Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test pi4

Browse Source
This commit is contained in:
Nathan
2026-04-25 12:43:13 -05:00
parent 794a787a54
commit b2996d750b
9 changed files with 182 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
modules/features/netbird/netbird.nix
View File

@@ -31,6 +31,37 @@
};
};
flake.nixosModules.netbird-sbc = { config, lib, pkgs, ... }: {
config = let
pkgs-us = import inputs.nixpkgs-us {
system = "x86_64-linux";
};
in {
sops.secrets."netbirdKey".sopsFile = ./../secrets.yaml;
services.netbird = {
enable = lib.mkDefault true;
clients.default = {
port = 51820;
name = "netbird";
interface = "wt0";
hardened = false;
login = {
enable = true;
setupKeyFile = config.sops.secrets."netbirdKey".path;
};
};
package = pkgs-us.netbird;
#package = pkgs.netbird;
};
};
};
flake.nixosModules.netbird-docker = { config, lib, pkgs, ... }: {
imports = [

4
modules/hosts/homebox/configuration.nix
View File

@@ -11,7 +11,7 @@
self.nixosModules.default
pipewire
avahi
netbird
netbird-sbc
openssh
sops
@@ -81,6 +81,8 @@
};
};
sops.secrets."netbirdKey".sopsFile = lib.mkForce ./secrets.yaml;
services.netbird.clients.default.environment = {
NB_EXTRA_DNS_LABELS = "server";
};

2
modules/hosts/iso/default.nix
View File

@@ -1,6 +1,6 @@
{ self, inputs, ...}: {
perSystem = { config, system, pkgs, self', inputs', ... }: {
perSystem = { ... }: {
packages.iso = self.nixosConfigurations.iso.config.system.build.isoImage;
};

92
modules/hosts/pi4/configuration.nix
View File

@@ -1,93 +1,37 @@
{ self, inputs, ... }: {
flake.nixosModules.pi4 = { config, pkgs, ... }: {
flake.nixosModules.pi4-install-disko = { config, pkgs, ... }: {
imports = with self.nixosModules; [
inputs.disko.nixosModules.default
inputs.home-manager.nixosModules.default
pi4-core
self.nixosModules.default
user-nathan
netbird
avahi
openssh
self.diskoConfigurations.pi4
];
config = {
};
};
flake.nixosModules.pi4 = { config, pkgs, ... }: {
imports = with self.nixosModules; [
pi4-core-disko
netbird-sbc
remoteBuilds
sops
];
config = {
boot = {
loader = {
grub.enable = false;
generic-extlinux-compatible.enable = true;
};
};
networking = {
hostName = "pi4";
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
};
time.timeZone = "America/Chicago";
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
hardware = {
bluetooth.enable = true;
};
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh ];
users = {
groups.gpio = {};
};
services = {
udev.extraRules = ''
SUBSYSTEM=="bcm2835-gpiomem", KERNEL=="gpiomem", GROUP="gpio",MODE="0660"
SUBSYSTEM=="gpio", KERNEL=="gpiochip*", ACTION=="add", RUN+="${pkgs.bash}/bin/bash -c 'chown root:gpio /sys/class/gpio/export /sys/class/gpio/unexport ; chmod 220 /sys/class/gpio/export /sys/class/gpio/unexport'"
SUBSYSTEM=="gpio", KERNEL=="gpio*", ACTION=="add",RUN+="${pkgs.bash}/bin/bash -c 'chown root:gpio /sys%p/active_low /sys%p/direction /sys%p/edge /sys%p/value ; chmod 660 /sys%p/active_low /sys%p/direction /sys%p/edge /sys%p/value'"
'';
pulseaudio = {
enable = true;
extraConfig = ''
load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1
'';
};
};
sops = {
age.keyFile = "/var/lib/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
defaultSopsFormat = "yaml";
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
security.rtkit.enable = true;
system.stateVersion = "25.11";
};
};
}

75
modules/hosts/pi4/core.nix Normal file
View File

@@ -0,0 +1,75 @@
{ self, inputs, ... }: {
flake.nixosModules.pi4-core = { config, pkgs, ... }: {
imports = with self.nixosModules; [
inputs.home-manager.nixosModules.default
self.nixosModules.default
user-nathan
avahi
openssh
];
config = {
boot = {
loader = {
grub.enable = false;
generic-extlinux-compatible.enable = true;
};
kernelParams = [ "snd_bcm2835.enable_hdmi=1" "snd_bcm2835.enable_headphones=1" ];
};
networking = {
hostName = "pi4";
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager = {
enable = true;
powersave = false;
};
};
hardware = {
bluetooth.enable = true;
};
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh ];
environment.systemPackages = with pkgs; [
libraspberrypi
raspberrypi-eeprom
];
users = {
groups.gpio = {};
};
services = {
udev.extraRules = ''
SUBSYSTEM=="bcm2835-gpiomem", KERNEL=="gpiomem", GROUP="gpio",MODE="0660"
SUBSYSTEM=="gpio", KERNEL=="gpiochip*", ACTION=="add", RUN+="${pkgs.bash}/bin/bash -c 'chown root:gpio /sys/class/gpio/export /sys/class/gpio/unexport ; chmod 220 /sys/class/gpio/export /sys/class/gpio/unexport'"
SUBSYSTEM=="gpio", KERNEL=="gpio*", ACTION=="add",RUN+="${pkgs.bash}/bin/bash -c 'chown root:gpio /sys%p/active_low /sys%p/direction /sys%p/edge /sys%p/value ; chmod 660 /sys%p/active_low /sys%p/direction /sys%p/edge /sys%p/value'"
'';
pulseaudio = {
enable = true;
extraConfig = ''
load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1
'';
};
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
security.rtkit.enable = true;
system.stateVersion = "25.11";
};
};
}

30
modules/hosts/pi4/default.nix
View File

@@ -1,6 +1,12 @@
{ self, inputs, ... }: {
flake.nixosConfigurations."pi4" = inputs.nixpkgs.lib.nixosSystem {
perSystem = { ... }: {
packages.pi4-sd = self.nixosConfigurations.pi4-install.config.system.build.sdImage;
};
flake.nixosConfigurations.pi4 = inputs.nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [
self.nixosModules.pi4
@@ -9,4 +15,24 @@
];
};
flake.nixosConfigurations.pi4-install = inputs.nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [
self.nixosModules.pi4-core
self.nixosModules.pi4-hardware
];
};
flake.nixosConfigurations.pi4-install-disko = inputs.nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [
self.nixosModules.pi4-core-disko
self.nixosModules.pi4-hardware
self.diskoConfigurations.pi4
];
};
}

31
modules/users/nathan/nathan.nix
View File

@@ -4,28 +4,38 @@
laptop = [ "laptop" ];
homebox = [ "homebox" ];
iso = [ "iso" ];
#pi4 = [ "pi4" ];
#z2w = [ "red-black" "blue-white" ];
pi4 = [ "pi4" ];
z2w = [ "red-black" "blue-white" ];
useWith = x: y: (lib.mkIf (builtins.any (z: z == config.networking.hostName) x) y);
in {
config = {
users.users.nathan = {
enable = true;
shell = pkgs.zsh;
name = lib.mkDefault "nathan";
isNormalUser = lib.mkDefault true;
hashedPassword = lib.mkIf
(config.users.users.nathan.hashedPasswordFile == null)
"$y$j9T$F0pn6l4C45lz4a0FTZLqE0$Fc48Ptbmz/3MJCk/Jsaqop4ff.bY3J3GcjhmJx5R7k6";
extraGroups = [ "networkmanager" "docker" "libvirtd" "wheel" ];
extraGroups = lib.mkMerge [
[ "networkmanager" "wheel" ]
(useWith (homebox) [ "docker" "libvirtd" ])
(useWith (pi4) [ "gpio" ])
];
openssh.authorizedKeys.keys = lib.mkMerge [
(useWith (homebox ++ iso) [
(useWith (homebox) [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEnUhN2uHwAJF/SLRX3wlGRmfhV3zpP88JQAYB+gh8jW nathan@localhost"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCM7ZgIu4+ntHZbzo9iQPq5pUt7AhpOnfvvI0lWDgO4CgtkPGvyFrDnW87wjAKGKYkgKeHWHIkwq2hkEDqlPD+7xxtPpwzfyo7ZS23xlP31rL14HcG21jGHgx9SO7RmGDHHylu4PwJzz/KX59hcVmpSSV4hgB/mYA9UKe6VHv39X4y3HsjmiHwNBOKXltG4V+VkxOZD6HcZ62sgkyDTaqDpE7p+q8vHPbm6dVTKC9cMjtJmjB5EesMGKcEAy3VN2tA9M0EndtaLcBKM39vDXGpBsjURYZTu7NbQnncnO7L8kVL0nT4vA/d4mCjB51dPoXIcxn1ise0TOb9G7TxMbBQQO5YMOpiB2iuZRRvB3sYoKwbO8YfSxZi0EhvLcxkF9GBFw+pWPl0p0D2fPBbW88YQfEpoAt2EWvEu/pgaMJsTHpgaIuDwPLVQmDciX4MRoi324oElGSK8yN0P8IaCHhFchuehLBWvTi34Qot0GpnxeTzmlLzImICO9Yq0I7dk2rk= nathan@rpi-3dp"
])
(useWith (iso ++ pi4 ++ z2w) [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEnUhN2uHwAJF/SLRX3wlGRmfhV3zpP88JQAYB+gh8jW nathan@localhost"
])
(useWith laptop [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEnUhN2uHwAJF/SLRX3wlGRmfhV3zpP88JQAYB+gh8jW nathan@localhost"
])
@@ -57,16 +67,19 @@
'';
})
(useWith iso {
olympus = {
packageSet = "minimal";
};
(useWith (iso) {
wayland.windowManager.hyprland.extraConfig = ''
monitor=,preferred,auto,1
'';
})
(useWith (iso ++ pi4 ++ z2w) {
olympus = {
packageSet = "minimal";
};
})
];
};
};

5
modules/users/nathan/sops.nix
View File

@@ -13,7 +13,10 @@
sopsFile = ./secrets.yaml;
};
users.users.nathan.hashedPasswordFile = lib.mkDefault config.sops.secrets."nathan/pass".path;
users.users.nathan = {
enable = lib.mkDefault false;
hashedPasswordFile = lib.mkDefault config.sops.secrets."nathan/pass".path;
};
};
};
}