From b5cc4d4609c6ed56174c787921846ff2b2020c2d Mon Sep 17 00:00:00 2001
From: Zuckerberg <zuckerberg@neet.dev>
Date: Tue, 30 Jan 2024 21:59:09 -0700
Subject: [PATCH] Emulate ARM systems for building

---
 machines/ephemeral/sdimg.nix    | 57 +++++++++++++++++++++++++++++++++
 machines/storage/s0/default.nix |  2 ++
 secrets/oauth2-proxy-env.age    | 16 +++++++++
 3 files changed, 75 insertions(+)
 create mode 100644 machines/ephemeral/sdimg.nix
 create mode 100644 secrets/oauth2-proxy-env.age

diff --git a/machines/ephemeral/sdimg.nix b/machines/ephemeral/sdimg.nix
new file mode 100644
index 0000000..51dbd03
--- /dev/null
+++ b/machines/ephemeral/sdimg.nix
@@ -0,0 +1,57 @@
+{ config, modulesPath, pkgs, lib, ... }:
+
+let
+  pinecube-uboot = pkgs.buildUBoot {
+    defconfig = "pinecube_defconfig";
+    extraMeta.platforms = [ "armv7l-linux" ];
+    filesToInstall = [ "u-boot-sunxi-with-spl.bin" ];
+  };
+in
+{
+  imports = [
+    (modulesPath + "/installer/sd-card/sd-image.nix")
+    ./minimal.nix
+  ];
+
+  sdImage.populateFirmwareCommands = "";
+  sdImage.populateRootCommands = ''
+    mkdir -p ./files/boot
+    ${config.boot.loader.generic-extlinux-compatible.populateCmd} -c ${config.system.build.toplevel} -d ./files/boot
+  '';
+  sdImage.postBuildCommands = ''
+    dd if=${pinecube-uboot}/u-boot-sunxi-with-spl.bin of=$img bs=1024 seek=8 conv=notrunc
+  '';
+
+  ###
+
+  networking.hostName = "pinecube";
+
+  boot.loader.grub.enable = false;
+  boot.loader.generic-extlinux-compatible.enable = true;
+  boot.consoleLogLevel = 7;
+
+  # cma is 64M by default which is waay too much and we can't even unpack initrd
+  boot.kernelParams = [ "console=ttyS0,115200n8" "cma=32M" ];
+
+  boot.kernelModules = [ "spi-nor" ]; # Not sure why this doesn't autoload. Provides SPI NOR at /dev/mtd0
+  boot.extraModulePackages = [ config.boot.kernelPackages.rtl8189es ];
+
+  zramSwap.enable = true; # 128MB is not much to work with
+
+  sound.enable = true;
+
+  environment.systemPackages = with pkgs; [
+    ffmpeg
+    (v4l_utils.override { withGUI = false; })
+    usbutils
+  ];
+
+  services.getty.autologinUser = lib.mkForce "googlebot";
+  users.users.googlebot = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" "networkmanager" "video" ];
+    openssh.authorizedKeys.keys = config.machines.ssh.userKeys;
+  };
+
+  networking.wireless.enable = true;
+}
diff --git a/machines/storage/s0/default.nix b/machines/storage/s0/default.nix
index 450ed94..0b435cf 100644
--- a/machines/storage/s0/default.nix
+++ b/machines/storage/s0/default.nix
@@ -220,4 +220,6 @@
     enable = true;
     configFile = ./dashy.yaml;
   };
+
+  boot.binfmt.emulatedSystems = [ "aarch64-linux" "armv7l-linux" ];
 }
diff --git a/secrets/oauth2-proxy-env.age b/secrets/oauth2-proxy-env.age
new file mode 100644
index 0000000..86725cc
--- /dev/null
+++ b/secrets/oauth2-proxy-env.age
@@ -0,0 +1,16 @@
+age-encryption.org/v1
+-> ssh-ed25519 WBT1Hw 5DKa7UCodZLyTIBKfBurEXZsK6o/GfiggzgraB4YVik
+UNcoa5/uljUc/bBpDWSXOVba3/oxZDdG16gDK1aegVw
+-> ssh-ed25519 6AT2/g JkNLSQpug+kH9FXD/BO4Fqsoja8SmPE0xtEvUty+whE
+xL3RsDOvk0S1dGi9eQ2p3nhiNo3gFarJyMghM/clu1I
+-> ssh-ed25519 hPp1nw Jga9cT/t5CswxmKL90fQjjpdAwCZmOwAjHZk+9LDHEQ
+AmS4gOWCCrxFEySjFcXR0Iia2WPlfV1jL6OTwRZu2r4
+-> ssh-ed25519 dMQYog C3TYIrNoQFBm45WlJ5wNIBeZzHMuM3G7qK1nXULKNFk
+R1Uv2EoLcOmYcFcQKhbdDz3U8v2Vg5FcBjNhUNTtvlc
+-> n5zi-V*C-grease & As33LE` ~p3'Jct
+ADAGI5OX7hStwDlR21y7Qcmmw+AuHAfGK6AU3rz9xGSoSh36zQ
+--- fwM6RC7rdlwP4YkWIBYjh7YdZSbGIhHtX/9WFmvGAKI
+T†6èV÷eB‹àÚÉ¡9õ
+¨¦pàÚ*…C¯ÿò!ï„?¬À©´šc
ýÕ3ªÉ	^ë<
+X&òV¢¼ûõþ·?]5>
+F]qŠú :È>3@J1Ú	-N”`ËŠê±××­v°î|÷Ç3NO”±:ªŠ9
\ No newline at end of file