From 9062eaaad353aede1a5a080e71b343b78afd21db Mon Sep 17 00:00:00 2001 From: David Wagner Date: Sat, 11 Nov 2023 11:30:23 +0100 Subject: [PATCH] rp3: rebuild from scratch and update the installation instructions --- README.md | 64 +++++++++++++++++++++++++-------------- hardware/rp3.nix | 36 +++++++++++----------- host-rp3.nix | 3 +- modules/buildMachines.nix | 2 +- 4 files changed, 61 insertions(+), 44 deletions(-) diff --git a/README.md b/README.md index e7ee444..4b62615 100644 --- a/README.md +++ b/README.md @@ -175,43 +175,59 @@ router/setup.sh ## Raspberry Pi 3 Model B -### Raspbian +### NixOS + +The installation instructions are based those from +[nix.dev](https://nix.dev/tutorials/nixos/installing-nixos-on-a-raspberry-pi.html). -Setup SD card: +Download the latest aarch64 SD card image from +[Hydra](https://hydra.nixos.org/search?query=sd_image) and flash it on an SD +card: ``` -wget https://downloads.raspberrypi.org/raspbian_lite_latest -unzip -p raspbian_lite_latest | sudo dd of=/dev/mmcblk0 bs=4M conv=fsync status=progress -# remove then reinsert SD card -pmount /dev/mmcblk0p1 -touch /media/mmcblk0p1/ssh -pumount /dev/mmcblk0p1 +wget https://hydra.nixos.org/build/226381178/download/1/nixos-sd-image-23.11pre500597.0fbe93c5a7c-aarch64-linux.img.zst +unzstd nixos-sd-image-23.11pre500597.0fbe93c5a7c-aarch64-linux.img +sudo dd \ + if=nixos-sd-image-23.11pre500597.0fbe93c5a7c-aarch64-linux.img \ + of=/dev/mmcblk0 bs=4096 conv=fsync status=progress ``` -### NixOS - -The official NixOS images boot without any problems. Download the latest -aarch64 SD card image from -[Hydra](https://hydra.nixos.org/search?query=sd_image). - -Flash the image to an SD card as described in the [previous section](#raspbian). - -Boot the system then start an SSH server and set a temporary password for the -root user: +Insert the SD card in the Raspberry Pi and power it up. The installer runs +already an SSH server. Set a temporary password for the root user: ``` -systemctl start sshd passwd root ``` The password is only used for the first time access. Password authentication will be disabled later. Connect to the freshly booted system using SSH. -If you want to manage Pi using NixOps, there's some extra steps required. +Folow [these instructions][NixOSBootWifi] to connect to a Wifi network. When +connected the system will have the hostname `nixos`. + +Using the password authentication, deploy your SSH public keys: + +``` +ssh-copy-id root@nixos +``` + +On the Raspberry Pi, store the WIFI SSID and password in the file +`/run/secrets/wireless.env` with the following format: + +``` +WIFI_SSID=... +WIFI_KEY=... +``` -NixOps compiles all managed systems on the control PC where it runs. Then, it -copies the binaries to the target systems. This works well for i686 and amd64 -architectures but it doesn't work for aarch64. +Finally, build the system with the custom configuration: + +``` +nixos-rebuild switch + --flake ".#rp3" \ + --target-host "root@nixos" \ + --build-host "root@nixos" \ + --fast +``` I tried to setup cross-compilation to aarch64, but it didn't work. @@ -298,3 +314,5 @@ dashboard configuration in this repository: ``` nix run .#mqtt-dash-listen > nodemcu/mqtt-dash.json ``` + +[NixOSBootWifi]: https://nixos.org/manual/nixos/stable/#sec-installation-booting-networking diff --git a/hardware/rp3.nix b/hardware/rp3.nix index b91731a..285a5ff 100644 --- a/hardware/rp3.nix +++ b/hardware/rp3.nix @@ -10,29 +10,27 @@ in nixpkgs.system = "aarch64-linux"; boot = { - initrd = { - availableKernelModules = [ - "bcm2835_dma" - "i2c_bcm2835" - "usbhid" - "vc4" - ]; - kernelModules = [ ]; + initrd.kernelModules = [ "vc4" "bcm2835_dma" "i2c_bcm2835" ]; + loader = { + grub.enable = false; + + raspberryPi = { + enable = true; + uboot.enable = true; + version = 3; + }; }; + }; - kernelParams = [ "cma=32M" ]; - - extraModulePackages = [ ]; - - loader.grub.enable = false; - - loader.raspberryPi = { - enable = true; - uboot.enable = true; - version = 3; - }; + networking.wireless = { + enable = true; + environmentFile = "/run/secrets/wireless.env"; + networks."@WIFI_SSID@".psk = "@WIFI_KEY@"; + interfaces = [ "wlan0" ]; }; + hardware.enableRedistributableFirmware = true; + environment.systemPackages = with pkgs; [ libraspberrypi ]; diff --git a/host-rp3.nix b/host-rp3.nix index 320b175..ff5f49f 100644 --- a/host-rp3.nix +++ b/host-rp3.nix @@ -5,7 +5,8 @@ ./hardware/rp3.nix ./modules/common.nix ./modules/remote-builder + ./modules/consul/client.nix ]; - system.stateVersion = "22.05"; + system.stateVersion = "23.11"; } diff --git a/modules/buildMachines.nix b/modules/buildMachines.nix index 912fef1..fed1f21 100644 --- a/modules/buildMachines.nix +++ b/modules/buildMachines.nix @@ -9,7 +9,7 @@ rp3 = { hostNames = [ "rp3" "rp3.thewagner.home" ]; - publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILK0illQrUbCmn+UHgM79tDecSItLUVNuWi/Sg+DW2tr"; + publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJgVezT5bpUOihQmNEV6XC/RsUtFDcd9vcLZ7cUKPp83"; }; rp4 = {