# SPDX-FileCopyrightText: 2022 Richard Brežák # # SPDX-License-Identifier: LGPL-3.0-or-later { inputs, lib', config, ... }: let inherit (lib') flip mapAttrs singleton mkForce filter hasPrefix ; config' = config; in { flake.nixosConfigurations.hela = inputs.nixpkgs-stable.lib.nixosSystem { system = "aarch64-linux"; specialArgs = { config' = config'; inputs' = inputs; secret = lib'.loadSecrets inputs.secret; }; modules = singleton ( { pkgs, config, lib, ... }: { imports = [ inputs.impermenance.nixosModules.impermanence inputs.disko.nixosModules.default inputs.self.nixosModules.ifstate inputs.self.nixosModules.notnft-ns ../../tests/hel/pppoe-server.nix ../../common/remote_access.nix ../../common/nixpkgs.nix ./users.nix ./networking.nix (_: let mkMtuOption = mtu: lib.mkOption { type = lib.types.int; default = mtu; readOnly = true; }; mkEthAddrOption = addr: lib.mkOption { type = lib.types.str; default = addr; readOnly = true; apply = addr: { colon = addr; space = lib.stringAsChars (x: if x == ":" then " " else x) addr; }; }; mtu = config.bananapi.mtu; in { options.bananapi = { mtu = { sw = mkMtuOption 1544; wan = mkMtuOption (mtu.sw - 8); slan = mkMtuOption (mtu.sw - 8); wan-vlan = mkMtuOption (mtu.wan - 8); slan-vlan = mkMtuOption (mtu.slan - 8); ppp-wan = mkMtuOption (mtu.wan-vlan - 24); ppp-slan = mkMtuOption (mtu.slan-vlan - 24); }; ethaddr = { sw = mkEthAddrOption "ea:34:07:e4:7c:6a"; sfp0 = mkEthAddrOption "86:a9:22:2c:dd:6c"; sfp1 = mkEthAddrOption "16:5c:7f:42:c7:76"; wan = mkEthAddrOption "fe:39:64:d0:e4:9b"; slan = mkEthAddrOption "98:35:ed:b0:e3:f5"; lan0 = mkEthAddrOption "52:76:52:a8:40:18"; lan1 = mkEthAddrOption "de:9c:15:bb:f7:b9"; wlan0 = mkEthAddrOption "20:2b:20:91:9c:33"; }; }; }) ]; _module.args = {notnft = inputs.notnft.lib.${pkgs.stdenv.system};}; nixpkgs.overlays = [ inputs.self.overlays.ifstate inputs.self.overlays.linux inputs.self.overlays.uboot inputs.self.overlays.rp-pppoe ]; hardware.firmware = let mt7996Firmware = pkgs.fetchFromGitHub { owner = "frank-w"; repo = "mt76"; rev = "bd483e8c86f19f2286fd0ff761c2027541dd542e"; hash = "sha256-V6GA/8g8x8s7yVB3NBxzRD6DCJO0Ws9ZzXb4/OH6lFI="; postFetch = '' mv $out/firmware . shopt -s dotglob rm -r $out/* mkdir -p $out/lib/firmware/mediatek mv ./firmware/* $out/lib/firmware/mediatek rm -r firmware ${pkgs.unzip}/bin/unzip ${./mt7996fw.zip} mv *.bin $out/lib/firmware/mediatek/mt7996 ''; }; in [(lib.traceValFn (x: x.outPath) mt7996Firmware)]; hardware.enableRedistributableFirmware = true; boot.initrd.includeDefaultModules = false; boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linuxBananaPiR4; hardware.deviceTree.name = "mediatek/mt7988a-bananapi-bpi-r4.dtb"; hardware.deviceTree.overlays = [ { name = "mt7988a-bananapi-bpi-r4-eth.dtso"; dtsText = '' /dts-v1/; /plugin/; / { compatible = "bananapi,bpi-r4", "mediatek,mt7988a"; fragment@1 { target-path = "/soc/switch@15020000/ports"; __overlay__ { port@0 { mac-address = [${config.bananapi.ethaddr.wan.space}]; }; port@1 { mac-address = [${config.bananapi.ethaddr.slan.space}]; label = "slan"; }; port@2 { mac-address = [${config.bananapi.ethaddr.lan0.space}]; label = "lan0"; }; port@3 { mac-address = [${config.bananapi.ethaddr.lan1.space}]; label = "lan1"; }; port@6 { mac-address = [${config.bananapi.ethaddr.sw.space}]; label = "sw"; }; }; }; fragment@2 { target-path = "/soc/ethernet@15100000"; __overlay__ { mac@0 { mac-address = [${config.bananapi.ethaddr.sw.space}]; label = "sw"; }; mac@1 { mac-address = [${config.bananapi.ethaddr.sfp0.space}]; label = "sfp0"; }; mac@2 { mac-address = [${config.bananapi.ethaddr.sfp1.space}]; label = "sfp1"; }; }; }; }; ''; } { name = "mt7988a-bananapi-bpi-r4-sd.dtso"; dtsFile = config.boot.kernelPackages.kernel.src + "/arch/arm64/boot/dts/mediatek/mt7988a-bananapi-bpi-r4-sd.dtso"; } { name = "mt7988a-bananapi-bpi-r4-wifi-mt7996a.dtso"; dtsFile = config.boot.kernelPackages.kernel.src + "/arch/arm64/boot/dts/mediatek/mt7988a-bananapi-bpi-r4-wifi-mt7996a.dtso"; } ]; boot.loader.grub.enable = false; boot.loader.generic-extlinux-compatible.enable = true; boot.kernelParams = [ "console=ttyS0,115200n8" "earlycon=uart8250,mmio32,0x11000000" "pci=pcie_bus_perf" "pstore_blk.blkdev=/dev/nvme0n1p2" "pstore_blk.kmsg_size=128" "best_effort=y" ]; disko.rootMountPoint = "/mnt/bpi-r4"; disko.devices = { nodev = { "/tmp" = { fsType = "tmpfs"; mountOptions = [ "size=256M" "mode=755" "noexec" ]; }; "/" = { fsType = "tmpfs"; mountOptions = [ "size=128M" "mode=755" "noexec" ]; }; }; disk = { ssd = { device = "nvme-nvme.126f-5033313050424242323331323231303037393133-50617472696f74204d2e322050333130203234304742-00000001"; type = "disk"; content = { type = "gpt"; partitions = { boot = { priority = 1; size = "4G"; content = { type = "filesystem"; format = "vfat"; mountpoint = "/boot"; }; }; pstore = { priority = 2; size = "32M"; content = { type = "filesystem"; format = "pstore"; }; }; root = { priority = 3; size = "100%"; content = { type = "filesystem"; format = "ext4"; mountpoint = "/persist"; }; }; }; }; }; main = { device = "/dev/disk/by-id/usb-Generic-_SD_MMC_20120501030900000-0:0"; type = "disk"; content = { type = "gpt"; partitions = { bl2 = { priority = 1; start = "34"; end = "8191"; alignment = 1; }; fip = { priority = 2; start = "8192"; end = "+4M"; alignment = 1; }; }; }; # mkdir -p /mnt/bpi-r4/persist/nix # mount -o bind -m /mnt/bpi-r4/persist/nix /mnt/bpi-r4/nix # # if ! [ $(uname -m) = "aarch64" ] && [ -e /run/binfmt/aarch64-linux ] ; then # nix copy $(readlink /run/binfmt/aarch64-linux) --to /mnt/bpi-r4 # mount -t tmpfs none /mnt/bpi-r4/run -m # mount -t none -o bind /run/binfmt /mnt/bpi-r4/run/binfmt -m # fi postCreateHook = '' uboot=${pkgs.ubootBananaPiR4} sgdisk -A 1:set:2 -A 3:set:2 $device sgdisk --change-name 1:bl2 --change-name 2:fip $device dd if=$uboot/bl2.img of=$device-part1 status=progress dd if=$uboot/fip.bin of=$device-part2 status=progress ''; }; }; }; fileSystems = { "/persist".neededForBoot = true; "/nix" = { device = "/persist/nix"; options = ["bind"]; neededForBoot = true; }; }; environment.systemPackages = with pkgs; [ tcpdump ethtool dnsutils pciutils gptfdisk traceroute iw ]; environment.persistence."/persist" = { hideMounts = true; directories = [ "/var/log" "/var/lib/nixos" "/var/lib/systemd/coredump" "/var/secrets" ]; files = [ "/etc/machine-id" "/etc/ssh/ssh_host_rsa_key" "/etc/ssh/ssh_host_rsa_key.pub" "/etc/ssh/ssh_host_ed25519_key" "/etc/ssh/ssh_host_ed25519_key.pub" ]; }; time.timeZone = "Europe/Amsterdam"; system.stateVersion = "24.05"; } ); }; }