feat: enable uconsole-cm5-aio-v2 module on uConsole

2026-06-21 18:39:34 +00:00
7 changed files with 32 additions and 236 deletions
--- a/assets/dotfiles
+++ b/assets/dotfiles
--- a/flake.nix
+++ b/flake.nix
@@ -187,12 +187,6 @@
        # perl-ldap fails cross-compile (Module::Install needs dynamic loading)
        # Strip it from john deps -- the perl scripts that need it are not critical
        john = prev.john.overrideAttrs (old: {
-          nativeBuildInputs = (old.nativeBuildInputs or []) ++ [
-            prev.buildPackages.python3  # python3 for opencl_generate_dynamic_loader.py
-          ];
-          configureFlags = (old.configureFlags or []) ++ [
-            "ac_cv_prog_PYTHON=${prev.buildPackages.python3}/bin/python3"
-          ];
          propagatedBuildInputs = builtins.filter
            (x: x?pname && x.pname != "perl-ldap")
            (old.propagatedBuildInputs or []);
@@ -324,4 +318,4 @@
        }).config.system.build.sdImage;
      };
    };
-}
+}
--- a/hosts/lazyworkhorse/configuration.nix
+++ b/hosts/lazyworkhorse/configuration.nix
@@ -569,19 +569,3 @@

 }

-  # Remote builder — uConsole for aarch64-linux native builds
-  nix.distributedBuilds = true;
-  nix.buildMachines = [{
-    hostName = "192.168.1.120";
-    systems = ["aarch64-linux"];
-    maxJobs = 4;
-    supportedFeatures = ["big-parallel" "nixos-test" "benchmark" "gccarch-armv8-a"];
-    sshUser = "builder";
-    sshKey = "/home/ai-worker/id_deploy";
-  }];
-  nix.extraOptions = '
-    builders-use-substitutes = true
-    fallback = true
-  ';
-
-
--- a/hosts/uconsole-cm5/configuration.nix
+++ b/hosts/uconsole-cm5/configuration.nix
@@ -1,11 +1,11 @@
 { config, lib, pkgs, keys, ... }:
+
 {
  networking.hostName = "uConsole";
  time.timeZone = "America/Montreal";
  i18n.defaultLocale = "en_CA.UTF-8";
  system.stateVersion = "25.11";
-  # Boot & Hardware
-  boot.loader.raspberry-pi.bootloader = "kernel";
+
  # SSH — root access avec clés gortium + ai-worker
  services.openssh = {
    enable = true;
@@ -14,32 +14,41 @@
      PasswordAuthentication = lib.mkForce false;
    };
  };
+
  users.users.root.openssh.authorizedKeys.keys = with keys; [
    users.gortium.main
    users.ai-worker.main
  ];
+
+  # AI worker user (Hermes SSH access)
+  users.users.ai-worker = {
+    isNormalUser = false;
+    shell = pkgs.bash;
+    openssh.authorizedKeys.keys = with keys; [
+      users.ai-worker.main
+    ];
+  };
+
  # Age secret for gortium password (file created by user)
  age.secrets.gortium_password = {
-    file = ../../secrets/gortium_password.age;
+    file = ../secrets/gortium_password.age;
  };
-  # WiFi via NetworkManager
+
+  # Password file for gortium (merges with users/gortium/default.nix)
+
+  # WiFi via NetworkManager + secret agenix
  networking.networkmanager.enable = true;
+
  # Firmware
  hardware.enableRedistributableFirmware = true;
-  # RealtimeKit for PipeWire audio
-  security.rtkit.enable = true;
-  services.pipewire = {
-    enable = true;
-    alsa.enable = true;
-    alsa.support32Bit = true;
-    pulse.enable = true;
-  };
+
  # Hyprland Wayland compositor (manual start — no SDDM)
  programs.hyprland = {
    enable = true;
    xwayland.enable = true;
  };
-  # HackerGadgets AIO v2 board
+
+  # HackerGadgets AIO v2 board — GPIO rail control, aiov2_ctl CLI
  hardware.uconsole-cm5-aio-v2 = {
    enable = true;
    bootRails = {
@@ -50,165 +59,4 @@
    };
    enableGPS = false;
  };
-  # User
-  users.users.gortium = {
-    isNormalUser = true;
-    extraGroups = [ "wheel" "networkmanager" "video" "dialout" "kismet" ];
-    hashedPasswordFile = config.age.secrets.gortium_password.path;
-    openssh.authorizedKeys.keys = [
-      keys.users.gortium.main
-      keys.users.gortium.gitea
-    ];
-  };
-  security.sudo.extraRules = [
-    {
-      users = [ "gortium" ];
-      commands = [{
-        command = "ALL";
-        options = [ "NOPASSWD" ];
-      }];
-    }
-  ];
-  # ============================================================
-  # Package groups
-  # ============================================================
-  # ============================================================
-  # CROSS-COMPILE REMOVALS — packages removed for aarch64 bootstrap
-  # ============================================================
-  # These packages fail to cross-compile for aarch64.
-  # Install them natively AFTER the first successful switch.
-  #
-  # Removed:                              Reason:
-#   inspectrum — Qt5 cross-compile cascade fails (qtsvg mismatched qtbase deps)
-  #   hashcat   — Makefile calls gcc directly (cross-compiler not used)
-  #   neovim    — Same as hashcat: Makefile calls gcc directly (cross-compiler not used)
-  #   clamav    — cmake try_run + Rust proc-macro linker for aarch64
-  #   sdrpp     — glfw/wxPython cross-compile fails
-  #   gqrx      — Qt5 cross-compile cascade fails
-  #   emacs-pgtk → emacs-nox — GTK3 + mailutils → gss → shishi chain
-  #   viking    — GTK3 GPS map editor
-  #   foxtrotgps — GTK2 GPS app
-  #   js8call   — QtQuick3D dep
-  #   wsjtx     — qtbase/Qt5 linker fails (collect2: ld returned 1)
-  #   fldigi    — same: qtbase/Qt5 linker fails
-#   gpsbabel  — qmake can't find cross-compiler g++
-#   john      — configure script needs python (not in PATH during cross-compile)
-#   trustedqsl — needs wxWidgets (unavailable in cross-compile)
-#   chirp — depends on wxPython (fails cross-compile: GTK3 + wx build)
-  # ============================================================
-  environment.systemPackages = with pkgs; [
-    # ===== Base =====
-    # emacs-pgtk — removed for bootstrap (GTK3 cross-compile fails)
-    # emacs-nox — removed for bootstrap (depends on mailutils -> gss -> shishi, cross-compile fails)
-    git
-    ripgrep
-    fd
-    htop
-    tmux
-    # ===== HAM Radio =====
-    wsjtx # removed for bootstrap - now native
-    fldigi # removed for bootstrap - now native
-    pat                        # Winlink client
-    direwolf                   # AX.25 packet modem
-    chirp # Radio programming tool - now native
-    hamlib                     # Ham radio control libraries
-    trustedqsl # Logbook of the World (LoTW) - now native
-    # ===== SDR / RF =====
-    sdrpp # removed for bootstrap - now native
-    gqrx # removed for bootstrap - now native
-    rtl-sdr                    # RTL-SDR drivers & utilities
-    inspectrum # removed for bootstrap - now native
-    soapysdr-with-plugins      # SoapySDR + hardware support plugins
-    # ===== Mesh / LoRa =====
-    reticulumStack             # Reticulum Network Stack
-    lxmf                       # LXMF messaging protocol
-    nomadnet                   # Nomad Network client
-    # ===== Security =====
-    nmap
-    aircrack-ng
-    kismet                     # Wi-Fi monitor / IDS
-    bettercap                  # MITM/network attack framework
-    wireshark-cli                  # Packet analyzer
-    john # John the Ripper - now native
-    sqlmap                     # SQL injection tool
-    # ===== GPS / Maps =====
-    foxtrotgps # removed for bootstrap - now native
-    viking # removed for bootstrap - now native
-    gpsbabel # GPS data conversion - now native
-  ];
-  # ============================================================
-  # Reticulum Service (rnsd)
-  # ============================================================
-  systemd.services.rnsd = {
-    description = "Reticulum Network Stack Daemon";
-    wants = [ "network-online.target" ];
-    after = [ "network-online.target" ];
-    wantedBy = [ "multi-user.target" ];
-    serviceConfig = {
-      User = "gortium";
-      Group = "gortium";
-      ExecStart = "${pkgs.reticulumStack}/bin/rnsd";
-      Restart = "always";
-      RestartSec = "10s";
-      LimitNOFILE = 65536;
-    };
-  };
-  # ============================================================
-  # Kismet Service (Wi-Fi monitoring / mesh node)
-  # ============================================================
-  systemd.services.kismet = {
-    description = "Kismet Wi-Fi Monitor & IDS";
-    wants = [ "network-online.target" ];
-    after = [ "network-online.target" ];
-    wantedBy = [ "multi-user.target" ];
-    serviceConfig = {
-      User = "gortium";
-      Group = "kismet";
-      ExecStart = "${pkgs.kismet}/bin/kismet -c wlan0 --log-prefix=/home/gortium/kismet_logs --no-nc-ui";
-      Restart = "always";
-      RestartSec = "10s";
-    };
-  };
-  # ============================================================
-  # Kernel modules for SDR and radio
-  # ============================================================
-  boot.kernelModules = [
-    "88x2bu"          # Realtek 8812/8821BU USB WiFi
-    "rtl8xxxu"        # RTL8188/8192/8723 USB WiFi
-    "rtl2832_sdr"     # RTL-SDR kernel module
-    "dvb_usb_rtl28xxu" # RTL-SDR DVB-T
-  ];
-  # ============================================================
-  # Extra udev rules for SDR and HAM radio devices
-  # ============================================================
-  services.udev.packages = with pkgs; [ rtl-sdr ];
-  # ============================================================
-  # Enable IPv6 for Reticulum mesh
-  # ============================================================
-  networking.enableIPv6 = true;
-  # ============================================================
-  # Firewall
-  # ============================================================
-  networking.firewall.allowedTCPPorts = [ 22 ];
-  networking.firewall.allowedUDPPorts = [ ];
-  # ============================================================
-  # agenix-rekey — automatic secret re-encryption at deploy time
-  # ============================================================
-  age.rekey = {
-    # Master identities for encrypting secrets (on Thierry's laptop)
-    masterIdentities = [
-      "/home/gortium/.ssh/gortium_ssh_key"
-    ];
-    # uConsole SSH host pubkey — for automatic rekey at build time
-    # Once uConsole is deployed, replace with actual pubkey from:
-    #   ssh-keyscan uConsole.local | ssh-to-age
-    hostPubkey = "age1qyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqs3290gq"; # dummy — replace after bootstrap
-  };
-
-  # Pipewire overlay: drop libcamera (fixes aarch64 cross-compile — rpi-pisp blocks)
-  nixpkgs.overlays = [
-    (final: prev: {
-      pipewire = prev.pipewire.override { libcamera = null; };
-    })
-  ];
 }
--- a/modules/nixos/hardware/uconsole-cm5-aio-v2.nix
+++ b/modules/nixos/hardware/uconsole-cm5-aio-v2.nix
@@ -47,7 +47,6 @@ let
    };

    dontUnpack = true;
-    buildInputs = [ pkgs.python3 ];

    installPhase = ''
      mkdir -p $out/bin $out/share/aiov2_ctl/img
--- a/users/gortium/gortium.nix
+++ b/users/gortium/gortium.nix
@@ -1,7 +1,5 @@
 { pkgs, inputs, config, keys, ... }: {
-  home-manager.extraSpecialArgs = {
-    inherit (config.networking) hostName;
-  };
+  home-manager.extraSpecialArgs = { inherit (config.networking) hostName; dotfiles = inputs.dotfiles.outPath # flake input (not submodule); };
  home-manager.users.gortium = import ./home.nix;
  users.users.gortium = {
    isNormalUser = true;
--- a/users/gortium/home.nix
+++ b/users/gortium/home.nix
@@ -2,7 +2,6 @@

 let
  isUconsole = hostName == "uConsole";
-  dotfiles = ../../assets/dotfiles;
 in {
  home.username = "gortium";
  home.homeDirectory = "/home/gortium";
@@ -34,9 +33,6 @@ in {
    ".config/wofi/config".source = "${dotfiles}/wofi/.config/wofi/config";

    # yazi
-
-    # wallpapers
-    ".config/wallpapers".source = "${dotfiles}/wallpapers/.config/wallpapers";
    ".config/yazi/yazi.toml".source = "${dotfiles}/yazi/.config/yazi/yazi.toml";

    # hyprland — common config
@@ -47,45 +43,22 @@ in {
    ".config/hypr/mocha.conf".source = "${dotfiles}/hypr/.config/hypr/mocha.conf";

    # hyprland — host-specific monitor config
-    ".config/hypr/hosts/monitors.conf".source =
+    ".config/hypr/host/monitors.conf".source =
      if isUconsole
      then "${dotfiles}/hypr/.config/hypr/hosts/uconsole.conf"
      else "${dotfiles}/hypr/.config/hypr/hosts/laptop.conf";
  };

-  programs.bash.enable = true;
-  programs.zsh = {
-    enable = true;
-    initExtra = builtins.readFile "${dotfiles}/zsh/.zshrc";
-  };
-
  home.packages = with pkgs; [
    git zsh tmux starship
    neovim kitty
    btop yazi ripgrep fd fzf
-    htop unzip wget jq
-    hyprland hyprlock hypridle hyprpaper
-    waybar wofi dunst
-    libnotify mako
-    swaynotificationcenter
-    swww
-    emacs
-    udiskie
-    hyprshade
-    networkmanagerapplet
-    pavucontrol
+  ] ++ lib.optionals (!isUconsole) [
+    waybar wofi swww hyprshot
+  ] ++ lib.optionals isUconsole [
+    brightnessctl
  ];

-  xdg.userDirs = {
-    enable = true;
-    createDirectories = true;
-    desktop = "$HOME/desktop";
-    documents = "$HOME/documents";
-    download = "$HOME/downloads";
-    music = "$HOME/music";
-    pictures = "$HOME/pictures";
-    publicShare = "$HOME/public";
-    templates = "$HOME/templates";
-    videos = "$HOME/videos";
-  };
+  programs.zsh.enable = true;
+  programs.starship.enable = true;
 }