asonix/nixos-aarch64-images
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
nixos-aarch64-images/flake.nix
asonix 29e77547d0 Expose userModule
2023-01-25 21:43:07 -06:00

123 lines
3.8 KiB
Nix
Raw Blame History

{
description = "Build NixOS images for various ARM single computer boards";
# pin this to unstable
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/master";
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { self, nixpkgs, sops-nix }:
let
pkgs = import nixpkgs {
system = "x86_64-linux";
config = { allowUnfree = true; };
};
aarch64Pkgs = import pkgs.path {
system = "aarch64-linux";
config = { allowUnfree = true; };
};
trusted-public-keys = "firestar:spmMw07mO3cxflq5g2GazhE7ddgEoz6QLwaiCnyz/fg=";
rockchip = { system, uboot }: pkgs.callPackage ./images/rockchip.nix {
inherit uboot;
buildImage = pkgs.callPackage ./pkgs/build-image { };
image = pkgs.callPackage ./pkgs/aarch64-image {
inherit system;
};
};
kernel = (aarch64Pkgs.callPackage ./pkgs/linux { }).testing-rockchip;
userModule = ({ config, ... }: {
sops = {
defaultSopsFile = ./secrets/asonix.yaml;
age.keyFile = /home/asonix/.config/sops/age/keys.txt;
age.generateKey = true;
secrets.password.neededForUsers = true;
};
users.users.asonix = {
isNormalUser = true;
description = "Tavi";
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3+mNUlokSKZQNXJAuGm2LCHelKuElWLJArzIYZQYEPbrFaE+J8VtfNbMMD1qVI21ksfcqvFQW4aiP4+BFDxTOGW0uBmUHWKxkyyU39y2yhnsa+svwwIooc+Iwkxw0atzSMEBb94UaZlq9cKMSnG9RGeRFqfYnW2s49wpU79wk6zEFUuOHCMKn4R7zqkPac7IyjxZeKlspY3fOasNH4zyrkbhEOlvrwEOdRNTRNCWWzDcinIVZjfmErHlSynshx9yLnCGkLBxHSxgI2TVyR3RlQ3aGbHtB3QN5X7/T/dwXJFJ11P1Q2bC3XP3hHCogDqXcPvDTFSQEM/mZuFcKNbsn asonix@asonix-tower"
];
passwordFile = config.sops.secrets.password.path;
};
});
system = aarch64Pkgs.callPackage ./pkgs/system {
inherit nixpkgs;
inherit kernel;
inherit trusted-public-keys;
extraModules = [
sops-nix.nixosModules.sops
userModule
];
};
quartzUBoots = aarch64Pkgs.callPackage ./pkgs/uboot-quartz64 { };
in
{
packages.aarch64-linux = {
kernel = {
testing-rockchip = kernel;
};
modules = system.modules // { inherit userModule; };
};
packages.x86_64-linux =
{
quartz64a = rockchip {
system = system.quartz64a;
uboot = quartzUBoots.ubootQuartz64a;
};
quartz64b = rockchip {
system = system.quartz64b;
uboot = quartzUBoots.ubootQuartz64b;
};
soquartz-model-a = rockchip {
system = system.soquartz-model-a;
uboot = quartzUBoots.ubootSoQuartz;
};
soquartz-cm4 = rockchip {
system = system.soquartz-cm4;
uboot = quartzUBoots.ubootSoQuartz;
};
soquartz-blade = rockchip {
system = system.soquartz-blade;
uboot = quartzUBoots.ubootSoQuartz;
};
rock64 = rockchip {
system = system.rock64;
uboot = aarch64Pkgs.ubootRock64;
};
rockPro64 = rockchip {
system = system.rockPro64;
uboot = aarch64Pkgs.ubootRockPro64;
};
rockPro64v2 = rockchip {
system = system.rockPro64v2;
uboot = aarch64Pkgs.ubootRockPro64;
};
roc-pc-rk3399 = rockchip {
system = system.rock-pc-rk3399;
uboot = aarch64Pkgs.ubootROCPCRK3399;
};
pinebookPro = rockchip {
system = system.pinebookPro;
uboot = aarch64Pkgs.ubootPinebookPro;
};
};
};
}
Reference in a new issue View git blame Copy permalink