commit 69ecf8b2950b40ce53ad209d6061d01ea2914d40 Author: Sam Willcocks Date: Mon Aug 14 18:33:59 2023 +0200 initial commit with pi image diff --git a/.envrc b/.envrc new file mode 100644 index 0000000..3550a30 --- /dev/null +++ b/.envrc @@ -0,0 +1 @@ +use flake diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..92b2793 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.direnv diff --git a/configuration.nix b/configuration.nix new file mode 100644 index 0000000..8f34b97 --- /dev/null +++ b/configuration.nix @@ -0,0 +1,8 @@ +{... }: { + services.openssh = { + permitRootLogin = "yes"; + enable = true; + }; + services.tailscale.enable = true; + users.users.root.openssh.authorizedKeys.keys = [ "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDQdGzwYiallvWXIHgSAf2GOwMJKA8bxPmwyuO+vsd1HwB65hMRPCpKS+FNLIpkrADNnuhGS3xGCGSSuQ+zAu/g= zinc-se-main@secretive.zinc.local" ]; +} diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..1d071d0 --- /dev/null +++ b/flake.lock @@ -0,0 +1,176 @@ +{ + "nodes": { + "devshell": { + "inputs": { + "nixpkgs": "nixpkgs", + "systems": "systems" + }, + "locked": { + "lastModified": 1686680692, + "narHash": "sha256-SsLZz3TDleraAiJq4EkmdyewSyiv5g0LZYc6vaLZOMQ=", + "owner": "numtide", + "repo": "devshell", + "rev": "fd6223370774dd9c33354e87a007004b5fd36442", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "devshell", + "type": "github" + } + }, + "flake-utils": { + "locked": { + "lastModified": 1642700792, + "narHash": "sha256-XqHrk7hFb+zBvRg6Ghl+AZDq03ov6OshJLiSWOoX5es=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "846b2ae0fc4cc943637d3d1def4454213e203cba", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "mach-nix": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs_2", + "pypi-deps-db": "pypi-deps-db" + }, + "locked": { + "lastModified": 1654084003, + "narHash": "sha256-j/XrVVistvM+Ua+0tNFvO5z83isL+LBgmBi9XppxuKA=", + "owner": "DavHau", + "repo": "mach-nix", + "rev": "7e14360bde07dcae32e5e24f366c83272f52923f", + "type": "github" + }, + "original": { + "id": "mach-nix", + "ref": "3.5.0", + "type": "indirect" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1677383253, + "narHash": "sha256-UfpzWfSxkfXHnb4boXZNaKsAcUrZT9Hw+tao1oZxd08=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "9952d6bc395f5841262b006fbace8dd7e143b634", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1643805626, + "narHash": "sha256-AXLDVMG+UaAGsGSpOtQHPIKB+IZ0KSd9WS77aanGzgc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "554d2d8aa25b6e583575459c297ec23750adb6cb", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-unstable", + "type": "indirect" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1685789966, + "narHash": "sha256-pyqctu5Cq1jwymO3Os0/RNj5Nm3q5kmRCT24p7gtG70=", + "path": "/nix/store/hnkjxwx9zv2k0gkiznbpkrsvyrzaz6w1-source", + "rev": "4eaa9e3eb36386de0c6a268ba5da72cafc959619", + "type": "path" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "pypi-deps-db": { + "flake": false, + "locked": { + "lastModified": 1643877077, + "narHash": "sha256-jv8pIvRFTP919GybOxXE5TfOkrjTbdo9QiCO1TD3ZaY=", + "owner": "DavHau", + "repo": "pypi-deps-db", + "rev": "da53397f0b782b0b18deb72ef8e0fb5aa7c98aa3", + "type": "github" + }, + "original": { + "owner": "DavHau", + "repo": "pypi-deps-db", + "type": "github" + } + }, + "root": { + "inputs": { + "devshell": "devshell", + "mach-nix": "mach-nix", + "nixpkgs": "nixpkgs_3", + "utils": "utils" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "utils": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1685518550, + "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..0185691 --- /dev/null +++ b/flake.nix @@ -0,0 +1,29 @@ +{ + description = "A basic flake from samw"; + inputs = { + utils.url = "github:numtide/flake-utils"; + devshell.url = "github:numtide/devshell"; + mach-nix.url = "mach-nix/3.5.0"; + }; + outputs = { + self, + nixpkgs, + utils, + devshell, + mach-nix, + }: + utils.lib.eachDefaultSystem (system: let + pkgs = import nixpkgs { + inherit system; + + overlays = [devshell.overlays.default]; + }; + mach-lib = mach-nix.lib."${system}"; + in { + packages.default = mach-lib.mkPython { + requirements = builtins.readFile ./requirements.txt; + }; + devShells.default = pkgs.devshell.mkShell {packages = with pkgs; [imagemagick];}; + formatter = pkgs.alejandra; + }); +} diff --git a/pi.nix b/pi.nix new file mode 100644 index 0000000..09f8f26 --- /dev/null +++ b/pi.nix @@ -0,0 +1,73 @@ +{ config, lib, pkgs, ... }: { + nixpkgs.localSystem.system = "aarch64-linux"; + imports = [ + + # Sd image settings + + + # Your configuration + ./configuration.nix + ]; + + boot = { + kernelPackages = pkgs.linuxPackages_rpi4; + loader.grub.enable = false; + loader.generic-extlinux-compatible.enable = true; + consoleLogLevel = lib.mkDefault 7; + + # The serial ports listed here are: + # - ttyS0: for Tegra (Jetson TX1) + # - ttyAMA0: for QEMU's -machine virt + kernelParams = + [ "console=ttyS0,115200n8" "console=ttyAMA0,115200n8" "console=tty0" ]; + + initrd.availableKernelModules = [ + # Allows early (earlier) modesetting for the Raspberry Pi + "vc4" + "bcm2835_dma" + "i2c_bcm2835" + # Allows early (earlier) modesetting for Allwinner SoCs + "sun4i_drm" + "sun8i_drm_hdmi" + "sun8i_mixer" + ]; + + }; + + sdImage = { + populateFirmwareCommands = let + configTxt = pkgs.writeText "config.txt" '' + [pi4] + kernel=u-boot-rpi4.bin + enable_gic=1 + armstub=armstub8-gic.bin + # Otherwise the resolution will be weird in most cases, compared to + # what the pi3 firmware does by default. + disable_overscan=1 + [all] + # Boot in 64-bit mode. + arm_64bit=1 + # U-Boot needs this to work, regardless of whether UART is actually used or not. + # Look in arch/arm/mach-bcm283x/Kconfig in the U-Boot tree to see if this is still + # a requirement in the future. + enable_uart=1 + # Prevent the firmware from smashing the framebuffer setup done by the mainline kernel + # when attempting to show low-voltage or overtemperature warnings. + avoid_warnings=1 + ''; + in '' + (cd ${pkgs.raspberrypifw}/share/raspberrypi/boot && cp bootcode.bin fixup*.dat start*.elf $NIX_BUILD_TOP/firmware/) + # Add the config + cp ${configTxt} firmware/config.txt + # Add pi4 specific files + cp ${pkgs.ubootRaspberryPi4_64bit}/u-boot.bin firmware/u-boot-rpi4.bin + cp ${pkgs.raspberrypi-armstubs}/armstub8-gic.bin firmware/armstub8-gic.bin + cp ${pkgs.raspberrypifw}/share/raspberrypi/boot/bcm2711-rpi-4-b.dtb firmware/ + ''; + populateRootCommands = '' + mkdir -p ./files/boot + ${config.boot.loader.generic-extlinux-compatible.populateCmd} -c ${config.system.build.toplevel} -d ./files/boot + ''; + }; +} +