Add Raspberry Pi 4 host

2023-12-16 23:47:43 +00:00 · 2023-12-16 23:47:43 +00:00 · 47f665b742
commit 47f665b742
parent 26be10bd0c
6 changed files with 159 additions and 10 deletions
--- a/flake.lock
+++ b/flake.lock
@ -100,6 +100,21 @@
        "type": "github"
      }
    },
+    "nixos-hardware": {
+      "locked": {
+        "lastModified": 1702453208,
+        "narHash": "sha256-0wRi9SposfE2wHqjuKt8WO2izKB/ASDOV91URunIqgo=",
+        "owner": "NixOS",
+        "repo": "nixos-hardware",
+        "rev": "7763c6fd1f299cb9361ff2abf755ed9619ef01d6",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "repo": "nixos-hardware",
+        "type": "github"
+      }
+    },
    "nixpkgs": {
      "locked": {
        "lastModified": 1677676435,
@ -136,6 +151,7 @@
        "agenix": "agenix",
        "firefox-gnome-theme": "firefox-gnome-theme",
        "home-manager": "home-manager_2",
+        "nixos-hardware": "nixos-hardware",
        "nixpkgs": "nixpkgs_2",
        "secrets": "secrets",
        "thunderbird-gnome-theme": "thunderbird-gnome-theme"
--- a/flake.nix
+++ b/flake.nix
@ -12,6 +12,7 @@
      url = "github:rafaelmardojai/firefox-gnome-theme";
      flake = false;
    };
+    nixos-hardware.url = "github:NixOS/nixos-hardware";
    secrets = {
      url = "git+ssh://git@git.vimium.com/jordan/nix-secrets.git";
      flake = false;
@ -22,7 +23,7 @@
    };
  };

-  outputs = inputs @ { self, nixpkgs, agenix, home-manager, secrets, ... }:
+  outputs = inputs @ { self, nixpkgs, agenix, home-manager, nixos-hardware, secrets, ... }:
    let
      nixpkgsForSystem = system: inputs.nixpkgs;
      overlays = [
@ -34,7 +35,7 @@
        home-manager.nixosModule
        ./modules
      ];
-      nixosSystem = system: name:
+      nixosSystem = { system, name, extraModules ? [] }:
        let
          nixpkgs = nixpkgsForSystem system;
          lib = (import nixpkgs { inherit overlays system; }).lib;
@ -56,15 +57,17 @@
                };
              })
            ./hosts/${name}
-          ];
-        };
-      nixosConfigurations = {
-        atlas = nixosSystem "x86_64-linux" "atlas";
-        eos = nixosSystem "x86_64-linux" "eos";
-        helios = nixosSystem "x86_64-linux" "helios";
-        odyssey = nixosSystem "x86_64-linux" "odyssey";
+          ] ++ extraModules;
        };
    in
-    { inherit nixosConfigurations; };
+    {
+      nixosConfigurations = {
+        atlas = nixosSystem { system = "x86_64-linux"; name = "atlas"; };
+        eos = nixosSystem { system = "x86_64-linux"; name = "eos"; };
+        helios = nixosSystem { system = "x86_64-linux"; name = "helios"; };
+        odyssey = nixosSystem { system = "x86_64-linux"; name = "odyssey"; };
+        pi = nixosSystem { system = "aarch64-linux"; name = "pi"; extraModules = [ nixos-hardware.nixosModules.raspberry-pi-4 ]; };
+      };
+    };
 }

--- a/hosts/pi/README.md
+++ b/hosts/pi/README.md
@ -0,0 +1,18 @@
+# Pi
+
+## Overview
+Raspberry Pi 4
+
+## Specs
+* SoC - Broadcom BCM2711
+* CPU - ARM Cortex-A72 @ 1.8 GHz
+* Memory - 8 GB LPDDR4
+
+### Disks
+Device | Partitions _(filesystem, usage)_
+--- | ---
+SD card | `/dev/sda1` (ext4, NixOS Root)
+
+### Networks
+- DHCP on `10.0.1.0/24` subnet.
+- Tailscale on `100.64.0.0/10` subnet. FQDN: `pi.mesh.vimium.net`.
--- a/hosts/pi/default.nix
+++ b/hosts/pi/default.nix
@ -0,0 +1,79 @@
+{ config, lib, pkgs, inputs, ... }:
+
+{
+  imports = [
+    ./hardware-configuration.nix
+    ../server.nix
+  ];
+
+  networking.hostId = "731d1660";
+
+  hardware = {
+    raspberry-pi."4" = {
+      apply-overlays-dtmerge.enable = true;
+      audio.enable = false;
+      fkms-3d.enable = true;
+      xhci.enable = true;
+    };
+    deviceTree = {
+      enable = true;
+      overlays = [
+        { name = "hifiberry-digi-pro"; dtboFile = "${pkgs.device-tree_rpi.overlays}/hifiberry-digi-pro.dtbo"; }
+      ];
+    };
+    firmware = with pkgs; [
+      firmwareLinuxNonfree
+      wireless-regdb
+    ];
+  };
+
+  sound.enable = true;
+  console.enable = false;
+
+  age.secrets."passwords/networks.age" = {
+    file = "${inputs.secrets}/passwords/networks.age";
+  };
+
+  networking = {
+    wireless = {
+      enable = true;
+      interfaces = [ "wlan0" ];
+      environmentFile = config.age.secrets."passwords/networks.age".path;
+      networks = {
+        "Apollo 600 Mbps".psk = "@PSK_APOLLO@";
+      };
+    };
+  };
+
+  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+    systemWide = true;
+  };
+
+  services.shairport-sync = {
+    enable = true;
+    group = "pipewire";
+    openFirewall = true;
+  };
+
+  services.zigbee2mqtt = {
+    enable = true;
+    settings = {
+      homeassistant = true;
+      frontend = true;
+      permit_join = true;
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    libraspberrypi
+    raspberrypi-eeprom
+  ];
+
+  system.stateVersion = "22.11";
+}
+
--- a/hosts/pi/hardware-configuration.nix
+++ b/hosts/pi/hardware-configuration.nix
@ -0,0 +1,31 @@
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports = [
+    (modulesPath + "/installer/sd-card/sd-image-aarch64.nix")
+  ];
+
+  boot = {
+    # Stop ZFS kernel being built
+    supportedFilesystems = lib.mkForce [ "btrfs" "cifs" "f2fs" "jfs" "ntfs" "reiserfs" "vfat" "xfs" ];
+    tmp.cleanOnBoot = true;
+  };
+
+  # Fix missing modules
+  # https://github.com/NixOS/nixpkgs/issues/154163
+  nixpkgs.overlays = [
+    (final: super: {
+      makeModulesClosure = x:
+        super.makeModulesClosure (x // { allowMissing = true; });
+    })
+  ];
+
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-label/NIXOS_SD";
+      fsType = "ext4";
+      options = [ "noatime" ];
+    };
+  };
+}
+
--- a/hosts/server.nix
+++ b/hosts/server.nix
@ -18,6 +18,8 @@

  console.keyMap = "uk";

+  documentation.enable = false;
+
  services.openssh = {
    enable = true;
    settings = {