feat(aarch64): add initial configuration for NixOS on ARM

Introduced hardware and system configurations for the aarch64 NixOS system. Includes hardware setup, base system packages, and enabling key services such as Docker and Podman. This establishes the foundation for managing ARM-based systems.
2025-01-10 15:34:54 +01:00 · 2025-01-10 15:34:54 +01:00 · 9952dd74e3
parent f45a366528
commit 9952dd74e3
2 changed files with 114 additions and 0 deletions
--- a/systems/aarch64-linux/m4nix/default.nix
+++ b/systems/aarch64-linux/m4nix/default.nix
@ -0,0 +1,77 @@
+{ pkgs, lib, ... }:
+with lib;
+with lib.metacfg;
+{
+  imports = [
+    ./hardware-configuration.nix
+  ];
+
+  metacfg = {
+    base.enable = true;
+    gui.enable = true;
+    nix-ld.enable = true;
+    nix.enable = true;
+    podman.enable = true;
+    secureboot.enable = false;
+    homeprinter.enable = true;
+    tools = {
+      direnv.enable = true;
+      #git.enable = true;
+    };
+    user.extraGroups = [
+      "docker"
+      "dialout"
+    ];
+  };
+
+  environment.systemPackages = with pkgs; [
+    azure-cli
+    cloudflare-warp
+    desktop-file-utils
+    kubectl
+    kubectx
+    k9s
+    attic-client
+    piper
+  ];
+
+  services.ratbagd.enable = true;
+
+  services.resolved.enable = true;
+  services.resolved.dnssec = "allow-downgrade";
+  services.resolved.extraConfig = ''
+    ResolveUnicastSingleLabel=yes
+  '';
+
+  systemd.packages = [ pkgs.cloudflare-warp ]; # for warp-cli
+
+  virtualisation = {
+    docker.enable = true;
+    podman.dockerCompat = false;
+  };
+
+  system.autoUpgrade = {
+    enable = true;
+    operation = "boot";
+    allowReboot = false;
+  };
+
+  systemd.user.extraConfig = "DefaultLimitNOFILE=32768";
+
+  security.pam.loginLimits = [
+    {
+      domain = "*";
+      item = "nofile";
+      type = "-";
+      value = "32768";
+    }
+    {
+      domain = "*";
+      item = "memlock";
+      type = "-";
+      value = "32768";
+    }
+  ];
+
+  system.stateVersion = "23.11";
+}
--- a/systems/aarch64-linux/m4nix/hardware-configuration.nix
+++ b/systems/aarch64-linux/m4nix/hardware-configuration.nix
@ -0,0 +1,37 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports = [ ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/b340000f-2927-414d-9382-edd3120b8e80";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/16C0-5FB0";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/76cc3afa-b57e-4f25-95f4-7b15bf1fb796"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp0s1.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
+}