forked from c3d2/nix-config
209 lines
6.0 KiB
Nix
209 lines
6.0 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
{
|
|
imports = [
|
|
./hardware-configuration.nix
|
|
];
|
|
|
|
c3d2 = {
|
|
hq.interface = "eth0";
|
|
hq.statistics.enable = true;
|
|
k-ot.enable = true;
|
|
audioServer.enable = true;
|
|
};
|
|
|
|
boot = {
|
|
growPartition = true;
|
|
kernelParams = [ "console=tty0" ];
|
|
loader.grub.enable = false;
|
|
loader.efi.canTouchEfiVariables = true;
|
|
supportedFilesystems = lib.mkForce [ "vfat" "ext4" ];
|
|
tmpOnTmpfs = true;
|
|
};
|
|
|
|
hardware = {
|
|
bluetooth.enable = true;
|
|
deviceTree.enable = true;
|
|
};
|
|
|
|
nix = {
|
|
settings = {
|
|
cores = 2;
|
|
max-jobs = 1;
|
|
};
|
|
};
|
|
|
|
nixpkgs.config.packageOverrides = pkgs: {
|
|
makeModulesClosure = x:
|
|
# prevent kernel install fail due to missing modules
|
|
pkgs.makeModulesClosure (x // { allowMissing = true; });
|
|
};
|
|
|
|
networking = {
|
|
domain = "hq.c3d2.de";
|
|
firewall = {
|
|
allowedTCPPorts = [
|
|
# pulseaudio/pipewire network sync
|
|
4713
|
|
# llmnr
|
|
5355
|
|
];
|
|
allowedUDPPorts = [
|
|
# mdns
|
|
5353
|
|
# llmnr
|
|
5355
|
|
];
|
|
};
|
|
hostName = "pulsebert";
|
|
useDHCP = false;
|
|
interfaces.eth0.useDHCP = true;
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
mpd
|
|
mpv
|
|
ncmpcpp
|
|
ncpamixer
|
|
pulseaudio # required for pactl
|
|
];
|
|
|
|
# https://github.com/dump-dvb/nix-config/blob/310ceedca5ab2d5c22070bd73c603926b6100a74/hardware/configuration-rpi-3b.nix#L16
|
|
sdImage = lib.mkForce {
|
|
populateFirmwareCommands = let
|
|
configTxt = pkgs.writeText "config.txt" ''
|
|
[pi3]
|
|
kernel=u-boot-rpi3.bin
|
|
hdmi_force_hotplug=1
|
|
[pi02]
|
|
kernel=u-boot-rpi3.bin
|
|
[pi4]
|
|
kernel=u-boot-rpi4.bin
|
|
enable_gic=1
|
|
armstub=armstub8-gic.bin
|
|
# Otherwise the resolution will be weird in most cases, compared to
|
|
# what the pi3 firmware does by default.
|
|
disable_overscan=1
|
|
# Supported in newer board revisions
|
|
arm_boost=1
|
|
[cm4]
|
|
# Enable host mode on the 2711 built-in XHCI USB controller.
|
|
# This line should be removed if the legacy DWC2 controller is required
|
|
# (e.g. for USB device mode) or if USB support is not required.
|
|
otg_mode=1
|
|
[all]
|
|
# Boot in 64-bit mode.
|
|
arm_64bit=1
|
|
# U-Boot needs this to work, regardless of whether UART is actually used or not.
|
|
# Look in arch/arm/mach-bcm283x/Kconfig in the U-Boot tree to see if this is still
|
|
# a requirement in the future.
|
|
enable_uart=1
|
|
# Prevent the firmware from smashing the framebuffer setup done by the mainline kernel
|
|
# when attempting to show low-voltage or overtemperature warnings.
|
|
avoid_warnings=1
|
|
'';
|
|
in ''
|
|
(cd ${pkgs.raspberrypifw}/share/raspberrypi/boot && cp bootcode.bin fixup*.dat start*.elf $NIX_BUILD_TOP/firmware/)
|
|
# Add the config
|
|
cp ${configTxt} firmware/config.txt
|
|
# Add pi3 specific files
|
|
cp ${pkgs.ubootRaspberryPi3_64bit}/u-boot.bin firmware/u-boot-rpi3.bin
|
|
# Add pi4 specific files
|
|
cp ${pkgs.ubootRaspberryPi4_64bit}/u-boot.bin firmware/u-boot-rpi4.bin
|
|
cp ${pkgs.raspberrypi-armstubs}/armstub8-gic.bin firmware/armstub8-gic.bin
|
|
cp ${pkgs.raspberrypifw}/share/raspberrypi/boot/bcm2711-rpi-4-b.dtb firmware/
|
|
cp ${pkgs.raspberrypifw}/share/raspberrypi/boot/bcm2711-rpi-400.dtb firmware/
|
|
cp ${pkgs.raspberrypifw}/share/raspberrypi/boot/bcm2711-rpi-cm4.dtb firmware/
|
|
cp ${pkgs.raspberrypifw}/share/raspberrypi/boot/bcm2711-rpi-cm4s.dtb firmware/
|
|
'';
|
|
populateRootCommands = ''
|
|
mkdir -p ./files/boot
|
|
${config.boot.loader.generic-extlinux-compatible.populateCmd} -c ${config.system.build.toplevel} -d ./files/boot
|
|
'';
|
|
};
|
|
|
|
security = {
|
|
rtkit.enable = true;
|
|
sudo = {
|
|
enable = true;
|
|
wheelNeedsPassword = false;
|
|
};
|
|
};
|
|
|
|
users.users = lib.mkMerge [
|
|
(lib.optionalAttrs config.services.octoprint.enable {
|
|
# Allow access to printer serial port and GPIO
|
|
"${config.services.octoprint.user}".extraGroups = [ "dialout" ];
|
|
})
|
|
{ }
|
|
];
|
|
|
|
services = {
|
|
# Do not log to flash but also breaks journalctl --user
|
|
# journald.extraConfig = ''
|
|
# Storage=volatile
|
|
# '';
|
|
|
|
openssh = {
|
|
enable = true;
|
|
};
|
|
|
|
nginx = {
|
|
enable = true;
|
|
virtualHosts = {
|
|
"drkkr.hq.c3d2.de" = {
|
|
default = true;
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:${toString config.services.octoprint.port}";
|
|
proxyWebsockets = true;
|
|
extraConfig = ''
|
|
proxy_set_header X-Scheme $scheme;
|
|
proxy_set_header Accept-Encoding identity;
|
|
client_max_body_size 2000M;
|
|
'';
|
|
};
|
|
locations."/cam/stream" = {
|
|
proxyPass = "http://localhost:3020/?action=stream";
|
|
extraConfig = "proxy_pass_request_headers off;";
|
|
};
|
|
locations."/cam/capture" = {
|
|
proxyPass = "http://localhost:3020/?action=snapshot";
|
|
extraConfig = "proxy_pass_request_headers off;";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
octoprint = rec {
|
|
enable = true;
|
|
port = 8080;
|
|
extraConfig.webcam = {
|
|
snapshot = "http://localhost:3020?action=snapshot";
|
|
stream = "https://drkkr.hq.c3d2.de/cam/stream";
|
|
};
|
|
# plugins = let
|
|
# python = pkgs.octoprint.python;
|
|
|
|
# octoprint-filament-sensor-universal = python.pkgs.buildPythonPackage rec {
|
|
# pname = "OctoPrint-Filament-Sensor-Universal";
|
|
# version = "1.0.0";
|
|
|
|
# src = pkgs.fetchFromGitHub {
|
|
# owner = "lopsided98";
|
|
# repo = pname;
|
|
# rev = "8a72696867a9a008c5a79b49a9b029a4fc426720";
|
|
# sha256 = "1a7lzmjbwx47qhrkjp3hggiwnx172x4axcz0labm9by17zxlsimr";
|
|
# };
|
|
|
|
# propagatedBuildInputs = [ pkgs.octoprint python.pkgs.libgpiod ];
|
|
# };
|
|
# #in p: [ octoprint-filament-sensor-universal ];
|
|
# in p: [];
|
|
};
|
|
};
|
|
|
|
system.stateVersion = "22.11";
|
|
}
|