hswaw/machines: add tv1, larrythebuilder
This adds two brand new AArch64 machines: a generic builder (and
instructions on how to use it) and tv1.waw, an RPi4 acting as digital
signage in the space.
Change-Id: I8d38344ec35f99f4b872cf9526f6e6771fbffc43
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1330
Reviewed-by: informatic <informatic@hackerspace.pl>
diff --git a/hswaw/machines/larrythebuilder.q3k.org/configuration.nix b/hswaw/machines/larrythebuilder.q3k.org/configuration.nix
new file mode 100644
index 0000000..e18deac
--- /dev/null
+++ b/hswaw/machines/larrythebuilder.q3k.org/configuration.nix
@@ -0,0 +1,27 @@
+# Aarch64 builder in Oracle Cloud, managed by q3k. Add your keys/users to have
+# access to this machine. An Aarch64 remote builder is required when
+# crosscompiling for aarch64.
+
+{ pkgs, ... }: {
+ imports = [
+ ./hardware-configuration.nix
+ ];
+
+ boot.cleanTmpDir = true;
+ zramSwap.enable = true;
+ networking.hostName = "larrythebuilder";
+ networking.domain = "q3k.org";
+ environment.systemPackages = with pkgs; [
+ vim rxvt-unicode-unwrapped.terminfo
+ ];
+ services.openssh.enable = true;
+ users.users.q3k = {
+ isNormalUser = true;
+ openssh.authorizedKeys.keys = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG599UildOrAq+LIOQjKqtGMwjgjIxozI1jtQQRKHtCP q3k@mimeomia"
+ ];
+ };
+ users.users.root.openssh.authorizedKeys.keys = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG599UildOrAq+LIOQjKqtGMwjgjIxozI1jtQQRKHtCP q3k@mimeomia"
+ ];
+}
diff --git a/hswaw/machines/larrythebuilder.q3k.org/hardware-configuration.nix b/hswaw/machines/larrythebuilder.q3k.org/hardware-configuration.nix
new file mode 100644
index 0000000..a1a4fba
--- /dev/null
+++ b/hswaw/machines/larrythebuilder.q3k.org/hardware-configuration.nix
@@ -0,0 +1,14 @@
+{ modulesPath, ... }:
+{
+ imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+ boot.loader.grub = {
+ efiSupport = true;
+ efiInstallAsRemovable = true;
+ device = "nodev";
+ };
+ fileSystems."/boot" = { device = "/dev/disk/by-uuid/BF5B-72BC"; fsType = "vfat"; };
+ boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" ];
+ boot.initrd.kernelModules = [ "nvme" ];
+ fileSystems."/" = { device = "/dev/mapper/ocivolume-root"; fsType = "xfs"; };
+
+}
diff --git a/hswaw/machines/tv1.waw.hackerspace.pl/configuration.nix b/hswaw/machines/tv1.waw.hackerspace.pl/configuration.nix
new file mode 100644
index 0000000..9e103c4
--- /dev/null
+++ b/hswaw/machines/tv1.waw.hackerspace.pl/configuration.nix
@@ -0,0 +1,121 @@
+# TV next to acr1. Raspberry Pi 4 with PoE hat.
+#
+# This is an aarch64 machine. You'll probably have to use a remote builder to
+# cross compile for it. See //ops/README.md for information about how to set
+# that up.
+
+{ config, pkgs, ... }:
+
+let
+ nixos-hardware = builtins.fetchGit {
+ url = "https://github.com/NixOS/nixos-hardware.git";
+ rev = "3bf48d3587d3f34f745a19ebc968b002ef5b5c5a";
+ };
+
+in {
+ imports =
+ [ # Include the results of the hardware scan.
+ ./hardware-configuration.nix
+ "${nixos-hardware}/raspberry-pi/4"
+ ];
+
+ boot.loader.grub.enable = false;
+ boot.loader.generic-extlinux-compatible.enable = true;
+
+ networking.hostName = "tv1";
+ networking.domain = "waw.hackerspace.pl";
+ time.timeZone = "Europe/Warsaw";
+
+ nixpkgs.overlays = [
+ (self: super: {
+ signage = self.callPackage ./signage.nix {};
+ })
+ ];
+
+ # Enable sound.
+ sound.enable = true;
+ services.pipewire = {
+ enable = true;
+ alsa.enable = true;
+ pulse.enable = true;
+ };
+
+ services.dbus.enable = true;
+
+ programs.sway = {
+ enable = true;
+ wrapperFeatures.gtk = true;
+ extraSessionCommands = ''
+ export WLR_LIBINPUT_NO_DEVICES=1
+ export WLR_NO_HARDWARE_CURSORS=1
+ '';
+ };
+ hardware.raspberry-pi."4".fkms-3d.enable = true;
+ hardware.raspberry-pi."4".poe-hat.enable = true;
+
+ services.greetd = {
+ enable = true;
+ settings = rec {
+ initial_session = let
+ sway = builtins.elemAt config.services.xserver.displayManager.sessionPackages 0;
+ in {
+ command = "${sway}/bin/sway";
+ user = "kiosk";
+ };
+ default_session = initial_session;
+ };
+ };
+
+
+ users.users.root = {
+ openssh.authorizedKeys.keys = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG599UildOrAq+LIOQjKqtGMwjgjIxozI1jtQQRKHtCP q3k@mimeomia"
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFhaCaC/CVYv6hphqmEdKaPrIn+Q946+myvL9SSnzFZk vuko@eagle"
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICTR292kx/2CNuWYIsZ6gykQ036aBGrmheIuZa6S1D2x implr@thonk"
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGfIRe1nH6vwjQTjqHNnkKAdr1VYqGEeQnqInmf3A6UN ar@khas"
+ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQb3YQoiYFZLKwvHYKbu1bMqzNeDCAszQhAe1+QI5SLDOotclyY/vFmOReZOsmyMFl71G2d7d+FbYNusUnNNjTxRYQ021tVc+RkMdLJaORRURmQfEFEKbai6QSFTwErXzuoIzyEPK0lbsQuGgqT9WaVnRzHJ2Q/4+qQbxAS34PuR5NqEkmn4G6LMo3OyJ5mwPkCj9lsqz4BcxRaMWFO3mNcwGDfSW+sqgc3E8N6LKrTpZq3ke7xacpQmcG5DU9VO+2QVPdltl9jWbs3gXjmF92YRNOuKPVfAOZBBsp8JOznfx8s9wDgs7RwPmDpjIAJEyoABqW5hlXfqRbTnfnMvuR informatic@InformaticPC"
+ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDVQI/uYdp3km0NBSK7s80VAw7k6zH2Y5hYg1fkPfTjN7/hPCvyuIvSYYNdb6APWevUcw5+1Mpv0YMc+GOFCsJEXnSAcppNhZTPM6ic6HeaIHEC5QBv6qMWbCNLf5M9ZqYdBHEIeCYg0VGJMzgkSor7sk3gEwnKgCMaJ0Bmqv++qtBOLKhCgUn3KTORAn2BAtkXEe8ASfkdWWPMoq20eshsV26h4N4C2bvAgm7ucFtziOtp7TpGY5L8snv7twAeriMkifLbF7J3vy+l6qYBb990HkRadAHAYtt0viPEjTzkFlTubxMPqrmFh4xK8HdKawAw8KFy0SYBqQnKU9oiZ5biyLJvFzaLn+YJL4BcM3A8DRvdeaHiD4PnEJh8bWHCBER5hhGYcNZhA+qBxPYXFjYEiAfsXxD1AYNVep6lpnPtK0vvcPKSxr5eLBM8ZoSofKtA0Xa+7ySuAnzWSdy9EspLNzA8TSFUhQcsZmsUE1cPeLoS2+8I9QFDwQbyPAwWKpfCkLaWd1cK4J1KPn6XzH8iARifX4F/oAEzmfYz5yXrGJQV6HhNAntKXt8dsZhME3kYVgHB/8Ls8PRwAe/9N92JR+DjdDvGKLoPf3BqOq4fq6JcrUT6FPRtGCz0bl4Cgnsb+UY1d2Ue2I7Wcpuqgv5HLY0beTE6CSEfDNmPad/EPw== cz3"
+ ];
+ };
+ users.groups.kiosk = {};
+ users.users.kiosk = {
+ isNormalUser = true;
+ group = "kiosk";
+ extraGroups = [ "users" "lp" "dialout" "tty" ];
+ };
+
+ environment.systemPackages = with pkgs; [
+ (let
+ config = pkgs.writeText "config.lua" ''
+ return {
+ displayTime = 2,
+ transitionTime = 0.5,
+ showProgress = true,
+ nodes = {
+ {'nodes.weather', displayTime = 10},
+ {'nodes.newdash', displayTime = 10},
+ {'nodes.misery', displayTime = 10},
+ },
+ environment = os.getenv('ENV') or 'prod',
+ renderWidth = 1280,
+ renderHeight = 720,
+ }
+ '';
+ in pkgs.writeScriptBin "signage-wrapped" ''
+ #!/usr/bin/env bash
+ SIGNAGE_CONFIG=${config} ${signage}/bin/signage
+ '')
+ firefox foot wayvnc
+ vim rxvt-unicode-unwrapped.terminfo
+
+ alacritty
+ wayland glib dracula-theme gnome3.adwaita-icon-theme
+ swaylock swayidle grim slurp wl-clipboard bemenu mako
+ ];
+
+ services.openssh.enable = true;
+
+ system.stateVersion = "22.05"; # Did you read the comment?
+
+}
+
diff --git a/hswaw/machines/tv1.waw.hackerspace.pl/hardware-configuration.nix b/hswaw/machines/tv1.waw.hackerspace.pl/hardware-configuration.nix
new file mode 100644
index 0000000..29f0ae7
--- /dev/null
+++ b/hswaw/machines/tv1.waw.hackerspace.pl/hardware-configuration.nix
@@ -0,0 +1,32 @@
+# Do not modify this file! It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations. Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+ imports =
+ [ (modulesPath + "/installer/scan/not-detected.nix")
+ ];
+
+ boot.initrd.availableKernelModules = [ "xhci_pci" "usbhid" ];
+ boot.initrd.kernelModules = [ ];
+ boot.kernelModules = [ ];
+ boot.extraModulePackages = [ ];
+
+ fileSystems."/" =
+ { device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
+ fsType = "ext4";
+ };
+
+ swapDevices = [ ];
+
+ # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+ # (the default) this is the recommended approach. When using systemd-networkd it's
+ # still possible to use this option, but it's recommended to use it in conjunction
+ # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+ networking.useDHCP = lib.mkDefault true;
+ # networking.interfaces.eth0.useDHCP = lib.mkDefault true;
+ # networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
+
+ powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
+}
diff --git a/hswaw/machines/tv1.waw.hackerspace.pl/signage.nix b/hswaw/machines/tv1.waw.hackerspace.pl/signage.nix
new file mode 100644
index 0000000..449b0a3
--- /dev/null
+++ b/hswaw/machines/tv1.waw.hackerspace.pl/signage.nix
@@ -0,0 +1,40 @@
+{ love, curl, fetchFromGitHub, fetchgit, stdenv, lib, ... }:
+let
+ love12 = (love.overrideAttrs (oa: {
+ version = "12.0-dev";
+ src = fetchFromGitHub {
+ owner = "love2d";
+ repo = "love";
+ rev = "d586d1847446f5212d5f7e9efb94e50fcfba7d77";
+ sha256 = "sha256-gTpVtyqXV6/GsezuCpooaY+x5tPfOF9p1b83v4kKR4E=";
+ };
+ makeFlags = [
+ "CPPFLAGS=-DHTTPS_BACKEND_CURL"
+ ];
+ buildInputs = oa.buildInputs ++ [ curl ];
+ NIX_LDFLAGS = "-lcurl";
+ enableParallelBuilding = true;
+ }));
+
+ signage = stdenv.mkDerivation {
+ name = "signage";
+ src = fetchgit {
+ url = "https://code.hackerspace.pl/q3k/love2d-signage";
+ rev = "6c14716222e28b004861b3926560bf21d519fb00";
+ sha256 = "sha256-dfZ6Q320+ukMt9Q2igcARBM72LRbW5ltEvxrngSW8fQ=";
+ };
+
+ installPhase = ''
+ mkdir -p $out/share/signage
+ cp -rv $src/* $out/share/signage/
+
+ mkdir -p $out/bin/
+ cat <<EOF >$out/bin/signage
+ #!/usr/bin/env bash
+ ${love12}/bin/love $out/share/signage
+ EOF
+ chmod +x $out/bin/signage
+ '';
+ };
+
+in signage