{ lib, pkgs, inputs, config, ... }: let rpi-pi = inputs.raspberry-pi-nix; in { # To build an sd-card image # $ nix build .#nixosConfigurations.rpi-5-rpi-5-aarch64-linux.config.system.build.sdImage --json &| nom # $ sudo dd if=./result/sd-image/nixos-sd-image-26.05.20260120.80e4adb-aarch64-linux.img of=/dev/sdc conv=fsync status=progress imports = [ rpi-pi.nixosModules.raspberry-pi rpi-pi.nixosModules.sd-image ./containers.nix ]; nix.settings = { substituters = [ "https://nix-community.cachix.org" ]; trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ]; }; services.traefik = { enable = true; staticConfigOptions = { entryPoints = { web = { address = "0.0.0.0:80"; asDefault = true; }; traefik = { address = ":8081"; }; }; api.dashboard = true; api.insecure = true; }; }; # TEMP networking.firewall.enable = false; users = { mutableUsers = false; users.doloro = { isNormalUser = true; extraGroups = [ "wheel" ]; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE/4h+WCBBW82puv8SMdUbkWymF4amEMuZitgFztB6oZ" # laptop pub key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBaa6Z5qtBSLEz+A4fQGYPfkOISsRQlmKkVbcx2zxML7" # pc pub key ]; initialPassword = "meowmeowmeow"; }; users.root = { initialPassword = "rootmeow"; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE/4h+WCBBW82puv8SMdUbkWymF4amEMuZitgFztB6oZ" # laptop pub key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBaa6Z5qtBSLEz+A4fQGYPfkOISsRQlmKkVbcx2zxML7" # pc pub key ]; }; }; networking.hostName = "nixos-001-rp5"; services.openssh.enable = true; environment.systemPackages = with pkgs; [ libraspberrypi ]; sdImage.compressImage = false; raspberry-pi-nix.board = "bcm2712"; # Rpi 5 - 64bit # We need to rebuild kernel for 6.12 # raspberry-pi-nix.kernel-version = "v6_12_17"; raspberry-pi-nix.uboot.enable = false; hardware.enableRedistributableFirmware = true; system.stateVersion = "25.11"; nixpkgs.hostPlatform = "aarch64-linux"; }