106 lines
3.7 KiB
Nix
106 lines
3.7 KiB
Nix
{
|
|
inputs = {
|
|
nixpkgs.url = "github:nixos/nixpkgs/release-23.11";
|
|
utils.url = "github:numtide/flake-utils";
|
|
};
|
|
|
|
outputs = { self, nixpkgs, utils }:
|
|
let
|
|
supportedSystems = [ "x86_64-linux" "aarch64-linux" ];
|
|
inherit (nixpkgs) lib;
|
|
in (utils.lib.eachSystem supportedSystems (system:
|
|
let
|
|
pkgs = import nixpkgs { inherit system; };
|
|
makeImage = conf:
|
|
(conf.extendModules {
|
|
modules = [{ config.nixpkgs.buildPlatform.system = system; }];
|
|
}).config.system.build.sdImage;
|
|
in {
|
|
formatter = pkgs.nixfmt;
|
|
packages = lib.mapAttrs'
|
|
(name: value: lib.nameValuePair "${name}-sdimage" (makeImage value))
|
|
self.nixosConfigurations;
|
|
})) // {
|
|
nixosModules.minify = { config, ... }: {
|
|
disabledModules = [ "profiles/base.nix" "profiles/all-hardware.nix" ];
|
|
config = {
|
|
boot.bcache.enable = false;
|
|
boot.initrd.includeDefaultModules = false;
|
|
fonts.fontconfig.enable = false;
|
|
networking.firewall.enable = false;
|
|
programs.nano.enable = false;
|
|
services.lvm.enable = false;
|
|
|
|
# Disable nix daemon, but sdImage uses nix-env so it's in the closure anyway
|
|
# Link it in for convenience
|
|
nix.enable = false;
|
|
environment.systemPackages = [ config.nix.package.out ];
|
|
|
|
# Disable a few default packages, like rsync, but not core stuff, like coreutils
|
|
# We could theoretically disable system-path.nix so we don't have
|
|
# requiredPackages, but that seems like a lot of work.
|
|
# At that point I should just use buildroot...
|
|
environment.defaultPackages = [ ];
|
|
|
|
# Leave networking.useDHCP = true since we would reenable it anyway
|
|
|
|
# Just set this to something, we probably don't care
|
|
system.stateVersion = "23.11";
|
|
};
|
|
};
|
|
|
|
nixosModules.insecureRemote = { ... }: {
|
|
services.openssh = {
|
|
enable = true;
|
|
settings.PermitRootLogin = "yes";
|
|
};
|
|
users.users.root.initialPassword = "ohnowo";
|
|
};
|
|
|
|
nixosModules.rpiSht3x = { pkgs, lib, ... }: {
|
|
# Patch doesn't apply on old vendor kernels
|
|
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
|
|
|
|
nixpkgs.overlays = [ (import ./config/overlay.nix) ];
|
|
boot.kernelPatches = [ pkgs.kernelPatches.sht3x_dt_binding ];
|
|
|
|
hardware.deviceTree.overlays = [{
|
|
name = "sht3x";
|
|
dtsFile = ./config/dts/rpi-sht3x.dts;
|
|
}];
|
|
};
|
|
|
|
nixosConfigurations.aarch64-rpi = lib.nixosSystem {
|
|
modules = [
|
|
self.nixosModules.minify
|
|
self.nixosModules.insecureRemote
|
|
"${nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
|
|
{
|
|
nixpkgs.hostPlatform = lib.systems.examples.aarch64-multiplatform;
|
|
}
|
|
];
|
|
};
|
|
|
|
nixosConfigurations.armv6-rpi = lib.nixosSystem {
|
|
modules = [
|
|
self.nixosModules.minify
|
|
self.nixosModules.insecureRemote
|
|
self.nixosModules.rpiSht3x
|
|
"${nixpkgs}/nixos/modules/installer/sd-card/sd-image-raspberrypi.nix"
|
|
({ pkgs, ... }: {
|
|
boot.initrd.availableKernelModules = [ "mmc_block" ];
|
|
sdImage.compressImage = false;
|
|
|
|
nixpkgs.hostPlatform = lib.systems.examples.raspberryPi;
|
|
nixpkgs.overlays = [
|
|
(final: prev: {
|
|
# compiler-rt 16 fails, 14 has a patch
|
|
llvmPackages = final.llvmPackages_14;
|
|
})
|
|
];
|
|
})
|
|
];
|
|
};
|
|
};
|
|
}
|