forked from DGNum/liminix
Compare commits
17 commits
Author | SHA1 | Date | |
---|---|---|---|
|
1322de1ee0 | ||
|
9490822c1a | ||
|
0c6d26b4fc | ||
|
c5c82a5391 | ||
|
92594b3b64 | ||
|
9f9ade29f4 | ||
|
d6c976f8a1 | ||
|
1598d59ca7 | ||
|
4dabd970f0 | ||
|
473d6acc3d | ||
|
b8caddae08 | ||
|
d02397cd65 | ||
|
24443628a1 | ||
|
c515e4354b | ||
|
1a607ef8ed | ||
|
9b03b4355b | ||
|
752ff19e21 |
20 changed files with 171 additions and 418 deletions
12
default.nix
12
default.nix
|
@ -25,13 +25,7 @@ let
|
||||||
|
|
||||||
eval = evalModules {
|
eval = evalModules {
|
||||||
modules = [
|
modules = [
|
||||||
({ lib, pkgs, ... }: {
|
{
|
||||||
_module.args = {
|
|
||||||
utils = import "${nixpkgs}/nixos/lib/utils.nix" {
|
|
||||||
inherit lib pkgs;
|
|
||||||
config.systemd.globalEnvironment = {};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
nixpkgs = {
|
nixpkgs = {
|
||||||
source = nixpkgs;
|
source = nixpkgs;
|
||||||
overlays = [ overlay ];
|
overlays = [ overlay ];
|
||||||
|
@ -39,7 +33,7 @@ let
|
||||||
"python-2.7.18.8"
|
"python-2.7.18.8"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
})
|
}
|
||||||
device.module
|
device.module
|
||||||
liminix-config
|
liminix-config
|
||||||
];
|
];
|
||||||
|
@ -63,7 +57,7 @@ let
|
||||||
];
|
];
|
||||||
}).config.system;
|
}).config.system;
|
||||||
in {
|
in {
|
||||||
inherit evalModules config;
|
inherit evalModules;
|
||||||
|
|
||||||
outputs = config.system.outputs // {
|
outputs = config.system.outputs // {
|
||||||
default = config.system.outputs.${config.hardware.defaultOutput};
|
default = config.system.outputs.${config.hardware.defaultOutput};
|
||||||
|
|
|
@ -12,9 +12,10 @@ in
|
||||||
"${modulesPath}/hardware.nix"
|
"${modulesPath}/hardware.nix"
|
||||||
"${modulesPath}/base.nix"
|
"${modulesPath}/base.nix"
|
||||||
"${modulesPath}/busybox.nix"
|
"${modulesPath}/busybox.nix"
|
||||||
|
"${modulesPath}/iproute2.nix"
|
||||||
"${modulesPath}/hostname.nix"
|
"${modulesPath}/hostname.nix"
|
||||||
"${modulesPath}/kernel"
|
"${modulesPath}/kernel"
|
||||||
"${modulesPath}/systemd"
|
"${modulesPath}/s6"
|
||||||
"${modulesPath}/users.nix"
|
"${modulesPath}/users.nix"
|
||||||
"${modulesPath}/outputs.nix"
|
"${modulesPath}/outputs.nix"
|
||||||
"${modulesPath}/nixpkgs.nix"
|
"${modulesPath}/nixpkgs.nix"
|
||||||
|
|
|
@ -7,6 +7,7 @@
|
||||||
./base.nix
|
./base.nix
|
||||||
./bridge
|
./bridge
|
||||||
./busybox.nix
|
./busybox.nix
|
||||||
|
./iproute2.nix
|
||||||
./dhcp6c
|
./dhcp6c
|
||||||
./jitter-rng
|
./jitter-rng
|
||||||
./dnsmasq
|
./dnsmasq
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
## ============
|
## ============
|
||||||
|
|
||||||
|
|
||||||
{ lib, pkgs, utils, config, ...}:
|
{ lib, pkgs, config, ...}:
|
||||||
let
|
let
|
||||||
inherit (lib) mkEnableOption mkOption types isDerivation hasAttr concatStringsSep mapAttrsToList;
|
inherit (lib) mkEnableOption mkOption types isDerivation hasAttr concatStringsSep mapAttrsToList;
|
||||||
inherit (pkgs.pseudofile) dir symlink;
|
inherit (pkgs.pseudofile) dir symlink;
|
||||||
|
@ -43,12 +43,9 @@ in {
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# deprecated
|
|
||||||
services = mkOption {
|
services = mkOption {
|
||||||
type = types.attrsOf type_service;
|
type = types.attrsOf type_service;
|
||||||
};
|
};
|
||||||
|
|
||||||
system.callService = mkOption {
|
system.callService = mkOption {
|
||||||
type = types.functionTo (types.functionTo types.anything);
|
type = types.functionTo (types.functionTo types.anything);
|
||||||
};
|
};
|
||||||
|
@ -132,12 +129,10 @@ in {
|
||||||
# By default, we enable cross-compilation support.
|
# By default, we enable cross-compilation support.
|
||||||
nixpkgs.buildPlatform = lib.mkDefault builtins.currentSystem;
|
nixpkgs.buildPlatform = lib.mkDefault builtins.currentSystem;
|
||||||
|
|
||||||
|
defaultProfile.packages = with pkgs;
|
||||||
|
[ s6 s6-init-bin execline s6-linux-init s6-rc iproute2 ];
|
||||||
# Set the useful PS1 prompt by default.
|
# Set the useful PS1 prompt by default.
|
||||||
defaultProfile.environmentVariables.PS1 = lib.mkDefault config.defaultProfile.prompt;
|
defaultProfile.environmentVariables.PS1 = lib.mkDefault config.defaultProfile.prompt;
|
||||||
defaultProfile.packages = with pkgs; [
|
|
||||||
# execline
|
|
||||||
systemd
|
|
||||||
];
|
|
||||||
|
|
||||||
boot.commandLine = [
|
boot.commandLine = [
|
||||||
"panic=10 oops=panic init=/bin/init loglevel=8"
|
"panic=10 oops=panic init=/bin/init loglevel=8"
|
||||||
|
|
|
@ -9,8 +9,7 @@
|
||||||
|
|
||||||
{ lib, pkgs, config, ...}:
|
{ lib, pkgs, config, ...}:
|
||||||
let
|
let
|
||||||
inherit (lib) mkOption types;
|
inherit (lib) mkOption types mkEnableOption;
|
||||||
inherit (pkgs.liminix.services) oneshot;
|
|
||||||
inherit (pkgs) liminix;
|
inherit (pkgs) liminix;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
@ -35,6 +34,20 @@ in
|
||||||
default = null;
|
default = null;
|
||||||
description = "reuse mac address from an existing interface service";
|
description = "reuse mac address from an existing interface service";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
untagged = {
|
||||||
|
enable = mkEnableOption "untagged frames on port VID";
|
||||||
|
pvid = mkOption {
|
||||||
|
type = types.nullOr types.int;
|
||||||
|
default = null;
|
||||||
|
description = "Port VLAN ID for egress untagged frames";
|
||||||
|
};
|
||||||
|
default-pvid = mkOption {
|
||||||
|
type = types.int;
|
||||||
|
default = 0;
|
||||||
|
description = "Default PVID for ingress untagged frames, defaults to 0, which disable untagged frames for ingress";
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
members = config.system.callService ./members.nix {
|
members = config.system.callService ./members.nix {
|
||||||
primary = mkOption {
|
primary = mkOption {
|
||||||
|
|
|
@ -3,17 +3,22 @@
|
||||||
, ifwait
|
, ifwait
|
||||||
, lib
|
, lib
|
||||||
}:
|
}:
|
||||||
{ ifname, macAddressFromInterface ? null } :
|
{ ifname, macAddressFromInterface ? null, untagged } :
|
||||||
let
|
let
|
||||||
inherit (liminix.services) bundle oneshot;
|
inherit (liminix.services) oneshot;
|
||||||
inherit (lib) mkOption types optional;
|
inherit (lib) optional optionalString;
|
||||||
|
# This enables vlan_filtering if we do make use of it.
|
||||||
|
extra = if untagged.enable then " vlan_filtering 1 vlan_default_pvid ${toString untagged.default-pvid}" else "";
|
||||||
in oneshot rec {
|
in oneshot rec {
|
||||||
name = "${ifname}.link";
|
name = "${ifname}.link";
|
||||||
up = ''
|
up = ''
|
||||||
${if macAddressFromInterface == null then
|
${if macAddressFromInterface == null then
|
||||||
"ip link add name ${ifname} type bridge"
|
"ip link add name ${ifname} type bridge${extra}"
|
||||||
else
|
else
|
||||||
"ip link add name ${ifname} address $(output ${macAddressFromInterface} ether) type bridge"}
|
"ip link add name ${ifname} address $(output ${macAddressFromInterface} ether) type bridge${extra}"}
|
||||||
|
|
||||||
|
${optionalString untagged.enable
|
||||||
|
"bridge vlan add vid ${toString untagged.pvid} dev ${ifname} pvid untagged self"}
|
||||||
|
|
||||||
(in_outputs ${name}
|
(in_outputs ${name}
|
||||||
echo ${ifname} > ifname
|
echo ${ifname} > ifname
|
||||||
|
|
|
@ -37,7 +37,7 @@ let
|
||||||
"comm" "cp" "cpio" "cut" "date" "dhcprelay" "dd" "df" "dirname" "dmesg"
|
"comm" "cp" "cpio" "cut" "date" "dhcprelay" "dd" "df" "dirname" "dmesg"
|
||||||
"du" "echo" "egrep" "env" "expand" "expr" "false" "fdisk" "fgrep" "find"
|
"du" "echo" "egrep" "env" "expand" "expr" "false" "fdisk" "fgrep" "find"
|
||||||
"free" "fuser" "grep" "gunzip" "gzip" "head" "hexdump" "hostname" "hwclock"
|
"free" "fuser" "grep" "gunzip" "gzip" "head" "hexdump" "hostname" "hwclock"
|
||||||
"ifconfig" "ip" "ipaddr" "iplink" "ipneigh" "iproute" "iprule" "kill"
|
"ifconfig" "ipneigh" "kill"
|
||||||
"killall" "killall5" "less" "ln" "ls" "lsattr" "lsof" "md5sum" "mkdir"
|
"killall" "killall5" "less" "ln" "ls" "lsattr" "lsof" "md5sum" "mkdir"
|
||||||
"mknod" "mktemp" "mount" "mv" "nc" "netstat" "nohup" "od" "pgrep" "pidof"
|
"mknod" "mktemp" "mount" "mv" "nc" "netstat" "nohup" "od" "pgrep" "pidof"
|
||||||
"ping" "ping6" "pkill" "pmap" "printenv" "printf" "ps" "pwd" "readlink"
|
"ping" "ping6" "pkill" "pmap" "printenv" "printf" "ps" "pwd" "readlink"
|
||||||
|
@ -65,16 +65,10 @@ in {
|
||||||
default = { };
|
default = { };
|
||||||
example = { FEATURE_DD_IBS_OBS = "y"; };
|
example = { FEATURE_DD_IBS_OBS = "y"; };
|
||||||
};
|
};
|
||||||
package = mkOption {
|
|
||||||
type = types.package;
|
|
||||||
readOnly = true;
|
|
||||||
internal = true;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
config = {
|
config = {
|
||||||
programs.busybox = {
|
programs.busybox = {
|
||||||
package = busybox;
|
|
||||||
applets = minimalApplets;
|
applets = minimalApplets;
|
||||||
options = {
|
options = {
|
||||||
ASH_ECHO = "y";
|
ASH_ECHO = "y";
|
||||||
|
|
28
modules/iproute2.nix
Normal file
28
modules/iproute2.nix
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
let
|
||||||
|
inherit (lib) mkEnableOption mkPackageOption mkIf genAttrs;
|
||||||
|
inherit (pkgs.pseudofile) dir symlink;
|
||||||
|
cfg = config.programs.iproute2;
|
||||||
|
minimalPrograms = [
|
||||||
|
"ip"
|
||||||
|
"devlink"
|
||||||
|
"ss"
|
||||||
|
"bridge"
|
||||||
|
"genl"
|
||||||
|
"ifstat"
|
||||||
|
"nstat"
|
||||||
|
];
|
||||||
|
links = genAttrs minimalPrograms (p: symlink "${cfg.package}/bin/${p}");
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options.programs.iproute2 = {
|
||||||
|
enable = mkEnableOption "the iproute2 programs instead of busybox variants";
|
||||||
|
package = mkPackageOption pkgs "iproute2" { };
|
||||||
|
};
|
||||||
|
|
||||||
|
config = mkIf cfg.enable {
|
||||||
|
filesystem = dir {
|
||||||
|
bin = dir links;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -54,7 +54,7 @@ in
|
||||||
mount -t sysfs none /sys
|
mount -t sysfs none /sys
|
||||||
${busybox}/bin/sh
|
${busybox}/bin/sh
|
||||||
'';
|
'';
|
||||||
refs = pkgs.writeReferencesToFile busybox;
|
refs = pkgs.writeClosure [ busybox ];
|
||||||
in runCommand "initramfs.cpio" {} ''
|
in runCommand "initramfs.cpio" {} ''
|
||||||
cat << SPECIALS | ${gen_init_cpio}/bin/gen_init_cpio /dev/stdin > out
|
cat << SPECIALS | ${gen_init_cpio}/bin/gen_init_cpio /dev/stdin > out
|
||||||
dir /proc 0755 0 0
|
dir /proc 0755 0 0
|
||||||
|
|
|
@ -186,11 +186,8 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
# bin = dir {
|
|
||||||
# init = symlink "${s6-init-bin}/bin/init";
|
|
||||||
# };
|
|
||||||
bin = dir {
|
bin = dir {
|
||||||
init = symlink "${pkgs.systemd}/bin/init";
|
init = symlink "${s6-init-bin}/bin/init";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
19
modules/s6/scripts/rc.shutdown
Executable file
19
modules/s6/scripts/rc.shutdown
Executable file
|
@ -0,0 +1,19 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
|
||||||
|
### Things to do before hardware halt/reboot/poweroff.
|
||||||
|
### Ideally, it should be a single call to the service manager,
|
||||||
|
### telling it to bring all the services down.
|
||||||
|
|
||||||
|
### If your s6-linux-init-maker invocation was made with the -1
|
||||||
|
### option, messages from rc.shutdown will appear on /dev/console
|
||||||
|
### as well as be logged by the catch-all logger.
|
||||||
|
### If your s6-linux-init-maker invocation did NOT include the -1
|
||||||
|
### option, messages from rc.shutdown will only be logged by the
|
||||||
|
### catch-all logger and will NOT appear on /dev/console. In order
|
||||||
|
### to print them to /dev/console instead, you may want to
|
||||||
|
### uncomment the following line:
|
||||||
|
exec >/dev/console 2>&1
|
||||||
|
|
||||||
|
### If your services are managed by s6-rc:
|
||||||
|
exec s6-rc -v2 -bDa change
|
22
modules/s6/scripts/rc.shutdown.final
Executable file
22
modules/s6/scripts/rc.shutdown.final
Executable file
|
@ -0,0 +1,22 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
|
||||||
|
## s6-linux-init-shutdownd never tells s6-svscan to exit, so if
|
||||||
|
## you're running s6-linux-init, it's normal that your
|
||||||
|
## .s6-svscan/finish script is not executed.
|
||||||
|
|
||||||
|
## The place where you want to hack things is /etc/rc.shutdown.final,
|
||||||
|
## which is run by the stage 4 script right before the hard reboot.
|
||||||
|
## So you can do dirty stuff [...] which should clean up the
|
||||||
|
## s6-supervise and the foreground, and give control to
|
||||||
|
## .s6-svscan/finish.
|
||||||
|
|
||||||
|
## -- Laurent Bercot on skaware mailing list,
|
||||||
|
## https://skarnet.org/lists/skaware/1913.html
|
||||||
|
|
||||||
|
exec >/dev/console 2>&1
|
||||||
|
|
||||||
|
# down, exit supervisor, wait, stay down
|
||||||
|
s6-svc -dxwD /run/service/s6-linux-init-shutdownd
|
||||||
|
# HUP, exit supervisor, wait, down
|
||||||
|
s6-svc -hxwd /run/service/s6-svscan-log
|
||||||
|
s6-svscanctl -b /run/service # abort
|
12
modules/s6/scripts/runlevel
Executable file
12
modules/s6/scripts/runlevel
Executable file
|
@ -0,0 +1,12 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
|
||||||
|
### This script is called once at boot time by rc.init, and is
|
||||||
|
### also called by the runleveld service every time the user
|
||||||
|
### requests a machine state change via telinit.
|
||||||
|
### Ideally, it should just be a call to the service manager.
|
||||||
|
|
||||||
|
test "$#" -gt 0 || { echo 'runlevel: fatal: too few arguments' 1>&2 ; exit 100 ; }
|
||||||
|
|
||||||
|
|
||||||
|
### If your services are managed by s6-rc:
|
||||||
|
exec s6-rc -v2 -up change "$1"
|
|
@ -1,150 +0,0 @@
|
||||||
{
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
config,
|
|
||||||
utils,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
let
|
|
||||||
inherit (lib)
|
|
||||||
mapAttrs'
|
|
||||||
nameValuePair
|
|
||||||
mkMerge
|
|
||||||
mapAttrsToList
|
|
||||||
mkOption
|
|
||||||
;
|
|
||||||
inherit (pkgs.pseudofile) dir symlink;
|
|
||||||
inherit (utils.systemdUtils.lib)
|
|
||||||
targetToUnit
|
|
||||||
serviceToUnit
|
|
||||||
;
|
|
||||||
|
|
||||||
systemd-types = import ./types.nix { inherit pkgs utils lib; busybox = config.programs.busybox.package; };
|
|
||||||
|
|
||||||
units-texts = mapAttrs' (
|
|
||||||
_: unit:
|
|
||||||
nameValuePair unit.name {
|
|
||||||
file = unit.text;
|
|
||||||
mode = "0644";
|
|
||||||
}
|
|
||||||
) config.systemd.units;
|
|
||||||
units-aliases = mkMerge (
|
|
||||||
mapAttrsToList (
|
|
||||||
_: unit:
|
|
||||||
mkMerge (
|
|
||||||
map (aka: {
|
|
||||||
${aka} = symlink "${unit.name}";
|
|
||||||
}) (unit.aliases or [ ])
|
|
||||||
)
|
|
||||||
) config.systemd.units
|
|
||||||
);
|
|
||||||
units-extraWants = mkMerge (
|
|
||||||
mapAttrsToList (
|
|
||||||
_: unit:
|
|
||||||
mkMerge (
|
|
||||||
map (unit2: {
|
|
||||||
"${unit2}.wants" = dir {
|
|
||||||
${unit.name} = symlink "../${unit.name}";
|
|
||||||
};
|
|
||||||
}) (unit.wantedBy or [ ])
|
|
||||||
)
|
|
||||||
) config.systemd.units
|
|
||||||
);
|
|
||||||
units-extraUpholds = mkMerge (
|
|
||||||
mapAttrsToList (
|
|
||||||
_: unit:
|
|
||||||
mkMerge (
|
|
||||||
map (unit2: {
|
|
||||||
"${unit2}.upholds" = dir {
|
|
||||||
${unit.name} = symlink "../${unit.name}";
|
|
||||||
};
|
|
||||||
}) (unit.upheldBy or [ ])
|
|
||||||
)
|
|
||||||
) config.systemd.units
|
|
||||||
);
|
|
||||||
units-extraRequires = mkMerge (
|
|
||||||
mapAttrsToList (
|
|
||||||
_: unit:
|
|
||||||
mkMerge (
|
|
||||||
map (unit2: {
|
|
||||||
"${unit2}.requires" = dir {
|
|
||||||
${unit.name} = symlink "../${unit.name}";
|
|
||||||
};
|
|
||||||
}) (unit.requiredBy or [ ])
|
|
||||||
)
|
|
||||||
) config.systemd.units
|
|
||||||
);
|
|
||||||
in
|
|
||||||
{
|
|
||||||
options = {
|
|
||||||
systemd = {
|
|
||||||
units = mkOption {
|
|
||||||
type = systemd-types.units;
|
|
||||||
};
|
|
||||||
services = mkOption {
|
|
||||||
type = systemd-types.services;
|
|
||||||
};
|
|
||||||
targets = mkOption {
|
|
||||||
type = systemd-types.targets;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
config = {
|
|
||||||
systemd = {
|
|
||||||
units = mkMerge [
|
|
||||||
(mapAttrs' (_: service: nameValuePair service.name (serviceToUnit service)) config.systemd.services)
|
|
||||||
(mapAttrs' (_: target: nameValuePair target.name (targetToUnit target)) config.systemd.targets)
|
|
||||||
];
|
|
||||||
services = {
|
|
||||||
getty = {
|
|
||||||
wantedBy = [ "default.target" ];
|
|
||||||
unitConfig = {
|
|
||||||
Description = "Serial Shell";
|
|
||||||
Before = [ "default.target" ];
|
|
||||||
};
|
|
||||||
script = ''
|
|
||||||
# . /etc/profile
|
|
||||||
exec /bin/ash < /dev/ttyS0 > /dev/ttyS0 2> /dev/ttyS0
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
targets = {
|
|
||||||
default = { };
|
|
||||||
sysinit = { };
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
kernel.config = {
|
|
||||||
CGROUPS = "y";
|
|
||||||
DEVTMPFS = "y";
|
|
||||||
INOTIFY_USER = "y";
|
|
||||||
SIGNALFD = "y";
|
|
||||||
TIMERFD = "y";
|
|
||||||
EPOLL = "y";
|
|
||||||
UNIX = "y";
|
|
||||||
SYSFS = "y";
|
|
||||||
PROC_FS = "y";
|
|
||||||
FHANDLE = "y";
|
|
||||||
};
|
|
||||||
boot.commandLine = [
|
|
||||||
"systemd.log_level=7"
|
|
||||||
#"systemd.crash_shell=true"
|
|
||||||
];
|
|
||||||
filesystem = dir {
|
|
||||||
etc = dir {
|
|
||||||
systemd = dir {
|
|
||||||
system = dir (mkMerge [
|
|
||||||
units-texts
|
|
||||||
units-aliases
|
|
||||||
units-extraWants
|
|
||||||
units-extraUpholds
|
|
||||||
units-extraRequires
|
|
||||||
]);
|
|
||||||
};
|
|
||||||
};
|
|
||||||
bin = dir {
|
|
||||||
init = symlink "${pkgs.systemd}/bin/init";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,30 +0,0 @@
|
||||||
{
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
utils,
|
|
||||||
busybox
|
|
||||||
}:
|
|
||||||
let
|
|
||||||
inherit (utils.systemdUtils.lib) serviceConfig unitConfig;
|
|
||||||
inherit (utils.systemdUtils.unitOptions) stage2ServiceOptions;
|
|
||||||
stage2ServiceConfig = {
|
|
||||||
imports = [ serviceConfig ];
|
|
||||||
# Default path for systemd services. Should be quite minimal.
|
|
||||||
config.path = lib.mkAfter [
|
|
||||||
busybox
|
|
||||||
# pkgs.coreutils
|
|
||||||
# pkgs.gnugrep
|
|
||||||
# pkgs.gnused
|
|
||||||
pkgs.systemd
|
|
||||||
];
|
|
||||||
};
|
|
||||||
in
|
|
||||||
{
|
|
||||||
inherit (utils.systemdUtils.types) units targets;
|
|
||||||
services = lib.types.attrsOf (lib.types.submodule [
|
|
||||||
{ enableStrictShellChecks = false; }
|
|
||||||
unitConfig
|
|
||||||
stage2ServiceOptions
|
|
||||||
stage2ServiceConfig
|
|
||||||
]);
|
|
||||||
}
|
|
|
@ -33,6 +33,11 @@ in
|
||||||
description = "VLAN identifier (VID) in range 1-4094";
|
description = "VLAN identifier (VID) in range 1-4094";
|
||||||
type = types.str;
|
type = types.str;
|
||||||
};
|
};
|
||||||
|
untagged.egress = mkOption {
|
||||||
|
description = "Whether packets from this interface will go out *untagged*";
|
||||||
|
type = types.bool;
|
||||||
|
default = false;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
config.kernel.config = {
|
config.kernel.config = {
|
||||||
VLAN_8021Q = "y";
|
VLAN_8021Q = "y";
|
||||||
|
|
|
@ -2,13 +2,15 @@
|
||||||
liminix
|
liminix
|
||||||
, lib
|
, lib
|
||||||
}:
|
}:
|
||||||
{ ifname, primary, vid } :
|
{ ifname, primary, vid, untagged } :
|
||||||
let
|
let
|
||||||
|
inherit (lib) optionalString;
|
||||||
inherit (liminix.services) oneshot;
|
inherit (liminix.services) oneshot;
|
||||||
in oneshot rec {
|
in oneshot rec {
|
||||||
name = "${ifname}.link";
|
name = "${ifname}.link";
|
||||||
up = ''
|
up = ''
|
||||||
ip link add link $(output ${primary} ifname) name ${ifname} type vlan id ${vid}
|
ip link add link $(output ${primary} ifname) name ${ifname} type vlan id ${vid}
|
||||||
|
${optionalString untagged.egress "bridge vlan add dev ${ifname} vid ${toString untagged.vid} pvid untagged master"}
|
||||||
${liminix.networking.ifup name ifname}
|
${liminix.networking.ifup name ifname}
|
||||||
(in_outputs ${name}
|
(in_outputs ${name}
|
||||||
echo ${ifname} > ifname
|
echo ${ifname} > ifname
|
||||||
|
|
220
overlay.nix
220
overlay.nix
|
@ -142,6 +142,8 @@ extraPkgs // {
|
||||||
rev = "hostap-liminix-integration";
|
rev = "hostap-liminix-integration";
|
||||||
hash = "sha256-5Xi90keCHxvuKR5Q7STuZDzuM9h9ac6aWoXVQYvqkQI=";
|
hash = "sha256-5Xi90keCHxvuKR5Q7STuZDzuM9h9ac6aWoXVQYvqkQI=";
|
||||||
};
|
};
|
||||||
|
# Do not take any patch.
|
||||||
|
patches = [];
|
||||||
extraConfig = "";
|
extraConfig = "";
|
||||||
configurePhase = ''
|
configurePhase = ''
|
||||||
cat > hostapd/defconfig <<EOF
|
cat > hostapd/defconfig <<EOF
|
||||||
|
@ -184,6 +186,7 @@ extraPkgs // {
|
||||||
rev = "hostap-liminix-integration";
|
rev = "hostap-liminix-integration";
|
||||||
hash = "sha256-5Xi90keCHxvuKR5Q7STuZDzuM9h9ac6aWoXVQYvqkQI=";
|
hash = "sha256-5Xi90keCHxvuKR5Q7STuZDzuM9h9ac6aWoXVQYvqkQI=";
|
||||||
};
|
};
|
||||||
|
patches = [];
|
||||||
extraConfig = "";
|
extraConfig = "";
|
||||||
configurePhase = ''
|
configurePhase = ''
|
||||||
cat > hostapd/defconfig <<EOF
|
cat > hostapd/defconfig <<EOF
|
||||||
|
@ -194,6 +197,30 @@ extraPkgs // {
|
||||||
});
|
});
|
||||||
in h.override { openssl = null; sqlite = null; };
|
in h.override { openssl = null; sqlite = null; };
|
||||||
|
|
||||||
|
libnl = prev.libnl.override {
|
||||||
|
graphviz = null;
|
||||||
|
};
|
||||||
|
|
||||||
|
iproute2 =
|
||||||
|
let i = prev.iproute2.overrideAttrs (old: {
|
||||||
|
postInstall = ''
|
||||||
|
${(old.postInstall or "")}
|
||||||
|
non_necessary_binaries=("tc" "rdma" "dcb" "tipc" "vdpa")
|
||||||
|
for needless_binary in "''${non_necessary_binaries[@]}"; do
|
||||||
|
echo "Removing unnecessary binary $out/sbin/$needless_binary"
|
||||||
|
rm "$out/sbin/$needless_binary"
|
||||||
|
done
|
||||||
|
# No man
|
||||||
|
rm -rf "$out/share"
|
||||||
|
# Remove all the data about distributions for tc.
|
||||||
|
rm -rf "$out/lib"
|
||||||
|
'';
|
||||||
|
});
|
||||||
|
# Don't bring ebpf stuff to the table.
|
||||||
|
# We also remove tc so we can drop iptables as well.
|
||||||
|
# Let's try to kill `db` as well.
|
||||||
|
in i.override { elfutils = null; iptables = null; db = null; };
|
||||||
|
|
||||||
wpa_supplicant = prev.wpa_supplicant.override {
|
wpa_supplicant = prev.wpa_supplicant.override {
|
||||||
dbusSupport = false;
|
dbusSupport = false;
|
||||||
withPcsclite = false;
|
withPcsclite = false;
|
||||||
|
@ -259,12 +286,7 @@ extraPkgs // {
|
||||||
patches = o.patches ++ [
|
patches = o.patches ++ [
|
||||||
./pkgs/qemu/arm-image-friendly-load-addr.patch
|
./pkgs/qemu/arm-image-friendly-load-addr.patch
|
||||||
];
|
];
|
||||||
}); in q.override {
|
}); in q.override { nixosTestRunner = true; sdlSupport = false; };
|
||||||
vde2 = null;
|
|
||||||
nixosTestRunner = true;
|
|
||||||
sdlSupport = false;
|
|
||||||
hostCpuTargets = [ "mips-softmmu" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
rsyncSmall =
|
rsyncSmall =
|
||||||
let r = prev.rsync.overrideAttrs(o: {
|
let r = prev.rsync.overrideAttrs(o: {
|
||||||
|
@ -289,192 +311,6 @@ extraPkgs // {
|
||||||
|
|
||||||
strace = prev.strace.override { libunwind = null; };
|
strace = prev.strace.override { libunwind = null; };
|
||||||
|
|
||||||
getent =
|
|
||||||
prev.callPackage ({
|
|
||||||
lib,
|
|
||||||
stdenv,
|
|
||||||
fetchFromGitHub,
|
|
||||||
}:
|
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
|
||||||
pname = "musl-utils";
|
|
||||||
version = "1.1.12-r7";
|
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "boltlinux";
|
|
||||||
repo = "musl-utils";
|
|
||||||
rev = version;
|
|
||||||
hash = "sha256-q9CbOyK0Psw3YJnIT3yPRWuwr40nxLZt4RexuOHAUuw=";
|
|
||||||
};
|
|
||||||
|
|
||||||
nativeBuildInputs = [
|
|
||||||
prev.autoconf
|
|
||||||
prev.automake
|
|
||||||
];
|
|
||||||
|
|
||||||
preConfigure = ''
|
|
||||||
autoreconf -i
|
|
||||||
'';
|
|
||||||
|
|
||||||
buildPhase = ''
|
|
||||||
make -C src getent
|
|
||||||
'';
|
|
||||||
|
|
||||||
installPhase = ''
|
|
||||||
mkdir -p $out/bin/
|
|
||||||
cp src/getent $out/bin/
|
|
||||||
'';
|
|
||||||
|
|
||||||
meta = {
|
|
||||||
description = "Alpine Linux' getconf, getent and iconv implementations";
|
|
||||||
homepage = "https://github.com/boltlinux/musl-utils";
|
|
||||||
license = lib.licenses.free; # FIXME: nix-init did not find a license
|
|
||||||
maintainers = with lib.maintainers; [ ];
|
|
||||||
mainProgram = "musl-utils";
|
|
||||||
platforms = lib.platforms.all;
|
|
||||||
};
|
|
||||||
}) { };
|
|
||||||
|
|
||||||
writeShellScriptBin = name: text:
|
|
||||||
final.writeTextFile {
|
|
||||||
inherit name;
|
|
||||||
executable = true;
|
|
||||||
destination = "/bin/${name}";
|
|
||||||
text = ''
|
|
||||||
#!/bin/ash
|
|
||||||
${text}
|
|
||||||
'';
|
|
||||||
checkPhase = ''
|
|
||||||
${final.stdenv.shellDryRun} "$target"
|
|
||||||
'';
|
|
||||||
meta.mainProgram = name;
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd =
|
|
||||||
let base = prev.systemd.override {
|
|
||||||
kbd = "";
|
|
||||||
coreutils = "";
|
|
||||||
bash = null;
|
|
||||||
bashInteractive = "";
|
|
||||||
|
|
||||||
withAcl = false;
|
|
||||||
withAnalyze = false;
|
|
||||||
withApparmor = false;
|
|
||||||
withAudit = false;
|
|
||||||
withBootloader = false;
|
|
||||||
withCompression = false;
|
|
||||||
withCoredump = false;
|
|
||||||
withCryptsetup = false;
|
|
||||||
withRepart = false;
|
|
||||||
withDocumentation = false;
|
|
||||||
withEfi = false;
|
|
||||||
withFido2 = false;
|
|
||||||
withHomed = false;
|
|
||||||
withHostnamed = false;
|
|
||||||
withHwdb = false;
|
|
||||||
withImportd = false;
|
|
||||||
withIptables = false;
|
|
||||||
withKmod = false;
|
|
||||||
withLibBPF = false;
|
|
||||||
withLibidn2 = false;
|
|
||||||
withLocaled = false;
|
|
||||||
withLogind = false;
|
|
||||||
withMachined = false;
|
|
||||||
withNetworkd = false;
|
|
||||||
withNss = false;
|
|
||||||
withOomd = false;
|
|
||||||
withPam = false;
|
|
||||||
withPasswordQuality = false;
|
|
||||||
withPCRE2 = false;
|
|
||||||
withPolkit = false;
|
|
||||||
withPortabled = false;
|
|
||||||
withQrencode = false;
|
|
||||||
withRemote = false;
|
|
||||||
withResolved = false;
|
|
||||||
withShellCompletions = false;
|
|
||||||
withSysusers = false;
|
|
||||||
withSysupdate = false;
|
|
||||||
withTimedated = false;
|
|
||||||
withTimesyncd = false;
|
|
||||||
withTpm2Tss = false;
|
|
||||||
withUkify = false;
|
|
||||||
withUserDb = false;
|
|
||||||
withUtmp = false;
|
|
||||||
withVmspawn = false;
|
|
||||||
withKernelInstall = false;
|
|
||||||
withLibarchive = false;
|
|
||||||
};
|
|
||||||
in base.overrideAttrs (o: {
|
|
||||||
mesonFlags = o.mesonFlags ++ [
|
|
||||||
# "--optimization=s"
|
|
||||||
"--default-library=static"
|
|
||||||
"--buildtype=minsize"
|
|
||||||
# (final.lib.mesonBool "static-libsystemd" true)
|
|
||||||
# (final.lib.mesonBool "standalone-binaries" true)
|
|
||||||
|
|
||||||
# (final.lib.mesonBool "link-udev-shared" false)
|
|
||||||
# (final.lib.mesonBool "link-executor-shared" false)
|
|
||||||
# (final.lib.mesonBool "link-systemctl-shared" false)
|
|
||||||
# (final.lib.mesonBool "link-networkd-shared" false)
|
|
||||||
# (final.lib.mesonBool "link-timesyncd-shared" false)
|
|
||||||
# (final.lib.mesonBool "link-journalctl-shared" false)
|
|
||||||
# (final.lib.mesonBool "link-boot-shared" false)
|
|
||||||
# (final.lib.mesonBool "link-portabled-shared" false)
|
|
||||||
];
|
|
||||||
postInstall = o.postInstall + ''
|
|
||||||
rm -rf $out/share
|
|
||||||
rm $out/lib/libudev.so*
|
|
||||||
rm -rf $out/lib/systemd/catalog
|
|
||||||
rm -rf $out/lib/systemd/system-generators
|
|
||||||
rm $out/lib/systemd/systemd-backlight
|
|
||||||
rm $out/lib/systemd/systemd-battery-check
|
|
||||||
rm $out/lib/systemd/systemd-hibernate-resume
|
|
||||||
rm $out/lib/systemd/systemd-makefs
|
|
||||||
rm $out/lib/systemd/systemd-nsresourced
|
|
||||||
rm $out/lib/systemd/systemd-nsresourcework
|
|
||||||
rm $out/lib/systemd/systemd-shutdown
|
|
||||||
rm $out/lib/systemd/systemd-sleep
|
|
||||||
rm $out/lib/systemd/systemd-binfmt
|
|
||||||
rm $out/lib/systemd/systemd-growfs
|
|
||||||
rm $out/lib/systemd/systemd-mountfsd
|
|
||||||
rm $out/lib/systemd/systemd-mountwork
|
|
||||||
rm $out/lib/systemd/systemd-network-generator
|
|
||||||
rm $out/lib/systemd/systemd-pstore
|
|
||||||
rm $out/lib/systemd/systemd-remount-fs
|
|
||||||
rm $out/lib/systemd/systemd-reply-password
|
|
||||||
rm $out/lib/systemd/systemd-rfkill
|
|
||||||
rm $out/lib/systemd/systemd-socket-proxyd
|
|
||||||
rm $out/lib/systemd/systemd-ssh-proxy
|
|
||||||
rm $out/lib/systemd/systemd-storagetm
|
|
||||||
rm $out/lib/systemd/systemd-volatile-root
|
|
||||||
rm $out/lib/systemd/systemd-xdg-autostart-condition
|
|
||||||
rm -rf $out/example
|
|
||||||
rm $out/bin/bootctl
|
|
||||||
rm $out/bin/systemd-nspawn
|
|
||||||
rm $out/bin/systemd-ac-power
|
|
||||||
rm $out/bin/systemd-dissect
|
|
||||||
rm $out/bin/systemd-ask-password
|
|
||||||
rm $out/bin/systemd-cgls
|
|
||||||
rm $out/bin/systemd-cgtop
|
|
||||||
rm $out/bin/systemd-creds
|
|
||||||
rm $out/bin/systemd-delta
|
|
||||||
rm $out/bin/systemd-detect-virt
|
|
||||||
rm $out/bin/systemd-escape
|
|
||||||
rm $out/bin/systemd-id128
|
|
||||||
rm $out/bin/systemd-machine-id-setup
|
|
||||||
rm $out/bin/systemd-path
|
|
||||||
rm $out/bin/systemd-run
|
|
||||||
rm $out/bin/systemd-socket-activate
|
|
||||||
rm $out/bin/systemd-stdio-bridge
|
|
||||||
rm $out/bin/systemd-sysext
|
|
||||||
rm $out/bin/systemd-tty-ask-password-agent
|
|
||||||
rm $out/bin/systemd-vpick
|
|
||||||
|
|
||||||
# rm $out/lib/libsystemd.a
|
|
||||||
# rm $out/lib/systemd/libsystemd-shared-256.so
|
|
||||||
'';
|
|
||||||
});
|
|
||||||
|
|
||||||
ubootQemuAarch64 = final.buildUBoot {
|
ubootQemuAarch64 = final.buildUBoot {
|
||||||
defconfig = "qemu_arm64_defconfig";
|
defconfig = "qemu_arm64_defconfig";
|
||||||
extraMeta.platforms = ["aarch64-linux"];
|
extraMeta.platforms = ["aarch64-linux"];
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
, pkgsBuildBuild
|
, pkgsBuildBuild
|
||||||
, runCommand
|
, runCommand
|
||||||
, cpio
|
, cpio
|
||||||
, writeReferencesToFile
|
, writeClosure
|
||||||
, writeScript
|
, writeScript
|
||||||
} :
|
} :
|
||||||
let
|
let
|
||||||
|
@ -18,7 +18,7 @@ let
|
||||||
mount -t sysfs none /sys
|
mount -t sysfs none /sys
|
||||||
${busybox}/bin/sh
|
${busybox}/bin/sh
|
||||||
'';
|
'';
|
||||||
refs = writeReferencesToFile busybox;
|
refs = writeClosure [ busybox ];
|
||||||
in runCommand "initramfs.cpio" { } ''
|
in runCommand "initramfs.cpio" { } ''
|
||||||
cat << SPECIALS | ${gen_init_cpio}/bin/gen_init_cpio /dev/stdin > out
|
cat << SPECIALS | ${gen_init_cpio}/bin/gen_init_cpio /dev/stdin > out
|
||||||
dir /proc 0755 0 0
|
dir /proc 0755 0 0
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
writeScriptBin
|
writeScriptBin
|
||||||
, writeScript
|
, writeScript
|
||||||
, systemconfig
|
, systemconfig
|
||||||
|
, stdenv
|
||||||
, execline
|
, execline
|
||||||
, lib
|
, lib
|
||||||
, config ? {}
|
, config ? {}
|
||||||
|
@ -56,11 +57,19 @@ let
|
||||||
};
|
};
|
||||||
eval = lib.evalModules {
|
eval = lib.evalModules {
|
||||||
modules = [
|
modules = [
|
||||||
{ _module.args = { inherit pkgs; inherit (pkgs) lim; }; }
|
|
||||||
../../modules/base.nix
|
../../modules/base.nix
|
||||||
../../modules/users.nix
|
../../modules/users.nix
|
||||||
../../modules/busybox.nix
|
../../modules/busybox.nix
|
||||||
|
../../modules/hostname.nix
|
||||||
|
../../modules/misc/assertions.nix
|
||||||
|
../../modules/nixpkgs.nix
|
||||||
base
|
base
|
||||||
|
{
|
||||||
|
# Inherit from that target system host platform.
|
||||||
|
nixpkgs.hostPlatform = stdenv.hostPlatform;
|
||||||
|
# Force our own package set.
|
||||||
|
nixpkgs.pkgs = lib.mkForce pkgs;
|
||||||
|
}
|
||||||
({ ... } : paramConfig)
|
({ ... } : paramConfig)
|
||||||
../../modules/s6
|
../../modules/s6
|
||||||
];
|
];
|
||||||
|
|
Loading…
Reference in a new issue