From 2cab8085f7bfe0846c66180d47c00da1a1c4f426 Mon Sep 17 00:00:00 2001
From: jimzah <me@james.ac>
Date: Mon, 5 Aug 2024 17:05:17 +0100
Subject: [PATCH] G5BSD-1

---
 .gitignore        |  2 ++
 aprs.nix          | 17 +++++++++++++++++
 base.nix          | 23 +++++++++++++++++++++++
 configuration.nix | 27 +++++++++++++++++++++++++++
 flake.lock        | 43 +++++++++++++++++++++++++++++++++++++++++++
 flake.nix         | 32 ++++++++++++++++++++++++++++++++
 jim-ed25519.pub   |  1 +
 7 files changed, 145 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 aprs.nix
 create mode 100644 base.nix
 create mode 100644 configuration.nix
 create mode 100644 flake.lock
 create mode 100644 flake.nix
 create mode 100644 jim-ed25519.pub

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..9b1af24
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+*result*
+direwolf.conf
diff --git a/aprs.nix b/aprs.nix
new file mode 100644
index 0000000..dfcb1bf
--- /dev/null
+++ b/aprs.nix
@@ -0,0 +1,17 @@
+{ config, lib, pkgs, ... }: {
+  systemd.services.direwolf = {
+    enable = true;
+    description = "direwolf digipeater";
+    wants = [ "network-online.target" ];
+    after = [ "sound.target" "syslog.target" "network-online.target" ];
+    serviceConfig = {
+      #User = "";
+      #Group = "";
+      ExecStart = "${pkgs.direwolf}/bin/direwolf -t 0 -c /home/jim/direwolf.conf";
+      StandardOutput = "syslog";
+      StandardError = "syslog";
+      SyslogIdentifier = "direwolf";
+    };
+    wantedBy = [ "multi-user.target" ]; 
+  };
+}
diff --git a/base.nix b/base.nix
new file mode 100644
index 0000000..3c139cb
--- /dev/null
+++ b/base.nix
@@ -0,0 +1,23 @@
+{ pkgs, config, lib, ... }:
+{
+  # This causes an overlay which causes a lot of rebuilding
+  environment.noXlibs = lib.mkForce false;
+  # "${nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix" creates a
+  # disk with this label on first boot. Therefore, we need to keep it. It is the
+  # only information from the installer image that we need to keep persistent
+  fileSystems."/" =
+    { device = "/dev/disk/by-label/NIXOS_SD";
+      fsType = "ext4";
+    };
+  boot = {
+    kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
+    loader = {
+      generic-extlinux-compatible.enable = lib.mkDefault true;
+      grub.enable = lib.mkDefault false;
+    };
+  };
+  nix.settings = {
+    experimental-features = lib.mkDefault "nix-command flakes";
+    trusted-users = [ "root" "@wheel" ];
+  };
+}
diff --git a/configuration.nix b/configuration.nix
new file mode 100644
index 0000000..27fec0a
--- /dev/null
+++ b/configuration.nix
@@ -0,0 +1,27 @@
+{ pkgs, config, lib, ... }:
+{
+  imports = [
+    ./aprs.nix
+  ];
+  environment.systemPackages = with pkgs; [ vim git direwolf ];
+  services.openssh = { 
+    enable = true;
+    settings = {
+      PasswordAuthentication = false;
+    };
+  };
+  networking.hostName = "g5bsd-1";
+  users = {
+    users.jim = {
+      isNormalUser = true;
+      extraGroups = [ "wheel" ];
+      openssh.authorizedKeys.keys = [
+        (builtins.readFile ./jim-ed25519.pub)
+      ];
+    };
+  };
+  networking = {
+    interfaces."eth0".useDHCP = true;
+  };
+  system.stateVersion = "24.05"; 
+}
diff --git a/flake.lock b/flake.lock
new file mode 100644
index 0000000..dbc6f7d
--- /dev/null
+++ b/flake.lock
@@ -0,0 +1,43 @@
+{
+  "nodes": {
+    "nixos-hardware": {
+      "locked": {
+        "lastModified": 1722332872,
+        "narHash": "sha256-2xLM4sc5QBfi0U/AANJAW21Bj4ZX479MHPMPkB+eKBU=",
+        "owner": "nixos",
+        "repo": "nixos-hardware",
+        "rev": "14c333162ba53c02853add87a0000cbd7aa230c2",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "repo": "nixos-hardware",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1722651103,
+        "narHash": "sha256-IRiJA0NVAoyaZeKZluwfb2DoTpBAj+FLI0KfybBeDU0=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "a633d89c6dc9a2a8aae11813a62d7c58b2c0cc51",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-24.05",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixos-hardware": "nixos-hardware",
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/flake.nix b/flake.nix
new file mode 100644
index 0000000..c456478
--- /dev/null
+++ b/flake.nix
@@ -0,0 +1,32 @@
+{
+  inputs = {
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
+    nixos-hardware.url = "github:nixos/nixos-hardware";
+  };
+  outputs = { self, nixpkgs, nixos-hardware }: rec {
+    images = {
+      pi = (self.nixosConfigurations.pi.extendModules {
+        modules = [
+          "${nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
+          {
+            disabledModules = [ "profiles/base.nix" ];
+          }
+        ];
+      }).config.system.build.sdImage;
+    };
+    packages.x86_64-linux.pi-image = images.pi;
+    packages.aarch64-linux.pi-image = images.pi;
+    nixosConfigurations = {
+      pi = nixpkgs.lib.nixosSystem {
+        system = "aarch64-linux";
+        modules = [
+          nixos-hardware.nixosModules.raspberry-pi-3
+          "${nixpkgs}/nixos/modules/profiles/minimal.nix"
+          ./configuration.nix
+          ./base.nix
+        ];
+      };
+    };
+  };
+}
+
diff --git a/jim-ed25519.pub b/jim-ed25519.pub
new file mode 100644
index 0000000..1ce288b
--- /dev/null
+++ b/jim-ed25519.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICxWK3IP5D8U+b7xt+z+JfP81YjR9pKhf5tlXKbqDf1Q me@james.ac