From 9952dd74e32c76070427e0146e2de7c9ce013751 Mon Sep 17 00:00:00 2001 From: Harald Hoyer Date: Fri, 10 Jan 2025 15:34:54 +0100 Subject: [PATCH] feat(aarch64): add initial configuration for NixOS on ARM Introduced hardware and system configurations for the aarch64 NixOS system. Includes hardware setup, base system packages, and enabling key services such as Docker and Podman. This establishes the foundation for managing ARM-based systems. --- systems/aarch64-linux/m4nix/default.nix | 77 +++++++++++++++++++ .../m4nix/hardware-configuration.nix | 37 +++++++++ 2 files changed, 114 insertions(+) create mode 100644 systems/aarch64-linux/m4nix/default.nix create mode 100644 systems/aarch64-linux/m4nix/hardware-configuration.nix diff --git a/systems/aarch64-linux/m4nix/default.nix b/systems/aarch64-linux/m4nix/default.nix new file mode 100644 index 0000000..aaa1120 --- /dev/null +++ b/systems/aarch64-linux/m4nix/default.nix @@ -0,0 +1,77 @@ +{ pkgs, lib, ... }: +with lib; +with lib.metacfg; +{ + imports = [ + ./hardware-configuration.nix + ]; + + metacfg = { + base.enable = true; + gui.enable = true; + nix-ld.enable = true; + nix.enable = true; + podman.enable = true; + secureboot.enable = false; + homeprinter.enable = true; + tools = { + direnv.enable = true; + #git.enable = true; + }; + user.extraGroups = [ + "docker" + "dialout" + ]; + }; + + environment.systemPackages = with pkgs; [ + azure-cli + cloudflare-warp + desktop-file-utils + kubectl + kubectx + k9s + attic-client + piper + ]; + + services.ratbagd.enable = true; + + services.resolved.enable = true; + services.resolved.dnssec = "allow-downgrade"; + services.resolved.extraConfig = '' + ResolveUnicastSingleLabel=yes + ''; + + systemd.packages = [ pkgs.cloudflare-warp ]; # for warp-cli + + virtualisation = { + docker.enable = true; + podman.dockerCompat = false; + }; + + system.autoUpgrade = { + enable = true; + operation = "boot"; + allowReboot = false; + }; + + systemd.user.extraConfig = "DefaultLimitNOFILE=32768"; + + security.pam.loginLimits = [ + { + domain = "*"; + item = "nofile"; + type = "-"; + value = "32768"; + } + { + domain = "*"; + item = "memlock"; + type = "-"; + value = "32768"; + } + ]; + + system.stateVersion = "23.11"; +} diff --git a/systems/aarch64-linux/m4nix/hardware-configuration.nix b/systems/aarch64-linux/m4nix/hardware-configuration.nix new file mode 100644 index 0000000..f1c3a17 --- /dev/null +++ b/systems/aarch64-linux/m4nix/hardware-configuration.nix @@ -0,0 +1,37 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = [ ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/b340000f-2927-414d-9382-edd3120b8e80"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/16C0-5FB0"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/76cc3afa-b57e-4f25-95f4-7b15bf1fb796"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s1.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; +}