flake.nix: system -> stdenv.hostPlatform.system

base/default.nix

@@ -16,7 +16,6 @@
     ./flake-input-exporter.nix
 
     ./services/acme.nix
-    ./services/uptimed.nix
     ./services/auto-upgrade.nix
     ./services/dbus.nix
     ./services/fwupd.nix
@@ -28,8 +27,10 @@
     ./services/prometheus-node-exporter.nix
     ./services/prometheus-systemd-exporter.nix
     ./services/promtail.nix
+    ./services/roowho2.nix
     ./services/smartd.nix
     ./services/thermald.nix
+    ./services/uptimed.nix
     ./services/userborn.nix
     ./services/userdbd.nix
   ];

base/services/roowho2.nix

@@ -0,0 +1,12 @@
+{ lib, values, ... }:
+{
+  services.roowho2.enable = lib.mkDefault true;
+
+  systemd.sockets.roowho2-rwhod.socketConfig = {
+    IPAddressDeny = "any";
+    IPAddressAllow = [
+      "127.0.0.1"
+      values.ipv4-space
+    ];
+  };
+}

docs/development.md

@@ -7,7 +7,7 @@ the links from the *Upstream documentation* section below, or in [Miscellaneous
 
 ## Editing nix files
 
-> [!WARN]
+> [!WARNING]
 > Before editing any nix files, make sure to read [Secret management and `sops-nix`](./secret-management.md)!
 > We do not want to add any secrets in plaintext to the nix files, and certainly not commit and publish
 > them into the common public.
@@ -158,7 +158,7 @@ nix build .#
 
 ### Deploying to machines
 
-> [!WARN]
+> [!WARNING]
 > Be careful to think about state when testing changes against the machines. Sometimes, a certain change
 > can lead to irreversible changes to the data stored on the machine. An example would be a set of database
 > migrations applied when testing a newer version of a service. Unless that service also comes with downwards

flake.lock

@@ -8,11 +8,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1728330715,
+        "lastModified": 1764011051,
-        "narHash": "sha256-xRJ2nPOXb//u1jaBnDP56M7v5ldavjbtR6lfGqSvcKg=",
+        "narHash": "sha256-M7SZyPZiqZUR/EiiBJnmyUbOi5oE/03tCeFrTiUZchI=",
         "owner": "numtide",
         "repo": "devshell",
-        "rev": "dd6b80932022cea34a019e2bb32f6fa9e494dfef",
+        "rev": "17ed8d9744ebe70424659b0ef74ad6d41fc87071",
         "type": "github"
       },
       "original": {
@@ -21,6 +21,28 @@
         "type": "github"
       }
     },
+    "dibbler": {
+      "inputs": {
+        "flake-utils": "flake-utils",
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1767906875,
+        "narHash": "sha256-S88Qh7TJwuTkMQqAdXmF3JMkuV2e5GHTdom02QrtdIs=",
+        "ref": "main",
+        "rev": "b86962ef0e15d1a7de445172d4acea454b119a91",
+        "revCount": 220,
+        "type": "git",
+        "url": "https://git.pvv.ntnu.no/Projects/dibbler.git"
+      },
+      "original": {
+        "ref": "main",
+        "type": "git",
+        "url": "https://git.pvv.ntnu.no/Projects/dibbler.git"
+      }
+    },
     "disko": {
       "inputs": {
         "nixpkgs": [
@@ -45,11 +67,11 @@
     "flake-compat": {
       "flake": false,
       "locked": {
-        "lastModified": 1696426674,
+        "lastModified": 1761588595,
-        "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
+        "narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=",
         "owner": "edolstra",
         "repo": "flake-compat",
-        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
+        "rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5",
         "type": "github"
       },
       "original": {
@@ -63,11 +85,28 @@
         "systems": "systems"
       },
       "locked": {
-        "lastModified": 1726560853,
+        "lastModified": 1731533236,
-        "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
+        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
+        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
+        "type": "github"
+      },
+      "original": {
+        "id": "flake-utils",
+        "type": "indirect"
+      }
+    },
+    "flake-utils_2": {
+      "inputs": {
+        "systems": "systems_2"
+      },
+      "locked": {
+        "lastModified": 1731533236,
+        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
         "type": "github"
       },
       "original": {
@@ -83,11 +122,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1764868579,
+        "lastModified": 1767906545,
-        "narHash": "sha256-rfTUOIc0wnC4+19gLVfPbHfXx/ilfuUix6bWY+yaM2U=",
+        "narHash": "sha256-LOf08pcjEQFLs3dLPuep5d1bAXWOFcdfxuk3YMb5KWw=",
         "ref": "main",
-        "rev": "9c923d1d50daa6a3b28c3214ad2300bfaf6c8fcd",
+        "rev": "e55cbe0ce0b20fc5952ed491fa8a553c8afb1bdd",
-        "revCount": 22,
+        "revCount": 23,
         "type": "git",
         "url": "https://git.pvv.ntnu.no/Grzegorz/gergle.git"
       },
@@ -127,11 +166,11 @@
         "rust-overlay": "rust-overlay"
       },
       "locked": {
-        "lastModified": 1765760377,
+        "lastModified": 1767906494,
-        "narHash": "sha256-2+lgzUjVas9hPSeWn52MwuX+iidMN4RkzkHo4vrGmR8=",
+        "narHash": "sha256-Dd6gtdZfRMAD6JhdX0GdJwIHVaBikePSpQXhIdwLlWI=",
         "ref": "main",
-        "rev": "f340dc5b9c9f3b75b7aca41f56f8869b9e28cf8c",
+        "rev": "7258822e2e90fea2ea00b13b5542f63699e33a9e",
-        "revCount": 58,
+        "revCount": 61,
         "type": "git",
         "url": "https://git.pvv.ntnu.no/Grzegorz/greg-ng.git"
       },
@@ -191,11 +230,11 @@
         "rust-overlay": "rust-overlay_2"
       },
       "locked": {
-        "lastModified": 1766407405,
+        "lastModified": 1767906976,
-        "narHash": "sha256-UEJ8F8/oG70biWRrGbL5/aB7OXzzvnYs+jxkR07UHvA=",
+        "narHash": "sha256-igCg8I83eO+noF00raXVJqDxzLS2SrZN8fK5bnvO+xI=",
         "ref": "main",
-        "rev": "e719840f72ca1b0cd169562a3a0de69899821de0",
+        "rev": "626bc9b6bae6a997b347cdbe84080240884f2955",
-        "revCount": 16,
+        "revCount": 17,
         "type": "git",
         "url": "https://git.pvv.ntnu.no/Projects/minecraft-heatmap.git"
       },
@@ -212,11 +251,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1765904683,
+        "lastModified": 1767906653,
-        "narHash": "sha256-uXM56y5n5GWpCiCNdKlTcCAy2IntgDB21c4gBDU30io=",
+        "narHash": "sha256-KMiVvnlkRpW4/MVloLURfjv3bvjcae0X9skext2jKVE=",
         "ref": "main",
-        "rev": "6fae27b1659efb6774cf08a4e36ed29ab0e24105",
+        "rev": "584fd6379c905a6370484c5b5ba0623b4fcb778f",
-        "revCount": 26,
+        "revCount": 27,
         "type": "git",
         "url": "https://git.pvv.ntnu.no/Projects/minecraft-kartverket.git"
       },
@@ -233,11 +272,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1743881366,
+        "lastModified": 1767906352,
-        "narHash": "sha256-ScGA2IHPk9ugf9bqEZnp+YB/OJgrkZblnG/XLEKvJAo=",
+        "narHash": "sha256-wYsH9MMAPFG3XTL+3DwI39XMG0F2fTmn/5lt265a3Es=",
         "ref": "main",
-        "rev": "db2e4becf1b11e5dfd33de12a90a7d089fcf68ec",
+        "rev": "d054c5d064b8ed6d53a0adb0cf6c0a72febe212e",
-        "revCount": 11,
+        "revCount": 13,
         "type": "git",
         "url": "https://git.pvv.ntnu.no/Drift/nix-gitea-themes.git"
       },
@@ -250,18 +289,18 @@
     "nix-topology": {
       "inputs": {
         "devshell": "devshell",
-        "flake-utils": "flake-utils",
+        "flake-utils": "flake-utils_2",
         "nixpkgs": [
           "nixpkgs"
         ],
         "pre-commit-hooks": "pre-commit-hooks"
       },
       "locked": {
-        "lastModified": 1765969653,
+        "lastModified": 1767888340,
-        "narHash": "sha256-qVpQxyvdByeDfb+d+jhbyNna2Ie+w85iHpt4Qu0rv/E=",
+        "narHash": "sha256-CccRg4d8TpOUGz2HefBZLNYtGrcAyCMa7GVJHcUd8W4=",
         "owner": "oddlama",
         "repo": "nix-topology",
-        "rev": "0ed73e5a1b65eb8ed388d070ebe8dedb9182f466",
+        "rev": "416ff06f72e810c554761e3f5dbf33b4f331e73e",
         "type": "github"
       },
       "original": {
@@ -273,11 +312,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1767043167,
+        "lastModified": 1767871818,
-        "narHash": "sha256-wN04/SL+8tV0D2HBIgt9dpX/03U18xoJ+8PT+dcn30E=",
+        "narHash": "sha256-SOIHRu1sk+dW5f5DNTN5xYoeuZCyGIlKqxZ8RRj4lCM=",
-        "rev": "0b43a6ee07997a6e319e92dcbf276c2736506944",
+        "rev": "6eb8dee465373971d4495d92e23c2f0979384f76",
         "type": "tarball",
-        "url": "https://releases.nixos.org/nixos/25.11-small/nixos-25.11.2789.0b43a6ee0799/nixexprs.tar.xz"
+        "url": "https://releases.nixos.org/nixos/25.11-small/nixos-25.11.3412.6eb8dee46537/nixexprs.tar.xz"
       },
       "original": {
         "type": "tarball",
@@ -286,11 +325,11 @@
     },
     "nixpkgs-unstable": {
       "locked": {
-        "lastModified": 1767031366,
+        "lastModified": 1767870855,
-        "narHash": "sha256-SJz8tVEnXusU8OzN5ixAXQgzXv8fNIzp9ztzUyobh4s=",
+        "narHash": "sha256-SmrGFE9SdHFz60YbSCF7TtZ+GV8nIiYiI8fTEDyUouc=",
-        "rev": "d23fedd87fcd067b1d160323fae0d0e4f995527d",
+        "rev": "719f19e8e447a52152aee8061c7a2951f9254f14",
         "type": "tarball",
-        "url": "https://releases.nixos.org/nixos/unstable-small/nixos-26.05pre918279.d23fedd87fcd/nixexprs.tar.xz"
+        "url": "https://releases.nixos.org/nixos/unstable-small/nixos-26.05pre924399.719f19e8e447/nixexprs.tar.xz"
       },
       "original": {
         "type": "tarball",
@@ -304,18 +343,14 @@
         "nixpkgs": [
           "nix-topology",
           "nixpkgs"
-        ],
-        "nixpkgs-stable": [
-          "nix-topology",
-          "nixpkgs"
         ]
       },
       "locked": {
-        "lastModified": 1730797577,
+        "lastModified": 1765911976,
-        "narHash": "sha256-SrID5yVpyUfknUTGWgYkTyvdr9J1LxUym4om3SVGPkg=",
+        "narHash": "sha256-t3T/xm8zstHRLx+pIHxVpQTiySbKqcQbK+r+01XVKc0=",
         "owner": "cachix",
         "repo": "pre-commit-hooks.nix",
-        "rev": "1864030ed24a2b8b4e4d386a5eeaf0c5369e50a9",
+        "rev": "b68b780b69702a090c8bb1b973bab13756cc7a27",
         "type": "github"
       },
       "original": {
@@ -352,11 +387,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1767080188,
+        "lastModified": 1767906725,
-        "narHash": "sha256-BmyPuWeSQ9XREyi0KSerWRfJndmyzHNJLysBJld/KwA=",
+        "narHash": "sha256-AZpNzcnbl855mqemSrWbYl2mEgngC2lmiI6yiszEgQw=",
         "ref": "main",
-        "rev": "08a216f4473e26aa2a5349e72633c0ab24e8ffbd",
+        "rev": "65118b6abebd339e071c38f00a23b92dbbb72b38",
-        "revCount": 534,
+        "revCount": 537,
         "type": "git",
         "url": "https://git.pvv.ntnu.no/Projects/nettsiden.git"
       },
@@ -368,6 +403,7 @@
     },
     "root": {
       "inputs": {
+        "dibbler": "dibbler",
         "disko": "disko",
         "gergle": "gergle",
         "greg-ng": "greg-ng",
@@ -381,9 +417,32 @@
         "nixpkgs-unstable": "nixpkgs-unstable",
         "pvv-calendar-bot": "pvv-calendar-bot",
         "pvv-nettsiden": "pvv-nettsiden",
+        "roowho2": "roowho2",
         "sops-nix": "sops-nix"
       }
     },
+    "roowho2": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ],
+        "rust-overlay": "rust-overlay_3"
+      },
+      "locked": {
+        "lastModified": 1767903580,
+        "narHash": "sha256-UtulIUyFv6HcU5BUcQONtyG29XPTOBMsJ4N0nJGNOUk=",
+        "ref": "main",
+        "rev": "dd23346bda46629788b08aba2e8af3b3f13335af",
+        "revCount": 38,
+        "type": "git",
+        "url": "https://git.pvv.ntnu.no/Projects/roowho2.git"
+      },
+      "original": {
+        "ref": "main",
+        "type": "git",
+        "url": "https://git.pvv.ntnu.no/Projects/roowho2.git"
+      }
+    },
     "rust-overlay": {
       "inputs": {
         "nixpkgs": [
@@ -392,11 +451,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1765680428,
+        "lastModified": 1767840362,
-        "narHash": "sha256-fyPmRof9SZeI14ChPk5rVPOm7ISiiGkwGCunkhM+eUg=",
+        "narHash": "sha256-ZtsFqUhilubohNZ1TgpQIFsi4biZTwRH9rjZsDRDik8=",
         "owner": "oxalica",
         "repo": "rust-overlay",
-        "rev": "eb3898d8ef143d4bf0f7f2229105fc51c7731b2f",
+        "rev": "d159ea1fc321c60f88a616ac28bab660092a227d",
         "type": "github"
       },
       "original": {
@@ -426,6 +485,27 @@
         "type": "github"
       }
     },
+    "rust-overlay_3": {
+      "inputs": {
+        "nixpkgs": [
+          "roowho2",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1767322002,
+        "narHash": "sha256-yHKXXw2OWfIFsyTjduB4EyFwR0SYYF0hK8xI9z4NIn0=",
+        "owner": "oxalica",
+        "repo": "rust-overlay",
+        "rev": "03c6e38661c02a27ca006a284813afdc461e9f7e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "oxalica",
+        "repo": "rust-overlay",
+        "type": "github"
+      }
+    },
     "sops-nix": {
       "inputs": {
         "nixpkgs": [
@@ -433,11 +513,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1766894905,
+        "lastModified": 1767826491,
-        "narHash": "sha256-pn8AxxfajqyR/Dmr1wnZYdUXHgM3u6z9x0Z1Ijmz2UQ=",
+        "narHash": "sha256-WSBENPotD2MIhZwolL6GC9npqgaS5fkM7j07V2i/Ur8=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "61b39c7b657081c2adc91b75dd3ad8a91d6f07a7",
+        "rev": "ea3adcb6d2a000d9a69d0e23cad1f2cacb3a9fbe",
         "type": "github"
       },
       "original": {
@@ -461,6 +541,21 @@
         "repo": "default",
         "type": "github"
       }
+    },
+    "systems_2": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
     }
   },
   "root": "root",

flake.nix

@@ -20,6 +20,9 @@
     pvv-calendar-bot.url = "git+https://git.pvv.ntnu.no/Projects/calendar-bot.git?ref=main";
     pvv-calendar-bot.inputs.nixpkgs.follows = "nixpkgs";
 
+    dibbler.url = "git+https://git.pvv.ntnu.no/Projects/dibbler.git?ref=main";
+    dibbler.inputs.nixpkgs.follows = "nixpkgs";
+
     matrix-next.url = "github:dali99/nixos-matrix-modules/v0.8.0";
     matrix-next.inputs.nixpkgs.follows = "nixpkgs";
 
@@ -29,6 +32,9 @@
     minecraft-heatmap.url = "git+https://git.pvv.ntnu.no/Projects/minecraft-heatmap.git?ref=main";
     minecraft-heatmap.inputs.nixpkgs.follows = "nixpkgs";
 
+    roowho2.url = "git+https://git.pvv.ntnu.no/Projects/roowho2.git?ref=main";
+    roowho2.inputs.nixpkgs.follows = "nixpkgs";
+
     greg-ng.url = "git+https://git.pvv.ntnu.no/Grzegorz/greg-ng.git?ref=main";
     greg-ng.inputs.nixpkgs.follows = "nixpkgs";
     gergle.url = "git+https://git.pvv.ntnu.no/Grzegorz/gergle.git?ref=main";
@@ -77,23 +83,30 @@
         nixpkgs:
         name:
         configurationPath:
-        extraArgs:
+        extraArgs@{
+          system ? "x86_64-linux",
+          specialArgs ? { },
+          modules ? [ ],
+          overlays ? [ ],
+          enableDefaults ? true,
+          ...
+        }:
         lib.nixosSystem (lib.recursiveUpdate
-        (let
+        {
-          system = "x86_64-linux";
-        in {
           inherit system;
 
           specialArgs = {
             inherit unstablePkgs inputs;
             values = import ./values.nix;
             fp = path: ./${path};
-          } // extraArgs.specialArgs or { };
+          } // specialArgs;
 
           modules = [
             configurationPath
+          ] ++ (lib.optionals enableDefaults [
             sops-nix.nixosModules.sops
-          ] ++ extraArgs.modules or [];
+            inputs.roowho2.nixosModules.default
+          ]) ++ modules;
 
           pkgs = import nixpkgs {
             inherit system;
@@ -102,15 +115,18 @@
                 "nvidia-x11"
                 "nvidia-settings"
               ];
-            overlays = [
+            overlays = (lib.optionals enableDefaults [
               # Global overlays go here
-            ] ++ extraArgs.overlays or [ ];
+              inputs.roowho2.overlays.default
+            ]) ++ overlays;
           };
-        })
+        }
         (builtins.removeAttrs extraArgs [
+          "system"
           "modules"
           "overlays"
           "specialArgs"
+          "enableDefaults"
         ])
       );
 
@@ -134,7 +150,7 @@
           inputs.pvv-calendar-bot.overlays.default
           inputs.minecraft-heatmap.overlays.default
           (final: prev: {
-            inherit (self.packages.${prev.system}) out-of-your-element;
+            inherit (self.packages.${prev.stdenv.hostPlatform.system}) out-of-your-element;
           })
         ];
       };
@@ -195,6 +211,16 @@
           inputs.gergle.overlays.default
         ];
       };
+      skrott = stableNixosConfig "skrott" {
+        system = "aarch64-linux";
+        modules = [
+          (nixpkgs + "/nixos/modules/installer/sd-card/sd-image-aarch64.nix")
+          inputs.dibbler.nixosModules.default
+        ];
+        overlays = [
+          inputs.dibbler.overlays.default
+        ];
+      };
     }
     //
     (let
@@ -256,6 +282,11 @@
       lib.genAttrs allMachines
         (machine: self.nixosConfigurations.${machine}.config.system.build.toplevel)
       //
+      # Skrott is exception
+      {
+        skrott = self.nixosConfigurations.skrott.config.system.build.sdImage;
+      }
+      //
       # Nix-topology
       (let
         topology' = import inputs.nix-topology {

hosts/skrott/configuration.nix

@@ -0,0 +1,61 @@
+{ pkgs, lib, fp, ... }: {
+  imports = [
+    # ./hardware-configuration.nix
+
+    (fp /base)
+  ];
+
+  boot = {
+    consoleLogLevel = 0;
+    enableContainers = false;
+    loader.grub.enable = false;
+    kernelPackages = pkgs.linuxPackages;
+  };
+
+  # Now turn off a bunch of stuff lol
+  system.autoUpgrade.enable = lib.mkForce false;
+  services.irqbalance.enable = lib.mkForce false;
+  services.logrotate.enable = lib.mkForce false;
+  services.nginx.enable = lib.mkForce false;
+  services.postfix.enable = lib.mkForce false;
+
+  # TODO: can we reduce further?
+
+  system.stateVersion = "25.05";
+
+  # sops.defaultSopsFile = fp /secrets/skrott/skrott.yaml;
+  # sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+  # sops.age.keyFile = "/var/lib/sops-nix/key.txt";
+  # sops.age.generateKey = true;
+
+  # zramSwap.enable = true;
+
+  networking = {
+    hostName = "skrot";
+    interfaces.eth0 = {
+      useDHCP = false;
+      ipv4.addresses = [{
+        address = "129.241.210.235";
+        prefixLength = 25;
+      }];
+    };
+  };
+
+  services.dibbler = {
+    enable = true;
+    kioskMode = true;
+    limitScreenWidth = 80;
+    limitScreenHeight = 42;
+  };
+
+  # https://github.com/NixOS/nixpkgs/issues/84105
+  boot.kernelParams = [
+    "console=ttyUSB0,9600"
+    # "console=tty1" # Already part of the module
+  ];
+  systemd.services."serial-getty@ttyUSB0" = {
+    enable = true;
+    wantedBy = [ "getty.target" ]; # to start at boot
+    serviceConfig.Restart = "always"; # restart when session is closed
+  };
+}