diff options
| author | Fuwn <[email protected]> | 2024-10-28 06:26:30 -0700 |
|---|---|---|
| committer | Fuwn <[email protected]> | 2024-10-28 06:26:30 -0700 |
| commit | 6403c368ad4aa52baebc32f20eccabdd10a799e0 (patch) | |
| tree | 06ff709ed388de2216e70eb24d6e5275d2f388cb | |
| parent | lock: tsutsumi (diff) | |
| download | nixos-config-6403c368ad4aa52baebc32f20eccabdd10a799e0.tar.xz nixos-config-6403c368ad4aa52baebc32f20eccabdd10a799e0.zip | |
kioku: fully configure smart usb host
| -rw-r--r-- | hosts/kioku/configuration.nix | 99 | ||||
| -rw-r--r-- | hosts/kioku/hardware-configuration.nix | 60 |
2 files changed, 117 insertions, 42 deletions
diff --git a/hosts/kioku/configuration.nix b/hosts/kioku/configuration.nix index 38e3640..6dec934 100644 --- a/hosts/kioku/configuration.nix +++ b/hosts/kioku/configuration.nix @@ -1,42 +1,53 @@ { + lib, pkgs, secrets, ... }: +let + primaryUser = "ebisu"; +in { time.timeZone = secrets.i18n.timezone; - environment.systemPackages = [ pkgs.fastfetch ]; system.stateVersion = "24.05"; raspberry-pi-nix.kernel-version = "v6_10_12"; - boot.kernelModules = [ - "i2c-dev" - "dwc2" + environment.systemPackages = with pkgs; [ + fastfetch + htop ]; - users.users.root = { - initialHashedPassword = secrets.initial_hashed_password; - openssh.authorizedKeys.keys = [ secrets.kioku_openssh_public_key ]; + users = { + groups.${primaryUser} = { }; + + users = + let + defaultOptions = { + initialHashedPassword = secrets.initial_hashed_password; + openssh.authorizedKeys.keys = [ secrets.kioku_openssh_public_key ]; + }; + in + { + root = defaultOptions; + + ${primaryUser} = defaultOptions // { + group = primaryUser; + isNormalUser = true; + }; + }; }; zramSwap = { enable = true; - algorithm = "zstd"; - }; - - services = { - sshd.enable = true; - timesyncd.enable = true; + priority = 100; + memoryMax = 268435456; + algorithm = "lz4"; + memoryPercent = 50; }; networking = { hostName = "kioku"; - useDHCP = false; - - interfaces = { - wlan0.useDHCP = true; - eth0.useDHCP = true; - }; + useDHCP = lib.mkDefault true; wireless = let @@ -48,4 +59,54 @@ networks."${network.ssid}".psk = network.psk; }; }; + + services = { + timesyncd.enable = true; + + openssh = { + enable = true; + settings.PermitRootLogin = "prohibit-password"; + }; + + samba = { + enable = true; + openFirewall = true; + + settings = { + usb = { + browseable = "yes"; + path = "/mnt/usb_share"; + "guest ok" = "no"; + "read only" = "no"; + "create mask" = "777"; + "directory mask" = "777"; + "valid users" = primaryUser; + }; + }; + }; + + samba-wsdd = { + enable = true; + openFirewall = true; + }; + }; + + systemd.services.usbshare = { + description = "USB Share Watchdog"; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = + let + usb_share_script = pkgs.fetchurl { + url = "https://gist.githubusercontent.com/davidhoness/0f45ef6a41bac6311614f109acbf92db/raw/970badd0ae4b097e3af8d5142e65c34b21f5cfab/usb_share.py"; + sha256 = "sha256-Z8HoOmzK3UjZac6hB3297fCDrbLwiFFNwxhqzr1WMSo"; + }; + in + { + ExecStart = "${pkgs.python3.withPackages (ps: [ ps.watchdog ])}/bin/python3 ${usb_share_script}"; + Restart = "always"; + Type = "simple"; + Environment = "PATH=${pkgs.kmod}/bin:${pkgs.coreutils}/bin"; + }; + }; } diff --git a/hosts/kioku/hardware-configuration.nix b/hosts/kioku/hardware-configuration.nix index 796cee0..47498ff 100644 --- a/hosts/kioku/hardware-configuration.nix +++ b/hosts/kioku/hardware-configuration.nix @@ -1,29 +1,43 @@ +{ lib, ... }: { raspberry-pi-nix.board = "bcm2711"; - hardware.raspberry-pi.config.all = { - base-dt-params = { - BOOT_UART = { - value = 1; - enable = true; - }; + fileSystems."/mnt/usb_share" = { + device = "/piusb.bin"; + fsType = "exfat"; - uart_2ndstage = { - value = 1; - enable = true; - }; - }; - - dt-overlays = { - disable-bt = { - enable = true; - params = { }; - }; - - dwc2 = { - enable = true; - params = { }; - }; - }; + options = [ + "loop" + "noatime" + "nofail" + "rw" + "umask=000" + "users" + ]; }; + + hardware.raspberry-pi.config.all.dt-overlays = + ( + overlays: + lib.attrsets.mapAttrs + (_name: _value: { + enable = true; + params = { }; + }) + ( + lib.listToAttrs ( + map (overlay: { + name = overlay; + value = { }; + }) overlays + ) + ) + ) + [ + "disable-bt" + "dwc2" + "usb_power" + "ramlog" + "hdmi_blanking" + ]; } |