.github/workflows/build.yml

@@ -13,10 +13,14 @@ jobs:
           - nixos-8gb-fsn1-1.x86_64-linux
           - nutty-noon.x86_64-linux
           - thinkrac.x86_64-linux
+          - aarch64-kexec.aarch64-linux
+          - aarch64-kexec-tarball
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
         uses: actions/checkout@v3
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
       - name: Cleanup Disk
         uses: curoky/cleanup-disk-action@v2.0
         with:
@@ -31,6 +35,8 @@ jobs:
             experimental-features = nix-command flakes ca-derivations
             post-build-hook = ${{ github.workspace }}/scripts/post-build-hook
             substituters = https://cache.chir.rs/ https://cache.nixos.org/
+            extra-platforms = armv7l-linux aarch64-linux powerpc-linux powerpc64-linux powerpc64le-linux riscv32-linux riscv64-linux wasm32-wasi i686-linux
+            sandbox = false
       - name: Download patched nix
         run: nix build github:DarkKirb/nix-packages#nix-s3-dedup
       - name: Set up secrets
@@ -45,4 +51,4 @@ jobs:
         run: |
           nix build '.#hydraJobs.${{ matrix.host }}'
         env:
-          NIXPKGS_ALLOW_UNFREE: 1
+          NIXPKGS_ALLOW_UNFREE: 1

.vscode/settings.json

@@ -1,4 +1,4 @@
 {
   "python.formatting.provider": "yapf",
-  "conventionalCommits.scopes": ["thinkrac"]
+  "conventionalCommits.scopes": ["thinkrac", "aarch64"]
 }

config/aarch64-kexec.nix

@@ -0,0 +1,65 @@
+# Adapted from https://github.com/cleverca22/nix-tests/tree/master/kexec
+{
+  pkgs,
+  config,
+  nixpkgs,
+  ...
+}: {
+  imports = [
+    "${nixpkgs}/nixos/modules/installer/netboot/netboot-minimal.nix"
+  ];
+  networking.hostName = "nixos";
+  networking.hostId = "d5b14b97";
+  boot.kernelParams = ["net.ifnames=0"];
+  system.stateVersion = "22.11";
+  system.build = rec {
+    image = pkgs.runCommand "image" {buildInputs = [pkgs.nukeReferences];} ''
+      mkdir $out
+      cp ${config.system.build.kernel}/${config.system.boot.loader.kernelFile} $out/kernel
+      cp ${config.system.build.netbootRamdisk}/initrd $out/initrd
+      echo "init=${builtins.unsafeDiscardStringContext config.system.build.toplevel}/init ${toString config.boot.kernelParams}" > $out/cmdline
+      nuke-refs $out/kernel
+    '';
+    kexec_script = pkgs.writeTextFile {
+      executable = true;
+      name = "kexec-nixos";
+      text = ''
+        #!${pkgs.stdenv.shell}
+        export PATH=${pkgs.kexectools}/bin:${pkgs.cpio}/bin:$PATH
+        set -x
+        set -e
+        cd $(mktemp -d)
+        pwd
+        mkdir initrd
+        pushd initrd
+        if [ -e /ssh_pubkey ]; then
+          cat /ssh_pubkey >> authorized_keys
+        fi
+        find -type f | cpio -o -H newc | gzip -9 > ../extra.gz
+        popd
+        cat ${image}/initrd extra.gz > final.gz
+        kexec -l ${image}/kernel --initrd=final.gz --append="init=${builtins.unsafeDiscardStringContext config.system.build.toplevel}/init ${toString config.boot.kernelParams}"
+        sync
+        echo "executing kernel, filesystems will be improperly umounted"
+        kexec -e
+      '';
+    };
+  };
+  boot.initrd.postMountCommands = ''
+    mkdir -p /mnt-root/root/.ssh/
+    cp /authorized_keys /mnt-root/root/.ssh/
+  '';
+  system.build.kexec_tarball = pkgs.callPackage "${nixpkgs}/nixos/lib/make-system-tarball.nix" {
+    storeContents = [
+      {
+        object = config.system.build.kexec_script;
+        symlink = "/kexec_nixos";
+      }
+    ];
+    contents = [];
+  };
+  networking.wireguard.interfaces."wg0".ips = [
+    "fd0d:a262:1fa6:e621:6ec2:1e4e:ce7f:d2af/64"
+  ];
+  boot.supportedFilesystems = ["zfs"];
+}

config/default.nix

@@ -19,7 +19,6 @@
   services.openssh.enable = true;
   environment.systemPackages = with pkgs; [
     git
-    kitty.terminfo
   ];
   networking.firewall.allowedTCPPorts = [22];
   networking.firewall.allowedUDPPortRanges = [

config/home-manager/base.nix

@@ -1,7 +1,7 @@
 desktop: {pkgs, ...}: {
   imports = [
-    ../programs/zsh.nix
-    ../programs/helix
+    (import ../programs/zsh.nix desktop)
+    (import ../programs/helix desktop)
     ../programs/tmux.nix
     ../programs/ssh.nix
     ../programs/taskwarrior.nix
@@ -9,18 +9,12 @@ desktop: {pkgs, ...}: {
   programs = {
     zsh = {
       enable = true;
-      enableVteIntegration = true;
       oh-my-zsh = {
         enable = true;
       };
       initExtraBeforeCompInit = "source ${pkgs.zsh-powerlevel10k}/share/zsh-powerlevel10k/powerlevel10k.zsh-theme";
       initExtra = ''
         [[ ! -f ~/.p10k.zsh ]] || source ~/.p10k.zsh
-        test -n "$KITTY_INSTALLATION_DIR" || export KITTY_INSTALLATION_DIR=${pkgs.kitty}/lib/kitty
-        export KITTY_SHELL_INTEGRATION=enabled
-        autoload -Uz -- "$KITTY_INSTALLATION_DIR"/shell-integration/zsh/kitty-integration
-        kitty-integration
-        unfunction kitty-integration
       '';
       plugins = [
       ];
@@ -38,19 +32,21 @@ desktop: {pkgs, ...}: {
       nvim = "hx";
       cat = "bat";
       less = "bat";
-      icat = "${pkgs.kitty}/bin/kitty +kitten icat";
-      d = "${pkgs.kitty}/bin/kitty +kitten diff";
-      hg = "${pkgs.kitty}/bin/kitty +kitten hyperlinked_grep";
     };
-    packages = with pkgs; [
-      yubikey-manager
-      yubico-piv-tool
-      ripgrep
-      jq
-      gh
-      htop
-      sops
-    ];
+    packages = with pkgs;
+      [
+        yubico-piv-tool
+        ripgrep
+        jq
+        gh
+        htop
+        sops
+      ]
+      ++ (
+        if desktop
+        then [yubikey-manager]
+        else []
+      );
   };
 
   programs.exa = {

config/home-manager/darkkirb.nix

@@ -29,7 +29,6 @@
         ../programs/vscode
         ../programs/misc.nix
         ../programs/mail.nix
-        ../programs/kitty.nix
         ../programs/zk.nix
       ]
       else []

config/programs/git.nix

@@ -10,16 +10,6 @@
     extraConfig = {
       init.defaultBranch = "main";
       merge.conflictstyle = "diff3";
-      diff = {
-        tool = "kitty";
-        guitool = "kitty.gui";
-      };
-      difftool = {
-        prompt = false;
-        trustExitCode = true;
-        kitty.cmd = "${pkgs.kitty}/bin/kitty +kitten diff $LOCAL $REMOTE";
-        "kitty.gui".cmd = "${pkgs.kitty}/bin/kitty ${pkgs.kitty}/bin/kitty +kitten diff $LOCAL $REMOTE";
-      };
     };
   };
 }

config/programs/helix/default.nix

@@ -1,11 +1,14 @@
-{
+desktop: {
   system,
   pkgs,
   ...
 }: {
-  imports = [
-    ./languages.nix
-  ];
+  imports =
+    if desktop
+    then [
+      ./languages.nix
+    ]
+    else [];
   home.packages = [
     pkgs.wl-clipboard
     pkgs.xsel

config/programs/kitty.nix

@@ -1,14 +0,0 @@
-_: {
-  programs.kitty = {
-    enable = true;
-    font.name = "FiraCode Nerd Font Mono";
-    settings = {
-      disable_ligatures = "cursor";
-      shell_integration = "disabled";
-    };
-    extraConfig = ''
-      symbol_map U+F1900-U+F19FF Fairfax HD
-      narrow_symbols U+F1900-U+F19FF 2
-    '';
-  };
-}

config/programs/sway.nix

@@ -138,7 +138,6 @@ in {
         inherit (config.wayland.windowManager.sway.config) modifier;
       in
         lib.mkOptionDefault {
-          "${modifier}+Return" = "exec ${pkgs.kitty}/bin/kitty";
           "${modifier}+d" = "exec ${pkgs.wofi}/bin/wofi --show drun";
           "Print" = "mode screenshot";
           "XF86AudioRaiseVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%";

config/programs/theming.nix

@@ -26,29 +26,6 @@ in {
   qt.style.package = pkgs.libsForQt5.breeze-qt5;
   qt.style.name = "BreezeDark";
 
-  programs.kitty.settings = with theme; {
-    background = cssColor bg;
-    foreground = cssColor fg;
-    cursor = cssColor fg;
-    selection_background = "#4f414c";
-    color0 = cssColor black;
-    color1 = cssColor dark-red;
-    color2 = cssColor dark-green;
-    color3 = cssColor dark-yellow;
-    color4 = cssColor dark-blue;
-    color5 = cssColor dark-magenta;
-    color6 = cssColor dark-cyan;
-    color7 = cssColor light-grey;
-    color8 = cssColor dark-grey;
-    color9 = cssColor red;
-    color10 = cssColor green;
-    color11 = cssColor yellow;
-    color12 = cssColor blue;
-    color13 = cssColor magenta;
-    color14 = cssColor cyan;
-    color15 = cssColor white;
-  };
-
   programs.waybar.style = with theme; ''
     * {
       border: none;

config/programs/zsh.nix

@@ -1,11 +1,11 @@
-_: {
+desktop: _: {
   programs = {
     zsh = {
       enable = true;
       enableAutosuggestions = true;
       enableCompletion = true;
       enableSyntaxHighlighting = true;
-      enableVteIntegration = true;
+      enableVteIntegration = desktop;
       autocd = true;
     };
   };

config/workarounds/default.nix

@@ -37,14 +37,6 @@ in {
           };
         });
         inherit (noto-variable) noto-fonts-cjk;
-        kitty = prev.kitty.overrideAttrs (old: {
-          patches =
-            old.patches
-            ++ [
-              ../../extra/kitty.patch
-            ];
-          installCheckPhase = "true";
-        });
         nix = nix-packages.packages.${system}.nix-s3-dedup.overrideAttrs (old: rec {
           postPatchPhase = ''
             sed 's/getBoolAttr."allowSubstitutes", true./true/' src/libstore/parsed-derivations.cc
@@ -76,10 +68,6 @@ in {
               maintainers = with maintainers; [ma27];
             };
           };
-        dovecot = prev.dovecot.overrideAttrs (old: rec {
-          checkPhase = "true";
-          installCheckPhase = "true";
-        });
         element-web = prev.callPackage ../../packages/element-web.nix {};
       }
       // nix-packages.packages.${system})

flake.nix

@@ -95,10 +95,10 @@ rec {
         name = "nas"; # My nas
         system = "x86_64-linux";
       }
-      #{
-      #  name = "rpi2"; # Raspberry Pi 2
-      #  system = "armv7l-linux";
-      #}
+      {
+        name = "aarch64-kexec"; # kexec tarball for aarch64
+        system = "aarch64-linux";
+      }
     ];
   in rec {
     nixosConfigurations = builtins.listToAttrs (map
@@ -166,6 +166,7 @@ rec {
         systems))
       // {
         inherit devShell;
+        aarch64-kexec-tarball = nixosConfigurations.aarch64-kexec.config.system.build.kexec_tarball;
         # Uncomment the line to build an installer image
         # This is EXTREMELY LARGE and will make builds take forever
         # installer.x86_64-linux = nixosConfigurations.installer.config.system.build.isoImage;