b9c0d93670
This changes the practice for building kernel modules: now we expect that the appropriate Kconfig symbols are set to =m in config.kernel.config, and then use pkgs.kmodloader to create a service that loads and unloads all the modules depended on by a particular requirement. Note that modules won't be installed on the target device just by virue of having been built: only the modules that are referenced by a kmodloader package will be in the closure. An example may make this clearer: see modules/firewall/default.nix in this commit. Why? If you have a compiled Linux kernel source tree and you change some symbol from "is not set" to m and then run make modules, you cannot in general expect that newly compiled module to work. This is because there are places in the build of the main kernel where it looks to see which modules _may_ be defined and uses that information to accommodate them. For example in an in-kernel build of https://github.com/torvalds/linux/blob/master/net/netfilter/core.c#L689 some symbols are defined only if CONFIG_NF_CONNTRACK is set, meaning this code won't work if we have it unset initially then try later to enable it and build modules only. Or see https://github.com/torvalds/linux/blob/master/include/linux/netdevice.h#L160 |
||
---|---|---|
devices | ||
doc | ||
examples | ||
modules | ||
pkgs | ||
tests | ||
.gitignore | ||
bordervm-configuration.nix | ||
bordervm.conf-example.nix | ||
ci.nix | ||
CODE-OF-CONDUCT.md | ||
CONTRIBUTING.md | ||
default.nix | ||
LICENSE | ||
nat.nft | ||
NEWS | ||
overlay.nix | ||
README.md | ||
shell.nix | ||
STYLE.md | ||
THOUGHTS.txt | ||
vanilla-configuration.nix |
Liminix
A Nix-based system for configuring consumer wifi routers or IoT device devices, of the kind that OpenWrt or DD-WRT or Gargoyle or Tomato run on. It's a reboot/restart/rewrite of NixWRT.
This is not NixOS-on-your-router: it's aimed at devices that are underpowered for the full NixOS experience. It uses busybox tools, musl instead of GNU libc, and s6-rc instead of systemd.
The Liminix name comes from Liminis, in Latin the genitive declension of "limen", or "of the threshold". Your router stands at the threshold of your (online) home and everything you send to/receive from the outside word goes across it.
Current status (does it work yet?)
Liminix is pre-1.0. We are still finding new and better ways to do things, and there is no attempt to maintain backward compatibility with the old ways.
The NEWS file (available wherever you found this README) is a high-level overview of breaking changes.
Development mostly happens on the main
branch, which is therefore
not guaranteed to build or to work on every commit. For the latest
functioning version, see the CI system and pick a revision with all jobs green.
Documentation
Documentation is in the doc directory. You can build it by running
nix-shell -p sphinx --run "make -C doc hardware.rst html"
Rendered documentation corresponding to the latest commit on main
is published to https://www.liminix.org/doc/
Extremely online
There is a #liminix IRC channel on the OFTC
network in which you are welcome. You can also connect with a Matrix
client by joining the room #_oftc_#liminix:matrix.org
.
In the IRC channel, as in all Liminix project venues, please conduct yourself according to the Liminix Code of Conduct.