From 37950bc59aed7b2c1a2b3f98ec75b2ecb8a587d0 Mon Sep 17 00:00:00 2001 From: kat witch Date: Thu, 2 Sep 2021 21:17:59 +0100 Subject: [PATCH] hosts/shinmyoumaru: init, cross: armv6+v7 emulated, stripped base, exprs --- .gitmodules | 4 ++ ci/nodes.nix | 14 ++-- config/hosts/samhain/nixos.nix | 2 +- config/hosts/shinmyoumaru/image.nix | 5 ++ config/hosts/shinmyoumaru/nixos.nix | 93 ++++++++++++++++++++++++++ config/profiles/base/packages.nix | 1 - config/profiles/cross/armv6.nix | 9 +++ config/profiles/cross/armv7.nix | 3 + config/profiles/cross/default.nix | 2 + config/users/kat/base/git.nix | 9 --- config/users/kat/base/packages.nix | 3 +- config/users/kat/default.nix | 2 +- config/users/kat/personal/default.nix | 2 + config/users/kat/personal/git.nix | 14 ++++ config/users/kat/personal/packages.nix | 5 +- config/users/kat/personal/shell.nix | 4 +- default.nix | 1 - nix/sources.json | 6 +- overlays/exprs | 2 +- 19 files changed, 153 insertions(+), 28 deletions(-) create mode 100644 config/hosts/shinmyoumaru/image.nix create mode 100644 config/hosts/shinmyoumaru/nixos.nix create mode 100644 config/profiles/cross/armv6.nix create mode 100644 config/users/kat/personal/git.nix diff --git a/.gitmodules b/.gitmodules index 7dce1d03..400635b1 100644 --- a/.gitmodules +++ b/.gitmodules @@ -2,3 +2,7 @@ path = config/trusted branch = main url = "https://git.kittywit.ch/kat/nixfiles-trusted.git" +[submodule "overlay/exprs"] + path = overlay/exprs + branch = main + url = "https://github.com/kittywitch/nixexprs" diff --git a/ci/nodes.nix b/ci/nodes.nix index 9c8da8ff..44186db1 100644 --- a/ci/nodes.nix +++ b/ci/nodes.nix @@ -5,7 +5,7 @@ channels.nixfiles.path = ../.; nix.config = { - extra-platforms = "aarch64-linux"; + extra-platforms = ["aarch64-linux" "armv6l" "armv7l"]; #extra-sandbox-paths = with channels.cipkgs; map (package: builtins.unsafeDiscardStringContext "${package}?") [bash qemu "/run/binfmt"]; }; @@ -13,9 +13,9 @@ jobs = mkIf (config.id != "ci") { ${config.id}.step.aarch64 = { order = 201; - name = "prepare for aarch64 builds"; + name = "prepare for emulated builds"; run = '' - sudo $(which aarch64binfmt) + sudo $(which archbinfmt) ''; }; }; @@ -23,7 +23,7 @@ # ensure sources are fetched and available in the local store before evaluating host configs environment.bootstrap = { - aarch64binfmt = + archbinfmt = let makeQemuWrapper = name: '' mkdir -p /run/binfmt @@ -34,10 +34,14 @@ EOF chmod +x /run/binfmt/${name} ''; in - channels.cipkgs.writeShellScriptBin "aarch64binfmt" '' + channels.cipkgs.writeShellScriptBin "archbinfmt" '' ${makeQemuWrapper "aarch64"} + ${makeQemuWrapper "armv6l"} + ${makeQemuWrapper "armv7l"} echo 'extra-sandbox-paths = ${channels.cipkgs.bash} ${channels.cipkgs.qemu} /run/binfmt' >> /etc/nix/nix.conf echo ':aarch64-linux:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff:/run/binfmt/aarch64:' > /proc/sys/fs/binfmt_misc/register + echo ':armv6l-linux:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff:/run/binfmt/armv6l-linux:' > /proc/sys/fs/binfmt_misc/register + echo ':armv7l-linux:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff:/run/binfmt/armv7l-linux:' > /proc/sys/fs/binfmt_misc/register ''; sourceCache = channels.cipkgs.runCommand "sources" { diff --git a/config/hosts/samhain/nixos.nix b/config/hosts/samhain/nixos.nix index 243605e9..b3b3b9ab 100644 --- a/config/hosts/samhain/nixos.nix +++ b/config/hosts/samhain/nixos.nix @@ -15,8 +15,8 @@ in profiles.gui profiles.vfio profiles.cross.aarch64 - profiles.cross.armv7l profiles.cross.armv6l + profiles.cross.armv7l users.kat.guiFull users.kat.services.weechat services.nginx diff --git a/config/hosts/shinmyoumaru/image.nix b/config/hosts/shinmyoumaru/image.nix new file mode 100644 index 00000000..4d9342ab --- /dev/null +++ b/config/hosts/shinmyoumaru/image.nix @@ -0,0 +1,5 @@ +{ modulesPath, ... }: { + imports = [ + (modulesPath + "/installer/sd-card/sd-image-raspberrypi.nix") + ]; +} diff --git a/config/hosts/shinmyoumaru/nixos.nix b/config/hosts/shinmyoumaru/nixos.nix new file mode 100644 index 00000000..1e308c5f --- /dev/null +++ b/config/hosts/shinmyoumaru/nixos.nix @@ -0,0 +1,93 @@ +{ config, meta, pkgs, lib, ... }: with lib; + +{ + # Imports + + imports = [ + ./image.nix + ]; + + # Weird Shit + + nixpkgs.localSystem = systems.examples.raspberryPi // { + system = "armv6l-linux"; + }; + + nix = { + binaryCaches = lib.mkForce [ "https://app.cachix.org/cache/thefloweringash-armv7" ]; + binaryCachePublicKeys = [ "thefloweringash-armv7.cachix.org-1:v+5yzBD2odFKeXbmC+OPWVqx4WVoIVO6UXgnSAWFtso=" ]; + }; + + # Terraform + + deploy.tf = { + resources.shinmyoumaru = { + provider = "null"; + type = "resource"; + connection = { + port = head config.services.openssh.ports; + host = config.network.addresses.private.nixos.ipv4.address; + }; + }; + }; + + # Bootloader + + boot = { + loader = { + grub.enable = false; + generic-extlinux-compatible.enable = true; + }; + consoleLogLevel = lib.mkDefault 7; + kernelPackages = pkgs.linuxPackages_rpi1; + }; + + # File Systems and Swap + + fileSystems = { + "/" = { + device = "/dev/disk/by-label/NIXOS_SD"; + fsType = "ext4"; + }; + }; + + # Networking + + networking = { + useDHCP = true; + interfaces.eno1.ipv4.addresses = singleton { + inherit (config.network.addresses.private.nixos.ipv4) address; + prefixLength = 24; + }; + defaultGateway = config.network.privateGateway; + }; + + network = { + addresses = { + private = { + enable = true; + nixos = { + ipv4.address = "192.168.1.33"; + # TODO ipv6.address + }; + }; + }; + yggdrasil = { + enable = true; + pubkey = "0000000000000000000000000000000000000000000000000000"; + listen.enable = false; + listen.endpoints = [ "tcp://0.0.0.0:0" ]; + }; + }; + + # Firewall + + network.firewall = { + private.interfaces = singleton "yggdrasil"; + public.interfaces = singleton "eno1"; + }; + + # State + + system.stateVersion = "21.11"; +} diff --git a/config/profiles/base/packages.nix b/config/profiles/base/packages.nix index 1b43e33f..16687f68 100644 --- a/config/profiles/base/packages.nix +++ b/config/profiles/base/packages.nix @@ -5,7 +5,6 @@ smartmontools hddtemp lm_sensors - cachix pinentry-curses gnupg foot.terminfo diff --git a/config/profiles/cross/armv6.nix b/config/profiles/cross/armv6.nix new file mode 100644 index 00000000..7fb88614 --- /dev/null +++ b/config/profiles/cross/armv6.nix @@ -0,0 +1,9 @@ +{ config, ... }: { + nix = { + binaryCaches = [ "https://arm.cachix.org/" ]; + binaryCachePublicKeys = [ "arm.cachix.org-1:5BZ2kjoL1q6nWhlnrbAl+G7ThY7+HaBRD9PZzqZkbnM=" ]; + }; + boot.binfmt = { + emulatedSystems = [ "armv6l-linux" ]; + }; +} diff --git a/config/profiles/cross/armv7.nix b/config/profiles/cross/armv7.nix index f633f99c..482fe54d 100644 --- a/config/profiles/cross/armv7.nix +++ b/config/profiles/cross/armv7.nix @@ -3,4 +3,7 @@ binaryCaches = [ "https://arm.cachix.org/" ]; binaryCachePublicKeys = [ "arm.cachix.org-1:5BZ2kjoL1q6nWhlnrbAl+G7ThY7+HaBRD9PZzqZkbnM=" ]; }; + boot.binfmt = { + emulatedSystems = [ "armv7l-linux" ]; + }; } diff --git a/config/profiles/cross/default.nix b/config/profiles/cross/default.nix index 2b8f7841..8e09bbba 100644 --- a/config/profiles/cross/default.nix +++ b/config/profiles/cross/default.nix @@ -1,6 +1,7 @@ rec { common = ./armvcommon.nix; armv7-base = ./armv7.nix; + armv6-base = ./armv6.nix; aarch64-base = ./aarch64.nix; @@ -30,6 +31,7 @@ rec { }; imports = [ common + armv6-base ]; }; } diff --git a/config/users/kat/base/git.nix b/config/users/kat/base/git.nix index 99387e52..bcbb19f5 100644 --- a/config/users/kat/base/git.nix +++ b/config/users/kat/base/git.nix @@ -1,17 +1,8 @@ { config, pkgs, lib, ... }: { - home.packages = with pkgs; [ - git-crypt - gitAndTools.gitRemoteGcrypt - gitAndTools.gitAnnex - git-revise - gitAndTools.git-annex-remote-b2 - ]; - programs.git = { enable = true; - package = pkgs.gitAndTools.gitFull; userName = "kat witch"; userEmail = "kat@kittywit.ch"; extraConfig = { diff --git a/config/users/kat/base/packages.nix b/config/users/kat/base/packages.nix index e1930303..307bbde9 100644 --- a/config/users/kat/base/packages.nix +++ b/config/users/kat/base/packages.nix @@ -8,7 +8,7 @@ sd duc bat - exa + exa-noman socat rsync wget @@ -19,7 +19,6 @@ zstd file whois - niv dnsutils borgbackup neofetch diff --git a/config/users/kat/default.nix b/config/users/kat/default.nix index 62f3e337..eb06e13f 100644 --- a/config/users/kat/default.nix +++ b/config/users/kat/default.nix @@ -20,7 +20,7 @@ let katUser = { lib }: lib.genAttrs profileNames userImport // { services = lib.genAttrs serviceNames serviceImport; base = { imports = [ ./nixos.nix (userImport "base") ]; }; - server = { imports = [ personal ]; }; + server = { }; guiFull = { imports = [ gui sway dev media personal ]; }; }; in diff --git a/config/users/kat/personal/default.nix b/config/users/kat/personal/default.nix index 0a4650ab..b8f88d5d 100644 --- a/config/users/kat/personal/default.nix +++ b/config/users/kat/personal/default.nix @@ -3,6 +3,8 @@ { imports = [ ./gpg.nix + ./git.nix + ./packages.nix ./weechat.nix ./email.nix ./shell.nix diff --git a/config/users/kat/personal/git.nix b/config/users/kat/personal/git.nix new file mode 100644 index 00000000..4d4d5bc3 --- /dev/null +++ b/config/users/kat/personal/git.nix @@ -0,0 +1,14 @@ +{ config, pkgs, ... }: + +{ + home.packages = with pkgs; [ + git-crypt + gitAndTools.gitRemoteGcrypt + gitAndTools.gitAnnex + git-revise + gitAndTools.git-annex-remote-b2 + ]; + programs.git = { + package = pkgs.gitAndTools.gitFull; + }; +} diff --git a/config/users/kat/personal/packages.nix b/config/users/kat/personal/packages.nix index c3b8edec..3571aaee 100644 --- a/config/users/kat/personal/packages.nix +++ b/config/users/kat/personal/packages.nix @@ -1,5 +1,8 @@ { config, pkgs, ... }: { - home.packages = with pkgs; [ pinentry.gtk2 ]; + home.packages = with pkgs; [ + pinentry.gtk2 + niv + ]; } diff --git a/config/users/kat/personal/shell.nix b/config/users/kat/personal/shell.nix index 3d2f9eea..835e1454 100644 --- a/config/users/kat/personal/shell.nix +++ b/config/users/kat/personal/shell.nix @@ -2,8 +2,6 @@ { programs.zsh = { - shellAliases = genAttrs ["radio" "tv"] (attr: { - "abby${attr}" = "mpv $(bitw get secrets/abby -f ${attr})"; - }); + shellAliases = mapListToAttrs (attr: nameValuePair "abby${attr}" "mpv $(bitw get secrets/abby -f ${attr})") ["radio" "tv"]; }; } diff --git a/default.nix b/default.nix index 6aa29b49..7a5bb7e3 100644 --- a/default.nix +++ b/default.nix @@ -39,7 +39,6 @@ let folderPaths = [ (./config + "/${folder}") (./config/trusted + "/${folder}") ]; })) xargNames) // { modules = lib.recursiveMod { folder = ./config/modules; inherit sources; }; }; - /* We provide the runners with this file this way. We also provide our nix args here. This is also where pkgs are passed through to the meta config. diff --git a/nix/sources.json b/nix/sources.json index 7d5b1e49..5d1f63e3 100644 --- a/nix/sources.json +++ b/nix/sources.json @@ -89,10 +89,10 @@ "homepage": null, "owner": "kittywitch", "repo": "nixexprs", - "rev": "a78026175487423769ac2667e618a896af63c5b0", - "sha256": "1bvmi4fybq98avshyircxcmshxnwwwlhm1b6brb3ygpffxhxbihy", + "rev": "da3150b0837cf75c0c0fe36369ce424b80ee18ce", + "sha256": "0w43bih23d3iv95k4arm3xys679rr7rblr5a74isvzxz0m70w3kr", "type": "tarball", - "url": "https://github.com/kittywitch/nixexprs/archive/a78026175487423769ac2667e618a896af63c5b0.tar.gz", + "url": "https://github.com/kittywitch/nixexprs/archive/da3150b0837cf75c0c0fe36369ce424b80ee18ce.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "niv": { diff --git a/overlays/exprs b/overlays/exprs index a7802617..da3150b0 160000 --- a/overlays/exprs +++ b/overlays/exprs @@ -1 +1 @@ -Subproject commit a78026175487423769ac2667e618a896af63c5b0 +Subproject commit da3150b0837cf75c0c0fe36369ce424b80ee18ce