Hermes Agent
9d0deddc98
- Uses nixos-uconsole.nixosModules.uconsole-cm5 with nixos-raspberrypi - Module chain: raspberry-pi-5.base + uconsole-cm5 - Includes HAM radio, SDR, GPS, and security tools - Packages adjusted for latest nixpkgs (reticulum/marble not available)
115 lines
3.7 KiB
Nix
115 lines
3.7 KiB
Nix
{ config, lib, pkgs, paths, self, keys, inputs, nixos-raspberrypi, ... }:
|
|
|
|
{
|
|
# --- CORE HARDWARE (CM5 / RPi5) ---
|
|
# nixos-raspberrypi.nixosModules.raspberry-pi-5.base + nixos-uconsole.nixosModules.uconsole-cm5 imported in flake.nix
|
|
|
|
# --- BASIC HOST INFO ---
|
|
networking.hostName = "uConsole";
|
|
networking.networkmanager.enable = true;
|
|
time.timeZone = "America/Montreal";
|
|
i18n.defaultLocale = "en_CA.UTF-8";
|
|
|
|
# --- GPS DAEMON ---
|
|
services.gpsd = {
|
|
enable = true;
|
|
devices = [ "/dev/ttyAMA0" ]; # Default port for RPi5/CM5 GPS
|
|
nowait = true;
|
|
};
|
|
|
|
# --- USER CONFIGURATION ---
|
|
users.users.thierry = {
|
|
isNormalUser = true;
|
|
description = "Thierry";
|
|
extraGroups = [
|
|
"wheel" # Sudo
|
|
"dialout" # Access to serial/HAM rigs
|
|
"plugdev" # Access to USB SDRs
|
|
"wireshark" # Packet capture without root
|
|
"video" # Hardware acceleration access
|
|
"networkmanager"
|
|
];
|
|
openssh.authorizedKeys.keys = [
|
|
keys.users.gortium.main
|
|
keys.users.gortium.gitea
|
|
];
|
|
};
|
|
|
|
# --- INTERFACE (WAYLAND/SWAY) ---
|
|
# Sway is recommended for the uConsole's low resources
|
|
programs.sway = {
|
|
enable = true;
|
|
extraOptions = [ "--unsupported-gpu" ]; # Often needed for RPi
|
|
};
|
|
|
|
# --- SOFTWARE TOOLKITS ---
|
|
environment.systemPackages = with pkgs; [
|
|
# Base Tools (for your Doom Emacs environment)
|
|
emacs-pgtk # Emacs with Wayland support
|
|
git # Required for Doom Emacs / Flakes
|
|
ripgrep # Fast searching for Emacs/CLI
|
|
fd # Better find for Emacs
|
|
htop # Resource monitor
|
|
tmux # Terminal multiplexer
|
|
neovim # Alternative editor
|
|
|
|
# HAM RADIO (Digital Modes)
|
|
js8call # Weak-signal keyboard messaging
|
|
wsjtx # FT8, JT65, etc.
|
|
fldigi # Digital modem (PSK, RTTY)
|
|
pat # Winlink client (Use 'pat configure' after install)
|
|
direwolf # Software TNC for APRS
|
|
chirp # Radio programming
|
|
hamlib # Rig control (rigctl)
|
|
trustedqsl # LotW log signing
|
|
|
|
# SDR + RF ANALYSIS
|
|
sdrpp # Modern SDR GUI (Best for uConsole)
|
|
gqrx # Classic SDR receiver
|
|
rtl-sdr # Drivers for RTL2832U
|
|
inspectrum # Offline signal analysis
|
|
soapysdr-with-plugins # Hardware abstraction layer
|
|
|
|
# LORA, MESH & RETICULUM
|
|
# reticulum-network-stack - not in nixpkgs, install via pip
|
|
# nomadnet - not in nixpkgs, install via pip
|
|
# lxmf - not in nixpkgs, install via pip
|
|
# sidechannel-rns - not in nixpkgs, install via pip
|
|
|
|
# HACKING & SECURITY (Kali-like suite)
|
|
nmap # Port scanning
|
|
metasploit # Exploitation framework
|
|
aircrack-ng # Wi-Fi auditing
|
|
kismet # Wireless sniffer (Essential for your Pi Zero project)
|
|
bettercap # MITM and network attack tool
|
|
wireshark # Protocol analyzer
|
|
burpsuite # Web vulnerability scanner
|
|
hashcat # Password recovery
|
|
john # John the Ripper (password cracking)
|
|
sqlmap # Automated SQL injection
|
|
|
|
# GPS & OFFLINE MAPPING
|
|
foxtrotgps # Lightweight map viewer (Perfect for small screens)
|
|
viking # GPS data editor and map viewer
|
|
gpsbabel # GPS data conversion
|
|
# marble - not available in this nixpkgs version
|
|
];
|
|
|
|
# Udev rules for SDR and Radio hardware access
|
|
services.udev.packages = [
|
|
pkgs.rtl-sdr
|
|
];
|
|
|
|
# Enable Wireshark privilege separation
|
|
programs.wireshark.enable = true;
|
|
|
|
# Enable OpenSSH
|
|
services.openssh = {
|
|
enable = true;
|
|
settings.PermitRootLogin = lib.mkForce "prohibit-password";
|
|
};
|
|
|
|
# System state version
|
|
system.stateVersion = "25.11";
|
|
}
|