# Great overview: https://rbf.dev/blog/2020/05/custom-nixos-build-for-raspberry-pis/

# https://nixos.wiki/wiki/NixOS_on_ARM#Cross-compiling
# https://nixos.wiki/wiki/NixOS_on_ARM#Compiling_through_binfmt_QEMU
# https://nix.dev/tutorials/nixos/installing-nixos-on-a-raspberry-pi

# Using the 64-bit AArch64 image is highly recommended.
# https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi#Raspberry_Pi_3_.2F_3B.2B

{ config, pkgs, lib, ... }: {
  imports = [
    <nixpkgs/nixos/modules/installer/sd-card/sd-image-aarch64.nix>
  ];
  boot = {
    # Downstream Raspberry Pi 3 kernel.
    # New tags are published not so often ...
    # https://github.com/raspberrypi/linux/tags
    #kernelPackages = pkgs.linuxKernel.packages.linux_rpi3;
    
    # The mainline kernel is also supported.
    kernelPackages = pkgs.linuxPackages_latest;

    # TODO:
    # Not every kernel (pkgs.linuxPackages_latest) is ZFS compatible.
    # In that case, we can use mkForce to remove "zfs" from the list.
    #
    # Open issue to build two kernels, one with and one without zfs: https://github.com/NixOS/nixpkgs/issues/189184
    # List values were taken from here: https://github.com/NixOS/nixpkgs/blob/3f339f3cf44d090e2cc624f89df81fdb29810a0a/nixos/modules/profiles/base.nix#L54
    supportedFilesystems = lib.mkForce [ "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "ntfs" "cifs" ];
  };
  # Compression takes loads of time with emulation, skip it.
  sdImage.compressImage = false;
  services.openssh = {
    enable = true;
    settings.PasswordAuthentication = false;
  };
  users.users."root".openssh.authorizedKeys.keys = [
    (builtins.readFile ./assets/ssh/nitrokey.pub)
  ];
  hardware.enableRedistributableFirmware = true;
  system.stateVersion = "23.11";
}