forked from DGNum/liminix
Compare commits
17 commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
1322de1ee0 | ||
|
|
9490822c1a | ||
|
|
0c6d26b4fc | ||
|
|
c5c82a5391 | ||
|
|
92594b3b64 | ||
|
|
9f9ade29f4 | ||
|
|
d6c976f8a1 | ||
|
|
1598d59ca7 | ||
|
|
4dabd970f0 | ||
|
|
473d6acc3d | ||
|
|
b8caddae08 | ||
|
|
d02397cd65 | ||
|
|
24443628a1 | ||
|
|
c515e4354b | ||
|
|
1a607ef8ed | ||
|
|
9b03b4355b | ||
|
|
752ff19e21 |
13 changed files with 107 additions and 16 deletions
|
|
@ -12,6 +12,7 @@ in
|
|||
"${modulesPath}/hardware.nix"
|
||||
"${modulesPath}/base.nix"
|
||||
"${modulesPath}/busybox.nix"
|
||||
"${modulesPath}/iproute2.nix"
|
||||
"${modulesPath}/hostname.nix"
|
||||
"${modulesPath}/kernel"
|
||||
"${modulesPath}/s6"
|
||||
|
|
|
|||
|
|
@ -4,9 +4,10 @@
|
|||
|
||||
{
|
||||
imports = [
|
||||
./base.nix
|
||||
./base.nix
|
||||
./bridge
|
||||
./busybox.nix
|
||||
./iproute2.nix
|
||||
./dhcp6c
|
||||
./jitter-rng
|
||||
./dnsmasq
|
||||
|
|
|
|||
|
|
@ -130,7 +130,7 @@ in {
|
|||
nixpkgs.buildPlatform = lib.mkDefault builtins.currentSystem;
|
||||
|
||||
defaultProfile.packages = with pkgs;
|
||||
[ s6 s6-init-bin execline s6-linux-init s6-rc ];
|
||||
[ s6 s6-init-bin execline s6-linux-init s6-rc iproute2 ];
|
||||
# Set the useful PS1 prompt by default.
|
||||
defaultProfile.environmentVariables.PS1 = lib.mkDefault config.defaultProfile.prompt;
|
||||
|
||||
|
|
|
|||
|
|
@ -9,8 +9,7 @@
|
|||
|
||||
{ lib, pkgs, config, ...}:
|
||||
let
|
||||
inherit (lib) mkOption types;
|
||||
inherit (pkgs.liminix.services) oneshot;
|
||||
inherit (lib) mkOption types mkEnableOption;
|
||||
inherit (pkgs) liminix;
|
||||
in
|
||||
{
|
||||
|
|
@ -35,6 +34,20 @@ in
|
|||
default = null;
|
||||
description = "reuse mac address from an existing interface service";
|
||||
};
|
||||
|
||||
untagged = {
|
||||
enable = mkEnableOption "untagged frames on port VID";
|
||||
pvid = mkOption {
|
||||
type = types.nullOr types.int;
|
||||
default = null;
|
||||
description = "Port VLAN ID for egress untagged frames";
|
||||
};
|
||||
default-pvid = mkOption {
|
||||
type = types.int;
|
||||
default = 0;
|
||||
description = "Default PVID for ingress untagged frames, defaults to 0, which disable untagged frames for ingress";
|
||||
};
|
||||
};
|
||||
};
|
||||
members = config.system.callService ./members.nix {
|
||||
primary = mkOption {
|
||||
|
|
|
|||
|
|
@ -3,17 +3,22 @@
|
|||
, ifwait
|
||||
, lib
|
||||
}:
|
||||
{ ifname, macAddressFromInterface ? null } :
|
||||
{ ifname, macAddressFromInterface ? null, untagged } :
|
||||
let
|
||||
inherit (liminix.services) bundle oneshot;
|
||||
inherit (lib) mkOption types optional;
|
||||
inherit (liminix.services) oneshot;
|
||||
inherit (lib) optional optionalString;
|
||||
# This enables vlan_filtering if we do make use of it.
|
||||
extra = if untagged.enable then " vlan_filtering 1 vlan_default_pvid ${toString untagged.default-pvid}" else "";
|
||||
in oneshot rec {
|
||||
name = "${ifname}.link";
|
||||
up = ''
|
||||
${if macAddressFromInterface == null then
|
||||
"ip link add name ${ifname} type bridge"
|
||||
"ip link add name ${ifname} type bridge${extra}"
|
||||
else
|
||||
"ip link add name ${ifname} address $(output ${macAddressFromInterface} ether) type bridge"}
|
||||
"ip link add name ${ifname} address $(output ${macAddressFromInterface} ether) type bridge${extra}"}
|
||||
|
||||
${optionalString untagged.enable
|
||||
"bridge vlan add vid ${toString untagged.pvid} dev ${ifname} pvid untagged self"}
|
||||
|
||||
(in_outputs ${name}
|
||||
echo ${ifname} > ifname
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ let
|
|||
"comm" "cp" "cpio" "cut" "date" "dhcprelay" "dd" "df" "dirname" "dmesg"
|
||||
"du" "echo" "egrep" "env" "expand" "expr" "false" "fdisk" "fgrep" "find"
|
||||
"free" "fuser" "grep" "gunzip" "gzip" "head" "hexdump" "hostname" "hwclock"
|
||||
"ifconfig" "ip" "ipaddr" "iplink" "ipneigh" "iproute" "iprule" "kill"
|
||||
"ifconfig" "ipneigh" "kill"
|
||||
"killall" "killall5" "less" "ln" "ls" "lsattr" "lsof" "md5sum" "mkdir"
|
||||
"mknod" "mktemp" "mount" "mv" "nc" "netstat" "nohup" "od" "pgrep" "pidof"
|
||||
"ping" "ping6" "pkill" "pmap" "printenv" "printf" "ps" "pwd" "readlink"
|
||||
|
|
|
|||
28
modules/iproute2.nix
Normal file
28
modules/iproute2.nix
Normal file
|
|
@ -0,0 +1,28 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
let
|
||||
inherit (lib) mkEnableOption mkPackageOption mkIf genAttrs;
|
||||
inherit (pkgs.pseudofile) dir symlink;
|
||||
cfg = config.programs.iproute2;
|
||||
minimalPrograms = [
|
||||
"ip"
|
||||
"devlink"
|
||||
"ss"
|
||||
"bridge"
|
||||
"genl"
|
||||
"ifstat"
|
||||
"nstat"
|
||||
];
|
||||
links = genAttrs minimalPrograms (p: symlink "${cfg.package}/bin/${p}");
|
||||
in
|
||||
{
|
||||
options.programs.iproute2 = {
|
||||
enable = mkEnableOption "the iproute2 programs instead of busybox variants";
|
||||
package = mkPackageOption pkgs "iproute2" { };
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
filesystem = dir {
|
||||
bin = dir links;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -54,7 +54,7 @@ in
|
|||
mount -t sysfs none /sys
|
||||
${busybox}/bin/sh
|
||||
'';
|
||||
refs = pkgs.writeReferencesToFile busybox;
|
||||
refs = pkgs.writeClosure [ busybox ];
|
||||
in runCommand "initramfs.cpio" {} ''
|
||||
cat << SPECIALS | ${gen_init_cpio}/bin/gen_init_cpio /dev/stdin > out
|
||||
dir /proc 0755 0 0
|
||||
|
|
|
|||
|
|
@ -33,6 +33,11 @@ in
|
|||
description = "VLAN identifier (VID) in range 1-4094";
|
||||
type = types.str;
|
||||
};
|
||||
untagged.egress = mkOption {
|
||||
description = "Whether packets from this interface will go out *untagged*";
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
};
|
||||
config.kernel.config = {
|
||||
VLAN_8021Q = "y";
|
||||
|
|
|
|||
|
|
@ -2,13 +2,15 @@
|
|||
liminix
|
||||
, lib
|
||||
}:
|
||||
{ ifname, primary, vid } :
|
||||
{ ifname, primary, vid, untagged } :
|
||||
let
|
||||
inherit (lib) optionalString;
|
||||
inherit (liminix.services) oneshot;
|
||||
in oneshot rec {
|
||||
name = "${ifname}.link";
|
||||
up = ''
|
||||
ip link add link $(output ${primary} ifname) name ${ifname} type vlan id ${vid}
|
||||
${optionalString untagged.egress "bridge vlan add dev ${ifname} vid ${toString untagged.vid} pvid untagged master"}
|
||||
${liminix.networking.ifup name ifname}
|
||||
(in_outputs ${name}
|
||||
echo ${ifname} > ifname
|
||||
|
|
|
|||
29
overlay.nix
29
overlay.nix
|
|
@ -141,7 +141,9 @@ extraPkgs // {
|
|||
repo = "hostapd";
|
||||
rev = "hostap-liminix-integration";
|
||||
hash = "sha256-5Xi90keCHxvuKR5Q7STuZDzuM9h9ac6aWoXVQYvqkQI=";
|
||||
};
|
||||
};
|
||||
# Do not take any patch.
|
||||
patches = [];
|
||||
extraConfig = "";
|
||||
configurePhase = ''
|
||||
cat > hostapd/defconfig <<EOF
|
||||
|
|
@ -184,6 +186,7 @@ extraPkgs // {
|
|||
rev = "hostap-liminix-integration";
|
||||
hash = "sha256-5Xi90keCHxvuKR5Q7STuZDzuM9h9ac6aWoXVQYvqkQI=";
|
||||
};
|
||||
patches = [];
|
||||
extraConfig = "";
|
||||
configurePhase = ''
|
||||
cat > hostapd/defconfig <<EOF
|
||||
|
|
@ -194,6 +197,30 @@ extraPkgs // {
|
|||
});
|
||||
in h.override { openssl = null; sqlite = null; };
|
||||
|
||||
libnl = prev.libnl.override {
|
||||
graphviz = null;
|
||||
};
|
||||
|
||||
iproute2 =
|
||||
let i = prev.iproute2.overrideAttrs (old: {
|
||||
postInstall = ''
|
||||
${(old.postInstall or "")}
|
||||
non_necessary_binaries=("tc" "rdma" "dcb" "tipc" "vdpa")
|
||||
for needless_binary in "''${non_necessary_binaries[@]}"; do
|
||||
echo "Removing unnecessary binary $out/sbin/$needless_binary"
|
||||
rm "$out/sbin/$needless_binary"
|
||||
done
|
||||
# No man
|
||||
rm -rf "$out/share"
|
||||
# Remove all the data about distributions for tc.
|
||||
rm -rf "$out/lib"
|
||||
'';
|
||||
});
|
||||
# Don't bring ebpf stuff to the table.
|
||||
# We also remove tc so we can drop iptables as well.
|
||||
# Let's try to kill `db` as well.
|
||||
in i.override { elfutils = null; iptables = null; db = null; };
|
||||
|
||||
wpa_supplicant = prev.wpa_supplicant.override {
|
||||
dbusSupport = false;
|
||||
withPcsclite = false;
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
, pkgsBuildBuild
|
||||
, runCommand
|
||||
, cpio
|
||||
, writeReferencesToFile
|
||||
, writeClosure
|
||||
, writeScript
|
||||
} :
|
||||
let
|
||||
|
|
@ -18,7 +18,7 @@ let
|
|||
mount -t sysfs none /sys
|
||||
${busybox}/bin/sh
|
||||
'';
|
||||
refs = writeReferencesToFile busybox;
|
||||
refs = writeClosure [ busybox ];
|
||||
in runCommand "initramfs.cpio" { } ''
|
||||
cat << SPECIALS | ${gen_init_cpio}/bin/gen_init_cpio /dev/stdin > out
|
||||
dir /proc 0755 0 0
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@
|
|||
writeScriptBin
|
||||
, writeScript
|
||||
, systemconfig
|
||||
, stdenv
|
||||
, execline
|
||||
, lib
|
||||
, config ? {}
|
||||
|
|
@ -56,11 +57,19 @@ let
|
|||
};
|
||||
eval = lib.evalModules {
|
||||
modules = [
|
||||
{ _module.args = { inherit pkgs; inherit (pkgs) lim; }; }
|
||||
../../modules/base.nix
|
||||
../../modules/users.nix
|
||||
../../modules/busybox.nix
|
||||
../../modules/hostname.nix
|
||||
../../modules/misc/assertions.nix
|
||||
../../modules/nixpkgs.nix
|
||||
base
|
||||
{
|
||||
# Inherit from that target system host platform.
|
||||
nixpkgs.hostPlatform = stdenv.hostPlatform;
|
||||
# Force our own package set.
|
||||
nixpkgs.pkgs = lib.mkForce pkgs;
|
||||
}
|
||||
({ ... } : paramConfig)
|
||||
../../modules/s6
|
||||
];
|
||||
|
|
|
|||
Loading…
Reference in a new issue