diff --git a/hosts/uConsole/configuration.nix b/hosts/uConsole/configuration.nix index e1ba6d0..c133a79 100644 --- a/hosts/uConsole/configuration.nix +++ b/hosts/uConsole/configuration.nix @@ -32,8 +32,9 @@ in networking.networkmanager.enable = true; services.openssh = { enable = true; - settings.PermitRootLogin = lib.mkForce "prohibit-password"; - settings.PasswordAuthentication = lib.mkForce false; + # TODO: lock down after first deployment + settings.PermitRootLogin = lib.mkForce "yes"; + settings.PasswordAuthentication = lib.mkForce true; }; # User @@ -216,20 +217,22 @@ in }; # ============================================================ - # Internal USB Hub Enable (GPIO 23) - # The Hacker Gadgets AIO V2 board has an internal USB hub for - # the AC1200 WiFi, SDR, and other peripherals. GPIO 23 must be - # HIGH to power the hub. CM5 defaults GPIO 23 to LOW. + # Internal USB Hub Enable (GPIO 23) — DISABLED + # This service freeze the CM5 because gpioset 0 23=1 writes + # to the wrong GPIO chip (BCM2712 native, not RP1). + # Enable manually after boot once the correct chip is confirmed: + # gpioset 0 23=1 # on chip 0 (BCM2712, CORE_VOLT or critical) + # gpioset 512 23=1 # on chip 512 (RP1, likely correct) # ============================================================ - systemd.services.enable-gpio23-usb-hub = { - description = "Enable Internal USB Hub (GPIO 23)"; - before = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; - ExecStart = "${pkgs.libgpiod}/bin/gpioset 0 23=1"; - ExecStop = "${pkgs.libgpiod}/bin/gpioset 0 23=0"; - }; - }; + # systemd.services.enable-gpio23-usb-hub = { + # description = "Enable Internal USB Hub (GPIO 23)"; + # before = [ "network.target" ]; + # wantedBy = [ "multi-user.target" ]; + # serviceConfig = { + # Type = "oneshot"; + # RemainAfterExit = true; + # ExecStart = "${pkgs.libgpiod}/bin/gpioset 0 23=1"; + # ExecStop = "${pkgs.libgpiod}/bin/gpioset 0 23=0"; + # }; + # }; }