diff --git a/.sops.yaml b/.sops.yaml index 85ab6181..9ea3f4a8 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -6,7 +6,8 @@ keys: - &host_milan-linode-01 264f9137377eda3b95c82c86cebd6d17984b8d4e - &host_piaware-rpi4 4216b645667670a6130bb95a72a56f8269cd0818 - &host_backups-rpi4 8b37122bb46dc98c208002d65e94778ecd94bd4e - - &host_quitman-rpi4 7184f4fb827fbacf3d4100c24eb80976cfdd8975 + - &host_quitman-rpi4 + - &host_bakersfield-rpi4 creation_rules: - path_regex: secrets\/secrets\.yaml$ @@ -19,7 +20,6 @@ creation_rules: - *host_framework-server - *host_piaware-rpi4 - *host_backups-rpi4 - - *host_quitman-rpi4 - path_regex: secrets\/wireguard\.yaml$ key_groups: diff --git a/README.md b/README.md index 34ffd67f..4a0245e0 100644 --- a/README.md +++ b/README.md @@ -21,17 +21,18 @@ nix develop -c /etc/nixos/git/docs/setup.sh ``` # Machines -| Name | Description | Status | -| ----------------- | ----------------------------------------------------- | -------- | -| backups-rpi4 | Japan Raspberry Pi 4 for backups from nuc-server | Done | -| framework-server | sysctl.io - main server, framework 13th gen mainboard | Done | -| nixos-desktop | My main desktop | Done | -| nixos-framework | My AMD Framework 13 laptop | Done | -| osaka-linode-01 | Osaka Linode relay for sysctl.io external connections | Done | -| milan-linode-01 | Milan Linode DERP relay for Tailscale | Done | -| piaware-rpi4 | FlightAware for Raspberry Pi | Done | -| quitman-rpi4 | Raspberry Pi at my parents house. Headscale Exit Node | On Hold | -| nuc-server | Second NUC server at my brothers house | On Hold | +| Name | Description | Status | +| ----------------- | ------------------------------------------------------ | -------- | +| backups-rpi4 | Japan Raspberry Pi 4 for backups from nuc-server | Complete | +| framework-server | sysctl.io - main server, framework 13th gen mainboard | Complete | +| nixos-desktop | My main desktop | Complete | +| nixos-framework | My AMD Framework 13 laptop | Complete | +| osaka-linode-01 | Osaka Linode relay for sysctl.io external connections | Complete | +| milan-linode-01 | Milan Linode DERP relay for Tailscale | Complete | +| piaware-rpi4 | FlightAware for Raspberry Pi | Complete | +| quitman-rpi4 | Raspberry Pi at my parents house. Headscale Exit Node | On Hold | +| bakersfield-rpi4 | Raspberry Pi at my brothers house. Headscale Exit Node | Complete | +| nuc-server | Second NUC server at my brothers house | On Hold | # Images | Name | Description | Build Commands | diff --git a/nixos/hosts/bakersfield-rpi4/default.nix b/nixos/hosts/bakersfield-rpi4/default.nix new file mode 100644 index 00000000..4027f98c --- /dev/null +++ b/nixos/hosts/bakersfield-rpi4/default.nix @@ -0,0 +1,58 @@ +{ lib, pkgs, modulesPath, ... }: { + imports = [ + # inputs.nixos-hardware.nixosModules.raspberry-pi-4 + (modulesPath + "/installer/scan/not-detected.nix") + ../../common/services/tailscale-autoconnect.nix + ]; + # Enable distributed Builds + nix.distributedBuilds = true; + + console.enable = true; + environment.systemPackages = with pkgs; [ + libraspberrypi + raspberrypi-eeprom + ]; + + # Set your time zone. + time.timeZone = "America/Los_Angeles"; + + ##################################################################################### + # BEGIN hardware config + ##################################################################################### + boot = { + initrd.availableKernelModules = [ + "xhci_pci" + "usbhid" + "usb_storage" + "vc4" + "pcie_brcmstb" # required for the pcie bus to work + "reset-raspberrypi" # required for vl805 firmware to load + ]; + # Use the extlinux boot loader. (NixOS wants to enable GRUB by default) + loader.grub.enable = false; + # Enables the generation of /boot/extlinux/extlinux.conf + loader.generic-extlinux-compatible.enable = true; + + initrd.kernelModules = [ ]; + kernelModules = [ ]; + extraModulePackages = [ ]; + }; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888"; + fsType = "ext4"; + }; + + hardware.enableRedistributableFirmware = true; + + swapDevices = [ ]; + networking.useDHCP = lib.mkDefault true; + powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; + networking.hostName = "bakersfield-rpi4"; + ##################################################################################### + # END hardware config + ##################################################################################### + + services.tailscale.extraUpFlags = [ "--advertise-exit-node" ]; + boot.kernel.sysctl = { "net.ipv4.ip_forward" = true; }; +} diff --git a/nixos/hosts/nixos-rpi4-img/default.nix b/nixos/hosts/nixos-rpi4-img/default.nix index 388448cf..47f9f9da 100644 --- a/nixos/hosts/nixos-rpi4-img/default.nix +++ b/nixos/hosts/nixos-rpi4-img/default.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, modulesPath, system, ... }: { +{ lib, ... }: { # Build this image with: # nix build .#nixosConfigurations.nixos-rpi4-img.config.system.build.sdImage @@ -15,4 +15,4 @@ PasswordAuthentication = lib.mkForce true; }; }; -} \ No newline at end of file +} diff --git a/nixos/hosts/quitman-rpi4/default.nix b/nixos/hosts/quitman-rpi4/default.nix index 96aed6f5..3776fcfc 100644 --- a/nixos/hosts/quitman-rpi4/default.nix +++ b/nixos/hosts/quitman-rpi4/default.nix @@ -1,4 +1,4 @@ -{ inputs, config, lib, pkgs, modulesPath, hostname, ... }: { +{ inputs, lib, pkgs, modulesPath, ... }: { imports = [ inputs.nixos-hardware.nixosModules.raspberry-pi-4 (modulesPath + "/installer/scan/not-detected.nix") @@ -52,4 +52,4 @@ services.tailscale.extraUpFlags = [ "--advertise-exit-node" ]; boot.kernel.sysctl = { "net.ipv4.ip_forward" = true; }; -} \ No newline at end of file +}