diff options
-rw-r--r-- | krebs/3modules/lass/default.nix | 55 | ||||
-rw-r--r-- | lass/1systems/lasspi/config.nix | 26 | ||||
-rw-r--r-- | lass/1systems/lasspi/physical.nix | 43 |
3 files changed, 124 insertions, 0 deletions
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 7ad725cd8..693e04e6e 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -786,6 +786,61 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIn+o0uCBSot254kZKlNepVKFcwDPdr8s6+lQmYGM3Hd "; }; + lasspi = { + cores = 1; + nets = { + retiolum = { + ip4.addr = "10.243.1.89"; + ip6.addr = r6 "189"; + aliases = [ + "lasspi.r" + ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3zUXIiw8/9okrGaxlAR1 + JvoXNxAzLj5wwE2B0A+9ppev7Vl52HJarNoM6+0RN4aZDGMhDWg8J5ZQSdGUNm5F + CIdxE1TwLXxzW5nd7BIb+MVsjtw0pxId7Gxq6Wgtx1QljUdsp8OVrJActqsmXYMl + oYEWdENHRONYTCyhs+Kd18MERyxQCqOXOnD170iaFuCcHiIa2nSOtlk+aIPNIE/P + Qsp7Q0RCRvqd5LszsI7bp3gZL9mgGquQEW+3ZxSaIYHGTdK/zI4PHYpEa7IvdJFS + BJjJj+PbilnSxy7iL826O8ckxBqA0rNS0EynCKCI0DoVimCeklk20vLagDyXiDyC + VW2774j1rF35eIowPTBVJNfquEptNDl9MLV3MC2P8gnCZp5x+7dEwpqsvecBQ7Z8 + +Ry9JZ/zlWi5qT86SrwKKqJqRhWHjZZSRzWdo4ypaNOy0cKHb2DcVfgn38Kf16xs + QM11XLCRE8VLIVl5UFgrF6q/0f8JP1BG8RO90NDsLwIW/EwKiJ9OGFtayvxkmgHP + zgmzgws8cn50762OPkp4OVzVexN77d9N8GU9QXAlsFyn2FJlO26DvFON4fHIf0bP + 6lqI1Up2jAy0eSl2txlxxKbKRlkIaebHulhxIxQ1djA+xPb/5cfasom9Qqwf6/Lc + 287nChBcbY+HlshTe0lZdrkCAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + wiregrill = { + ip6.addr = w6 "189"; + aliases = [ + "lasspi.w" + ]; + wireguard.pubkey = '' + IIBAiG7jZEliQJJsNUQswLsB5FQFkAfq5IwyHAp71Vw= + ''; + }; + }; + ssh.privkey.path = <secrets/ssh.id_ed25519>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEjYOaTQE9OvvIaWWjO+3/uSy7rvnhnJA48rWYeB2DfB"; + }; + + domsen-pixel = { + nets = { + wiregrill = { + ip4.addr = "10.244.1.17"; + ip6.addr = w6 "d0"; + aliases = [ + "domsen-pixel.w" + ]; + wireguard.pubkey = "cGuBSB1DftIsanbxrSG/i4FiC+TmQrs+Z0uE6SPscHY="; + }; + }; + external = true; + ci = false; + }; + }; users = rec { lass = lass-yubikey; diff --git a/lass/1systems/lasspi/config.nix b/lass/1systems/lasspi/config.nix new file mode 100644 index 000000000..9f823dfc8 --- /dev/null +++ b/lass/1systems/lasspi/config.nix @@ -0,0 +1,26 @@ +with import <stockholm/lib>; +{ config, lib, pkgs, ... }: +let +in +{ + imports = [ + <stockholm/lass> + <stockholm/lass/2configs> + <stockholm/lass/2configs/retiolum.nix> + ]; + + krebs.build.host = config.krebs.hosts.lasspi; + + networking = { + networkmanager = { + enable = true; + }; + }; + environment.systemPackages = with pkgs; [ + vim + rxvt_unicode.terminfo + ]; + services.openssh.enable = true; + + system.stateVersion = "21.05"; +} diff --git a/lass/1systems/lasspi/physical.nix b/lass/1systems/lasspi/physical.nix new file mode 100644 index 000000000..80c459a95 --- /dev/null +++ b/lass/1systems/lasspi/physical.nix @@ -0,0 +1,43 @@ +{ config, lib, pkgs, ... }: +{ + # This configuration worked on 09-03-2021 nixos-unstable @ commit 102eb68ceec + # The image used https://hydra.nixos.org/build/134720986 + imports = [ + ./config.nix + ]; + + boot = { + # kernelPackages = pkgs.linuxPackages_rpi4; + tmpOnTmpfs = true; + initrd.availableKernelModules = [ "usbhid" "usb_storage" ]; + # ttyAMA0 is the serial console broken out to the GPIO + kernelParams = [ + "8250.nr_uarts=1" + "console=ttyAMA0,115200" + "console=tty1" + # Some gui programs need this + "cma=128M" + ]; + }; + + boot.loader.raspberryPi = { + enable = true; + version = 4; + }; + boot.loader.grub.enable = false; + boot.loader.generic-extlinux-compatible.enable = true; + + # Required for the Wireless firmware + hardware.enableRedistributableFirmware = true; + + # Assuming this is installed on top of the disk image. + fileSystems = { + "/" = { + device = "/dev/disk/by-label/NIXOS_SD"; + fsType = "ext4"; + options = [ "noatime" ]; + }; + }; + + powerManagement.cpuFreqGovernor = "ondemand"; +} |