stesie/raspi-base.nix

## raspi-base.nix
{ config, lib, pkgs, ... }:

let
  extlinux-conf-builder =
    import <nixpkgs/nixos/modules/system/boot/loader/generic-extlinux-compatible/extlinux-conf-builder.nix> {
      pkgs = pkgs.buildPackages;
    };
in
{
  imports = [
    <nixpkgs/nixos/modules/profiles/base.nix>
    <nixpkgs/nixos/modules/installer/cd-dvd/sd-image.nix>
  ];

  services.openssh = {
    enable = true;
    # Allow password login to the installation, if the user sets a password via "passwd"
    # It is safe as root doesn't have a password by default and SSH is disabled by default
    permitRootLogin = "yes";
  };

  boot.loader.grub.enable = false;
  boot.loader.generic-extlinux-compatible.enable = true;

  boot.consoleLogLevel = lib.mkDefault 7;

  # The serial ports listed here are:
  # - ttyS0: for Tegra (Jetson TX1)
  # - ttyAMA0: for QEMU's -machine virt
  # Also increase the amount of CMA to ensure the virtual console on the RPi3 works.
  boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=ttyAMA0,115200n8" "console=tty0"];

  boot.initrd.availableKernelModules = [
    # Allows early (earlier) modesetting for the Raspberry Pi
    "vc4" "bcm2835_dma" "i2c_bcm2835"
    # Allows early (earlier) modesetting for Allwinner SoCs
    "sun4i_drm" "sun8i_drm_hdmi" "sun8i_mixer"
  ];

  # Common firmware, i.e. for wifi cards
  hardware.enableRedistributableFirmware = true;

  sdImage = {
    compressImage = false;
    populateFirmwareCommands = let
      configTxt = pkgs.writeText "config.txt" ''
        kernel=u-boot-rpi3.bin

        # Boot in 64-bit mode.
        arm_control=0x200

        # U-Boot used to need this to work, regardless of whether UART is actually used or not.
        # TODO: check when/if this can be removed.
        enable_uart=1

        # Prevent the firmware from smashing the framebuffer setup done by the mainline kernel
        # when attempting to show low-voltage or overtemperature warnings.
        avoid_warnings=1
      '';
      in ''
        (cd ${pkgs.raspberrypifw}/share/raspberrypi/boot && cp bootcode.bin fixup*.dat start*.elf $NIX_BUILD_TOP/firmware/)
        cp ${pkgs.ubootRaspberryPi3_64bit}/u-boot.bin firmware/u-boot-rpi3.bin
        cp ${configTxt} firmware/config.txt
      '';
    populateRootCommands = ''
      mkdir -p ./files/boot
      ${extlinux-conf-builder} -t 3 -c ${config.system.build.toplevel} -d ./files/boot
    '';
  };
}

## sd-image-testerli.nix
# To build, use:
# nix-build '<nixpkgs/nixos>' -A config.system.build.sdImage --argstr system armv7l-linux -I nixos-config=./sd-image-testerli.nix
{ ... }:
{
  imports = [
    ./raspi-base.nix
  ];

  networking.hostName = "testerli";

  users.users.root.initialHashedPassword = "therootpasswordhash";

  networking.wireless = {
    enable = true;
    networks = {
      Mayflower = { psk = "thewlanpassword"; };
    };
  };

  users.extraUsers.root.openssh.authorizedKeys.keys = [
     "ssh-rsa AAAAB3NzaC1yc.... cardno:000605414571"
  ];
}
	{ config, lib, pkgs, ... }:

	let
	extlinux-conf-builder =
	import <nixpkgs/nixos/modules/system/boot/loader/generic-extlinux-compatible/extlinux-conf-builder.nix> {
	pkgs = pkgs.buildPackages;
	};
	in
	{
	imports = [
	<nixpkgs/nixos/modules/profiles/base.nix>
	<nixpkgs/nixos/modules/installer/cd-dvd/sd-image.nix>
	];

	services.openssh = {
	enable = true;
	# Allow password login to the installation, if the user sets a password via "passwd"
	# It is safe as root doesn't have a password by default and SSH is disabled by default
	permitRootLogin = "yes";
	};

	boot.loader.grub.enable = false;
	boot.loader.generic-extlinux-compatible.enable = true;

	boot.consoleLogLevel = lib.mkDefault 7;

	# The serial ports listed here are:
	# - ttyS0: for Tegra (Jetson TX1)
	# - ttyAMA0: for QEMU's -machine virt
	# Also increase the amount of CMA to ensure the virtual console on the RPi3 works.
	boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=ttyAMA0,115200n8" "console=tty0"];

	boot.initrd.availableKernelModules = [
	# Allows early (earlier) modesetting for the Raspberry Pi
	"vc4" "bcm2835_dma" "i2c_bcm2835"
	# Allows early (earlier) modesetting for Allwinner SoCs
	"sun4i_drm" "sun8i_drm_hdmi" "sun8i_mixer"
	];

	# Common firmware, i.e. for wifi cards
	hardware.enableRedistributableFirmware = true;

	sdImage = {
	compressImage = false;
	populateFirmwareCommands = let
	configTxt = pkgs.writeText "config.txt" ''
	kernel=u-boot-rpi3.bin

	# Boot in 64-bit mode.
	arm_control=0x200

	# U-Boot used to need this to work, regardless of whether UART is actually used or not.
	# TODO: check when/if this can be removed.
	enable_uart=1

	# Prevent the firmware from smashing the framebuffer setup done by the mainline kernel
	# when attempting to show low-voltage or overtemperature warnings.
	avoid_warnings=1
	'';
	in ''
	(cd ${pkgs.raspberrypifw}/share/raspberrypi/boot && cp bootcode.bin fixup.dat start.elf $NIX_BUILD_TOP/firmware/)
	cp ${pkgs.ubootRaspberryPi3_64bit}/u-boot.bin firmware/u-boot-rpi3.bin
	cp ${configTxt} firmware/config.txt
	'';
	populateRootCommands = ''
	mkdir -p ./files/boot
	${extlinux-conf-builder} -t 3 -c ${config.system.build.toplevel} -d ./files/boot
	'';
	};
	}
	# To build, use:
	# nix-build '<nixpkgs/nixos>' -A config.system.build.sdImage --argstr system armv7l-linux -I nixos-config=./sd-image-testerli.nix
	{ ... }:
	{
	imports = [
	./raspi-base.nix
	];

	networking.hostName = "testerli";

	users.users.root.initialHashedPassword = "therootpasswordhash";

	networking.wireless = {
	enable = true;
	networks = {
	Mayflower = { psk = "thewlanpassword"; };
	};
	};

	users.extraUsers.root.openssh.authorizedKeys.keys = [
	"ssh-rsa AAAAB3NzaC1yc.... cardno:000605414571"
	];
	}