nixos/raspberry/sd-card-zero.nix

{ 
  config,
  lib,
  pkgs,
  ...
}:
let
  hostName = "music-bedroom";
  snapserverHost = "snapcast.cloonar.com";
  # customNixpkgs = fetchTarball {
  #   url = "https://github.com/NixOS/nixpkgs/archive/refs/tags/23.11.tar.gz";
  #   sha256 = "sha256:1ndiv385w1qyb3b18vw13991fzb9wg4cl21wglk89grsfsnra41k";
  # };
  # pkgs = import customNixpkgs {};
in
{
  nixpkgs.hostPlatform.system = "aarch64-linux";
  nixpkgs.buildPlatform.system = "x86_64-linux"; # Change if building on a different architecture
  imports = [
    <nixpkgs/nixos/modules/installer/sd-card/sd-image-aarch64.nix>
    "${builtins.fetchGit { url = "https://github.com/NixOS/nixos-hardware.git"; }}/raspberry-pi/4"
    # "${builtins.fetchTarball "https://github.com/NixOS/nixos-hardware/archive/master.tar.gz"}/raspberry-pi/4"
  ];

  nix.settings.trusted-users = [ "root" "dominik" ];

  swapDevices = [ { device = "/swapfile"; size = 2048; } ]; # 2GB swap

  networking.hostName = hostName;
  networking.wireless = {
    enable = true;
    networks = {
      "Cloonar-Multimedia" = {
        hidden = true;
        psk = "K2MC28Zhk$4zsx6Y";
      };
    };
  };
  networking.firewall.logRefusedConnections = false;

  hardware.deviceTree.enable = true;
  hardware.raspberry-pi."4".apply-overlays-dtmerge.enable = true;
  systemd.services = {
    "load-dacplus-overlay" = {
      serviceConfig = {
        Type = "oneshot";
      };
      wantedBy = ["multi-user.target"];
      script = ''
        ${pkgs.libraspberrypi}/bin/dtoverlay -d ${config.boot.kernelPackages.kernel}/dtbs/overlays/ hifiberry-dacplus || echo "already in use"
      '';
    };
  };

  # sound.enable = true;
  # hardware.pulseaudio.enable = true;

  systemd.services.snapclient = {
    description = "Snapcast client";
    wantedBy = ["multi-user.target"];
    wants = ["network-online.target"];
    after = ["network-online.target"];

    serviceConfig = {
      Type = "forking";
      ExecStart = "${pkgs.snapcast}/bin/snapclient --daemon --hostID ${config.networking.hostName} -h ${snapserverHost} --player alsa";
      PIDFile = "/run/snapclient/pid";
      Restart = "on-failure";
      RestartSec = "5s";
      DynamicUser = true;
      SupplementaryGroups = "audio";
      RuntimeDirectory = "snapclient";
    };
  };

  services.openssh.enable = true;
  users = {
	  mutableUsers = false;
    users.root = {
      hashedPassword = lib.mkForce "$6$7IKExnDde920x.YH$ggegnnKJYdmg1Wt33fxuPpM.MmIaX32LXVyjL8ed7ohT385lKotFGzRpitncQ3pd9Lci1QCFGRn2tVJGxkFAm0";
      openssh.authorizedKeys.keys = [
        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDN/2SAFm50kraB1fepAizox/QRXxB7WbqVbH+5OPalDT47VIJGNKOKhixQoqhABHxEoLxdf/C83wxlCVlPV9poLfDgVkA3Lyt5r3tSFQ6QjjOJAgchWamMsxxyGBedhKvhiEzcr/Lxytnoz3kjDG8fqQJwEpdqMmJoMUfyL2Rqp16u+FQ7d5aJtwO8EUqovhMaNO7rggjPpV/uMOg+tBxxmscliN7DLuP4EMTA/FwXVzcFNbOx3K9BdpMRAaSJt4SWcJO2cS2KHA5n/H+PQI7nz5KN3Yr/upJN5fROhi/SHvK39QOx12Pv7FCuWlc+oR68vLaoCKYhnkl3DnCfc7A7"
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIRQuPqH5fdX3KEw7DXzWEdO3AlUn1oSmtJtHB71ICoH Generated By Termius"
      ];
    };
  };

  # NTP time sync
  services.timesyncd.enable = true;

  # Reduce GPU memory
  # Disable onboard audio
  boot.kernelParams = [
    "console=ttyAMA0,115200"
    "console=tty1"
    "cma=64M"
    "snd_bcm2835.enable=0"
  ];

  # Enable firmware for Raspberry Pi
  hardware.enableRedistributableFirmware = true;

  system.stateVersion = "23.11";

  sdImage = {
    compressImage = false;
    imageBaseName = "nixos-rpi-zero-2w";
  };
}