = "x86_64-linux"; # specialArgs = {inherit inputs outputs;}; diff --git a/home-manager/hosts/wheatley/lillian.nix b/home-manager/hosts/wheatley/lillian.nix index afb1b42..5c9f377 100644 --- a/home-manager/hosts/wheatley/lillian.nix +++ b/home-manager/hosts/wheatley/lillian.nix @@ -11,8 +11,7 @@ # You can also split up your configuration and import pieces of it here: # ./nvim.nix - ../../package-configs/zsh.nix - ../../package-configs/helix.nix + ../../shared ]; nixpkgs = { diff --git a/nixos/hosts/GLaDOS/configuration.nix b/nixos/hosts/GLaDOS/configuration.nix index f4e7041..73ffc6f 100644 --- a/nixos/hosts/GLaDOS/configuration.nix +++ b/nixos/hosts/GLaDOS/configuration.nix @@ -66,6 +66,7 @@ }; boot.loader.systemd-boot.enable = true; + boot.binfmt.emulatedSystems = ["aarch64-linux"]; # boot.lanzaboote = { # enable = true; diff --git a/nixos/hosts/wheatley/configuration.nix b/nixos/hosts/wheatley/configuration.nix index b609001..3db790d 100644 --- a/nixos/hosts/wheatley/configuration.nix +++ b/nixos/hosts/wheatley/configuration.nix @@ -12,11 +12,11 @@ imports = [ inputs.home-manager.nixosModules.home-manager - ./armv7l.nix ./hardware-configuration.nix # Import shared configurations ../../shared + # ../../../disko/wheatley ]; boot.loader.generic-extlinux-compatible.enable = true; @@ -78,20 +78,20 @@ }; networking.wireless.enable = true; - networking.wireless.environmentFile = config.sops.secrets."wireless.env".path; - networking.wireless.networks."KPNAA6306" = { - hidden = true; - auth = '' - key_mgmt=WPA-PSK - password="@PSK_HOME@" - ''; - }; + # networking.wireless.environmentFile = config.sops.secrets."wireless.env".path; + # networking.wireless.networks."KPNAA6306" = { + # hidden = true; + # auth = '' + # key_mgmt=WPA-PSK + # password="@PSK_HOME@" + # ''; + # }; networking.firewall.enable = true; networking.firewall = { - allowedTCPPorts = [22 80 443 5335 8080]; - allowedUDPPorts = [5335]; + allowedTCPPorts = [22 80 443 5335 8080 46899 46898]; + allowedUDPPorts = [5335 46899 46898]; }; # Set your time zone. time.timeZone = "Europe/Amsterdam"; diff --git a/nixos/hosts/wheatley/hardware-configuration.nix b/nixos/hosts/wheatley/hardware-configuration.nix index efbc691..3b70b4f 100644 --- a/nixos/hosts/wheatley/hardware-configuration.nix +++ b/nixos/hosts/wheatley/hardware-configuration.nix @@ -1,49 +1,26 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. { - lib, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = ["usbhid"]; - boot.initrd.kernelModules = []; - boot.kernelModules = []; - boot.extraModulePackages = []; - - fileSystems = { - # Prior to 19.09, the boot partition was hosted on the smaller first partition - # Starting with 19.09, the /boot folder is on the main bigger partition. - # The following is to be used only with older images. Note such old images should not be considered supported anymore whatsoever, but if you installed back then, this might be needed - - # "/boot" = { - # device = "/dev/disk/by-label/FIRMWARE"; - # fsType = "vfat"; - # }; - - "/" = { - device = "/dev/disk/by-label/NIXOS_SD"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "none"; + fsType = "tmpfs"; + options = ["relatime" "mode=755" "size=75%"]; }; - swapDevices = [{device = "/dev/disk/by-uuid/b299ad0d-37a0-43d6-9647-5f717aca7b3";}]; + fileSystems."/boot" = { + device = "/dev/disk/by-label/BOOT"; + fsType = "vfat"; + }; - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enu1u1.useDHCP = lib.mkDefault true; - # networking.interfaces.ip6tnl0.useDHCP = lib.mkDefault true; - # networking.interfaces.sit0.useDHCP = lib.mkDefault true; - # networking.interfaces.wlan0.useDHCP = lib.mkDefault true; + fileSystems."/nix" = { + device = "/dev/disk/by-label/NIXOS"; + fsType = "btrfs"; + options = ["compress=zstd"]; + }; - nixpkgs.hostPlatform = lib.mkDefault "armv7l-linux"; + fileSystems."/swap" = { + device = "/dev/disk/by-label/NIXOS"; + fsType = "btrfs"; + options = ["noatime" "subvol=swap"]; + }; - powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; + swapDevices = [{device = "/swap/swapfile";}]; } From 526097d53b0da5248a2bfc82774fd5e45af6abf1 Mon Sep 17 00:00:00 2001 From: Lillian-Violet Date: Tue, 3 Dec 2024 00:28:51 +0100 Subject: [PATCH 5/9] change hardware config for wheatley to be more correct --- nixos/hosts/wheatley/hardware-configuration.nix | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/nixos/hosts/wheatley/hardware-configuration.nix b/nixos/hosts/wheatley/hardware-configuration.nix index 3b70b4f..ea10698 100644 --- a/nixos/hosts/wheatley/hardware-configuration.nix +++ b/nixos/hosts/wheatley/hardware-configuration.nix @@ -12,15 +12,12 @@ fileSystems."/nix" = { device = "/dev/disk/by-label/NIXOS"; - fsType = "btrfs"; - options = ["compress=zstd"]; + fsType = "ext4"; + options = []; }; - fileSystems."/swap" = { - device = "/dev/disk/by-label/NIXOS"; - fsType = "btrfs"; - options = ["noatime" "subvol=swap"]; + swapDevices = { + device = "/dev/disk/by-id/mmc-USD00_0x66b39865-part2"; + fsType = "linux-swap"; }; - - swapDevices = [{device = "/swap/swapfile";}]; } From a974139862c5628650b9e0d0d65d496e5d4fccfc Mon Sep 17 00:00:00 2001 From: Lillian-Violet Date: Tue, 3 Dec 2024 00:33:20 +0100 Subject: [PATCH 6/9] add the raspberry pi 4 configuration things to wheatley --- nixos/hosts/wheatley/configuration.nix | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/nixos/hosts/wheatley/configuration.nix b/nixos/hosts/wheatley/configuration.nix index 3db790d..561b2c6 100644 --- a/nixos/hosts/wheatley/configuration.nix +++ b/nixos/hosts/wheatley/configuration.nix @@ -17,6 +17,7 @@ # Import shared configurations ../../shared # ../../../disko/wheatley + inputs.nixos-hardware.nixosModules.raspberrt-pi-4 ]; boot.loader.generic-extlinux-compatible.enable = true; @@ -32,6 +33,10 @@ nixpkgs = { # You can add overlays here overlays = [ + (final: super: { + makeModulesClosure = x: + super.makeModulesClosure (x // {allowMissing = true;}); + }) ]; # Configure your nixpkgs instance config = { @@ -40,6 +45,8 @@ }; }; + hardware.raspberry-pi."4".fkms-3d.enable = true; + sops.defaultSopsFile = ./secrets/sops.yaml; sops.secrets."wireless.env".mode = "0440"; @@ -49,6 +56,7 @@ age git htop + libraspberrypi ]; boot.kernelParams = [ @@ -78,6 +86,7 @@ }; networking.wireless.enable = true; + networking.networkmanager.wifi.powersave = false; # networking.wireless.environmentFile = config.sops.secrets."wireless.env".path; # networking.wireless.networks."KPNAA6306" = { # hidden = true; @@ -114,6 +123,8 @@ networking.hostName = "wheatley"; # Define your hostname + boot.kernelPackages = lib.mkForce pkgs.linuxKernel.packages.linux_rpi4; + boot.supportedFilesystems = lib.mkForce ["vfat" "btrfs" "tmpfs"]; networking.wireless.interfaces = ["enu1u1"]; # powerManagement.cpuFreqGovernor = "powersave"; From a3d085483d787272f07b737afb898f24be86acd9 Mon Sep 17 00:00:00 2001 From: Lillian-Violet Date: Tue, 3 Dec 2024 01:05:20 +0100 Subject: [PATCH 7/9] typo rasberrt > raspberry fixed --- nixos/hosts/wheatley/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/wheatley/configuration.nix b/nixos/hosts/wheatley/configuration.nix index 561b2c6..64009a5 100644 --- a/nixos/hosts/wheatley/configuration.nix +++ b/nixos/hosts/wheatley/configuration.nix @@ -17,7 +17,7 @@ # Import shared configurations ../../shared # ../../../disko/wheatley - inputs.nixos-hardware.nixosModules.raspberrt-pi-4 + inputs.nixos-hardware.nixosModules.raspberry-pi-4 ]; boot.loader.generic-extlinux-compatible.enable = true; From 6e2e9a3b7294cd4b844bb5375e21011dd215da41 Mon Sep 17 00:00:00 2001 From: Lillian-Violet Date: Tue, 3 Dec 2024 01:11:03 +0100 Subject: [PATCH 8/9] swapDevices is a list not a single entry --- nixos/hosts/wheatley/hardware-configuration.nix | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/nixos/hosts/wheatley/hardware-configuration.nix b/nixos/hosts/wheatley/hardware-configuration.nix index ea10698..2878b3c 100644 --- a/nixos/hosts/wheatley/hardware-configuration.nix +++ b/nixos/hosts/wheatley/hardware-configuration.nix @@ -16,8 +16,9 @@ options = []; }; - swapDevices = { - device = "/dev/disk/by-id/mmc-USD00_0x66b39865-part2"; - fsType = "linux-swap"; - }; + swapDevices = [ + { + device = "/dev/disk/by-id/mmc-USD00_0x66b39865-part2"; + } + ]; } From 2ebbd70657f5bd25eac6f4701c6c5e61660741f8 Mon Sep 17 00:00:00 2001 From: Lillian-Violet Date: Tue, 3 Dec 2024 01:16:25 +0100 Subject: [PATCH 9/9] fix the things I don't want from the example config --- nixos/hosts/wheatley/hardware-configuration.nix | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/nixos/hosts/wheatley/hardware-configuration.nix b/nixos/hosts/wheatley/hardware-configuration.nix index 2878b3c..13ea28d 100644 --- a/nixos/hosts/wheatley/hardware-configuration.nix +++ b/nixos/hosts/wheatley/hardware-configuration.nix @@ -1,19 +1,13 @@ { - fileSystems."/" = { - device = "none"; - fsType = "tmpfs"; - options = ["relatime" "mode=755" "size=75%"]; - }; - fileSystems."/boot" = { device = "/dev/disk/by-label/BOOT"; fsType = "vfat"; }; - fileSystems."/nix" = { + fileSystems."/" = { device = "/dev/disk/by-label/NIXOS"; fsType = "ext4"; - options = []; + options = ["noatime"]; }; swapDevices = [