mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Files
4c29bea94dff2a3f9df44c7c8dba7ac7a5cd0041
nix-config/hosts/pi5/configuration.nix
mjallen 4c29bea94d add default back for pi 5
2025-05-09 15:07:54 -05:00

176 lines
4.2 KiB
Nix
Executable File
Raw Blame History

# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, ... }:
let
user = "matt";
password = "$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06";
SSID = "Joey's Jungle 5G";
wifiSecrets = "kR8v&3Qd"; #config.sops.secrets."wifi".path;
interface = "wlan0";
timezone = "America/Chicago";
hostname = "pi5";
kernelBundle = pkgs.linuxAndFirmware.v6_6_31;
in
{
imports = [
./boot.nix
./hardware-configuration.nix
./impermanence.nix
./networking.nix
./sops.nix
../default.nix
];
networking.networkmanager.enable = true;
programs.zsh.enable = true;
# Enable nix flakes and nix-command tools
nix = {
settings = {
substituters = [
# "https://cache.mjallen.dev"
"https://nixos-raspberrypi.cachix.org"
"https://nix-community.cachix.org"
"https://cache.nixos.org/"
];
trusted-public-keys = [
# "cache.mjallen.dev-1:IzFmKCd8/gggI6lcCXsW65qQwiCLGFFN9t9s2iw7Lvc="
"nixos-raspberrypi.cachix.org-1:4iMO9LXa8BqhU+Rpg6LQKiGa2lsNh/j2oiYLNOQ5sPI="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
warn-dirty = lib.mkForce false;
experimental-features = lib.mkForce [
"nix-command"
"flakes"
];
trusted-users = lib.mkDefault [
"root"
"@wheel"
user
];
};
};
# Configure nixpkgs
nixpkgs = {
# Enable non free
config.allowUnfree = lib.mkForce true;
overlays = lib.mkAfter [
(self: super: {
# This is used in (modulesPath + "/hardware/all-firmware.nix") when at least
# enableRedistributableFirmware is enabled
# I know no easier way to override this package
inherit (kernelBundle) raspberrypiWirelessFirmware;
# Some derivations want to use it as an input,
# e.g. raspberrypi-dtbs, omxplayer, sd-image-* modules
inherit (kernelBundle) raspberrypifw;
})
];
};
system.nixos.tags = let
cfg = config.boot.loader.raspberryPi;
in [
"raspberry-pi-${cfg.variant}"
cfg.bootloader
config.boot.kernelPackages.kernel.version
];
# Hardware configs
hardware = {
# Bluetooth
bluetooth.enable = lib.mkDefault true;
# Enable all firmware
enableAllFirmware = lib.mkForce true;
};
services.xserver = {
enable = false;
desktopManager = {
budgie.enable = false;
};
displayManager = {
lightdm.enable = false;
};
};
# Set your time zone.
time.timeZone = timezone;
systemd.services.btattach = {
before = [ "bluetooth.service" ];
after = [ "dev-ttyAMA0.device" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.bluez}/bin/btattach -B /dev/ttyAMA0 -P bcm -S 3000000";
};
};
environment.systemPackages = with pkgs; [
btop
sops
vscode
vim
libraspberrypi
raspberrypi-eeprom
raspberrypifw
raspberrypiWirelessFirmware
raspberrypi-armstubs
htop
git
];
services.openssh.enable = true;
programs.command-not-found.enable = lib.mkForce false;
programs.nix-index = {
enable = true;
enableBashIntegration = false;
enableZshIntegration = true;
};
security = {
rtkit.enable = lib.mkDefault true;
# configure sudo
sudo.enable = lib.mkDefault false;
sudo-rs = {
enable = lib.mkDefault true;
extraRules = [
{
commands = [
{
command = "${pkgs.systemd}/bin/systemctl suspend";
options = [ "NOPASSWD" ];
}
{
command = "${pkgs.systemd}/bin/reboot";
options = [ "NOPASSWD" ];
}
{
command = "${pkgs.systemd}/bin/poweroff";
options = [ "NOPASSWD" ];
}
];
groups = [ "wheel" ];
}
];
};
};
users = {
mutableUsers = false;
users."${user}" = {
isNormalUser = true;
initialHashedPassword = password;
extraGroups = [
"wheel"
"docker"
];
shell = pkgs.zsh;
};
};
}
Reference in New Issue View Git Blame Copy Permalink