diff --git a/flake.nix b/flake.nix index 8017a01..0aa040b 100644 --- a/flake.nix +++ b/flake.nix @@ -43,7 +43,7 @@ imports = [ ./machines/configurations.nix - #./nixos/images/default.nix + ./images/flake-module.nix inputs.pre-commit-hooks-nix.flakeModule ]; diff --git a/images/auto-install.nix b/images/auto-install.nix new file mode 100644 index 0000000..e8636ec --- /dev/null +++ b/images/auto-install.nix @@ -0,0 +1,7 @@ +{ lib +, pkgs +, config +, ... +}: { + system = "asdf"; +} diff --git a/images/base-config.nix b/images/base-config.nix new file mode 100644 index 0000000..d286122 --- /dev/null +++ b/images/base-config.nix @@ -0,0 +1,75 @@ +{ lib +, pkgs +, config +, ... +}: { + system.stateVersion = config.system.nixos.version; + + networking.firewall.enable = false; + + services.resolved.enable = false; + networking.nameservers = [ + # digital courage + "46.182.19.48" + "2a02:2970:1002::18" + ]; + + networking.usePredictableInterfaceNames = false; + systemd.network.enable = true; + systemd.network.networks = + lib.mapAttrs' + (num: _: + lib.nameValuePair "eth${num}" { + extraConfig = '' + [Match] + Name = eth${num} + + [Network] + DHCP = both + LLMNR = true + IPv4LL = true + LLDP = true + IPv6AcceptRA = true + IPv6Token = ::521a:c5ff:fefe:65d9 + # used to have a stable address for zfs send + Address = fd42:4492:6a6d:43:1::${num}/64 + + [DHCP] + UseHostname = false + RouteMetric = 512 + ''; + }) + { + "0" = { }; + "1" = { }; + "2" = { }; + "3" = { }; + }; + + imports = [ + ../machines/core/core.nix + ../machines/core/nix.nix + ]; + + documentation.enable = lib.mkDefault false; + documentation.doc.enable = lib.mkDefault false; + documentation.info.enable = lib.mkDefault false; + documentation.nixos.enable = lib.mkDefault false; + documentation.nixos.options.warningsAreErrors = false; + + # no auto-updates + systemd.services.update-prefetch.enable = false; + + environment.systemPackages = with pkgs; [ + diskrsync + partclone + ntfsprogs + ntfs3g + ]; + + systemd.services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ]; + + users.extraUsers.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOFx6OLwL9MbkD3mnMsv+xrzZHN/rwCTgVs758SCLG0h felix@thinkman" + ]; +} diff --git a/images/flake-module.nix b/images/flake-module.nix new file mode 100644 index 0000000..0726aac --- /dev/null +++ b/images/flake-module.nix @@ -0,0 +1,49 @@ +{ self, lib, ... }: +let + inherit (self.inputs) nixos-generators nur; + defaultModule = { ... }: { + imports = [ + ./base-config.nix + ]; + _module.args.inputs = self.inputs; + }; +in +{ + perSystem = + { pkgs + , self' + , ... + }: + { + packages = { + install-iso = nixos-generators.nixosGenerate { + system = "x86_64-linux"; + inherit pkgs; + modules = [ + defaultModule + ]; + format = "install-iso"; + }; + + install-sd-aarch64 = nixos-generators.nixosGenerate { + system = "aarch64-linux"; + inherit pkgs; + modules = [ + defaultModule + ]; + format = "sd-aarch64-installer"; + }; + }; + }; + # for debugging + #flake.nixosConfigurations = { + # sd-image = lib.nixosSystem { + # modules = [ + # { + # nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + # } + # defaultModule + # ]; + # }; + #}; +} diff --git a/images/rpi4-image.nix b/images/rpi4-image.nix new file mode 100644 index 0000000..ec3777e --- /dev/null +++ b/images/rpi4-image.nix @@ -0,0 +1,9 @@ +# nix build .#install-sd-aarch64 --system aarch64-linux +# zstd -vdcfT6 /nix/store/...-aarch64-linux.img/sd-image/...-aarch64-linux.img.zst | dd of=/dev/sdX status=progress bs=64K +{ ... }: { + nixpkgs.localSystem.system = "aarch64-linux"; + imports = [ + + ./base-config.nix + ]; +}