t #2

Closed
lbailly wants to merge 57 commits from CI into main

57 commits

Author SHA1 Message Date
df520d0527
feat(ci): use ci.nix
Some checks failed
build liminix / test_hostapd (pull_request) Has been cancelled
build liminix / build_vm_qemu_mips (pull_request) Has been cancelled
build liminix / build_zyxel-nwa50ax_mips (pull_request) Has been cancelled
2024-09-18 09:10:07 +02:00
20776327cd
feat(example-qemu): enable dhcpc on wan interface
All checks were successful
build liminix / build_vm_qemu_mips (pull_request) Successful in 50s
2024-09-18 09:08:25 +02:00
d8d512ab31
feat(ci): netdevice on vms 2024-09-18 09:08:25 +02:00
ca41e04e7d
feat(ci): base for VMs for better testing 2024-09-18 09:08:25 +02:00
Raito Bezarius
013e4c396c feat: repair CI and cleanup cross-compilation mechanism
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-16 18:14:39 +02:00
Raito Bezarius
036f91d2f0 feat(ubus): support for Lua 5.3
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-08 01:08:59 +02:00
Raito Bezarius
54db2ad006 feat(libubox): support for Lua 5.3
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-08 01:08:54 +02:00
Raito Bezarius
8ac3e32b8b fix(modules/hostname): hash the hostname to avoid duplicate services in the db
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-08 00:31:15 +02:00
Raito Bezarius
6970d811e8 chore(min-copy-closure): improve liminix-rebuild for maintenance
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 23:59:29 +02:00
Raito Bezarius
b468275f53 fix(tftpboot): revert squashfs use and go back to JFFS2
squashfs doesn't copy all the files we need.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 23:48:13 +02:00
Raito Bezarius
3ed1564235 feat(recovery): bump to 20MB the TFTP phram size
Otherwise, this will fail to boot on a modern closure.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 23:39:22 +02:00
Raito Bezarius
9fcfae3eae feat(recovery): strengthen debugging capabilities of preinit
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 23:30:05 +02:00
Raito Bezarius
73ea02b982 feat(modules/nixpkgs): introduce source parameter
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 23:05:03 +02:00
Raito Bezarius
c942b2be09 feat(initramfs): enable zstd compression
Busybox is still 3MB.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 22:49:25 +02:00
Raito Bezarius
95850a44c2 feat(recovery): implement failsafe boot
for TFTP or anything, really.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 22:49:25 +02:00
Raito Bezarius
bc1f54e701 Merge branch 'bridgeability' into 'main' 2024-09-07 21:53:20 +02:00
Raito Bezarius
0ee2ce4183 fix(overlay): adopt upstream fix for Lua readline
9f58e7b926
("maybe fix nixpkgs-unstable lua")

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 21:52:48 +02:00
Raito Bezarius
94a5b19c77 fix(evalConfig): fix pkgs relation with nixpkgs
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 21:52:48 +02:00
Raito Bezarius
13069415fd feat(modules/hostapd): offer readiness oneshot
WLAN oper wait until the WLAN interface is ready.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 21:15:31 +02:00
Raito Bezarius
5590fea16e feat(ifwait): add ifbridgeable script
This enable to wait for bridgeability of a WLAN interface via
`iwinfo`.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 21:09:17 +02:00
Raito Bezarius
c39bfc2bb5 fix(write-fennel): escape binary path for PATH
otherwise, escapeShellArg might just do nothing!

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 21:03:57 +02:00
Raito Bezarius
0c363be423 fennelrepl: add iwinfo to it
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 20:03:02 +02:00
Raito Bezarius
26d2812aa4 fennerepl: remove readline
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 20:03:02 +02:00
Raito Bezarius
b57df3f288 iwinfo: use Lua 5.3 port
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 20:03:02 +02:00
Raito Bezarius
4cf10c2e75 iwinfo: init at unstable-07-09-2024
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 19:26:14 +02:00
Raito Bezarius
0d36000d9f overlay: update hostapd with readiness support
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 18:31:57 +02:00
ce17fea337 Merge pull request 'feat(hostapd): ubus support' (#16) from hostapd-ubus into main
Reviewed-on: DGNum/liminix#16
2024-09-07 17:53:21 +02:00
Raito Bezarius
1a770910a6 fix(ubus): rendez vous URL for the unix socket
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 17:48:06 +02:00
Raito Bezarius
5444059b63 feat(hostapd): enable ubus on RADIUS variant
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 17:18:59 +02:00
Raito Bezarius
ffc6492365 fix(ubus): set the socket path properly
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 17:15:31 +02:00
Raito Bezarius
71813a1f8f feat(hostapd): disable openssl to save space
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 17:03:50 +02:00
Raito Bezarius
032e57b34c feat(hostapd): ubus support
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-07 15:56:53 +02:00
Raito Bezarius
0fb671023c feat(services): introduce structured bundles
Structured bundles keep their original contents as a `passthru` field
named `components`.

This enable users to depend on a specific piece of the bundle instead of
the whole bundle.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-05 14:54:12 +02:00
Raito Bezarius
ebcdbf76bc fix(bridge): members are now granular services
They are still part of the bundle, but we can wait on each of them
independently now.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-05 14:54:12 +02:00
Raito Bezarius
78d0088b65 ubus: build with Lua
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-04 16:30:44 +02:00
Raito Bezarius
6d4237ff87 libubox: build with Lua
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-04 16:29:59 +02:00
Raito Bezarius
c24c659ee1 modules/ubus: init
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-04 16:08:56 +02:00
Raito Bezarius
4287a05182 ubus: init at unstable-04-09-2024
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-04 15:53:26 +02:00
Raito Bezarius
eb083bee20 libubox: init at unstable-04-09-2024
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-04 15:53:19 +02:00
Raito Bezarius
1bd9af1e9d fix(bridge): reorder initialization for bridge dependents
Consider the scenario where you run DHCPv4 on the primary bridge
interface.

You have no real interface to "wait upon", so it's OK. Nonetheless,
anything depending on successful completion of DHCPv4, e.g. adding a
default route, will block `s6-rc -v2 up change default`.

The way new interfaces are attached to the bridge is via `s6-rc -b -u
change $attach-oneshot-service`, this introduce in turn a deadlock.

At some point, DHCPv4 will timeout, unblocking the deadlock and
attaching the members to the primary bridge interface, making it ready
to send L2 broadcast packets for DHCP, unblocking DHCP in turn again.

This is not satisfying because we really want to have a no-hiccups
bring-up.

To fix this, we proceed to multiple changes:

- we remove `svc.ifwait.build` out of band `s6-rc -b -u $oneshot-attach`
  call, which is, by design, wrong here.
- users can now depend on the members service to know when a bridge is
  fully operational (we could make it more granular and let them depend
  on the LAN member joining rather than WLAN, etc.)
- users can also depend on the primary service being brought up rather
  than just being present, this is useful if you need to bring it up
  when it has AT LEAST one member to get link local address or MAC
  addresses (fixing DHCPv6 bring up as well because `ff02::1` is used
  there).

One thing is not addressed yet, if you are running a WLAN service using
RADIUS attached to the bridge, at bring up time, it will try to reach
out the external RADIUS server and *fail*.

To solve this, granular dependency on the DHCPv4 once LAN is joined.
Then the hostapd can wait on defaultroute4 completion so that
connectivity is available to reach RADIUS server.

It can join the bridge later on without any hiccup as well.

This is left as a TODO as hostapd can survive RADIUS authentication
failure and retry later.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-01 18:15:28 +02:00
Raito Bezarius
21ff11503e fix(bridge): pick up MAC from another interface
This avoids the OPERSTATE unknown when the bridge is brought up but the
members are not ready yet.

This will make OPERSTATE to down, enabling us to wait until we have
brought up completely all the members.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-01 17:48:54 +02:00
Raito Bezarius
f0b4e826cb fix(ifwait): match over strings and not symbols
Are they the same in Fennel?

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-01 17:48:54 +02:00
Raito Bezarius
ca9642a61e fix(ifwait): return :present if newlink is up/yes
Urgh…

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-01 17:48:54 +02:00
Raito Bezarius
1d0fc24111 fix(bridge/members): log attach/detach
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-01 17:48:54 +02:00
Daniel Barlow
36f3015acd dhcpc handle case when env vars are missing
the notify-script should continue and signal readiness even if one or
more of the outputs it writes are mssing in the environment
2024-09-01 17:48:54 +02:00
Raito Bezarius
664624a478 feat(jitterentropy): introduce a jitterentropy module
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-01 17:48:54 +02:00
Raito Bezarius
f34a63d1c8 feat(pki): init TLS PKI module
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-01 17:48:54 +02:00
Raito Bezarius
eaa8c089a8 feat(mtd-utils): save more space
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-01 17:48:54 +02:00
Raito Bezarius
3d528a71e9 feat(hostapd): make the package configurable to enable RADIUS
The default hostapd disable too many things, we need a bit more for
RADIUS.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-01 17:48:54 +02:00
Raito Bezarius
17355c3911 fix(preinit): scan multiple times the cmdline and rename altroot in rootalt
The way the parsing works is examining one character at a time.

First, if we had `rootfstype=... root=...`, the parsing would jump and
ignore `root=...`, which sucks.

To fix this, we scan multiple times a copy of the cmdline.

Now, we have a new problem: `root=... altroot=...` lead to opts.device
being equal to the altroot as we are looking one char at a time, so we
will arrive at a moment looking at `root=...` for `altroot=...`.

To avoid this, we rename `altroot` in `rootalt`, cheap, I know.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-01 17:48:54 +02:00
Raito Bezarius
c1e61d6af5 fix(zyxel/nwa50ax): ubi cannot run on phram
Discovered the hard way.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-01 17:48:54 +02:00
Raito Bezarius
85bfe94429 fix(zyxel/nwa50ax): ensure the DTB is in the FIT
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-01 17:48:54 +02:00
Raito Bezarius
ea740bbfaf fix(zyxel/nwa50ax): make altroot useful
Let's use `ubi1` if it exist, as it should be the second device
containing a rootfs.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-01 17:48:54 +02:00
Raito Bezarius
8f5ea94765 chore(zyxel/nwa50ax): write flash erase block size as kb size
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-01 17:48:54 +02:00
Raito Bezarius
86e81efbd6 tftp: introduce an alternative command line for TFTP
Normal command line and TFTP command line can be sometimes very
different.

e.g. We don't want to load UBI filesystems for a TFTP boot as it may
interfere with our root device loading.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-01 17:48:54 +02:00
Raito Bezarius
2d6414ea41 tftp: introduce the FIT enclosing boot.scr
This simplify TFTP.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-01 17:48:54 +02:00
65de896019
feat(ci): build VM QEMU MIPS
All checks were successful
build liminix / build_vm_qemu_mips (pull_request) Successful in 1h24m6s
2024-08-27 11:05:43 +02:00