gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

hosts/shinmyoumaru: init, cross: armv6+v7 emulated, stripped base, exprs

Browse source
This commit is contained in:
kat witch 2021-09-02 21:17:59 +01:00
parent c7d8d0b3d4
commit 37950bc59a
No known key found for this signature in database
GPG key ID: 1B477797DCA5EC72
19 changed files with 153 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.gitmodules vendored
View file

@ -2,3 +2,7 @@
path = config/trusted path = config/trusted
branch = main branch = main
url = "https://git.kittywit.ch/kat/nixfiles-trusted.git" url = "https://git.kittywit.ch/kat/nixfiles-trusted.git"
[submodule "overlay/exprs"]
path = overlay/exprs
branch = main
url = "https://github.com/kittywitch/nixexprs"

14
ci/nodes.nix
View file

@ -5,7 +5,7 @@
channels.nixfiles.path = ../.; channels.nixfiles.path = ../.;
nix.config = { nix.config = {
extra-platforms = "aarch64-linux"; extra-platforms = ["aarch64-linux" "armv6l" "armv7l"];
#extra-sandbox-paths = with channels.cipkgs; map (package: builtins.unsafeDiscardStringContext "${package}?") [bash qemu "/run/binfmt"]; #extra-sandbox-paths = with channels.cipkgs; map (package: builtins.unsafeDiscardStringContext "${package}?") [bash qemu "/run/binfmt"];
}; };
@ -13,9 +13,9 @@
jobs = mkIf (config.id != "ci") { jobs = mkIf (config.id != "ci") {
${config.id}.step.aarch64 = { ${config.id}.step.aarch64 = {
order = 201; order = 201;
name = "prepare for aarch64 builds"; name = "prepare for emulated builds";
run = '' run = ''
sudo $(which aarch64binfmt) sudo $(which archbinfmt)
''; '';
}; };
}; };
@ -23,7 +23,7 @@
# ensure sources are fetched and available in the local store before evaluating host configs # ensure sources are fetched and available in the local store before evaluating host configs
environment.bootstrap = { environment.bootstrap = {
aarch64binfmt = archbinfmt =
let let
makeQemuWrapper = name: '' makeQemuWrapper = name: ''
mkdir -p /run/binfmt mkdir -p /run/binfmt
@ -34,10 +34,14 @@
EOF EOF
chmod +x /run/binfmt/${name} chmod +x /run/binfmt/${name}
''; in ''; in
channels.cipkgs.writeShellScriptBin "aarch64binfmt" '' channels.cipkgs.writeShellScriptBin "archbinfmt" ''
${makeQemuWrapper "aarch64"} ${makeQemuWrapper "aarch64"}
${makeQemuWrapper "armv6l"}
${makeQemuWrapper "armv7l"}
echo 'extra-sandbox-paths = ${channels.cipkgs.bash} ${channels.cipkgs.qemu} /run/binfmt' >> /etc/nix/nix.conf echo 'extra-sandbox-paths = ${channels.cipkgs.bash} ${channels.cipkgs.qemu} /run/binfmt' >> /etc/nix/nix.conf
echo ':aarch64-linux:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff:/run/binfmt/aarch64:' > /proc/sys/fs/binfmt_misc/register echo ':aarch64-linux:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff:/run/binfmt/aarch64:' > /proc/sys/fs/binfmt_misc/register
echo ':armv6l-linux:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff:/run/binfmt/armv6l-linux:' > /proc/sys/fs/binfmt_misc/register
echo ':armv7l-linux:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff:/run/binfmt/armv7l-linux:' > /proc/sys/fs/binfmt_misc/register
''; '';
sourceCache = channels.cipkgs.runCommand "sources" sourceCache = channels.cipkgs.runCommand "sources"
{ {

2
config/hosts/samhain/nixos.nix
View file

@ -15,8 +15,8 @@ in
profiles.gui profiles.gui
profiles.vfio profiles.vfio
profiles.cross.aarch64 profiles.cross.aarch64
profiles.cross.armv7l
profiles.cross.armv6l profiles.cross.armv6l
profiles.cross.armv7l
users.kat.guiFull users.kat.guiFull
users.kat.services.weechat users.kat.services.weechat
services.nginx services.nginx

5
config/hosts/shinmyoumaru/image.nix Normal file
View file

@ -0,0 +1,5 @@
{ modulesPath, ... }: {
imports = [
(modulesPath + "/installer/sd-card/sd-image-raspberrypi.nix")
];
}

93
config/hosts/shinmyoumaru/nixos.nix Normal file
View file

@ -0,0 +1,93 @@
{ config, meta, pkgs, lib, ... }: with lib;
{
# Imports
imports = [
./image.nix
];
# Weird Shit
nixpkgs.localSystem = systems.examples.raspberryPi // {
system = "armv6l-linux";
};
nix = {
binaryCaches = lib.mkForce [ "https://app.cachix.org/cache/thefloweringash-armv7" ];
binaryCachePublicKeys = [ "thefloweringash-armv7.cachix.org-1:v+5yzBD2odFKeXbmC+OPWVqx4WVoIVO6UXgnSAWFtso=" ];
};
# Terraform
deploy.tf = {
resources.shinmyoumaru = {
provider = "null";
type = "resource";
connection = {
port = head config.services.openssh.ports;
host = config.network.addresses.private.nixos.ipv4.address;
};
};
};
# Bootloader
boot = {
loader = {
grub.enable = false;
generic-extlinux-compatible.enable = true;
};
consoleLogLevel = lib.mkDefault 7;
kernelPackages = pkgs.linuxPackages_rpi1;
};
# File Systems and Swap
fileSystems = {
"/" = {
device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4";
};
};
# Networking
networking = {
useDHCP = true;
interfaces.eno1.ipv4.addresses = singleton {
inherit (config.network.addresses.private.nixos.ipv4) address;
prefixLength = 24;
};
defaultGateway = config.network.privateGateway;
};
network = {
addresses = {
private = {
enable = true;
nixos = {
ipv4.address = "192.168.1.33";
# TODO ipv6.address
};
};
};
yggdrasil = {
enable = true;
pubkey = "0000000000000000000000000000000000000000000000000000";
listen.enable = false;
listen.endpoints = [ "tcp://0.0.0.0:0" ];
};
};
# Firewall
network.firewall = {
private.interfaces = singleton "yggdrasil";
public.interfaces = singleton "eno1";
};
# State
system.stateVersion = "21.11";
}

1
config/profiles/base/packages.nix
View file

@ -5,7 +5,6 @@
smartmontools smartmontools
hddtemp hddtemp
lm_sensors lm_sensors
cachix
pinentry-curses pinentry-curses
gnupg gnupg
foot.terminfo foot.terminfo

9
config/profiles/cross/armv6.nix Normal file
View file

@ -0,0 +1,9 @@
{ config, ... }: {
nix = {
binaryCaches = [ "https://arm.cachix.org/" ];
binaryCachePublicKeys = [ "arm.cachix.org-1:5BZ2kjoL1q6nWhlnrbAl+G7ThY7+HaBRD9PZzqZkbnM=" ];
};
boot.binfmt = {
emulatedSystems = [ "armv6l-linux" ];
};
}

3
config/profiles/cross/armv7.nix
View file

@ -3,4 +3,7 @@
binaryCaches = [ "https://arm.cachix.org/" ]; binaryCaches = [ "https://arm.cachix.org/" ];
binaryCachePublicKeys = [ "arm.cachix.org-1:5BZ2kjoL1q6nWhlnrbAl+G7ThY7+HaBRD9PZzqZkbnM=" ]; binaryCachePublicKeys = [ "arm.cachix.org-1:5BZ2kjoL1q6nWhlnrbAl+G7ThY7+HaBRD9PZzqZkbnM=" ];
}; };
boot.binfmt = {
emulatedSystems = [ "armv7l-linux" ];
};
} }

2
config/profiles/cross/default.nix
View file

@ -1,6 +1,7 @@
rec { rec {
common = ./armvcommon.nix; common = ./armvcommon.nix;
armv7-base = ./armv7.nix; armv7-base = ./armv7.nix;
armv6-base = ./armv6.nix;
aarch64-base = ./aarch64.nix; aarch64-base = ./aarch64.nix;
@ -30,6 +31,7 @@ rec {
}; };
imports = [ imports = [
common common
armv6-base
]; ];
}; };
} }

9
config/users/kat/base/git.nix
View file

@ -1,17 +1,8 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
{ {
home.packages = with pkgs; [
git-crypt
gitAndTools.gitRemoteGcrypt
gitAndTools.gitAnnex
git-revise
gitAndTools.git-annex-remote-b2
];
programs.git = { programs.git = {
enable = true; enable = true;
package = pkgs.gitAndTools.gitFull;
userName = "kat witch"; userName = "kat witch";
userEmail = "kat@kittywit.ch"; userEmail = "kat@kittywit.ch";
extraConfig = { extraConfig = {

3
config/users/kat/base/packages.nix
View file

@ -8,7 +8,7 @@
sd sd
duc duc
bat bat
exa exa-noman
socat socat
rsync rsync
wget wget
@ -19,7 +19,6 @@
zstd zstd
file file
whois whois
niv
dnsutils dnsutils
borgbackup borgbackup
neofetch neofetch

2
config/users/kat/default.nix
View file

@ -20,7 +20,7 @@ let katUser = { lib }:
lib.genAttrs profileNames userImport // { lib.genAttrs profileNames userImport // {
services = lib.genAttrs serviceNames serviceImport; services = lib.genAttrs serviceNames serviceImport;
base = { imports = [ ./nixos.nix (userImport "base") ]; }; base = { imports = [ ./nixos.nix (userImport "base") ]; };
server = { imports = [ personal ]; }; server = { };
guiFull = { imports = [ gui sway dev media personal ]; }; guiFull = { imports = [ gui sway dev media personal ]; };
}; };
in in

2
config/users/kat/personal/default.nix
View file

@ -3,6 +3,8 @@
{ {
imports = [ imports = [
./gpg.nix ./gpg.nix
./git.nix
./packages.nix
./weechat.nix ./weechat.nix
./email.nix ./email.nix
./shell.nix ./shell.nix

14
config/users/kat/personal/git.nix Normal file
View file

@ -0,0 +1,14 @@
{ config, pkgs, ... }:
{
home.packages = with pkgs; [
git-crypt
gitAndTools.gitRemoteGcrypt
gitAndTools.gitAnnex
git-revise
gitAndTools.git-annex-remote-b2
];
programs.git = {
package = pkgs.gitAndTools.gitFull;
};
}

5
config/users/kat/personal/packages.nix
View file

@ -1,5 +1,8 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
home.packages = with pkgs; [ pinentry.gtk2 ]; home.packages = with pkgs; [
pinentry.gtk2
niv
];
} }

4
config/users/kat/personal/shell.nix
View file

@ -2,8 +2,6 @@
{ {
programs.zsh = { programs.zsh = {
shellAliases = genAttrs ["radio" "tv"] (attr: { shellAliases = mapListToAttrs (attr: nameValuePair "abby${attr}" "mpv $(bitw get secrets/abby -f ${attr})") ["radio" "tv"];
"abby${attr}" = "mpv $(bitw get secrets/abby -f ${attr})";
});
}; };
} }

1
default.nix
View file

@ -39,7 +39,6 @@ let
folderPaths = [ (./config + "/${folder}") (./config/trusted + "/${folder}") ]; folderPaths = [ (./config + "/${folder}") (./config/trusted + "/${folder}") ];
})) }))
xargNames) // { modules = lib.recursiveMod { folder = ./config/modules; inherit sources; }; }; xargNames) // { modules = lib.recursiveMod { folder = ./config/modules; inherit sources; }; };
/* /*
We provide the runners with this file this way. We also provide our nix args here. We provide the runners with this file this way. We also provide our nix args here.
This is also where pkgs are passed through to the meta config. This is also where pkgs are passed through to the meta config.

6
nix/sources.json
View file

@ -89,10 +89,10 @@
"homepage": null, "homepage": null,
"owner": "kittywitch", "owner": "kittywitch",
"repo": "nixexprs", "repo": "nixexprs",
"rev": "a78026175487423769ac2667e618a896af63c5b0", "rev": "da3150b0837cf75c0c0fe36369ce424b80ee18ce",
"sha256": "1bvmi4fybq98avshyircxcmshxnwwwlhm1b6brb3ygpffxhxbihy", "sha256": "0w43bih23d3iv95k4arm3xys679rr7rblr5a74isvzxz0m70w3kr",
"type": "tarball", "type": "tarball",
"url": "https://github.com/kittywitch/nixexprs/archive/a78026175487423769ac2667e618a896af63c5b0.tar.gz", "url": "https://github.com/kittywitch/nixexprs/archive/da3150b0837cf75c0c0fe36369ce424b80ee18ce.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz" "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
}, },
"niv": { "niv": {

2
overlays/exprs

@ -1 +1 @@
Subproject commit a78026175487423769ac2667e618a896af63c5b0 Subproject commit da3150b0837cf75c0c0fe36369ce424b80ee18ce