Add Raspberry Pi 4 host

flake.lock

@@ -100,6 +100,21 @@
         "type": "github"
       }
     },
+    "nixos-hardware": {
+      "locked": {
+        "lastModified": 1702453208,
+        "narHash": "sha256-0wRi9SposfE2wHqjuKt8WO2izKB/ASDOV91URunIqgo=",
+        "owner": "NixOS",
+        "repo": "nixos-hardware",
+        "rev": "7763c6fd1f299cb9361ff2abf755ed9619ef01d6",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "repo": "nixos-hardware",
+        "type": "github"
+      }
+    },
     "nixpkgs": {
       "locked": {
         "lastModified": 1677676435,
@@ -136,6 +151,7 @@
         "agenix": "agenix",
         "firefox-gnome-theme": "firefox-gnome-theme",
         "home-manager": "home-manager_2",
+        "nixos-hardware": "nixos-hardware",
         "nixpkgs": "nixpkgs_2",
         "secrets": "secrets",
         "thunderbird-gnome-theme": "thunderbird-gnome-theme"

flake.nix

@@ -12,6 +12,7 @@
       url = "github:rafaelmardojai/firefox-gnome-theme";
       flake = false;
     };
+    nixos-hardware.url = "github:NixOS/nixos-hardware";
     secrets = {
       url = "git+ssh://git@git.vimium.com/jordan/nix-secrets.git";
       flake = false;
@@ -22,7 +23,7 @@
     };
   };
 
-  outputs = inputs @ { self, nixpkgs, agenix, home-manager, secrets, ... }:
+  outputs = inputs @ { self, nixpkgs, agenix, home-manager, nixos-hardware, secrets, ... }:
     let
       nixpkgsForSystem = system: inputs.nixpkgs;
       overlays = [
@@ -34,7 +35,7 @@
         home-manager.nixosModule
         ./modules
       ];
-      nixosSystem = system: name:
+      nixosSystem = { system, name, extraModules ? [] }:
         let
           nixpkgs = nixpkgsForSystem system;
           lib = (import nixpkgs { inherit overlays system; }).lib;
@@ -56,15 +57,17 @@
                 };
               })
             ./hosts/${name}
-          ];
+          ] ++ extraModules;
         };
-      nixosConfigurations = {
-        atlas = nixosSystem "x86_64-linux" "atlas";
-        eos = nixosSystem "x86_64-linux" "eos";
-        helios = nixosSystem "x86_64-linux" "helios";
-        odyssey = nixosSystem "x86_64-linux" "odyssey";
-      };
     in
-    { inherit nixosConfigurations; };
+    {
+      nixosConfigurations = {
+        atlas = nixosSystem { system = "x86_64-linux"; name = "atlas"; };
+        eos = nixosSystem { system = "x86_64-linux"; name = "eos"; };
+        helios = nixosSystem { system = "x86_64-linux"; name = "helios"; };
+        odyssey = nixosSystem { system = "x86_64-linux"; name = "odyssey"; };
+        pi = nixosSystem { system = "aarch64-linux"; name = "pi"; extraModules = [ nixos-hardware.nixosModules.raspberry-pi-4 ]; };
+      };
+    };
 }
 

hosts/pi/README.md

@@ -0,0 +1,18 @@
+# Pi
+
+## Overview
+Raspberry Pi 4
+
+## Specs
+* SoC - Broadcom BCM2711
+* CPU - ARM Cortex-A72 @ 1.8 GHz
+* Memory - 8 GB LPDDR4
+
+### Disks
+Device | Partitions _(filesystem, usage)_
+--- | ---
+SD card | `/dev/sda1` (ext4, NixOS Root)
+
+### Networks
+- DHCP on `10.0.1.0/24` subnet.
+- Tailscale on `100.64.0.0/10` subnet. FQDN: `pi.mesh.vimium.net`.

hosts/pi/default.nix

@@ -0,0 +1,79 @@
+{ config, lib, pkgs, inputs, ... }:
+
+{
+  imports = [
+    ./hardware-configuration.nix
+    ../server.nix
+  ];
+
+  networking.hostId = "731d1660";
+
+  hardware = {
+    raspberry-pi."4" = {
+      apply-overlays-dtmerge.enable = true;
+      audio.enable = false;
+      fkms-3d.enable = true;
+      xhci.enable = true;
+    };
+    deviceTree = {
+      enable = true;
+      overlays = [
+        { name = "hifiberry-digi-pro"; dtboFile = "${pkgs.device-tree_rpi.overlays}/hifiberry-digi-pro.dtbo"; }
+      ];
+    };
+    firmware = with pkgs; [
+      firmwareLinuxNonfree
+      wireless-regdb
+    ];
+  };
+
+  sound.enable = true;
+  console.enable = false;
+
+  age.secrets."passwords/networks.age" = {
+    file = "${inputs.secrets}/passwords/networks.age";
+  };
+
+  networking = {
+    wireless = {
+      enable = true;
+      interfaces = [ "wlan0" ];
+      environmentFile = config.age.secrets."passwords/networks.age".path;
+      networks = {
+        "Apollo 600 Mbps".psk = "@PSK_APOLLO@";
+      };
+    };
+  };
+
+  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+    systemWide = true;
+  };
+
+  services.shairport-sync = {
+    enable = true;
+    group = "pipewire";
+    openFirewall = true;
+  };
+
+  services.zigbee2mqtt = {
+    enable = true;
+    settings = {
+      homeassistant = true;
+      frontend = true;
+      permit_join = true;
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    libraspberrypi
+    raspberrypi-eeprom
+  ];
+
+  system.stateVersion = "22.11";
+}
+

hosts/pi/hardware-configuration.nix

@@ -0,0 +1,31 @@
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports = [
+    (modulesPath + "/installer/sd-card/sd-image-aarch64.nix")
+  ];
+
+  boot = {
+    # Stop ZFS kernel being built
+    supportedFilesystems = lib.mkForce [ "btrfs" "cifs" "f2fs" "jfs" "ntfs" "reiserfs" "vfat" "xfs" ];
+    tmp.cleanOnBoot = true;
+  };
+
+  # Fix missing modules
+  # https://github.com/NixOS/nixpkgs/issues/154163
+  nixpkgs.overlays = [
+    (final: super: {
+      makeModulesClosure = x:
+        super.makeModulesClosure (x // { allowMissing = true; });
+    })
+  ];
+
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-label/NIXOS_SD";
+      fsType = "ext4";
+      options = [ "noatime" ];
+    };
+  };
+}
+

hosts/server.nix

@@ -18,6 +18,8 @@
 
   console.keyMap = "uk";
 
+  documentation.enable = false;
+
   services.openssh = {
     enable = true;
     settings = {