From 2f14ccc5170dd95d2d7257179e924050ba379304 Mon Sep 17 00:00:00 2001
From: Astro <astro@spaceboyz.net>
Date: Mon, 27 Sep 2021 22:19:24 +0200
Subject: [PATCH] dacbert: init

---
 flake.nix                 |   8 +++
 host-registry.nix         |   2 +
 hosts/dacbert/default.nix | 143 ++++++++++++++++++++++++++++++++++++++
 3 files changed, 153 insertions(+)
 create mode 100644 hosts/dacbert/default.nix

diff --git a/flake.nix b/flake.nix
index afaebb72..f48416b2 100644
--- a/flake.nix
+++ b/flake.nix
@@ -228,6 +228,14 @@
           system = "aarch64-linux";
         };
 
+        dacbert = nixosSystem' {
+          modules = [
+            "${inputs.nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
+            ./hosts/dacbert
+          ];
+          system = "aarch64-linux";
+        };
+
         yggdrasil = nixosSystem' {
           modules = [
             ./hosts/containers/yggdrasil
diff --git a/host-registry.nix b/host-registry.nix
index 2d417f5d..a7ac7033 100644
--- a/host-registry.nix
+++ b/host-registry.nix
@@ -117,6 +117,8 @@ rec {
       ip4 = "172.20.73.45";
       ip6 = "2a00:8180:2c00:282:1024:5fff:febd:9be7";
     };
+
+    dacbert.ip4 = "127.0.0.1";
   };
 
   hqGlobal = builtins.attrNames hosts;
diff --git a/hosts/dacbert/default.nix b/hosts/dacbert/default.nix
new file mode 100644
index 00000000..9fbb4dee
--- /dev/null
+++ b/hosts/dacbert/default.nix
@@ -0,0 +1,143 @@
+{ hostRegistry, config, lib, pkgs, modulesPath, ... }:
+
+{
+  boot.initrd.availableKernelModules = [ "usbhid" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-label/NIXOS_SD";
+    fsType = "ext4";
+  };
+
+  fileSystems."/boot/firmware" = {
+    device = "/dev/disk/by-label/FIRMWARE";
+    fsType = "vfat";
+  };
+
+  swapDevices = [ ];
+
+  hardware.enableRedistributableFirmware = true;
+  #networking.wireless.enable = true;
+  powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
+
+  boot = {
+    loader = {
+      grub.enable = false;
+      raspberryPi = {
+        enable = true;
+        version = 3;
+        uboot.enable = true;
+        firmwareConfig = ''
+          gpu_mem=192
+          dtparam=audio=on
+        '';
+      };
+    };
+    kernelPackages = pkgs.linuxPackages_5_13;
+    # Don't build ZFS for aarch64 (broken?)
+    supportedFilesystems = lib.mkForce [ "vfat" "ext4" ];
+
+    tmpOnTmpfs = true;
+  };
+  sdImage = {
+    compressImage = false;
+    imageBaseName = config.networking.hostName;
+    firmwareSize = 512;
+  };
+
+  c3d2 = {
+    isInHq = true;
+    mapHqHosts = true;
+    hq.interface = "eth0";
+    hq.statistics.enable = true;
+  };
+  services.collectd.plugins.sensors = "";
+
+  nix = {
+    buildCores = 4;
+    maxJobs = 2;
+  };
+
+  networking = {
+    hostName = "dacbert"; # Define your hostname.
+    useDHCP = false;
+    interfaces.eth0.useDHCP = true;
+    firewall.enable = true;
+  };
+
+  # List packages installed in system profile. To search, run:
+  # $ nix search wget
+  environment.systemPackages = with pkgs; [
+    git
+    libraspberrypi
+    vim
+    wget
+
+    mpv
+    youtube-dl
+    ncpamixer
+    pulseaudio # required for pactl
+  ];
+
+  programs.tmux.enable = true;
+
+  # Do not log to flash:
+  services.journald.extraConfig = ''
+    Storage=volatile
+  '';
+
+  # Enable the OpenSSH daemon.
+  services.openssh = {
+    enable = true;
+    permitRootLogin = "yes";
+  };
+  security.sudo = {
+    enable = true;
+    wheelNeedsPassword = false;
+  };
+
+  users.users.k-ot = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" "audio" ];
+  };
+
+  # Reboot on hang
+  systemd.watchdog = {
+    runtimeTime = "10s";
+    rebootTime = "15s";
+  };
+
+  hardware.pulseaudio = {
+    enable = true;
+    systemWide = true;
+    tcp.enable = true;
+    tcp.anonymousClients.allowedIpRanges = [
+      "127.0.0.0/8"
+      "::1/128"
+      "fd23:42:c3d2:500::/56"
+      "172.22.99.0/24"
+      "172.20.72.0/21"
+      "2a00:8180:2c00:200::/56"
+    ];
+    zeroconf.publish.enable = true;
+    package = pkgs.pulseaudioFull;
+    extraModules = [ pkgs.pulseaudio-modules-bt ];
+  };
+  #services.pipewire = {
+  #  enable = true;
+  #  alsa.enable = true;
+  #  config.pipewire-pulse = lib.importJSON ./pipewire-pulse.conf.json;
+  #  pulse.enable = true;
+  #};
+  security.rtkit.enable = true;
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "21.05"; # Did you read the comment?
+}