Add gooseberry

Signed-off-by: Magic_RB <magic_rb@redalder.org>

flake.nix

@@ -53,6 +53,7 @@
         nixos/systems/liveusb
         nixos/systems/blowhole
         nixos/systems/altra
+        nixos/systems/gooseberry
 
         nixng/containers/ingress-blowhole
         nixng/containers/ingress-toothpick

nixos/systems/gooseberry/bootloader.nix

@@ -0,0 +1,8 @@
+# SPDX-FileCopyrightText: 2022 Richard Brežák <richard@brezak.sk>
+#
+# SPDX-License-Identifier: LGPL-3.0-or-later
+{ pkgs, lib, ... }:
+{
+  boot.loader.grub.enable = false;
+  boot.loader.generic-extlinux-compatible.enable = true;
+}

nixos/systems/gooseberry/default.nix

@@ -0,0 +1,44 @@
+# SPDX-FileCopyrightText: 2022 Richard Brežák <richard@brezak.sk>
+#
+# SPDX-License-Identifier: LGPL-3.0-or-later
+{ inputs, lib', config, ... }:
+let
+  inherit (lib')
+    flip
+    mapAttrs
+    singleton
+    mkForce;
+
+  config' = config;
+in
+{
+  flake.nixosConfigurations.gooseberry = inputs.nixpkgs.lib.nixosSystem {
+    system = "aarch64-linux";
+
+    specialArgs = {
+      config' = config';
+      inputs' = inputs;
+      secret = lib'.loadSecrets inputs.secret;
+    };
+
+    modules = singleton
+      ({ pkgs, config, ... }:
+        {
+          imports = [
+            ./bootloader.nix
+            ./filesystems.nix
+            ./users.nix
+            ./nixpkgs.nix
+            ./networking.nix
+            ../../common/remote_access.nix
+
+            inputs.disko.nixosModules.disko
+          ];
+
+          boot.initrd.systemd.enable = true;
+
+          time.timeZone = "Europe/Amsterdam";
+          system.stateVersion = "23.05";
+        });
+  };
+}

nixos/systems/gooseberry/filesystems.nix

@@ -0,0 +1,98 @@
+# SPDX-FileCopyrightText: 2022 Richard Brežák <richard@brezak.sk>
+#
+# SPDX-License-Identifier: LGPL-3.0-or-later
+{ lib, ... }:
+let
+  inherit (lib)
+    singleton;
+in
+{
+  disko.devices = {
+    disk.boot = {
+      type = "disk";
+      device = "/dev/mmcblk0";
+
+      content = {
+        type = "table";
+        format = "msdos";
+        partitions = [
+          {
+            name = "boot";
+            start = "0";
+            end = "1023Mib";
+            bootable = true;
+            content = {
+              type = "filesystem";
+              format = "vfat";
+              mountpoint = "/boot";
+            };
+          }
+          {
+            name = "swap";
+            start = "1024MiB";
+            end = "2047MiB";
+            content = {
+              type = "swap";
+              randomEncryption = true;
+            };
+          }
+          {
+            name = "root";
+            start = "2048MiB";
+            end = "100%";
+            content = {
+              type = "filesystem";
+              format = "f2fs";
+              mountpoint = "/root-partition";
+            };
+          }
+        ];
+      };
+    };
+
+    nodev."/" = {
+      fsType = "tmpfs";
+      mountOptions = [ "defaults" "size=128M" "mode=755" "noexec" ];
+    };
+  };
+
+  fileSystems = {
+    "/root-partition".neededForBoot = true;
+    "/nix" = {
+      device = "/root-partition/nix";
+      options = [ "bind" ];
+      neededForBoot = true;
+    };
+
+    "/home" = {
+      device = "/root-partition/home";
+      options = [ "bind" ];
+      neededForBoot = true;
+    };
+
+    "/var/lib/nixos" = {
+      device = "/root-partition/var/lib/nixos";
+      options = [ "bind" ];
+    };
+
+    "/var/log" = {
+      device = "/root-partition/var/log";
+      options = [ "bind" ];
+    };
+  };
+
+  systemd.tmpfiles.rules = [
+    "d /root-partition/etc/ssh - - - - -"
+  ];
+
+  system.activationScripts = {
+    machine-id = ''
+      ln -sf /root-partition/etc/machine-id /etc/machine-id
+    '';
+  };
+
+  environment.etc."ssh/ssh_host_rsa_key".source = "/root-partition/etc/ssh/ssh_host_rsa_key";
+  environment.etc."ssh/ssh_host_rsa_key.pub".source = "/root-partition/etc/ssh/ssh_host_rsa_key.pub";
+  environment.etc."ssh/ssh_host_ed25519_key".source = "/root-partition/etc/ssh/ssh_host_ed25519_key";
+  environment.etc."ssh/ssh_host_ed25519_key.pub".source = "/root-partition/etc/ssh/ssh_host_ed25519_key.pub";
+}

nixos/systems/gooseberry/networking.nix

@@ -0,0 +1,16 @@
+{ pkgs, lib, secret, ... }:
+let
+in
+{
+  networking = {
+    hostName = "gooseberry";
+    useDHCP = false;
+    interfaces.eth0.useDHCP = true;
+    firewall.enable = true;
+  };
+
+  services.udev.extraRules = ''
+    ATTR{address}=="b8:27:eb:ef:f4:c3", NAME="eth0"
+    ATTR{address}=="c8:4d:44:21:27:17", NAME="eth1"
+  '';
+}

nixos/systems/gooseberry/nixpkgs.nix

@@ -0,0 +1,13 @@
+{ inputs', config', ... }:
+{
+  imports = [
+    ../../common/nixpkgs.nix
+  ];
+
+  nixpkgs.overlays =
+    (with config'.flake.overlays; [])
+    ++
+    (with inputs'.nixng.overlays; [
+      default
+    ]);
+}

nixos/systems/gooseberry/users.nix

@@ -0,0 +1,19 @@
+{ inputs', config', secret, ... }:
+{
+  imports = [
+    inputs'.home-manager.nixosModules.default
+    ../../common/users.nix
+  ];
+
+  home-manager.useGlobalPkgs = true;
+  home-manager.extraSpecialArgs = {
+    config' = config';
+    inputs' = inputs';
+    secret = secret;
+  };
+  home-manager.users.main = {
+    imports = [ (inputs'.self + "/home-manager/modules/profiles/server.nix") ];
+
+    home.stateVersion = "23.05";
+  };
+}