mirror of
https://git.sr.ht/~magic_rb/dotfiles
synced 2024-12-11 17:31:58 +01:00
d5045f7056
Signed-off-by: magic_rb <magic_rb@redalder.org>
358 lines
11 KiB
Nix
358 lines
11 KiB
Nix
# SPDX-FileCopyrightText: 2022 Richard Brežák <richard@brezak.sk>
|
|
#
|
|
# SPDX-License-Identifier: LGPL-3.0-or-later
|
|
{
|
|
inputs,
|
|
lib',
|
|
config,
|
|
...
|
|
}: let
|
|
inherit
|
|
(lib')
|
|
flip
|
|
mapAttrs
|
|
singleton
|
|
mkForce
|
|
filter
|
|
hasPrefix
|
|
;
|
|
|
|
config' = config;
|
|
in {
|
|
flake.nixosConfigurations.hela = inputs.nixpkgs-stable.lib.nixosSystem {
|
|
system = "aarch64-linux";
|
|
|
|
specialArgs = {
|
|
config' = config';
|
|
inputs' = inputs;
|
|
secret = lib'.loadSecrets inputs.secret;
|
|
};
|
|
|
|
modules =
|
|
singleton
|
|
(
|
|
{
|
|
pkgs,
|
|
config,
|
|
lib,
|
|
...
|
|
}: {
|
|
imports = [
|
|
inputs.impermenance.nixosModules.impermanence
|
|
inputs.disko.nixosModules.default
|
|
inputs.self.nixosModules.ifstate
|
|
inputs.self.nixosModules.notnft-ns
|
|
../../tests/hel/pppoe-server.nix
|
|
../../common/remote_access.nix
|
|
../../common/nixpkgs.nix
|
|
./users.nix
|
|
./networking.nix
|
|
./dns.nix
|
|
(_: let
|
|
mkMtuOption = mtu:
|
|
lib.mkOption {
|
|
type = lib.types.int;
|
|
default = mtu;
|
|
readOnly = true;
|
|
};
|
|
mkEthAddrOption = addr:
|
|
lib.mkOption {
|
|
type = lib.types.str;
|
|
default = addr;
|
|
readOnly = true;
|
|
apply = addr: {
|
|
colon = addr;
|
|
space = lib.stringAsChars (x:
|
|
if x == ":"
|
|
then " "
|
|
else x)
|
|
addr;
|
|
};
|
|
};
|
|
mtu = config.bananapi.mtu;
|
|
in {
|
|
options.bananapi = {
|
|
mtu = {
|
|
sw = mkMtuOption 1544;
|
|
wan = mkMtuOption (mtu.sw - 8);
|
|
slan = mkMtuOption (mtu.sw - 8);
|
|
wan-vlan = mkMtuOption (mtu.wan - 8);
|
|
slan-vlan = mkMtuOption (mtu.slan - 8);
|
|
ppp-wan = mkMtuOption (mtu.wan-vlan - 24);
|
|
ppp-slan = mkMtuOption (mtu.slan-vlan - 24);
|
|
};
|
|
ethaddr = {
|
|
sw = mkEthAddrOption "ea:34:07:e4:7c:6a";
|
|
sfp0 = mkEthAddrOption "86:a9:22:2c:dd:6c";
|
|
sfp1 = mkEthAddrOption "16:5c:7f:42:c7:76";
|
|
wan = mkEthAddrOption "fe:39:64:d0:e4:9b";
|
|
slan = mkEthAddrOption "98:35:ed:b0:e3:f5";
|
|
lan0 = mkEthAddrOption "52:76:52:a8:40:18";
|
|
lan1 = mkEthAddrOption "de:9c:15:bb:f7:b9";
|
|
wlan0 = mkEthAddrOption "20:2b:20:91:9c:33";
|
|
};
|
|
};
|
|
})
|
|
];
|
|
|
|
_module.args = {notnft = inputs.notnft.lib.${pkgs.stdenv.system};};
|
|
|
|
nixpkgs.overlays = [
|
|
inputs.self.overlays.ifstate
|
|
inputs.self.overlays.linux
|
|
inputs.self.overlays.uboot
|
|
inputs.self.overlays.rp-pppoe
|
|
];
|
|
|
|
hardware.firmware = let
|
|
mt7996Firmware = pkgs.fetchFromGitHub {
|
|
owner = "frank-w";
|
|
repo = "mt76";
|
|
rev = "bd483e8c86f19f2286fd0ff761c2027541dd542e";
|
|
hash = "sha256-V6GA/8g8x8s7yVB3NBxzRD6DCJO0Ws9ZzXb4/OH6lFI=";
|
|
postFetch = ''
|
|
mv $out/firmware .
|
|
shopt -s dotglob
|
|
rm -r $out/*
|
|
mkdir -p $out/lib/firmware/mediatek
|
|
mv ./firmware/* $out/lib/firmware/mediatek
|
|
rm -r firmware
|
|
${pkgs.unzip}/bin/unzip ${./mt7996fw.zip}
|
|
mv *.bin $out/lib/firmware/mediatek/mt7996
|
|
'';
|
|
};
|
|
in [(lib.traceValFn (x: x.outPath) mt7996Firmware)];
|
|
hardware.enableRedistributableFirmware = true;
|
|
boot.initrd.includeDefaultModules = false;
|
|
boot.kernelPackages =
|
|
pkgs.linuxPackagesFor pkgs.linuxBananaPiR4;
|
|
hardware.deviceTree.name = "mediatek/mt7988a-bananapi-bpi-r4.dtb";
|
|
hardware.deviceTree.overlays = [
|
|
{
|
|
name = "mt7988a-bananapi-bpi-r4-eth.dtso";
|
|
dtsText = ''
|
|
/dts-v1/;
|
|
/plugin/;
|
|
/ {
|
|
compatible = "bananapi,bpi-r4", "mediatek,mt7988a";
|
|
|
|
fragment@1 {
|
|
target-path = "/soc/switch@15020000/ports";
|
|
__overlay__ {
|
|
port@0 {
|
|
mac-address = [${config.bananapi.ethaddr.wan.space}];
|
|
};
|
|
port@1 {
|
|
mac-address = [${config.bananapi.ethaddr.slan.space}];
|
|
label = "slan";
|
|
};
|
|
port@2 {
|
|
mac-address = [${config.bananapi.ethaddr.lan0.space}];
|
|
label = "lan0";
|
|
};
|
|
port@3 {
|
|
mac-address = [${config.bananapi.ethaddr.lan1.space}];
|
|
label = "lan1";
|
|
};
|
|
|
|
port@6 {
|
|
mac-address = [${config.bananapi.ethaddr.sw.space}];
|
|
label = "sw";
|
|
};
|
|
};
|
|
};
|
|
|
|
fragment@2 {
|
|
target-path = "/soc/ethernet@15100000";
|
|
__overlay__ {
|
|
mac@0 {
|
|
mac-address = [${config.bananapi.ethaddr.sw.space}];
|
|
label = "sw";
|
|
};
|
|
|
|
mac@1 {
|
|
mac-address = [${config.bananapi.ethaddr.sfp0.space}];
|
|
label = "sfp0";
|
|
};
|
|
|
|
mac@2 {
|
|
mac-address = [${config.bananapi.ethaddr.sfp1.space}];
|
|
label = "sfp1";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
'';
|
|
}
|
|
{
|
|
name = "mt7988a-bananapi-bpi-r4-sd.dtso";
|
|
dtsFile =
|
|
config.boot.kernelPackages.kernel.src + "/arch/arm64/boot/dts/mediatek/mt7988a-bananapi-bpi-r4-sd.dtso";
|
|
}
|
|
{
|
|
name = "mt7988a-bananapi-bpi-r4-wifi-mt7996a.dtso";
|
|
dtsFile =
|
|
config.boot.kernelPackages.kernel.src + "/arch/arm64/boot/dts/mediatek/mt7988a-bananapi-bpi-r4-wifi-mt7996a.dtso";
|
|
}
|
|
];
|
|
|
|
boot.loader.grub.enable = false;
|
|
boot.loader.generic-extlinux-compatible.enable = true;
|
|
|
|
boot.kernelParams = [
|
|
"console=ttyS0,115200n8"
|
|
"earlycon=uart8250,mmio32,0x11000000"
|
|
"pci=pcie_bus_perf"
|
|
"pstore_blk.blkdev=/dev/nvme0n1p2"
|
|
"pstore_blk.kmsg_size=128"
|
|
"best_effort=y"
|
|
];
|
|
|
|
disko.rootMountPoint = "/mnt/bpi-r4";
|
|
disko.devices = {
|
|
nodev = {
|
|
"/tmp" = {
|
|
fsType = "tmpfs";
|
|
mountOptions = [
|
|
"size=256M"
|
|
"mode=755"
|
|
"noexec"
|
|
];
|
|
};
|
|
|
|
"/" = {
|
|
fsType = "tmpfs";
|
|
mountOptions = [
|
|
"size=128M"
|
|
"mode=755"
|
|
"noexec"
|
|
];
|
|
};
|
|
};
|
|
|
|
disk = {
|
|
ssd = {
|
|
device = "nvme-nvme.126f-5033313050424242323331323231303037393133-50617472696f74204d2e322050333130203234304742-00000001";
|
|
type = "disk";
|
|
content = {
|
|
type = "gpt";
|
|
|
|
partitions = {
|
|
boot = {
|
|
priority = 1;
|
|
size = "4G";
|
|
content = {
|
|
type = "filesystem";
|
|
format = "vfat";
|
|
mountpoint = "/boot";
|
|
};
|
|
};
|
|
|
|
pstore = {
|
|
priority = 2;
|
|
size = "32M";
|
|
content = {
|
|
type = "filesystem";
|
|
format = "pstore";
|
|
};
|
|
};
|
|
|
|
root = {
|
|
priority = 3;
|
|
size = "100%";
|
|
content = {
|
|
type = "filesystem";
|
|
format = "ext4";
|
|
mountpoint = "/persist";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
main = {
|
|
device = "/dev/disk/by-id/usb-Generic-_SD_MMC_20120501030900000-0:0";
|
|
type = "disk";
|
|
content = {
|
|
type = "gpt";
|
|
partitions = {
|
|
bl2 = {
|
|
priority = 1;
|
|
start = "34";
|
|
end = "8191";
|
|
alignment = 1;
|
|
};
|
|
fip = {
|
|
priority = 2;
|
|
start = "8192";
|
|
end = "+4M";
|
|
alignment = 1;
|
|
};
|
|
};
|
|
};
|
|
|
|
# mkdir -p /mnt/bpi-r4/persist/nix
|
|
# mount -o bind -m /mnt/bpi-r4/persist/nix /mnt/bpi-r4/nix
|
|
#
|
|
# if ! [ $(uname -m) = "aarch64" ] && [ -e /run/binfmt/aarch64-linux ] ; then
|
|
# nix copy $(readlink /run/binfmt/aarch64-linux) --to /mnt/bpi-r4
|
|
# mount -t tmpfs none /mnt/bpi-r4/run -m
|
|
# mount -t none -o bind /run/binfmt /mnt/bpi-r4/run/binfmt -m
|
|
# fi
|
|
|
|
postCreateHook = ''
|
|
uboot=${pkgs.ubootBananaPiR4}
|
|
|
|
sgdisk -A 1:set:2 -A 3:set:2 $device
|
|
sgdisk --change-name 1:bl2 --change-name 2:fip $device
|
|
|
|
dd if=$uboot/bl2.img of=$device-part1 status=progress
|
|
dd if=$uboot/fip.bin of=$device-part2 status=progress
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
|
|
fileSystems = {
|
|
"/persist".neededForBoot = true;
|
|
"/nix" = {
|
|
device = "/persist/nix";
|
|
options = ["bind"];
|
|
neededForBoot = true;
|
|
};
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
tcpdump
|
|
ethtool
|
|
dnsutils
|
|
pciutils
|
|
gptfdisk
|
|
traceroute
|
|
iw
|
|
];
|
|
|
|
environment.persistence."/persist" = {
|
|
hideMounts = true;
|
|
directories = [
|
|
"/var/log"
|
|
"/var/lib/nixos"
|
|
"/var/lib/systemd/coredump"
|
|
"/var/secrets"
|
|
];
|
|
|
|
files = [
|
|
"/etc/machine-id"
|
|
"/etc/ssh/ssh_host_rsa_key"
|
|
"/etc/ssh/ssh_host_rsa_key.pub"
|
|
"/etc/ssh/ssh_host_ed25519_key"
|
|
"/etc/ssh/ssh_host_ed25519_key.pub"
|
|
];
|
|
};
|
|
|
|
time.timeZone = "Europe/Amsterdam";
|
|
system.stateVersion = "24.05";
|
|
}
|
|
);
|
|
};
|
|
}
|