From 243295aab8d75a79b7db28dd2a06d7db7b2252e3 Mon Sep 17 00:00:00 2001
From: Daniel Barlow <dan@telent.net>
Date: Sun, 7 Jan 2024 14:58:46 +0000
Subject: [PATCH] recovery config for turris omnia

---
 examples/recovery.nix | 82 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 82 insertions(+)
 create mode 100644 examples/recovery.nix

diff --git a/examples/recovery.nix b/examples/recovery.nix
new file mode 100644
index 0000000..8519776
--- /dev/null
+++ b/examples/recovery.nix
@@ -0,0 +1,82 @@
+{ config, pkgs, lib, ... } :
+let
+  inherit (pkgs) serviceFns;
+  svc = config.system.service;
+  inherit (pkgs.pseudofile) dir symlink;
+  inherit (pkgs.liminix.services) oneshot longrun bundle target;
+
+in rec {
+  imports = [
+    ../modules/network
+    ../modules/ssh
+    ../modules/schnapps
+    ../modules/outputs/mtdimage.nix
+    ../modules/outputs/mbrimage.nix
+    ../modules/outputs/tftpboot.nix
+    ../modules/outputs/ubifs.nix
+    ../modules/outputs/ubimage.nix
+    ../modules/outputs/jffs2.nix
+    ../modules/outputs/ext4fs.nix
+  ];
+
+  kernel.config = {
+    BTRFS_FS = "y";
+  };
+
+  boot.tftp = {
+    ipaddr = "10.0.0.8"; # my address
+    serverip = "10.0.0.1"; # build machine or other tftp server
+  };
+
+  hostname = "recovery";
+
+  services.dhcpc = svc.network.dhcp.client.build {
+    interface = config.hardware.networkInterfaces.lan2;
+
+    # don't start DHCP until the hostname is configured,
+    # so it can identify itself to the DHCP server
+    dependencies = [ config.services.hostname ];
+  };
+
+  services.sshd = svc.ssh.build { };
+
+  services.defaultroute4 = svc.network.route.build {
+    via = "$(output ${services.dhcpc} router)";
+    target = "default";
+    dependencies = [services.dhcpc];
+  };
+  services.resolvconf = oneshot rec {
+    dependencies = [ services.dhcpc ];
+    name = "resolvconf";
+    up = ''
+      . ${serviceFns}
+      ( in_outputs ${name}
+      for i in $(output ${services.dhcpc} dns); do
+        echo "nameserver $i" > resolv.conf
+      done
+      )
+    '';
+  };
+  filesystem = dir {
+    etc = dir {
+      "resolv.conf" = symlink "${services.resolvconf}/.outputs/resolv.conf";
+    };
+    mnt = dir {};
+  };
+  rootfsType = "squashfs";
+  users.root = {
+    # the password is "secret". Use mkpasswd -m sha512crypt to
+    # create this hashed password string
+    passwd = "$6$y7WZ5hM6l5nriLmo$5AJlmzQZ6WA.7uBC7S8L4o19ESR28Dg25v64/vDvvCN01Ms9QoHeGByj8lGlJ4/b.dbwR9Hq2KXurSnLigt1W1";
+  };
+
+  defaultProfile.packages = with pkgs; [
+    e2fsprogs # ext4
+    btrfs-progs
+    mtdutils # mtd, jffs2, ubifs
+    dtc      # you never know when you might need device tree stuff
+    util-linux-small # fdisk
+    libubootenv # fw_{set,print}env
+    pciutils
+  ];
+}