Daniel Barlow
80639a7256
add firewallgen package, which creates an nft script
2023-06-18 17:40:16 +01:00
Daniel Barlow
3f4dbfcfd3
ipv6 prefix delegation for rotuer
...
much tidying needed, but it works
2023-05-31 23:29:05 +01:00
Daniel Barlow
fdffdbb22a
add writeFennelScript function, make ifwait use it
2023-05-29 20:20:12 +01:00
Daniel Barlow
447f068569
partly support getting IPv6 addresses
...
- gets interface id from ppp
- runs odhcpc to get RA and prefix delegation
- doesn't do anything useful with the data yet
2023-05-24 23:01:50 +01:00
Daniel Barlow
339c2d9873
upgrade to ppp 2.5.0
2023-05-22 23:31:57 +01:00
Daniel Barlow
39b09df4d7
liminix-rebuild: test if nix-build succeeds
2023-05-20 22:30:22 +01:00
Daniel Barlow
ea2f48cfc9
liminix-rebuild copy nix-store-paths to /persist
2023-05-20 21:55:37 +01:00
Daniel Barlow
b0098f1c8e
move min-list-garbage into min-collect-garbage pkg
...
we don't want it in the same package as min-copy-closure as
that depends on bash
2023-05-20 21:55:23 +01:00
Daniel Barlow
68ab6faeb3
write etc/nix-store-paths in systemConfiguration
2023-05-19 23:57:50 +01:00
Daniel Barlow
00aeb81811
min-list-garbage: check all store paths against file
...
this is step 1 of min-collect-garbage, no point implementing
deletion ourselves when rm -r exists
(arguably no point in implementing any of it, but this is the bit we
can't do efficiently in bourne shell - it means we're reading the
store-paths list once instead of grepping it afresh for every entry in
/nix/store/)
2023-05-19 23:49:11 +01:00
Daniel Barlow
a809c28dde
liminix-rebuild source /etc/profile to get PATH for reboot
2023-05-18 22:43:08 +01:00
Daniel Barlow
292a4c4d46
liminix-rebuild: put activate in /persist
2023-05-17 22:49:10 +01:00
Daniel Barlow
b1f4db00a0
add liminix-rebuild command
2023-05-17 15:38:22 +01:00
Daniel Barlow
ddd7b68b30
min-copy-closure: remove verbose output
2023-05-11 23:52:13 +01:00
Daniel Barlow
cc6c790746
set up path for min-copy-closure
2023-05-07 22:51:10 +01:00
Daniel Barlow
bcf5dac5d7
min-copy-closure: honour $SSH_COMMAND env var
2023-05-07 22:07:35 +01:00
Daniel Barlow
1c002c4065
min-copy-closure: improve output
2023-05-07 22:06:49 +01:00
Daniel Barlow
74f2aa6247
initramfs-peek: an initramfs image with a shell, for debugging
2023-05-06 23:03:51 +01:00
Daniel Barlow
888a0d5f74
mips-vm: allow env var to override la network interface
...
this is handy if you want to connect to it from the host
for e.g. seeing if min-copy-closure works
2023-05-06 23:01:56 +01:00
Daniel Barlow
30153a2d4e
add min-copy-closure, a minimal nix-copy-closure substitute
2023-05-06 22:47:03 +01:00
Daniel Barlow
28264febdb
add smaller-than-gnu "hello world" package
2023-04-23 20:56:20 +01:00
Daniel Barlow
65dfbad365
systemconfig: chown files if uid/gid > 0
2023-04-15 22:53:28 +01:00
Daniel Barlow
5dd0c6e3c0
rewrite preinit as very small C program
...
By using the kernel "nolibc" header to avoid requiring a C library, we
can bring the initramfs size to around 4k
This does involve a tiny bit of inline mips assembly which I'm not
sure about. gcc seems unwilling to generate the code to load $gp at
function entry of main(), so we do it by hand - but I'd rather find
out why gcc doesn't.
2023-04-15 18:27:39 +01:00
Daniel Barlow
11f2715d18
mips-vm: enlarge mtd
2023-04-15 17:22:35 +01:00
Daniel Barlow
1cc0b13b57
rewrite systemconfig in C and link statically
...
systemconfig (a.k.a "activate") is run from the initramfs. Converting
it from a shell script to an executable means it doesn't depend on
there being a shell in the initramfs
2023-04-15 17:21:27 +01:00
Daniel Barlow
c744ef8c17
systemconfig: accept uid and gid options
...
all we do with them is assert they're zero, to unbreak CI.
This code is getting rewritten anyway
2023-04-14 23:19:56 +01:00
Brian McKenna
fb796e61e0
pseudofile: allow setting uid and gid of files
...
Necessary for Dropbear to accept non-root authorized_keys files.
2023-04-14 23:12:52 +01:00
Daniel Barlow
2e15acd61c
whitespace
2023-04-10 17:46:39 +01:00
Daniel Barlow
54a1ab3529
support jffs2, with initramfs
...
the jffs2 filesystem contains only /nix/store and a script which is
run in early init (initramfs) and is responsible for recreating
"traditional" directories (/bin /etc/**/* /var &c) based on the
configuration.
this is tested only in qemu so far and could use some cleanup
2023-04-04 23:35:49 +01:00
Daniel Barlow
25d9da967c
remove support for sockets in pseudofiles
...
(1) we can't make them on a real filesystem except by running
something that calls socket()
(2) whyever would we want to?
2023-04-04 23:23:22 +01:00
Daniel Barlow
aa1a2e5d75
package gen_init_cpio, tool for making an initramfs
2023-04-04 22:54:20 +01:00
Daniel Barlow
f02efa3fe3
refactor
2023-04-04 21:11:28 +01:00
Daniel Barlow
342c87b256
qemu: boot from mtd using mtd2block
...
doesn't make much difference for squashfs but this will make it much
simpler to test jffs2/ubifs
2023-04-04 21:07:02 +01:00
Daniel Barlow
07e7d63ade
fixup 98243d43da
2023-04-02 18:46:27 +01:00
Daniel Barlow
98243d43da
add mtdutils mkfs.jffs2 --graft option
...
we'd like a bit more of the convenience of mksquashfs
(never thought I'd say _that_) for jffs2, in particular
not having to copy all the desired store paths into a
single directory just so we can create an image from them
2023-03-31 23:42:13 +01:00
Daniel Barlow
a172180be8
don't set lua5_3 in overlay
...
sphinx depends on lua5_3, so overriding it globally means rebuilding
that - which isn't really necessary
2023-03-24 23:43:13 +00:00
Daniel Barlow
3608cc5e33
add kenrel command line cookie to mips-vm script
2023-03-24 18:48:38 +00:00
Daniel Barlow
a5cfa37ed3
unify kernel command line handling
...
We now use MIPS_CMDLINE_DTB_EXTEND for all boot varieties
(tftpboot, flash boot, kexec) with the addition of
MIPS_BOOTLOADER_CMDLINE_REQUIRE_COOKIE - local patch -
so that the bootloader args are ignored unless they
contain the string "liminix"
2023-03-23 22:24:44 +00:00
Daniel Barlow
4b19568f1b
add kexecboot
...
This allows booting a new image from a running OS, creating a
phram mtd for the root squashfs
* enable CONFIG_KEXEC
* add modules/kexecboot
* patch kexec-tools to add --map-file option for the squashfs
* patch kernel kexec code to call new kernel with DTB
2023-03-19 20:25:43 +00:00
Daniel Barlow
429ffa8e7d
make applyPatches work for ramips
2023-03-19 20:25:23 +00:00
Daniel Barlow
efd878dc5e
extract common code for patching kernel source fdorm openwrt
2023-03-18 19:17:58 +00:00
Daniel Barlow
a4e1dcedd3
redirect stderr
2023-03-10 23:39:53 +00:00
Daniel Barlow
225fc6fe51
configurable busybox
...
allows modules to add to the busybox applets and change config
2023-03-10 18:40:45 +00:00
Daniel Barlow
91c0147919
set hostname before dhcp client runs
2023-03-08 22:11:59 +00:00
Daniel Barlow
70f8f5ecfd
remove hostapd debugging flag
2023-03-07 19:11:25 +00:00
Daniel Barlow
e86e9430fc
vlans and mt300a wired network interfaces
2023-03-07 19:10:12 +00:00
Daniel Barlow
06687a819a
udhcpc notify when ready
2023-03-07 19:06:40 +00:00
Daniel Barlow
f9f9720ba7
${!foo} doesn't work in ash, switch to printenv
2023-03-07 19:05:58 +00:00
Daniel Barlow
1565a8414d
remove inadvertant references to bash
2023-03-06 17:48:31 +00:00
Daniel Barlow
83e56a3a90
add swconfig package
2023-03-05 22:32:56 +00:00
Daniel Barlow
2787e6a230
reformat qprint substitutions
2023-03-05 21:33:51 +00:00
Daniel Barlow
a8cb872859
add service name to log lines
2023-03-04 23:08:25 +00:00
Daniel Barlow
5427456c21
rename notificationFd to notification-fd
...
it's perfectly valid syntax and consistent with the s6 spelling
2023-03-04 21:19:30 +00:00
Daniel Barlow
25a46dcb2c
escape $ in pseudofile
...
this is needed to write /etc/passwd when it contains $5$....
strings
2023-03-04 00:23:21 +00:00
Daniel Barlow
38756af1c1
add in_outputs shell function which ensures umask is set
2023-03-03 23:07:03 +00:00
Daniel Barlow
fd500041fa
move new packages to pkgs/default.nix
2023-03-03 22:21:27 +00:00
Daniel Barlow
adc198b3af
WIP push to see what passes
2023-03-01 22:24:58 +00:00
Daniel Barlow
fc4f726dd6
make hostapd service depend on its interface
2023-03-01 18:16:01 +00:00
Daniel Barlow
626a365f79
replace waitup with more generally useful ifwait
...
* wait for $interface present before ip link set up dev
* wait for wlan0 running before adding to bridge
2023-03-01 18:16:01 +00:00
Daniel Barlow
14dacb8056
update netlink-lua to latest
2023-02-28 20:56:19 +00:00
Daniel Barlow
ea2c5e158d
add missing argument
2023-02-26 17:54:58 +00:00
Daniel Barlow
c37332910a
add option to provide dnsmasq resolv-file from a service
2023-02-25 22:53:50 +00:00
Daniel Barlow
59ce03630a
consistent ownership/permissions for /run/service-state/**
2023-02-25 22:53:06 +00:00
Daniel Barlow
228b270385
pppoe: capture nameserver addresses as outputs
2023-02-25 20:31:41 +00:00
Daniel Barlow
3b75cadb20
improve bridge support
...
instead of a bridge specifiying its members (not ideal if they're
not all always up), the member interfaces specify their primary
2023-02-24 23:49:05 +00:00
Daniel Barlow
8194e909ac
fix typo, remove debug spew
2023-02-24 23:22:28 +00:00
Daniel Barlow
03aec58c2c
add "waitup", s6 readiness helper for network interfaces
...
run e.g. "waitup wlan0 10" to wait until wlan0 is operationally
up and running, and then send a newline to file descriptor 10
2023-02-24 23:22:28 +00:00
Daniel Barlow
3e1082ad18
allow interface service to specify dependencies
2023-02-22 19:18:59 +00:00
Daniel Barlow
751920c8fc
qemu: switch to building wireless as kernel modules
...
This is a hefty change
* add support for kernel backports project
* build wireless stack/drivers as modules from a backported kernel
* create a service to load/unload the modules
2023-02-22 18:41:41 +00:00
Daniel Barlow
891db9edc5
kernel derivation: add output for module support
2023-02-22 18:33:17 +00:00
Daniel Barlow
05576eeb94
harcode paths for kpppoed, add port num in config
2023-02-17 00:09:02 +00:00
Daniel Barlow
b438a0fd17
handlersocket must be bound before calling select()
...
this is due to a rather odd (imo) decision in luasocket which
says that the underlying socket (and therefore its file
descriptor) isn't actually created until we call something
that lets it work out whether ipv4 or ipv6
2023-02-15 22:06:28 +00:00
Daniel Barlow
2388e4ca24
recvfrom(-1) is not the same as recvfrom()
2023-02-15 22:06:28 +00:00
Daniel Barlow
f98b9c5c97
add README to say where Tufted came from
2023-02-15 22:06:28 +00:00
Daniel Barlow
1a29e2ba0f
use locally modified tftp.lua instead of upstream tufty
2023-02-15 22:06:28 +00:00
Daniel Barlow
118f78f334
remove "using luasocket" message
2023-02-15 22:06:28 +00:00
Daniel Barlow
a258456f25
check return value of bind
...
is common to forget to run this as root, in which case we would like
to see the permission denied error when it tries to open port 69
2023-02-15 22:06:28 +00:00
Daniel Barlow
71e37f1b96
update listen
docstring
2023-02-15 22:06:28 +00:00
Daniel Barlow
55688c14ed
pass remote host and port to callback as params 2..3
...
This allows the callback to handle the response differently
depending on who is asking - for example, to refuse requests
from clients on a blocklist
2023-02-15 22:06:28 +00:00
Daniel Barlow
59c0881235
remove unhelpful debug message
2023-02-15 22:06:28 +00:00
Daniel Barlow
1b372bcb2b
simpler eof handling
2023-02-15 22:06:28 +00:00
Daniel Barlow
b84a6e0aa5
fix poll() to not mutate its parameter
2023-02-15 22:06:28 +00:00
Daniel Barlow
d729709869
remove nixio support
2023-02-15 22:06:28 +00:00
Daniel Barlow
740314b329
added at 3cb95c869e2fe74cc61ca303d88af6c5daad6734
2023-02-15 22:06:28 +00:00
Daniel Barlow
e84833e52f
WIP create VM for pppoe and tftpd
2023-02-15 22:06:28 +00:00
Daniel Barlow
8cead61740
convert devices from overlay to module
...
this makes it possible for devices to stash things in
`config` (e.g. pathname to DTS) that can later be overwritten
(even by the end user)
2023-02-10 17:54:33 +00:00
Daniel Barlow
1dc9770dbc
turn run-qemu.sh and connect-qemu scripts into buildEnv commands
2023-02-08 22:49:10 +00:00
Daniel Barlow
4addcbbd51
turn run-qemu.sh script into mips-vm buildEnv command
2023-02-08 22:17:06 +00:00
Daniel Barlow
cc7daeabb3
add routeros to overlay
2023-02-08 18:13:35 +00:00
Daniel Barlow
52d8c03ddd
update tufted for nixpkgs fennel changes
2023-02-07 23:42:19 +00:00
Daniel Barlow
76243d306c
remove checkedConfig, check all the config
2022-10-19 22:09:38 +01:00
Daniel Barlow
9c5b5a54e2
remove unneeded Kconfig.local handling
2022-10-19 18:23:20 +01:00
Daniel Barlow
f1b7780537
speed up kernel build
...
by having two separate derivations for patching the kernel source tree
and building it, we have to copy said source trees from one store
location to another which takes non-neglible time on spinning rust
(literally minutes on my machine). Replace with a single derivation
that can do more things on one tree in-place
2022-10-19 17:34:22 +01:00
Daniel Barlow
e7987c9520
add build-host tftp server
2022-10-04 23:08:43 +01:00
Daniel Barlow
e9f04931fa
improve syntax for accessing service outputs
2022-10-02 16:35:55 +01:00
Daniel Barlow
f030efbd49
extract "service" function to reduce duplicated code
2022-10-02 14:44:29 +01:00
Daniel Barlow
da8866a01a
first pass at a hostapd service, rough around the edges
2022-10-02 10:04:35 +01:00
Daniel Barlow
c320d0afc7
add dnsmasq and example config for it
...
would be good to move more of this into a module, but that
doesn't sit well with the (potential) ability to run more than one
dnsmasq service, as modules are singletons
2022-09-28 21:33:18 +01:00
Daniel Barlow
dfdaa27f39
make ppp log to stderr not syslog
2022-09-27 22:57:06 +01:00
Daniel Barlow
0632b5102e
remove .service/.target/.bundle etc suffixes on service names
...
they don't seem to be providing value
2022-09-27 22:56:53 +01:00