DGNum/liminix
12
0
Fork 2
Code Issues 16 Pull requests 11 Projects Releases Packages Wiki Activity Actions

Compare commits

base: DGNum:main
Branches Tags
DGNum:main
DGNum:mdebray/readable-name
DGNum:openwrt-exporter
DGNum:mdebray/fix-13156
DGNum:mdebray/usteer
DGNum:usteer
DGNum:hostapd-exporter
DGNum:mdebray/mac-personalisation
DGNum:mdebray/iproute2-small
DGNum:give-it-a-nand
DGNum:limiswitch
DGNum:port-upstream-liminix
DGNum:switch-tool
DGNum:hostapd-ubus
DGNum:seedrng
DGNum:zyxel-activation
lbailly:systemd
lbailly:shell-customization
lbailly:seedrng
lbailly:CI
lbailly:multi-vm-ci
lbailly:strong-tftp
lbailly:main
lbailly:zyxel-activation
..
compare: lbailly:shell-customization
Branches Tags
lbailly:systemd
lbailly:shell-customization
lbailly:seedrng
lbailly:CI
lbailly:multi-vm-ci
lbailly:strong-tftp
lbailly:main
lbailly:zyxel-activation
DGNum:main
DGNum:mdebray/readable-name
DGNum:openwrt-exporter
DGNum:mdebray/fix-13156
DGNum:mdebray/usteer
DGNum:usteer
DGNum:hostapd-exporter
DGNum:mdebray/mac-personalisation
DGNum:mdebray/iproute2-small
DGNum:give-it-a-nand
DGNum:limiswitch
DGNum:port-upstream-liminix
DGNum:switch-tool
DGNum:hostapd-ubus
DGNum:seedrng
DGNum:zyxel-activation

No commits in common. "main" and "shell-customization" have entirely different histories.
main ... shell-cust

13 changed files with 16 additions and 107 deletions
Show stats Expand all files Collapse all files

1
lib/eval-config.nix
View file

@ -12,7 +12,6 @@ in
"${modulesPath}/hardware.nix" "${modulesPath}/hardware.nix"
"${modulesPath}/base.nix" "${modulesPath}/base.nix"
"${modulesPath}/busybox.nix" "${modulesPath}/busybox.nix"
"${modulesPath}/iproute2.nix"
"${modulesPath}/hostname.nix" "${modulesPath}/hostname.nix"
"${modulesPath}/kernel" "${modulesPath}/kernel"
"${modulesPath}/s6" "${modulesPath}/s6"

1
modules/all-modules.nix
View file

@ -7,7 +7,6 @@
./base.nix ./base.nix
./bridge ./bridge
./busybox.nix ./busybox.nix
./iproute2.nix
./dhcp6c ./dhcp6c
./jitter-rng ./jitter-rng
./dnsmasq ./dnsmasq

2
modules/base.nix
View file

@ -130,7 +130,7 @@ in {
nixpkgs.buildPlatform = lib.mkDefault builtins.currentSystem; nixpkgs.buildPlatform = lib.mkDefault builtins.currentSystem;
defaultProfile.packages = with pkgs; defaultProfile.packages = with pkgs;
[ s6 s6-init-bin execline s6-linux-init s6-rc iproute2 ]; [ s6 s6-init-bin execline s6-linux-init s6-rc ];
# Set the useful PS1 prompt by default. # Set the useful PS1 prompt by default.
defaultProfile.environmentVariables.PS1 = lib.mkDefault config.defaultProfile.prompt; defaultProfile.environmentVariables.PS1 = lib.mkDefault config.defaultProfile.prompt;

17
modules/bridge/default.nix
View file

@ -9,7 +9,8 @@
{ lib, pkgs, config, ...}: { lib, pkgs, config, ...}:
let let
inherit (lib) mkOption types mkEnableOption; inherit (lib) mkOption types;
inherit (pkgs.liminix.services) oneshot;
inherit (pkgs) liminix; inherit (pkgs) liminix;
in in
{ {
@ -34,20 +35,6 @@ in
default = null; default = null;
description = "reuse mac address from an existing interface service"; description = "reuse mac address from an existing interface service";
}; };
untagged = {
enable = mkEnableOption "untagged frames on port VID";
pvid = mkOption {
type = types.nullOr types.int;
default = null;
description = "Port VLAN ID for egress untagged frames";
};
default-pvid = mkOption {
type = types.int;
default = 0;
description = "Default PVID for ingress untagged frames, defaults to 0, which disable untagged frames for ingress";
};
};
}; };
members = config.system.callService ./members.nix { members = config.system.callService ./members.nix {
primary = mkOption { primary = mkOption {

15
modules/bridge/primary.nix
View file

@ -3,22 +3,17 @@
, ifwait , ifwait
, lib , lib
}: }:
{ ifname, macAddressFromInterface ? null, untagged } : { ifname, macAddressFromInterface ? null } :
let let
inherit (liminix.services) oneshot; inherit (liminix.services) bundle oneshot;
inherit (lib) optional optionalString; inherit (lib) mkOption types optional;
# This enables vlan_filtering if we do make use of it.
extra = if untagged.enable then " vlan_filtering 1 vlan_default_pvid ${toString untagged.default-pvid}" else "";
in oneshot rec { in oneshot rec {
name = "${ifname}.link"; name = "${ifname}.link";
up = '' up = ''
${if macAddressFromInterface == null then ${if macAddressFromInterface == null then
"ip link add name ${ifname} type bridge${extra}" "ip link add name ${ifname} type bridge"
else else
"ip link add name ${ifname} address $(output ${macAddressFromInterface} ether) type bridge${extra}"} "ip link add name ${ifname} address $(output ${macAddressFromInterface} ether) type bridge"}
${optionalString untagged.enable
"bridge vlan add vid ${toString untagged.pvid} dev ${ifname} pvid untagged self"}
(in_outputs ${name} (in_outputs ${name}
echo ${ifname} > ifname echo ${ifname} > ifname

2
modules/busybox.nix
View file

@ -37,7 +37,7 @@ let
"comm" "cp" "cpio" "cut" "date" "dhcprelay" "dd" "df" "dirname" "dmesg" "comm" "cp" "cpio" "cut" "date" "dhcprelay" "dd" "df" "dirname" "dmesg"
"du" "echo" "egrep" "env" "expand" "expr" "false" "fdisk" "fgrep" "find" "du" "echo" "egrep" "env" "expand" "expr" "false" "fdisk" "fgrep" "find"
"free" "fuser" "grep" "gunzip" "gzip" "head" "hexdump" "hostname" "hwclock" "free" "fuser" "grep" "gunzip" "gzip" "head" "hexdump" "hostname" "hwclock"
"ifconfig" "ipneigh" "kill" "ifconfig" "ip" "ipaddr" "iplink" "ipneigh" "iproute" "iprule" "kill"
"killall" "killall5" "less" "ln" "ls" "lsattr" "lsof" "md5sum" "mkdir" "killall" "killall5" "less" "ln" "ls" "lsattr" "lsof" "md5sum" "mkdir"
"mknod" "mktemp" "mount" "mv" "nc" "netstat" "nohup" "od" "pgrep" "pidof" "mknod" "mktemp" "mount" "mv" "nc" "netstat" "nohup" "od" "pgrep" "pidof"
"ping" "ping6" "pkill" "pmap" "printenv" "printf" "ps" "pwd" "readlink" "ping" "ping6" "pkill" "pmap" "printenv" "printf" "ps" "pwd" "readlink"

28
modules/iproute2.nix
View file

@ -1,28 +0,0 @@
{ config, pkgs, lib, ... }:
let
inherit (lib) mkEnableOption mkPackageOption mkIf genAttrs;
inherit (pkgs.pseudofile) dir symlink;
cfg = config.programs.iproute2;
minimalPrograms = [
"ip"
"devlink"
"ss"
"bridge"
"genl"
"ifstat"
"nstat"
];
links = genAttrs minimalPrograms (p: symlink "${cfg.package}/bin/${p}");
in
{
options.programs.iproute2 = {
enable = mkEnableOption "the iproute2 programs instead of busybox variants";
package = mkPackageOption pkgs "iproute2" { };
};
config = mkIf cfg.enable {
filesystem = dir {
bin = dir links;
};
};
}

2
modules/outputs/initramfs.nix
View file

@ -54,7 +54,7 @@ in
mount -t sysfs none /sys mount -t sysfs none /sys
${busybox}/bin/sh ${busybox}/bin/sh
''; '';
refs = pkgs.writeClosure [ busybox ]; refs = pkgs.writeReferencesToFile busybox;
in runCommand "initramfs.cpio" {} '' in runCommand "initramfs.cpio" {} ''
cat << SPECIALS | ${gen_init_cpio}/bin/gen_init_cpio /dev/stdin > out cat << SPECIALS | ${gen_init_cpio}/bin/gen_init_cpio /dev/stdin > out
dir /proc 0755 0 0 dir /proc 0755 0 0

5
modules/vlan/default.nix
View file

@ -33,11 +33,6 @@ in
description = "VLAN identifier (VID) in range 1-4094"; description = "VLAN identifier (VID) in range 1-4094";
type = types.str; type = types.str;
}; };
untagged.egress = mkOption {
description = "Whether packets from this interface will go out *untagged*";
type = types.bool;
default = false;
};
}; };
config.kernel.config = { config.kernel.config = {
VLAN_8021Q = "y"; VLAN_8021Q = "y";

4
modules/vlan/service.nix
View file

@ -2,15 +2,13 @@
liminix liminix
, lib , lib
}: }:
{ ifname, primary, vid, untagged } : { ifname, primary, vid } :
let let
inherit (lib) optionalString;
inherit (liminix.services) oneshot; inherit (liminix.services) oneshot;
in oneshot rec { in oneshot rec {
name = "${ifname}.link"; name = "${ifname}.link";
up = '' up = ''
ip link add link $(output ${primary} ifname) name ${ifname} type vlan id ${vid} ip link add link $(output ${primary} ifname) name ${ifname} type vlan id ${vid}
${optionalString untagged.egress "bridge vlan add dev ${ifname} vid ${toString untagged.vid} pvid untagged master"}
${liminix.networking.ifup name ifname} ${liminix.networking.ifup name ifname}
(in_outputs ${name} (in_outputs ${name}
echo ${ifname} > ifname echo ${ifname} > ifname

27
overlay.nix
View file

@ -142,8 +142,6 @@ extraPkgs // {
rev = "hostap-liminix-integration"; rev = "hostap-liminix-integration";
hash = "sha256-5Xi90keCHxvuKR5Q7STuZDzuM9h9ac6aWoXVQYvqkQI="; hash = "sha256-5Xi90keCHxvuKR5Q7STuZDzuM9h9ac6aWoXVQYvqkQI=";
}; };
# Do not take any patch.
patches = [];
extraConfig = ""; extraConfig = "";
configurePhase = '' configurePhase = ''
cat > hostapd/defconfig <<EOF cat > hostapd/defconfig <<EOF
@ -186,7 +184,6 @@ extraPkgs // {
rev = "hostap-liminix-integration"; rev = "hostap-liminix-integration";
hash = "sha256-5Xi90keCHxvuKR5Q7STuZDzuM9h9ac6aWoXVQYvqkQI="; hash = "sha256-5Xi90keCHxvuKR5Q7STuZDzuM9h9ac6aWoXVQYvqkQI=";
}; };
patches = [];
extraConfig = ""; extraConfig = "";
configurePhase = '' configurePhase = ''
cat > hostapd/defconfig <<EOF cat > hostapd/defconfig <<EOF
@ -197,30 +194,6 @@ extraPkgs // {
}); });
in h.override { openssl = null; sqlite = null; }; in h.override { openssl = null; sqlite = null; };
libnl = prev.libnl.override {
graphviz = null;
};
iproute2 =
let i = prev.iproute2.overrideAttrs (old: {
postInstall = ''
${(old.postInstall or "")}
non_necessary_binaries=("tc" "rdma" "dcb" "tipc" "vdpa")
for needless_binary in "''${non_necessary_binaries[@]}"; do
echo "Removing unnecessary binary $out/sbin/$needless_binary"
rm "$out/sbin/$needless_binary"
done
# No man
rm -rf "$out/share"
# Remove all the data about distributions for tc.
rm -rf "$out/lib"
'';
});
# Don't bring ebpf stuff to the table.
# We also remove tc so we can drop iptables as well.
# Let's try to kill `db` as well.
in i.override { elfutils = null; iptables = null; db = null; };
wpa_supplicant = prev.wpa_supplicant.override { wpa_supplicant = prev.wpa_supplicant.override {
dbusSupport = false; dbusSupport = false;
withPcsclite = false; withPcsclite = false;

4
pkgs/initramfs-peek/default.nix
View file

@ -3,7 +3,7 @@
, pkgsBuildBuild , pkgsBuildBuild
, runCommand , runCommand
, cpio , cpio
, writeClosure , writeReferencesToFile
, writeScript , writeScript
} : } :
let let
@ -18,7 +18,7 @@ let
mount -t sysfs none /sys mount -t sysfs none /sys
${busybox}/bin/sh ${busybox}/bin/sh
''; '';
refs = writeClosure [ busybox ]; refs = writeReferencesToFile busybox;
in runCommand "initramfs.cpio" { } '' in runCommand "initramfs.cpio" { } ''
cat << SPECIALS | ${gen_init_cpio}/bin/gen_init_cpio /dev/stdin > out cat << SPECIALS | ${gen_init_cpio}/bin/gen_init_cpio /dev/stdin > out
dir /proc 0755 0 0 dir /proc 0755 0 0

11
pkgs/levitate/default.nix
View file

@ -2,7 +2,6 @@
writeScriptBin writeScriptBin
, writeScript , writeScript
, systemconfig , systemconfig
, stdenv
, execline , execline
, lib , lib
, config ? {} , config ? {}
@ -57,19 +56,11 @@ let
}; };
eval = lib.evalModules { eval = lib.evalModules {
modules = [ modules = [
{ _module.args = { inherit pkgs; inherit (pkgs) lim; }; }
../../modules/base.nix ../../modules/base.nix
../../modules/users.nix ../../modules/users.nix
../../modules/busybox.nix ../../modules/busybox.nix
../../modules/hostname.nix
../../modules/misc/assertions.nix
../../modules/nixpkgs.nix
base base
{
# Inherit from that target system host platform.
nixpkgs.hostPlatform = stdenv.hostPlatform;
# Force our own package set.
nixpkgs.pkgs = lib.mkForce pkgs;
}
({ ... } : paramConfig) ({ ... } : paramConfig)
../../modules/s6 ../../modules/s6
]; ];