diff --git a/hosts/lappy-t495/lappy-t495.nix b/hosts/lappy-t495/lappy-t495.nix index 4457025..418b87c 100644 --- a/hosts/lappy-t495/lappy-t495.nix +++ b/hosts/lappy-t495/lappy-t495.nix @@ -30,6 +30,8 @@ in { chaos.gaming ]) + ./profiles/kodi.nix + ./secrets.nix ./hardware.nix ]); diff --git a/hosts/lappy-t495/profiles/kodi.nix b/hosts/lappy-t495/profiles/kodi.nix new file mode 100644 index 0000000..aac368b --- /dev/null +++ b/hosts/lappy-t495/profiles/kodi.nix @@ -0,0 +1,84 @@ +{ + pkgs, + tree, + ... +}: let + kodiPackage = pkgs.kodi-wayland.withPackages (kodiPkgs: + with kodiPkgs; [ + keymap + sendtokodi + sponsorblock + pvr-iptvsimple + inputstreamhelper + inputstream-adaptive + inputstream-rtmp + visualization-projectm + visualization-waveform + visualization-matrix + visualization-starburst + visualization-spectrum + ]); +in { + environment.systemPackages = [ + kodiPackage + ]; + + services.xserver = { + enable = true; + desktopManager.kodi = { + enable = true; + package = kodiPackage; + }; + #autoLogin.enable = true; + #autoLogin.user = "kodi"; + }; + + networking.firewall = { + allowedTCPPorts = [8080]; + allowedUDPPorts = [8080]; + }; + + users.users.kodi = { + uid = 1002; + isNormalUser = true; + extraGroups = [ + "video" + "input" + "uinput" + "audio" + "rtkit" + ]; + }; + + home-manager.users.kodi = { + imports = with tree.profiles.home-manager; [ + base + + gui.base + gui.environments.gnome + + apps.fileRoller + apps.nautilus + apps.pavucontrol + apps.mpv + + apps.firefox + apps.telegram + + apps.aria2 + apps.rclone + ]; + + # only for x86_64 + home.file.widevine-lib = { + source = "${pkgs.widevine-cdm}/share/google/chrome/WidevineCdm/_platform_specific/linux_x64/libwidevinecdm.so"; + target = ".kodi/cdm/libwidevinecdm.so"; + }; + home.file.widevine-manifest = { + source = "${pkgs.widevine-cdm}/share/google/chrome/WidevineCdm/manifest.json"; + target = ".kodi/cdm/manifest.json"; + }; + + home.stateVersion = "24.05"; + }; +} diff --git a/hosts/nixos.nix b/hosts/nixos.nix index f6a9be1..2c80e7d 100644 --- a/hosts/nixos.nix +++ b/hosts/nixos.nix @@ -50,4 +50,11 @@ in rec { system = "aarch64-linux"; modules = defaultModules ++ [./hetzner-arm/hetzner-arm.nix]; }; + + raspberry = nixosUnstableSystem { + specialArgs = + defaultSpecialArgs; + system = "aarch64-linux"; + modules = defaultModules ++ [./raspberry/raspberry.nix]; + }; } diff --git a/hosts/raspberry/hardware.nix b/hosts/raspberry/hardware.nix new file mode 100644 index 0000000..830c1c6 --- /dev/null +++ b/hosts/raspberry/hardware.nix @@ -0,0 +1,111 @@ +{ + tree, + pkgs, + lib, + ... +}: let + inherit (lib.modules) mkForce; + inherit (lib.lists) forEach foldl'; + inherit (lib.attrsets) recursiveUpdate mapAttrsToList; + inherit (builtins) toFile concatStringsSep; + + edk2 = pkgs.fetchzip { + url = "https://github.com/worproject/rpi5-uefi/releases/download/v0.3/RPi5_UEFI_Release_v0.3.zip"; + hash = "sha256-bjEvq7KlEFANnFVL0LyexXEeoXj7rHGnwQpq09PhIb0="; + stripRoot = false; + }; + + fwFiles = let + piBootFw = "${pkgs.raspberrypifw}/share/raspberrypi/boot"; + + piBootFwFiles = foldl' recursiveUpdate {} (forEach [ + "bootcode.bin" + "start.elf" + + "fixup_cd.dat" + "fixup.dat" + "fixup_db.dat" + "fixup_x.dat" + "fixup4cd.dat" + "fixup4.dat" + "fixup4db.dat" + "fixup4x.dat" + + "start_cd.elf" + "start_db.elf" + "start.elf" + "start_x.elf" + "start4cd.elf" + "start4db.elf" + "start4.elf" + "start4x.elf" + ] (file: { + "${file}" = "${piBootFw}/${file}"; + })); + in + { + "config.txt" = toFile "config.txt" '' + armstub=RPI_EFI.fd + device_tree_address=0x1f0000 + device_tree_end=0x210000 + + # Makes GPU work? + dtoverlay=vc4-kms-v3d-pi5 + + # Force 32 bpp framebuffer allocation. + framebuffer_depth=32 + + # Disable compensation for displays with overscan. + disable_overscan=1 + + # Force maximum USB power regardless of the power supply. + usb_max_current_enable=1 + + # Force maximum CPU speed. + force_turbo=1 + ''; + # UEFI Files + "RPI_EFI.fd" = "${edk2}/RPI_EFI.fd"; + "bcm2712-rpi-5-b.dtb" = "${edk2}/bcm2712-rpi-5-b.dtb"; + } + // piBootFwFiles; +in { + imports = with tree; [ + presets.nixos.encryptedDrive + ]; + + boot = { + kernelPackages = pkgs.linuxPackages_rpi4; + supportedFilesystems = mkForce ["vfat"]; + kernelParams = ["console=tty0"]; + loader = { + systemd-boot = { + enable = true; + extraFiles = fwFiles; + }; + efi.canTouchEfiVariables = false; + + grub.enable = false; + generic-extlinux-compatible.enable = false; + }; + initrd.availableKernelModules = [ + "nvme" + "ehci_pci" + "xhci_pci" + "usb_storage" + "sd_mod" + "sdhci_pci" + ]; + }; + + system.build.firmware = pkgs.runCommand "firmware" {} '' + mkdir $out + + ${concatStringsSep "\n" ( + mapAttrsToList (filename: path: '' + cp ${path} $out/${filename} + '') + fwFiles + )} + ''; +} diff --git a/hosts/raspberry/raspberry.nix b/hosts/raspberry/raspberry.nix new file mode 100644 index 0000000..ba4170f --- /dev/null +++ b/hosts/raspberry/raspberry.nix @@ -0,0 +1,43 @@ +{ + lib, + tree, + ... +}: let + inherit (lib.lists) flatten; +in { + nixpkgs.overlays = [ + (_final: super: { + makeModulesClosure = x: + super.makeModulesClosure (x // {allowMissing = true;}); + }) + ]; + + imports = flatten (with tree; [ + users.root + users.chaos + + (with tree.presets.nixos; [ + #desktopGui + ]) + + (with presets.home-manager.by-user; [ + root.base + chaos.base + #chaos.guiDesktop + ]) + + ./hardware.nix + ]); + + networking.firewall = { + enable = true; + allowPing = true; + }; + + networking.hostName = "raspberry"; + time.timeZone = "Europe/London"; + + system.stateVersion = "24.05"; + home-manager.users.root.home.stateVersion = "24.05"; + home-manager.users.chaos.home.stateVersion = "24.05"; +} diff --git a/profiles/nixos/base/hardware.nix b/profiles/nixos/base/hardware.nix index f7b4900..39c67f0 100644 --- a/profiles/nixos/base/hardware.nix +++ b/profiles/nixos/base/hardware.nix @@ -10,7 +10,7 @@ in { hardware = { enableAllFirmware = false; # we include a more minimal subset for base - enableRedistributableFirmware = false; + enableRedistributableFirmware = true; wirelessRegulatoryDatabase = true; firmware = with pkgs; [ diff --git a/profiles/nixos/cross/arm64.nix b/profiles/nixos/cross/arm64.nix index df37a99..810ea5d 100644 --- a/profiles/nixos/cross/arm64.nix +++ b/profiles/nixos/cross/arm64.nix @@ -9,6 +9,7 @@ in { emulatedSystems = ["aarch64-linux"]; registrations.aarch64-linux = { interpreter = mkForce "${pkgs.qemu}/bin/qemu-aarch64"; + fixBinary = true; }; }; nix.settings.extra-sandbox-paths = ["/run/binfmt" "${pkgs.qemu}"]; diff --git a/profiles/nixos/cross/x86_64.nix b/profiles/nixos/cross/x86_64.nix new file mode 100644 index 0000000..b2c916a --- /dev/null +++ b/profiles/nixos/cross/x86_64.nix @@ -0,0 +1,15 @@ +{ + pkgs, + lib, + ... +}: let + inherit (lib.modules) mkForce; +in { + boot.binfmt = { + emulatedSystems = ["x86_64-linux"]; + registrations.x86_64-linux = { + interpreter = mkForce "${pkgs.qemu}/bin/qemu-x86_64"; + }; + }; + nix.settings.extra-sandbox-paths = ["/run/binfmt" "${pkgs.qemu}"]; +}