feat!: make declarative version

2026-03-21 02:09:38 -07:00 · 2026-03-21 02:09:38 -07:00 · f4d95c595e
commit f4d95c595e
parent cf3c5ef1f5
13 changed files with 493 additions and 95 deletions
--- a/pi/bootstrap.nix
+++ b/pi/bootstrap.nix
@ -1,8 +0,0 @@
-{ modulesPath, ... }:
-
-{
-  imports = [
-    "${modulesPath}/installer/sd-card/sd-image-aarch64.nix"
-    ./configuration.nix
-  ];
-}
--- a/pi/configuration.nix
+++ b/pi/configuration.nix
@ -10,7 +10,11 @@
    networks."Noisebridge".psk = "noisebridge";
  };

-  services.avahi.enable = false;
+  services.avahi = {
+    enable = true;
+    nssmdns4 = true;
+    openFirewall = true;
+  };

  # Decrypted at runtime by agenix
  age.identityPaths = [
@ -30,11 +34,23 @@
    inboundApiKeyFile = config.age.secrets.cache-to-pi-key.path;
  };

+  hardware.enableRedistributableFirmware = true;
+
  nix.settings.experimental-features = [
    "nix-command"
    "flakes"
  ];

+  boot.kernelParams = [
+    "console=ttyS0,115200n8"
+    "console=ttyAMA0,115200n8"
+    "console=tty0"
+    "boot.shell_on_fail"
+    "loglevel=7"
+    "systemd.log_level=debug"
+    "systemd.log_target=console"
+  ];
+
  services.tailscale = {
    enable = true;
    authKeyFile = config.age.secrets.tailscale-auth-key.path;
@ -42,6 +58,18 @@

  services.openssh.enable = true;

+  system.activationScripts.pi-zero-2-dtb-compat.text = ''
+    for dtb_dir in /boot/nixos/*-dtbs/broadcom; do
+      if [ -d "$dtb_dir" ]; then
+        if [ -f "$dtb_dir/bcm2837-rpi-zero-2-w.dtb" ] && [ ! -e "$dtb_dir/bcm2837-rpi-zero-2.dtb" ]; then
+          cp "$dtb_dir/bcm2837-rpi-zero-2-w.dtb" "$dtb_dir/bcm2837-rpi-zero-2.dtb"
+        elif [ -f "$dtb_dir/bcm2837-rpi-3-b.dtb" ] && [ ! -e "$dtb_dir/bcm2837-rpi-zero-2.dtb" ]; then
+          cp "$dtb_dir/bcm2837-rpi-3-b.dtb" "$dtb_dir/bcm2837-rpi-zero-2.dtb"
+        fi
+      fi
+    done
+  '';
+
  networking.firewall = {
    trustedInterfaces = [ "tailscale0" ];
    allowedUDPPorts = [ config.services.tailscale.port ];
--- a/pi/hardware-configuration.nix
+++ b/pi/hardware-configuration.nix
@ -1,4 +1,10 @@
-{ config, lib, pkgs, modulesPath, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}:

 {
  imports = [ ];
--- a/pi/result
+++ b/pi/result
@ -1 +0,0 @@
-/nix/store/pmrzmz2b2hsffk62icl3c0ni56gpi3qs-nixos-image-sd-card-26.05.20260308.9dcb002-aarch64-linux.img.zst
				`@ -1 +0,0 @@`
				`/nix/store/pmrzmz2b2hsffk62icl3c0ni56gpi3qs-nixos-image-sd-card-26.05.20260308.9dcb002-aarch64-linux.img.zst`