images: init first own images

flake.nix

@@ -43,7 +43,7 @@
 
       imports = [
         ./machines/configurations.nix
-        #./nixos/images/default.nix
+        ./images/flake-module.nix
         inputs.pre-commit-hooks-nix.flakeModule
       ];
 

images/auto-install.nix

@@ -0,0 +1,7 @@
+{ lib
+, pkgs
+, config
+, ...
+}: {
+  system = "asdf";
+}

images/base-config.nix

@@ -0,0 +1,75 @@
+{ lib
+, pkgs
+, config
+, ...
+}: {
+  system.stateVersion = config.system.nixos.version;
+
+  networking.firewall.enable = false;
+
+  services.resolved.enable = false;
+  networking.nameservers = [
+    # digital courage
+    "46.182.19.48"
+    "2a02:2970:1002::18"
+  ];
+
+  networking.usePredictableInterfaceNames = false;
+  systemd.network.enable = true;
+  systemd.network.networks =
+    lib.mapAttrs'
+      (num: _:
+        lib.nameValuePair "eth${num}" {
+          extraConfig = ''
+            [Match]
+            Name = eth${num}
+
+            [Network]
+            DHCP = both
+            LLMNR = true
+            IPv4LL = true
+            LLDP = true
+            IPv6AcceptRA = true
+            IPv6Token = ::521a:c5ff:fefe:65d9
+            # used to have a stable address for zfs send
+            Address = fd42:4492:6a6d:43:1::${num}/64
+
+            [DHCP]
+            UseHostname = false
+            RouteMetric = 512
+          '';
+        })
+      {
+        "0" = { };
+        "1" = { };
+        "2" = { };
+        "3" = { };
+      };
+
+  imports = [
+    ../machines/core/core.nix
+    ../machines/core/nix.nix
+  ];
+
+  documentation.enable = lib.mkDefault false;
+  documentation.doc.enable = lib.mkDefault false;
+  documentation.info.enable = lib.mkDefault false;
+  documentation.nixos.enable = lib.mkDefault false;
+  documentation.nixos.options.warningsAreErrors = false;
+
+  # no auto-updates
+  systemd.services.update-prefetch.enable = false;
+
+  environment.systemPackages = with pkgs; [
+    diskrsync
+    partclone
+    ntfsprogs
+    ntfs3g
+  ];
+
+  systemd.services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ];
+
+  users.extraUsers.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOFx6OLwL9MbkD3mnMsv+xrzZHN/rwCTgVs758SCLG0h felix@thinkman"
+  ];
+}

images/flake-module.nix

@@ -0,0 +1,49 @@
+{ self, lib, ... }:
+let
+  inherit (self.inputs) nixos-generators nur;
+  defaultModule = { ... }: {
+    imports = [
+      ./base-config.nix
+    ];
+    _module.args.inputs = self.inputs;
+  };
+in
+{
+  perSystem =
+    { pkgs
+    , self'
+    , ...
+    }:
+    {
+      packages = {
+        install-iso = nixos-generators.nixosGenerate {
+          system = "x86_64-linux";
+          inherit pkgs;
+          modules = [
+            defaultModule
+          ];
+          format = "install-iso";
+        };
+
+        install-sd-aarch64 = nixos-generators.nixosGenerate {
+          system = "aarch64-linux";
+          inherit pkgs;
+          modules = [
+            defaultModule
+          ];
+          format = "sd-aarch64-installer";
+        };
+      };
+    };
+  # for debugging
+  #flake.nixosConfigurations = {
+  #  sd-image = lib.nixosSystem {
+  #    modules = [
+  #      {
+  #        nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  #      }
+  #      defaultModule
+  #    ];
+  #  };
+  #};
+}

images/rpi4-image.nix

@@ -0,0 +1,9 @@
+# nix build .#install-sd-aarch64 --system aarch64-linux
+# zstd -vdcfT6 /nix/store/...-aarch64-linux.img/sd-image/...-aarch64-linux.img.zst  | dd of=/dev/sdX status=progress bs=64K
+{ ... }: {
+  nixpkgs.localSystem.system = "aarch64-linux";
+  imports = [
+    <nixpkgs/nixos/modules/installer/sd-card/sd-image-aarch64.nix>
+    ./base-config.nix
+  ];
+}