Commit graph

338 commits

Author SHA1 Message Date
Daniel Barlow
28a5dec7dd implement ifwait trigger service and use in bridge
should we convert all ifwait uses to this trigger too? seems
reasonable
2024-03-28 20:59:39 +00:00
Daniel Barlow
fad0a47b75 add config.system.callService
this is like pkgs.callService except that it passes
config.system.service as a param so that the service
being defined can invoke other services

if this proves to be a good idea, all uses of
pkgs.callService should be changed to use it instead
2024-03-28 20:59:39 +00:00
Daniel Barlow
1a314e55b7 firewall module: provide default rules and merge extraRules
a firewall with no configuration will get a relatively sane ruleset. a
firewall with `extraRules` will get them deep merged into the default
rules.  Specifying `rules` will override the defaults
2024-03-21 12:00:34 +00:00
Daniel Barlow
9263b21faa create gateway profile by extracting from rotuer example 2024-03-21 10:04:42 +00:00
Florian Klink
436eb03a7b tftpboot: use commandLineDtbNode
config.boot.commandLineDtbNode can be set from `bootargs` to
`bootargs-override` (used for boards where the u-boot on the board does
set `bootargs` on its own).

In that case, the code updating the cmdline for tftpboot purposes also
needs to update this node, not the `bootargs` node.

Otherwise the kernel won't find the phram device, as it never heard
about it, as it didn't get the necessary cmdline options.
2024-03-16 20:06:38 +02:00
Daniel Barlow
9d6e50cbbc extract extneder example to a "profile"
this is a bit of an experiment to reduce the copy-paste in
examples by turning them into "application" modules.

planning to follow up with another module for "wifi router"
2024-02-27 23:13:12 +00:00
Daniel Barlow
94dbc56595 fix doc 2024-02-27 20:08:30 +00:00
Daniel Barlow
2cd7f932eb alignment may be null 2024-02-27 19:47:46 +00:00
Raito Bezarius
d6ffdd7be6 devices/zyxel-nwa50ax: expose primary and secondary images
To support A/B a bit better.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:57:34 +01:00
Raito Bezarius
422f3edab1 modules/zyxel-dual-image: init
This adds a simple boot blessing module, to be used, with the Zyxel NWA50AX.

There's a lot of elephant in the rooms: how do you upgrade kernel, etc.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:48:50 +01:00
Raito Bezarius
c14b2f6356 modules/busybox: add dhcprelay
This enables to run a DHCP relay from multiple interfaces.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:48:50 +01:00
Raito Bezarius
63007859c2 modules/outputs/zyxel-nwa-fit: init
Zyxel "firmware" format is just… a FIT with some metadata on the models.

This FIT is like this:

--------------------------
    uImage FIT header
--------------------------
    Linux kernel
--------------------------
    FDT DTB
--------------------------
    Padding so that
    this makes
    8192kb [1]
--------------------------
    UBI volume
    as a root filesystem
--------------------------

We just reproduce this in a very brutal and naive way.
In the future, this seems worth to generalize and modularize this idea
so that zyxel-nwa-fit is just an instance of a more general output.

[1]: https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob;f=target/linux/ramips/image/mt7621.mk;h=ab1b829ba0086cb9fc9ca8cbbf3cbc14735034d6;hb=refs/heads/main#l3097

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-18 20:30:41 +01:00
Raito Bezarius
e9ab8d7183 modules/outputs/ubivolume: introduce ubinization
It creates an UBI image based on an UBI volume configuration.

For now, it creates only an empty rootfs.
2024-02-18 20:30:41 +01:00
Raito Bezarius
3dc58de0eb modules/outputs: expose commandLineDtbNode option
We allow `bootargs` and `bootargs-override` for now only.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-18 20:30:41 +01:00
Raito Bezarius
dde8386f75 builders/uimage: support aligning the FIT
This is necessary when writing to a MTD partition with a certain erasesize.
2024-02-18 20:30:41 +01:00
Raito Bezarius
c59364d623 modules/outputs/ubifs: expose rootubifs rather than rootfs
I believe there should be another module exposing `rootubifs` as `rootfs`
or let any other module just subsume that component like `zyxel-nwa-fit` output.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-18 20:30:41 +01:00
Raito Bezarius
b76c5b4abe modules/ubifs: revamp to offer directly access to the UBIfs partition
Adds the LEB and PEB option and let the user remove the boot image in case
where U-Boot does not support UBI boot.
2024-02-18 20:30:41 +01:00
Daniel Barlow
4bcc3d5b28 dhcpc6 scripts: simplify (and improve correctness) 2024-02-16 18:47:12 +00:00
Daniel Barlow
c373152673 make tftpboot work on devices with old u-boot
Some devices have a U-boot variant that does not accept a third
parameter on the "bootm" command, meaning we can't override the dtb
in the bootloader so have to smush it back into the kernel image

This doesn't work in QEMU but I think the problem is with the
U-Boot configuration for QEMU. It does work on at least one
hardware device so I'm pushing it anyway

Based on
https://gti.telent.net/raboof/liminix/src/branch/tftp-old-uboot

Co-authored-by:  Arnout Engelen <arnout@bzzt.net>
2024-02-15 23:44:47 +00:00
Daniel Barlow
7e7171556f subdue dnsmasq logs
we need to find a better way of doing this. people might _want_
to have All The Logs from evey dns query
2024-02-15 23:43:54 +00:00
Daniel Barlow
ffe0e9d26b use mkstate for dropbear keys 2024-02-13 22:12:26 +00:00
Daniel Barlow
2b22c7aa91 dnsmasq: store dhcp lease file on /persist 2024-02-13 21:54:45 +00:00
Daniel Barlow
3c950704e1 rename /run/service-state to /run/services/outputs 2024-02-13 21:41:43 +00:00
Daniel Barlow
3851698d35 fix tftpboot compressed rootfs 2024-02-13 18:16:17 +00:00
Daniel Barlow
f69ebbb6f5 fix doc CI target 2024-02-13 15:41:45 +00:00
Daniel Barlow
16e4b05653 dhcp6c: set preferred and valid address lifetimes
also workaround a bug in rebinding/updates where we get an error
from "ip addr add" trying to add an address that's already present
2024-02-13 13:49:12 +00:00
Daniel Barlow
65479e206b use regular kernel not backports for mac80211
the kernel on most devices is now newer than the version that the
backported drivers were backported from
2024-02-12 20:41:10 +00:00
Daniel Barlow
b9c0d93670 build modules at same time as main kernel vmlinux
This changes the practice for building kernel modules: now we expect
that the appropriate Kconfig symbols are set to =m in
config.kernel.config, and then use pkgs.kmodloader to create
a service that loads and unloads all the modules depended on by
a particular requirement.

Note that modules won't be installed on the target device just by
virue of having been built: only the modules that are referenced by a
kmodloader package will be in the closure.

An example may make this clearer: see modules/firewall/default.nix
in this commit.

Why?

If you have a compiled Linux kernel source tree and you change some
symbol from "is not set" to m and then run make modules, you cannot in
general expect that newly compiled module to work. This is because
there are places in the build of the main kernel where it looks to see
which modules _may_ be defined and uses that information to
accommodate them.

For example in an in-kernel build of

  https://github.com/torvalds/linux/blob/master/net/netfilter/core.c#L689

some symbols are defined only if CONFIG_NF_CONNTRACK is set, meaning
this code won't work if we have it unset initially then try later to
enable it and build modules only. Or see

  https://github.com/torvalds/linux/blob/master/include/linux/netdevice.h#L160
2024-02-11 23:47:11 +00:00
Daniel Barlow
dce983ec79 move kernel module to its own subdir 2024-02-11 18:15:55 +00:00
Daniel Barlow
812f497660 add kernel.version param to allow for version-specific patches
default to 5.15.137 to avoid breaking the devices that don't declare it
2024-02-11 16:19:52 +00:00
dan
273c66b2d3 Merge pull request 'Add support for TP-Link Archer AX23' (#6) from raboof/liminix:add-archer-ax23-v1-bak into main
Reviewed-on: https://gti.telent.net/dan/liminix/pulls/6
2024-02-08 17:47:46 +00:00
Daniel Barlow
6f1f9d6f20 firewall: fix module loading 2024-02-07 23:43:41 +00:00
Daniel Barlow
34291292c0 fix dependency on kernel moduels in firewall service 2024-02-07 16:21:14 +00:00
Arnout Engelen
61494fdc0c
Add tplink module for creating 'safeloader' images 2024-02-06 17:59:38 +01:00
Daniel Barlow
c8154a2db9 kernel: add "conditional" config
imagine: you are using a device that requires
CONFIG_MYDEVICE_FROBOZZ_DRIVER but only if CONFIG_FROBOZZ has been
specified elsewhere. Because we check that every requested config
symbol actually appears in .config then it can't be added
unconditionally or the build will fail if CONFIG_FROBOZZ wasn't asked
for.

I'm not 100% happy about this design but it's the best I've thought of
so far.
2024-02-04 18:12:15 +00:00
Daniel Barlow
89c88dd472 specify type for rootDevice module option 2024-02-02 19:50:13 +00:00
Daniel Barlow
c1ad139310 whitespace 2024-02-02 19:43:34 +00:00
Daniel Barlow
9e199c6957 tftpboot: compute dtbSize *after* changing dtb
Adding the reserved-memory node to the dtb can cause it to grow
by enough that it needs an extra page - this will overlap the start
of the kernel image if we calculate offsets based on the original size

Reported-by: sinavir
Authored-by: sinavir
2024-01-26 22:51:58 +00:00
Daniel Barlow
dd8ec18881 restore boot.tftp.freeSpaceBytes 2024-01-26 22:46:36 +00:00
Daniel Barlow
c219350d7c add usb storage for turris omnia
ideally we would make this a module instead of compiling in
directly
2024-01-26 22:46:36 +00:00
Daniel Barlow
c1101d3af5 make extlinux work with liminix-rebuild
add /boot to the systemConfiguration closure
2024-01-08 18:58:07 +00:00
Daniel Barlow
228c0a1668 pass rootOptions config as rootflags= kernel cmdline opt 2024-01-08 18:54:49 +00:00
Daniel Barlow
7bc9cb6c55 why is extlink hardcoding root device? 2024-01-07 20:30:23 +00:00
Daniel Barlow
3c941b4ce2 partial btrfs support
doesn't actually know how to make the filesystem, just
kernel config and accept it as a valid option
2024-01-07 16:43:43 +00:00
Daniel Barlow
2a93f24a58 add turris "schnapps" tool
in its current state this is useful for turris omnia only, but will
allow us to do installs and rollback to turris os if needed.
2024-01-05 00:07:01 +00:00
Daniel Barlow
64898eada8 mount tmpfs on /tmp
too much stuff doesn't work without it and it's not
all worth patching
2024-01-04 23:22:02 +00:00
Daniel Barlow
ff991508ae build kernel only once for multiple outputs
e.g. vmlinux + zImage
2024-01-02 19:40:57 +00:00
Daniel Barlow
921b4f24af boot.scr: append ; not \n to lzmadec command
this is simply to make copy-paste slightly more convenient
2024-01-01 20:21:42 +00:00
Daniel Barlow
ec1ff283da vmdisk output: allow extra params to run.sh 2023-12-29 18:12:57 +00:00
Daniel Barlow
0bf98c5243 add output for u-boot 2023-12-29 17:07:47 +00:00
Daniel Barlow
dbf1ecdcb7 swap zimage and dtb in ram
kernel uncompression code creates a stack directly
after the compressed payload, which was trashing the dtb
2023-12-23 15:38:32 +00:00
Daniel Barlow
1042be912c turris omnia: switch to regular tftpboot output
now it does zimage and rootfs compression
2023-12-23 00:05:34 +00:00
Daniel Barlow
c931d84828 tftproot: put command line in dtb 2023-12-23 00:05:34 +00:00
Daniel Barlow
64a3f50248 tftpboot: support compressed root 2023-12-23 00:05:34 +00:00
Daniel Barlow
c5e9fcecc7 uninit var 2023-12-23 00:05:34 +00:00
Daniel Barlow
f25c41b4d2 tftpboot: move things around in memory
new layout has rootfs followed by kernel and dtb, so that we
know the rootfs start and size to embed them into the dtb instead
of having to use dummy values and fill them in afterwards
2023-12-23 00:05:34 +00:00
Daniel Barlow
bfa68d9c55 remove unused variable 2023-12-23 00:05:34 +00:00
Daniel Barlow
ff0ef825a6 tftpboot: add option for kernel image format 2023-12-23 00:05:34 +00:00
Daniel Barlow
44a0cf364b remove boot-scr output, merge into tftpboot
(1) it creates two things (script and dtb); (2) it's a bit pointless
without the tftpboot output it depends on
2023-12-22 21:37:15 +00:00
Daniel Barlow
c7b2733bea tftpbootlz: put command line in dtb
this makes boot.scr substantially shorter, in anticipation of using it
for first boot of the omnia and not wanting to embed an essay in
a setenv value
2023-12-22 20:09:44 +00:00
Daniel Barlow
dfbc72dd51 tftpboot test: fix reserved-memory dt for aarch64 2023-12-22 17:37:53 +00:00
Daniel Barlow
231c2cef03 make reserved-memory work on mips, and improve test 2023-12-21 22:21:20 +00:00
Daniel Barlow
32c13c46bb support aarch64 in tftpboot test 2023-12-19 12:12:12 +00:00
Daniel Barlow
9ca9723c9d make rootfs work with tftpbootlz 2023-12-17 19:39:26 +00:00
Daniel Barlow
d1e2d525a4 tftpboot omnia using bootz not bootm
because kernel size is now beyond the u-boot size
limit for bootm
2023-12-16 23:40:55 +00:00
Daniel Barlow
80528376a2 move o.systemConfiguration to initramfs module
as far as I can tell, we define it identically in every module
that uses initramfs
2023-12-11 21:47:15 +00:00
Daniel Barlow
d707345891 rename rootfsFiles to rootdir, add bootablerootdir 2023-12-11 21:21:12 +00:00
Daniel Barlow
601bb289ee rename diskimage to mbrimage 2023-12-11 19:09:19 +00:00
Daniel Barlow
876bd7d8ce rename flashimage to mtdimage 2023-12-11 19:09:18 +00:00
Daniel Barlow
4ddce6e926 fix the tests we broke 2023-12-10 17:12:57 +00:00
Daniel Barlow
5eeb277564 move output module imports example -> device
The outputs available are a characteristic of the device, not
the example.
2023-12-10 16:38:53 +00:00
Daniel Barlow
c81e7c4d35 move all output modules to subdirectory, trash standard.nix
standard.nix isn't, is the essence here. Not all devices
support flashimage as it is currently defined - some
have diskimage, some have neither
2023-12-10 15:23:12 +00:00
Daniel Barlow
4229b42d82 make config.hardware.dts.src nullable
This is for QEMU where we won't have to provide a dtb because the
device tree is built by the platform according the (emulated) hardware
present.

Maybe in future there will be other hardware devices where we
don't need to provide a dtb.
2023-12-09 15:51:30 +00:00
Daniel Barlow
03b17fa3ed add zImage output 2023-12-07 22:31:26 +00:00
Daniel Barlow
a8891461aa use devtmpfs in initramfs
static device nodes don't work with virtio
2023-12-07 20:03:03 +00:00
Daniel Barlow
5adfb0230f WIP generate bootable disk image with partition table 2023-12-05 23:54:09 +00:00
Daniel Barlow
3f74fad966 don't double-json the command line 2023-12-05 17:32:18 +00:00
Daniel Barlow
ed925588f7 extract common code to make root filesystem hierarchy
which is then used by the filesystem image creators (ubifs, ext4,
jffs2 etc)
2023-12-05 17:32:18 +00:00
Daniel Barlow
98d3336926 rewrite run-liminix-vm as a fennel program
the effect of shell quoting/word splitting rules was reaching
completely unreasonable, insofar as I was unable to reason about it
2023-12-03 22:51:39 +00:00
Daniel Barlow
bb335050fd derivation that produces /boot 2023-12-02 15:31:55 +00:00
Daniel Barlow
e518ab667b make job control work in console shell 2023-11-29 19:49:51 +00:00
Daniel Barlow
cc73a98419 support setting network device names
this means that net devices in devices/foo/default.nix can be
specified by their sysfs paths (instead of by "eth0" and "eth1" that
may change from one kernel version to the next) and given mnenomic
names that are helpful for the hardware. Like "wan" and "lan[1..4]"
2023-11-26 23:15:28 +00:00
Daniel Barlow
27ce61ae4e add bootable config for Turris Omnia 2023-11-24 23:29:12 +00:00
Daniel Barlow
3df34428d6 remove unneeded login and getty applets 2023-11-23 20:01:13 +00:00
Daniel Barlow
62c788eb86 add hook to run maintenance mode instead of rebooting 2023-11-22 00:05:55 +00:00
Daniel Barlow
bab6d346a8 add .../s6/bin to PATH for shutdownd 2023-11-22 00:05:03 +00:00
Daniel Barlow
a202ae476a extract console redirection stuff from "quit" function
so we can use it for scripts that don't reboot at their end
2023-11-21 23:32:37 +00:00
Daniel Barlow
7c9297f91d use shotdown instead of hpr in .s6-svscan/SIGFOO
this is to bring them into line with what more recent
s6-init-linux-maker creates
2023-11-21 23:19:00 +00:00
Daniel Barlow
a0bd250963 switch from getty to root shell on console
this just makes things marginally simpler
2023-11-21 23:09:48 +00:00
Daniel Barlow
e5223f093f kernel.src may be a path not just a package
this makes it easier to hack the kernel locally and test things
2023-11-18 14:21:18 +00:00
Daniel Barlow
f9f4d97bb8 convert flash params to int 2023-11-12 20:39:06 +00:00
Daniel Barlow
abfb35a231 and entryPoint 2023-11-12 18:50:47 +00:00
Daniel Barlow
315907de98 convert hardware loadAddress to int 2023-11-12 18:47:31 +00:00
Daniel Barlow
185117843b convert tftp.loadAddress from string to int 2023-11-12 18:37:33 +00:00
Daniel Barlow
3da692f7ef don't import flashimage unconditionally, it breaks qemu 2023-11-12 18:11:13 +00:00
Daniel Barlow
f61e737b54 improve doc for outputs and hardware
Changed my mind about "installer" as a first-class concept, at least
in the current implementation. Not every documented output is an
installer
2023-11-12 17:15:58 +00:00
Daniel Barlow
7cfb92e3ce more doc 2023-11-10 21:17:20 +00:00
Daniel Barlow
a9760d239c basic doc for flashimage installer 2023-11-09 22:43:50 +00:00
Daniel Barlow
7d5c7b9b44 export evaluation from default.nix and use it for docs 2023-11-09 22:14:31 +00:00
Daniel Barlow
23b3a2baef extract vmroot output into its own file 2023-11-08 23:19:11 +00:00