starred/nix-config-ryan4yin
1
0
Fork 0
mirror of https://github.com/ryan4yin/nix-config.git synced 2026-01-11 22:30:25 +01:00
Code Issues Packages Projects Releases 10 Wiki Activity

feat: install nixos on orange pi 5 plus with edk2-rk3588(uefi)

Browse Source
This commit is contained in:
Ryan Yin
2024-03-05 20:38:31 +08:00
parent efcee11839
commit 4d0741c841
20 changed files with 560 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
Justfile
View File

@@ -202,10 +202,18 @@ aarch:
colmena apply --on '@aarch' --verbose --show-trace
suzu:
colmena apply --on '@suzu' --verbose --show-trace
colmena apply --on '@suzu' --build-on-target --verbose --show-trace
suzu-debug:
colmena apply --on '@suzu' --verbose --show-trace
suzu-local mode="default":
use utils.nu *; \
nixos-switch suzu {{mode}}
rakushun:
colmena apply --on '@rakushun' --build-on-target --verbose --show-trace
rakushun-local mode="default":
use utils.nu *; \
nixos-switch rakushun {{mode}}
############################################################################
#

44
flake.lock generated
View File

@@ -773,6 +773,21 @@
"type": "github"
}
},
"nixlib_2": {
"locked": {
"lastModified": 1709426687,
"narHash": "sha256-jLBZmwXf0WYHzLkmEMq33bqhX55YtT5edvluFr0RcSA=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "7873d84a89ae6e4841528ff7f5697ddcb5bdfe6c",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixos-generators": {
"inputs": {
"nixlib": "nixlib",
@@ -794,6 +809,28 @@
"type": "github"
}
},
"nixos-generators_2": {
"inputs": {
"nixlib": "nixlib_2",
"nixpkgs": [
"nixos-rk3588",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709557527,
"narHash": "sha256-PV8oYqhTHX6FGZMQ1m5dhRuS914AhofPwgnAMhUZtwE=",
"owner": "nix-community",
"repo": "nixos-generators",
"rev": "d048d6fc4bada612ff08d4b9d5edc48d45389431",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixos-generators",
"type": "github"
}
},
"nixos-hardware": {
"locked": {
"lastModified": 1707842204,
@@ -831,15 +868,16 @@
"nixos-rk3588": {
"inputs": {
"flake-utils": "flake-utils_5",
"nixos-generators": "nixos-generators_2",
"nixpkgs": "nixpkgs_5",
"pre-commit-hooks": "pre-commit-hooks_2"
},
"locked": {
"lastModified": 1709478567,
"narHash": "sha256-cfY5vuB9B5KdiVIzdHelldxfOcag/wPPTcbERQpzULs=",
"lastModified": 1709742375,
"narHash": "sha256-UxXWq1k5KLKZJjCz34yMZt69Tlpz41fIxLTHLL1GVN4=",
"owner": "ryan4yin",
"repo": "nixos-rk3588",
"rev": "0eea4e4cf05f997833e5cd7c48847c83e0c5b193",
"rev": "3a492b825532656b5f1b9f26cc9668ecd64c0189",
"type": "github"
},
"original": {

54
hosts/12kingdoms_rakushun/README.md Normal file
View File

@@ -0,0 +1,54 @@
# Rakushun - Orange Pi 5 Plus
LUKS encrypted SSD for NixOS, on Orange Pi 5 Plus.
## How to install NixOS on Orange Pi 5 Plus
### 1. Prepare a USB LUKS key
Generate LUKS keyfile to encrypt the root partition, it's used by disko.
```bash
# partition the usb stick
DEV=/dev/sdX
parted ${DEV} -- mklabel gpt
parted ${DEV} -- mkpart OPI5P_DSC fat32 0% 512MB
mkfs.fat -F 32 -n OPI5P_DSC ${DEV}1
# Generate a keyfile from the true random number generator
KEYFILE=./orangepi5plus-luks-keyfile
dd bs=512 count=64 iflag=fullblock if=/dev/random of=$KEYFILE
# copy the keyfile and token to the usb stick
KEYFILE=./orangepi5plus-luks-keyfile
DEVICE=/dev/disk/by-label/OPI5P_DSC
# seek=128 skip N obs-sized output blocks to avoid overwriting the filesystem header
dd bs=512 count=64 iflag=fullblock seek=128 if=$KEYFILE of=$DEVICE
```
### 2. Partition the SSD & install NixOS via disko
First, follow [UEFI - ryan4yin/nixos-rk3588](https://github.com/ryan4yin/nixos-rk3588/blob/main/UEFI.md) to install UEFI bootloader and boot into NixOS live environment via a USB stick.
Then, run the following commands:
```bash
# transfer the nix-config to the target machine
rsync -avzP ~/nix-config rk@<ip-addr>:/home/rk/
# login via ssh
ssh rk@<ip-addr>
cd ~/nix-config/hosts/12kingdoms_rakushun
# 1. change the disk device path in ./disko-fs.nix to the disk you want to use
# 2. partition & format the disk via disko
sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko -- --mode disko ./disko-fs.nix
cd ~/nix-config
# install nixos
# NOTE: the root password you set here will be discarded when reboot
sudo nixos-install --root /mnt --flake .#rakushun --no-root-password --show-trace --verbose
```

48
hosts/12kingdoms_rakushun/default.nix Normal file
View File

@@ -0,0 +1,48 @@
{
disko,
nixos-rk3588,
vars_networking,
...
}:
#############################################################
#
# Suzu - Orange Pi 5 Plus, RK3588 + 16GB RAM
#
#############################################################
let
hostName = "rakushun"; # Define your hostname.
hostAddress = vars_networking.hostAddress.${hostName};
in {
imports = [
# import the rk3588 module, which contains the configuration for bootloader/kernel/firmware
nixos-rk3588.nixosModules.orangepi5plus.core
disko.nixosModules.default
./disko-fs.nix
./hardware-configuration.nix
];
networking = {
inherit hostName;
inherit (vars_networking) defaultGateway nameservers;
networkmanager.enable = false;
# RJ45 port 1
interfaces.enP4p65s0 = {
useDHCP = false;
ipv4.addresses = [hostAddress];
};
# RJ45 port 2
# interfaces.enP3p49s0 = {
# useDHCP = false;
# ipv4.addresses = [hostAddress];
# };
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.11"; # Did you read the comment?
}

98
hosts/12kingdoms_rakushun/disko-fs.nix Normal file
View File

@@ -0,0 +1,98 @@
{
disko.devices = {
# TODO: rename to nvme0n1
disk.sda = {
type = "disk";
# When using disko-install, we will overwrite this value from the commandline
device = "/dev/nvme0n1"; # The device to partition
content = {
type = "gpt";
partitions = {
# The EFI & Boot partition
ESP = {
size = "630M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"defaults"
];
};
};
# The root partition
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
settings = {
keyFile = "/dev/disk/by-label/OPI5P_DSC"; # The keyfile is stored on a USB stick
# The maxium size of the keyfile is 8192 bytes
keyFileSize = 512 * 64; # match the `bs * count` of the `dd` command
keyFileOffset = 512 * 128; # match the `bs * skip` of the `dd` command
fallbackToPassword = true;
allowDiscards = true;
};
# Whether to add a boot.initrd.luks.devices entry for the specified disk.
initrdUnlock = true;
# encrypt the root partition with luks2 and argon2id, will prompt for a passphrase, which will be used to unlock the partition.
# cryptsetup luksFormat
extraFormatArgs = [
"--type luks2"
"--cipher aes-xts-plain64"
"--hash sha512"
"--iter-time 5000"
"--key-size 256"
"--pbkdf argon2id"
# use true random data from /dev/random, will block until enough entropy is available
"--use-random"
];
extraOpenArgs = [
"--timeout 10"
];
content = {
type = "btrfs";
extraArgs = ["-f"];
subvolumes = {
# TODO: tmpfs on root
"@root" = {
mountpoint = "/";
mountOptions = ["compress-force=zstd:1" "noatime"];
};
"@home" = {
mountpoint = "/home";
mountOptions = ["compress-force=zstd:1"];
};
"@lib" = {
mountpoint = "/var/lib";
mountOptions = ["compress-force=zstd:1"];
};
"@nix" = {
mountpoint = "/nix";
mountOptions = ["compress-force=zstd:1" "noatime"];
};
"@tmp" = {
mountpoint = "/tmp";
mountOptions = ["compress-force=zstd:1" "noatime"];
};
"@snapshots" = {
mountpoint = "/snapshots";
mountOptions = ["compress-force=zstd:1" "noatime"];
};
"@swap" = {
mountpoint = "/swap";
swap.swapfile.size = "16384M";
};
};
};
};
};
};
};
};
};
}

39
hosts/12kingdoms_rakushun/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,39 @@
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.loader = {
# depending on how you configured your disk mounts, change this to /boot or /boot/efi.
efi.efiSysMountPoint = "/boot/";
efi.canTouchEfiVariables = true;
# do not use systemd-boot here, it has problems when running `nixos-install`
grub = {
device = "nodev";
efiSupport = true;
};
};
# clear /tmp on boot to get a stateless /tmp directory.
boot.tmp.cleanOnBoot = true;
boot.initrd.availableKernelModules = ["nvme" "usbhid" "usb_storage"];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enP3p49s0.useDHCP = lib.mkDefault true;
# networking.interfaces.enP4p65s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
}

54
hosts/12kingdoms_suzu/README.md Normal file
View File

@@ -0,0 +1,54 @@
# Suzu - Orange Pi 5
LUKS encrypted SSD for NixOS, on Orange Pi 5.
## How to install NixOS on Orange Pi 5
### 1. Prepare a USB LUKS key
Generate LUKS keyfile to encrypt the root partition, it's used by disko.
```bash
# partition the usb stick
DEV=/dev/sdX
parted ${DEV} -- mklabel gpt
parted ${DEV} -- mkpart primary 2M 512MB
mkfs.fat -F 32 -n OPI5_DSC ${DEV}1
# Generate a keyfile from the true random number generator
KEYFILE=./orangepi5-luks-keyfile
dd bs=512 count=64 iflag=fullblock if=/dev/random of=$KEYFILE
# copy the keyfile and token to the usb stick
KEYFILE=./orangepi5-luks-keyfile
DEVICE=/dev/disk/by-label/OPI5_DSC
# seek=128 skip N obs-sized output blocks to avoid overwriting the filesystem header
dd bs=512 count=64 iflag=fullblock seek=128 if=$KEYFILE of=$DEVICE
```
### 2. Partition the SSD & install NixOS via disko
First, follow [UEFI - ryan4yin/nixos-rk3588](https://github.com/ryan4yin/nixos-rk3588/blob/main/UEFI.md) to install UEFI bootloader and boot into NixOS live environment via a USB stick.
Then, run the following commands:
```bash
# login via ssh
ssh rk@<ip-addr>
git clone https://github.com/ryan4yin/nix-config.git
cd ~/nix-config/hosts/12kingdoms_suzu
# 1. change the disk device path in ./disko-fs.nix to the disk you want to use
# 2. partition & format the disk via disko
sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko -- --mode disko ./disko-fs.nix
cd ~/nix-config
# install nixos
# NOTE: the root password you set here will be discarded when reboot
sudo nixos-install --root /mnt --flake .#suzu --no-root-password --show-trace --verbose
```

8
hosts/12kingdoms_suzu/default.nix
View File

@@ -1,11 +1,12 @@
{
disko,
nixos-rk3588,
vars_networking,
...
}:
#############################################################
#
# Suzu - Orange Pi 5, RK3588s
# Suzu - Orange Pi 5 Plus, RK3588 + 16GB RAM
#
#############################################################
let
@@ -14,7 +15,10 @@ let
in {
imports = [
# import the rk3588 module, which contains the configuration for bootloader/kernel/firmware
nixos-rk3588.nixosModules.orangepi5
nixos-rk3588.nixosModules.orangepi5plus.core
disko.nixosModules.default
./disko-fs.nix
./hardware-configuration.nix
];
networking = {

98
hosts/12kingdoms_suzu/disko-fs.nix Normal file
View File

@@ -0,0 +1,98 @@
{
disko.devices = {
# TODO: rename to nvme0n1
disk.sda = {
type = "disk";
# When using disko-install, we will overwrite this value from the commandline
device = "/dev/nvme0n1"; # The device to partition
content = {
type = "gpt";
partitions = {
# The EFI & Boot partition
ESP = {
size = "630M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"defaults"
];
};
};
# The root partition
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
settings = {
keyFile = "/dev/disk/by-label/OPI5_DSC"; # The keyfile is stored on a USB stick
# The maxium size of the keyfile is 8192 bytes
keyFileSize = 512 * 64; # match the `bs * count` of the `dd` command
keyFileOffset = 512 * 128; # match the `bs * skip` of the `dd` command
fallbackToPassword = true;
allowDiscards = true;
};
# Whether to add a boot.initrd.luks.devices entry for the specified disk.
initrdUnlock = true;
# encrypt the root partition with luks2 and argon2id, will prompt for a passphrase, which will be used to unlock the partition.
# cryptsetup luksFormat
extraFormatArgs = [
"--type luks2"
"--cipher aes-xts-plain64"
"--hash sha512"
"--iter-time 5000"
"--key-size 256"
"--pbkdf argon2id"
# use true random data from /dev/random, will block until enough entropy is available
"--use-random"
];
extraOpenArgs = [
"--timeout 10"
];
content = {
type = "btrfs";
extraArgs = ["-f"];
subvolumes = {
# TODO: tmpfs on root
"@root" = {
mountpoint = "/";
mountOptions = ["compress-force=zstd:1" "noatime"];
};
"@home" = {
mountpoint = "/home";
mountOptions = ["compress-force=zstd:1"];
};
"@lib" = {
mountpoint = "/var/lib";
mountOptions = ["compress-force=zstd:1"];
};
"@nix" = {
mountpoint = "/nix";
mountOptions = ["compress-force=zstd:1" "noatime"];
};
"@tmp" = {
mountpoint = "/tmp";
mountOptions = ["compress-force=zstd:1" "noatime"];
};
"@snapshots" = {
mountpoint = "/snapshots";
mountOptions = ["compress-force=zstd:1" "noatime"];
};
"@swap" = {
mountpoint = "/swap";
swap.swapfile.size = "8192M";
};
};
};
};
};
};
};
};
};
}

39
hosts/12kingdoms_suzu/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,39 @@
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.loader = {
# depending on how you configured your disk mounts, change this to /boot or /boot/efi.
efi.efiSysMountPoint = "/boot/";
efi.canTouchEfiVariables = true;
# do not use systemd-boot here, it has problems when running `nixos-install`
grub = {
device = "nodev";
efiSupport = true;
};
};
# clear /tmp on boot to get a stateless /tmp directory.
boot.tmp.cleanOnBoot = true;
boot.initrd.availableKernelModules = ["nvme" "usbhid" "usb_storage"];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enP3p49s0.useDHCP = lib.mkDefault true;
# networking.interfaces.enP4p65s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
}

9
hosts/README.md
View File

@@ -6,17 +6,18 @@
2. `idols`
1. `ai`: My main computer, with NixOS + I5-13600KF + RTX 4090 GPU, for gaming & daily use.
2. `aquamarine`: My NixOS virtual machine as a router(IPv4 only) with a tranparent proxy to bypass the G|F|W.
4. `ruby`: Another NixOS VM running operation and maintenance related services, such as prometheus, grafana, restic, etc.
3. `kana`: Yet another NixOS VM running some common applications, such as hompage, file browser, torrent downloader, etc.
3. `ruby`: Another NixOS VM running operation and maintenance related services, such as prometheus, grafana, restic, etc.
4. `kana`: Yet another NixOS VM running some common applications, such as hompage, file browser, torrent downloader, etc.
3. Homelab:
1. `tailscale_gw`: A tailscale subnet router(gateway) for accessing my homelab remotely. NixOS VM running on Proxmox.
4. `rolling_girls`: My RISCV64 hosts.
1. `nozomi`: Lichee Pi 4A, TH1520(4xC910@2.0G), 8GB RAM + 32G eMMC + 64G SD Card.
2. `yukina`: Lichee Pi 4A(Internal Test Version), TH1520(4xC910@2.0G), 8GB RAM + 8G eMMC + 128G SD Card.
3. `chiaya`: Milk-V Mars, JH7110(4xU74@1.5 GHz), 4G RAM + No eMMC + 64G SD Card.
5. `12kingdoms`:
5. `12kingdoms`:
1. `shoukei`: NixOS on Macbook Pro 2020 Intel i5, 13.3-inch, 16G RAM + 512G SSD.
1. `suzu`: Orange Pi 5, RK3588s(4xA76 + 4xA55), GPU(4Cores, Mail-G610), NPU(6Tops@int8), 8G RAM + 256G SSD.
1. `rakushun`: Orange Pi 5 Plus, RK3588(4xA76 + 4xA55), GPU(4Cores, Mail-G610), NPU(6Tops@int8), 16G RAM + 2T SSD.
6. `kubernetes`: My Kubernetes Cluster
## idols - Oshi no Ko
@@ -29,7 +30,6 @@ My All RISCV64 hosts.
![](/_img/nixos-riscv-cluster.webp)
## Distributed Building
I usually run the build command on `Ai` and nix will distribute the build to other NixOS machines, which is convenient and fast.
@@ -40,7 +40,6 @@ When building some packages for riscv64 or aarch64, I often have no cache availa
![](/_img/nix-distributed-building-log.webp)
## References
[Oshi no Ko 【推しの子】 - Wikipedia](https://en.wikipedia.org/wiki/Oshi_no_Ko):

1
modules/nixos/base/packages.nix
View File

@@ -18,6 +18,7 @@
iftop
btop
nmon
sysbench
# system tools
psmisc # killall/pstree/prtstat/fuser/...

1
modules/nixos/server/server-aarch64.nix
View File

@@ -15,6 +15,7 @@
../../base.nix
];
boot.loader.timeout = lib.mkForce 3; # wait for 3 seconds to select the boot entry
# Fix: jasper is marked as broken, refusing to evaluate.
environment.enableAllTerminfo = lib.mkForce false;
}

4
modules/nixos/server/server-riscv64.nix
View File

@@ -1,4 +1,4 @@
{pkgs, ...}: {
{lib, ...}: {
# =========================================================================
# Base NixOS Configuration
# =========================================================================
@@ -14,4 +14,6 @@
../../base.nix
];
boot.loader.timeout = lib.mkForce 3; # wait for 3 seconds to select the boot entry
}

4
nixos-installer/README.md
View File

@@ -200,11 +200,11 @@ rm -rf /mnt/etc
# install nixos
# NOTE: the root password you set here will be discarded when reboot
nixos-install --root /mnt --flake .#ai --no-root-password --show-trace # instlall-1
nixos-install --root /mnt --flake .#ai --no-root-password --show-trace --verbose # instlall-1
# if you want to use a cache mirror, run this command instead
# replace the mirror url with your own
nixos-install --root /mnt --flake .#ai --no-root-password --show-trace --option substituters "https://mirror.sjtu.edu.cn/nix-channels/store" # install-2
nixos-install --root /mnt --flake .#ai --no-root-password --show-trace --verbose --option substituters "https://mirror.sjtu.edu.cn/nix-channels/store" # install-2
# enter into the installed system, check password & users
# `su ryan` => `sudo -i` => enter ryan's password => successfully login

4
nixos-installer/README.shoukei.md
View File

@@ -180,11 +180,11 @@ rm -rf /mnt/etc
# install nixos
# NOTE: the root password you set here will be discarded when reboot
nixos-install --root /mnt --flake .#shoukei --no-root-password --show-trace # install-1
nixos-install --root /mnt --flake .#shoukei --no-root-password --show-trace --verbose # install-1
# if you want to use a cache mirror, run this command instead
# replace the mirror url with your own
nixos-install --root /mnt --flake .#shoukei --no-root-password --show-trace --option substituters "https://mirror.sjtu.edu.cn/nix-channels/store" # install-2
nixos-install --root /mnt --flake .#shoukei --no-root-password --show-trace --verbose --option substituters "https://mirror.ustc.edu.cn/nix-channels/store" # install-2
# enter into the installed system, check password & users
# `su ryan` => `sudo -i` => enter ryan's password => successfully login

29
systems/colmena.nix
View File

@@ -27,14 +27,22 @@ with allSystemAttrs; let
};
# aarch64 related
# using the same nixpkgs as nixos-rk3588 to utilize the cross-compilation cache.
rk3588_pkgs = import nixos-rk3588.inputs.nixpkgs {system = x64_system;};
rk3588_specialArgs = {
inherit username userfullname useremail;
rk3588_pkgs = import nixos-rk3588.inputs.nixpkgs {system = aarch64_system;};
# aarch64 related
rk3588_specialArgs = let
# using the same nixpkgs as nixos-rk3588
inherit (nixos-rk3588.inputs) nixpkgs;
# Provide rk3588 inputs as special argument
rk3588 = nixos-rk3588.inputs;
};
# use aarch64-linux's native toolchain
pkgsKernel = import nixpkgs {
system = aarch64_system;
};
in
allSystemSpecialArgs.aarch64_system
// {
inherit nixpkgs;
# Provide rk3588 inputs as special argument
rk3588 = {inherit nixpkgs pkgsKernel;};
};
rk3588_base_args = {
inherit home-manager;
inherit (nixos-rk3588.inputs) nixpkgs; # or nixpkgs-unstable
@@ -55,6 +63,7 @@ in {
# aarch64 SBCs
suzu = rk3588_specialArgs;
rakushun = rk3588_specialArgs;
};
nodeNixpkgs = {
nozomi = lpi4a_pkgs;
@@ -62,6 +71,7 @@ in {
# aarch64 SBCs
suzu = rk3588_pkgs;
rakushun = rk3588_pkgs;
};
};
@@ -137,5 +147,10 @@ in {
_12kingdoms_suzu_modules
{host_tags = _12kingdoms_suzu_tags;}
]);
rakushun = colmenaSystem (attrs.mergeAttrsList [
rk3588_base_args
_12kingdoms_rakushun_modules
{host_tags = _12kingdoms_rakushun_tags;}
]);
};
}

27
systems/nixos.nix
View File

@@ -8,6 +8,28 @@ with allSystemAttrs; let
system = x64_system;
specialArgs = allSystemSpecialArgs.x64_system;
};
# aarch64 related
rk3588_specialArgs = let
# using the same nixpkgs as nixos-rk3588
inherit (nixos-rk3588.inputs) nixpkgs;
# use aarch64-linux's native toolchain
pkgsKernel = import nixpkgs {
system = aarch64_system;
};
in
allSystemSpecialArgs.aarch64_system
// {
inherit nixpkgs;
# Provide rk3588 inputs as special argument
rk3588 = {inherit nixpkgs pkgsKernel;};
};
rk3588_base_args = {
inherit home-manager nixos-generators;
inherit (nixos-rk3588.inputs) nixpkgs; # or nixpkgs-unstable
system = aarch64_system;
specialArgs = rk3588_specialArgs;
};
in {
nixosConfigurations = {
# ai with i3 window manager
@@ -32,9 +54,12 @@ in {
k3s_prod_1_worker_3 = nixosSystem (k3s_prod_1_worker_3_modules // base_args);
tailscale_gw = nixosSystem (homelab_tailscale_gw_modules // base_args);
# aarch64 hosts
suzu = nixosSystem (_12kingdoms_suzu_modules // rk3588_base_args);
rakushun = nixosSystem (_12kingdoms_rakushun_modules // rk3588_base_args);
};
# take system images for idols
# https://github.com/nix-community/nixos-generators
packages."${x64_system}" = attrs.mergeAttrsList [
(

13
systems/vars.nix
View File

@@ -246,14 +246,21 @@ in {
nixos-modules = [
../hosts/12kingdoms_suzu
../modules/nixos/server/server-aarch64.nix
# cross-compilation this flake.
{nixpkgs.crossSystem.config = "aarch64-unknown-linux-gnu";}
];
# home-module.imports = [];
};
_12kingdoms_suzu_tags = ["aarch" "suzu"];
# 楽俊, Rakushun
_12kingdoms_rakushun_modules = {
nixos-modules = [
../hosts/12kingdoms_rakushun
../modules/nixos/server/server-aarch64.nix
];
# home-module.imports = [];
};
_12kingdoms_rakushun_tags = ["aarch" "rakushun"];
# Shoukei (祥瓊, Shōkei)
_12kingdoms_shoukei_modules_i3 = {
nixos-modules =

1
systems/vars_networking.nix
View File

@@ -28,6 +28,7 @@
"kubevirt-shoryu" = "192.168.5.176";
"kubevirt-shushou" = "192.168.5.177";
"kubevirt-youko" = "192.168.5.178";
"rakushun" = "192.168.5.179";
"tailscale-gw" = "192.168.5.192";
};