Created
February 24, 2021 17:03
-
-
Save disassembler/9935250ccff5b59dd5aef09c6a0ea2a9 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ lib, pkgs, config, ...}: { | |
imports = []; | |
sdImage.firmwareSize = 1024; | |
boot.loader.raspberryPi = { | |
enable = true; | |
version = 4; | |
uboot.enable = false; | |
}; | |
boot.loader.grub.enable = false; | |
boot.loader.generic-extlinux-compatible.enable = true; | |
# Mainline doesn't work yet | |
boot.kernelPackages = pkgs.linuxPackages_rpi4; | |
# ttyAMA0 is the serial console broken out to the GPIO | |
boot.kernelParams = [ | |
"8250.nr_uarts=1" # may be required only when using u-boot | |
"console=ttyAMA0,115200" | |
"console=tty1" | |
]; | |
fileSystems = { | |
"/" = { | |
device = "/dev/disk/by-label/NIXOS_SD"; | |
fsType = "ext4"; | |
}; | |
"/boot" = { | |
device = "/dev/disk/by-label/FIRMWARE"; | |
fsType = "vfat"; | |
}; | |
}; | |
hardware.opengl = { | |
enable = true; | |
setLdLibraryPath = true; | |
package = pkgs.mesa_drivers; | |
}; | |
hardware.deviceTree = { | |
kernelPackage = pkgs.linux_rpi4; | |
#overlays = [ "${pkgs.device-tree_rpi.overlays}/vc4-fkms-v3d.dtbo" ]; | |
}; | |
#services.xserver = { | |
# enable = true; | |
# displayManager.lightdm.enable = true; | |
# desktopManager.gnome3.enable = true; | |
# videoDrivers = [ "modesetting" ]; | |
#}; | |
boot.loader.raspberryPi.firmwareConfig = '' | |
gpu_mem=192 | |
''; | |
hardware.bluetooth.enable = true; | |
hardware.enableRedistributableFirmware = true; | |
sound.enable = true; | |
hardware.pulseaudio.enable = true; | |
services.dbus.enable = true; | |
# theming | |
gtk.iconCache.enable = true; | |
environment.systemPackages = [ | |
pkgs.vim pkgs.gnome3.adwaita-icon-theme pkgs.hicolor-icon-theme pkgs.sway | |
(pkgs.git.override { | |
withManual = false; | |
pythonSupport = false; | |
withpcre2 = false; | |
perlSupport = false; | |
}) | |
]; | |
# input | |
services.udev.packages = [ pkgs.libinput.out ]; | |
services.openssh = { | |
enable = true; | |
permitRootLogin = lib.mkForce "without-password"; | |
}; | |
users.users.root = { | |
openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDEPOLnk4+mWNGOXd309PPxal8wgMzKXHnn7Jbu/SpSUYEc1EmjgnrVBcR0eDxgDmGD9zJ69wEH/zLQLPWjaTusiuF+bqAM/x7z7wwy1nZ48SYJw3Q+Xsgzeb0nvmNsPzb0mfnpI6av8MTHNt+xOqDnpC5B82h/voQ4m5DGMQz60ok2hMeh+sy4VIvX5zOVTOFPQqFR6BGDwtALiP5PwMfyScYXlebWHhDRdX9B0j9t+cqiy5utBUsl4cIUInE0KW7Z8Kf6gIsmQnfSZadqI857kdozU3IbaLoJc1C6LyVjzPFyC4+KUC11BmemTGdCjwcoqEZ0k5XtJaKFXacYYXi1l5MS7VdfHldFDZmMEMvfJG/PwvXN4prfOIjpy1521MJHGBNXRktvWhlNBgI1NUQlx7rGmPZmtrYdeclVnnY9Y4HIpkhm0iEt/XUZTMQpXhedd1BozpMp0h135an4uorIEUQnotkaGDwZIV3mSL8x4n6V02Qe2CYvqf4DcCSBv7D91N3JplJJKt7vV4ltwrseDPxDtCxXrQfSIQd0VGmwu1D9FzzDOuk/MGCiCMFCKIKngxZLzajjgfc9+rGLZ94iDz90jfk6GF4hgF78oFNfPEwoGl0soyZM7960QdBcHgB5QF9+9Yd6QhCb/6+ENM9sz6VLdAY7f/9hj/3Aq0Lm4Q== cardno:000610540514" ]; | |
}; | |
users.users.kiosk = { | |
isNormalUser = true; | |
useDefaultShell = true; | |
openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDEPOLnk4+mWNGOXd309PPxal8wgMzKXHnn7Jbu/SpSUYEc1EmjgnrVBcR0eDxgDmGD9zJ69wEH/zLQLPWjaTusiuF+bqAM/x7z7wwy1nZ48SYJw3Q+Xsgzeb0nvmNsPzb0mfnpI6av8MTHNt+xOqDnpC5B82h/voQ4m5DGMQz60ok2hMeh+sy4VIvX5zOVTOFPQqFR6BGDwtALiP5PwMfyScYXlebWHhDRdX9B0j9t+cqiy5utBUsl4cIUInE0KW7Z8Kf6gIsmQnfSZadqI857kdozU3IbaLoJc1C6LyVjzPFyC4+KUC11BmemTGdCjwcoqEZ0k5XtJaKFXacYYXi1l5MS7VdfHldFDZmMEMvfJG/PwvXN4prfOIjpy1521MJHGBNXRktvWhlNBgI1NUQlx7rGmPZmtrYdeclVnnY9Y4HIpkhm0iEt/XUZTMQpXhedd1BozpMp0h135an4uorIEUQnotkaGDwZIV3mSL8x4n6V02Qe2CYvqf4DcCSBv7D91N3JplJJKt7vV4ltwrseDPxDtCxXrQfSIQd0VGmwu1D9FzzDOuk/MGCiCMFCKIKngxZLzajjgfc9+rGLZ94iDz90jfk6GF4hgF78oFNfPEwoGl0soyZM7960QdBcHgB5QF9+9Yd6QhCb/6+ENM9sz6VLdAY7f/9hj/3Aq0Lm4Q== cardno:000610540514" ]; | |
}; | |
#systemd.services."cage@" = { | |
# serviceConfig.Restart = "always"; | |
# environment = { | |
# WLR_LIBINPUT_NO_DEVICES = "1"; | |
# NO_AT_BRIDGE = "1"; | |
# } // lib.optionalAttrs (config.environment.variables ? GDK_PIXBUF_MODULE_FILE) { | |
# GDK_PIXBUF_MODULE_FILE = config.environment.variables.GDK_PIXBUF_MODULE_FILE; | |
# }; | |
#}; | |
documentation.enable = false; | |
powerManagement.enable = false; | |
programs.command-not-found.enable = false; | |
services.cage = { | |
enable = false; | |
user = "kiosk"; | |
program = "${pkgs.epiphany}/bin/epiphany"; | |
}; | |
services.avahi = { | |
enable = true; | |
nssmdns = true; | |
publish = { | |
enable = true; | |
userServices = true; | |
addresses = true; | |
hinfo = true; | |
workstation = true; | |
domain = true; | |
}; | |
}; | |
environment.etc."avahi/services/ssh.service" = { | |
text = '' | |
<?xml version="1.0" standalone='no'?><!--*-nxml-*--> | |
<!DOCTYPE service-group SYSTEM "avahi-service.dtd"> | |
<service-group> | |
<name replace-wildcards="yes">%h</name> | |
<service> | |
<type>_ssh._tcp</type> | |
<port>22</port> | |
</service> | |
</service-group> | |
''; | |
}; | |
boot.plymouth.enable = true; | |
networking.hostName = "pikiosk"; | |
networking.dhcpcd.extraConfig = '' | |
timeout 0 | |
noarp | |
''; | |
security.polkit.extraConfig = '' | |
polkit.addRule(function(action, subject) { | |
if (action.id == "org.freedesktop.login1.power-off" || | |
action.id == "org.freedesktop.login1.reboot") { | |
return polkit.Result.YES; | |
} | |
}); | |
''; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment