Skip to content

Commit

Permalink
Update Raspberry Pi installation instructions
Browse files Browse the repository at this point in the history
  • Loading branch information
wagdav committed Mar 2, 2024
1 parent 48a8923 commit a3e0be7
Showing 1 changed file with 44 additions and 44 deletions.
88 changes: 44 additions & 44 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -178,71 +178,61 @@ router/setup.sh

## Raspberry Pi 3 Model B

The installation instructions are based those from
[nix.dev](https://nix.dev/tutorials/nixos/installing-nixos-on-a-raspberry-pi.html).
### SD card image

Download the latest aarch64 SD card image from
[Hydra](https://hydra.nixos.org/search?query=sd_image) and flash it on an SD
card:
Build the Raspberry Pi's SD card image using QEMU's aarch64 emulator.

On `x230`, because `nuc` [is configured](./hardware/nuc.nix) as a remote builder
for `aarch64` packages, just run:

```
wget https://hydra.nixos.org/build/226381178/download/1/nixos-sd-image-23.11pre500597.0fbe93c5a7c-aarch64-linux.img.zst
unzstd nixos-sd-image-23.11pre500597.0fbe93c5a7c-aarch64-linux.img
sudo dd \
if=nixos-sd-image-23.11pre500597.0fbe93c5a7c-aarch64-linux.img \
of=/dev/mmcblk0 bs=4096 conv=fsync status=progress
nix build .#packages.aarch64-linux.sdcard
```

Insert the SD card in the Raspberry Pi and power it up. The installer runs
already an SSH server. Set a temporary password for the root user:
On other hosts, specify `nuc` explicitly as a remote builder:

```
passwd root
nix build -L .#packages.aarch64-linux.sdcard \
--builders "ssh://root@nuc aarch64-linux $HOME/.ssh/remote-builder 4 1 - - c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUlLYUV0YzhQTnFoeEFRMjRnWTV0MjVZLzhIVTZTdFVCNmttVTF4bVZ0YTcgcm9vdEBudWMK"
```

The password is only used for the first time access. Password authentication
will be disabled later. Connect to the freshly booted system using SSH.

Folow [these instructions][NixOSBootWifi] to connect to a Wifi network. When
connected the system will have the hostname `nixos`.
The elements of `--builders` argument are described [here][NixOSRemoteBuilds].

Using the password authentication, deploy your SSH public keys:
Uncompress the built image and write it to an SD card:

```
ssh-copy-id root@nixos
unzstd nixos-sd-image.img.zst
sudo dd if=nixos-sd-image.img of=/dev/mmcblk0 bs=4096 conv=fsync status=progress
```

On the Raspberry Pi, store the WIFI SSID and password in the file
`/etc/secrets/wireless.env` with the following format:
Insert the SD card in the Raspberry Pi and power it up. The system is
configured as defined in [host-rp3.nix](./host-rp3.nix).

```
WIFI_SSID=...
WIFI_KEY=...
```
### Secrets

If the SD card is build from scratch, change or provision the following
secrets:

* Host's identity (automatically generated on first boot)
* WiFi SSID and password in `/etc/secrets/wireless.env`
* Tailscale authentication token
* Cachix authentication token

Finally, build the system with the custom configuration:
If this is a complete reinstall, update the host's public key in
[program.ssh.knownHosts](./modules/buildMachines.nix). Run `ssh-keygen rp3` to
obtain the host key's signature.

Store the WIFI SSID and password in the file `/etc/secrets/wireless.env` with
the following format:

```
nixos-rebuild switch
--flake ".#rp3" \
--target-host "root@nixos" \
--build-host "root@nixos" \
--fast
WIFI_SSID=...
WIFI_KEY=...
```

I tried to setup cross-compilation to aarch64, but it didn't work.

The trick is to add the newly created Raspberry Pi as an aarch64 [remote build
machine for Nix](https://nixos.org/nix/manual/#chap-distributed-builds). This
way the required packages will be built natively on the Pi itself (or other
aarch64 remote build nodes, if you have any). In practice, almost nothing is
built from source, because the required derivations are pulled from the offical
Nix binary cache.
Connect the host to the tailnet with `tailscale login`.

See the section `nix.buildMachines` in [x230.nix](x230.nix), which shows how to
add the Pi to your control PC's remote build pool. Enable some Raspberry Pi
specific arguments in the [hardware specification](hardware/rp3.nix) and use
NixOps as usual.
To connect Cachix, follow [these instructions](#continous-deployment).

### Raspberry Pi Camera 1.3

Expand Down Expand Up @@ -277,6 +267,15 @@ ssh root@rp3 \
nix run nixpkgs#mpv -- --demuxer=mkv /dev/stdin
```

### Reference

I found the following links useful:

* [nix.dev](https://nix.dev/tutorials/nixos/installing-nixos-on-a-raspberry-pi.html)
on installing NixOS on the Raspberry Pi.
* [Hydra](https://hydra.nixos.org/search?query=sd_image) hosts the official
NixOS SD card images.

## NodeMCU

I have a couple of NodeMCU boards which can be configured using the scripts in
Expand Down Expand Up @@ -350,3 +349,4 @@ nix run .#mqtt-dash-listen > nodemcu/mqtt-dash.json
```

[NixOSBootWifi]: https://nixos.org/manual/nixos/stable/#sec-installation-booting-networking
[NixOSRemoteBuilds]: https://nixos.org/manual/nix/stable/advanced-topics/distributed-builds.html?highlight=builders#remote-builds).

0 comments on commit a3e0be7

Please sign in to comment.