From a8a8e6bad58a746cf2532cf146dc2b3d35878c3c Mon Sep 17 00:00:00 2001 From: revol-xut Date: Sun, 10 Apr 2022 13:59:39 +0200 Subject: [PATCH] added sanddorn config --- .sops.yaml | 0 README.md | 0 flake.lock | 87 +++++++++++++++++++++- flake.nix | 42 +++++++++-- hosts/birne/configuration.nix | 29 -------- hosts/birne/hardware-configuration.nix | 0 hosts/sanddorn/configuration.nix | 42 +++++++++++ hosts/sanddorn/hardware-configuration.nix | 48 ++++++++++++ hosts/tomate/.gitkeep | 0 keys/bennofs.asc | 0 keys/feliix42.asc | 0 keys/tassilo.asc | 0 keys/test.age | 0 miscellaneous/Kyocera ECOSYS M6630cidn.ppd | 0 modules/autoupdate.nix | 0 modules/base.nix | 11 ++- modules/desktop.nix | 0 modules/infoscreen.nix | 32 ++++++++ modules/keys/jannusch | 0 modules/keys/jannusch-arch | 0 modules/keys/marcus-sapphire | 0 modules/keys/schrader | 0 modules/keys/tassilo | 0 modules/printing.nix | 0 modules/wifi.nix | 0 pkgs/server.nix | 74 ++++++++++++++++++ secrets/birne.test.yaml | 0 secrets/birne.yaml | 0 28 files changed, 327 insertions(+), 38 deletions(-) mode change 100644 => 100755 .sops.yaml mode change 100644 => 100755 README.md mode change 100644 => 100755 flake.lock mode change 100644 => 100755 flake.nix mode change 100644 => 100755 hosts/birne/configuration.nix mode change 100644 => 100755 hosts/birne/hardware-configuration.nix create mode 100644 hosts/sanddorn/configuration.nix create mode 100644 hosts/sanddorn/hardware-configuration.nix mode change 100644 => 100755 hosts/tomate/.gitkeep mode change 100644 => 100755 keys/bennofs.asc mode change 100644 => 100755 keys/feliix42.asc mode change 100644 => 100755 keys/tassilo.asc mode change 100644 => 100755 keys/test.age mode change 100644 => 100755 miscellaneous/Kyocera ECOSYS M6630cidn.ppd mode change 100644 => 100755 modules/autoupdate.nix mode change 100644 => 100755 modules/base.nix mode change 100644 => 100755 modules/desktop.nix create mode 100644 modules/infoscreen.nix mode change 100644 => 100755 modules/keys/jannusch mode change 100644 => 100755 modules/keys/jannusch-arch mode change 100644 => 100755 modules/keys/marcus-sapphire mode change 100644 => 100755 modules/keys/schrader mode change 100644 => 100755 modules/keys/tassilo mode change 100644 => 100755 modules/printing.nix mode change 100644 => 100755 modules/wifi.nix create mode 100755 pkgs/server.nix mode change 100644 => 100755 secrets/birne.test.yaml mode change 100644 => 100755 secrets/birne.yaml diff --git a/.sops.yaml b/.sops.yaml old mode 100644 new mode 100755 diff --git a/README.md b/README.md old mode 100644 new mode 100755 diff --git a/flake.lock b/flake.lock old mode 100644 new mode 100755 index 6b15fc1..e3b78ea --- a/flake.lock +++ b/flake.lock @@ -1,6 +1,75 @@ { "nodes": { + "dvb-source": { + "flake": false, + "locked": { + "lastModified": 1648841086, + "narHash": "sha256-OzK9r6tyyjawdDzqrDw9CFh0lf8Bn11rJpQl60YCoT8=", + "owner": "revol-xut", + "repo": "dvbpy", + "rev": "66c975f58b9f831ff6044aa65da58c3246938e5e", + "type": "github" + }, + "original": { + "owner": "revol-xut", + "repo": "dvbpy", + "type": "github" + } + }, + "flask-misaka-source": { + "flake": false, + "locked": { + "lastModified": 1607432564, + "narHash": "sha256-RYDD+Bj3+S2isTdccl04zvLjpbalQ5sqb3sYnUy1+bU=", + "owner": "singingwolfboy", + "repo": "flask-misaka", + "rev": "d960e512ac1ea16225d236984fcf130a46bb7b83", + "type": "github" + }, + "original": { + "owner": "singingwolfboy", + "repo": "flask-misaka", + "type": "github" + } + }, + "fsr-infoscreen": { + "inputs": { + "dvb-source": "dvb-source", + "flask-misaka-source": "flask-misaka-source", + "nixpkgs": "nixpkgs", + "utils": "utils" + }, + "locked": { + "lastModified": 1649586198, + "narHash": "sha256-mG0dlqTwYUw4qJcwK1ByqOb07kM9+1jENe3w6dTf9aU=", + "owner": "fsr", + "repo": "infoscreen", + "rev": "73215980cf5465f660d4237389ca92a33c035f1a", + "type": "github" + }, + "original": { + "owner": "fsr", + "repo": "infoscreen", + "type": "github" + } + }, "nixpkgs": { + "locked": { + "lastModified": 1649490789, + "narHash": "sha256-YrhVxwoofZSx/wLZ4GYET//8vS+uqWX572zvdmP/Etg=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "c86185d20d708013caf97a6adaa8dc6d72313c75", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-21.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { "locked": { "lastModified": 1646258393, "narHash": "sha256-mKDoCi5Baqainjf0Nx6oTPhaxKQdj4P17XTdhTtXGRA=", @@ -18,7 +87,8 @@ }, "root": { "inputs": { - "nixpkgs": "nixpkgs", + "fsr-infoscreen": "fsr-infoscreen", + "nixpkgs": "nixpkgs_2", "sops-nix": "sops-nix" } }, @@ -41,6 +111,21 @@ "repo": "sops-nix", "type": "github" } + }, + "utils": { + "locked": { + "lastModified": 1648297722, + "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix old mode 100644 new mode 100755 index dee6a4a..da54452 --- a/flake.nix +++ b/flake.nix @@ -3,13 +3,43 @@ nixpkgs.url = github:NixOS/nixpkgs/nixos-21.11; sops-nix.url = github:Mic92/sops-nix; sops-nix.inputs.nixpkgs.follows = "nixpkgs"; + + fsr-infoscreen.url = github:fsr/infoscreen; }; - outputs = { self, nixpkgs, sops-nix, ... }@inputs: { - nixosConfigurations.birne = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - ./hosts/birne/configuration.nix - ]; + outputs = { self, nixpkgs, sops-nix, fsr-infoscreen, ... }@inputs: + let + in { + nixosConfigurations = { + birne = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./hosts/birne/configuration.nix + + ./modules/base.nix + ./modules/autoupdate.nix + ./modules/desktop.nix + ./modules/printing.nix + ./modules/wifi.nix + + ]; + }; + sanddorn = nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + modules = [ + { + nixpkgs.overlays = [ fsr-infoscreen.overlay."aarch64-linux"]; + nixpkgs.config.allowBroken = true; + sdImage.compressImage = false; + } + ./hosts/sanddorn/configuration.nix + ./modules/infoscreen.nix + ./modules/base.nix + ./modules/autoupdate.nix + ./modules/wifi.nix + ./modules/desktop.nix + "${nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix" + ]; + }; }; }; } diff --git a/hosts/birne/configuration.nix b/hosts/birne/configuration.nix old mode 100644 new mode 100755 index 3307047..c25f0e3 --- a/hosts/birne/configuration.nix +++ b/hosts/birne/configuration.nix @@ -8,21 +8,12 @@ imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix - - ../../modules/base.nix - ../../modules/autoupdate.nix - ../../modules/desktop.nix - ../../modules/printing.nix - ../../modules/wifi.nix ]; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; - # Set your time zone. - time.timeZone = "Europe/Busingen"; - networking = { hostName = "birne"; interfaces.wlp4s0.useDHCP = true; @@ -34,33 +25,13 @@ }; nixpkgs.config.allowUnfree = true; - nix = { - package = pkgs.nixUnstable; # or versioned attributes like nix_2_4 - extraOptions = '' - experimental-features = nix-command flakes - ''; - }; - - # Enable CUPS to print documents. - # services.printing.enable = true; - - # Enable sound. - # sound.enable = true; - # hardware.pulseaudio.enable = true; - - users.users.printer = { isNormalUser = true; password = "printer"; extraGroups = []; }; - # List packages installed in system profile. To search, run: - # $ nix search wget environment.systemPackages = with pkgs; [ - vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - wget - git firefox ]; diff --git a/hosts/birne/hardware-configuration.nix b/hosts/birne/hardware-configuration.nix old mode 100644 new mode 100755 diff --git a/hosts/sanddorn/configuration.nix b/hosts/sanddorn/configuration.nix new file mode 100644 index 0000000..bd5d0b0 --- /dev/null +++ b/hosts/sanddorn/configuration.nix @@ -0,0 +1,42 @@ +{ config, lib, pkgs, ... }: +{ + imports = [ + ./hardware-configuration.nix + ]; + + boot = { + loader = { + grub.enable = false; + raspberryPi = { + enable = true; + version = 3; + uboot.enable = true; + }; + }; + kernelPackages = pkgs.linuxPackages_latest; + # No ZFS on latest kernel: + tmpOnTmpfs = true; + }; + + networking = { + hostName = "sanddorn"; + + useDHCP = false; + interfaces.eth0.useDHCP = true; + interfaces.wlan0.useDHCP = true; + firewall.enable = false; + }; + + # Do not log to flash: + services.journald.extraConfig = '' + Storage=volatile + ''; + + security.sudo = { + enable = true; + wheelNeedsPassword = false; + }; + + system.stateVersion = "21.11"; +} + diff --git a/hosts/sanddorn/hardware-configuration.nix b/hosts/sanddorn/hardware-configuration.nix new file mode 100644 index 0000000..acb17c7 --- /dev/null +++ b/hosts/sanddorn/hardware-configuration.nix @@ -0,0 +1,48 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + #imports = + # [ (modulesPath + "/installer/scan/not-detected.nix") + # ]; + + boot.initrd.availableKernelModules = [ "usbhid" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + boot.kernelParams = [ "snd_bcm2835.enable_headphones=1" ]; + boot.blacklistedKernelModules = [ "vc4_hdmi" ]; + + fileSystems = { + "/boot" = { + device = "/dev/disk/by-label/FIRMWARE"; + fsType = "vfat"; + }; + "/swap" = { + device = "/dev/disk/by-uuid/SWAP"; + fsType = "btrfs"; + options = [ "subvol=swap" "compress=lzo" "noatime" ]; # Note these options effect the entire BTRFS filesystem and not just this volume, with the exception of `"subvol=swap"`, the other options are repeated in my other `fileSystem` mounts + }; + "/" = { + device = "/dev/disk/by-label/NIXOS_SD"; + fsType = "ext4"; + }; + }; + + swapDevices = [{ + device = "/swap/swapfile"; + size = (1024 * 2); + }]; + + hardware.enableRedistributableFirmware = true; + #networking.wireless.enable = true; + boot.loader.raspberryPi.firmwareConfig = '' + gpu_mem=192 + dtparam=audio=on + ''; + + powerManagement.cpuFreqGovernor = lib.mkDefault "performance"; +} + diff --git a/hosts/tomate/.gitkeep b/hosts/tomate/.gitkeep old mode 100644 new mode 100755 diff --git a/keys/bennofs.asc b/keys/bennofs.asc old mode 100644 new mode 100755 diff --git a/keys/feliix42.asc b/keys/feliix42.asc old mode 100644 new mode 100755 diff --git a/keys/tassilo.asc b/keys/tassilo.asc old mode 100644 new mode 100755 diff --git a/keys/test.age b/keys/test.age old mode 100644 new mode 100755 diff --git a/miscellaneous/Kyocera ECOSYS M6630cidn.ppd b/miscellaneous/Kyocera ECOSYS M6630cidn.ppd old mode 100644 new mode 100755 diff --git a/modules/autoupdate.nix b/modules/autoupdate.nix old mode 100644 new mode 100755 diff --git a/modules/base.nix b/modules/base.nix old mode 100644 new mode 100755 index 73ab789..27c329f --- a/modules/base.nix +++ b/modules/base.nix @@ -1,6 +1,14 @@ { pkgs, config, ... }: { + + nix = { + package = pkgs.nixUnstable; # or versioned attributes like nix_2_4 + extraOptions = '' + experimental-features = nix-command flakes + ''; + }; + # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; console = { @@ -32,8 +40,7 @@ ]; }; - # allow unfree licenced packges - # nixpkgs.config.allowUnfree = true; + time.timeZone = "Europe/Berlin"; # basic shell & editor programs.fish.enable = true; diff --git a/modules/desktop.nix b/modules/desktop.nix old mode 100644 new mode 100755 diff --git a/modules/infoscreen.nix b/modules/infoscreen.nix new file mode 100644 index 0000000..51050a5 --- /dev/null +++ b/modules/infoscreen.nix @@ -0,0 +1,32 @@ +{ pkgs +, lib +, config +, ... +}: +let + fsr-infoscreen = pkgs.fsr-infoscreen; + +in { + + systemd = { + services."fsr-infoscreen" = { + enable = true; + wantedBy = [ "multi-user.target" ]; + script = '' + ${pkgs.python39}/bin/python39 ${fsr-infoscreen}/build/middleware/infoscreen.py + ''; + + serviceConfig = { + User = "infoscreen"; + Restart = "on-failure"; + }; + }; + }; + + users.users.infoscreen = { + name = "infoscreen"; + description = "custom user for service infoscreen service"; + isNormalUser = true; + }; + +} diff --git a/modules/keys/jannusch b/modules/keys/jannusch old mode 100644 new mode 100755 diff --git a/modules/keys/jannusch-arch b/modules/keys/jannusch-arch old mode 100644 new mode 100755 diff --git a/modules/keys/marcus-sapphire b/modules/keys/marcus-sapphire old mode 100644 new mode 100755 diff --git a/modules/keys/schrader b/modules/keys/schrader old mode 100644 new mode 100755 diff --git a/modules/keys/tassilo b/modules/keys/tassilo old mode 100644 new mode 100755 diff --git a/modules/printing.nix b/modules/printing.nix old mode 100644 new mode 100755 diff --git a/modules/wifi.nix b/modules/wifi.nix old mode 100644 new mode 100755 diff --git a/pkgs/server.nix b/pkgs/server.nix new file mode 100755 index 0000000..5c53811 --- /dev/null +++ b/pkgs/server.nix @@ -0,0 +1,74 @@ +{ lib +,pkgs +#, buildpythonApplication +#, buildPythonPackage +, fetchFromGitHub +#, fetchPypi +}: +let + +dvb = pkgs.python39Packages.buildPythonPackage rec { + pname = "dvb"; + version = "1.2.0"; + + src = fetchFromGitHub { + owner = "revol-xut"; + repo = "dvbpy"; + rev = "66c975f58b9f831ff6044aa65da58c3246938e5e"; + sha256 = "sha256-OzK9r6tyyjawdDzqrDw9CFh0lf8Bn11rJpQl60YCoT8="; + }; + + doCheck = false; + propagatedBuildInputs = with pkgs.python39Packages; [ pyproj numpy requests ]; +}; + +flask-misaka = pkgs.python39Packages.buildPythonPackage rec { + pname = "flask-misaka"; + version = "1.0.0"; + + src = fetchFromGitHub { + owner = "singingwolfboy"; + repo = "flask-misaka"; + rev = "d960e512ac1ea16225d236984fcf130a46bb7b83"; + sha256 = "sha256-RYDD+Bj3+S2isTdccl04zvLjpbalQ5sqb3sYnUy1+bU="; + }; + + doCheck = false; + propagatedBuildInputs = with pkgs.python39Packages; [ flask misaka ]; +}; + + + +in pkgs.python39Packages.buildPythonApplication rec { + pname = "fsr-infoscreen"; + version = "2.1.0"; + + src = fetchFromGitHub{ + owner = "fsr"; + repo = "infoscreen"; + rev = "43fb1fdc9dd15ccf40ef28b448ac6cfd51f32bc4"; + sha256 = "sha256-KVIuL9g5gYC+3o2U7HQRqHQnU02kn7E9P7ZydFc/tyA="; + }; + nativeBuildInputs = with pkgs; [ pkg-config python3Packages.wrapPython ]; + propagatedBuildInputs = with pkgs.python39Packages; [ flask python-forecastio flask-misaka dvb ]; + buildInputs = with pkgs.python39Packages; [ flask python-forecastio flask-misaka dvb ]; + pythonPath = with pkgs.python39Packages; [ flask python-forecastio flask-misaka dvb]; + + installPhase = '' + mkdir -p $out/build/middleware + install -Dm755 middleware/infoscreen.py $out/build/middleware + mkdir -p $out/share/infoscreen + wrapPythonPrograms + ''; + + makeWrapperArgs = [ + "--prefix PYTHONPATH : $out/share/fsr-infoscreen" + ]; + + meta = with lib; { + description = "A minimal python server which supplies the fsr infoscreen with information."; + homepage = "https://github.com/fsr/infoscreen"; + license = licenses.mit; + maintainers = with maintainers; [ revol-xut ]; + }; +} diff --git a/secrets/birne.test.yaml b/secrets/birne.test.yaml old mode 100644 new mode 100755 diff --git a/secrets/birne.yaml b/secrets/birne.yaml old mode 100644 new mode 100755