Infinidoge/kiosk
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

init

Browse source
This commit is contained in:
Infinidoge 2024-11-15 18:26:11 -05:00
commit 9103bfa337
Signed by: Infinidoge
SSH key fingerprint: SHA256:oAMyvotlNFraMmZmr+p6AxnNfW/GioTs1pOn3V4tQ7A
4 changed files with 329 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
base.nix Normal file
View file

@ -0,0 +1,36 @@
{ lib, ... }:
{
system.stateVersion = "24.11";
# No need to change users at runtime
users.mutableUsers = false;
# I DON'T WANT IT
# STOP TRYING TO GIVE IT TO ME
boot.supportedFilesystems.zfs = lib.mkForce false;
# Set root password to a secure password
users.users.root.password = "asecurepassword";
# Add wifi credentials
networking.wireless = {
enable = true;
networks."PAL3.0".auth = ''
eap=PEAP
key_mgmt=WPA-EAP
pairwise=CCMP
auth_alg=OPEN
proto=RSN
identity="USERNAME@purdue.edu"
password="PASSWORD"
phase1="peaplabel=0"
phase2="auth=MSCHAPV2"
'';
};
networking.hostName = "kiosk";
time.timeZone = "America/New_York";
raspberry-pi-nix.board = "bcm2711";
}

220
flake.lock Normal file
View file

@ -0,0 +1,220 @@
{
"nodes": {
"libcamera-src": {
"flake": false,
"locked": {
"lastModified": 1725630279,
"narHash": "sha256-KH30jmHfxXq4j2CL7kv18DYECJRp9ECuWNPnqPZajPA=",
"owner": "raspberrypi",
"repo": "libcamera",
"rev": "69a894c4adad524d3063dd027f5c4774485cf9db",
"type": "github"
},
"original": {
"owner": "raspberrypi",
"repo": "libcamera",
"rev": "69a894c4adad524d3063dd027f5c4774485cf9db",
"type": "github"
}
},
"libpisp-src": {
"flake": false,
"locked": {
"lastModified": 1724944683,
"narHash": "sha256-Fo2UJmQHS855YSSKKmGrsQnJzXog1cdpkIOO72yYAM4=",
"owner": "raspberrypi",
"repo": "libpisp",
"rev": "28196ed6edcfeda88d23cc5f213d51aa6fa17bb3",
"type": "github"
},
"original": {
"owner": "raspberrypi",
"ref": "v1.0.7",
"repo": "libpisp",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1731245184,
"narHash": "sha256-vmLS8+x+gHRv1yzj3n+GTAEObwmhxmkkukB2DwtJRdU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "aebe249544837ce42588aa4b2e7972222ba12e8f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1728193676,
"narHash": "sha256-PbDWAIjKJdlVg+qQRhzdSor04bAPApDqIv2DofTyynk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ecbc1ca8ffd6aea8372ad16be9ebbb39889e55b6",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs",
"rpi-nix": "rpi-nix"
}
},
"rpi-bluez-firmware-src": {
"flake": false,
"locked": {
"lastModified": 1708969706,
"narHash": "sha256-KakKnOBeWxh0exu44beZ7cbr5ni4RA9vkWYb9sGMb8Q=",
"owner": "RPi-Distro",
"repo": "bluez-firmware",
"rev": "78d6a07730e2d20c035899521ab67726dc028e1c",
"type": "github"
},
"original": {
"owner": "RPi-Distro",
"ref": "bookworm",
"repo": "bluez-firmware",
"type": "github"
}
},
"rpi-firmware-nonfree-src": {
"flake": false,
"locked": {
"lastModified": 1723266537,
"narHash": "sha256-T7eTKXqY9cxEMdab8Snda4CEOrEihy5uOhA6Fy+Mhnw=",
"owner": "RPi-Distro",
"repo": "firmware-nonfree",
"rev": "4b356e134e8333d073bd3802d767a825adec3807",
"type": "github"
},
"original": {
"owner": "RPi-Distro",
"ref": "bookworm",
"repo": "firmware-nonfree",
"type": "github"
}
},
"rpi-firmware-src": {
"flake": false,
"locked": {
"lastModified": 1727798811,
"narHash": "sha256-eavbshXGYmkYR33y9FLcQMJoAYdYTESVEy0g/RRXnb0=",
"owner": "raspberrypi",
"repo": "firmware",
"rev": "287e6a6c2d3b50eee3e2c5b2eacdd907e5cbe09a",
"type": "github"
},
"original": {
"owner": "raspberrypi",
"ref": "1.20241001",
"repo": "firmware",
"type": "github"
}
},
"rpi-linux-6_10_12-src": {
"flake": false,
"locked": {
"lastModified": 1728305462,
"narHash": "sha256-LtvNmGD1D5YYv+C9xxxddAeHw69o3OX/H9M7F663L74=",
"owner": "raspberrypi",
"repo": "linux",
"rev": "26ee50d56618c2d98100b1bc672fd201aed4d00f",
"type": "github"
},
"original": {
"owner": "raspberrypi",
"ref": "rpi-6.10.y",
"repo": "linux",
"type": "github"
}
},
"rpi-linux-6_6_54-src": {
"flake": false,
"locked": {
"lastModified": 1728155174,
"narHash": "sha256-/8RjW35XQMnshjAE4Ey8j3oWzE2GOntnBYY6PlvZGhs=",
"owner": "raspberrypi",
"repo": "linux",
"rev": "12f0f28db3afe451a81a34c5a444f6841c10067c",
"type": "github"
},
"original": {
"owner": "raspberrypi",
"ref": "rpi-6.6.y",
"repo": "linux",
"type": "github"
}
},
"rpi-nix": {
"inputs": {
"libcamera-src": "libcamera-src",
"libpisp-src": "libpisp-src",
"nixpkgs": "nixpkgs_2",
"rpi-bluez-firmware-src": "rpi-bluez-firmware-src",
"rpi-firmware-nonfree-src": "rpi-firmware-nonfree-src",
"rpi-firmware-src": "rpi-firmware-src",
"rpi-linux-6_10_12-src": "rpi-linux-6_10_12-src",
"rpi-linux-6_6_54-src": "rpi-linux-6_6_54-src",
"rpicam-apps-src": "rpicam-apps-src",
"u-boot-src": "u-boot-src"
},
"locked": {
"lastModified": 1731453829,
"narHash": "sha256-GzdsZR30UPMsbNM1dBlOmeXzhxcPXq79RDl4qOILpmU=",
"owner": "nix-community",
"repo": "raspberry-pi-nix",
"rev": "3a016ff26c2ca6e0052f3f17c892bb7406eb0c84",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "raspberry-pi-nix",
"type": "github"
}
},
"rpicam-apps-src": {
"flake": false,
"locked": {
"lastModified": 1727515047,
"narHash": "sha256-qCYGrcibOeGztxf+sd44lD6VAOGoUNwRqZDdAmcTa/U=",
"owner": "raspberrypi",
"repo": "rpicam-apps",
"rev": "a8ccf9f3cd9df49875dfb834a2b490d41d226031",
"type": "github"
},
"original": {
"owner": "raspberrypi",
"ref": "v1.5.2",
"repo": "rpicam-apps",
"type": "github"
}
},
"u-boot-src": {
"flake": false,
"locked": {
"lastModified": 1719857238,
"narHash": "sha256-mJ2TBy0Y5ZtcGFgtU5RKr0UDUp5FWzojbFb+o/ebRJU=",
"type": "tarball",
"url": "https://ftp.denx.de/pub/u-boot/u-boot-2024.07.tar.bz2"
},
"original": {
"type": "tarball",
"url": "https://ftp.denx.de/pub/u-boot/u-boot-2024.07.tar.bz2"
}
}
},
"root": "root",
"version": 7
}

25
flake.nix Normal file
View file

@ -0,0 +1,25 @@
{
description = "My standard flake-parts devshell template";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
rpi-nix.url = "github:nix-community/raspberry-pi-nix";
};
outputs = { nixpkgs, rpi-nix, ... }: {
nixosConfigurations.kiosk = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [
./base.nix
./kiosk.nix
rpi-nix.nixosModules.raspberry-pi
rpi-nix.nixosModules.sd-image
{
sdImage.compressImage = false;
}
];
};
};
}

48
kiosk.nix Normal file
View file

@ -0,0 +1,48 @@
{ pkgs, lib, ... }:
let
dashboardUrl = "https://night.purduehackers.com";
in
{
# Create user to host kiosk
users.users.kiosk = {
isSystemUser = true;
group = "kiosk";
};
users.groups.kiosk = { };
# Setup caged kiosk, with kiosk firefox
# Use a temporary directory for the firefox profile
# This removes the need for a home directory at all
# Using a private window removes most effects of a profile anyways
services.cage = {
enable = true;
user = "kiosk";
program = ''
${lib.getExe pkgs.firefox} \
--profile /tmp/firefox-profile \
--kiosk \
--private-window "${dashboardUrl}"
'';
extraArguments = [ "-d" ];
};
# Create temporary directory for firefox profile
systemd.tmpfiles.settings."10-kiosk" = {
"/tmp/firefox-profile".d = {
user = "kiosk";
group = "kiosk";
};
};
# Set firefox autoplay policy to always allow autoplay for dashboard
programs.firefox.policies = {
Permissions.Autoplay.Allow = [ dashboardUrl ];
};
# Enable pipewire/pipewire-pulse for audio
security.rtkit.enable = true;
services.pipewire = {
enable = true;
pulse.enable = true;
};
}