downgrade rpi more

maybe not
fix workflow
2025-01-24 13:06:17 -05:00 · 2025-01-24 12:59:15 -05:00 · 2025-01-24 12:50:40 -05:00 · 2025-01-24 12:48:43 -05:00 · 2025-01-24 12:40:01 -05:00 · 2025-01-24 04:40:22 -05:00
8 changed files with 223 additions and 19 deletions
--- a/.github/workflows/build-machines-and-homes.yml
+++ b/.github/workflows/build-machines-and-homes.yml
@ -11,8 +11,10 @@ jobs:
          - chunk
          - ytnix
          - titan
+          - pancake
        os:
          - ubuntu-latest
+          - ubuntu-24.04-arm
    runs-on: ${{ matrix.os }}
    continue-on-error: true
    steps:
--- a/.github/workflows/build-packages.yml
+++ b/.github/workflows/build-packages.yml
@ -23,10 +23,11 @@ jobs:
    steps:
      - name: Install Nix
        uses: cachix/install-nix-action@v30
+        with:
+          install_url: https://releases.nixos.org/nix/nix-2.25.4/install
+          extra_nix_config: 'accept-flake-config = true'
      - name: Sync repository
        uses: actions/checkout@v4
-        with:
-          persist-credentials: false
      - uses: cachix/cachix-action@v14
        with:
          name: cything
@ -43,7 +44,7 @@ jobs:
        uses: nix-community/cache-nix-action@v5.1.0
        with:
          # restore and save a cache using this key
-          primary-key: nix-${{ runner.os }}-${{ matrix.package }}-${{ hashFiles('**/*.nix', 'flake.lock') }}
+          primary-key: nix-${{ matrix.os }}-${{ matrix.package }}-${{ hashFiles('**/*.nix', 'flake.lock') }}
          # if there's no cache hit, restore a cache by this prefix
          restore-prefixes-first-match: nix-${{ runner.os }}-${{ matrix.package }}-
          # do purge caches
@ -57,3 +58,7 @@ jobs:
          # always save the cache
          save-always: true
      - run: nix build -L ${{ matrix.package }}
+      - uses: actions/upload-artifact@v4
+        with:
+          name: nix-${{ matrix.os }}-${{ hashFiles('**/*.nix', 'flake.lock') }}
+          path: result/
--- a/flake.lock
+++ b/flake.lock
@ -899,6 +899,57 @@
        "type": "github"
      }
    },
+    "nixlib": {
+      "locked": {
+        "lastModified": 1736643958,
+        "narHash": "sha256-tmpqTSWVRJVhpvfSN9KXBvKEXplrwKnSZNAoNPf/S/s=",
+        "owner": "nix-community",
+        "repo": "nixpkgs.lib",
+        "rev": "1418bc28a52126761c02dd3d89b2d8ca0f521181",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "nixpkgs.lib",
+        "type": "github"
+      }
+    },
+    "nixos-generators": {
+      "inputs": {
+        "nixlib": "nixlib",
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1737057290,
+        "narHash": "sha256-3Pe0yKlCc7EOeq1X/aJVDH0CtNL+tIBm49vpepwL1MQ=",
+        "owner": "nix-community",
+        "repo": "nixos-generators",
+        "rev": "d002ce9b6e7eb467cd1c6bb9aef9c35d191b5453",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "nixos-generators",
+        "type": "github"
+      }
+    },
+    "nixos-hardware": {
+      "locked": {
+        "lastModified": 1737590910,
+        "narHash": "sha256-qM/y6Dtpu9Wmf5HqeZajQdn+cS0aljdYQQQnrvx+LJE=",
+        "owner": "nixos",
+        "repo": "nixos-hardware",
+        "rev": "9368027715d8dde4b84c79c374948b5306fdd2db",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "repo": "nixos-hardware",
+        "type": "github"
+      }
+    },
    "nixpkgs": {
      "locked": {
        "lastModified": 1726042813,
@ -947,6 +998,22 @@
        "type": "github"
      }
    },
+    "nixpkgs-rpi": {
+      "locked": {
+        "lastModified": 1730668999,
+        "narHash": "sha256-nxJmfy9l20Ow6rsVtdMWZhi+e36AXmC/aZpg+tHjCoY=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "68f4d47d0c18eac85d7c654d3f12c756cc1a48a2",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "68f4d47d0c18eac85d7c654d3f12c756cc1a48a2",
+        "type": "github"
+      }
+    },
    "nixpkgs-stable": {
      "locked": {
        "lastModified": 1724316499,
@ -1045,16 +1112,15 @@
    },
    "nixpkgs_5": {
      "locked": {
-        "lastModified": 1737642748,
-        "narHash": "sha256-VsCzuoavNERLs46aw38nmORT4F5pLOZDDe2bzFo+jsE=",
+        "lastModified": 1737740540,
+        "narHash": "sha256-BMzjwypS9StiHbGV4INlirX3mzF+HvDOKHhb7+3Kqdo=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "864f89f98b0b4e1bbcb762b025fd83da8bc1bae0",
+        "rev": "b376e96f521d932948aa3a62f7878bce3d26ef11",
        "type": "github"
      },
      "original": {
        "owner": "nixos",
-        "ref": "nixos-unstable-small",
        "repo": "nixpkgs",
        "type": "github"
      }
@ -1207,8 +1273,11 @@
        "lix": "lix",
        "lix-module": "lix-module",
        "niri": "niri",
+        "nixos-generators": "nixos-generators",
+        "nixos-hardware": "nixos-hardware",
        "nixpkgs": "nixpkgs_5",
        "nixpkgs-garage": "nixpkgs-garage",
+        "nixpkgs-rpi": "nixpkgs-rpi",
        "nixvim": "nixvim",
        "nvim-github-theme": "nvim-github-theme",
        "rust-overlay": "rust-overlay",
--- a/flake.nix
+++ b/flake.nix
@ -2,7 +2,7 @@
  description = "cy's flake";

  inputs = {
-    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small";
+    nixpkgs.url = "github:nixos/nixpkgs";
    sops-nix = {
      url = "github:Mic92/sops-nix";
      inputs.nixpkgs.follows = "nixpkgs";
@ -68,7 +68,13 @@
      inputs.nixpkgs.follows = "nixpkgs";
      inputs.flake-compat.follows = "flake-compat";
    };
+    nixos-hardware.url = "github:nixos/nixos-hardware";
+    nixos-generators = {
+      url = "github:nix-community/nixos-generators";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };

+    nixpkgs-rpi.url = "github:nixos/nixpkgs/68f4d47d0c18eac85d7c654d3f12c756cc1a48a2";
    nixpkgs-garage.url = "github:cything/nixpkgs/garage-module"; # unmerged PR

    nvim-github-theme = {
@ -145,9 +151,9 @@

        flake =
          let
-            pkgs = import nixpkgs {
+            pkgsFor = system: import nixpkgs {
              config.allowUnfree = true;
-              system = "x86_64-linux";
+              system = system;
              overlays = [
                inputs.niri.overlays.niri
                inputs.rust-overlay.overlays.default
@ -164,7 +170,7 @@
                  specialArgs = { inherit inputs; };
                  modules = [
                    {
-                      nixpkgs = { inherit pkgs; };
+                      nixpkgs.pkgs = pkgsFor "x86_64-linux";
                    }
                    ./hosts/ytnix
                    inputs.sops-nix.nixosModules.sops
@ -178,7 +184,7 @@
                  specialArgs = { inherit inputs; };
                  modules = [
                    {
-                      nixpkgs = { inherit pkgs; };
+                      nixpkgs.pkgs = pkgsFor "x86_64-linux";
                      disabledModules = [
                        "services/web-servers/garage.nix"
                      ];
@ -194,7 +200,7 @@
                  specialArgs = { inherit inputs; };
                  modules = [
                    {
-                      nixpkgs = { inherit pkgs; };
+                      nixpkgs.pkgs = pkgsFor "x86_64-linux";
                    }
                    ./hosts/titan
                    disko.nixosModules.disko
@ -202,6 +208,19 @@
                    ./modules
                  ];
                };
+
+                pancake = lib.nixosSystem {
+                  specialArgs = { inherit inputs; };
+                  modules = [
+                    {
+                      nixpkgs.pkgs = pkgsFor "aarch64-linux";
+                    }
+                    inputs.nixos-hardware.nixosModules.raspberry-pi-3
+                    inputs.nixos-generators.nixosModules.all-formats
+                    ./hosts/pancake
+                    ./modules
+                  ];
+                };
              };
            homeConfigurations =
              let
@ -209,7 +228,7 @@
              in
              {
                "yt@ytnix" = lib.homeManagerConfiguration {
-                  inherit pkgs;
+                  pkgs = pkgsFor "x86_64-linux";
                  extraSpecialArgs = { inherit inputs; };
                  modules = [
                    ./home/yt/ytnix.nix
@ -219,7 +238,7 @@
                };

                "yt@chunk" = lib.homeManagerConfiguration {
-                  inherit pkgs;
+                  pkgs = pkgsFor "x86_64-linux";
                  extraSpecialArgs = { inherit inputs; };
                  modules = [
                    ./home/yt/chunk.nix
@ -228,7 +247,7 @@
                };

                "codespace@codespace" = lib.homeManagerConfiguration {
-                  inherit pkgs;
+                  pkgs = pkgsFor "x86_64-linux";
                  extraSpecialArgs = { inherit inputs; };
                  modules = [
                    ./home/yt/codespace.nix
--- a/hosts/common.nix
+++ b/hosts/common.nix
@ -9,8 +9,6 @@
        "root"
        "@wheel"
      ];
-      trusted-public-keys = [ "central:uWhjva6m6dhC2hqNisjn2hXGvdGBs19vPkA1dPEuwFg=" ];
-      substituters = [ "https://cache.cything.io/central" ];
    };
    channel.enable = false;
    optimise = {
--- a/hosts/pancake/default.nix
+++ b/hosts/pancake/default.nix
@ -0,0 +1,70 @@
+{
+  modulesPath,
+  pkgs,
+  lib,
+  inputs,
+  ...
+}:
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+    (modulesPath + "/profiles/qemu-guest.nix")
+    ../common.nix
+    # ./hardware-configuration.nix
+    ../zsh.nix
+  ];
+
+  services.openssh = {
+    enable = true;
+    settings.PasswordAuthentication = false;
+  };
+
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPdhAQYy0+vS+QmyCd0MAbqbgzyMGcsuuFyf6kg2yKge yt@ytlinux"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINyn2+OoRN4nExti+vFQ1NHEZip0slAoCH9C5/FzvgZD yt@ytnix"
+  ];
+
+  system.stateVersion = "24.11";
+
+  environment.systemPackages = with pkgs; [
+    curl
+    git
+  ];
+
+  # network stuff
+  networking.hostName = "pancake";
+  networking.firewall = {
+    enable = true;
+    allowedTCPPorts = [
+      22
+      80
+      443
+    ];
+    allowedUDPPorts = [
+      443
+    ];
+  };
+
+  networking.wireless.enable = true;
+  networking.wireless.networks = {
+    "36 Halsey" = {
+      psk = "Canada2022";
+    };
+    "cy" = {
+      psk = "12345678";
+    };
+  };
+
+  hardware.enableRedistributableFirmware = true;
+
+  users.users.yt.extraGroups = [
+    "wheel"
+  ];
+  security.sudo.enable = true;
+  security.sudo.wheelNeedsPassword = false;
+  users.users.root.initialHashedPassword = "";
+  users.users.yt.initialHashedPassword = "";
+
+  # remove this after https://github.com/NixOS/nixpkgs/pull/375165 lands on unstable
+  boot.kernelPackages = lib.mkForce inputs.nixpkgs-rpi.legacyPackages.aarch64-linux.linuxKernel.packages.linux_rpi3;
+}
--- a/hosts/pancake/hardware-configuration.nix
+++ b/hosts/pancake/hardware-configuration.nix
@ -0,0 +1,41 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/b84680de-5010-457a-9be8-8867571119fc";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/CD4A-62EC";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/8ffcfec9-0e05-41a0-bdb6-b34c8259eca0"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eth0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.tailscale0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
+}
--- a/hosts/ytnix/tailscale.nix
+++ b/hosts/ytnix/tailscale.nix
@ -1,6 +1,6 @@
 { config, ... }: {
  services.tailscale = {
-    enable = true;
+    enable = false;
    authKeyFile = config.sops.secrets."tailscale/auth".path;
    openFirewall = true;
    useRoutingFeatures = "client";
Author	SHA1	Message	Date
cy	77713b0a94	downgrade rpi more	2025-01-24 13:06:17 -05:00
cy	50414e5401	maybe not	2025-01-24 12:59:15 -05:00
cy	2c052c5d0c	fix workflow	2025-01-24 12:50:40 -05:00
cy	aa9c18940e	just build from master now	2025-01-24 12:48:43 -05:00
cy	300a6b2171	add nixos-generators module Signed-off-by: cy <cy@cy7.sh>	2025-01-24 12:40:01 -05:00
cy	2d0c49f55b	rm plasma and up stateversion	2025-01-24 04:40:22 -05:00
cy	a63edffc05	fix boot location	2025-01-24 04:36:13 -05:00
cy	6b0dbd4346	new hardware-configuration	2025-01-24 04:33:15 -05:00
cy	00e6f6267b	apply rpi config error fix	2025-01-24 01:36:39 -05:00
cy	af950da1f5	also build machines on arm cuz we have pi now	2025-01-24 01:36:39 -05:00
cy	b5796b3c23	try to fix everything	2025-01-24 01:36:39 -05:00
cy	f3b7da2918	fix typo and bootloader path	2025-01-24 01:36:39 -05:00
cy	d866d9c0e3	add hardware-config for pancake	2025-01-24 01:36:39 -05:00
cy	83b8a9d765	pancake: init	2025-01-24 01:36:39 -05:00