From 7e2b0068e6d1714bc7639998e98a176bf79966ca Mon Sep 17 00:00:00 2001 From: Daniel Barlow Date: Mon, 10 Feb 2025 21:55:08 +0000 Subject: [PATCH] nixfmt-rfc-style There is nothing in this commit except for the changes made by nix-shell -p nixfmt-rfc-style --run "nixfmt ." If this has mucked up your open branches then sorry about that. You can probably nixfmt them to match before merging --- bordervm-configuration.nix | 65 +- ci.nix | 20 +- default.nix | 53 +- devices/belkin-rt3200/default.nix | 371 +++--- devices/families/qemu.nix | 15 +- devices/gl-ar750/default.nix | 65 +- devices/gl-mt300a/default.nix | 87 +- devices/gl-mt300n-v2/default.nix | 107 +- devices/openwrt-one/default.nix | 1252 ++++++++++--------- devices/qemu-aarch64/default.nix | 44 +- devices/qemu-armv7l/default.nix | 52 +- devices/qemu/default.nix | 77 +- devices/tp-archer-ax23/default.nix | 748 +++++------ devices/turris-omnia/default.nix | 214 ++-- devices/zyxel-nwa50ax/default.nix | 186 +-- doc/extract-options.nix | 31 +- doc/hardware.nix | 4 +- examples/arhcive.nix | 32 +- examples/demo.nix | 35 +- examples/extneder.nix | 17 +- examples/hello-from-mt300.nix | 5 +- examples/hello-from-qemu.nix | 15 +- examples/module-https-proxy.nix | 20 +- examples/nwa50ax-ap.nix | 34 +- examples/recovery.nix | 44 +- examples/rotuer.nix | 47 +- examples/router-with-l2tp.nix | 153 ++- examples/turris.nix | 41 +- modules/all-modules.nix | 62 +- modules/arch/aarch64.nix | 13 +- modules/arch/arm.nix | 9 +- modules/arch/mips.nix | 2 +- modules/arch/mipseb.nix | 2 +- modules/arch/mipsel.nix | 2 +- modules/base.nix | 119 +- modules/bridge/default.nix | 28 +- modules/bridge/members.nix | 19 +- modules/bridge/primary.nix | 9 +- modules/busybox.nix | 198 ++- modules/dhcp6c/acquire-delegated-prefix.nix | 14 +- modules/dhcp6c/acquire-wan-address.nix | 14 +- modules/dhcp6c/address.nix | 16 +- modules/dhcp6c/client.nix | 11 +- modules/dhcp6c/default.nix | 7 +- modules/dhcp6c/prefix.nix | 16 +- modules/dnsmasq/default.nix | 89 +- modules/dnsmasq/service.nix | 50 +- modules/firewall/default-rules.nix | 33 +- modules/firewall/default.nix | 72 +- modules/firewall/service.nix | 53 +- modules/hardware.nix | 18 +- modules/health-check/default.nix | 17 +- modules/health-check/service.nix | 71 +- modules/hostapd/default.nix | 10 +- modules/hostapd/service.nix | 60 +- modules/hostname.nix | 10 +- modules/ifwait/default.nix | 13 +- modules/ifwait/ifwait.nix | 11 +- modules/kernel/default.nix | 53 +- modules/klogd.nix | 10 +- modules/logging.nix | 24 +- modules/mdevd.nix | 8 +- modules/mount/default.nix | 89 +- modules/mount/service.nix | 19 +- modules/network/address.nix | 18 +- modules/network/default.nix | 30 +- modules/network/dhcpc.nix | 15 +- modules/network/forward.nix | 12 +- modules/network/link.nix | 28 +- modules/network/route.nix | 22 +- modules/ntp/default.nix | 43 +- modules/ntp/service.nix | 34 +- modules/outputs.nix | 23 +- modules/outputs/boot-extlinux.nix | 21 +- modules/outputs/boot-fit.nix | 21 +- modules/outputs/btrfs.nix | 33 +- modules/outputs/ext4fs.nix | 31 +- modules/outputs/initramfs.nix | 23 +- modules/outputs/jffs2.nix | 26 +- modules/outputs/mbrimage.nix | 34 +- modules/outputs/mtdimage.nix | 64 +- modules/outputs/squashfs.nix | 3 +- modules/outputs/system-configuration.nix | 18 +- modules/outputs/tftpboot.nix | 126 +- modules/outputs/tplink-safeloader.nix | 18 +- modules/outputs/ubifs.nix | 27 +- modules/outputs/ubimage.nix | 137 +- modules/outputs/ubivolume.nix | 163 +-- modules/outputs/updater/default.nix | 25 +- modules/outputs/vmroot.nix | 23 +- modules/outputs/zyxel-nwa-fit.nix | 70 +- modules/ppp/common.nix | 115 +- modules/ppp/default.nix | 22 +- modules/ppp/l2tp.nix | 21 +- modules/ppp/pppoe.nix | 24 +- modules/profiles/gateway.nix | 82 +- modules/profiles/wap.nix | 36 +- modules/ramdisk.nix | 3 +- modules/round-robin/default.nix | 15 +- modules/round-robin/service.nix | 43 +- modules/s6/default.nix | 174 ++- modules/schnapps/default.nix | 4 +- modules/secrets/default.nix | 27 +- modules/secrets/outboard.nix | 16 +- modules/secrets/subscriber.nix | 91 +- modules/secrets/tang.nix | 15 +- modules/ssh/default.nix | 31 +- modules/ssh/ssh.nix | 65 +- modules/tls-certificate/certifix-client.nix | 14 +- modules/tls-certificate/default.nix | 55 +- modules/uevent-rule/default.nix | 12 +- modules/uevent-rule/rule.nix | 31 +- modules/users.nix | 165 +-- modules/vlan/default.nix | 7 +- modules/vlan/service.nix | 13 +- modules/watchdog/default.nix | 9 +- modules/watchdog/watchdog.nix | 16 +- modules/wlan.nix | 13 +- modules/wwan/default.nix | 50 +- modules/wwan/huawei-e3372.nix | 75 +- modules/zyxel-dual-image/default.nix | 33 +- modules/zyxel-dual-image/service.nix | 17 +- overlay.nix | 313 +++-- pkgs/anoia/default.nix | 22 +- pkgs/certifix-client/default.nix | 36 +- pkgs/default.nix | 65 +- pkgs/devout/default.nix | 15 +- pkgs/fennel/default.nix | 10 +- pkgs/fennelrepl/default.nix | 100 +- pkgs/fetch-freebsd/default.nix | 14 +- pkgs/firewallgen/default.nix | 115 +- pkgs/firewallgen/test-rules-min.nix | 41 +- pkgs/firewallgen/test.nix | 5 +- pkgs/firmware-utils/default.nix | 11 +- pkgs/gen_init_cpio/default.nix | 4 +- pkgs/hi/default.nix | 46 +- pkgs/ifwait/default.nix | 5 +- pkgs/incz/default.nix | 36 +- pkgs/initramfs-peek/default.nix | 3 +- pkgs/json-to-fstree/default.nix | 37 +- pkgs/kernel-backport/default.nix | 16 +- pkgs/kernel/default.nix | 16 +- pkgs/kernel/dtb.nix | 31 +- pkgs/kernel/uimage.nix | 48 +- pkgs/kernel/write-kconfig.nix | 19 +- pkgs/kmodloader/default.nix | 54 +- pkgs/levitate/default.nix | 68 +- pkgs/libubootenv/default.nix | 5 +- pkgs/liminix-tools/builders/squashfs.nix | 28 +- pkgs/liminix-tools/networking/default.nix | 6 +- pkgs/liminix-tools/services/default.nix | 185 +-- pkgs/linotify/default.nix | 6 +- pkgs/logshipper/default.nix | 2 +- pkgs/lualinux/default.nix | 12 +- pkgs/lzma/default.nix | 5 +- pkgs/mac80211/default.nix | 99 +- pkgs/min-collect-garbage/default.nix | 5 +- pkgs/min-copy-closure/default.nix | 6 +- pkgs/minisock/default.nix | 10 +- pkgs/nellie/default.nix | 6 +- pkgs/netlink-lua/default.nix | 12 +- pkgs/nginx-small/default.nix | 35 +- pkgs/odhcp-script/default.nix | 7 +- pkgs/openwrt/2410.nix | 9 +- pkgs/openwrt/default.nix | 3 +- pkgs/output-template/default.nix | 28 +- pkgs/ppp/default.nix | 5 +- pkgs/preinit/shell.nix | 2 +- pkgs/pseudofile/default.nix | 91 +- pkgs/routeros/default.nix | 48 +- pkgs/run-liminix-vm/default.nix | 9 +- pkgs/rxi-json/default.nix | 3 +- pkgs/s6-init-bin/default.nix | 23 +- pkgs/s6-rc-database/default.nix | 8 +- pkgs/s6-rc-round-robin/default.nix | 16 +- pkgs/s6-rc-up-tree/default.nix | 14 +- pkgs/schnapps/default.nix | 9 +- pkgs/swconfig/default.nix | 21 +- pkgs/systemconfig/default.nix | 185 +-- pkgs/tangc/default.nix | 40 +- pkgs/tufted/default.nix | 18 +- pkgs/uevent-watch/default.nix | 16 +- pkgs/usb-modeswitch/default.nix | 3 +- pkgs/watch-outputs/default.nix | 34 +- pkgs/watch-ssh-keys/default.nix | 38 +- pkgs/write-ash-script/bin.nix | 25 +- pkgs/write-fennel/default.nix | 9 +- shell.nix | 15 +- tests/ext4/configuration.nix | 5 +- tests/ext4/test.nix | 29 +- tests/fennel/test.nix | 34 +- tests/inout/configuration.nix | 12 +- tests/inout/test.nix | 61 +- tests/jffs2/configuration.nix | 5 +- tests/jffs2/test.nix | 29 +- tests/min-copy-closure/config-ext4.nix | 4 +- tests/min-copy-closure/configuration.nix | 18 +- tests/min-copy-closure/test.nix | 58 +- tests/min-copy-closure/with-figlet.nix | 4 +- tests/pppoe/configuration.nix | 35 +- tests/pppoe/test.nix | 61 +- tests/pseudofiles/fixture.nix | 30 +- tests/pseudofiles/test.nix | 32 +- tests/smoke/test.nix | 50 +- tests/tftpboot/configuration.nix | 53 +- tests/tftpboot/test.nix | 83 +- tests/updown/configuration.nix | 16 +- tests/updown/test.nix | 29 +- tests/wlan/configuration.nix | 15 +- tests/wlan/test.nix | 30 +- vanilla-configuration.nix | 13 +- 211 files changed, 6049 insertions(+), 4355 deletions(-) diff --git a/bordervm-configuration.nix b/bordervm-configuration.nix index c8347d1..1b0e7cd 100644 --- a/bordervm-configuration.nix +++ b/bordervm-configuration.nix @@ -1,8 +1,21 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let cfg = config.bordervm; - inherit (lib) mkOption mkEnableOption mdDoc types optional optionals; -in { + inherit (lib) + mkOption + mkEnableOption + mdDoc + types + optional + optionals + ; +in +{ options.bordervm = { keys = mkOption { type = types.listOf types.str; @@ -107,13 +120,14 @@ in { from = "host"; host.port = 7654; # guest.address = "10.0.2.15"; - guest.port =7654; + guest.port = 7654; } { host.port = 2222; guest.address = "10.0.2.15"; guest.port = 22; - }]; + } + ]; qemu = { networkingOptions = [ ]; options = @@ -139,28 +153,41 @@ in { services.tang = { enable = true; - ipAddressAllow = [ "10.0.0.0/24" "0.0.0.0/0" ]; + ipAddressAllow = [ + "10.0.0.0/24" + "0.0.0.0/0" + ]; }; environment.systemPackages = - let wireshark-nogui = pkgs.wireshark.override { withQt = false ; }; - in with pkgs; [ - tcpdump - wireshark-nogui - socat - tufted - iptables - usbutils - busybox - clevis - ]; + let + wireshark-nogui = pkgs.wireshark.override { withQt = false; }; + in + with pkgs; + [ + tcpdump + wireshark-nogui + socat + tufted + iptables + usbutils + busybox + clevis + ]; security.sudo.wheelNeedsPassword = false; networking = { hostName = "border"; - firewall = { enable = false; }; + firewall = { + enable = false; + }; interfaces.eth1 = { useDHCP = false; - ipv4.addresses = [ { address = "10.0.0.1"; prefixLength = 24;}]; + ipv4.addresses = [ + { + address = "10.0.0.1"; + prefixLength = 24; + } + ]; }; nat = { enable = true; diff --git a/ci.nix b/ci.nix index a012f47..4926873 100644 --- a/ci.nix +++ b/ci.nix @@ -17,7 +17,8 @@ let "belkin-rt3200" ]; vanilla = ./vanilla-configuration.nix; - for-device = name: + for-device = + name: (import liminix { inherit borderVmConf; device = import (liminix + "/devices/${name}"); @@ -71,12 +72,13 @@ let echo "file source-dist \"$out/share/doc/liminix\"" \ > $out/nix-support/hydra-build-products ''; - }; + }; }; -in jobs // - { - all = pkgs.mkShell { - name = "all tests"; - contents = pkgs.lib.collect pkgs.lib.isDerivation jobs; - }; - } +in +jobs +// { + all = pkgs.mkShell { + name = "all tests"; + contents = pkgs.lib.collect pkgs.lib.isDerivation jobs; + }; +} diff --git a/default.nix b/default.nix index eb72e57..7fcf961 100644 --- a/default.nix +++ b/default.nix @@ -27,7 +27,12 @@ let modulesPath = builtins.toString ./modules; }; modules = [ - { _module.args = { inherit pkgs; inherit (pkgs) lim; }; } + { + _module.args = { + inherit pkgs; + inherit (pkgs) lim; + }; + } ./modules/hardware.nix ./modules/base.nix ./modules/busybox.nix @@ -47,30 +52,34 @@ let }; config = eval.config; - borderVm = ((import ) { - system = builtins.currentSystem; - modules = [ - { - nixpkgs.overlays = [ - (final: prev: { - go-l2tp = final.callPackage ./pkgs/go-l2tp {}; - tufted = final.callPackage ./pkgs/tufted {}; - }) - ]; - } - (import ./bordervm-configuration.nix) - borderVmConf - ]; - }).config.system; -in { + borderVm = + ((import ) { + system = builtins.currentSystem; + modules = [ + { + nixpkgs.overlays = [ + (final: prev: { + go-l2tp = final.callPackage ./pkgs/go-l2tp { }; + tufted = final.callPackage ./pkgs/tufted { }; + }) + ]; + } + (import ./bordervm-configuration.nix) + borderVmConf + ]; + }).config.system; +in +{ outputs = config.system.outputs // { default = config.system.outputs.${config.hardware.defaultOutput}; optionsJson = - let o = import ./doc/extract-options.nix { - inherit pkgs eval; - lib = pkgs.lib; - }; - in pkgs.writeText "options.json" (builtins.toJSON o); + let + o = import ./doc/extract-options.nix { + inherit pkgs eval; + lib = pkgs.lib; + }; + in + pkgs.writeText "options.json" (builtins.toJSON o); }; # this is just here as a convenience, so that we can get a diff --git a/devices/belkin-rt3200/default.nix b/devices/belkin-rt3200/default.nix index c3321ed..4d528fc 100644 --- a/devices/belkin-rt3200/default.nix +++ b/devices/belkin-rt3200/default.nix @@ -107,7 +107,7 @@ possible, as it will reset the erase counters used for write levelling. Using UBI-aware tools is therefore preferred over any kind of "factory" wipe which will reset them. - ''; + ''; system = { crossSystem = { @@ -115,203 +115,218 @@ }; }; - module = {pkgs, config, lib, lim, ... }: - let inherit (lib) mkIf; - firmware = pkgs.stdenv.mkDerivation { - name = "wlan-firmware"; - phases = ["installPhase"]; - installPhase = '' - mkdir $out - cp ${pkgs.linux-firmware}/lib/firmware/mediatek/{mt7915,mt7615,mt7622}* $out - ''; - }; - openwrt = pkgs.openwrt_24_10; - in { + module = + { + pkgs, + config, + lib, + lim, + ... + }: + let + inherit (lib) mkIf; + firmware = pkgs.stdenv.mkDerivation { + name = "wlan-firmware"; + phases = [ "installPhase" ]; + installPhase = '' + mkdir $out + cp ${pkgs.linux-firmware}/lib/firmware/mediatek/{mt7915,mt7615,mt7622}* $out + ''; + }; + openwrt = pkgs.openwrt_24_10; + in + { imports = [ ../../modules/arch/aarch64.nix ../../modules/outputs/tftpboot.nix ../../modules/outputs/ubifs.nix ]; config = { - kernel = { - extraPatchPhase = '' - ${openwrt.applyPatches.mediatek} - ''; - src = openwrt.kernelSrc; - version = openwrt.kernelVersion; - config = { - PCI = "y"; - ARCH_MEDIATEK = "y"; - # ARM_MEDIATEK_CPUFREQ = "y"; + kernel = { + extraPatchPhase = '' + ${openwrt.applyPatches.mediatek} + ''; + src = openwrt.kernelSrc; + version = openwrt.kernelVersion; + config = { + PCI = "y"; + ARCH_MEDIATEK = "y"; + # ARM_MEDIATEK_CPUFREQ = "y"; - # needed for "Cannot find regmap for /infracfg@10000000" - MFD_SYSCON = "y"; - MTK_INFRACFG = "y"; + # needed for "Cannot find regmap for /infracfg@10000000" + MFD_SYSCON = "y"; + MTK_INFRACFG = "y"; - MTK_PMIC_WRAP = "y"; - DMADEVICES = "y"; - MTK_HSDMA="y"; - MTK_SCPSYS="y"; - MTK_SCPSYS_PM_DOMAINS="y"; - # MTK_THERMAL="y"; - MTK_TIMER="y"; + MTK_PMIC_WRAP = "y"; + DMADEVICES = "y"; + MTK_HSDMA = "y"; + MTK_SCPSYS = "y"; + MTK_SCPSYS_PM_DOMAINS = "y"; + # MTK_THERMAL="y"; + MTK_TIMER = "y"; - COMMON_CLK_MT7622 = "y"; - COMMON_CLK_MT7622_ETHSYS = "y"; - COMMON_CLK_MT7622_HIFSYS = "y"; - COMMON_CLK_MT7622_AUDSYS = "y"; - PM_CLK="y"; + COMMON_CLK_MT7622 = "y"; + COMMON_CLK_MT7622_ETHSYS = "y"; + COMMON_CLK_MT7622_HIFSYS = "y"; + COMMON_CLK_MT7622_AUDSYS = "y"; + PM_CLK = "y"; - REGMAP_MMIO = "y"; - CLKSRC_MMIO = "y"; - REGMAP = "y"; + REGMAP_MMIO = "y"; + CLKSRC_MMIO = "y"; + REGMAP = "y"; - MEDIATEK_GE_PHY = "y"; - # MEDIATEK_MT6577_AUXADC = "y"; - NET_MEDIATEK_SOC = "y"; - NET_MEDIATEK_SOC_WED = "y"; - NET_MEDIATEK_STAR_EMAC = "y"; # this enables REGMAP_MMIO - NET_VENDOR_MEDIATEK = "y"; - PCIE_MEDIATEK = "y"; + MEDIATEK_GE_PHY = "y"; + # MEDIATEK_MT6577_AUXADC = "y"; + NET_MEDIATEK_SOC = "y"; + NET_MEDIATEK_SOC_WED = "y"; + NET_MEDIATEK_STAR_EMAC = "y"; # this enables REGMAP_MMIO + NET_VENDOR_MEDIATEK = "y"; + PCIE_MEDIATEK = "y"; - BLOCK = "y"; # move this to base option + BLOCK = "y"; # move this to base option - SPI_MASTER = "y"; - SPI = "y"; - SPI_MEM="y"; - SPI_MTK_NOR="y"; - SPI_MTK_SNFI = "y"; + SPI_MASTER = "y"; + SPI = "y"; + SPI_MEM = "y"; + SPI_MTK_NOR = "y"; + SPI_MTK_SNFI = "y"; - MTD = "y"; - MTD_BLOCK = "y"; - MTD_RAW_NAND = "y"; - MTD_NAND_MTK = "y"; - MTD_NAND_MTK_BMT = "y"; # Bad-block Management Table - MTD_NAND_ECC_MEDIATEK= "y"; - MTD_NAND_ECC_SW_HAMMING= "y"; - MTD_SPI_NAND= "y"; - MTD_OF_PARTS = "y"; - MTD_NAND_CORE= "y"; - MTD_SPI_NOR= "y"; - MTD_SPLIT_FIRMWARE= "y"; - MTD_SPLIT_FIT_FW= "y"; + MTD = "y"; + MTD_BLOCK = "y"; + MTD_RAW_NAND = "y"; + MTD_NAND_MTK = "y"; + MTD_NAND_MTK_BMT = "y"; # Bad-block Management Table + MTD_NAND_ECC_MEDIATEK = "y"; + MTD_NAND_ECC_SW_HAMMING = "y"; + MTD_SPI_NAND = "y"; + MTD_OF_PARTS = "y"; + MTD_NAND_CORE = "y"; + MTD_SPI_NOR = "y"; + MTD_SPLIT_FIRMWARE = "y"; + MTD_SPLIT_FIT_FW = "y"; - MTD_UBI_NVMEM = "y"; - NVMEM_MTK_EFUSE = "y"; - NVMEM_BLOCK = "y"; - NVMEM_LAYOUT_ADTRAN = "y"; + MTD_UBI_NVMEM = "y"; + NVMEM_MTK_EFUSE = "y"; + NVMEM_BLOCK = "y"; + NVMEM_LAYOUT_ADTRAN = "y"; - MMC = "y"; - MMC_BLOCK = "y"; - MMC_CQHCI = "y"; - MMC_MTK = "y"; + MMC = "y"; + MMC_BLOCK = "y"; + MMC_CQHCI = "y"; + MMC_MTK = "y"; - # Distributed Switch Architecture is needed - # to make the ethernet ports visible - NET_DSA="y"; - NET_DSA_MT7530="y"; - NET_DSA_TAG_MTK="y"; - NET_DSA_MT7530_MDIO="y"; + # Distributed Switch Architecture is needed + # to make the ethernet ports visible + NET_DSA = "y"; + NET_DSA_MT7530 = "y"; + NET_DSA_TAG_MTK = "y"; + NET_DSA_MT7530_MDIO = "y"; - SERIAL_8250 = "y"; - SERIAL_8250_CONSOLE = "y"; - SERIAL_8250_MT6577="y"; - # SERIAL_8250_NR_UARTS="3"; - # SERIAL_8250_RUNTIME_UARTS="3"; - SERIAL_OF_PLATFORM="y"; + SERIAL_8250 = "y"; + SERIAL_8250_CONSOLE = "y"; + SERIAL_8250_MT6577 = "y"; + # SERIAL_8250_NR_UARTS="3"; + # SERIAL_8250_RUNTIME_UARTS="3"; + SERIAL_OF_PLATFORM = "y"; - # Must enble hardware watchdog drivers. Else the device reboots after several seconds - WATCHDOG = "y"; - MEDIATEK_WATCHDOG = "y"; - }; - conditionalConfig = { - WLAN= { - MT7615E = "m"; - MT7622_WMAC = "y"; - MT7915E = "m"; - }; - }; - }; - boot = { - commandLine = [ "console=ttyS0,115200" ]; - tftp.loadAddress = lim.parseInt "0x48000000"; - imageFormat = "fit"; - loader.fit.enable = lib.mkDefault true; # override this if you are building tftpboot - }; - rootfsType = lib.mkDefault "ubifs"; # override this if you are building tftpboot - filesystem = - let inherit (pkgs.pseudofile) dir symlink; - in - dir { - lib = dir { - firmware = dir { - mediatek = symlink firmware; - }; - }; - }; - - hardware = - let - mac80211 = pkgs.kmodloader.override { - targets = ["mt7615e" "mt7915e"]; - inherit (config.system.outputs) kernel; - }; - in { - ubi = { - minIOSize = "2048"; - logicalEraseBlockSize = "126976"; - physicalEraseBlockSize = "131072"; - maxLEBcount = "1024"; # guessing - }; - - defaultOutput = "ubimage"; - # the kernel expects this to be on a 2MB boundary. U-Boot - # (I don't know why) has a default of 0x41080000, which isn't. - # We put it at the 32MB mark so that tftpboot can put its rootfs - # image and DTB underneath, but maybe this is a terrible waste of - # RAM unless the kernel is able to reuse it later. Oh well - loadAddress = lim.parseInt "0x42000000"; - entryPoint = lim.parseInt "0x42000000"; - rootDevice = "ubi0:liminix"; - dts = { - src = "${openwrt.src}/target/linux/mediatek/dts/mt7622-linksys-e8450-ubi.dts"; - includePaths = [ - "${openwrt.src}/target/linux/mediatek/dts" - "${config.system.outputs.kernel.modulesupport}/arch/arm64/boot/dts/mediatek/" - ]; - includes = mkIf config.logging.persistent.enable [ - ./pstore-pmsg.dtsi - ]; - }; - - # - 0x000000000000-0x000008000000 : "spi-nand0" - # - 0x000000000000-0x000000080000 : "bl2" - # - 0x000000080000-0x0000001c0000 : "fip" - # - 0x0000001c0000-0x0000002c0000 : "factory" - # - 0x0000002c0000-0x000000300000 : "reserved" - # - 0x000000300000-0x000008000000 : "ubi" - - networkInterfaces = - let - inherit (config.system.service.network) link; - in rec { - wan = link.build { ifname = "wan"; }; - lan1 = link.build { ifname = "lan1"; }; - lan2 = link.build { ifname = "lan2"; }; - lan3 = link.build { ifname = "lan3"; }; - lan4 = link.build { ifname = "lan4"; }; - lan = lan3; - - wlan = link.build { - ifname = "wlan0"; - dependencies = [ mac80211 ]; - }; - wlan5 = link.build { - ifname = "wlan1"; - dependencies = [ mac80211 ]; + # Must enble hardware watchdog drivers. Else the device reboots after several seconds + WATCHDOG = "y"; + MEDIATEK_WATCHDOG = "y"; + }; + conditionalConfig = { + WLAN = { + MT7615E = "m"; + MT7622_WMAC = "y"; + MT7915E = "m"; }; }; + }; + boot = { + commandLine = [ "console=ttyS0,115200" ]; + tftp.loadAddress = lim.parseInt "0x48000000"; + imageFormat = "fit"; + loader.fit.enable = lib.mkDefault true; # override this if you are building tftpboot + }; + rootfsType = lib.mkDefault "ubifs"; # override this if you are building tftpboot + filesystem = + let + inherit (pkgs.pseudofile) dir symlink; + in + dir { + lib = dir { + firmware = dir { + mediatek = symlink firmware; + }; + }; + }; + + hardware = + let + mac80211 = pkgs.kmodloader.override { + targets = [ + "mt7615e" + "mt7915e" + ]; + inherit (config.system.outputs) kernel; + }; + in + { + ubi = { + minIOSize = "2048"; + logicalEraseBlockSize = "126976"; + physicalEraseBlockSize = "131072"; + maxLEBcount = "1024"; # guessing + }; + + defaultOutput = "ubimage"; + # the kernel expects this to be on a 2MB boundary. U-Boot + # (I don't know why) has a default of 0x41080000, which isn't. + # We put it at the 32MB mark so that tftpboot can put its rootfs + # image and DTB underneath, but maybe this is a terrible waste of + # RAM unless the kernel is able to reuse it later. Oh well + loadAddress = lim.parseInt "0x42000000"; + entryPoint = lim.parseInt "0x42000000"; + rootDevice = "ubi0:liminix"; + dts = { + src = "${openwrt.src}/target/linux/mediatek/dts/mt7622-linksys-e8450-ubi.dts"; + includePaths = [ + "${openwrt.src}/target/linux/mediatek/dts" + "${config.system.outputs.kernel.modulesupport}/arch/arm64/boot/dts/mediatek/" + ]; + includes = mkIf config.logging.persistent.enable [ + ./pstore-pmsg.dtsi + ]; + }; + + # - 0x000000000000-0x000008000000 : "spi-nand0" + # - 0x000000000000-0x000000080000 : "bl2" + # - 0x000000080000-0x0000001c0000 : "fip" + # - 0x0000001c0000-0x0000002c0000 : "factory" + # - 0x0000002c0000-0x000000300000 : "reserved" + # - 0x000000300000-0x000008000000 : "ubi" + + networkInterfaces = + let + inherit (config.system.service.network) link; + in + rec { + wan = link.build { ifname = "wan"; }; + lan1 = link.build { ifname = "lan1"; }; + lan2 = link.build { ifname = "lan2"; }; + lan3 = link.build { ifname = "lan3"; }; + lan4 = link.build { ifname = "lan4"; }; + lan = lan3; + + wlan = link.build { + ifname = "wlan0"; + dependencies = [ mac80211 ]; + }; + wlan5 = link.build { + ifname = "wlan1"; + dependencies = [ mac80211 ]; + }; + }; + }; }; - }; - }; + }; } diff --git a/devices/families/qemu.nix b/devices/families/qemu.nix index ccf054c..afe602b 100644 --- a/devices/families/qemu.nix +++ b/devices/families/qemu.nix @@ -19,25 +19,28 @@ VIRTIO_NET = "y"; }; conditionalConfig = { - WLAN= { + WLAN = { MAC80211_HWSIM = "m"; }; }; }; hardware = let - mac80211 = pkgs.kmodloader.override { + mac80211 = pkgs.kmodloader.override { inherit (config.system.outputs) kernel; - targets = ["mac80211_hwsim"]; + targets = [ "mac80211_hwsim" ]; }; - in { + in + { defaultOutput = "vmroot"; rootDevice = "/dev/mtdblock0"; dts.src = pkgs.lib.mkDefault null; flash.eraseBlockSize = 65536; networkInterfaces = - let inherit (config.system.service.network) link; - in { + let + inherit (config.system.service.network) link; + in + { wan = link.build { devpath = "/devices/pci0000:00/0000:00:13.0/virtio0"; ifname = "wan"; diff --git a/devices/gl-ar750/default.nix b/devices/gl-ar750/default.nix index 9acc159..a7a9660 100644 --- a/devices/gl-ar750/default.nix +++ b/devices/gl-ar750/default.nix @@ -4,7 +4,7 @@ config = "mips-unknown-linux-musl"; gcc = { abi = "32"; - arch = "24kc"; # maybe mips_24kc- + arch = "24kc"; # maybe mips_24kc- }; }; }; @@ -53,7 +53,14 @@ ''; - module = {pkgs, config, lim, lib, ... }: + module = + { + pkgs, + config, + lim, + lib, + ... + }: let inherit (lib) mkIf; openwrt = pkgs.openwrt; @@ -65,7 +72,7 @@ }; firmware = pkgs.stdenv.mkDerivation { name = "wlan-firmware"; - phases = ["installPhase"]; + phases = [ "installPhase" ]; installPhase = '' mkdir -p $out/ath10k/QCA9887/hw1.0/ blobdir=${firmwareBlobs}/QCA9887/hw1.0 @@ -74,7 +81,10 @@ ''; }; mac80211 = pkgs.kmodloader.override { - targets = ["ath9k" "ath10k_pci"]; + targets = [ + "ath9k" + "ath10k_pci" + ]; inherit (config.system.outputs) kernel; dependencies = [ ath10k_cal_data ]; }; @@ -82,7 +92,8 @@ let offset = lim.parseInt "0x5000"; size = lim.parseInt "0x844"; - in pkgs.liminix.services.oneshot rec { + in + pkgs.liminix.services.oneshot rec { name = "ath10k_cal_data"; up = '' part=$(basename $(dirname $(grep -l art /sys/class/mtd/*/name))) @@ -91,10 +102,11 @@ (in_outputs ${name} dd if=/dev/$part of=data iflag=skip_bytes,fullblock bs=${toString size} skip=${toString offset} count=1 ) - ''; - }; + ''; + }; inherit (pkgs.pseudofile) dir symlink; - in { + in + { imports = [ ../../modules/network ../../modules/arch/mipseb.nix @@ -118,7 +130,7 @@ rootDevice = "/dev/mtdblock5"; dts = { src = "${openwrt.src}/target/linux/ath79/dts/qca9531_glinet_gl-ar750.dts"; - includePaths = [ + includePaths = [ "${openwrt.src}/target/linux/ath79/dts" ]; includes = mkIf config.logging.persistent.enable [ @@ -127,8 +139,10 @@ }; networkInterfaces = - let inherit (config.system.service.network) link; - in { + let + inherit (config.system.service.network) link; + in + { lan = link.build { ifname = "lan"; devpath = "/devices/platform/ahb/1a000000.eth"; @@ -143,7 +157,10 @@ }; wlan5 = link.build { ifname = "wlan1"; - dependencies = [ ath10k_cal_data mac80211 ]; + dependencies = [ + ath10k_cal_data + mac80211 + ]; }; }; }; @@ -193,31 +210,31 @@ NET = "y"; ETHERNET = "y"; NET_VENDOR_ATHEROS = "y"; - AG71XX = "y"; # ethernet (qca,qca9530-eth) - MFD_SYSCON = "y"; # ethernet (compatible "syscon") - AR8216_PHY = "y"; # eth1 is behind a switch + AG71XX = "y"; # ethernet (qca,qca9530-eth) + MFD_SYSCON = "y"; # ethernet (compatible "syscon") + AR8216_PHY = "y"; # eth1 is behind a switch MTD_SPI_NOR = "y"; - SPI_ATH79 = "y"; # these are copied from OpenWrt. - SPI_MASTER= "y"; # At least one of them is necessary - SPI_MEM= "y"; - SPI_AR934X= "y"; - SPI_BITBANG= "y"; - SPI_GPIO= "y"; + SPI_ATH79 = "y"; # these are copied from OpenWrt. + SPI_MASTER = "y"; # At least one of them is necessary + SPI_MEM = "y"; + SPI_AR934X = "y"; + SPI_BITBANG = "y"; + SPI_GPIO = "y"; GPIO_ATH79 = "y"; GPIOLIB = "y"; - EXPERT="y"; + EXPERT = "y"; GPIO_SYSFS = "y"; # required by patches-5.15/0004-phy-add-ath79-usb-phys.patch OF_GPIO = "y"; SYSFS = "y"; SPI = "y"; MTD = "y"; - MTD_BLOCK = "y"; # fix undefined ref to register_mtd_blktrans_devs + MTD_BLOCK = "y"; # fix undefined ref to register_mtd_blktrans_devs WATCHDOG = "y"; - ATH79_WDT = "y"; # watchdog timer + ATH79_WDT = "y"; # watchdog timer EARLY_PRINTK = "y"; diff --git a/devices/gl-mt300a/default.nix b/devices/gl-mt300a/default.nix index c5f4379..ea3894f 100644 --- a/devices/gl-mt300a/default.nix +++ b/devices/gl-mt300a/default.nix @@ -6,7 +6,7 @@ config = "mipsel-unknown-linux-musl"; gcc = { abi = "32"; - arch = "mips32"; # maybe mips_24kc- + arch = "mips32"; # maybe mips_24kc- }; }; }; @@ -44,14 +44,22 @@ ''; - module = { pkgs, config, lib, lim, ...}: + module = + { + pkgs, + config, + lib, + lim, + ... + }: let inherit (pkgs) openwrt; mac80211 = pkgs.kmodloader.override { - targets = ["rt2800soc"]; + targets = [ "rt2800soc" ]; inherit (config.system.outputs) kernel; }; - in { + in + { imports = [ ../../modules/arch/mipsel.nix ../../modules/outputs/tftpboot.nix @@ -90,7 +98,8 @@ let inherit (config.system.service.network) link; inherit (config.system.service) vlan; - in rec { + in + rec { eth = link.build { ifname = "eth0"; }; # lan and wan ports are both behind a switch on eth0 lan = vlan.build { @@ -112,54 +121,56 @@ boot.tftp = { loadAddress = lim.parseInt "0x00A00000"; appendDTB = true; - }; + }; kernel = { extraPatchPhase = '' ${openwrt.applyPatches.ramips} ${openwrt.applyPatches.rt2x00} ''; - config = { + config = + { - RALINK = "y"; - PCI = "y"; - SOC_MT7620 = "y"; + RALINK = "y"; + PCI = "y"; + SOC_MT7620 = "y"; - SERIAL_8250_CONSOLE = "y"; - SERIAL_8250 = "y"; - SERIAL_CORE_CONSOLE = "y"; - SERIAL_OF_PLATFORM = "y"; + SERIAL_8250_CONSOLE = "y"; + SERIAL_8250 = "y"; + SERIAL_CORE_CONSOLE = "y"; + SERIAL_OF_PLATFORM = "y"; - CONSOLE_LOGLEVEL_DEFAULT = "8"; - CONSOLE_LOGLEVEL_QUIET = "4"; + CONSOLE_LOGLEVEL_DEFAULT = "8"; + CONSOLE_LOGLEVEL_QUIET = "4"; - NET = "y"; - ETHERNET = "y"; - NET_VENDOR_RALINK = "y"; - NET_RALINK_MDIO = "y"; - NET_RALINK_MDIO_MT7620 = "y"; - NET_RALINK_MT7620 = "y"; - SWPHY = "y"; + NET = "y"; + ETHERNET = "y"; + NET_VENDOR_RALINK = "y"; + NET_RALINK_MDIO = "y"; + NET_RALINK_MDIO_MT7620 = "y"; + NET_RALINK_MT7620 = "y"; + SWPHY = "y"; - SPI = "y"; - MTD_SPI_NOR = "y"; - SPI_MT7621 = "y"; # } probably don't need both of these - SPI_RT2880 = "y"; # } - SPI_MASTER= "y"; - SPI_MEM= "y"; + SPI = "y"; + MTD_SPI_NOR = "y"; + SPI_MT7621 = "y"; # } probably don't need both of these + SPI_RT2880 = "y"; # } + SPI_MASTER = "y"; + SPI_MEM = "y"; - MTD = "y"; - MTD_BLOCK = "y"; # fix undefined ref to register_mtd_blktrans_devs + MTD = "y"; + MTD_BLOCK = "y"; # fix undefined ref to register_mtd_blktrans_devs - EARLY_PRINTK = "y"; + EARLY_PRINTK = "y"; - NEW_LEDS = "y"; - LEDS_CLASS = "y"; # required by rt2x00lib + NEW_LEDS = "y"; + LEDS_CLASS = "y"; # required by rt2x00lib - PRINTK_TIME = "y"; - } // lib.optionalAttrs (config.system.service ? vlan) { - SWCONFIG = "y"; - }; + PRINTK_TIME = "y"; + } + // lib.optionalAttrs (config.system.service ? vlan) { + SWCONFIG = "y"; + }; conditionalConfig = { WLAN = { WLAN_VENDOR_RALINK = "y"; diff --git a/devices/gl-mt300n-v2/default.nix b/devices/gl-mt300n-v2/default.nix index fe82a01..ac16d7f 100644 --- a/devices/gl-mt300n-v2/default.nix +++ b/devices/gl-mt300n-v2/default.nix @@ -4,7 +4,7 @@ config = "mipsel-unknown-linux-musl"; gcc = { abi = "32"; - arch = "mips32"; # maybe mips_24kc- + arch = "mips32"; # maybe mips_24kc- }; }; }; @@ -37,21 +37,29 @@ ''; - module = { pkgs, config, lib, lim, ...}: + module = + { + pkgs, + config, + lib, + lim, + ... + }: let inherit (pkgs.liminix.services) oneshot; inherit (pkgs.pseudofile) dir symlink; inherit (pkgs) openwrt; mac80211 = pkgs.kmodloader.override { - targets = ["mt7603e"]; + targets = [ "mt7603e" ]; inherit (config.system.outputs) kernel; }; wlan_firmware = pkgs.fetchurl { url = "https://github.com/openwrt/mt76/raw/f24b56f935392ca1d35fae5fd6e56ef9deda4aad/firmware/mt7628_e2.bin"; hash = "sha256:1dkhfznmdz6s50kwc841x3wj0h6zg6icg5g2bim9pvg66as2vmh9"; }; - in { + in + { imports = [ ../../modules/arch/mipsel.nix ../../modules/outputs/tftpboot.nix @@ -99,8 +107,12 @@ ''; down = "${pkgs.swconfig}/bin/swconfig dev switch0 set reset"; }; - in rec { - eth = link.build { ifname = "eth0"; dependencies = [swconfig]; }; + in + rec { + eth = link.build { + ifname = "eth0"; + dependencies = [ swconfig ]; + }; # lan and wan ports are both behind a switch on eth0 lan = vlan.build { ifname = "eth0.1"; @@ -129,58 +141,61 @@ extraPatchPhase = '' ${openwrt.applyPatches.ramips} ''; - config = { + config = + { - RALINK = "y"; - PCI = "y"; - SOC_MT7620 = "y"; + RALINK = "y"; + PCI = "y"; + SOC_MT7620 = "y"; - SERIAL_8250_CONSOLE = "y"; - SERIAL_8250 = "y"; - SERIAL_CORE_CONSOLE = "y"; - SERIAL_OF_PLATFORM = "y"; + SERIAL_8250_CONSOLE = "y"; + SERIAL_8250 = "y"; + SERIAL_CORE_CONSOLE = "y"; + SERIAL_OF_PLATFORM = "y"; - CONSOLE_LOGLEVEL_DEFAULT = "8"; - CONSOLE_LOGLEVEL_QUIET = "4"; + CONSOLE_LOGLEVEL_DEFAULT = "8"; + CONSOLE_LOGLEVEL_QUIET = "4"; - MTD = "y"; - MTD_BLOCK = "y"; # fix undefined ref to register_mtd_blktrans_dev + MTD = "y"; + MTD_BLOCK = "y"; # fix undefined ref to register_mtd_blktrans_dev - SPI = "y"; - MTD_SPI_NOR = "y"; - SPI_MT7621 = "y"; - SPI_MASTER= "y"; - SPI_MEM= "y"; + SPI = "y"; + MTD_SPI_NOR = "y"; + SPI_MT7621 = "y"; + SPI_MASTER = "y"; + SPI_MEM = "y"; - REGULATOR = "y"; - REGULATOR_FIXED_VOLTAGE = "y"; + REGULATOR = "y"; + REGULATOR_FIXED_VOLTAGE = "y"; - NET = "y"; - ETHERNET = "y"; + NET = "y"; + ETHERNET = "y"; - PHYLIB = "y"; - AT803X_PHY="y"; - FIXED_PHY="y"; - GENERIC_PHY="y"; - NET_VENDOR_RALINK = "y"; - NET_RALINK_RT3050 = "y"; - NET_RALINK_SOC="y"; - SWPHY = "y"; + PHYLIB = "y"; + AT803X_PHY = "y"; + FIXED_PHY = "y"; + GENERIC_PHY = "y"; + NET_VENDOR_RALINK = "y"; + NET_RALINK_RT3050 = "y"; + NET_RALINK_SOC = "y"; + SWPHY = "y"; - GPIOLIB="y"; - GPIO_MT7621 = "y"; + GPIOLIB = "y"; + GPIO_MT7621 = "y"; - PHY_RALINK_USB = "y"; + PHY_RALINK_USB = "y"; - EARLY_PRINTK = "y"; + EARLY_PRINTK = "y"; - PRINTK_TIME = "y"; - } // lib.optionalAttrs (config.system.service ? vlan) { - SWCONFIG = "y"; - } // lib.optionalAttrs (config.system.service ? watchdog) { - RALINK_WDT = "y"; # watchdog - MT7621_WDT = "y"; # or it might be this one - }; + PRINTK_TIME = "y"; + } + // lib.optionalAttrs (config.system.service ? vlan) { + SWCONFIG = "y"; + } + // lib.optionalAttrs (config.system.service ? watchdog) { + RALINK_WDT = "y"; # watchdog + MT7621_WDT = "y"; # or it might be this one + }; conditionalConfig = { WLAN = { WLAN_VENDOR_RALINK = "y"; diff --git a/devices/openwrt-one/default.nix b/devices/openwrt-one/default.nix index 620af54..b4745bc 100644 --- a/devices/openwrt-one/default.nix +++ b/devices/openwrt-one/default.nix @@ -79,28 +79,36 @@ }; }; - module = {pkgs, config, lib, lim, ... }: - let - openwrt = pkgs.openwrt_24_10; - mediatek-firmware = pkgs.stdenv.mkDerivation { - name = "wlan-firmware"; - phases = ["installPhase"]; - installPhase = '' - mkdir $out + module = + { + pkgs, + config, + lib, + lim, + ... + }: + let + openwrt = pkgs.openwrt_24_10; + mediatek-firmware = pkgs.stdenv.mkDerivation { + name = "wlan-firmware"; + phases = [ "installPhase" ]; + installPhase = '' + mkdir $out - cp ${pkgs.linux-firmware}/lib/firmware/mediatek/{mt7915,mt7615,mt7986_eeprom_mt7976,mt7981}* $out - ''; - }; - airoha-firmware = pkgs.stdenv.mkDerivation { - name = "airoha-firmware"; - phases = ["installPhase"]; - installPhase = '' - mkdir $out + cp ${pkgs.linux-firmware}/lib/firmware/mediatek/{mt7915,mt7615,mt7986_eeprom_mt7976,mt7981}* $out + ''; + }; + airoha-firmware = pkgs.stdenv.mkDerivation { + name = "airoha-firmware"; + phases = [ "installPhase" ]; + installPhase = '' + mkdir $out - cp ${pkgs.linux-firmware}/lib/firmware/airoha/* $out - ''; - }; - in { + cp ${pkgs.linux-firmware}/lib/firmware/airoha/* $out + ''; + }; + in + { imports = [ ../../modules/arch/aarch64.nix ../../modules/outputs/tftpboot.nix @@ -113,490 +121,492 @@ extraPatchPhase = '' ${openwrt.applyPatches.mediatek} ''; - config = { - NET="y"; # unlock NET_XGRESS - SERIAL_8250="y"; # unlock SERIAL_8250_FSL - SERIAL_8250_CONSOLE="y"; # to get the serial console - WATCHDOG="y"; # unlock WATCHDOG_CORE - NEW_LEDS="y"; # unlock LEDS_PWM - LEDS_CLASS="y"; # unlock LEDS_PWM - LEDS_TRIGGERS="y"; # unlock LEDS_TRIGGER_PATTERN - DEFERRED_STRUCT_PAGE_INIT="y"; # trigger PADATA - # Taken from openwrt's ./target/linux/mediatek/filogic/config-6.6 - "64BIT"="y"; - AIROHA_EN8801SC_PHY="y"; - ARCH_BINFMT_ELF_EXTRA_PHDRS="y"; - ARCH_CORRECT_STACKTRACE_ON_KRETPROBE="y"; - ARCH_DEFAULT_KEXEC_IMAGE_VERIFY_SIG="y"; - ARCH_DMA_ADDR_T_64BIT="y"; - ARCH_FORCE_MAX_ORDER="10"; - ARCH_KEEP_MEMBLOCK="y"; - ARCH_MEDIATEK="y"; - ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE="y"; - ARCH_MMAP_RND_BITS="18"; - ARCH_MMAP_RND_BITS_MAX="24"; - ARCH_MMAP_RND_BITS_MIN="18"; - ARCH_MMAP_RND_COMPAT_BITS_MIN="11"; - ARCH_PROC_KCORE_TEXT="y"; - ARCH_SPARSEMEM_ENABLE="y"; - ARCH_STACKWALK="y"; - ARCH_SUSPEND_POSSIBLE="y"; - ARCH_WANTS_NO_INSTR="y"; - ARCH_WANTS_THP_SWAP="y"; - ARM64="y"; - ARM64_4K_PAGES="y"; - ARM64_ERRATUM_843419="y"; - ARM64_LD_HAS_FIX_ERRATUM_843419="y"; - ARM64_PAGE_SHIFT="12"; - ARM64_PA_BITS="48"; - ARM64_PA_BITS_48="y"; - ARM64_TAGGED_ADDR_ABI="y"; - ARM64_VA_BITS="39"; - ARM64_VA_BITS_39="y"; - ARM_AMBA="y"; - ARM_ARCH_TIMER="y"; - ARM_ARCH_TIMER_EVTSTREAM="y"; - ARM_GIC="y"; - ARM_GIC_V2M="y"; - ARM_GIC_V3="y"; - ARM_GIC_V3_ITS="y"; - ARM_GIC_V3_ITS_PCI="y"; - ARM_MEDIATEK_CPUFREQ="y"; - ARM_PMU="y"; - ARM_PMUV3="y"; - ARM_PSCI_FW="y"; - ATA="y"; - AUDIT_ARCH_COMPAT_GENERIC="y"; - BLK_DEV_LOOP="y"; - BLK_DEV_SD="y"; - BLK_MQ_PCI="y"; - BLK_PM="y"; - BLOCK_NOTIFIERS="y"; - BSD_PROCESS_ACCT="y"; - BSD_PROCESS_ACCT_V3="y"; - BUFFER_HEAD="y"; - BUILTIN_RETURN_ADDRESS_STRIPS_PAC="y"; - CC_HAVE_SHADOW_CALL_STACK="y"; - CC_HAVE_STACKPROTECTOR_SYSREG="y"; - #CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5"; - CC_NO_ARRAY_BOUNDS="y"; - CLKSRC_MMIO="y"; - CLONE_BACKWARDS="y"; - CMDLINE_OVERRIDE="y"; - COMMON_CLK="y"; - COMMON_CLK_MEDIATEK="y"; - COMMON_CLK_MT7981="y"; - COMMON_CLK_MT7981_ETHSYS="y"; - COMMON_CLK_MT7986="y"; - COMMON_CLK_MT7986_ETHSYS="y"; - COMMON_CLK_MT7988="y"; - COMPACT_UNEVICTABLE_DEFAULT="1"; - CONFIGFS_FS="y"; - CONSOLE_LOGLEVEL_DEFAULT="15"; - CONTEXT_TRACKING="y"; - CONTEXT_TRACKING_IDLE="y"; - CPU_FREQ="y"; - CPU_FREQ_DEFAULT_GOV_USERSPACE="y"; - CPU_FREQ_GOV_ATTR_SET="y"; - CPU_FREQ_GOV_COMMON="y"; - CPU_FREQ_GOV_CONSERVATIVE="y"; - CPU_FREQ_GOV_ONDEMAND="y"; - CPU_FREQ_GOV_PERFORMANCE="y"; - CPU_FREQ_GOV_POWERSAVE="y"; - CPU_FREQ_GOV_SCHEDUTIL="y"; - CPU_FREQ_GOV_USERSPACE="y"; - CPU_FREQ_STAT="y"; - CPU_LITTLE_ENDIAN="y"; - CPU_RMAP="y"; - CPU_THERMAL="y"; - CRC16="y"; - CRC_CCITT="y"; - CRYPTO_AES_ARM64="y"; - CRYPTO_AES_ARM64_CE="y"; - CRYPTO_AES_ARM64_CE_BLK="y"; - CRYPTO_AES_ARM64_CE_CCM="y"; - CRYPTO_CMAC="y"; - CRYPTO_CRC32="y"; - CRYPTO_CRC32C="y"; - CRYPTO_CRYPTD="y"; - CRYPTO_DEFLATE="y"; - CRYPTO_DRBG="y"; - CRYPTO_DRBG_HMAC="y"; - CRYPTO_DRBG_MENU="y"; - CRYPTO_ECB="y"; - CRYPTO_ECC="y"; - CRYPTO_ECDH="y"; - CRYPTO_GHASH_ARM64_CE="y"; - CRYPTO_HASH_INFO="y"; - CRYPTO_HMAC="y"; - CRYPTO_JITTERENTROPY="y"; - CRYPTO_LIB_BLAKE2S_GENERIC="y"; - CRYPTO_LIB_GF128MUL="y"; - CRYPTO_LIB_SHA1="y"; - CRYPTO_LIB_SHA256="y"; - CRYPTO_LIB_UTILS="y"; - CRYPTO_LZO="y"; - CRYPTO_RNG="y"; - CRYPTO_RNG2="y"; - CRYPTO_RNG_DEFAULT="y"; - CRYPTO_SHA256="y"; - CRYPTO_SHA256_ARM64="y"; - CRYPTO_SHA2_ARM64_CE="y"; - CRYPTO_SHA3="y"; - CRYPTO_SHA512="y"; - CRYPTO_SM4="y"; - CRYPTO_SM4_ARM64_CE_BLK="y"; - CRYPTO_SM4_ARM64_CE_CCM="y"; - CRYPTO_SM4_ARM64_CE_GCM="y"; - CRYPTO_ZSTD="y"; - DCACHE_WORD_ACCESS="y"; - #DEBUG_INFO="y"; - DEBUG_MISC="y"; - DIMLIB="y"; - DMADEVICES="y"; - DMATEST="y"; - DMA_BOUNCE_UNALIGNED_KMALLOC="y"; - DMA_DIRECT_REMAP="y"; - DMA_ENGINE="y"; - DMA_ENGINE_RAID="y"; - DMA_OF="y"; - DMA_VIRTUAL_CHANNELS="y"; - DTC="y"; - EDAC_SUPPORT="y"; - EINT_MTK="y"; - EXCLUSIVE_SYSTEM_RAM="y"; - EXT4_FS="y"; - F2FS_FS="y"; - FIXED_PHY="y"; - FIX_EARLYCON_MEM="y"; - FRAME_POINTER="y"; - FS_IOMAP="y"; - FS_MBCACHE="y"; - FUNCTION_ALIGNMENT="4"; - FUNCTION_ALIGNMENT_4B="y"; - FWNODE_MDIO="y"; - FW_LOADER_PAGED_BUF="y"; - #FW_LOADER_SYSFS="y"; - #GCC11_NO_ARRAY_BOUNDS="y"; - #GCC_ASM_GOTO_OUTPUT_WORKAROUND="y"; - GCC_SUPPORTS_DYNAMIC_FTRACE_WITH_ARGS="y"; - GENERIC_ALLOCATOR="y"; - GENERIC_ARCH_TOPOLOGY="y"; - GENERIC_BUG="y"; - GENERIC_BUG_RELATIVE_POINTERS="y"; - GENERIC_CLOCKEVENTS="y"; - GENERIC_CLOCKEVENTS_BROADCAST="y"; - GENERIC_CPU_AUTOPROBE="y"; - GENERIC_CPU_VULNERABILITIES="y"; - GENERIC_CSUM="y"; - GENERIC_EARLY_IOREMAP="y"; - GENERIC_GETTIMEOFDAY="y"; - GENERIC_IDLE_POLL_SETUP="y"; - GENERIC_IOREMAP="y"; - GENERIC_IRQ_EFFECTIVE_AFF_MASK="y"; - GENERIC_IRQ_SHOW="y"; - GENERIC_IRQ_SHOW_LEVEL="y"; - GENERIC_LIB_DEVMEM_IS_ALLOWED="y"; - GENERIC_MSI_IRQ="y"; - GENERIC_PCI_IOMAP="y"; - GENERIC_PHY="y"; - GENERIC_PINCONF="y"; - GENERIC_PINCTRL_GROUPS="y"; - GENERIC_PINMUX_FUNCTIONS="y"; - GENERIC_SCHED_CLOCK="y"; - GENERIC_SMP_IDLE_THREAD="y"; - GENERIC_STRNCPY_FROM_USER="y"; - GENERIC_STRNLEN_USER="y"; - GENERIC_TIME_VSYSCALL="y"; - GLOB="y"; - GPIO_CDEV="y"; - GPIO_WATCHDOG="y"; - GPIO_WATCHDOG_ARCH_INITCALL="y"; - GRO_CELLS="y"; - HARDIRQS_SW_RESEND="y"; - HAS_DMA="y"; - HAS_IOMEM="y"; - HAS_IOPORT="y"; - HAS_IOPORT_MAP="y"; - HWMON="y"; - HW_RANDOM="y"; - HW_RANDOM_MTK="y"; - I2C="y"; - I2C_BOARDINFO="y"; - I2C_CHARDEV="y"; - I2C_MT65XX="y"; - ICPLUS_PHY="y"; - ILLEGAL_POINTER_VALUE="0xdead000000000000"; - #INITRAMFS_SOURCE=""""; - IRQCHIP="y"; - IRQ_DOMAIN="y"; - IRQ_DOMAIN_HIERARCHY="y"; - IRQ_FORCED_THREADING="y"; - IRQ_TIME_ACCOUNTING="y"; - IRQ_WORK="y"; - JBD2="y"; - JUMP_LABEL="y"; - LEDS_PWM="y"; - LEDS_SMARTRG_LED="y"; - LIBFDT="y"; - LOCK_DEBUGGING_SUPPORT="y"; - LOCK_SPIN_ON_OWNER="y"; - LZO_COMPRESS="y"; - LZO_DECOMPRESS="y"; - MAGIC_SYSRQ="y"; - MAXLINEAR_GPHY="y"; - MDIO_BUS="y"; - MDIO_DEVICE="y"; - MDIO_DEVRES="y"; - MEDIATEK_2P5GE_PHY="y"; - MEDIATEK_GE_PHY="y"; - MEDIATEK_GE_SOC_PHY="y"; - MEDIATEK_WATCHDOG="y"; - MESSAGE_LOGLEVEL_DEFAULT="7"; - MFD_SYSCON="y"; - MIGRATION="y"; - MMC="y"; - MMC_BLOCK="y"; - MMC_CQHCI="y"; - MMC_MTK="y"; - MMU_LAZY_TLB_REFCOUNT="y"; - MODULES_TREE_LOOKUP="y"; - MODULES_USE_ELF_RELA="y"; - MTD_NAND_CORE="y"; - MTD_NAND_ECC="y"; - MTD_NAND_ECC_MEDIATEK="y"; - MTD_NAND_ECC_SW_HAMMING="y"; - MTD_NAND_MTK="y"; - MTD_NAND_MTK_BMT="y"; - MTD_PARSER_TRX="y"; - MTD_RAW_NAND="y"; - MTD_SPI_NAND="y"; - MTD_SPI_NOR="y"; - MTD_SPLIT_FIRMWARE="y"; - MTD_SPLIT_FIT_FW="y"; - MTD_UBI="y"; - MTD_UBI_BEB_LIMIT="20"; - MTD_UBI_BLOCK="y"; - MTD_UBI_FASTMAP="y"; - MTD_UBI_NVMEM="y"; - MTD_UBI_WL_THRESHOLD="4096"; - MTK_CPUX_TIMER="y"; - MTK_HSDMA="y"; - MTK_INFRACFG="y"; - MTK_LVTS_THERMAL="y"; - MTK_LVTS_THERMAL_DEBUGFS="y"; - MTK_PMIC_WRAP="y"; - MTK_REGULATOR_COUPLER="y"; - MTK_SCPSYS="y"; - MTK_SCPSYS_PM_DOMAINS="y"; - MTK_SOC_THERMAL="y"; - MTK_THERMAL="y"; - MTK_TIMER="y"; - MUTEX_SPIN_ON_OWNER="y"; - NEED_DMA_MAP_STATE="y"; - NEED_SG_DMA_LENGTH="y"; - NET_DEVLINK="y"; - NET_DSA="y"; - NET_DSA_MT7530="y"; - NET_DSA_MT7530_MDIO="y"; - NET_DSA_MT7530_MMIO="y"; - NET_DSA_TAG_MTK="y"; - #NET_EGRESS="y"; - NET_FLOW_LIMIT="y"; - #NET_INGRESS="y"; - NET_MEDIATEK_SOC="y"; - NET_MEDIATEK_SOC_WED="y"; - NET_SELFTESTS="y"; - NET_SWITCHDEV="y"; - NET_VENDOR_MEDIATEK="y"; - #NET_XGRESS="y"; - NLS="y"; - NO_HZ_COMMON="y"; - NO_HZ_IDLE="y"; - NR_CPUS="4"; - NVMEM="y"; - NVMEM_BLOCK="y"; - NVMEM_LAYOUTS="y"; - NVMEM_LAYOUT_ADTRAN="y"; - NVMEM_MTK_EFUSE="y"; - NVMEM_SYSFS="y"; - OF="y"; - OF_ADDRESS="y"; - OF_DYNAMIC="y"; - OF_EARLY_FLATTREE="y"; - OF_FLATTREE="y"; - OF_GPIO="y"; - OF_IRQ="y"; - OF_KOBJ="y"; - OF_MDIO="y"; - OF_OVERLAY="y"; - OF_RESOLVE="y"; - PADATA="y"; - PAGE_POOL="y"; - PAGE_POOL_STATS="y"; - PAGE_SIZE_LESS_THAN_256KB="y"; - PAGE_SIZE_LESS_THAN_64KB="y"; - #PAHOLE_HAS_LANG_EXCLUDE="y"; - PARTITION_PERCPU="y"; - PCI="y"; - PCIEAER="y"; - PCIEASPM="y"; - PCIEASPM_PERFORMANCE="y"; - PCIEPORTBUS="y"; - PCIE_MEDIATEK_GEN3="y"; - PCIE_PME="y"; - PCI_DEBUG="y"; - PCI_DOMAINS="y"; - PCI_DOMAINS_GENERIC="y"; - PCI_MSI="y"; - PCS_MTK_LYNXI="y"; - PCS_MTK_USXGMII="y"; - PERF_EVENTS="y"; - PER_VMA_LOCK="y"; - PGTABLE_LEVELS="3"; - PHYLIB="y"; - PHYLIB_LEDS="y"; - PHYLINK="y"; - PHYS_ADDR_T_64BIT="y"; - PHY_MTK_TPHY="y"; - PHY_MTK_XFI_TPHY="y"; - PHY_MTK_XSPHY="y"; - PINCTRL="y"; - PINCTRL_MT7981="y"; - PINCTRL_MT7986="y"; - PINCTRL_MT7988="y"; - PINCTRL_MTK_MOORE="y"; - PINCTRL_MTK_V2="y"; - PM="y"; - PM_CLK="y"; - PM_GENERIC_DOMAINS="y"; - PM_GENERIC_DOMAINS_OF="y"; - PM_OPP="y"; - POLYNOMIAL="y"; - POSIX_CPU_TIMERS_TASK_WORK="y"; - POWER_RESET="y"; - POWER_RESET_SYSCON="y"; - POWER_SUPPLY="y"; - PREEMPT_NONE_BUILD="y"; - PRINTK_TIME="y"; - PSTORE="y"; - PSTORE_COMPRESS="y"; - PSTORE_CONSOLE="y"; - PSTORE_PMSG="y"; - PSTORE_RAM="y"; - PTP_1588_CLOCK_OPTIONAL="y"; - PWM="y"; - PWM_MEDIATEK="y"; - PWM_SYSFS="y"; - QUEUED_RWLOCKS="y"; - QUEUED_SPINLOCKS="y"; - RANDSTRUCT_NONE="y"; - RAS="y"; - RATIONAL="y"; - REALTEK_PHY="y"; - REED_SOLOMON="y"; - REED_SOLOMON_DEC8="y"; - REED_SOLOMON_ENC8="y"; - REGMAP="y"; - REGMAP_I2C="y"; - REGMAP_MMIO="y"; - REGULATOR="y"; - REGULATOR_FIXED_VOLTAGE="y"; - REGULATOR_MT6380="y"; - REGULATOR_RT5190A="y"; - RESET_CONTROLLER="y"; - RESET_TI_SYSCON="y"; - RFS_ACCEL="y"; - RODATA_FULL_DEFAULT_ENABLED="y"; - RPS="y"; - RTC_CLASS="y"; - RTC_DRV_MT7622="y"; - RTC_I2C_AND_SPI="y"; - RWSEM_SPIN_ON_OWNER="y"; - SCHED_MC="y"; - SCSI="y"; - SCSI_COMMON="y"; - SERIAL_8250_FSL="y"; - SERIAL_8250_MT6577="y"; - SERIAL_8250_NR_UARTS="3"; - SERIAL_8250_RUNTIME_UARTS="3"; - SERIAL_DEV_BUS="y"; - SERIAL_DEV_CTRL_TTYPORT="y"; - SERIAL_MCTRL_GPIO="y"; - SERIAL_OF_PLATFORM="y"; - SGL_ALLOC="y"; - SG_POOL="y"; - SMP="y"; - SOCK_RX_QUEUE_MAPPING="y"; - SOFTIRQ_ON_OWN_STACK="y"; - SPARSEMEM="y"; - SPARSEMEM_EXTREME="y"; - SPARSEMEM_VMEMMAP="y"; - SPARSEMEM_VMEMMAP_ENABLE="y"; - SPARSE_IRQ="y"; - SPI="y"; - SPI_DYNAMIC="y"; - SPI_MASTER="y"; - SPI_MEM="y"; - SPI_MT65XX="y"; - SPI_MTK_SNFI="y"; - #SQUASHFS_DECOMP_MULTI_PERCPU="y"; - SWIOTLB="y"; - SWPHY="y"; - SYSCTL_EXCEPTION_TRACE="y"; - THERMAL="y"; - THERMAL_DEFAULT_GOV_STEP_WISE="y"; - THERMAL_EMERGENCY_POWEROFF_DELAY_MS="0"; - THERMAL_GOV_BANG_BANG="y"; - THERMAL_GOV_FAIR_SHARE="y"; - THERMAL_GOV_STEP_WISE="y"; - THERMAL_GOV_USER_SPACE="y"; - THERMAL_HWMON="y"; - THERMAL_OF="y"; - THERMAL_WRITABLE_TRIPS="y"; - THREAD_INFO_IN_TASK="y"; - TICK_CPU_ACCOUNTING="y"; - TIMER_OF="y"; - TIMER_PROBE="y"; - TRACE_IRQFLAGS_NMI_SUPPORT="y"; - TREE_RCU="y"; - TREE_SRCU="y"; - UBIFS_FS="y"; - UIMAGE_FIT_BLK="y"; - USB_SUPPORT="y"; - VMAP_STACK="y"; - WATCHDOG_CORE="y"; - WATCHDOG_PRETIMEOUT_DEFAULT_GOV_PANIC="y"; - WATCHDOG_PRETIMEOUT_GOV="y"; - WATCHDOG_PRETIMEOUT_GOV_PANIC="y"; - WATCHDOG_PRETIMEOUT_GOV_SEL="m"; - WATCHDOG_SYSFS="y"; - XPS="y"; - XXHASH="y"; - ZLIB_DEFLATE="y"; - ZLIB_INFLATE="y"; - ZONE_DMA32="y"; - ZSTD_COMMON="y"; - ZSTD_COMPRESS="y"; - ZSTD_DECOMPRESS="y"; - # from DEVICE_PACKAGES in the openwrt_one section of - # openwrt's ./target/linux/mediatek/image/filogic.mk: - # chop off the 'kmod-' prefix and search for 'KernelPackage/...' - # in ./package/kernel/linux/modules/*.mk, and remember to add - # modules to kmodloader targets below - AIR_EN8811H_PHY="m"; - RTC_DRV_PCF8563="m"; - NVME_CORE="m"; - BLK_DEV_NVME="m"; - NVME_MULTIPATH="n"; - NVME_HWMON="y"; - # ??? - AQUANTIA_PHY="m"; - MT798X_WMAC="y"; - } // lib.optionalAttrs (config.system.service ? watchdog) { - RALINK_WDT = "y"; # watchdog - MT7621_WDT = "y"; # or it might be this one - }; + config = + { + NET = "y"; # unlock NET_XGRESS + SERIAL_8250 = "y"; # unlock SERIAL_8250_FSL + SERIAL_8250_CONSOLE = "y"; # to get the serial console + WATCHDOG = "y"; # unlock WATCHDOG_CORE + NEW_LEDS = "y"; # unlock LEDS_PWM + LEDS_CLASS = "y"; # unlock LEDS_PWM + LEDS_TRIGGERS = "y"; # unlock LEDS_TRIGGER_PATTERN + DEFERRED_STRUCT_PAGE_INIT = "y"; # trigger PADATA + # Taken from openwrt's ./target/linux/mediatek/filogic/config-6.6 + "64BIT" = "y"; + AIROHA_EN8801SC_PHY = "y"; + ARCH_BINFMT_ELF_EXTRA_PHDRS = "y"; + ARCH_CORRECT_STACKTRACE_ON_KRETPROBE = "y"; + ARCH_DEFAULT_KEXEC_IMAGE_VERIFY_SIG = "y"; + ARCH_DMA_ADDR_T_64BIT = "y"; + ARCH_FORCE_MAX_ORDER = "10"; + ARCH_KEEP_MEMBLOCK = "y"; + ARCH_MEDIATEK = "y"; + ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE = "y"; + ARCH_MMAP_RND_BITS = "18"; + ARCH_MMAP_RND_BITS_MAX = "24"; + ARCH_MMAP_RND_BITS_MIN = "18"; + ARCH_MMAP_RND_COMPAT_BITS_MIN = "11"; + ARCH_PROC_KCORE_TEXT = "y"; + ARCH_SPARSEMEM_ENABLE = "y"; + ARCH_STACKWALK = "y"; + ARCH_SUSPEND_POSSIBLE = "y"; + ARCH_WANTS_NO_INSTR = "y"; + ARCH_WANTS_THP_SWAP = "y"; + ARM64 = "y"; + ARM64_4K_PAGES = "y"; + ARM64_ERRATUM_843419 = "y"; + ARM64_LD_HAS_FIX_ERRATUM_843419 = "y"; + ARM64_PAGE_SHIFT = "12"; + ARM64_PA_BITS = "48"; + ARM64_PA_BITS_48 = "y"; + ARM64_TAGGED_ADDR_ABI = "y"; + ARM64_VA_BITS = "39"; + ARM64_VA_BITS_39 = "y"; + ARM_AMBA = "y"; + ARM_ARCH_TIMER = "y"; + ARM_ARCH_TIMER_EVTSTREAM = "y"; + ARM_GIC = "y"; + ARM_GIC_V2M = "y"; + ARM_GIC_V3 = "y"; + ARM_GIC_V3_ITS = "y"; + ARM_GIC_V3_ITS_PCI = "y"; + ARM_MEDIATEK_CPUFREQ = "y"; + ARM_PMU = "y"; + ARM_PMUV3 = "y"; + ARM_PSCI_FW = "y"; + ATA = "y"; + AUDIT_ARCH_COMPAT_GENERIC = "y"; + BLK_DEV_LOOP = "y"; + BLK_DEV_SD = "y"; + BLK_MQ_PCI = "y"; + BLK_PM = "y"; + BLOCK_NOTIFIERS = "y"; + BSD_PROCESS_ACCT = "y"; + BSD_PROCESS_ACCT_V3 = "y"; + BUFFER_HEAD = "y"; + BUILTIN_RETURN_ADDRESS_STRIPS_PAC = "y"; + CC_HAVE_SHADOW_CALL_STACK = "y"; + CC_HAVE_STACKPROTECTOR_SYSREG = "y"; + #CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5"; + CC_NO_ARRAY_BOUNDS = "y"; + CLKSRC_MMIO = "y"; + CLONE_BACKWARDS = "y"; + CMDLINE_OVERRIDE = "y"; + COMMON_CLK = "y"; + COMMON_CLK_MEDIATEK = "y"; + COMMON_CLK_MT7981 = "y"; + COMMON_CLK_MT7981_ETHSYS = "y"; + COMMON_CLK_MT7986 = "y"; + COMMON_CLK_MT7986_ETHSYS = "y"; + COMMON_CLK_MT7988 = "y"; + COMPACT_UNEVICTABLE_DEFAULT = "1"; + CONFIGFS_FS = "y"; + CONSOLE_LOGLEVEL_DEFAULT = "15"; + CONTEXT_TRACKING = "y"; + CONTEXT_TRACKING_IDLE = "y"; + CPU_FREQ = "y"; + CPU_FREQ_DEFAULT_GOV_USERSPACE = "y"; + CPU_FREQ_GOV_ATTR_SET = "y"; + CPU_FREQ_GOV_COMMON = "y"; + CPU_FREQ_GOV_CONSERVATIVE = "y"; + CPU_FREQ_GOV_ONDEMAND = "y"; + CPU_FREQ_GOV_PERFORMANCE = "y"; + CPU_FREQ_GOV_POWERSAVE = "y"; + CPU_FREQ_GOV_SCHEDUTIL = "y"; + CPU_FREQ_GOV_USERSPACE = "y"; + CPU_FREQ_STAT = "y"; + CPU_LITTLE_ENDIAN = "y"; + CPU_RMAP = "y"; + CPU_THERMAL = "y"; + CRC16 = "y"; + CRC_CCITT = "y"; + CRYPTO_AES_ARM64 = "y"; + CRYPTO_AES_ARM64_CE = "y"; + CRYPTO_AES_ARM64_CE_BLK = "y"; + CRYPTO_AES_ARM64_CE_CCM = "y"; + CRYPTO_CMAC = "y"; + CRYPTO_CRC32 = "y"; + CRYPTO_CRC32C = "y"; + CRYPTO_CRYPTD = "y"; + CRYPTO_DEFLATE = "y"; + CRYPTO_DRBG = "y"; + CRYPTO_DRBG_HMAC = "y"; + CRYPTO_DRBG_MENU = "y"; + CRYPTO_ECB = "y"; + CRYPTO_ECC = "y"; + CRYPTO_ECDH = "y"; + CRYPTO_GHASH_ARM64_CE = "y"; + CRYPTO_HASH_INFO = "y"; + CRYPTO_HMAC = "y"; + CRYPTO_JITTERENTROPY = "y"; + CRYPTO_LIB_BLAKE2S_GENERIC = "y"; + CRYPTO_LIB_GF128MUL = "y"; + CRYPTO_LIB_SHA1 = "y"; + CRYPTO_LIB_SHA256 = "y"; + CRYPTO_LIB_UTILS = "y"; + CRYPTO_LZO = "y"; + CRYPTO_RNG = "y"; + CRYPTO_RNG2 = "y"; + CRYPTO_RNG_DEFAULT = "y"; + CRYPTO_SHA256 = "y"; + CRYPTO_SHA256_ARM64 = "y"; + CRYPTO_SHA2_ARM64_CE = "y"; + CRYPTO_SHA3 = "y"; + CRYPTO_SHA512 = "y"; + CRYPTO_SM4 = "y"; + CRYPTO_SM4_ARM64_CE_BLK = "y"; + CRYPTO_SM4_ARM64_CE_CCM = "y"; + CRYPTO_SM4_ARM64_CE_GCM = "y"; + CRYPTO_ZSTD = "y"; + DCACHE_WORD_ACCESS = "y"; + #DEBUG_INFO="y"; + DEBUG_MISC = "y"; + DIMLIB = "y"; + DMADEVICES = "y"; + DMATEST = "y"; + DMA_BOUNCE_UNALIGNED_KMALLOC = "y"; + DMA_DIRECT_REMAP = "y"; + DMA_ENGINE = "y"; + DMA_ENGINE_RAID = "y"; + DMA_OF = "y"; + DMA_VIRTUAL_CHANNELS = "y"; + DTC = "y"; + EDAC_SUPPORT = "y"; + EINT_MTK = "y"; + EXCLUSIVE_SYSTEM_RAM = "y"; + EXT4_FS = "y"; + F2FS_FS = "y"; + FIXED_PHY = "y"; + FIX_EARLYCON_MEM = "y"; + FRAME_POINTER = "y"; + FS_IOMAP = "y"; + FS_MBCACHE = "y"; + FUNCTION_ALIGNMENT = "4"; + FUNCTION_ALIGNMENT_4B = "y"; + FWNODE_MDIO = "y"; + FW_LOADER_PAGED_BUF = "y"; + #FW_LOADER_SYSFS="y"; + #GCC11_NO_ARRAY_BOUNDS="y"; + #GCC_ASM_GOTO_OUTPUT_WORKAROUND="y"; + GCC_SUPPORTS_DYNAMIC_FTRACE_WITH_ARGS = "y"; + GENERIC_ALLOCATOR = "y"; + GENERIC_ARCH_TOPOLOGY = "y"; + GENERIC_BUG = "y"; + GENERIC_BUG_RELATIVE_POINTERS = "y"; + GENERIC_CLOCKEVENTS = "y"; + GENERIC_CLOCKEVENTS_BROADCAST = "y"; + GENERIC_CPU_AUTOPROBE = "y"; + GENERIC_CPU_VULNERABILITIES = "y"; + GENERIC_CSUM = "y"; + GENERIC_EARLY_IOREMAP = "y"; + GENERIC_GETTIMEOFDAY = "y"; + GENERIC_IDLE_POLL_SETUP = "y"; + GENERIC_IOREMAP = "y"; + GENERIC_IRQ_EFFECTIVE_AFF_MASK = "y"; + GENERIC_IRQ_SHOW = "y"; + GENERIC_IRQ_SHOW_LEVEL = "y"; + GENERIC_LIB_DEVMEM_IS_ALLOWED = "y"; + GENERIC_MSI_IRQ = "y"; + GENERIC_PCI_IOMAP = "y"; + GENERIC_PHY = "y"; + GENERIC_PINCONF = "y"; + GENERIC_PINCTRL_GROUPS = "y"; + GENERIC_PINMUX_FUNCTIONS = "y"; + GENERIC_SCHED_CLOCK = "y"; + GENERIC_SMP_IDLE_THREAD = "y"; + GENERIC_STRNCPY_FROM_USER = "y"; + GENERIC_STRNLEN_USER = "y"; + GENERIC_TIME_VSYSCALL = "y"; + GLOB = "y"; + GPIO_CDEV = "y"; + GPIO_WATCHDOG = "y"; + GPIO_WATCHDOG_ARCH_INITCALL = "y"; + GRO_CELLS = "y"; + HARDIRQS_SW_RESEND = "y"; + HAS_DMA = "y"; + HAS_IOMEM = "y"; + HAS_IOPORT = "y"; + HAS_IOPORT_MAP = "y"; + HWMON = "y"; + HW_RANDOM = "y"; + HW_RANDOM_MTK = "y"; + I2C = "y"; + I2C_BOARDINFO = "y"; + I2C_CHARDEV = "y"; + I2C_MT65XX = "y"; + ICPLUS_PHY = "y"; + ILLEGAL_POINTER_VALUE = "0xdead000000000000"; + #INITRAMFS_SOURCE=""""; + IRQCHIP = "y"; + IRQ_DOMAIN = "y"; + IRQ_DOMAIN_HIERARCHY = "y"; + IRQ_FORCED_THREADING = "y"; + IRQ_TIME_ACCOUNTING = "y"; + IRQ_WORK = "y"; + JBD2 = "y"; + JUMP_LABEL = "y"; + LEDS_PWM = "y"; + LEDS_SMARTRG_LED = "y"; + LIBFDT = "y"; + LOCK_DEBUGGING_SUPPORT = "y"; + LOCK_SPIN_ON_OWNER = "y"; + LZO_COMPRESS = "y"; + LZO_DECOMPRESS = "y"; + MAGIC_SYSRQ = "y"; + MAXLINEAR_GPHY = "y"; + MDIO_BUS = "y"; + MDIO_DEVICE = "y"; + MDIO_DEVRES = "y"; + MEDIATEK_2P5GE_PHY = "y"; + MEDIATEK_GE_PHY = "y"; + MEDIATEK_GE_SOC_PHY = "y"; + MEDIATEK_WATCHDOG = "y"; + MESSAGE_LOGLEVEL_DEFAULT = "7"; + MFD_SYSCON = "y"; + MIGRATION = "y"; + MMC = "y"; + MMC_BLOCK = "y"; + MMC_CQHCI = "y"; + MMC_MTK = "y"; + MMU_LAZY_TLB_REFCOUNT = "y"; + MODULES_TREE_LOOKUP = "y"; + MODULES_USE_ELF_RELA = "y"; + MTD_NAND_CORE = "y"; + MTD_NAND_ECC = "y"; + MTD_NAND_ECC_MEDIATEK = "y"; + MTD_NAND_ECC_SW_HAMMING = "y"; + MTD_NAND_MTK = "y"; + MTD_NAND_MTK_BMT = "y"; + MTD_PARSER_TRX = "y"; + MTD_RAW_NAND = "y"; + MTD_SPI_NAND = "y"; + MTD_SPI_NOR = "y"; + MTD_SPLIT_FIRMWARE = "y"; + MTD_SPLIT_FIT_FW = "y"; + MTD_UBI = "y"; + MTD_UBI_BEB_LIMIT = "20"; + MTD_UBI_BLOCK = "y"; + MTD_UBI_FASTMAP = "y"; + MTD_UBI_NVMEM = "y"; + MTD_UBI_WL_THRESHOLD = "4096"; + MTK_CPUX_TIMER = "y"; + MTK_HSDMA = "y"; + MTK_INFRACFG = "y"; + MTK_LVTS_THERMAL = "y"; + MTK_LVTS_THERMAL_DEBUGFS = "y"; + MTK_PMIC_WRAP = "y"; + MTK_REGULATOR_COUPLER = "y"; + MTK_SCPSYS = "y"; + MTK_SCPSYS_PM_DOMAINS = "y"; + MTK_SOC_THERMAL = "y"; + MTK_THERMAL = "y"; + MTK_TIMER = "y"; + MUTEX_SPIN_ON_OWNER = "y"; + NEED_DMA_MAP_STATE = "y"; + NEED_SG_DMA_LENGTH = "y"; + NET_DEVLINK = "y"; + NET_DSA = "y"; + NET_DSA_MT7530 = "y"; + NET_DSA_MT7530_MDIO = "y"; + NET_DSA_MT7530_MMIO = "y"; + NET_DSA_TAG_MTK = "y"; + #NET_EGRESS="y"; + NET_FLOW_LIMIT = "y"; + #NET_INGRESS="y"; + NET_MEDIATEK_SOC = "y"; + NET_MEDIATEK_SOC_WED = "y"; + NET_SELFTESTS = "y"; + NET_SWITCHDEV = "y"; + NET_VENDOR_MEDIATEK = "y"; + #NET_XGRESS="y"; + NLS = "y"; + NO_HZ_COMMON = "y"; + NO_HZ_IDLE = "y"; + NR_CPUS = "4"; + NVMEM = "y"; + NVMEM_BLOCK = "y"; + NVMEM_LAYOUTS = "y"; + NVMEM_LAYOUT_ADTRAN = "y"; + NVMEM_MTK_EFUSE = "y"; + NVMEM_SYSFS = "y"; + OF = "y"; + OF_ADDRESS = "y"; + OF_DYNAMIC = "y"; + OF_EARLY_FLATTREE = "y"; + OF_FLATTREE = "y"; + OF_GPIO = "y"; + OF_IRQ = "y"; + OF_KOBJ = "y"; + OF_MDIO = "y"; + OF_OVERLAY = "y"; + OF_RESOLVE = "y"; + PADATA = "y"; + PAGE_POOL = "y"; + PAGE_POOL_STATS = "y"; + PAGE_SIZE_LESS_THAN_256KB = "y"; + PAGE_SIZE_LESS_THAN_64KB = "y"; + #PAHOLE_HAS_LANG_EXCLUDE="y"; + PARTITION_PERCPU = "y"; + PCI = "y"; + PCIEAER = "y"; + PCIEASPM = "y"; + PCIEASPM_PERFORMANCE = "y"; + PCIEPORTBUS = "y"; + PCIE_MEDIATEK_GEN3 = "y"; + PCIE_PME = "y"; + PCI_DEBUG = "y"; + PCI_DOMAINS = "y"; + PCI_DOMAINS_GENERIC = "y"; + PCI_MSI = "y"; + PCS_MTK_LYNXI = "y"; + PCS_MTK_USXGMII = "y"; + PERF_EVENTS = "y"; + PER_VMA_LOCK = "y"; + PGTABLE_LEVELS = "3"; + PHYLIB = "y"; + PHYLIB_LEDS = "y"; + PHYLINK = "y"; + PHYS_ADDR_T_64BIT = "y"; + PHY_MTK_TPHY = "y"; + PHY_MTK_XFI_TPHY = "y"; + PHY_MTK_XSPHY = "y"; + PINCTRL = "y"; + PINCTRL_MT7981 = "y"; + PINCTRL_MT7986 = "y"; + PINCTRL_MT7988 = "y"; + PINCTRL_MTK_MOORE = "y"; + PINCTRL_MTK_V2 = "y"; + PM = "y"; + PM_CLK = "y"; + PM_GENERIC_DOMAINS = "y"; + PM_GENERIC_DOMAINS_OF = "y"; + PM_OPP = "y"; + POLYNOMIAL = "y"; + POSIX_CPU_TIMERS_TASK_WORK = "y"; + POWER_RESET = "y"; + POWER_RESET_SYSCON = "y"; + POWER_SUPPLY = "y"; + PREEMPT_NONE_BUILD = "y"; + PRINTK_TIME = "y"; + PSTORE = "y"; + PSTORE_COMPRESS = "y"; + PSTORE_CONSOLE = "y"; + PSTORE_PMSG = "y"; + PSTORE_RAM = "y"; + PTP_1588_CLOCK_OPTIONAL = "y"; + PWM = "y"; + PWM_MEDIATEK = "y"; + PWM_SYSFS = "y"; + QUEUED_RWLOCKS = "y"; + QUEUED_SPINLOCKS = "y"; + RANDSTRUCT_NONE = "y"; + RAS = "y"; + RATIONAL = "y"; + REALTEK_PHY = "y"; + REED_SOLOMON = "y"; + REED_SOLOMON_DEC8 = "y"; + REED_SOLOMON_ENC8 = "y"; + REGMAP = "y"; + REGMAP_I2C = "y"; + REGMAP_MMIO = "y"; + REGULATOR = "y"; + REGULATOR_FIXED_VOLTAGE = "y"; + REGULATOR_MT6380 = "y"; + REGULATOR_RT5190A = "y"; + RESET_CONTROLLER = "y"; + RESET_TI_SYSCON = "y"; + RFS_ACCEL = "y"; + RODATA_FULL_DEFAULT_ENABLED = "y"; + RPS = "y"; + RTC_CLASS = "y"; + RTC_DRV_MT7622 = "y"; + RTC_I2C_AND_SPI = "y"; + RWSEM_SPIN_ON_OWNER = "y"; + SCHED_MC = "y"; + SCSI = "y"; + SCSI_COMMON = "y"; + SERIAL_8250_FSL = "y"; + SERIAL_8250_MT6577 = "y"; + SERIAL_8250_NR_UARTS = "3"; + SERIAL_8250_RUNTIME_UARTS = "3"; + SERIAL_DEV_BUS = "y"; + SERIAL_DEV_CTRL_TTYPORT = "y"; + SERIAL_MCTRL_GPIO = "y"; + SERIAL_OF_PLATFORM = "y"; + SGL_ALLOC = "y"; + SG_POOL = "y"; + SMP = "y"; + SOCK_RX_QUEUE_MAPPING = "y"; + SOFTIRQ_ON_OWN_STACK = "y"; + SPARSEMEM = "y"; + SPARSEMEM_EXTREME = "y"; + SPARSEMEM_VMEMMAP = "y"; + SPARSEMEM_VMEMMAP_ENABLE = "y"; + SPARSE_IRQ = "y"; + SPI = "y"; + SPI_DYNAMIC = "y"; + SPI_MASTER = "y"; + SPI_MEM = "y"; + SPI_MT65XX = "y"; + SPI_MTK_SNFI = "y"; + #SQUASHFS_DECOMP_MULTI_PERCPU="y"; + SWIOTLB = "y"; + SWPHY = "y"; + SYSCTL_EXCEPTION_TRACE = "y"; + THERMAL = "y"; + THERMAL_DEFAULT_GOV_STEP_WISE = "y"; + THERMAL_EMERGENCY_POWEROFF_DELAY_MS = "0"; + THERMAL_GOV_BANG_BANG = "y"; + THERMAL_GOV_FAIR_SHARE = "y"; + THERMAL_GOV_STEP_WISE = "y"; + THERMAL_GOV_USER_SPACE = "y"; + THERMAL_HWMON = "y"; + THERMAL_OF = "y"; + THERMAL_WRITABLE_TRIPS = "y"; + THREAD_INFO_IN_TASK = "y"; + TICK_CPU_ACCOUNTING = "y"; + TIMER_OF = "y"; + TIMER_PROBE = "y"; + TRACE_IRQFLAGS_NMI_SUPPORT = "y"; + TREE_RCU = "y"; + TREE_SRCU = "y"; + UBIFS_FS = "y"; + UIMAGE_FIT_BLK = "y"; + USB_SUPPORT = "y"; + VMAP_STACK = "y"; + WATCHDOG_CORE = "y"; + WATCHDOG_PRETIMEOUT_DEFAULT_GOV_PANIC = "y"; + WATCHDOG_PRETIMEOUT_GOV = "y"; + WATCHDOG_PRETIMEOUT_GOV_PANIC = "y"; + WATCHDOG_PRETIMEOUT_GOV_SEL = "m"; + WATCHDOG_SYSFS = "y"; + XPS = "y"; + XXHASH = "y"; + ZLIB_DEFLATE = "y"; + ZLIB_INFLATE = "y"; + ZONE_DMA32 = "y"; + ZSTD_COMMON = "y"; + ZSTD_COMPRESS = "y"; + ZSTD_DECOMPRESS = "y"; + # from DEVICE_PACKAGES in the openwrt_one section of + # openwrt's ./target/linux/mediatek/image/filogic.mk: + # chop off the 'kmod-' prefix and search for 'KernelPackage/...' + # in ./package/kernel/linux/modules/*.mk, and remember to add + # modules to kmodloader targets below + AIR_EN8811H_PHY = "m"; + RTC_DRV_PCF8563 = "m"; + NVME_CORE = "m"; + BLK_DEV_NVME = "m"; + NVME_MULTIPATH = "n"; + NVME_HWMON = "y"; + # ??? + AQUANTIA_PHY = "m"; + MT798X_WMAC = "y"; + } + // lib.optionalAttrs (config.system.service ? watchdog) { + RALINK_WDT = "y"; # watchdog + MT7621_WDT = "y"; # or it might be this one + }; conditionalConfig = { WLAN = { MT7915E = "m"; @@ -617,123 +627,125 @@ }; rootfsType = lib.mkDefault "ubifs"; # override this if you are building tftpboot filesystem = - let inherit (pkgs.pseudofile) dir symlink; - in - dir { - lib = dir { - firmware = dir { - mediatek = symlink mediatek-firmware; - airoha = symlink airoha-firmware; - }; - }; - }; - - hardware = - let - phy = pkgs.kmodloader.override { - targets = [ - "air_en8811h" - ]; - inherit (config.system.outputs) kernel; - }; - mac80211 = pkgs.kmodloader.override { - targets = [ - "mt7915e" - "rtc-pcf8563" - "nvme_core" - "nvme" - #"mt7996e" - "aquantia" - ]; - inherit (config.system.outputs) kernel; - }; - in { - # from OEM bootlog - # Creating 4 MTD partitions on "spi0.0": - # 0x000000000000-0x000000040000 : "bl2-nor" - # 0x000000040000-0x000000100000 : "factory" - # 0x000000100000-0x000000180000 : "fip-nor" - # 0x000000180000-0x000000e00000 : "recovery" - # spi-nand spi1.1: calibration result: 0x3 - # spi-nand spi1.1: Winbond SPI NAND was found. - # spi-nand spi1.1: 256 MiB, block size: 128 KiB, page size: 2048, OOB size: 128 - # 2 fixed-partitions partitions found on MTD device spi1.1 - # Creating 2 MTD partitions on "spi1.1": - # 0x000000000000-0x000000100000 : "bl2" - # 0x000000100000-0x000010000000 : "ubi" - - flash = { - # from the OEM bootlog: - # ## Checking Image at 46000000 ... - # FIT image found - # FIT description: ARM64 OpenWrt FIT (Flattened Image Tree) - # Image 0 (kernel-1) - # Description: ARM64 OpenWrt Linux-6.6.57 - # Type: Kernel Image - # Compression: gzip compressed - # Data Start: 0x46001000 - # Data Size: 5751840 Bytes = 5.5 MiB - # Architecture: AArch64 - # OS: Linux - # Load Address: 0x44000000 - # Entry Point: 0x44000000 - - address = lim.parseInt "0x44000000"; - size = lim.parseInt "0xf60000"; - # /proc/mtd on a running system: - # dev: size erasesize name - # mtd0: 00040000 00010000 "bl2-nor" - # mtd1: 000c0000 00010000 "factory" - # mtd2: 00080000 00010000 "fip-nor" - # mtd3: 00c80000 00010000 "recovery" - # mtd4: 00100000 00020000 "bl2" - # mtd5: 0ff00000 00020000 "ubi" - eraseBlockSize = 65536; - }; - ubi = { - # TODO taken from belkin-rt3200, to review - minIOSize = "2048"; - logicalEraseBlockSize = "126976"; - physicalEraseBlockSize = "131072"; - maxLEBcount = "1024"; # guessing - }; - - - defaultOutput = "ubimage"; - loadAddress = lim.parseInt "0x44000000"; - entryPoint = lim.parseInt "0x44000000"; - # TODO AFAICT this should be 2048, but I got 'FIT: image rootfs-1 start not aligned to page boundaries' with that... - #alignment = 2048; - alignment = 4096; - rootDevice = "ubi0:liminix"; - dts = { - src = "${openwrt.src}/target/linux/mediatek/dts/mt7981b-openwrt-one.dts"; - includePaths = [ - "${openwrt.src}/target/linux/mediatek/dts" - "${config.system.outputs.kernel.modulesupport}/arch/arm64/boot/dts/mediatek/" - ]; - }; - - networkInterfaces = - let - inherit (config.system.service.network) link; - in rec { - eth0 = link.build { - ifname = "eth0"; - dependencies = [ phy ]; - }; - eth1 = link.build { ifname = "eth1"; }; - - wlan0 = link.build { - ifname = "wlan0"; - dependencies = [ mac80211 ]; - }; - wlan1 = link.build { - ifname = "wlan1"; - dependencies = [ mac80211 ]; + let + inherit (pkgs.pseudofile) dir symlink; + in + dir { + lib = dir { + firmware = dir { + mediatek = symlink mediatek-firmware; + airoha = symlink airoha-firmware; }; }; - }; - }; + }; + + hardware = + let + phy = pkgs.kmodloader.override { + targets = [ + "air_en8811h" + ]; + inherit (config.system.outputs) kernel; + }; + mac80211 = pkgs.kmodloader.override { + targets = [ + "mt7915e" + "rtc-pcf8563" + "nvme_core" + "nvme" + #"mt7996e" + "aquantia" + ]; + inherit (config.system.outputs) kernel; + }; + in + { + # from OEM bootlog + # Creating 4 MTD partitions on "spi0.0": + # 0x000000000000-0x000000040000 : "bl2-nor" + # 0x000000040000-0x000000100000 : "factory" + # 0x000000100000-0x000000180000 : "fip-nor" + # 0x000000180000-0x000000e00000 : "recovery" + # spi-nand spi1.1: calibration result: 0x3 + # spi-nand spi1.1: Winbond SPI NAND was found. + # spi-nand spi1.1: 256 MiB, block size: 128 KiB, page size: 2048, OOB size: 128 + # 2 fixed-partitions partitions found on MTD device spi1.1 + # Creating 2 MTD partitions on "spi1.1": + # 0x000000000000-0x000000100000 : "bl2" + # 0x000000100000-0x000010000000 : "ubi" + + flash = { + # from the OEM bootlog: + # ## Checking Image at 46000000 ... + # FIT image found + # FIT description: ARM64 OpenWrt FIT (Flattened Image Tree) + # Image 0 (kernel-1) + # Description: ARM64 OpenWrt Linux-6.6.57 + # Type: Kernel Image + # Compression: gzip compressed + # Data Start: 0x46001000 + # Data Size: 5751840 Bytes = 5.5 MiB + # Architecture: AArch64 + # OS: Linux + # Load Address: 0x44000000 + # Entry Point: 0x44000000 + + address = lim.parseInt "0x44000000"; + size = lim.parseInt "0xf60000"; + # /proc/mtd on a running system: + # dev: size erasesize name + # mtd0: 00040000 00010000 "bl2-nor" + # mtd1: 000c0000 00010000 "factory" + # mtd2: 00080000 00010000 "fip-nor" + # mtd3: 00c80000 00010000 "recovery" + # mtd4: 00100000 00020000 "bl2" + # mtd5: 0ff00000 00020000 "ubi" + eraseBlockSize = 65536; + }; + ubi = { + # TODO taken from belkin-rt3200, to review + minIOSize = "2048"; + logicalEraseBlockSize = "126976"; + physicalEraseBlockSize = "131072"; + maxLEBcount = "1024"; # guessing + }; + + defaultOutput = "ubimage"; + loadAddress = lim.parseInt "0x44000000"; + entryPoint = lim.parseInt "0x44000000"; + # TODO AFAICT this should be 2048, but I got 'FIT: image rootfs-1 start not aligned to page boundaries' with that... + #alignment = 2048; + alignment = 4096; + rootDevice = "ubi0:liminix"; + dts = { + src = "${openwrt.src}/target/linux/mediatek/dts/mt7981b-openwrt-one.dts"; + includePaths = [ + "${openwrt.src}/target/linux/mediatek/dts" + "${config.system.outputs.kernel.modulesupport}/arch/arm64/boot/dts/mediatek/" + ]; + }; + + networkInterfaces = + let + inherit (config.system.service.network) link; + in + rec { + eth0 = link.build { + ifname = "eth0"; + dependencies = [ phy ]; + }; + eth1 = link.build { ifname = "eth1"; }; + + wlan0 = link.build { + ifname = "wlan0"; + dependencies = [ mac80211 ]; + }; + wlan1 = link.build { + ifname = "wlan1"; + dependencies = [ mac80211 ]; + }; + }; + }; + }; }; } diff --git a/devices/qemu-aarch64/default.nix b/devices/qemu-aarch64/default.nix index 2b0ba4e..70b4840 100644 --- a/devices/qemu-aarch64/default.nix +++ b/devices/qemu-aarch64/default.nix @@ -26,26 +26,32 @@ # this device is described by the "qemu" device installer = "vmroot"; - module = { config, lim, ... }: { - imports = [ - ../../modules/arch/aarch64.nix - ../families/qemu.nix - ]; - kernel = { - config = { - VIRTUALIZATION = "y"; - PCI_HOST_GENERIC="y"; + module = + { config, lim, ... }: + { + imports = [ + ../../modules/arch/aarch64.nix + ../families/qemu.nix + ]; + kernel = { + config = { + VIRTUALIZATION = "y"; + PCI_HOST_GENERIC = "y"; - SERIAL_AMBA_PL011 = "y"; - SERIAL_AMBA_PL011_CONSOLE = "y"; + SERIAL_AMBA_PL011 = "y"; + SERIAL_AMBA_PL011_CONSOLE = "y"; + }; }; + boot.commandLine = [ + "console=ttyAMA0,38400" + ]; + hardware = + let + addr = lim.parseInt "0x40010000"; + in + { + loadAddress = addr; + entryPoint = addr; + }; }; - boot.commandLine = [ - "console=ttyAMA0,38400" - ]; - hardware = let addr = lim.parseInt "0x40010000"; in { - loadAddress = addr; - entryPoint = addr; - }; - }; } diff --git a/devices/qemu-armv7l/default.nix b/devices/qemu-armv7l/default.nix index e668a8d..795c296 100644 --- a/devices/qemu-armv7l/default.nix +++ b/devices/qemu-armv7l/default.nix @@ -5,7 +5,7 @@ { system = { crossSystem = { - config = "armv7l-unknown-linux-musleabihf"; + config = "armv7l-unknown-linux-musleabihf"; }; }; @@ -24,30 +24,36 @@ ''; installer = "vmroot"; - module = { config, lim, ... }: { - imports = [ - ../../modules/arch/arm.nix - ../families/qemu.nix - ]; - kernel = { - config = { - PCI_HOST_GENERIC = "y"; - ARCH_VIRT = "y"; + module = + { config, lim, ... }: + { + imports = [ + ../../modules/arch/arm.nix + ../families/qemu.nix + ]; + kernel = { + config = { + PCI_HOST_GENERIC = "y"; + ARCH_VIRT = "y"; - VFP = "y"; - NEON = "y"; - AEABI = "y"; + VFP = "y"; + NEON = "y"; + AEABI = "y"; - SERIAL_AMBA_PL011 = "y"; - SERIAL_AMBA_PL011_CONSOLE = "y"; + SERIAL_AMBA_PL011 = "y"; + SERIAL_AMBA_PL011_CONSOLE = "y"; + }; }; + boot.commandLine = [ + "console=ttyAMA0" + ]; + hardware = + let + addr = lim.parseInt "0x40008000"; + in + { + loadAddress = addr; + entryPoint = addr; + }; }; - boot.commandLine = [ - "console=ttyAMA0" - ]; - hardware = let addr = lim.parseInt "0x40008000"; in { - loadAddress = addr; - entryPoint = addr; - }; - }; } diff --git a/devices/qemu/default.nix b/devices/qemu/default.nix index 91b8050..b219ceb 100644 --- a/devices/qemu/default.nix +++ b/devices/qemu/default.nix @@ -7,7 +7,7 @@ config = "mips-unknown-linux-musl"; gcc = { abi = "32"; - arch = "mips32"; # maybe mips_24kc- + arch = "mips32"; # maybe mips_24kc- }; }; }; @@ -36,41 +36,50 @@ in the Development manual. ''; - module = { config, lib, lim, ... }: { - imports = [ - ../../modules/arch/mipseb.nix - ../families/qemu.nix - ]; - kernel = { - config = { - MIPS_MALTA= "y"; - CPU_MIPS32_R2= "y"; + module = + { + config, + lib, + lim, + ... + }: + { + imports = [ + ../../modules/arch/mipseb.nix + ../families/qemu.nix + ]; + kernel = { + config = { + MIPS_MALTA = "y"; + CPU_MIPS32_R2 = "y"; - POWER_RESET = "y"; - POWER_RESET_SYSCON = "y"; + POWER_RESET = "y"; + POWER_RESET_SYSCON = "y"; - SERIAL_8250= "y"; - SERIAL_8250_CONSOLE= "y"; - }; - }; - hardware = - # from arch/mips/mti-malta/Platform:load-$(CONFIG_MIPS_MALTA) += 0xffffffff80100000 - let addr = lim.parseInt "0x80100000"; - in { - loadAddress = addr; - entryPoint = addr; - - # Unlike the arm qemu targets, we need a static dts when - # running u-boot-using tests, qemu dumpdtb command doesn't - # work for this board. I am not at all sure this dts is - # *correct* but it does at least boot - dts = lib.mkForce { - src = "${config.system.outputs.kernel.modulesupport}/arch/mips/boot/dts/mti/malta.dts"; - includePaths = [ - "${config.system.outputs.kernel.modulesupport}/arch/mips/boot/dts/" - ]; + SERIAL_8250 = "y"; + SERIAL_8250_CONSOLE = "y"; }; - }; - }; + hardware = + # from arch/mips/mti-malta/Platform:load-$(CONFIG_MIPS_MALTA) += 0xffffffff80100000 + let + addr = lim.parseInt "0x80100000"; + in + { + loadAddress = addr; + entryPoint = addr; + + # Unlike the arm qemu targets, we need a static dts when + # running u-boot-using tests, qemu dumpdtb command doesn't + # work for this board. I am not at all sure this dts is + # *correct* but it does at least boot + dts = lib.mkForce { + src = "${config.system.outputs.kernel.modulesupport}/arch/mips/boot/dts/mti/malta.dts"; + includePaths = [ + "${config.system.outputs.kernel.modulesupport}/arch/mips/boot/dts/" + ]; + }; + + }; + }; } diff --git a/devices/tp-archer-ax23/default.nix b/devices/tp-archer-ax23/default.nix index 6c6519c..580f4c6 100644 --- a/devices/tp-archer-ax23/default.nix +++ b/devices/tp-archer-ax23/default.nix @@ -33,16 +33,25 @@ }; }; - module = {pkgs, config, lib, lim, ... }: - let firmware = pkgs.stdenv.mkDerivation { - name = "wlan-firmware"; - phases = ["installPhase"]; - installPhase = '' - mkdir $out - cp ${pkgs.linux-firmware}/lib/firmware/mediatek/{mt7915,mt7615,mt7622}* $out - ''; - }; - in { + module = + { + pkgs, + config, + lib, + lim, + ... + }: + let + firmware = pkgs.stdenv.mkDerivation { + name = "wlan-firmware"; + phases = [ "installPhase" ]; + installPhase = '' + mkdir $out + cp ${pkgs.linux-firmware}/lib/firmware/mediatek/{mt7915,mt7615,mt7622}* $out + ''; + }; + in + { imports = [ ../../modules/arch/mipsel.nix ../../modules/outputs/tftpboot.nix @@ -53,273 +62,275 @@ extraPatchPhase = '' ${pkgs.openwrt.applyPatches.ramips} ''; - config = { - # Initially taken from openwrt's ./target/linux/ramips/mt7621/config-5.15, - # then tweaked here and there - ARCH_32BIT_OFF_T="y"; - ARCH_HIBERNATION_POSSIBLE="y"; - ARCH_KEEP_MEMBLOCK="y"; - ARCH_MMAP_RND_BITS_MAX="15"; - ARCH_MMAP_RND_COMPAT_BITS_MAX="15"; - ARCH_SUSPEND_POSSIBLE="y"; - AT803X_PHY="y"; - BLK_MQ_PCI="y"; - BOARD_SCACHE="y"; - CEVT_R4K="y"; - CLKSRC_MIPS_GIC="y"; - CLK_MT7621="y"; - CLOCKSOURCE_WATCHDOG="y"; - CLONE_BACKWARDS="y"; - CMDLINE_BOOL="y"; - COMMON_CLK="y"; - COMPAT_32BIT_TIME="y"; - CPU_GENERIC_DUMP_TLB="y"; - CPU_HAS_DIEI="y"; - CPU_HAS_PREFETCH="y"; - CPU_HAS_RIXI="y"; - CPU_HAS_SYNC="y"; - CPU_LITTLE_ENDIAN="y"; - CPU_MIPS32="y"; - CPU_MIPS32_R2="y"; - CPU_MIPSR2="y"; - CPU_MIPSR2_IRQ_EI="y"; - CPU_MIPSR2_IRQ_VI="y"; - CPU_NEEDS_NO_SMARTMIPS_OR_MICROMIPS="y"; - CPU_R4K_CACHE_TLB="y"; - CPU_RMAP="y"; - CPU_SUPPORTS_32BIT_KERNEL="y"; - CPU_SUPPORTS_HIGHMEM="y"; - CPU_SUPPORTS_MSA="y"; - CRC16="y"; - CRYPTO_DEFLATE="y"; - CRYPTO_HASH_INFO="y"; - CRYPTO_LIB_BLAKE2S_GENERIC="y"; - CRYPTO_LIB_POLY1305_RSIZE="2"; - CRYPTO_LZO="y"; - CRYPTO_ZSTD="y"; - CSRC_R4K="y"; - DIMLIB="y"; - DMA_NONCOHERENT="y"; - DTB_RT_NONE="y"; - DTC="y"; - EARLY_PRINTK="y"; - FIXED_PHY="y"; - FWNODE_MDIO="y"; - FW_LOADER_PAGED_BUF="y"; - GENERIC_ATOMIC64="y"; - GENERIC_CLOCKEVENTS="y"; - GENERIC_CMOS_UPDATE="y"; - GENERIC_CPU_AUTOPROBE="y"; - GENERIC_FIND_FIRST_BIT="y"; - GENERIC_GETTIMEOFDAY="y"; - GENERIC_IOMAP="y"; - GENERIC_IRQ_CHIP="y"; - GENERIC_IRQ_EFFECTIVE_AFF_MASK="y"; - GENERIC_IRQ_SHOW="y"; - GENERIC_LIB_ASHLDI3="y"; - GENERIC_LIB_ASHRDI3="y"; - GENERIC_LIB_CMPDI2="y"; - GENERIC_LIB_LSHRDI3="y"; - GENERIC_LIB_UCMPDI2="y"; - GENERIC_PCI_IOMAP="y"; - GENERIC_PHY="y"; - GENERIC_PINCONF="y"; - GENERIC_SCHED_CLOCK="y"; - GENERIC_SMP_IDLE_THREAD="y"; - GENERIC_TIME_VSYSCALL="y"; - GLOB="y"; - GPIOLIB_IRQCHIP="y"; - GPIO_CDEV="y"; - GPIO_GENERIC="y"; - GPIO_MT7621="y"; - GRO_CELLS="y"; - HANDLE_DOMAIN_IRQ="y"; - HARDWARE_WATCHPOINTS="y"; - HAS_DMA="y"; - HAS_IOMEM="y"; - HAS_IOPORT_MAP="y"; - I2C="y"; - I2C_ALGOBIT="y"; - I2C_BOARDINFO="y"; - I2C_CHARDEV="y"; - I2C_GPIO="y"; - I2C_MT7621="y"; - ICPLUS_PHY="y"; - IRQCHIP="y"; - IRQ_DOMAIN="y"; - IRQ_DOMAIN_HIERARCHY="y"; - IRQ_FORCED_THREADING="y"; - IRQ_MIPS_CPU="y"; - IRQ_WORK="y"; - LIBFDT="y"; - LOCK_DEBUGGING_SUPPORT="y"; - LZO_COMPRESS="y"; - LZO_DECOMPRESS="y"; - MDIO_BUS="y"; - MDIO_DEVICE="y"; - MDIO_DEVRES="y"; - MEDIATEK_GE_PHY="y"; - MEMFD_CREATE="y"; - MFD_SYSCON="y"; - MIGRATION="y"; - MIKROTIK="y"; - MIKROTIK_RB_SYSFS="y"; - MIPS="y"; - MIPS_ASID_BITS="8"; - MIPS_ASID_SHIFT="0"; - MIPS_CLOCK_VSYSCALL="y"; - MIPS_CM="y"; - MIPS_CPC="y"; - MIPS_CPS="y"; - MIPS_CPU_SCACHE="y"; - MIPS_GIC="y"; - MIPS_L1_CACHE_SHIFT="5"; - MIPS_LD_CAN_LINK_VDSO="y"; - MIPS_MT="y"; - MIPS_MT_FPAFF="y"; - MIPS_MT_SMP="y"; - MIPS_NR_CPU_NR_MAP="4"; - MIPS_PERF_SHARED_TC_COUNTERS="y"; - MIPS_SPRAM="y"; - MODULES_USE_ELF_REL="y"; - MTD_CMDLINE_PARTS="y"; - MTD_NAND_CORE="y"; - MTD_NAND_ECC="y"; - MTD_NAND_ECC_SW_HAMMING="y"; - MTD_NAND_MT7621="y"; - MTD_NAND_MTK_BMT="y"; - MTD_RAW_NAND="y"; - MTD_ROUTERBOOT_PARTS="y"; - MTD_SERCOMM_PARTS="y"; - MTD_SPI_NOR="y"; - MTD_SPLIT_FIT_FW="y"; - MTD_SPLIT_MINOR_FW="y"; - MTD_SPLIT_SEAMA_FW="y"; - MTD_SPLIT_TPLINK_FW="y"; - MTD_SPLIT_TRX_FW="y"; - MTD_SPLIT_UIMAGE_FW="y"; - MTD_UBI="y"; - MTD_UBI_BEB_LIMIT="20"; - MTD_UBI_BLOCK="y"; - MTD_UBI_WL_THRESHOLD="4096"; - MTD_VIRT_CONCAT="y"; - NEED_DMA_MAP_STATE="y"; - NET_DEVLINK="y"; - NET_DSA="y"; - NET_DSA_MT7530="y"; - NET_DSA_MT7530_MDIO="y"; - NET_DSA_TAG_MTK="y"; - NET_FLOW_LIMIT="y"; - NET_MEDIATEK_SOC="y"; - NET_SELFTESTS="y"; - NET_SWITCHDEV="y"; - NET_VENDOR_MEDIATEK="y"; - NO_HZ_COMMON="y"; - NO_HZ_IDLE="y"; - NR_CPUS="4"; - NVMEM="y"; - OF="y"; - OF_ADDRESS="y"; - OF_EARLY_FLATTREE="y"; - OF_FLATTREE="y"; - OF_GPIO="y"; - OF_IRQ="y"; - OF_KOBJ="y"; - OF_MDIO="y"; - PAGE_POOL="y"; - PAGE_POOL_STATS="y"; - PCI="y"; - PCIE_MT7621="y"; - PCI_DISABLE_COMMON_QUIRKS="y"; - PCI_DOMAINS="y"; - PCI_DOMAINS_GENERIC="y"; - PCI_DRIVERS_GENERIC="y"; - PCS_MTK_LYNXI="y"; - PERF_USE_VMALLOC="y"; - PGTABLE_LEVELS="2"; - PHYLIB="y"; - PHYLINK="y"; - PHY_MT7621_PCI="y"; - PINCTRL="y"; - PINCTRL_AW9523="y"; - PINCTRL_MT7621="y"; - PINCTRL_RALINK="y"; - PINCTRL_SX150X="y"; - POWER_RESET="y"; - POWER_RESET_GPIO="y"; - POWER_SUPPLY="y"; - PTP_1588_CLOCK_OPTIONAL="y"; - QUEUED_RWLOCKS="y"; - QUEUED_SPINLOCKS="y"; - RALINK="y"; - RATIONAL="y"; - REGMAP="y"; - REGMAP_I2C="y"; - REGMAP_MMIO="y"; - REGULATOR="y"; - REGULATOR_FIXED_VOLTAGE="y"; - RESET_CONTROLLER="y"; - RFS_ACCEL="y"; - RPS="y"; - RTC_CLASS="y"; - RTC_DRV_BQ32K="y"; - RTC_DRV_PCF8563="y"; - RTC_I2C_AND_SPI="y"; - SCHED_SMT="y"; - SERIAL_8250="y"; - SERIAL_8250_CONSOLE="y"; - SERIAL_8250_NR_UARTS="3"; - SERIAL_8250_RUNTIME_UARTS="3"; - SERIAL_MCTRL_GPIO="y"; - SERIAL_OF_PLATFORM="y"; - SGL_ALLOC="y"; - SMP="y"; - SMP_UP="y"; - SOCK_RX_QUEUE_MAPPING="y"; - SOC_BUS="y"; - SOC_MT7621="y"; - SPI="y"; - SPI_MASTER="y"; - SPI_MEM="y"; - SPI_MT7621="y"; - SRCU="y"; - SWPHY="y"; - SYNC_R4K="y"; - SYSCTL_EXCEPTION_TRACE="y"; - SYS_HAS_CPU_MIPS32_R1="y"; - SYS_HAS_CPU_MIPS32_R2="y"; - SYS_HAS_EARLY_PRINTK="y"; - SYS_SUPPORTS_32BIT_KERNEL="y"; - SYS_SUPPORTS_ARBIT_HZ="y"; - SYS_SUPPORTS_HIGHMEM="y"; - SYS_SUPPORTS_HOTPLUG_CPU="y"; - SYS_SUPPORTS_LITTLE_ENDIAN="y"; - SYS_SUPPORTS_MIPS16="y"; - SYS_SUPPORTS_MIPS_CPS="y"; - SYS_SUPPORTS_MULTITHREADING="y"; - SYS_SUPPORTS_SCHED_SMT="y"; - SYS_SUPPORTS_SMP="y"; - SYS_SUPPORTS_ZBOOT="y"; - TARGET_ISA_REV="2"; - TICK_CPU_ACCOUNTING="y"; - TIMER_OF="y"; - TIMER_PROBE="y"; - TREE_RCU="y"; - TREE_SRCU="y"; - UBIFS_FS="y"; - USB_SUPPORT="y"; - USE_OF="y"; - WEAK_ORDERING="y"; - XPS="y"; - XXHASH="y"; - ZLIB_DEFLATE="y"; - ZLIB_INFLATE="y"; - ZSTD_COMPRESS="y"; - ZSTD_DECOMPRESS="y"; - } // lib.optionalAttrs (config.system.service ? watchdog) { - RALINK_WDT = "y"; # watchdog - MT7621_WDT = "y"; # or it might be this one - }; + config = + { + # Initially taken from openwrt's ./target/linux/ramips/mt7621/config-5.15, + # then tweaked here and there + ARCH_32BIT_OFF_T = "y"; + ARCH_HIBERNATION_POSSIBLE = "y"; + ARCH_KEEP_MEMBLOCK = "y"; + ARCH_MMAP_RND_BITS_MAX = "15"; + ARCH_MMAP_RND_COMPAT_BITS_MAX = "15"; + ARCH_SUSPEND_POSSIBLE = "y"; + AT803X_PHY = "y"; + BLK_MQ_PCI = "y"; + BOARD_SCACHE = "y"; + CEVT_R4K = "y"; + CLKSRC_MIPS_GIC = "y"; + CLK_MT7621 = "y"; + CLOCKSOURCE_WATCHDOG = "y"; + CLONE_BACKWARDS = "y"; + CMDLINE_BOOL = "y"; + COMMON_CLK = "y"; + COMPAT_32BIT_TIME = "y"; + CPU_GENERIC_DUMP_TLB = "y"; + CPU_HAS_DIEI = "y"; + CPU_HAS_PREFETCH = "y"; + CPU_HAS_RIXI = "y"; + CPU_HAS_SYNC = "y"; + CPU_LITTLE_ENDIAN = "y"; + CPU_MIPS32 = "y"; + CPU_MIPS32_R2 = "y"; + CPU_MIPSR2 = "y"; + CPU_MIPSR2_IRQ_EI = "y"; + CPU_MIPSR2_IRQ_VI = "y"; + CPU_NEEDS_NO_SMARTMIPS_OR_MICROMIPS = "y"; + CPU_R4K_CACHE_TLB = "y"; + CPU_RMAP = "y"; + CPU_SUPPORTS_32BIT_KERNEL = "y"; + CPU_SUPPORTS_HIGHMEM = "y"; + CPU_SUPPORTS_MSA = "y"; + CRC16 = "y"; + CRYPTO_DEFLATE = "y"; + CRYPTO_HASH_INFO = "y"; + CRYPTO_LIB_BLAKE2S_GENERIC = "y"; + CRYPTO_LIB_POLY1305_RSIZE = "2"; + CRYPTO_LZO = "y"; + CRYPTO_ZSTD = "y"; + CSRC_R4K = "y"; + DIMLIB = "y"; + DMA_NONCOHERENT = "y"; + DTB_RT_NONE = "y"; + DTC = "y"; + EARLY_PRINTK = "y"; + FIXED_PHY = "y"; + FWNODE_MDIO = "y"; + FW_LOADER_PAGED_BUF = "y"; + GENERIC_ATOMIC64 = "y"; + GENERIC_CLOCKEVENTS = "y"; + GENERIC_CMOS_UPDATE = "y"; + GENERIC_CPU_AUTOPROBE = "y"; + GENERIC_FIND_FIRST_BIT = "y"; + GENERIC_GETTIMEOFDAY = "y"; + GENERIC_IOMAP = "y"; + GENERIC_IRQ_CHIP = "y"; + GENERIC_IRQ_EFFECTIVE_AFF_MASK = "y"; + GENERIC_IRQ_SHOW = "y"; + GENERIC_LIB_ASHLDI3 = "y"; + GENERIC_LIB_ASHRDI3 = "y"; + GENERIC_LIB_CMPDI2 = "y"; + GENERIC_LIB_LSHRDI3 = "y"; + GENERIC_LIB_UCMPDI2 = "y"; + GENERIC_PCI_IOMAP = "y"; + GENERIC_PHY = "y"; + GENERIC_PINCONF = "y"; + GENERIC_SCHED_CLOCK = "y"; + GENERIC_SMP_IDLE_THREAD = "y"; + GENERIC_TIME_VSYSCALL = "y"; + GLOB = "y"; + GPIOLIB_IRQCHIP = "y"; + GPIO_CDEV = "y"; + GPIO_GENERIC = "y"; + GPIO_MT7621 = "y"; + GRO_CELLS = "y"; + HANDLE_DOMAIN_IRQ = "y"; + HARDWARE_WATCHPOINTS = "y"; + HAS_DMA = "y"; + HAS_IOMEM = "y"; + HAS_IOPORT_MAP = "y"; + I2C = "y"; + I2C_ALGOBIT = "y"; + I2C_BOARDINFO = "y"; + I2C_CHARDEV = "y"; + I2C_GPIO = "y"; + I2C_MT7621 = "y"; + ICPLUS_PHY = "y"; + IRQCHIP = "y"; + IRQ_DOMAIN = "y"; + IRQ_DOMAIN_HIERARCHY = "y"; + IRQ_FORCED_THREADING = "y"; + IRQ_MIPS_CPU = "y"; + IRQ_WORK = "y"; + LIBFDT = "y"; + LOCK_DEBUGGING_SUPPORT = "y"; + LZO_COMPRESS = "y"; + LZO_DECOMPRESS = "y"; + MDIO_BUS = "y"; + MDIO_DEVICE = "y"; + MDIO_DEVRES = "y"; + MEDIATEK_GE_PHY = "y"; + MEMFD_CREATE = "y"; + MFD_SYSCON = "y"; + MIGRATION = "y"; + MIKROTIK = "y"; + MIKROTIK_RB_SYSFS = "y"; + MIPS = "y"; + MIPS_ASID_BITS = "8"; + MIPS_ASID_SHIFT = "0"; + MIPS_CLOCK_VSYSCALL = "y"; + MIPS_CM = "y"; + MIPS_CPC = "y"; + MIPS_CPS = "y"; + MIPS_CPU_SCACHE = "y"; + MIPS_GIC = "y"; + MIPS_L1_CACHE_SHIFT = "5"; + MIPS_LD_CAN_LINK_VDSO = "y"; + MIPS_MT = "y"; + MIPS_MT_FPAFF = "y"; + MIPS_MT_SMP = "y"; + MIPS_NR_CPU_NR_MAP = "4"; + MIPS_PERF_SHARED_TC_COUNTERS = "y"; + MIPS_SPRAM = "y"; + MODULES_USE_ELF_REL = "y"; + MTD_CMDLINE_PARTS = "y"; + MTD_NAND_CORE = "y"; + MTD_NAND_ECC = "y"; + MTD_NAND_ECC_SW_HAMMING = "y"; + MTD_NAND_MT7621 = "y"; + MTD_NAND_MTK_BMT = "y"; + MTD_RAW_NAND = "y"; + MTD_ROUTERBOOT_PARTS = "y"; + MTD_SERCOMM_PARTS = "y"; + MTD_SPI_NOR = "y"; + MTD_SPLIT_FIT_FW = "y"; + MTD_SPLIT_MINOR_FW = "y"; + MTD_SPLIT_SEAMA_FW = "y"; + MTD_SPLIT_TPLINK_FW = "y"; + MTD_SPLIT_TRX_FW = "y"; + MTD_SPLIT_UIMAGE_FW = "y"; + MTD_UBI = "y"; + MTD_UBI_BEB_LIMIT = "20"; + MTD_UBI_BLOCK = "y"; + MTD_UBI_WL_THRESHOLD = "4096"; + MTD_VIRT_CONCAT = "y"; + NEED_DMA_MAP_STATE = "y"; + NET_DEVLINK = "y"; + NET_DSA = "y"; + NET_DSA_MT7530 = "y"; + NET_DSA_MT7530_MDIO = "y"; + NET_DSA_TAG_MTK = "y"; + NET_FLOW_LIMIT = "y"; + NET_MEDIATEK_SOC = "y"; + NET_SELFTESTS = "y"; + NET_SWITCHDEV = "y"; + NET_VENDOR_MEDIATEK = "y"; + NO_HZ_COMMON = "y"; + NO_HZ_IDLE = "y"; + NR_CPUS = "4"; + NVMEM = "y"; + OF = "y"; + OF_ADDRESS = "y"; + OF_EARLY_FLATTREE = "y"; + OF_FLATTREE = "y"; + OF_GPIO = "y"; + OF_IRQ = "y"; + OF_KOBJ = "y"; + OF_MDIO = "y"; + PAGE_POOL = "y"; + PAGE_POOL_STATS = "y"; + PCI = "y"; + PCIE_MT7621 = "y"; + PCI_DISABLE_COMMON_QUIRKS = "y"; + PCI_DOMAINS = "y"; + PCI_DOMAINS_GENERIC = "y"; + PCI_DRIVERS_GENERIC = "y"; + PCS_MTK_LYNXI = "y"; + PERF_USE_VMALLOC = "y"; + PGTABLE_LEVELS = "2"; + PHYLIB = "y"; + PHYLINK = "y"; + PHY_MT7621_PCI = "y"; + PINCTRL = "y"; + PINCTRL_AW9523 = "y"; + PINCTRL_MT7621 = "y"; + PINCTRL_RALINK = "y"; + PINCTRL_SX150X = "y"; + POWER_RESET = "y"; + POWER_RESET_GPIO = "y"; + POWER_SUPPLY = "y"; + PTP_1588_CLOCK_OPTIONAL = "y"; + QUEUED_RWLOCKS = "y"; + QUEUED_SPINLOCKS = "y"; + RALINK = "y"; + RATIONAL = "y"; + REGMAP = "y"; + REGMAP_I2C = "y"; + REGMAP_MMIO = "y"; + REGULATOR = "y"; + REGULATOR_FIXED_VOLTAGE = "y"; + RESET_CONTROLLER = "y"; + RFS_ACCEL = "y"; + RPS = "y"; + RTC_CLASS = "y"; + RTC_DRV_BQ32K = "y"; + RTC_DRV_PCF8563 = "y"; + RTC_I2C_AND_SPI = "y"; + SCHED_SMT = "y"; + SERIAL_8250 = "y"; + SERIAL_8250_CONSOLE = "y"; + SERIAL_8250_NR_UARTS = "3"; + SERIAL_8250_RUNTIME_UARTS = "3"; + SERIAL_MCTRL_GPIO = "y"; + SERIAL_OF_PLATFORM = "y"; + SGL_ALLOC = "y"; + SMP = "y"; + SMP_UP = "y"; + SOCK_RX_QUEUE_MAPPING = "y"; + SOC_BUS = "y"; + SOC_MT7621 = "y"; + SPI = "y"; + SPI_MASTER = "y"; + SPI_MEM = "y"; + SPI_MT7621 = "y"; + SRCU = "y"; + SWPHY = "y"; + SYNC_R4K = "y"; + SYSCTL_EXCEPTION_TRACE = "y"; + SYS_HAS_CPU_MIPS32_R1 = "y"; + SYS_HAS_CPU_MIPS32_R2 = "y"; + SYS_HAS_EARLY_PRINTK = "y"; + SYS_SUPPORTS_32BIT_KERNEL = "y"; + SYS_SUPPORTS_ARBIT_HZ = "y"; + SYS_SUPPORTS_HIGHMEM = "y"; + SYS_SUPPORTS_HOTPLUG_CPU = "y"; + SYS_SUPPORTS_LITTLE_ENDIAN = "y"; + SYS_SUPPORTS_MIPS16 = "y"; + SYS_SUPPORTS_MIPS_CPS = "y"; + SYS_SUPPORTS_MULTITHREADING = "y"; + SYS_SUPPORTS_SCHED_SMT = "y"; + SYS_SUPPORTS_SMP = "y"; + SYS_SUPPORTS_ZBOOT = "y"; + TARGET_ISA_REV = "2"; + TICK_CPU_ACCOUNTING = "y"; + TIMER_OF = "y"; + TIMER_PROBE = "y"; + TREE_RCU = "y"; + TREE_SRCU = "y"; + UBIFS_FS = "y"; + USB_SUPPORT = "y"; + USE_OF = "y"; + WEAK_ORDERING = "y"; + XPS = "y"; + XXHASH = "y"; + ZLIB_DEFLATE = "y"; + ZLIB_INFLATE = "y"; + ZSTD_COMPRESS = "y"; + ZSTD_DECOMPRESS = "y"; + } + // lib.optionalAttrs (config.system.service ? watchdog) { + RALINK_WDT = "y"; # watchdog + MT7621_WDT = "y"; # or it might be this one + }; conditionalConfig = { WLAN = { MT7915E = "m"; @@ -340,97 +351,100 @@ }; }; filesystem = - let inherit (pkgs.pseudofile) dir symlink; - in - dir { - lib = dir { - firmware = dir { - mediatek = symlink firmware; - }; - }; - }; - - hardware = - let - openwrt = pkgs.openwrt; - mac80211 = pkgs.kmodloader.override { - targets = [ - "mt7915e" - ]; - inherit (config.system.outputs) kernel; - }; - in { - # from OEM bootlog (openwrt wiki): - # 4 cmdlinepart partitions found on MTD device raspi - # Creating 4 MTD partitions on "raspi": - # 0x000000000000-0x000000040000 : "uboot" - # 0x000000040000-0x000000440000 : "uImage" - # 0x000000440000-0x000000ff0000 : "rootfs" - # 0x000000ff0000-0x000001000000 : "ART" - # from openwrt bootlog (openwrt wiki): - # 5 fixed-partitions partitions found on MTD device spi0.0 - # OF: Bad cell count for /palmbus@1e000000/spi@b00/flash@0/partitions - # OF: Bad cell count for /palmbus@1e000000/spi@b00/flash@0/partitions - # OF: Bad cell count for /palmbus@1e000000/spi@b00/flash@0/partitions - # OF: Bad cell count for /palmbus@1e000000/spi@b00/flash@0/partitions - # Creating 5 MTD partitions on "spi0.0": - # 0x000000000000-0x000000040000 : "u-boot" - # 0x000000040000-0x000000fa0000 : "firmware" - # 2 uimage-fw partitions found on MTD device firmware - # Creating 2 MTD partitions on "firmware": - # 0x000000000000-0x0000002c0000 : "kernel" - # 0x0000002c0000-0x000000f60000 : "rootfs" - # mtd: setting mtd3 (rootfs) as root device - # 1 squashfs-split partitions found on MTD device rootfs - # 0x000000640000-0x000000f60000 : "rootfs_data" - # 0x000000fa0000-0x000000fb0000 : "config" - # 0x000000fb0000-0x000000ff0000 : "tplink" - # 0x000000ff0000-0x000001000000 : "radio" - flash = { - # from the OEM bootlog 'Booting image at bc040000' - # (0x40000 from 0xbc000000) - address = lim.parseInt "0xbc040000"; - # 0x000000040000-0x000000fa0000 - size = lim.parseInt "0xf60000"; - # TODO: find in /proc/mtd on a running system - eraseBlockSize = 65536; - }; - - # since this is mentioned in the partition table as well? - defaultOutput = "tplink-safeloader"; - # taken from openwrt sysupgrade image: - # openwrt-23.05.2-ramips-mt7621-tplink_archer-ax23-v1-squashfs-sysupgrade.bin: u-boot legacy uImage, MIPS OpenWrt Linux-5.15.137, Linux/MIPS, OS Kernel Image (lzma), 2797386 bytes, Tue Nov 14 13:38:11 2023, Load Address: 0X80001000, Entry Point: 0X80001000, Header CRC: 0X19F74C5B, Data CRC: 0XF685563C - loadAddress = lim.parseInt "0x80001000"; - entryPoint = lim.parseInt "0x80001000"; - rootDevice = "/dev/mtdblock3"; - dts = { - src = "${openwrt.src}/target/linux/ramips/dts/mt7621_tplink_archer-ax23-v1.dts"; - includePaths = [ - "${openwrt.src}/target/linux/ramips/dts" - "${config.system.outputs.kernel.modulesupport}/arch/arm64/boot/dts/mediatek/" - ]; - }; - - networkInterfaces = - let - inherit (config.system.service.network) link; - in rec { - lan1 = link.build { ifname = "lan1"; }; - lan2 = link.build { ifname = "lan2"; }; - lan3 = link.build { ifname = "lan3"; }; - lan4 = link.build { ifname = "lan4"; }; - wan = link.build { ifname = "wan"; }; - - wlan = link.build { - ifname = "wlan0"; - dependencies = [ mac80211 ]; - }; - wlan5 = link.build { - ifname = "wlan1"; - dependencies = [ mac80211 ]; + let + inherit (pkgs.pseudofile) dir symlink; + in + dir { + lib = dir { + firmware = dir { + mediatek = symlink firmware; }; }; - }; - }; + }; + + hardware = + let + openwrt = pkgs.openwrt; + mac80211 = pkgs.kmodloader.override { + targets = [ + "mt7915e" + ]; + inherit (config.system.outputs) kernel; + }; + in + { + # from OEM bootlog (openwrt wiki): + # 4 cmdlinepart partitions found on MTD device raspi + # Creating 4 MTD partitions on "raspi": + # 0x000000000000-0x000000040000 : "uboot" + # 0x000000040000-0x000000440000 : "uImage" + # 0x000000440000-0x000000ff0000 : "rootfs" + # 0x000000ff0000-0x000001000000 : "ART" + # from openwrt bootlog (openwrt wiki): + # 5 fixed-partitions partitions found on MTD device spi0.0 + # OF: Bad cell count for /palmbus@1e000000/spi@b00/flash@0/partitions + # OF: Bad cell count for /palmbus@1e000000/spi@b00/flash@0/partitions + # OF: Bad cell count for /palmbus@1e000000/spi@b00/flash@0/partitions + # OF: Bad cell count for /palmbus@1e000000/spi@b00/flash@0/partitions + # Creating 5 MTD partitions on "spi0.0": + # 0x000000000000-0x000000040000 : "u-boot" + # 0x000000040000-0x000000fa0000 : "firmware" + # 2 uimage-fw partitions found on MTD device firmware + # Creating 2 MTD partitions on "firmware": + # 0x000000000000-0x0000002c0000 : "kernel" + # 0x0000002c0000-0x000000f60000 : "rootfs" + # mtd: setting mtd3 (rootfs) as root device + # 1 squashfs-split partitions found on MTD device rootfs + # 0x000000640000-0x000000f60000 : "rootfs_data" + # 0x000000fa0000-0x000000fb0000 : "config" + # 0x000000fb0000-0x000000ff0000 : "tplink" + # 0x000000ff0000-0x000001000000 : "radio" + flash = { + # from the OEM bootlog 'Booting image at bc040000' + # (0x40000 from 0xbc000000) + address = lim.parseInt "0xbc040000"; + # 0x000000040000-0x000000fa0000 + size = lim.parseInt "0xf60000"; + # TODO: find in /proc/mtd on a running system + eraseBlockSize = 65536; + }; + + # since this is mentioned in the partition table as well? + defaultOutput = "tplink-safeloader"; + # taken from openwrt sysupgrade image: + # openwrt-23.05.2-ramips-mt7621-tplink_archer-ax23-v1-squashfs-sysupgrade.bin: u-boot legacy uImage, MIPS OpenWrt Linux-5.15.137, Linux/MIPS, OS Kernel Image (lzma), 2797386 bytes, Tue Nov 14 13:38:11 2023, Load Address: 0X80001000, Entry Point: 0X80001000, Header CRC: 0X19F74C5B, Data CRC: 0XF685563C + loadAddress = lim.parseInt "0x80001000"; + entryPoint = lim.parseInt "0x80001000"; + rootDevice = "/dev/mtdblock3"; + dts = { + src = "${openwrt.src}/target/linux/ramips/dts/mt7621_tplink_archer-ax23-v1.dts"; + includePaths = [ + "${openwrt.src}/target/linux/ramips/dts" + "${config.system.outputs.kernel.modulesupport}/arch/arm64/boot/dts/mediatek/" + ]; + }; + + networkInterfaces = + let + inherit (config.system.service.network) link; + in + rec { + lan1 = link.build { ifname = "lan1"; }; + lan2 = link.build { ifname = "lan2"; }; + lan3 = link.build { ifname = "lan3"; }; + lan4 = link.build { ifname = "lan4"; }; + wan = link.build { ifname = "wan"; }; + + wlan = link.build { + ifname = "wlan0"; + dependencies = [ mac80211 ]; + }; + wlan5 = link.build { + ifname = "wlan1"; + dependencies = [ mac80211 ]; + }; + }; + }; + }; }; } diff --git a/devices/turris-omnia/default.nix b/devices/turris-omnia/default.nix index e5c4d9d..2db9932 100644 --- a/devices/turris-omnia/default.nix +++ b/devices/turris-omnia/default.nix @@ -153,11 +153,18 @@ }; }; - module = {pkgs, config, lib, lim, ... }: + module = + { + pkgs, + config, + lib, + lim, + ... + }: let inherit (pkgs.liminix.services) oneshot; inherit (pkgs) liminix; - mtd_by_name_links = pkgs.liminix.services.oneshot rec { + mtd_by_name_links = pkgs.liminix.services.oneshot rec { name = "mtd_by_name_links"; up = '' mkdir -p /dev/mtd/by-name @@ -167,7 +174,8 @@ done ''; }; - in { + in + { imports = [ ../../modules/arch/arm.nix ../../modules/outputs/tftpboot.nix @@ -194,7 +202,7 @@ CPU_V7 = "y"; ARCH_MULTIPLATFORM = "y"; ARCH_MVEBU = "y"; - ARCH_MULTI_V7= "y"; + ARCH_MULTI_V7 = "y"; PCI_MVEBU = "y"; AHCI_MVEBU = "y"; @@ -204,7 +212,6 @@ EXPERT = "y"; ALLOW_DEV_COREDUMP = "n"; - # dts has a compatible for this but dmesg is not # showing it EEPROM_AT24 = "y"; # atmel,24c64 @@ -215,44 +222,44 @@ MACH_ARMADA_38X = "y"; SMP = "y"; - # this is disabled for the moment because it relies on a + # this is disabled for the moment because it relies on a # GCC plugin that requires gmp.h to build, and I can't see # right now how to confgure it to find gmp STACKPROTECTOR_PER_TASK = "n"; NR_CPUS = "4"; VFP = "y"; - NEON= "y"; + NEON = "y"; # WARNING: unmet direct dependencies detected for ARCH_WANT_LIBATA_LEDS ATA = "y"; BLOCK = "y"; - MMC="y"; - PWRSEQ_EMMC="y"; # ??? - PWRSEQ_SIMPLE="y"; # ??? - MMC_BLOCK="y"; + MMC = "y"; + PWRSEQ_EMMC = "y"; # ??? + PWRSEQ_SIMPLE = "y"; # ??? + MMC_BLOCK = "y"; - MMC_SDHCI= "y"; - MMC_SDHCI_PLTFM= "y"; - MMC_SDHCI_PXAV3= "y"; - MMC_MVSDIO= "y"; + MMC_SDHCI = "y"; + MMC_SDHCI_PLTFM = "y"; + MMC_SDHCI_PXAV3 = "y"; + MMC_MVSDIO = "y"; SERIAL_8250 = "y"; SERIAL_8250_CONSOLE = "y"; - SERIAL_OF_PLATFORM="y"; + SERIAL_OF_PLATFORM = "y"; SERIAL_MVEBU_UART = "y"; SERIAL_MVEBU_CONSOLE = "y"; - SERIAL_8250_DMA= "y"; - SERIAL_8250_DW= "y"; - SERIAL_8250_EXTENDED= "y"; - SERIAL_8250_MANY_PORTS= "y"; - SERIAL_8250_SHARE_IRQ= "y"; - OF_ADDRESS= "y"; - OF_MDIO= "y"; + SERIAL_8250_DMA = "y"; + SERIAL_8250_DW = "y"; + SERIAL_8250_EXTENDED = "y"; + SERIAL_8250_MANY_PORTS = "y"; + SERIAL_8250_SHARE_IRQ = "y"; + OF_ADDRESS = "y"; + OF_MDIO = "y"; - WATCHDOG = "y"; # watchdog is enabled by u-boot - ORION_WATCHDOG = "y"; # so is non-optional to keep feeding + WATCHDOG = "y"; # watchdog is enabled by u-boot + ORION_WATCHDOG = "y"; # so is non-optional to keep feeding MVEBU_DEVBUS = "y"; # "Device Bus controller ... flash devices such as NOR, NAND, SRAM, and FPGA" MVMDIO = "y"; @@ -306,13 +313,14 @@ inherit (pkgs.pseudofile) dir symlink; firmware = pkgs.stdenv.mkDerivation { name = "wlan-firmware"; - phases = ["installPhase"]; + phases = [ "installPhase" ]; installPhase = '' mkdir $out cp -r ${pkgs.linux-firmware}/lib/firmware/ath10k/QCA988X $out ''; }; - in dir { + in + dir { lib = dir { firmware = dir { ath10k = symlink firmware; @@ -320,10 +328,12 @@ }; etc = dir { "fw_env.config" = - let f = pkgs.writeText "fw_env.config" '' - /dev/mtd/by-name/u-boot-env 0x0 0x10000 0x10000 - ''; - in symlink f; + let + f = pkgs.writeText "fw_env.config" '' + /dev/mtd/by-name/u-boot-env 0x0 0x10000 0x10000 + ''; + in + symlink f; }; }; @@ -333,75 +343,81 @@ compressRoot = true; }; - hardware = let - mac80211 = pkgs.kmodloader.override { - inherit (config.system.outputs) kernel; - targets = ["ath9k" "ath10k_pci"]; - }; - in { - defaultOutput = "updater"; - loadAddress = lim.parseInt "0x00800000"; # "0x00008000"; - entryPoint = lim.parseInt "0x00800000"; # "0x00008000"; - rootDevice = "/dev/mmcblk0p1"; - - dts = { - src = "${config.system.outputs.kernel.modulesupport}/arch/arm/boot/dts/marvell/armada-385-turris-omnia.dts"; - includePaths = [ - "${config.system.outputs.kernel.modulesupport}/arch/arm/boot/dts/marvell/" - ]; - }; - flash.eraseBlockSize = 65536; # only used for tftpboot - networkInterfaces = - let - inherit (config.system.service.network) link; - in rec { - en70000 = link.build { - # in armada-38x.dtsi this is eth0. - # It's connected to port 5 of the 88E6176 switch - devpath = "/devices/platform/soc/soc:internal-regs/f1070000.ethernet"; - # name is unambiguous but not very semantic - ifname = "en70000"; - }; - en30000 = link.build { - # in armada-38x.dtsi this is eth1 - # It's connected to port 6 of the 88E6176 switch - devpath = "/devices/platform/soc/soc:internal-regs/f1030000.ethernet"; - # name is unambiguous but not very semantic - ifname = "en30000"; - }; - # the default (from the dts? I'm guessing) behavour for - # lan ports on the switch is to attach them to - # en30000. It should be possible to do something better, - # per - # https://www.kernel.org/doc/html/latest/networking/dsa/configuration.html#affinity-of-user-ports-to-cpu-ports - # but apparently OpenWrt doesn't either so maybe it's more - # complicated than it looks. - - wan = link.build { - # in armada-38x.dtsi this is eth2. It may be connected to - # an ethernet phy or to the SFP cage, depending on a gpio - devpath = "/devices/platform/soc/soc:internal-regs/f1034000.ethernet"; - ifname = "wan"; - }; - - lan0 = link.build { ifname = "lan0"; }; - lan1 = link.build { ifname = "lan1"; }; - lan2 = link.build { ifname = "lan2"; }; - lan3 = link.build { ifname = "lan3"; }; - lan4 = link.build { ifname = "lan4"; }; - lan5 = link.build { ifname = "lan5"; }; - lan = lan0; # maybe we should build a bridge? - - wlan = link.build { - ifname = "wlan0"; - dependencies = [ mac80211 ]; - }; - wlan5 = link.build { - ifname = "wlan1"; - dependencies = [ mac80211 ]; - }; + hardware = + let + mac80211 = pkgs.kmodloader.override { + inherit (config.system.outputs) kernel; + targets = [ + "ath9k" + "ath10k_pci" + ]; }; - }; + in + { + defaultOutput = "updater"; + loadAddress = lim.parseInt "0x00800000"; # "0x00008000"; + entryPoint = lim.parseInt "0x00800000"; # "0x00008000"; + rootDevice = "/dev/mmcblk0p1"; + + dts = { + src = "${config.system.outputs.kernel.modulesupport}/arch/arm/boot/dts/marvell/armada-385-turris-omnia.dts"; + includePaths = [ + "${config.system.outputs.kernel.modulesupport}/arch/arm/boot/dts/marvell/" + ]; + }; + flash.eraseBlockSize = 65536; # only used for tftpboot + networkInterfaces = + let + inherit (config.system.service.network) link; + in + rec { + en70000 = link.build { + # in armada-38x.dtsi this is eth0. + # It's connected to port 5 of the 88E6176 switch + devpath = "/devices/platform/soc/soc:internal-regs/f1070000.ethernet"; + # name is unambiguous but not very semantic + ifname = "en70000"; + }; + en30000 = link.build { + # in armada-38x.dtsi this is eth1 + # It's connected to port 6 of the 88E6176 switch + devpath = "/devices/platform/soc/soc:internal-regs/f1030000.ethernet"; + # name is unambiguous but not very semantic + ifname = "en30000"; + }; + # the default (from the dts? I'm guessing) behavour for + # lan ports on the switch is to attach them to + # en30000. It should be possible to do something better, + # per + # https://www.kernel.org/doc/html/latest/networking/dsa/configuration.html#affinity-of-user-ports-to-cpu-ports + # but apparently OpenWrt doesn't either so maybe it's more + # complicated than it looks. + + wan = link.build { + # in armada-38x.dtsi this is eth2. It may be connected to + # an ethernet phy or to the SFP cage, depending on a gpio + devpath = "/devices/platform/soc/soc:internal-regs/f1034000.ethernet"; + ifname = "wan"; + }; + + lan0 = link.build { ifname = "lan0"; }; + lan1 = link.build { ifname = "lan1"; }; + lan2 = link.build { ifname = "lan2"; }; + lan3 = link.build { ifname = "lan3"; }; + lan4 = link.build { ifname = "lan4"; }; + lan5 = link.build { ifname = "lan5"; }; + lan = lan0; # maybe we should build a bridge? + + wlan = link.build { + ifname = "wlan0"; + dependencies = [ mac80211 ]; + }; + wlan5 = link.build { + ifname = "wlan1"; + dependencies = [ mac80211 ]; + }; + }; + }; }; }; } diff --git a/devices/zyxel-nwa50ax/default.nix b/devices/zyxel-nwa50ax/default.nix index 710473d..e398567 100644 --- a/devices/zyxel-nwa50ax/default.nix +++ b/devices/zyxel-nwa50ax/default.nix @@ -4,7 +4,7 @@ config = "mipsel-unknown-linux-musl"; gcc = { abi = "32"; - arch = "mips32"; # mips32r2? + arch = "mips32"; # mips32r2? }; }; }; @@ -101,7 +101,14 @@ ''; - module = { pkgs, config, lib, lim, ...}: + module = + { + pkgs, + config, + lib, + lim, + ... + }: let inherit (pkgs.pseudofile) dir symlink; inherit (pkgs) openwrt; @@ -123,7 +130,8 @@ url = "https://github.com/openwrt/mt76/raw/1b88dd07f153b202e57fe29734806744ed006b0e/firmware/mt7915_rom_patch.bin"; hash = "sha256-ifriAjWzFACrxVWCANZpUaEZgB/0pdbhnTVQytx6ddg="; }; - in { + in + { imports = [ # We include it to ensure the bridge functionality # is available on the target kernel. @@ -201,7 +209,8 @@ networkInterfaces = let inherit (config.system.service.network) link; - in { + in + { eth = link.build { ifname = "eth0"; }; lan = link.build { ifname = "lan"; }; wlan0 = link.build { @@ -253,107 +262,110 @@ extraPatchPhase = '' ${openwrt.applyPatches.ramips} ''; - config = { + config = + { - RALINK = "y"; - PCI = "y"; - PHY_MT7621_PCI = "y"; - PCIE_MT7621 = "y"; - SOC_MT7621 = "y"; - CLK_MT7621 = "y"; - CLOCKSOURCE_WATCHDOG = "y"; + RALINK = "y"; + PCI = "y"; + PHY_MT7621_PCI = "y"; + PCIE_MT7621 = "y"; + SOC_MT7621 = "y"; + CLK_MT7621 = "y"; + CLOCKSOURCE_WATCHDOG = "y"; - SERIAL_8250_CONSOLE = "y"; - SERIAL_8250 = "y"; - SERIAL_CORE_CONSOLE = "y"; - SERIAL_OF_PLATFORM = "y"; - SERIAL_8250_NR_UARTS = "3"; - SERIAL_8250_RUNTIME_UARTS = "3"; - SERIAL_MCTRL_GPIO = "y"; + SERIAL_8250_CONSOLE = "y"; + SERIAL_8250 = "y"; + SERIAL_CORE_CONSOLE = "y"; + SERIAL_OF_PLATFORM = "y"; + SERIAL_8250_NR_UARTS = "3"; + SERIAL_8250_RUNTIME_UARTS = "3"; + SERIAL_MCTRL_GPIO = "y"; - CONSOLE_LOGLEVEL_DEFAULT = "8"; - CONSOLE_LOGLEVEL_QUIET = "4"; + CONSOLE_LOGLEVEL_DEFAULT = "8"; + CONSOLE_LOGLEVEL_QUIET = "4"; - # MTD_UBI_BEB_LIMIT = "20"; - # MTD_UBI_WL_THRESHOLD = "4096"; + # MTD_UBI_BEB_LIMIT = "20"; + # MTD_UBI_WL_THRESHOLD = "4096"; - MTD = "y"; - MTD_BLOCK = "y"; # fix undefined ref to register_mtd_blktrans_dev - MTD_RAW_NAND = "y"; - MTD_NAND_MT7621 = "y"; - MTD_NAND_MTK_BMT = "y"; # Bad-block Management Table - MTD_NAND_ECC_SW_HAMMING= "y"; - MTD_SPI_NAND= "y"; - MTD_OF_PARTS = "y"; - MTD_NAND_CORE= "y"; - MTD_SPLIT_FIRMWARE= "y"; - MTD_SPLIT_FIT_FW= "y"; + MTD = "y"; + MTD_BLOCK = "y"; # fix undefined ref to register_mtd_blktrans_dev + MTD_RAW_NAND = "y"; + MTD_NAND_MT7621 = "y"; + MTD_NAND_MTK_BMT = "y"; # Bad-block Management Table + MTD_NAND_ECC_SW_HAMMING = "y"; + MTD_SPI_NAND = "y"; + MTD_OF_PARTS = "y"; + MTD_NAND_CORE = "y"; + MTD_SPLIT_FIRMWARE = "y"; + MTD_SPLIT_FIT_FW = "y"; - PINCTRL = "y"; - PINCTRL_MT7621 = "y"; + PINCTRL = "y"; + PINCTRL_MT7621 = "y"; - I2C = "y"; - I2C_MT7621 = "y"; + I2C = "y"; + I2C_MT7621 = "y"; - SPI = "y"; - MTD_SPI_NOR = "y"; - SPI_MT7621 = "y"; - SPI_MASTER = "y"; - SPI_MEM = "y"; + SPI = "y"; + MTD_SPI_NOR = "y"; + SPI_MT7621 = "y"; + SPI_MASTER = "y"; + SPI_MEM = "y"; - REGULATOR = "y"; - REGULATOR_FIXED_VOLTAGE = "y"; - RESET_CONTROLLER = "y"; - POWER_RESET = "y"; - POWER_RESET_GPIO = "y"; - POWER_SUPPLY = "y"; - LED_TRIGGER_PHY = "y"; + REGULATOR = "y"; + REGULATOR_FIXED_VOLTAGE = "y"; + RESET_CONTROLLER = "y"; + POWER_RESET = "y"; + POWER_RESET_GPIO = "y"; + POWER_SUPPLY = "y"; + LED_TRIGGER_PHY = "y"; - PCI_DISABLE_COMMON_QUIRKS = "y"; - PCI_DOMAINS = "y"; - PCI_DOMAINS_GENERIC = "y"; - PCI_DRIVERS_GENERIC = "y"; - PCS_MTK_LYNXI = "y"; + PCI_DISABLE_COMMON_QUIRKS = "y"; + PCI_DOMAINS = "y"; + PCI_DOMAINS_GENERIC = "y"; + PCI_DRIVERS_GENERIC = "y"; + PCS_MTK_LYNXI = "y"; - SOC_BUS = "y"; + SOC_BUS = "y"; - NET = "y"; - ETHERNET = "y"; - WLAN = "y"; + NET = "y"; + ETHERNET = "y"; + WLAN = "y"; - PHYLIB = "y"; - AT803X_PHY = "y"; - FIXED_PHY = "y"; - GENERIC_PHY = "y"; - NET_DSA = "y"; - NET_DSA_MT7530 = "y"; - NET_DSA_MT7530_MDIO = "y"; - NET_DSA_TAG_MTK = "y"; - NET_MEDIATEK_SOC = "y"; - NET_SWITCHDEV = "y"; - NET_VENDOR_MEDIATEK = "y"; + PHYLIB = "y"; + AT803X_PHY = "y"; + FIXED_PHY = "y"; + GENERIC_PHY = "y"; + NET_DSA = "y"; + NET_DSA_MT7530 = "y"; + NET_DSA_MT7530_MDIO = "y"; + NET_DSA_TAG_MTK = "y"; + NET_MEDIATEK_SOC = "y"; + NET_SWITCHDEV = "y"; + NET_VENDOR_MEDIATEK = "y"; - SWPHY = "y"; + SWPHY = "y"; - GPIOLIB = "y"; - GPIO_MT7621 = "y"; - OF_GPIO = "y"; + GPIOLIB = "y"; + GPIO_MT7621 = "y"; + OF_GPIO = "y"; - EARLY_PRINTK = "y"; + EARLY_PRINTK = "y"; - NEW_LEDS = "y"; - LEDS_TRIGGERS = "y"; - LEDS_CLASS = "y"; # required by rt2x00lib - LEDS_CLASS_MULTICOLOR = "y"; - LEDS_BRIGHTNESS_HW_CHANGED = "y"; + NEW_LEDS = "y"; + LEDS_TRIGGERS = "y"; + LEDS_CLASS = "y"; # required by rt2x00lib + LEDS_CLASS_MULTICOLOR = "y"; + LEDS_BRIGHTNESS_HW_CHANGED = "y"; - PRINTK_TIME = "y"; - } // lib.optionalAttrs (config.system.service ? vlan) { - SWCONFIG = "y"; - } // lib.optionalAttrs (config.system.service ? watchdog) { - RALINK_WDT = "y"; # watchdog - MT7621_WDT = "y"; # or it might be this one - }; + PRINTK_TIME = "y"; + } + // lib.optionalAttrs (config.system.service ? vlan) { + SWCONFIG = "y"; + } + // lib.optionalAttrs (config.system.service ? watchdog) { + RALINK_WDT = "y"; # watchdog + MT7621_WDT = "y"; # or it might be this one + }; }; }; } diff --git a/doc/extract-options.nix b/doc/extract-options.nix index 8f6e2c5..0588784 100644 --- a/doc/extract-options.nix +++ b/doc/extract-options.nix @@ -1,4 +1,8 @@ -{ eval, lib, pkgs }: +{ + eval, + lib, + pkgs, +}: let conf = eval.config; rootDir = builtins.toPath ./..; @@ -7,21 +11,24 @@ let inherit name; description = opt.description or null; default = opt.default or null; - visible = - if (opt ? visible && opt.visible == "shallow") - then true - else opt.visible or true; + visible = if (opt ? visible && opt.visible == "shallow") then true else opt.visible or true; readOnly = opt.readOnly or false; type = opt.type.description or "unspecified"; }; - spliceServiceDefn = item : - if item.type == "parametrisable s6-rc service definition" - then - let sd = lib.attrByPath item.loc ["not found"] conf; - in item // { - declarations = map stripAnyPrefixes item.declarations; + spliceServiceDefn = + item: + if item.type == "parametrisable s6-rc service definition" then + let + sd = lib.attrByPath item.loc [ "not found" ] conf; + in + item + // { + declarations = map stripAnyPrefixes item.declarations; parameters = - let x = lib.mapAttrsToList optToDoc sd.parameters; in x; + let + x = lib.mapAttrsToList optToDoc sd.parameters; + in + x; } else item // { declarations = map stripAnyPrefixes item.declarations; }; diff --git a/doc/hardware.nix b/doc/hardware.nix index 0a13578..5f6a3f0 100644 --- a/doc/hardware.nix +++ b/doc/hardware.nix @@ -7,7 +7,7 @@ let n: let d = import ../devices/${n}/default.nix; - tag = ".. _${lib.strings.replaceStrings [" "] ["-"] n}:"; + tag = ".. _${lib.strings.replaceStrings [ " " ] [ "-" ] n}:"; d' = { description = '' ${n} @@ -15,7 +15,7 @@ let ''; } // d; in - "${tag}\n\n${d'.description}" + "${tag}\n\n${d'.description}" ) devices; in writeText "hwdoc" '' diff --git a/examples/arhcive.nix b/examples/arhcive.nix index 3674e3a..370c4eb 100644 --- a/examples/arhcive.nix +++ b/examples/arhcive.nix @@ -9,13 +9,15 @@ pkgs, lib, ... -}: let +}: +let secrets = import ./extneder-secrets.nix; inherit (pkgs.liminix.services) oneshot longrun target; inherit (pkgs.pseudofile) dir symlink; inherit (pkgs) writeText serviceFns; svc = config.system.service; -in rec { +in +rec { boot = { tftp = { serverip = "10.0.0.1"; @@ -34,10 +36,11 @@ in rec { ]; hostname = "arhcive"; - services.dhcpc = - let iface = config.hardware.networkInterfaces.lan; - in svc.network.dhcp.client.build { + let + iface = config.hardware.networkInterfaces.lan; + in + svc.network.dhcp.client.build { interface = iface; dependencies = [ config.services.hostname ]; }; @@ -45,7 +48,10 @@ in rec { services.sshd = svc.ssh.build { }; services.watchdog = svc.watchdog.build { - watched = with config.services ; [ sshd dhcpc ]; + watched = with config.services; [ + sshd + dhcpc + ]; }; services.resolvconf = oneshot rec { @@ -63,17 +69,20 @@ in rec { etc = dir { "resolv.conf" = symlink "${services.resolvconf}/.outputs/resolv.conf"; }; - srv = dir {}; + srv = dir { }; }; services.defaultroute4 = svc.network.route.build { via = "$(output ${services.dhcpc} router)"; target = "default"; - dependencies = [services.dhcpc]; + dependencies = [ services.dhcpc ]; }; - programs.busybox = { - applets = ["lsusb" "tar"]; + programs.busybox = { + applets = [ + "lsusb" + "tar" + ]; options = { FEATURE_LS_TIMESTAMPS = "y"; FEATURE_LS_SORTFILES = "y"; @@ -108,7 +117,8 @@ in rec { gid = backup secrets file = ${secrets_file}/.outputs/secrets ''; - in longrun { + in + longrun { name = "rsync"; run = '' ${pkgs.rsyncSmall}/bin/rsync --no-detach --daemon --config=${configFile} diff --git a/examples/demo.nix b/examples/demo.nix index 721c9ec..67cd395 100644 --- a/examples/demo.nix +++ b/examples/demo.nix @@ -14,7 +14,8 @@ let ipv4LocalNet = "10.8.0"; svc = config.system.service; -in rec { +in +rec { boot = { tftp = { freeSpaceBytes = 3 * 1024 * 1024; @@ -99,8 +100,10 @@ in rec { }; services.dns = - let interface = services.int; - in svc.dnsmasq.build { + let + interface = services.int; + in + svc.dnsmasq.build { resolvconf = services.resolvconf; inherit interface; ranges = [ @@ -124,12 +127,16 @@ in rec { services.wan = svc.pppoe.build { interface = config.hardware.networkInterfaces.wan; ppp-options = [ - "debug" "+ipv6" "noauth" + "debug" + "+ipv6" + "noauth" # EDIT: change the strings "chap-username" # and "chap-secret" to match the username/password # provided by your ISP for PPP logins - "name" "chap-username" - "password" "chap-secret" + "name" + "chap-username" + "password" + "chap-secret" ]; }; @@ -146,8 +153,10 @@ in rec { }; filesystem = - let inherit (pkgs.pseudofile) dir symlink; - in dir { + let + inherit (pkgs.pseudofile) dir symlink; + in + dir { etc = dir { "resolv.conf" = symlink "${services.resolvconf}/.outputs/resolv.conf"; }; @@ -176,10 +185,12 @@ in rec { # LAN interfaces respectively. services.dhcp6c = - let client = svc.dhcp6c.client.build { - interface = services.wan; - }; - in bundle { + let + client = svc.dhcp6c.client.build { + interface = services.wan; + }; + in + bundle { name = "dhcp6c"; contents = [ (svc.dhcp6c.prefix.build { diff --git a/examples/extneder.nix b/examples/extneder.nix index 7156f70..ed5f792 100644 --- a/examples/extneder.nix +++ b/examples/extneder.nix @@ -10,10 +10,12 @@ lib, modulesPath, ... -}: let +}: +let secrets = import ./extneder-secrets.nix; svc = config.system.service; -in rec { +in +rec { boot = { tftp = { serverip = "192.168.8.148"; @@ -30,7 +32,7 @@ in rec { hostname = "extneder"; profile.wap = { - interfaces = with config.hardware.networkInterfaces; [ + interfaces = with config.hardware.networkInterfaces; [ lan wlan ]; @@ -47,7 +49,12 @@ in rec { }; }; - services.sshd = svc.ssh.build {}; + services.sshd = svc.ssh.build { }; users.root.passwd = lib.mkForce secrets.root.passwd; - defaultProfile.packages = with pkgs; [nftables strace tcpdump swconfig]; + defaultProfile.packages = with pkgs; [ + nftables + strace + tcpdump + swconfig + ]; } diff --git a/examples/hello-from-mt300.nix b/examples/hello-from-mt300.nix index c6132f1..9d40831 100644 --- a/examples/hello-from-mt300.nix +++ b/examples/hello-from-mt300.nix @@ -1,8 +1,9 @@ -{ config, pkgs, ... } : +{ config, pkgs, ... }: let svc = config.system.service; -in rec { +in +rec { imports = [ ../modules/network ../modules/ssh diff --git a/examples/hello-from-qemu.nix b/examples/hello-from-qemu.nix index 6ee2c10..76ea699 100644 --- a/examples/hello-from-qemu.nix +++ b/examples/hello-from-qemu.nix @@ -1,8 +1,9 @@ -{ config, pkgs, ... } : +{ config, pkgs, ... }: let svc = config.system.service; -in rec { +in +rec { imports = [ ../modules/network ../modules/dnsmasq @@ -14,7 +15,9 @@ in rec { # configure the internal network (LAN) with an address services.int = svc.network.address.build { interface = config.hardware.networkInterfaces.lan; - family = "inet"; address ="10.3.0.1"; prefixLength = 16; + family = "inet"; + address = "10.3.0.1"; + prefixLength = 16; }; services.sshd = svc.ssh.build { }; @@ -26,8 +29,10 @@ in rec { }; services.dns = - let interface = services.int; - in svc.dnsmasq.build { + let + interface = services.int; + in + svc.dnsmasq.build { inherit interface; ranges = [ "10.3.0.10,10.3.0.240" diff --git a/examples/module-https-proxy.nix b/examples/module-https-proxy.nix index 3624bad..6d435b1 100644 --- a/examples/module-https-proxy.nix +++ b/examples/module-https-proxy.nix @@ -19,19 +19,21 @@ { config, pkgs, ... }: let - inherit (pkgs.liminix.services) longrun; + inherit (pkgs.liminix.services) longrun; inherit (pkgs) writeText; nginx_uid = 62; -in { +in +{ config = { users.nginx = { - uid = nginx_uid; gid= nginx_uid; + uid = nginx_uid; + gid = nginx_uid; dir = "/run/"; shell = "/bin/false"; }; groups.nginx = { - gid= nginx_uid; - usernames = ["nginx"]; + gid = nginx_uid; + usernames = [ "nginx" ]; }; services.sniproxy = @@ -41,7 +43,8 @@ in { zlib = null; options = [ "stream" - "stream_ssl_module" "stream_ssl_preread_module" + "stream_ssl_module" + "stream_ssl_preread_module" "stream_map_module" ]; }; @@ -71,8 +74,9 @@ in { ssl_preread on; } } - ''; - in longrun { + ''; + in + longrun { name = "sniproxy"; run = '' ${nginx}/bin/nginx -c ${conf} diff --git a/examples/nwa50ax-ap.nix b/examples/nwa50ax-ap.nix index 6926724..a581efd 100644 --- a/examples/nwa50ax-ap.nix +++ b/examples/nwa50ax-ap.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... } : +{ config, pkgs, ... }: let inherit (pkgs.liminix.services) target; svc = config.system.service; @@ -43,13 +43,16 @@ let he_oper_centr_freq_seg0_idx = 42; require_vht = 1; }; - mkWifiSta = params: interface: secrets: svc.hostapd.build { - inherit interface; + mkWifiSta = + params: interface: secrets: + svc.hostapd.build { + inherit interface; params = params // { inherit (secrets) ssid wpa_passphrase; }; - }; -in rec { + }; +in +rec { imports = [ ../modules/wlan.nix ../modules/network @@ -87,8 +90,10 @@ in rec { }; services.dhcpv4 = - let iface = services.int; - in svc.network.dhcp.client.build { interface = iface; }; + let + iface = services.int; + in + svc.network.dhcp.client.build { interface = iface; }; services.defaultroute4 = svc.network.route.build { via = "$(output ${services.dhcpv4} address)"; @@ -102,7 +107,9 @@ in rec { }; services.ntp = config.system.service.ntp.build { - pools = { "pool.ntp.org" = ["iburst"] ; }; + pools = { + "pool.ntp.org" = [ "iburst" ]; + }; }; boot.tftp = { @@ -113,7 +120,14 @@ in rec { # wlan0 is the 2.4GHz interface. services.hostap-1 = mkWifiSta baseParams config.hardware.networkInterfaces.wlan0 secrets-1; # wlan1 is the 5GHz interface, e.g. AX capable. - services.hostap-2 = mkWifiSta (baseParams // modernParams) config.hardware.networkInterfaces.wlan1 secrets-2; + services.hostap-2 = mkWifiSta ( + baseParams // modernParams + ) config.hardware.networkInterfaces.wlan1 secrets-2; - defaultProfile.packages = with pkgs; [ zyxel-bootconfig iw min-collect-garbage mtdutils ]; + defaultProfile.packages = with pkgs; [ + zyxel-bootconfig + iw + min-collect-garbage + mtdutils + ]; } diff --git a/examples/recovery.nix b/examples/recovery.nix index 7391a70..fe5b5ae 100644 --- a/examples/recovery.nix +++ b/examples/recovery.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... } : +{ + config, + pkgs, + lib, + ... +}: let inherit (pkgs) serviceFns; svc = config.system.service; @@ -9,7 +14,8 @@ let cd ${pkgs.util-linux-small}/bin cp fdisk sfdisk mkswap $out/bin ''; -in rec { +in +rec { imports = [ ../modules/network ../modules/ssh @@ -67,19 +73,23 @@ in rec { ''; }; - services.growfs = let name = "growfs"; in oneshot { - inherit name; - up = '' - device=$(grep /persist /proc/1/mountinfo | cut -f9 -d' ') - ${pkgs.e2fsprogs}/bin/resize2fs $device - ''; - }; + services.growfs = + let + name = "growfs"; + in + oneshot { + inherit name; + up = '' + device=$(grep /persist /proc/1/mountinfo | cut -f9 -d' ') + ${pkgs.e2fsprogs}/bin/resize2fs $device + ''; + }; filesystem = dir { etc = dir { "resolv.conf" = symlink "${services.resolvconf}/.outputs/resolv.conf"; }; - mnt = dir {}; + mnt = dir { }; }; rootfsType = "ext4"; @@ -92,20 +102,20 @@ in rec { # create this hashed password string passwd = "$6$y7WZ5hM6l5nriLmo$5AJlmzQZ6WA.7uBC7S8L4o19ESR28Dg25v64/vDvvCN01Ms9QoHeGByj8lGlJ4/b.dbwR9Hq2KXurSnLigt1W1"; - openssh.authorizedKeys.keys = - let fromBuild = - (builtins.readFile - ((builtins.toPath (builtins.getEnv "HOME")) + "/.ssh/authorized_keys") - ); - in lib.splitString "\n" fromBuild; + let + fromBuild = ( + builtins.readFile ((builtins.toPath (builtins.getEnv "HOME")) + "/.ssh/authorized_keys") + ); + in + lib.splitString "\n" fromBuild; }; defaultProfile.packages = with pkgs; [ e2fsprogs # ext4 btrfs-progs mtdutils # mtd, jffs2, ubifs - dtc # you never know when you might need device tree stuff + dtc # you never know when you might need device tree stuff some-util-linux libubootenv # fw_{set,print}env pciutils diff --git a/examples/rotuer.nix b/examples/rotuer.nix index 1d2a726..d9aec11 100644 --- a/examples/rotuer.nix +++ b/examples/rotuer.nix @@ -4,7 +4,13 @@ # devices: mostly you will need to attend to the number of wlan and lan # interfaces -{ config, pkgs, lib, modulesPath, ... } : +{ + config, + pkgs, + lib, + modulesPath, + ... +}: let secrets = { domainName = "fake.liminix.org"; @@ -17,7 +23,8 @@ let wmm_enabled = 1; }; -in rec { +in +rec { boot = { tftp = { freeSpaceBytes = 3 * 1024 * 1024; @@ -33,22 +40,26 @@ in rec { profile.gateway = { lan = { - interfaces = with config.hardware.networkInterfaces; - [ - # EDIT: these are the interfaces exposed by the gl.inet gl-ar750: - # if your device has more or differently named lan interfaces, - # specify them here - wlan wlan5 - lan - ]; + interfaces = with config.hardware.networkInterfaces; [ + # EDIT: these are the interfaces exposed by the gl.inet gl-ar750: + # if your device has more or differently named lan interfaces, + # specify them here + wlan + wlan5 + lan + ]; inherit (secrets.lan) prefix; address = { - family = "inet"; address ="${secrets.lan.prefix}.1"; prefixLength = 24; + family = "inet"; + address = "${secrets.lan.prefix}.1"; + prefixLength = 24; }; dhcp = { start = 10; end = 240; - hosts = { } // lib.optionalAttrs (builtins.pathExists ./static-leases.nix) (import ./static-leases.nix); + hosts = + { } + // lib.optionalAttrs (builtins.pathExists ./static-leases.nix) (import ./static-leases.nix); localDomain = "lan"; }; }; @@ -95,8 +106,13 @@ in rec { }; services.ntp = svc.ntp.build { - pools = { "pool.ntp.org" = ["iburst"]; }; - makestep = { threshold = 1.0; limit = 3; }; + pools = { + "pool.ntp.org" = [ "iburst" ]; + }; + makestep = { + threshold = 1.0; + limit = 3; + }; }; services.sshd = svc.ssh.build { }; @@ -113,7 +129,8 @@ in rec { programs.busybox = { applets = [ - "fdisk" "sfdisk" + "fdisk" + "sfdisk" ]; options = { FEATURE_FANCY_TAIL = "y"; diff --git a/examples/router-with-l2tp.nix b/examples/router-with-l2tp.nix index 6c54dc7..2a4d597 100644 --- a/examples/router-with-l2tp.nix +++ b/examples/router-with-l2tp.nix @@ -6,7 +6,8 @@ pkgs, lib, ... -}: let +}: +let secrets = import ./extneder-secrets.nix; rsecrets = import ./rotuer-secrets.nix; @@ -27,7 +28,10 @@ # to start l2tp unless the expected lns address is one of the # addresses returned. I think this satisfies "do check the DNS" - lns = { hostname = "l2tp.aaisp.net.uk"; address = "194.4.172.12"; }; + lns = { + hostname = "l2tp.aaisp.net.uk"; + address = "194.4.172.12"; + }; inherit (pkgs.liminix.services) oneshot longrun target; inherit (pkgs.liminix) outputRef; @@ -39,7 +43,8 @@ inherit (rsecrets) wpa_passphrase; wmm_enabled = 1; }; -in rec { +in +rec { boot = { tftp = { serverip = "10.0.0.1"; @@ -62,7 +67,9 @@ in rec { services.wan-address-for-secrets = svc.network.address.build { interface = config.hardware.networkInterfaces.wan; - family = "inet"; address ="10.0.0.10"; prefixLength = 24; + family = "inet"; + address = "10.0.0.10"; + prefixLength = 24; }; services.secrets = svc.secrets.outboard.build { @@ -83,22 +90,26 @@ in rec { profile.gateway = { lan = { - interfaces = with config.hardware.networkInterfaces; - [ - # EDIT: these are the interfaces exposed by the gl.inet gl-ar750: - # if your device has more or differently named lan interfaces, - # specify them here - wlan wlan5 - lan - ]; + interfaces = with config.hardware.networkInterfaces; [ + # EDIT: these are the interfaces exposed by the gl.inet gl-ar750: + # if your device has more or differently named lan interfaces, + # specify them here + wlan + wlan5 + lan + ]; inherit (rsecrets.lan) prefix; address = { - family = "inet"; address ="${rsecrets.lan.prefix}.1"; prefixLength = 24; + family = "inet"; + address = "${rsecrets.lan.prefix}.1"; + prefixLength = 24; }; dhcp = { start = 10; end = 240; - hosts = { } // lib.optionalAttrs (builtins.pathExists ./static-leases.nix) (import ./static-leases.nix); + hosts = + { } + // lib.optionalAttrs (builtins.pathExists ./static-leases.nix) (import ./static-leases.nix); localDomain = "lan"; }; }; @@ -107,7 +118,8 @@ in rec { secret = outputRef config.services.secrets; username = secret "ppp/username"; password = secret "ppp/password"; - in { + in + { interface = let pppoe = svc.pppoe.build { @@ -126,21 +138,29 @@ in rec { route = svc.network.route.build { via = "$(output ${services.bootstrap-dhcpc} router)"; target = lns.address; - dependencies = [services.bootstrap-dhcpc check-address]; + dependencies = [ + services.bootstrap-dhcpc + check-address + ]; }; - l2tpd= svc.l2tp.build { + l2tpd = svc.l2tp.build { lns = lns.address; inherit username password; - dependencies = [config.services.lns-address route check-address]; + dependencies = [ + config.services.lns-address + route + check-address + ]; }; in - svc.health-check.build { - service = l2tpd; - threshold = 3; - interval = 2; - healthCheck = pkgs.writeAshScript "ping-check" {} "ping 1.1.1.1"; - }; - in svc.round-robin.build { + svc.health-check.build { + service = l2tpd; + threshold = 3; + interval = 2; + healthCheck = pkgs.writeAshScript "ping-check" { } "ping 1.1.1.1"; + }; + in + svc.round-robin.build { name = "wan"; services = [ pppoe @@ -151,27 +171,33 @@ in rec { }; wireless.networks = { - "${rsecrets.ssid}" = { - interface = config.hardware.networkInterfaces.wlan; - hw_mode = "g"; - channel = "6"; - ieee80211n = 1; - } // wirelessConfig // { - wpa_passphrase = outputRef config.services.secrets "wpa_passphrase"; - }; + "${rsecrets.ssid}" = + { + interface = config.hardware.networkInterfaces.wlan; + hw_mode = "g"; + channel = "6"; + ieee80211n = 1; + } + // wirelessConfig + // { + wpa_passphrase = outputRef config.services.secrets "wpa_passphrase"; + }; - "${rsecrets.ssid}5" = rec { - interface = config.hardware.networkInterfaces.wlan5; - hw_mode = "a"; - channel = 36; - ht_capab = "[HT40+]"; - vht_oper_chwidth = 1; - vht_oper_centr_freq_seg0_idx = channel + 6; - ieee80211n = 1; - ieee80211ac = 1; - } // wirelessConfig // { - wpa_passphrase = outputRef config.services.secrets "wpa_passphrase"; - }; + "${rsecrets.ssid}5" = + rec { + interface = config.hardware.networkInterfaces.wlan5; + hw_mode = "a"; + channel = 36; + ht_capab = "[HT40+]"; + vht_oper_chwidth = 1; + vht_oper_centr_freq_seg0_idx = channel + 6; + ieee80211n = 1; + ieee80211ac = 1; + } + // wirelessConfig + // { + wpa_passphrase = outputRef config.services.secrets "wpa_passphrase"; + }; }; }; @@ -184,23 +210,28 @@ in rec { authorizedKeys = outputRef config.services.secrets "ssh/authorizedKeys"; }; - services.lns-address = let - ns = "$(output_word ${services.bootstrap-dhcpc} dns 1)"; - route-to-bootstrap-nameserver = svc.network.route.build { - via = "$(output ${services.bootstrap-dhcpc} router)"; - target = ns; - dependencies = [services.bootstrap-dhcpc]; + services.lns-address = + let + ns = "$(output_word ${services.bootstrap-dhcpc} dns 1)"; + route-to-bootstrap-nameserver = svc.network.route.build { + via = "$(output ${services.bootstrap-dhcpc} router)"; + target = ns; + dependencies = [ services.bootstrap-dhcpc ]; + }; + in + oneshot rec { + name = "resolve-l2tp-server"; + dependencies = [ + services.bootstrap-dhcpc + route-to-bootstrap-nameserver + ]; + up = '' + (in_outputs ${name} + DNSCACHEIP="${ns}" ${pkgs.s6-dns}/bin/s6-dnsip4 ${lns.hostname} \ + > addresses + ) + ''; }; - in oneshot rec { - name = "resolve-l2tp-server"; - dependencies = [ services.bootstrap-dhcpc route-to-bootstrap-nameserver ]; - up = '' - (in_outputs ${name} - DNSCACHEIP="${ns}" ${pkgs.s6-dns}/bin/s6-dnsip4 ${lns.hostname} \ - > addresses - ) - ''; - }; users.root = rsecrets.root; diff --git a/examples/turris.nix b/examples/turris.nix index 975311a..5dc28e2 100644 --- a/examples/turris.nix +++ b/examples/turris.nix @@ -1,8 +1,14 @@ -{ config, pkgs, lim, ... } : +{ + config, + pkgs, + lim, + ... +}: let svc = config.system.service; -in rec { +in +rec { imports = [ ../modules/network ../modules/ssh @@ -29,12 +35,14 @@ in rec { hostname = "omnia"; services.hostap = - let secrets = { - ssid = "not-the-internet"; - channel = 4; - wpa_passphrase = "diamond dogs"; - }; - in svc.hostapd.build { + let + secrets = { + ssid = "not-the-internet"; + channel = 4; + wpa_passphrase = "diamond dogs"; + }; + in + svc.hostapd.build { interface = config.hardware.networkInterfaces.wlan; params = { country_code = "GB"; @@ -51,12 +59,14 @@ in rec { }; services.hostap5 = - let secrets = { - ssid = "not-the-internet"; - channel = 36; - wpa_passphrase = "diamond dogs"; - }; - in svc.hostapd.build { + let + secrets = { + ssid = "not-the-internet"; + channel = 36; + wpa_passphrase = "diamond dogs"; + }; + in + svc.hostapd.build { interface = config.hardware.networkInterfaces.wlan5; params = { country_code = "GB"; @@ -103,6 +113,7 @@ in rec { }; defaultProfile.packages = with pkgs; [ - figlet pciutils + figlet + pciutils ]; } diff --git a/modules/all-modules.nix b/modules/all-modules.nix index 326a056..338d5a4 100644 --- a/modules/all-modules.nix +++ b/modules/all-modules.nix @@ -4,35 +4,35 @@ { imports = [ - ./base.nix - ./bridge - ./busybox.nix - ./dhcp6c - ./dnsmasq - ./firewall - ./hardware.nix - ./hostapd - ./hostname.nix - ./kernel - ./mdevd.nix - ./mount - ./network - ./ntp - ./outputs.nix - ./outputs/ext4fs.nix - ./outputs/initramfs.nix - ./outputs/jffs2.nix - ./outputs/mtdimage.nix - ./outputs/tftpboot.nix - ./outputs/ubifs.nix - ./outputs/ubimage.nix - ./outputs/vmroot.nix - ./ppp - ./ramdisk.nix - ./ssh - ./users.nix - ./vlan - ./watchdog - ./wlan.nix - ]; + ./base.nix + ./bridge + ./busybox.nix + ./dhcp6c + ./dnsmasq + ./firewall + ./hardware.nix + ./hostapd + ./hostname.nix + ./kernel + ./mdevd.nix + ./mount + ./network + ./ntp + ./outputs.nix + ./outputs/ext4fs.nix + ./outputs/initramfs.nix + ./outputs/jffs2.nix + ./outputs/mtdimage.nix + ./outputs/tftpboot.nix + ./outputs/ubifs.nix + ./outputs/ubimage.nix + ./outputs/vmroot.nix + ./ppp + ./ramdisk.nix + ./ssh + ./users.nix + ./vlan + ./watchdog + ./wlan.nix + ]; } diff --git a/modules/arch/aarch64.nix b/modules/arch/aarch64.nix index 2faebe2..af65244 100644 --- a/modules/arch/aarch64.nix +++ b/modules/arch/aarch64.nix @@ -1,12 +1,17 @@ -{ lim, pkgs, config, ...}: +{ + lim, + pkgs, + config, + ... +}: { config = { kernel.config = { - CPU_LITTLE_ENDIAN= "y"; - CPU_BIG_ENDIAN= "n"; + CPU_LITTLE_ENDIAN = "y"; + CPU_BIG_ENDIAN = "n"; # CMDLINE_FROM_BOOTLOADER availability is conditional # on CMDLINE being set to something non-empty - CMDLINE="\"empty=false\""; + CMDLINE = "\"empty=false\""; CMDLINE_FROM_BOOTLOADER = "y"; OF = "y"; diff --git a/modules/arch/arm.nix b/modules/arch/arm.nix index 9efd199..7e7b5a3 100644 --- a/modules/arch/arm.nix +++ b/modules/arch/arm.nix @@ -1,10 +1,15 @@ -{ lim, pkgs, config, ...}: +{ + lim, + pkgs, + config, + ... +}: { config = { kernel.config = { OF = "y"; }; - kernel.makeTargets = ["arch/arm/boot/zImage"]; + kernel.makeTargets = [ "arch/arm/boot/zImage" ]; hardware.ram.startAddress = lim.parseInt "0x40000000"; system.outputs.u-boot = pkgs.ubootQemuArm; }; diff --git a/modules/arch/mips.nix b/modules/arch/mips.nix index 1570623..64da42a 100644 --- a/modules/arch/mips.nix +++ b/modules/arch/mips.nix @@ -1,4 +1,4 @@ -{ config, lim, ...}: +{ config, lim, ... }: { config = { kernel.config = { diff --git a/modules/arch/mipseb.nix b/modules/arch/mipseb.nix index 79ecd6b..0f3f092 100644 --- a/modules/arch/mipseb.nix +++ b/modules/arch/mipseb.nix @@ -1,4 +1,4 @@ -{ pkgs, config, ...}: +{ pkgs, config, ... }: { imports = [ ./mips.nix ]; config = { diff --git a/modules/arch/mipsel.nix b/modules/arch/mipsel.nix index 11a8d81..7235cd7 100644 --- a/modules/arch/mipsel.nix +++ b/modules/arch/mipsel.nix @@ -1,4 +1,4 @@ -{ config, ...}: +{ config, ... }: { imports = [ ./mips.nix ]; config = { diff --git a/modules/base.nix b/modules/base.nix index 1284271..51dc348 100644 --- a/modules/base.nix +++ b/modules/base.nix @@ -1,15 +1,20 @@ ## Base options ## ============ - -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types; inherit (pkgs.pseudofile) dir symlink; type_service = pkgs.liminix.lib.types.service; -in { +in +{ options = { defaultProfile = { packages = mkOption { @@ -109,8 +114,13 @@ in { }; }; config = { - defaultProfile.packages = with pkgs; - [ s6 s6-init-bin execline s6-linux-init s6-rc ]; + defaultProfile.packages = with pkgs; [ + s6 + s6-init-bin + execline + s6-linux-init + s6-rc + ]; boot.commandLine = [ "panic=10 oops=panic init=/bin/init loglevel=8" @@ -119,69 +129,98 @@ in { "fw_devlink=off" ] ++ lib.optional (config.rootOptions != null) "rootflags=${config.rootOptions}"; - system.callService = path : parameters : + system.callService = + path: parameters: let - typeChecked = caller: type: value: + typeChecked = + caller: type: value: let inherit (lib) types mergeDefinitions; - defs = [{ file = caller; inherit value; }]; + defs = [ + { + file = caller; + inherit value; + } + ]; type' = types.submodule { options = type; }; - in (mergeDefinitions [] type' defs).mergedValue; - cp = lib.callPackageWith(pkgs // { svc = config.system.service; }); - pkg = cp path {}; - checkTypes = t : p : typeChecked (builtins.toString path) t p; - in { + in + (mergeDefinitions [ ] type' defs).mergedValue; + cp = lib.callPackageWith (pkgs // { svc = config.system.service; }); + pkg = cp path { }; + checkTypes = t: p: typeChecked (builtins.toString path) t p; + in + { inherit parameters; - build = { dependencies ? [], ... } @ args : + build = + { + dependencies ? [ ], + ... + }@args: let - s = pkg (checkTypes parameters - (builtins.removeAttrs args ["dependencies"])); - in s.overrideAttrs (o: { + s = pkg (checkTypes parameters (builtins.removeAttrs args [ "dependencies" ])); + in + s.overrideAttrs (o: { dependencies = dependencies ++ o.dependencies; buildInputs = dependencies ++ o.buildInputs; }); }; users.root = { - uid = 0; gid= 0; gecos = "Root of all evaluation"; + uid = 0; + gid = 0; + gecos = "Root of all evaluation"; dir = "/home/root/"; passwd = lib.mkDefault ""; shell = "/bin/sh"; }; groups = { root = { - gid = 0; usernames = ["root"]; + gid = 0; + usernames = [ "root" ]; }; system = { - gid = 1; usernames = ["root"]; + gid = 1; + usernames = [ "root" ]; }; }; filesystem = dir { dev = - let node = type: major: minor: mode : { inherit type major minor mode; }; - in dir { - null = node "c" "1" "3" "0666"; - zero = node "c" "1" "5" "0666"; - tty = node "c" "5" "0" "0666"; + let + node = type: major: minor: mode: { + inherit + type + major + minor + mode + ; + }; + in + dir { + null = node "c" "1" "3" "0666"; + zero = node "c" "1" "5" "0666"; + tty = node "c" "5" "0" "0666"; console = node "c" "5" "1" "0600"; - pts = dir {}; + pts = dir { }; + }; + etc = + let + profile = symlink ( + pkgs.writeScript ".profile" '' + PATH=${lib.makeBinPath config.defaultProfile.packages}:/bin + export PATH + '' + ); + in + dir { + inherit profile; + ashrc = profile; }; - etc = let - profile = symlink - (pkgs.writeScript ".profile" '' - PATH=${lib.makeBinPath config.defaultProfile.packages}:/bin - export PATH - ''); - in dir { - inherit profile; - ashrc = profile; - }; - proc = dir {}; - run = dir {}; - sys = dir {}; - tmp = dir {}; + proc = dir { }; + run = dir { }; + sys = dir { }; + tmp = dir { }; }; }; } diff --git a/modules/bridge/default.nix b/modules/bridge/default.nix index 8e67440..87f7a81 100644 --- a/modules/bridge/default.nix +++ b/modules/bridge/default.nix @@ -6,8 +6,12 @@ ## with one or more WLANs so that several local devices appear to be ## on the same network. - -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types; inherit (pkgs) liminix; @@ -40,13 +44,15 @@ in }; }; }; - config.kernel.config = { - BRIDGE = "y"; - BRIDGE_IGMP_SNOOPING = "y"; - } // lib.optionalAttrs (config.system.service ? vlan) { - # depends on bridge _and_ vlan. I would like there to be - # a better way to test for the existence of vlan config: - # maybe the module should set an `enabled` attribute? - BRIDGE_VLAN_FILTERING = "y"; - }; + config.kernel.config = + { + BRIDGE = "y"; + BRIDGE_IGMP_SNOOPING = "y"; + } + // lib.optionalAttrs (config.system.service ? vlan) { + # depends on bridge _and_ vlan. I would like there to be + # a better way to test for the existence of vlan config: + # maybe the module should set an `enabled` attribute? + BRIDGE_VLAN_FILTERING = "y"; + }; } diff --git a/modules/bridge/members.nix b/modules/bridge/members.nix index dea0baa..0054621 100644 --- a/modules/bridge/members.nix +++ b/modules/bridge/members.nix @@ -1,21 +1,25 @@ { - liminix -, ifwait -, svc + liminix, + ifwait, + svc, }: -{ members, primary } : +{ members, primary }: let inherit (liminix.networking) interface; inherit (liminix.services) bundle oneshot; - addif = member : + addif = + member: # how do we get sight of services from here? maybe we need to # implement ifwait as a regualr derivation instead of a # servicedefinition svc.ifwait.build { state = "running"; interface = member; - dependencies = [ primary member ]; + dependencies = [ + primary + member + ]; service = oneshot { name = "${primary.name}.member.${member.name}"; up = '' @@ -24,7 +28,8 @@ let down = "ip link set dev $(output ${member} ifname) nomaster"; }; }; -in bundle { +in +bundle { name = "${primary.name}.members"; contents = map addif members; } diff --git a/modules/bridge/primary.nix b/modules/bridge/primary.nix index fb357e6..811e90e 100644 --- a/modules/bridge/primary.nix +++ b/modules/bridge/primary.nix @@ -1,11 +1,12 @@ { - liminix -, lib + liminix, + lib, }: -{ ifname } : +{ ifname }: let inherit (liminix.services) oneshot; -in oneshot rec { +in +oneshot rec { name = "${ifname}.link"; up = '' ip link add name ${ifname} type bridge diff --git a/modules/busybox.nix b/modules/busybox.nix index fe4042d..2a26c44 100644 --- a/modules/busybox.nix +++ b/modules/busybox.nix @@ -6,19 +6,26 @@ ## the commands (termed "applets") required by the user or ## by other included modules. -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types mapAttrsToList; inherit (pkgs.pseudofile) dir symlink; inherit (lib.strings) toUpper; - attrs = { options, applets } : + attrs = + { options, applets }: let - extraOptions = builtins.concatStringsSep "\n" - (mapAttrsToList (n: v: "CONFIG_${toUpper n} ${toString v}") options); - appletOptions = builtins.concatStringsSep "\n" - (map (n: "CONFIG_${toUpper n} y") applets); - in { + extraOptions = builtins.concatStringsSep "\n" ( + mapAttrsToList (n: v: "CONFIG_${toUpper n} ${toString v}") options + ); + appletOptions = builtins.concatStringsSep "\n" (map (n: "CONFIG_${toUpper n} y") applets); + in + { enableMinimal = true; extraConfig = '' ${extraOptions} @@ -26,44 +33,171 @@ let ''; }; cfg = config.programs.busybox; - busybox = pkgs.busybox.override (attrs { inherit (cfg) applets options; }); - makeLinks = lib.attrsets.genAttrs - cfg.applets - (a: symlink "${busybox}/bin/busybox"); + busybox = pkgs.busybox.override (attrs { + inherit (cfg) applets options; + }); + makeLinks = lib.attrsets.genAttrs cfg.applets (a: symlink "${busybox}/bin/busybox"); minimalApplets = [ # this is probably less minimal than it could be - "arch" "ash" "base64" "basename" "bc" "brctl" "bunzip2" "bzcat" "bzip2" - "cal" "cat" "chattr" "chgrp" "chmod" "chown" "chpst" "chroot" "clear" "cmp" - "comm" "cp" "cpio" "cut" "date" "dhcprelay" "dd" "df" "dirname" "dmesg" - "du" "echo" "egrep" "env" "expand" "expr" "false" "fdisk" "fgrep" "find" - "free" "fuser" "grep" "gunzip" "gzip" "head" "hexdump" "hostname" "hwclock" - "ifconfig" "ip" "ipaddr" "iplink" "ipneigh" "iproute" "iprule" "kill" - "killall" "killall5" "less" "ln" "ls" "lsattr" "lsof" "md5sum" "mkdir" - "mknod" "mktemp" "mount" "mv" "nc" "netstat" "nohup" "od" "pgrep" "pidof" - "ping" "ping6" "pkill" "pmap" "printenv" "printf" "ps" "pwd" "readlink" - "realpath" "reset" "rm" "rmdir" "route" "sed" "seq" "setsid" "sha1sum" - "sha256sum" "sha512sum" "sleep" "sort" "stat" "strings" "stty" "su" "sum" - "swapoff" "swapon" "sync" "tail" "tee" "test" "time" "touch" "tr" - "traceroute" "traceroute6" "true" "truncate" "tty" "udhcpc" "umount" - "uname" "unexpand" "uniq" "unlink" "unlzma" "unxz" "unzip" "uptime" "watch" - "wc" "whoami" "xargs" "xxd" "xz" "xzcat" "yes" "zcat" + "arch" + "ash" + "base64" + "basename" + "bc" + "brctl" + "bunzip2" + "bzcat" + "bzip2" + "cal" + "cat" + "chattr" + "chgrp" + "chmod" + "chown" + "chpst" + "chroot" + "clear" + "cmp" + "comm" + "cp" + "cpio" + "cut" + "date" + "dhcprelay" + "dd" + "df" + "dirname" + "dmesg" + "du" + "echo" + "egrep" + "env" + "expand" + "expr" + "false" + "fdisk" + "fgrep" + "find" + "free" + "fuser" + "grep" + "gunzip" + "gzip" + "head" + "hexdump" + "hostname" + "hwclock" + "ifconfig" + "ip" + "ipaddr" + "iplink" + "ipneigh" + "iproute" + "iprule" + "kill" + "killall" + "killall5" + "less" + "ln" + "ls" + "lsattr" + "lsof" + "md5sum" + "mkdir" + "mknod" + "mktemp" + "mount" + "mv" + "nc" + "netstat" + "nohup" + "od" + "pgrep" + "pidof" + "ping" + "ping6" + "pkill" + "pmap" + "printenv" + "printf" + "ps" + "pwd" + "readlink" + "realpath" + "reset" + "rm" + "rmdir" + "route" + "sed" + "seq" + "setsid" + "sha1sum" + "sha256sum" + "sha512sum" + "sleep" + "sort" + "stat" + "strings" + "stty" + "su" + "sum" + "swapoff" + "swapon" + "sync" + "tail" + "tee" + "test" + "time" + "touch" + "tr" + "traceroute" + "traceroute6" + "true" + "truncate" + "tty" + "udhcpc" + "umount" + "uname" + "unexpand" + "uniq" + "unlink" + "unlzma" + "unxz" + "unzip" + "uptime" + "watch" + "wc" + "whoami" + "xargs" + "xxd" + "xz" + "xzcat" + "yes" + "zcat" ]; -in { +in +{ options = { programs.busybox = { - applets = mkOption { + applets = mkOption { type = types.listOf types.str; description = "Applets required"; - default = []; - example = ["sh" "getty" "login"]; + default = [ ]; + example = [ + "sh" + "getty" + "login" + ]; }; options = mkOption { # mostly the values are y n or m, but sometimes # other strings are also used description = "Other busybox config flags that do not map directly to applet names (often prefixed FEATURE_)"; type = types.attrsOf types.nonEmptyStr; - default = { }; - example = { FEATURE_DD_IBS_OBS = "y"; }; + default = { }; + example = { + FEATURE_DD_IBS_OBS = "y"; + }; }; }; }; diff --git a/modules/dhcp6c/acquire-delegated-prefix.nix b/modules/dhcp6c/acquire-delegated-prefix.nix index 7cac901..6d6e9ae 100644 --- a/modules/dhcp6c/acquire-delegated-prefix.nix +++ b/modules/dhcp6c/acquire-delegated-prefix.nix @@ -1,10 +1,14 @@ { - writeFennel -, linotify -, anoia -, lualinux + writeFennel, + linotify, + anoia, + lualinux, }: writeFennel "acquire-delegated-prefix" { - packages = [ linotify anoia lualinux ]; + packages = [ + linotify + anoia + lualinux + ]; mainFunction = "run"; } ./acquire-delegated-prefix.fnl diff --git a/modules/dhcp6c/acquire-wan-address.nix b/modules/dhcp6c/acquire-wan-address.nix index 5361625..1fa00c0 100644 --- a/modules/dhcp6c/acquire-wan-address.nix +++ b/modules/dhcp6c/acquire-wan-address.nix @@ -1,10 +1,14 @@ { - writeFennel -, linotify -, anoia -, lualinux + writeFennel, + linotify, + anoia, + lualinux, }: writeFennel "acquire-wan-address" { - packages = [ linotify anoia lualinux ]; + packages = [ + linotify + anoia + lualinux + ]; mainFunction = "run"; } ./acquire-wan-address.fnl diff --git a/modules/dhcp6c/address.nix b/modules/dhcp6c/address.nix index 69ef092..3d01217 100644 --- a/modules/dhcp6c/address.nix +++ b/modules/dhcp6c/address.nix @@ -1,14 +1,18 @@ { - liminix -, callPackage + liminix, + callPackage, }: -{ client, interface } : +{ client, interface }: let inherit (liminix.services) longrun; name = "dhcp6c.addr.${client.name}.${interface.name}"; - script = callPackage ./acquire-wan-address.nix { }; -in longrun { + script = callPackage ./acquire-wan-address.nix { }; +in +longrun { inherit name; run = "${script} $SERVICE_OUTPUTS/${client.name} $(output ${interface} ifname)"; - dependencies = [ client interface ]; + dependencies = [ + client + interface + ]; } diff --git a/modules/dhcp6c/client.nix b/modules/dhcp6c/client.nix index abf24ff..77314f6 100644 --- a/modules/dhcp6c/client.nix +++ b/modules/dhcp6c/client.nix @@ -1,13 +1,14 @@ { - liminix -, odhcp6c -, odhcp-script + liminix, + odhcp6c, + odhcp-script, }: -{ interface } : +{ interface }: let inherit (liminix.services) longrun; name = "dhcp6c.${interface.name}"; -in longrun { +in +longrun { inherit name; notification-fd = 10; run = '' diff --git a/modules/dhcp6c/default.nix b/modules/dhcp6c/default.nix index 05b6586..47c06f1 100644 --- a/modules/dhcp6c/default.nix +++ b/modules/dhcp6c/default.nix @@ -9,7 +9,12 @@ ## addresses of network interfaces that you want to assign those ## prefixes to -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types; inherit (pkgs) liminix; diff --git a/modules/dhcp6c/prefix.nix b/modules/dhcp6c/prefix.nix index 485aa07..0b19cbe 100644 --- a/modules/dhcp6c/prefix.nix +++ b/modules/dhcp6c/prefix.nix @@ -1,14 +1,18 @@ { - liminix -, callPackage + liminix, + callPackage, }: -{ client, interface } : +{ client, interface }: let inherit (liminix.services) longrun; name = "dhcp6c.prefix.${client.name}.${interface.name}"; - script = callPackage ./acquire-delegated-prefix.nix { }; -in longrun { + script = callPackage ./acquire-delegated-prefix.nix { }; +in +longrun { inherit name; run = "${script} $SERVICE_OUTPUTS/${client.name} $(output ${interface} ifname)"; - dependencies = [ client interface ]; + dependencies = [ + client + interface + ]; } diff --git a/modules/dnsmasq/default.nix b/modules/dnsmasq/default.nix index d453811..62f2d09 100644 --- a/modules/dnsmasq/default.nix +++ b/modules/dnsmasq/default.nix @@ -4,12 +4,17 @@ ## This module includes a service to provide DNS, DHCP, and IPv6 ## router advertisement for the local network. - -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types; inherit (pkgs) liminix; -in { +in +{ options = { system.service.dnsmasq = mkOption { type = liminix.lib.types.serviceDefn; @@ -20,12 +25,12 @@ in { user = mkOption { type = types.str; default = "dnsmasq"; - description = "Specifies the unix user which dnsmasq will run as" ; + description = "Specifies the unix user which dnsmasq will run as"; }; group = mkOption { type = types.str; default = "dnsmasq"; - description = "Specifies the unix group which dnsmasq will run as" ; + description = "Specifies the unix group which dnsmasq will run as"; }; resolvconf = mkOption { type = types.nullOr liminix.lib.types.service; @@ -37,42 +42,47 @@ in { }; upstreams = mkOption { type = types.listOf types.str; - default = []; + default = [ ]; }; ranges = mkOption { type = types.listOf types.str; }; hosts = mkOption { - default = {}; - type = types.attrsOf (types.submodule { - options = { - mac = mkOption { - description = '' - MAC or other hardware address to match on. For Ethernet - this is a 48 bit address represented as colon-separated - hex bytes, or "id:clientid" to match a presented - client id (IPv6 DUID) - ''; - type = types.str; - example = "01:20:31:4a:50"; + default = { }; + type = types.attrsOf ( + types.submodule { + options = { + mac = mkOption { + description = '' + MAC or other hardware address to match on. For Ethernet + this is a 48 bit address represented as colon-separated + hex bytes, or "id:clientid" to match a presented + client id (IPv6 DUID) + ''; + type = types.str; + example = "01:20:31:4a:50"; + }; + v4 = mkOption { + description = "IPv4 address to assign to this client"; + example = "192.0.2.1"; + type = types.str; + }; + v6 = mkOption { + type = types.listOf types.str; + description = "IPv6 addresses or interface-ids to assign to this client"; + default = [ ]; + example = [ + "fe80::42:1eff:fefd:b341" + "::1234" + ]; + }; + leasetime = mkOption { + type = types.int; + default = 86400; + }; }; - v4 = mkOption { - description = "IPv4 address to assign to this client"; - example = "192.0.2.1"; - type = types.str; - }; - v6 = mkOption { - type = types.listOf types.str; - description = "IPv6 addresses or interface-ids to assign to this client"; - default = []; - example = [ "fe80::42:1eff:fefd:b341" "::1234"]; - }; - leasetime = mkOption { - type = types.int; - default = 86400; - }; - }; - }); + } + ); }; domain = mkOption { # this can be given multiple times so probably should be @@ -83,13 +93,16 @@ in { }; }; users.dnsmasq = { - uid = 51; gid= 51; gecos = "DNS/DHCP service user"; + uid = 51; + gid = 51; + gecos = "DNS/DHCP service user"; dir = "/run/dnsmasq"; shell = "/bin/false"; }; groups.dnsmasq = { - gid = 51; usernames = ["dnsmasq"]; + gid = 51; + usernames = [ "dnsmasq" ]; }; - groups.system.usernames = ["dnsmasq"]; + groups.system.usernames = [ "dnsmasq" ]; }; } diff --git a/modules/dnsmasq/service.nix b/modules/dnsmasq/service.nix index bc05b40..2bbee46 100644 --- a/modules/dnsmasq/service.nix +++ b/modules/dnsmasq/service.nix @@ -1,26 +1,35 @@ { - liminix -, dnsmasq -, serviceFns -, lib + liminix, + dnsmasq, + serviceFns, + lib, }: { - interface -, user -, domain -, group -, ranges -, hosts -, upstreams -, resolvconf + interface, + user, + domain, + group, + ranges, + hosts, + upstreams, + resolvconf, }: let name = "${interface.name}.dnsmasq"; inherit (liminix.services) longrun; inherit (lib) concatStrings concatStringsSep mapAttrsToList; - hostOpt = name : { mac, v4, v6, leasetime }: - let v6s = concatStrings (map (a : ",[${a}]") v6); - in "--dhcp-host=${mac},${v4}${v6s},${name},${builtins.toString leasetime}"; + hostOpt = + name: + { + mac, + v4, + v6, + leasetime, + }: + let + v6s = concatStrings (map (a: ",[${a}]") v6); + in + "--dhcp-host=${mac},${v4}${v6s},${name},${builtins.toString leasetime}"; in longrun { inherit name; @@ -35,7 +44,12 @@ longrun { ${lib.concatStringsSep " " (builtins.map (r: "--server=${r}") upstreams)} \ --keep-in-foreground \ --dhcp-authoritative \ - ${if resolvconf != null then "--resolv-file=$(output_path ${resolvconf} resolv.conf)" else "--no-resolv"} \ + ${ + if resolvconf != null then + "--resolv-file=$(output_path ${resolvconf} resolv.conf)" + else + "--no-resolv" + } \ ${lib.concatStringsSep " " (mapAttrsToList hostOpt hosts)} \ --no-hosts \ --log-dhcp \ @@ -44,7 +58,7 @@ longrun { --dhcp-leasefile=$(mkstate ${name})/leases \ --pid-file=/run/${name}.pid ''; - # --log-debug \ - # --log-queries \ + # --log-debug \ + # --log-queries \ } diff --git a/modules/firewall/default-rules.nix b/modules/firewall/default-rules.nix index dcb62aa..c125fe9 100644 --- a/modules/firewall/default-rules.nix +++ b/modules/firewall/default-rules.nix @@ -1,9 +1,10 @@ let - drop = expr : "${expr} drop"; - accept = expr : "${expr} accept"; + drop = expr: "${expr} drop"; + accept = expr: "${expr} accept"; mcast-scope = 8; allow-incoming = false; -in { +in +{ bogons-ip6 = { type = "filter"; family = "ip6"; @@ -44,7 +45,7 @@ in { rules = [ (drop "ip6 saddr ::1/128") # loopback address [RFC4291] (drop "ip6 daddr ::1/128") - (drop "ip6 saddr ::FFFF:0:0/96")# IPv4-mapped addresses + (drop "ip6 saddr ::FFFF:0:0/96") # IPv4-mapped addresses (drop "ip6 daddr ::FFFF:0:0/96") (drop "ip6 saddr fe80::/10") # link-local unicast (drop "ip6 daddr fe80::/10") @@ -60,7 +61,8 @@ in { (drop # dest addr first byte 0xff, low nibble of second byte <= scope # https://www.mankier.com/8/nft#Payload_Expressions-Raw_Payload_Expression - "@nh,192,8 eq 0xff @nh,204,4 le ${toString mcast-scope}") + "@nh,192,8 eq 0xff @nh,204,4 le ${toString mcast-scope}" + ) (accept "oifname @lan iifname @wan meta l4proto udp ct state established,related") (accept "iifname @lan oifname @wan meta l4proto udp") @@ -72,7 +74,7 @@ in { # does this ever get used or does the preceding general udp accept # already grab anything that might get here? (accept "oifname @wan udp dport 500") # IKE Protocol [RFC5996]. haha zyxel - (accept "ip6 nexthdr 139") # Host Identity Protocol + (accept "ip6 nexthdr 139") # Host Identity Protocol ## FIXME no support yet for recs 27-30 Mobility Header @@ -88,9 +90,11 @@ in { # we can allow all reasonable inbound, or we can use an explicit # allowlist to enumerate the endpoints that are allowed to # accept inbound from the WAN - (if allow-incoming - then accept "oifname @lan iifname @wan" - else "iifname @wan jump incoming-allowed-ip6" + ( + if allow-incoming then + accept "oifname @lan iifname @wan" + else + "iifname @wan jump incoming-allowed-ip6" ) # allow all outbound and any inbound that's part of a # recognised (outbound-initiated) flow @@ -130,10 +134,7 @@ in { (accept "meta l4proto icmpv6") "iifname @lan jump input-ip6-lan" "iifname @wan jump input-ip6-wan" - (if allow-incoming - then accept "iifname @wan" - else "iifname @wan jump incoming-allowed-ip6" - ) + (if allow-incoming then accept "iifname @wan" else "iifname @wan jump incoming-allowed-ip6") # how does this even make sense in an input chain? (accept "iifname @wan ct state established,related") (accept "iifname @lan ") @@ -185,9 +186,9 @@ in { family = "ip"; rules = [ - (accept "udp dport 67") # dhcp - (accept "udp dport 53") # dns - (accept "tcp dport 22") # ssh + (accept "udp dport 67") # dhcp + (accept "udp dport 53") # dns + (accept "tcp dport 22") # ssh ]; }; diff --git a/modules/firewall/default.nix b/modules/firewall/default.nix index 03ff1d9..624bdd2 100644 --- a/modules/firewall/default.nix +++ b/modules/firewall/default.nix @@ -4,7 +4,12 @@ ## Provides a service to create an nftables ruleset based on ## configuration supplied to it. -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types; inherit (pkgs) liminix; @@ -54,37 +59,44 @@ in }; config = { system.service.firewall = - let svc = config.system.callService ./service.nix { - extraRules = mkOption { - type = types.attrsOf types.attrs; - description = "firewall ruleset"; - default = {}; - }; - zones = mkOption { - type = types.attrsOf (types.listOf liminix.lib.types.service); - default = {}; - example = lib.literalExpression '' - { - lan = with config.hardware.networkInterfaces; [ int ]; - wan = [ config.services.ppp0 ]; - } - ''; - }; - rules = mkOption { - type = types.attrsOf types.attrs; # we could usefully tighten this a bit :-) - default = import ./default-rules.nix; - description = "firewall ruleset"; - }; + let + svc = config.system.callService ./service.nix { + extraRules = mkOption { + type = types.attrsOf types.attrs; + description = "firewall ruleset"; + default = { }; }; - in svc // { - build = args : - let args' = args // { - dependencies = (args.dependencies or []) ++ [kmodules]; - }; - in svc.build args' ; + zones = mkOption { + type = types.attrsOf (types.listOf liminix.lib.types.service); + default = { }; + example = lib.literalExpression '' + { + lan = with config.hardware.networkInterfaces; [ int ]; + wan = [ config.services.ppp0 ]; + } + ''; + }; + rules = mkOption { + type = types.attrsOf types.attrs; # we could usefully tighten this a bit :-) + default = import ./default-rules.nix; + description = "firewall ruleset"; + }; + }; + in + svc + // { + build = + args: + let + args' = args // { + dependencies = (args.dependencies or [ ]) ++ [ kmodules ]; + }; + in + svc.build args'; }; programs.busybox.applets = [ - "insmod" "rmmod" + "insmod" + "rmmod" ]; kernel.config = { NETFILTER = "y"; @@ -94,7 +106,7 @@ in NETLINK_DIAG = "y"; - IP6_NF_IPTABLES= "m"; + IP6_NF_IPTABLES = "m"; IP_NF_IPTABLES = "m"; IP_NF_NAT = "m"; IP_NF_TARGET_MASQUERADE = "m"; diff --git a/modules/firewall/service.nix b/modules/firewall/service.nix index 9664ec9..431c728 100644 --- a/modules/firewall/service.nix +++ b/modules/firewall/service.nix @@ -1,37 +1,44 @@ { - liminix -, lib -, firewallgen -, nftables -, writeFennel -, anoia -, lualinux -, linotify + liminix, + lib, + firewallgen, + nftables, + writeFennel, + anoia, + lualinux, + linotify, +}: +{ + rules, + extraRules, + zones, }: -{ rules, extraRules, zones }: let inherit (liminix.services) longrun; inherit (lib.attrsets) mapAttrs' nameValuePair mapAttrsToList; inherit (lib.strings) concatStringsSep; inherit (lib.lists) flatten; - mkSet = family : name : - nameValuePair - "${name}-set-${family}" - { - kind = "set"; - inherit name family; - type = "ifname"; - }; - sets = (mapAttrs' (n : _ : mkSet "ip" n) zones) // - (mapAttrs' (n : _ : mkSet "ip6" n) zones); + mkSet = + family: name: + nameValuePair "${name}-set-${family}" { + kind = "set"; + inherit name family; + type = "ifname"; + }; + sets = (mapAttrs' (n: _: mkSet "ip" n) zones) // (mapAttrs' (n: _: mkSet "ip6" n) zones); allRules = lib.recursiveUpdate extraRules (lib.recursiveUpdate (builtins.trace sets sets) rules); script = firewallgen "firewall1.nft" allRules; ifwatch = writeFennel "ifwatch" { - packages = [anoia lualinux linotify]; + packages = [ + anoia + lualinux + linotify + ]; mainFunction = "run"; - } ./ifwatch.fnl ; - watchArg = z : intfs : map (i: "${z}:${i}/.outputs") intfs; -in longrun { + } ./ifwatch.fnl; + watchArg = z: intfs: map (i: "${z}:${i}/.outputs") intfs; +in +longrun { name = "firewall"; run = '' ${script} diff --git a/modules/hardware.nix b/modules/hardware.nix index fc62021..71338c4 100644 --- a/modules/hardware.nix +++ b/modules/hardware.nix @@ -75,17 +75,27 @@ in type = types.ints.unsigned; }; }; - loadAddress = mkOption { type = types.ints.unsigned; default = null; }; + loadAddress = mkOption { + type = types.ints.unsigned; + default = null; + }; entryPoint = mkOption { type = types.ints.unsigned; }; - alignment = mkOption { type = types.nullOr types.ints.unsigned; default = null; description = "Alignment passed to `mkimage` for FIT"; }; + alignment = mkOption { + type = types.nullOr types.ints.unsigned; + default = null; + description = "Alignment passed to `mkimage` for FIT"; + }; radios = mkOption { description = '' Kernel modules (from mac80211 package) required for the wireless devices on this board ''; type = types.listOf types.str; - default = []; - example = ["ath9k" "ath10k"]; + default = [ ]; + example = [ + "ath9k" + "ath10k" + ]; }; rootDevice = mkOption { description = "Full path to preferred root device"; diff --git a/modules/health-check/default.nix b/modules/health-check/default.nix index 9ac8858..ae7e730 100644 --- a/modules/health-check/default.nix +++ b/modules/health-check/default.nix @@ -6,13 +6,18 @@ ## have other behaviours by e.g. combining this service with a round-robin ## for failover) - -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types; inherit (pkgs) liminix; +in # inherit (pkgs.liminix.services) longrun; -in { +{ options = { system.service.health-check = mkOption { description = "run a service while periodically checking it is healthy"; @@ -23,13 +28,13 @@ in { service = mkOption { type = liminix.lib.types.service; }; - interval = mkOption { + interval = mkOption { description = "interval between checks, in seconds"; type = types.int; default = 10; example = 10; }; - threshold = mkOption { + threshold = mkOption { description = "number of consecutive failures required for the service to be kicked"; type = types.int; example = 3; @@ -39,5 +44,5 @@ in { type = types.path; }; }; - config.programs.busybox.applets = ["expr"]; + config.programs.busybox.applets = [ "expr" ]; } diff --git a/modules/health-check/service.nix b/modules/health-check/service.nix index 80b3e34..9049bda 100644 --- a/modules/health-check/service.nix +++ b/modules/health-check/service.nix @@ -1,37 +1,50 @@ { - liminix, lib, lim, s6 + liminix, + lib, + lim, + s6, +}: +{ + service, + interval, + threshold, + healthCheck, }: -{ service, interval, threshold, healthCheck } : let inherit (liminix.services) oneshot longrun; inherit (builtins) toString; inherit (service) name; - checker = let name' = "check-${name}"; in longrun { - name = name'; - run = '' - fails=0 - echo waiting for /run/service/${name} - ${s6}/bin/s6-svwait -U /run/service/${name} || exit - while sleep ${toString interval} ; do - ${healthCheck} - if test $? -gt 0; then - fails=$(expr $fails + 1) - else - fails=0 - fi - echo fails $fails/${toString threshold} for ${name} - if test "$fails" -gt "${toString threshold}" ; then - echo time to die - ${s6}/bin/s6-svc -r /run/service/${name} - echo bounced - fails=0 - echo waiting for /run/service/${name} - ${s6}/bin/s6-svwait -U /run/service/${name} - fi - done - ''; - }; -in service.overrideAttrs(o: { - buildInputs = (lim.orEmpty o.buildInputs) ++ [ checker ]; + checker = + let + name' = "check-${name}"; + in + longrun { + name = name'; + run = '' + fails=0 + echo waiting for /run/service/${name} + ${s6}/bin/s6-svwait -U /run/service/${name} || exit + while sleep ${toString interval} ; do + ${healthCheck} + if test $? -gt 0; then + fails=$(expr $fails + 1) + else + fails=0 + fi + echo fails $fails/${toString threshold} for ${name} + if test "$fails" -gt "${toString threshold}" ; then + echo time to die + ${s6}/bin/s6-svc -r /run/service/${name} + echo bounced + fails=0 + echo waiting for /run/service/${name} + ${s6}/bin/s6-svwait -U /run/service/${name} + fi + done + ''; + }; +in +service.overrideAttrs (o: { + buildInputs = (lim.orEmpty o.buildInputs) ++ [ checker ]; dependencies = (lim.orEmpty o.dependencies) ++ [ checker ]; }) diff --git a/modules/hostapd/default.nix b/modules/hostapd/default.nix index b1b0a23..ea5de0a 100644 --- a/modules/hostapd/default.nix +++ b/modules/hostapd/default.nix @@ -11,11 +11,17 @@ ## If you have more than one wireless network interface (e.g. ## wlan0, wlan1) you can run an instance of hostapd on each of them. -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types; inherit (pkgs) liminix; -in { +in +{ imports = [ ../secrets ]; options = { system.service.hostapd = mkOption { diff --git a/modules/hostapd/service.nix b/modules/hostapd/service.nix index cbb3037..0f1b66b 100644 --- a/modules/hostapd/service.nix +++ b/modules/hostapd/service.nix @@ -1,16 +1,23 @@ { - liminix -, svc -, hostapd -, output-template -, writeText -, lib + liminix, + svc, + hostapd, + output-template, + writeText, + lib, }: -{ interface, params} : +{ interface, params }: let inherit (liminix.services) longrun; - inherit (lib) concatStringsSep mapAttrsToList unique ; - inherit (builtins) map filter attrValues length head typeOf; + inherit (lib) concatStringsSep mapAttrsToList unique; + inherit (builtins) + map + filter + attrValues + length + head + typeOf + ; # This is not a friendly interface to configuring a wireless AP: it # just passes everything straight through to the hostapd config. @@ -19,27 +26,31 @@ let # extraParams name = "${interface.name}.hostapd"; - defaults = { + defaults = { driver = "nl80211"; logger_syslog = "-1"; logger_syslog_level = 1; ctrl_interface = "/run/${name}"; ctrl_interface_group = 0; }; - attrs = defaults // params ; - literal_or_output = o: ({ - string = builtins.toJSON; - int = builtins.toJSON; - lambda = (o: "output(${builtins.toJSON (o "service")}, ${builtins.toJSON (o "path")})"); - }.${builtins.typeOf o}) o; + attrs = defaults // params; + literal_or_output = + o: + ( + { + string = builtins.toJSON; + int = builtins.toJSON; + lambda = (o: "output(${builtins.toJSON (o "service")}, ${builtins.toJSON (o "path")})"); + } + .${builtins.typeOf o} + ) + o; - conf = - (writeText "hostapd.conf.in" - ((concatStringsSep - "\n" - (mapAttrsToList - (n : v : "${n}={{ ${literal_or_output v} }}") - attrs)) + "\n")); + conf = ( + writeText "hostapd.conf.in" ( + (concatStringsSep "\n" (mapAttrsToList (n: v: "${n}={{ ${literal_or_output v} }}") attrs)) + "\n" + ) + ); service = longrun { inherit name; dependencies = [ interface ]; @@ -51,7 +62,8 @@ let ''; }; watch = filter (f: typeOf f == "lambda") (attrValues attrs); -in svc.secrets.subscriber.build { +in +svc.secrets.subscriber.build { inherit service watch; action = "restart-all"; } diff --git a/modules/hostname.nix b/modules/hostname.nix index d5cd962..b6d7454 100644 --- a/modules/hostname.nix +++ b/modules/hostname.nix @@ -1,8 +1,14 @@ -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types; inherit (pkgs.liminix.services) oneshot; -in { +in +{ options = { hostname = mkOption { description = '' diff --git a/modules/ifwait/default.nix b/modules/ifwait/default.nix index 501f317..04038eb 100644 --- a/modules/ifwait/default.nix +++ b/modules/ifwait/default.nix @@ -1,10 +1,15 @@ -{ config, pkgs, lib, ... } : +{ + config, + pkgs, + lib, + ... +}: let inherit (pkgs) liminix; inherit (lib) mkOption types; -in { - options.system.service.ifwait = - mkOption { type = liminix.lib.types.serviceDefn; }; +in +{ + options.system.service.ifwait = mkOption { type = liminix.lib.types.serviceDefn; }; config.system.service.ifwait = config.system.callService ./ifwait.nix { state = mkOption { type = types.str; }; diff --git a/modules/ifwait/ifwait.nix b/modules/ifwait/ifwait.nix index 57896ff..7ab5c74 100644 --- a/modules/ifwait/ifwait.nix +++ b/modules/ifwait/ifwait.nix @@ -1,12 +1,13 @@ -{ ifwait, liminix } : +{ ifwait, liminix }: { - state -, interface -, service + state, + interface, + service, }: let inherit (liminix.services) longrun; -in longrun { +in +longrun { name = "ifwait.${interface.name}"; buildInputs = [ service ]; restart-on-upgrade = true; diff --git a/modules/kernel/default.nix b/modules/kernel/default.nix index 373bfcc..7b8b77a 100644 --- a/modules/kernel/default.nix +++ b/modules/kernel/default.nix @@ -3,26 +3,36 @@ ## ## -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let - inherit (lib) mkOption types ; + inherit (lib) mkOption types; inherit (pkgs) liminix openwrt; - mergeConditionals = conf : conditions : + mergeConditionals = + conf: conditions: # for each key in conditions, if it is present in conf # then merge the associated value into conf - lib.foldlAttrs - (acc: name: value: - if (conf ? ${name}) && (conf.${name} != "n") - then acc // value - else acc) - conf - conditions; -in { + lib.foldlAttrs ( + acc: name: value: + if (conf ? ${name}) && (conf.${name} != "n") then acc // value else acc + ) conf conditions; +in +{ options = { kernel = { - src = mkOption { type = types.path; default = openwrt.kernelSrc; } ; - version = mkOption { type = types.str; default = openwrt.kernelVersion;} ; + src = mkOption { + type = types.path; + default = openwrt.kernelSrc; + }; + version = mkOption { + type = types.str; + default = openwrt.kernelVersion; + }; modular = mkOption { type = types.bool; default = true; @@ -54,7 +64,7 @@ in { some other option is present. ''; type = types.attrsOf (types.attrsOf types.nonEmptyStr); - default = {}; + default = { }; example = { USB = { USB_XHCI_MVEBU = "y"; @@ -70,10 +80,9 @@ in { config = { system.outputs.kernel = let - mergedConfig = mergeConditionals - config.kernel.config - config.kernel.conditionalConfig; - in liminix.builders.kernel.override { + mergedConfig = mergeConditionals config.kernel.config config.kernel.conditionalConfig; + in + liminix.builders.kernel.override { config = mergedConfig; inherit (config.kernel) version src extraPatchPhase; targets = config.kernel.makeTargets; @@ -81,7 +90,7 @@ in { kernel = rec { modular = true; # disabling this is not yet supported - makeTargets = ["vmlinux"]; + makeTargets = [ "vmlinux" ]; config = { IKCONFIG = "y"; IKCONFIG_PROC = "y"; @@ -96,10 +105,10 @@ in { UNIX = "y"; INET = "y"; IPV6 = "y"; - PACKET = "y"; # for ppp, tcpdump ... - SYSVIPC= "y"; + PACKET = "y"; # for ppp, tcpdump ... + SYSVIPC = "y"; - NETDEVICES = "y"; # even PPP needs this + NETDEVICES = "y"; # even PPP needs this # disabling this option causes the kernel to use an "empty" # initramfs instead: it has a /dev/console node and not much diff --git a/modules/klogd.nix b/modules/klogd.nix index 3c2cb02..0ac5c15 100644 --- a/modules/klogd.nix +++ b/modules/klogd.nix @@ -1,7 +1,13 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let inherit (pkgs.liminix.services) longrun; -in { +in +{ config.services.klogd = longrun { name = "klogd"; run = '' diff --git a/modules/logging.nix b/modules/logging.nix index 96b4a3b..405cddb 100644 --- a/modules/logging.nix +++ b/modules/logging.nix @@ -1,7 +1,13 @@ { config, lib, ... }: let - inherit (lib) mkIf mkEnableOption mkOption types; -in { + inherit (lib) + mkIf + mkEnableOption + mkOption + types + ; +in +{ options = { logging = { persistent = { @@ -9,11 +15,11 @@ in { }; }; }; - config = { - kernel.config = mkIf config.logging.persistent.enable { - PSTORE = "y"; - PSTORE_PMSG = "y"; - PSTORE_RAM = "y"; - }; - }; + config = { + kernel.config = mkIf config.logging.persistent.enable { + PSTORE = "y"; + PSTORE_PMSG = "y"; + PSTORE_RAM = "y"; + }; + }; } diff --git a/modules/mdevd.nix b/modules/mdevd.nix index 7f331ee..512d055 100644 --- a/modules/mdevd.nix +++ b/modules/mdevd.nix @@ -1,6 +1,8 @@ -{ config, pkgs, ...} : -let inherit (pkgs.liminix.services) oneshot longrun; -in { +{ config, pkgs, ... }: +let + inherit (pkgs.liminix.services) oneshot longrun; +in +{ config = { services = rec { mdevd = longrun { diff --git a/modules/mount/default.nix b/modules/mount/default.nix index 94fc998..f71f269 100644 --- a/modules/mount/default.nix +++ b/modules/mount/default.nix @@ -2,53 +2,74 @@ ## ## Mount filesystems - -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types; inherit (pkgs) liminix; -in { +in +{ options = { system.service.mount = mkOption { type = liminix.lib.types.serviceDefn; }; }; - imports = [ ../mdevd.nix ../uevent-rule ]; + imports = [ + ../mdevd.nix + ../uevent-rule + ]; config.system.service.mount = - let svc = config.system.callService ./service.nix { - partlabel = mkOption { - type = types.str; - example = "my-usb-stick"; - }; - mountpoint = mkOption { - type = types.str; - example = "/mnt/media"; - }; - options = mkOption { - type = types.listOf types.str; - default = []; - example = ["noatime" "ro" "sync"]; - }; - fstype = mkOption { - type = types.str; - default = "auto"; - example = "vfat"; - }; + let + svc = config.system.callService ./service.nix { + partlabel = mkOption { + type = types.str; + example = "my-usb-stick"; }; - in svc // { - build = args: - let args' = args // { - dependencies = (args.dependencies or []) ++ [ - config.services.mdevd - config.services.devout - ]; - }; - in svc.build args' ; + mountpoint = mkOption { + type = types.str; + example = "/mnt/media"; + }; + options = mkOption { + type = types.listOf types.str; + default = [ ]; + example = [ + "noatime" + "ro" + "sync" + ]; + }; + fstype = mkOption { + type = types.str; + default = "auto"; + example = "vfat"; + }; + }; + in + svc + // { + build = + args: + let + args' = args // { + dependencies = (args.dependencies or [ ]) ++ [ + config.services.mdevd + config.services.devout + ]; + }; + in + svc.build args'; }; - config.programs.busybox = { - applets = ["blkid" "findfs"]; + config.programs.busybox = { + applets = [ + "blkid" + "findfs" + ]; options = { FEATURE_BLKID_TYPE = "y"; FEATURE_MOUNT_FLAGS = "y"; diff --git a/modules/mount/service.nix b/modules/mount/service.nix index a5782de..399167c 100644 --- a/modules/mount/service.nix +++ b/modules/mount/service.nix @@ -1,15 +1,19 @@ { - liminix -, lib -, svc + liminix, + lib, + svc, +}: +{ + partlabel, + mountpoint, + options, + fstype, }: -{ partlabel, mountpoint, options, fstype }: let inherit (liminix.services) oneshot; device = "/dev/disk/by-partlabel/${partlabel}"; name = "mount.${lib.strings.sanitizeDerivationName (lib.escapeURL mountpoint)}"; - options_string = - if options == [] then "" else "-o ${lib.concatStringsSep "," options}"; + options_string = if options == [ ] then "" else "-o ${lib.concatStringsSep "," options}"; controller = svc.uevent-rule.build { serviceName = name; symlink = device; @@ -18,7 +22,8 @@ let devtype = "partition"; }; }; -in oneshot { +in +oneshot { inherit name; timeout-up = 3600; up = "mount -t ${fstype} ${options_string} ${device} ${mountpoint}"; diff --git a/modules/network/address.nix b/modules/network/address.nix index 15fa81e..feb33e2 100644 --- a/modules/network/address.nix +++ b/modules/network/address.nix @@ -1,9 +1,14 @@ { - liminix -, serviceFns -, lib + liminix, + serviceFns, + lib, +}: +{ + interface, + family, + address, + prefixLength, }: -{interface, family, address, prefixLength} : let inherit (liminix.services) oneshot; # rather depending on the assumption that nobody will @@ -20,8 +25,9 @@ let echo $dev > ifname ) ''; -in oneshot { +in +oneshot { inherit name up; - down = "true"; # this has been broken for ~ ages + down = "true"; # this has been broken for ~ ages dependencies = [ interface ]; } diff --git a/modules/network/default.nix b/modules/network/default.nix index 73701c2..deea774 100644 --- a/modules/network/default.nix +++ b/modules/network/default.nix @@ -4,13 +4,18 @@ ## Basic network services for creating hardware ethernet devices ## and adding addresses - -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types; inherit (pkgs) liminix; inherit (pkgs.liminix.services) bundle; -in { +in +{ options = { system.service.network = { link = mkOption { @@ -42,17 +47,18 @@ in { lo = let net = config.system.service.network; - iface = net.link.build { ifname = "lo";}; - in bundle { + iface = net.link.build { ifname = "lo"; }; + in + bundle { name = "loopback"; contents = [ - ( net.address.build { + (net.address.build { interface = iface; family = "inet"; - address ="127.0.0.1"; + address = "127.0.0.1"; prefixLength = 8; }) - ( net.address.build { + (net.address.build { interface = iface; family = "inet6"; address = "::1"; @@ -82,7 +88,8 @@ in { Path to the sysfs node of the device. If you provide this and the ifname option, the device will be renamed to the name given by ifname. - ''; }; + ''; + }; # other "ip link add" options could go here as well mtu = mkOption { type = types.nullOr types.int; @@ -94,7 +101,10 @@ in { type = liminix.lib.types.service; }; family = mkOption { - type = types.enum [ "inet" "inet6" ]; + type = types.enum [ + "inet" + "inet6" + ]; }; address = mkOption { type = types.str; diff --git a/modules/network/dhcpc.nix b/modules/network/dhcpc.nix index cd652b2..d74bcb2 100644 --- a/modules/network/dhcpc.nix +++ b/modules/network/dhcpc.nix @@ -1,14 +1,14 @@ { - liminix -, writeAshScript -, serviceFns -, lib -} : + liminix, + writeAshScript, + serviceFns, + lib, +}: { interface }: let inherit (liminix.services) longrun; name = "${interface.name}.dhcpc"; - script = writeAshScript "dhcp-notify" { } '' + script = writeAshScript "dhcp-notify" { } '' . ${serviceFns} exec 2>&1 action=$1 @@ -38,7 +38,8 @@ let ;; esac ''; -in longrun { +in +longrun { inherit name; run = "exec /bin/udhcpc -f -i $(output ${interface} ifname) -x hostname:$(cat /proc/sys/kernel/hostname) -s ${script}"; notification-fd = 10; diff --git a/modules/network/forward.nix b/modules/network/forward.nix index d0a1a0e..71746f6 100644 --- a/modules/network/forward.nix +++ b/modules/network/forward.nix @@ -1,6 +1,6 @@ { - liminix -, lib + liminix, + lib, }: { enableIPv4, enableIPv6 }: let @@ -8,11 +8,9 @@ let ip4 = "/proc/sys/net/ipv4/conf/all/forwarding"; ip6 = "/proc/sys/net/ipv6/conf/all/forwarding"; opt = lib.optionalString; - sysctls = b : - "" - + opt enableIPv4 "echo ${b} > ${ip4}\n" - + opt enableIPv6 "echo ${b} > ${ip6}\n"; -in oneshot { + sysctls = b: "" + opt enableIPv4 "echo ${b} > ${ip4}\n" + opt enableIPv6 "echo ${b} > ${ip6}\n"; +in +oneshot { name = "forwarding${opt enableIPv4 "4"}${opt enableIPv6 "6"}"; up = sysctls "1"; down = sysctls "0"; diff --git a/modules/network/link.nix b/modules/network/link.nix index 0d11305..96a88eb 100644 --- a/modules/network/link.nix +++ b/modules/network/link.nix @@ -1,23 +1,27 @@ { - liminix -, lib + liminix, + lib, }: { - ifname -, devpath ? null -, mtu} : + ifname, + devpath ? null, + mtu, +}: # if devpath is supplied, we rename the interface at that # path to have the specified name. let inherit (liminix.services) oneshot; name = "${ifname}.link"; - rename = if devpath != null - then '' - oldname=$(cd /sys${devpath} && cd net/ && echo *) - ip link set ''${oldname} name ${ifname} - '' - else ""; -in oneshot { + rename = + if devpath != null then + '' + oldname=$(cd /sys${devpath} && cd net/ && echo *) + ip link set ''${oldname} name ${ifname} + '' + else + ""; +in +oneshot { inherit name; up = '' ${rename} diff --git a/modules/network/route.nix b/modules/network/route.nix index 3979261..5455aba 100644 --- a/modules/network/route.nix +++ b/modules/network/route.nix @@ -1,20 +1,30 @@ { - liminix -, lib + liminix, + lib, +}: +{ + target, + via, + interface ? null, + metric, }: -{ target, via, interface ? null, metric }: let inherit (liminix.services) oneshot; with_dev = if interface != null then "dev $(output ${interface} ifname)" else ""; target_hash = builtins.substring 0 12 (builtins.hashString "sha256" target); via_hash = builtins.substring 0 12 (builtins.hashString "sha256" via); -in oneshot { - name = "route-${target_hash}-${builtins.substring 0 12 (builtins.hashString "sha256" "${via_hash}-${if interface!=null then interface.name else ""}")}"; +in +oneshot { + name = "route-${target_hash}-${ + builtins.substring 0 12 ( + builtins.hashString "sha256" "${via_hash}-${if interface != null then interface.name else ""}" + ) + }"; up = '' ip route add ${target} via ${via} metric ${toString metric} ${with_dev} ''; down = '' ip route del ${target} via ${via} ${with_dev} ''; - dependencies = [] ++ lib.optional (interface != null) interface; + dependencies = [ ] ++ lib.optional (interface != null) interface; } diff --git a/modules/ntp/default.nix b/modules/ntp/default.nix index 6d51c2d..56c0969 100644 --- a/modules/ntp/default.nix +++ b/modules/ntp/default.nix @@ -6,12 +6,18 @@ ## optionally also provide time service to its peers. The ## implementation used in Liminix is Chrony -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types; inherit (pkgs) liminix; serverOpts = types.listOf types.str; -in { +in +{ options = { system.service.ntp = mkOption { type = liminix.lib.types.serviceDefn; @@ -23,23 +29,36 @@ in { type = types.str; default = "ntp"; }; - servers = mkOption { type = types.attrsOf serverOpts; default = {}; }; - pools = mkOption { type = types.attrsOf serverOpts; default = {}; }; - peers = mkOption { type = types.attrsOf serverOpts; default = {}; }; + servers = mkOption { + type = types.attrsOf serverOpts; + default = { }; + }; + pools = mkOption { + type = types.attrsOf serverOpts; + default = { }; + }; + peers = mkOption { + type = types.attrsOf serverOpts; + default = { }; + }; makestep = mkOption { default = null; - type = types.nullOr - (types.submodule { + type = types.nullOr ( + types.submodule { options = { - threshold = mkOption { type = types.number; default = null;}; + threshold = mkOption { + type = types.number; + default = null; + }; limit = mkOption { type = types.number; }; }; - }); + } + ); }; allow = mkOption { description = "subnets from which NTP clients are allowed to access the server"; type = types.listOf types.str; - default = []; + default = [ ]; }; bindaddress = mkOption { type = types.nullOr types.str; @@ -60,7 +79,9 @@ in { }; }; users.ntp = { - uid = 52; gid= 52; gecos = "Unprivileged NTP user"; + uid = 52; + gid = 52; + gecos = "Unprivileged NTP user"; dir = "/run/ntp"; shell = "/bin/false"; }; diff --git a/modules/ntp/service.nix b/modules/ntp/service.nix index 9481674..6d85b8a 100644 --- a/modules/ntp/service.nix +++ b/modules/ntp/service.nix @@ -1,25 +1,23 @@ { - liminix -, chrony -, lib -, writeText + liminix, + chrony, + lib, + writeText, }: params: let name = "ntp"; # bad name, needs to be unique inherit (liminix.services) longrun; inherit (lib) concatStringsSep mapAttrsToList; - configFile = p: - (mapAttrsToList (name: opts: "server ${name} ${concatStringsSep "" opts}") - p.servers) - ++ - (mapAttrsToList (name: opts: "pool ${name} ${concatStringsSep "" opts}") - p.pools) - ++ - (mapAttrsToList (name: opts: "peer ${name} ${concatStringsSep "" opts}") - p.peers) + configFile = + p: + (mapAttrsToList (name: opts: "server ${name} ${concatStringsSep "" opts}") p.servers) + ++ (mapAttrsToList (name: opts: "pool ${name} ${concatStringsSep "" opts}") p.pools) + ++ (mapAttrsToList (name: opts: "peer ${name} ${concatStringsSep "" opts}") p.peers) ++ lib.optional (p.user != null) "user ${p.user}" - ++ (lib.optional (p.makestep != null) "makestep ${toString p.makestep.threshold} ${toString p.makestep.limit}") + ++ (lib.optional ( + p.makestep != null + ) "makestep ${toString p.makestep.threshold} ${toString p.makestep.limit}") ++ (map (n: "allow ${n}") p.allow) ++ (lib.optional (p.bindaddress != null) "bindaddress ${p.bindaddress}") ++ (lib.optional (p.binddevice != null) "binddevice ${p.binddevice}") @@ -28,11 +26,11 @@ let "bindcmdaddress /" # disable unix socket "pidfile /run/${name}.pid" ] - ++ [p.extraConfig]; + ++ [ p.extraConfig ]; - config = writeText "chrony.conf" - (concatStringsSep "\n" (configFile params)); -in longrun { + config = writeText "chrony.conf" (concatStringsSep "\n" (configFile params)); +in +longrun { inherit name; run = "${chrony}/bin/chronyd -f ${config} -d"; } diff --git a/modules/outputs.nix b/modules/outputs.nix index 96e6c63..175f230 100644 --- a/modules/outputs.nix +++ b/modules/outputs.nix @@ -97,7 +97,7 @@ in system.outputs = rec { dtb = liminix.builders.dtb { inherit (config.boot) commandLine; - dts = [config.hardware.dts.src] ++ config.hardware.dts.includes; + dts = [ config.hardware.dts.src ] ++ config.hardware.dts.includes; includes = config.hardware.dts.includePaths ++ [ "${o.kernel.headers}/include" ]; @@ -105,7 +105,8 @@ in rootdir = let inherit (pkgs.pkgsBuildBuild) runCommand; - in runCommand "mktree" { } '' + in + runCommand "mktree" { } '' mkdir -p $out/nix/store/ $out/secrets $out/boot cp ${o.systemConfiguration}/bin/activate $out/activate ln -s ${pkgs.s6-init-bin}/bin/init $out/init @@ -115,14 +116,18 @@ in done ''; bootablerootdir = - let inherit (pkgs.pkgsBuildBuild) runCommand; - in runCommand "add-slash-boot" { } '' + let + inherit (pkgs.pkgsBuildBuild) runCommand; + in + runCommand "add-slash-boot" { } '' cp -a ${o.rootdir} $out - ${if o.bootfiles != null - then "(cd $out && chmod -R +w . && rmdir boot && cp -a ${o.bootfiles} boot)" - else "" - } - ''; + ${ + if o.bootfiles != null then + "(cd $out && chmod -R +w . && rmdir boot && cp -a ${o.bootfiles} boot)" + else + "" + } + ''; manifest = writeText "manifest.json" (builtins.toJSON config.filesystem.contents); }; }; diff --git a/modules/outputs/boot-extlinux.nix b/modules/outputs/boot-extlinux.nix index 70b71fd..cd46cd2 100644 --- a/modules/outputs/boot-extlinux.nix +++ b/modules/outputs/boot-extlinux.nix @@ -1,21 +1,28 @@ { - config -, pkgs -, lib -, ... + config, + pkgs, + lib, + ... }: let - inherit (lib) mkIf mkEnableOption mkOption types concatStringsSep; + inherit (lib) + mkIf + mkEnableOption + mkOption + types + concatStringsSep + ; inherit (pkgs.pseudofile) dir symlink; cfg = config.boot.loader.extlinux; o = config.system.outputs; cmdline = concatStringsSep " " config.boot.commandLine; wantsDtb = config.hardware.dts ? src && config.hardware.dts.src != null; -in { +in +{ options.boot.loader.extlinux.enable = mkEnableOption "extlinux"; config = mkIf cfg.enable { - system.outputs.bootfiles = pkgs.runCommand "extlinux" {} '' + system.outputs.bootfiles = pkgs.runCommand "extlinux" { } '' mkdir $out cd $out ${if wantsDtb then "cp ${o.dtb} dtb" else "true"} diff --git a/modules/outputs/boot-fit.nix b/modules/outputs/boot-fit.nix index cf998ba..b05bb45 100644 --- a/modules/outputs/boot-fit.nix +++ b/modules/outputs/boot-fit.nix @@ -1,21 +1,28 @@ { - config -, pkgs -, lib -, ... + config, + pkgs, + lib, + ... }: let - inherit (lib) mkIf mkEnableOption mkOption types concatStringsSep; + inherit (lib) + mkIf + mkEnableOption + mkOption + types + concatStringsSep + ; inherit (pkgs.pseudofile) dir symlink; cfg = config.boot.loader.fit; o = config.system.outputs; cmdline = concatStringsSep " " config.boot.commandLine; wantsDtb = config.hardware.dts ? src && config.hardware.dts.src != null; -in { +in +{ options.boot.loader.fit.enable = mkEnableOption "FIT in /boot"; config = mkIf cfg.enable { - system.outputs.bootfiles = pkgs.runCommand "boot-fit" {} '' + system.outputs.bootfiles = pkgs.runCommand "boot-fit" { } '' mkdir $out cd $out cp ${o.uimage} fit diff --git a/modules/outputs/btrfs.nix b/modules/outputs/btrfs.nix index dbf8a4d..3ad3a92 100644 --- a/modules/outputs/btrfs.nix +++ b/modules/outputs/btrfs.nix @@ -1,8 +1,8 @@ { - config -, pkgs -, lib -, ... + config, + pkgs, + lib, + ... }: let inherit (lib) mkIf; @@ -21,17 +21,20 @@ in rootfs = let inherit (pkgs.pkgsBuildBuild) runCommand e2fsprogs; - in runCommand "mkfs.btrfs" { - depsBuildBuild = [ e2fsprogs ]; - } '' - tree=${o.bootablerootdir} - size=$(du -s --apparent-size --block-size 1024 $tree |cut -f1) - # add 25% for filesystem overhead - size=$(( 5 * $size / 4)) - dd if=/dev/zero of=$out bs=1024 count=$size - echo "not implemented" ; exit 1 - # mke2fs -t ext4 -j -d $tree $out - ''; + in + runCommand "mkfs.btrfs" + { + depsBuildBuild = [ e2fsprogs ]; + } + '' + tree=${o.bootablerootdir} + size=$(du -s --apparent-size --block-size 1024 $tree |cut -f1) + # add 25% for filesystem overhead + size=$(( 5 * $size / 4)) + dd if=/dev/zero of=$out bs=1024 count=$size + echo "not implemented" ; exit 1 + # mke2fs -t ext4 -j -d $tree $out + ''; }; }; } diff --git a/modules/outputs/ext4fs.nix b/modules/outputs/ext4fs.nix index 19955e2..2b0191a 100644 --- a/modules/outputs/ext4fs.nix +++ b/modules/outputs/ext4fs.nix @@ -1,8 +1,8 @@ { - config -, pkgs -, lib -, ... + config, + pkgs, + lib, + ... }: let inherit (lib) mkIf; @@ -23,16 +23,19 @@ in rootfs = let inherit (pkgs.pkgsBuildBuild) runCommand e2fsprogs; - in runCommand "mkfs.ext4" { - depsBuildBuild = [ e2fsprogs ]; - } '' - tree=${o.bootablerootdir} - size=$(du -s --apparent-size --block-size 1024 $tree |cut -f1) - # add 25% for filesystem overhead - size=$(( 5 * $size / 4)) - dd if=/dev/zero of=$out bs=1024 count=$size - mke2fs -t ext4 -j -d $tree $out - ''; + in + runCommand "mkfs.ext4" + { + depsBuildBuild = [ e2fsprogs ]; + } + '' + tree=${o.bootablerootdir} + size=$(du -s --apparent-size --block-size 1024 $tree |cut -f1) + # add 25% for filesystem overhead + size=$(( 5 * $size / 4)) + dd if=/dev/zero of=$out bs=1024 count=$size + mke2fs -t ext4 -j -d $tree $out + ''; }; }; } diff --git a/modules/outputs/initramfs.nix b/modules/outputs/initramfs.nix index 37ff60c..5d933be 100644 --- a/modules/outputs/initramfs.nix +++ b/modules/outputs/initramfs.nix @@ -1,11 +1,16 @@ { - config -, pkgs -, lib -, ... + config, + pkgs, + lib, + ... }: let - inherit (lib) mkEnableOption mkOption mkIf types; + inherit (lib) + mkEnableOption + mkOption + mkIf + types + ; inherit (pkgs) runCommand; in { @@ -29,13 +34,15 @@ in kernel.config = { BLK_DEV_INITRD = "y"; INITRAMFS_SOURCE = builtins.toJSON "${config.system.outputs.initramfs}"; -# INITRAMFS_COMPRESSION_LZO = "y"; + # INITRAMFS_COMPRESSION_LZO = "y"; }; system.outputs = { initramfs = - let inherit (pkgs.pkgsBuildBuild) gen_init_cpio; - in runCommand "initramfs.cpio" {} '' + let + inherit (pkgs.pkgsBuildBuild) gen_init_cpio; + in + runCommand "initramfs.cpio" { } '' cat << SPECIALS | ${gen_init_cpio}/bin/gen_init_cpio /dev/stdin > $out dir /proc 0755 0 0 dir /dev 0755 0 0 diff --git a/modules/outputs/jffs2.nix b/modules/outputs/jffs2.nix index c8dd4d4..9e4ef68 100644 --- a/modules/outputs/jffs2.nix +++ b/modules/outputs/jffs2.nix @@ -1,8 +1,8 @@ { - config -, pkgs -, lib -, ... + config, + pkgs, + lib, + ... }: let inherit (lib) mkIf; @@ -27,14 +27,16 @@ in rootfs = let inherit (pkgs.pkgsBuildBuild) runCommand mtdutils; - endian = if pkgs.stdenv.isBigEndian - then "--big-endian" else "--little-endian"; - in runCommand "make-jffs2" { - depsBuildBuild = [ mtdutils ]; - } '' - tree=${o.bootablerootdir} - (cd $tree && mkfs.jffs2 --compression-mode=size ${endian} -e ${toString config.hardware.flash.eraseBlockSize} --enable-compressor=lzo --pad --root . --output $out --squash --faketime ) - ''; + endian = if pkgs.stdenv.isBigEndian then "--big-endian" else "--little-endian"; + in + runCommand "make-jffs2" + { + depsBuildBuild = [ mtdutils ]; + } + '' + tree=${o.bootablerootdir} + (cd $tree && mkfs.jffs2 --compression-mode=size ${endian} -e ${toString config.hardware.flash.eraseBlockSize} --enable-compressor=lzo --pad --root . --output $out --squash --faketime ) + ''; }; }; } diff --git a/modules/outputs/mbrimage.nix b/modules/outputs/mbrimage.nix index b4d9235..db61296 100644 --- a/modules/outputs/mbrimage.nix +++ b/modules/outputs/mbrimage.nix @@ -1,14 +1,15 @@ { - config -, pkgs -, lib -, ... + config, + pkgs, + lib, + ... }: let inherit (lib) mkOption types; o = config.system.outputs; phram_address = lib.toHexString (config.hardware.ram.startAddress + 256 * 1024 * 1024); -in { +in +{ options.system.outputs = { mbrimage = mkOption { type = types.package; @@ -20,7 +21,7 @@ in { the contents of ``outputs.rootfs`` as its only partition. ''; }; - vmdisk = mkOption { type = types.package; }; + vmdisk = mkOption { type = types.package; }; }; config = { @@ -28,15 +29,18 @@ in { mbrimage = let o = config.system.outputs; - in pkgs.runCommand "mbrimage" { - depsBuildBuild = [ pkgs.pkgsBuildBuild.util-linux ]; - } '' - # leave 4 sectors at start for partition table - # and alignment to 2048 bytes (does that help?) - dd if=${o.rootfs} of=$out bs=512 seek=4 conv=sync - echo '4,-,L,*' | sfdisk $out - ''; - vmdisk = pkgs.runCommand "vmdisk" {} '' + in + pkgs.runCommand "mbrimage" + { + depsBuildBuild = [ pkgs.pkgsBuildBuild.util-linux ]; + } + '' + # leave 4 sectors at start for partition table + # and alignment to 2048 bytes (does that help?) + dd if=${o.rootfs} of=$out bs=512 seek=4 conv=sync + echo '4,-,L,*' | sfdisk $out + ''; + vmdisk = pkgs.runCommand "vmdisk" { } '' mkdir $out cd $out ln -s ${o.mbrimage} ./mbrimage diff --git a/modules/outputs/mtdimage.nix b/modules/outputs/mtdimage.nix index 48801ba..d8dfeac 100644 --- a/modules/outputs/mtdimage.nix +++ b/modules/outputs/mtdimage.nix @@ -1,17 +1,18 @@ { - config -, pkgs -, lib -, ... + config, + pkgs, + lib, + ... }: let inherit (lib) mkOption types concatStringsSep; inherit (config.boot) tftp; -in { +in +{ options.system.outputs = { firmware = mkOption { type = types.package; - internal = true; # component of mtdimage + internal = true; # component of mtdimage description = '' Binary image (combining kernel, FDT, rootfs, initramfs if needed, etc) for the target device. @@ -19,7 +20,7 @@ in { }; flash-scr = mkOption { type = types.package; - internal = true; # component of mtdimage + internal = true; # component of mtdimage description = '' Copy-pastable U-Boot commands to TFTP download the image and write it to flash @@ -60,13 +61,15 @@ in { config = { kernel = { - config = { - # this needs to be conditional on "not qemu" - MTD_SPLIT_UIMAGE_FW = "y"; - } // lib.optionalAttrs (pkgs.stdenv.isMips) { - # https://stackoverflow.com/questions/26466470/can-the-logical-erase-block-size-of-an-mtd-device-be-increased - MTD_SPI_NOR_USE_4K_SECTORS = "n"; - }; + config = + { + # this needs to be conditional on "not qemu" + MTD_SPLIT_UIMAGE_FW = "y"; + } + // lib.optionalAttrs (pkgs.stdenv.isMips) { + # https://stackoverflow.com/questions/26466470/can-the-logical-erase-block-size-of-an-mtd-device-be-increased + MTD_SPI_NOR_USE_4K_SECTORS = "n"; + }; }; programs.busybox.applets = [ @@ -78,14 +81,17 @@ in { let o = config.system.outputs; bs = toString config.hardware.flash.eraseBlockSize; - in pkgs.runCommand "firmware" {} '' + in + pkgs.runCommand "firmware" { } '' dd if=${o.uimage} of=$out bs=${bs} conv=sync dd if=${o.rootfs} of=$out bs=${bs} conv=sync,nocreat,notrunc oflag=append ''; mtdimage = - let o = config.system.outputs; in + let + o = config.system.outputs; + in # could use trivial-builders.linkFarmFromDrvs here? - pkgs.runCommand "mtdimage" {} '' + pkgs.runCommand "mtdimage" { } '' mkdir $out cd $out ln -s ${o.firmware} firmware.bin @@ -96,24 +102,24 @@ in { ln -s ${o.uimage} uimage ln -s ${o.dtb} dtb ln -s ${o.flash-scr} flash.scr - ''; + ''; flash-scr = let inherit (pkgs.lib.trivial) toHexString; inherit (config.hardware) flash; in - pkgs.buildPackages.runCommand "" {} '' - imageSize=$(stat -L -c %s ${config.system.outputs.firmware}) - cat > $out << EOF - setenv serverip ${tftp.serverip} - setenv ipaddr ${tftp.ipaddr} - tftp 0x${toHexString tftp.loadAddress} result/firmware.bin - erase 0x${toHexString flash.address} +0x${toHexString flash.size} - cp.b 0x${toHexString tftp.loadAddress} 0x${toHexString flash.address} \''${filesize} - echo command line was ${builtins.toJSON (concatStringsSep " " config.boot.commandLine)} - EOF - ''; + pkgs.buildPackages.runCommand "" { } '' + imageSize=$(stat -L -c %s ${config.system.outputs.firmware}) + cat > $out << EOF + setenv serverip ${tftp.serverip} + setenv ipaddr ${tftp.ipaddr} + tftp 0x${toHexString tftp.loadAddress} result/firmware.bin + erase 0x${toHexString flash.address} +0x${toHexString flash.size} + cp.b 0x${toHexString tftp.loadAddress} 0x${toHexString flash.address} \''${filesize} + echo command line was ${builtins.toJSON (concatStringsSep " " config.boot.commandLine)} + EOF + ''; }; }; } diff --git a/modules/outputs/squashfs.nix b/modules/outputs/squashfs.nix index 7e10738..443445b 100644 --- a/modules/outputs/squashfs.nix +++ b/modules/outputs/squashfs.nix @@ -10,8 +10,7 @@ let in { config = mkIf (config.rootfsType == "squashfs") { - system.outputs.rootfs = - liminix.builders.squashfs config.filesystem.contents; + system.outputs.rootfs = liminix.builders.squashfs config.filesystem.contents; kernel.config = { SQUASHFS = "y"; SQUASHFS_XZ = "y"; diff --git a/modules/outputs/system-configuration.nix b/modules/outputs/system-configuration.nix index 90f87ac..2c6b99d 100644 --- a/modules/outputs/system-configuration.nix +++ b/modules/outputs/system-configuration.nix @@ -1,11 +1,16 @@ { - config -, pkgs -, lib -, ... + config, + pkgs, + lib, + ... }: let - inherit (lib) mkEnableOption mkOption mkIf types; + inherit (lib) + mkEnableOption + mkOption + mkIf + types + ; inherit (pkgs) runCommand; in { @@ -22,7 +27,6 @@ in }; }; config = { - system.outputs.systemConfiguration = - pkgs.systemconfig config.filesystem.contents; + system.outputs.systemConfiguration = pkgs.systemconfig config.filesystem.contents; }; } diff --git a/modules/outputs/tftpboot.nix b/modules/outputs/tftpboot.nix index e91c988..fab6bc5 100644 --- a/modules/outputs/tftpboot.nix +++ b/modules/outputs/tftpboot.nix @@ -1,15 +1,16 @@ { - config -, pkgs -, lib -, ... + config, + pkgs, + lib, + ... }: let inherit (lib) mkOption types concatStringsSep; cfg = config.boot.tftp; hw = config.hardware; arch = pkgs.stdenv.hostPlatform.linuxArch; -in { +in +{ imports = [ ../ramdisk.nix ]; options.boot.tftp = { freeSpaceBytes = mkOption { @@ -17,7 +18,10 @@ in { default = 0; }; kernelFormat = mkOption { - type = types.enum [ "zimage" "uimage" ]; + type = types.enum [ + "zimage" + "uimage" + ]; default = "uimage"; }; compressRoot = mkOption { @@ -61,14 +65,22 @@ in { assert config.rootfsType != "ubifs"; let o = config.system.outputs; - image = let choices = { - uimage = o.uimage; - zimage = o.kernel.zImage; - }; in choices.${cfg.kernelFormat}; - bootCommand = let choices = { - uimage = "bootm"; - zimage = "bootz"; - }; in choices.${cfg.kernelFormat}; + image = + let + choices = { + uimage = o.uimage; + zimage = o.kernel.zImage; + }; + in + choices.${cfg.kernelFormat}; + bootCommand = + let + choices = { + uimage = "bootm"; + zimage = "bootz"; + }; + in + choices.${cfg.kernelFormat}; cmdline = concatStringsSep " " config.boot.commandLine; objcopy = "${pkgs.stdenv.cc.bintools.targetPrefix}objcopy"; @@ -77,7 +89,16 @@ in { rm -f vmlinux.bin.lzma ; lzma -k -z vmlinux.bin ''; in - pkgs.runCommand "tftpboot" { nativeBuildInputs = with pkgs.pkgsBuildBuild; [ lzma dtc pkgs.stdenv.cc ubootTools ]; } '' + pkgs.runCommand "tftpboot" + { + nativeBuildInputs = with pkgs.pkgsBuildBuild; [ + lzma + dtc + pkgs.stdenv.cc + ubootTools + ]; + } + '' mkdir $out cd $out binsize() { local s=$(stat -L -c %s $1); echo $(($s + 0x1000 &(~0xfff))); } @@ -97,17 +118,19 @@ in { # end of the kernel is free dtbStart=$(($rootfsStart + $rootfsSize)) - ${if cfg.compressRoot - then '' - lzma -z9cv ${o.rootfs} > rootfs.lz - rootfsLzStart=$dtbStart - rootfsLzSize=$(binsize rootfs.lz) - dtbStart=$(($dtbStart + $rootfsLzSize)) - '' - else '' - ln -s ${o.rootfs} rootfs - '' - } + ${ + if cfg.compressRoot then + '' + lzma -z9cv ${o.rootfs} > rootfs.lz + rootfsLzStart=$dtbStart + rootfsLzSize=$(binsize rootfs.lz) + dtbStart=$(($dtbStart + $rootfsLzSize)) + '' + else + '' + ln -s ${o.rootfs} rootfs + '' + } cat ${o.dtb} > dtb address_cells=$(fdtget dtb / '#address-cells') @@ -128,37 +151,40 @@ in { dtbSize=$(binsize ./dtb ) - ${if cfg.appendDTB then '' - imageStart=$dtbStart - # re-package image with updated dtb - cat ${o.kernel} > vmlinux.elf - ${objcopy} --update-section .appended_dtb=dtb vmlinux.elf - ${stripAndZip} - mkimage -A ${arch} -O linux -T kernel -C lzma -a $(hex ${toString hw.loadAddress}) -e $(hex ${toString hw.entryPoint}) -n '${lib.toUpper arch} Liminix Linux tftpboot' -d vmlinux.bin.lzma image - # dtc -I dtb -O dts -o /dev/stdout dtb | grep -A10 chosen ; exit 1 - tftpcmd="tftpboot $(hex $imageStart) result/image " - bootcmd="bootm $(hex $imageStart)" - '' else '' - imageStart=$(($dtbStart + $dtbSize)) - tftpcmd="tftpboot $(hex $imageStart) result/image; tftpboot $(hex $dtbStart) result/dtb " - ln -s ${image} image - bootcmd="${bootCommand} $(hex $imageStart) - $(hex $dtbStart)" - ''} + ${ + if cfg.appendDTB then + '' + imageStart=$dtbStart + # re-package image with updated dtb + cat ${o.kernel} > vmlinux.elf + ${objcopy} --update-section .appended_dtb=dtb vmlinux.elf + ${stripAndZip} + mkimage -A ${arch} -O linux -T kernel -C lzma -a $(hex ${toString hw.loadAddress}) -e $(hex ${toString hw.entryPoint}) -n '${lib.toUpper arch} Liminix Linux tftpboot' -d vmlinux.bin.lzma image + # dtc -I dtb -O dts -o /dev/stdout dtb | grep -A10 chosen ; exit 1 + tftpcmd="tftpboot $(hex $imageStart) result/image " + bootcmd="bootm $(hex $imageStart)" + '' + else + '' + imageStart=$(($dtbStart + $dtbSize)) + tftpcmd="tftpboot $(hex $imageStart) result/image; tftpboot $(hex $dtbStart) result/dtb " + ln -s ${image} image + bootcmd="${bootCommand} $(hex $imageStart) - $(hex $dtbStart)" + '' + } cat > boot.scr << EOF setenv serverip ${cfg.serverip} setenv ipaddr ${cfg.ipaddr} ${ - if cfg.compressRoot - then "tftpboot $(hex $rootfsLzStart) result/rootfs.lz" - else "tftpboot $(hex $rootfsStart) result/rootfs" + if cfg.compressRoot then + "tftpboot $(hex $rootfsLzStart) result/rootfs.lz" + else + "tftpboot $(hex $rootfsStart) result/rootfs" }; $tftpcmd - ${if cfg.compressRoot - then "lzmadec $(hex $rootfsLzStart) $(hex $rootfsStart); " - else "" - } $bootcmd + ${if cfg.compressRoot then "lzmadec $(hex $rootfsLzStart) $(hex $rootfsStart); " else ""} $bootcmd EOF - ''; + ''; }; }; diff --git a/modules/outputs/tplink-safeloader.nix b/modules/outputs/tplink-safeloader.nix index 028999a..cea777e 100644 --- a/modules/outputs/tplink-safeloader.nix +++ b/modules/outputs/tplink-safeloader.nix @@ -1,14 +1,15 @@ { - config -, pkgs -, lib -, ... + config, + pkgs, + lib, + ... }: let inherit (lib) mkOption types; o = config.system.outputs; cfg = config.tplink-safeloader; -in { +in +{ options.tplink-safeloader = { board = mkOption { type = types.str; @@ -53,9 +54,10 @@ in { config = { system.outputs = rec { tplink-safeloader = - pkgs.runCommand "tplink" { nativeBuildInputs = with pkgs.pkgsBuildBuild; [ firmware-utils ]; } '' - tplink-safeloader -B "${cfg.board}" -k "${o.uimage}" -r "${o.rootfs}" -o $out - ''; + pkgs.runCommand "tplink" { nativeBuildInputs = with pkgs.pkgsBuildBuild; [ firmware-utils ]; } + '' + tplink-safeloader -B "${cfg.board}" -k "${o.uimage}" -r "${o.rootfs}" -o $out + ''; }; }; } diff --git a/modules/outputs/ubifs.nix b/modules/outputs/ubifs.nix index badfc49..7179047 100644 --- a/modules/outputs/ubifs.nix +++ b/modules/outputs/ubifs.nix @@ -1,8 +1,8 @@ { - config -, pkgs -, lib -, ... + config, + pkgs, + lib, + ... }: let inherit (lib) mkIf mkOption types; @@ -15,7 +15,7 @@ in config = mkIf (config.rootfsType == "ubifs") { kernel.config = { - MTD_UBI="y"; + MTD_UBI = "y"; UBIFS_FS = "y"; UBIFS_FS_SECURITY = "n"; }; @@ -25,13 +25,16 @@ in let inherit (pkgs.pkgsBuildBuild) runCommand mtdutils; cfg = config.hardware.ubi; - in runCommand "mkfs.ubifs" { - depsBuildBuild = [ mtdutils ]; - } '' - mkdir tmp - tree=${o.bootablerootdir} - mkfs.ubifs -x favor_lzo -c ${cfg.maxLEBcount} -m ${cfg.minIOSize} -e ${cfg.logicalEraseBlockSize} -y -r $tree --output $out --squash-uids -o $out - ''; + in + runCommand "mkfs.ubifs" + { + depsBuildBuild = [ mtdutils ]; + } + '' + mkdir tmp + tree=${o.bootablerootdir} + mkfs.ubifs -x favor_lzo -c ${cfg.maxLEBcount} -m ${cfg.minIOSize} -e ${cfg.logicalEraseBlockSize} -y -r $tree --output $out --squash-uids -o $out + ''; }; }; } diff --git a/modules/outputs/ubimage.nix b/modules/outputs/ubimage.nix index bbd000d..faea576 100644 --- a/modules/outputs/ubimage.nix +++ b/modules/outputs/ubimage.nix @@ -1,8 +1,8 @@ { - config -, pkgs -, lib -, ... + config, + pkgs, + lib, + ... }: let inherit (lib) mkIf mkOption types; @@ -13,108 +13,111 @@ let setenv loadaddr ${lib.toHexString cfg.loadAddress} tftpboot $loadaddr result/rootfs ubi write $loadaddr liminix $filesize -''; -in { + ''; +in +{ options.system.outputs = { ubimage = mkOption { type = types.package; description = '' -ubimage -******* + ubimage + ******* -This output provides a UBIFS filesystem image and a small U-Boot script -to make the manual installation process very slightly simpler. You will -need a serial connection and a network connection to a TFTP server -containing the filesystem image it creates. + This output provides a UBIFS filesystem image and a small U-Boot script + to make the manual installation process very slightly simpler. You will + need a serial connection and a network connection to a TFTP server + containing the filesystem image it creates. -.. warning:: These steps were tested on a Belkin RT3200 (also known as - Linksys E8450). Other devices may be set up differently, - so use them as inspiration and don't just paste them - blindly. + .. warning:: These steps were tested on a Belkin RT3200 (also known as + Linksys E8450). Other devices may be set up differently, + so use them as inspiration and don't just paste them + blindly. -1) determine which MTD device is being used for UBI, and the partition name: + 1) determine which MTD device is being used for UBI, and the partition name: -.. code-block:: console + .. code-block:: console - uboot> ubi part - Device 0: ubi0, MTD partition ubi + uboot> ubi part + Device 0: ubi0, MTD partition ubi -In this case the important value is ``ubi0`` + In this case the important value is ``ubi0`` -2) list the available volumes and create a new one on which to install Liminix + 2) list the available volumes and create a new one on which to install Liminix -.. code-block:: console + .. code-block:: console - uboot> ubi info l - [ copious output scrolls past ] + uboot> ubi info l + [ copious output scrolls past ] -Expect there to be existing volumes and for some or all of them to be -important. Unless you know what you're doing, don't remove anything -whose name suggests it's related to uboot, or any kind of backup or -recovery partition. To see how much space is free: + Expect there to be existing volumes and for some or all of them to be + important. Unless you know what you're doing, don't remove anything + whose name suggests it's related to uboot, or any kind of backup or + recovery partition. To see how much space is free: -.. code-block:: console + .. code-block:: console - uboot> ubi info - [ ... ] - UBI: available PEBs: 823 + uboot> ubi info + [ ... ] + UBI: available PEBs: 823 -Now we can make our new root volume + Now we can make our new root volume -.. code-block:: console + .. code-block:: console - uboot> ubi create liminix - + uboot> ubi create liminix - -3) transfer the root filesystem from the build system and write it to -the new volume. Paste the contents of :file:`result/flash.scr` one line at a time -into U-Boot: + 3) transfer the root filesystem from the build system and write it to + the new volume. Paste the contents of :file:`result/flash.scr` one line at a time + into U-Boot: -.. code-block:: console + .. code-block:: console - uboot> setenv serverip 10.0.0.1 - uboot> setenv ipaddr 10.0.0.8 - uboot> setenv loadaddr 4007FF28 - uboot> tftpboot $loadaddr result/rootfs - uboot> ubi write $loadaddr liminix $filesize + uboot> setenv serverip 10.0.0.1 + uboot> setenv ipaddr 10.0.0.8 + uboot> setenv loadaddr 4007FF28 + uboot> tftpboot $loadaddr result/rootfs + uboot> ubi write $loadaddr liminix $filesize -Now we have the root filesystem installed on the device. You -can even mount it and poke around using :command:`ubifsmount ubi0:liminix; ubifsls /` + Now we have the root filesystem installed on the device. You + can even mount it and poke around using :command:`ubifsmount ubi0:liminix; ubifsls /` -4) optional: before you configure the device to boot into Liminix -automatically, you can try booting it by hand to see if it works: + 4) optional: before you configure the device to boot into Liminix + automatically, you can try booting it by hand to see if it works: -.. code-block:: console + .. code-block:: console - uboot> ubifsmount ubi0:liminix - uboot> ubifsload ''${loadaddr} boot/fit - uboot> bootm ''${loadaddr} + uboot> ubifsmount ubi0:liminix + uboot> ubifsload ''${loadaddr} boot/fit + uboot> bootm ''${loadaddr} -Once you've done this and you're happy with it, reset the device to -return to U-Boot. + Once you've done this and you're happy with it, reset the device to + return to U-Boot. -5) Instructions for configuring autoboot are likely to be very -device-dependent and you should consult the Liminix documentation for -your device. (If you're bringing up a new device, some detective work -may be needed. Try running `printenv` and trace through the flow of -execution from (probably) :command:`$bootcmd` and look for a suitable -variable to change) + 5) Instructions for configuring autoboot are likely to be very + device-dependent and you should consult the Liminix documentation for + your device. (If you're bringing up a new device, some detective work + may be needed. Try running `printenv` and trace through the flow of + execution from (probably) :command:`$bootcmd` and look for a suitable + variable to change) -6) Now you can reboot the device into Liminix + 6) Now you can reboot the device into Liminix -.. code-block:: console + .. code-block:: console - uboot> reset + uboot> reset ''; }; }; config.system.outputs.ubimage = assert config.rootfsType == "ubifs"; - let o = config.system.outputs; in - pkgs.runCommand "ubimage" {} '' + let + o = config.system.outputs; + in + pkgs.runCommand "ubimage" { } '' mkdir $out cd $out ln -s ${o.rootfs} rootfs ln -s ${instructions} flash.scr - ''; + ''; } diff --git a/modules/outputs/ubivolume.nix b/modules/outputs/ubivolume.nix index d5097cd..a314745 100644 --- a/modules/outputs/ubivolume.nix +++ b/modules/outputs/ubivolume.nix @@ -1,93 +1,112 @@ { - config -, pkgs -, lib -, ... + config, + pkgs, + lib, + ... }: let - inherit (lib) mkIf mkOption types concatStringsSep optionalString; + inherit (lib) + mkIf + mkOption + types + concatStringsSep + optionalString + ; in - { - imports = [ - ./initramfs.nix - ./ubifs.nix - ]; +{ + imports = [ + ./initramfs.nix + ./ubifs.nix + ]; - options.hardware.ubi = { - minIOSize = mkOption { type = types.str; }; - eraseBlockSize = mkOption { type = types.str; }; # LEB - maxLEBcount = mkOption { type = types.str; }; # LEB - }; - options.system.outputs.ubivolume = mkOption { - type = types.package; + options.hardware.ubi = { + minIOSize = mkOption { type = types.str; }; + eraseBlockSize = mkOption { type = types.str; }; # LEB + maxLEBcount = mkOption { type = types.str; }; # LEB + }; + options.system.outputs.ubivolume = mkOption { + type = types.package; + }; + + config = mkIf (config.rootfsType == "ubifs") { + kernel.config = { + MTD_UBI = "y"; + + UBIFS_FS = "y"; + UBIFS_FS_SECURITY = "n"; }; + boot.initramfs.enable = true; - config = mkIf (config.rootfsType == "ubifs") { - kernel.config = { - MTD_UBI="y"; - - UBIFS_FS = "y"; - UBIFS_FS_SECURITY = "n"; - }; - boot.initramfs.enable = true; - - system.outputs.ubivolume = + system.outputs.ubivolume = let inherit (pkgs.pkgsBuildBuild) runCommand; - ubiVolume = ({ name, volumeId, image, flags ? [] }: - '' - [${name}] - mode=ubi - vol_id=${toString volumeId} - vol_type=dynamic - vol_name=${name} - vol_alignment=1 - ${optionalString (image != null) '' - image=${image} - ''} - ${optionalString (image == null) '' - vol_size=1MiB - ''} - ${optionalString (flags != []) '' - vol_flags=${concatStringsSep "," flags} - ''} - ''); + ubiVolume = ( + { + name, + volumeId, + image, + flags ? [ ], + }: + '' + [${name}] + mode=ubi + vol_id=${toString volumeId} + vol_type=dynamic + vol_name=${name} + vol_alignment=1 + ${optionalString (image != null) '' + image=${image} + ''} + ${optionalString (image == null) '' + vol_size=1MiB + ''} + ${optionalString (flags != [ ]) '' + vol_flags=${concatStringsSep "," flags} + ''} + '' + ); - ubiImage = (volumes: - let - ubinizeConfig = pkgs.writeText "ubinize.conf" (concatStringsSep "\n" volumes); - inherit (pkgs.pkgsBuildBuild) mtdutils; - in - runCommand "ubinize" { - depsBuildBuild = [ mtdutils ]; - # block size := 128kb - # page size := 2048 - # ubninize opts := -E 5 - } '' - ubinize -Q "$SOURCE_DATE_EPOCH" -o $out \ - -p ${config.hardware.ubi.physicalEraseBlockSize} -m ${config.hardware.ubi.minIOSize} \ - -e ${config.hardware.ubi.logicalEraseBlockSize} \ - ${ubinizeConfig} - ''); + ubiImage = ( + volumes: + let + ubinizeConfig = pkgs.writeText "ubinize.conf" (concatStringsSep "\n" volumes); + inherit (pkgs.pkgsBuildBuild) mtdutils; + in + runCommand "ubinize" + { + depsBuildBuild = [ mtdutils ]; + # block size := 128kb + # page size := 2048 + # ubninize opts := -E 5 + } + '' + ubinize -Q "$SOURCE_DATE_EPOCH" -o $out \ + -p ${config.hardware.ubi.physicalEraseBlockSize} -m ${config.hardware.ubi.minIOSize} \ + -e ${config.hardware.ubi.logicalEraseBlockSize} \ + ${ubinizeConfig} + '' + ); - ubiDisk = ({ initramfs }: - let - initramfsUbi = ubiVolume { - name = "rootfs"; - volumeId = 0; - image = initramfs; - flags = [ "autoresize" ]; - }; - in + ubiDisk = ( + { initramfs }: + let + initramfsUbi = ubiVolume { + name = "rootfs"; + volumeId = 0; + image = initramfs; + flags = [ "autoresize" ]; + }; + in ubiImage [ initramfsUbi - ]); + ] + ); disk = ubiDisk { initramfs = config.system.outputs.rootfs; # ??? }; in - disk; + disk; }; } diff --git a/modules/outputs/updater/default.nix b/modules/outputs/updater/default.nix index 7ce91a3..466ee7e 100644 --- a/modules/outputs/updater/default.nix +++ b/modules/outputs/updater/default.nix @@ -1,8 +1,8 @@ { - config -, pkgs -, lib -, ... + config, + pkgs, + lib, + ... }: let inherit (lib) mkIf; @@ -25,13 +25,12 @@ in ''; }; - config.system.outputs.updater = - runCommand "buildUpdater" { } '' - mkdir -p $out/bin $out/etc - cp ${o.kernel.config} $out/etc/kconfig - substitute ${./update.sh} $out/bin/update.sh \ - --subst-var-by toplevel ${o.systemConfiguration} \ - --subst-var-by min_copy_closure ${min-copy-closure} - chmod +x $out/bin/update.sh - ''; + config.system.outputs.updater = runCommand "buildUpdater" { } '' + mkdir -p $out/bin $out/etc + cp ${o.kernel.config} $out/etc/kconfig + substitute ${./update.sh} $out/bin/update.sh \ + --subst-var-by toplevel ${o.systemConfiguration} \ + --subst-var-by min_copy_closure ${min-copy-closure} + chmod +x $out/bin/update.sh + ''; } diff --git a/modules/outputs/vmroot.nix b/modules/outputs/vmroot.nix index 1aa8b5c..cbfe94c 100644 --- a/modules/outputs/vmroot.nix +++ b/modules/outputs/vmroot.nix @@ -1,8 +1,8 @@ { - config -, pkgs -, lib -, ... + config, + pkgs, + lib, + ... }: let inherit (lib) mkOption types concatStringsSep; @@ -49,12 +49,15 @@ in let inherit (config.system.outputs) rootfs kernel manifest; cmdline = builtins.toJSON (concatStringsSep " " config.boot.commandLine); - makeBootableImage = pkgs.runCommandCC "objcopy" {} - (if pkgs.stdenv.hostPlatform.isAarch - then "${pkgs.stdenv.cc.targetPrefix}objcopy -O binary -R .comment -S ${kernel} $out" - else "cp ${kernel} $out"); + makeBootableImage = pkgs.runCommandCC "objcopy" { } ( + if pkgs.stdenv.hostPlatform.isAarch then + "${pkgs.stdenv.cc.targetPrefix}objcopy -O binary -R .comment -S ${kernel} $out" + else + "cp ${kernel} $out" + ); phram_address = lib.toHexString (config.hardware.ram.startAddress + 256 * 1024 * 1024); - in pkgs.runCommand "vmroot" {} '' + in + pkgs.runCommand "vmroot" { } '' mkdir $out cd $out ln -s ${rootfs} rootfs @@ -67,7 +70,7 @@ in ${pkgs.pkgsBuildBuild.run-liminix-vm}/bin/run-liminix-vm --command-line ${cmdline} --arch ${pkgs.stdenv.hostPlatform.qemuArch} --phram-address 0x${phram_address} \$* ${makeBootableImage} ${config.system.outputs.rootfs} EOF chmod +x run.sh - ''; + ''; }; }; } diff --git a/modules/outputs/zyxel-nwa-fit.nix b/modules/outputs/zyxel-nwa-fit.nix index 13e8f9d..3084b85 100644 --- a/modules/outputs/zyxel-nwa-fit.nix +++ b/modules/outputs/zyxel-nwa-fit.nix @@ -1,25 +1,26 @@ { - config -, pkgs -, lib -, ... + config, + pkgs, + lib, + ... }: let inherit (lib) mkIf mkOption types; models = "6b e1 6f e1 ff ff ff ff ff ff"; -in { +in +{ options.system.outputs = { zyxel-nwa-fit = mkOption { type = types.package; description = '' -zyxel-nwa-fit -************* + zyxel-nwa-fit + ************* -This output provides a FIT image for Zyxel NWA series -containing a kernel image and an UBIFS rootfs. + This output provides a FIT image for Zyxel NWA series + containing a kernel image and an UBIFS rootfs. -It can usually be used as a factory image to install Liminix -on a system with pre-existing firmware and OS. + It can usually be used as a factory image to install Liminix + on a system with pre-existing firmware and OS. ''; }; }; @@ -34,38 +35,43 @@ on a system with pre-existing firmware and OS. let o = config.system.outputs; # 8129kb padding. - paddedKernel = pkgs.runCommand "padded-kernel" {} '' + paddedKernel = pkgs.runCommand "padded-kernel" { } '' cp --no-preserve=mode ${o.uimage} $out dd if=/dev/zero of=$out bs=1 count=1 seek=8388607 ''; - firmwareImage = pkgs.runCommand "firmware-image" {} '' + firmwareImage = pkgs.runCommand "firmware-image" { } '' cat ${paddedKernel} ${o.ubivolume} > $out ''; dts = pkgs.writeText "image.its" '' - /dts-v1/; + /dts-v1/; - / { - description = "Zyxel FIT (Flattened Image Tree)"; - compat-models = [${models}]; - #address-cells = <1>; + / { + description = "Zyxel FIT (Flattened Image Tree)"; + compat-models = [${models}]; + #address-cells = <1>; - images { - firmware { - data = /incbin/("${firmwareImage}"); - type = "firmware"; - compression = "none"; - hash@1 { - algo = "sha1"; + images { + firmware { + data = /incbin/("${firmwareImage}"); + type = "firmware"; + compression = "none"; + hash@1 { + algo = "sha1"; + }; }; }; }; - }; - ''; + ''; in - pkgs.runCommand "zyxel-nwa-fit-${config.boot.imageType}" { - nativeBuildInputs = [ pkgs.pkgsBuildBuild.ubootTools pkgs.pkgsBuildBuild.dtc ]; - } '' - mkimage -f ${dts} $out - ''; + pkgs.runCommand "zyxel-nwa-fit-${config.boot.imageType}" + { + nativeBuildInputs = [ + pkgs.pkgsBuildBuild.ubootTools + pkgs.pkgsBuildBuild.dtc + ]; + } + '' + mkimage -f ${dts} $out + ''; }; } diff --git a/modules/ppp/common.nix b/modules/ppp/common.nix index 15d5492..8220ab0 100644 --- a/modules/ppp/common.nix +++ b/modules/ppp/common.nix @@ -1,20 +1,32 @@ -{ writeAshScript, liminix, svc, lib, serviceFns, output-template }: +{ + writeAshScript, + liminix, + svc, + lib, + serviceFns, + output-template, +}: { command, name, - debug -, username, + debug, + username, password, lcpEcho, ppp-options, - dependencies ? [] -} : + dependencies ? [ ], +}: let - inherit (lib) optional optionals escapeShellArgs concatStringsSep; + inherit (lib) + optional + optionals + escapeShellArgs + concatStringsSep + ; inherit (liminix.services) longrun; inherit (builtins) toJSON toString typeOf; - ip-up = writeAshScript "ip-up" {} '' + ip-up = writeAshScript "ip-up" { } '' exec >&5 2>&5 . ${serviceFns} in_outputs ${name} @@ -28,7 +40,7 @@ let if test -n "''${DNS2}" ;then echo ''${DNS2} > ns2 ; fi test -e ipv6-address && echo >/proc/self/fd/10 ''; - ip6-up = writeAshScript "ip6-up" {} '' + ip6-up = writeAshScript "ip6-up" { } '' exec >&5 2>&5 . ${serviceFns} in_outputs ${name} @@ -37,35 +49,61 @@ let test -e ifname && echo >/proc/self/fd/10 ''; literal_or_output = - let v = o: ({ - string = toJSON; - int = toJSON; - lambda = (o: "output(${toJSON (o "service")}, ${toJSON (o "path")})"); - }.${typeOf o}) o; - in o: "{{ ${v o} }}"; + let + v = + o: + ( + { + string = toJSON; + int = toJSON; + lambda = (o: "output(${toJSON (o "service")}, ${toJSON (o "path")})"); + } + .${typeOf o} + ) + o; + in + o: "{{ ${v o} }}"; ppp-options' = - ["+ipv6" "noauth"] + [ + "+ipv6" + "noauth" + ] ++ optional debug "debug" - ++ optionals (username != null) ["name" (literal_or_output username)] - ++ optionals (password != null) ["password" (literal_or_output password)] + ++ optionals (username != null) [ + "name" + (literal_or_output username) + ] + ++ optionals (password != null) [ + "password" + (literal_or_output password) + ] ++ optional lcpEcho.adaptive "lcp-echo-adaptive" - ++ optionals (lcpEcho.interval != null) - ["lcp-echo-interval" (toString lcpEcho.interval)] - ++ optionals (lcpEcho.failure != null) - ["lcp-echo-failure" (toString lcpEcho.failure)] + ++ optionals (lcpEcho.interval != null) [ + "lcp-echo-interval" + (toString lcpEcho.interval) + ] + ++ optionals (lcpEcho.failure != null) [ + "lcp-echo-failure" + (toString lcpEcho.failure) + ] ++ ppp-options - ++ ["ip-up-script" ip-up - "ipv6-up-script" ip6-up - "ipparam" name - "nodetach" - # usepeerdns requests DNS servers from peer (which is good), - # then attempts to write them to /nix/store/xxxx/ppp/resolv.conf - # which causes an unsightly but inconsequential error message - "usepeerdns" - "nodefaultroute" - "logfd" "2" - ]; + ++ [ + "ip-up-script" + ip-up + "ipv6-up-script" + ip6-up + "ipparam" + name + "nodetach" + # usepeerdns requests DNS servers from peer (which is good), + # then attempts to write them to /nix/store/xxxx/ppp/resolv.conf + # which causes an unsightly but inconsequential error message + "usepeerdns" + "nodefaultroute" + "logfd" + "2" + ]; service = longrun { inherit name; run = '' @@ -77,12 +115,15 @@ let ${command} ''; notification-fd = 10; - timeout-up = if lcpEcho.failure != null - then (10 + lcpEcho.failure * lcpEcho.interval) * 1000 - else 60 * 1000; + timeout-up = + if lcpEcho.failure != null then (10 + lcpEcho.failure * lcpEcho.interval) * 1000 else 60 * 1000; inherit dependencies; }; -in svc.secrets.subscriber.build { - watch = lib.filter (n: typeOf n=="lambda") [ username password ]; +in +svc.secrets.subscriber.build { + watch = lib.filter (n: typeOf n == "lambda") [ + username + password + ]; inherit service; } diff --git a/modules/ppp/default.nix b/modules/ppp/default.nix index b78a998..c4b7407 100644 --- a/modules/ppp/default.nix +++ b/modules/ppp/default.nix @@ -13,18 +13,24 @@ ## conjunction with a DHCP uplink, or other more creative forms of ## network connection - -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types; inherit (pkgs) liminix; mkStringOption = - description: mkOption { + description: + mkOption { type = types.nullOr types.str; default = null; inherit description; }; -in { +in +{ imports = [ ../secrets ]; options = { system.service.pppoe = mkOption { @@ -61,7 +67,7 @@ in { default = 3; description = "send an LCP echo-request frame to the peer every n seconds"; }; - failure = mkOption { + failure = mkOption { type = types.nullOr types.int; default = 3; description = "terminate connection if n LCP echo-requests are sent without receiving a valid LCP echo-reply"; @@ -75,7 +81,7 @@ in { ppp-options = mkOption { type = types.listOf types.str; description = "options supplied on ppp command line"; - default = []; + default = [ ]; }; }; system.service.l2tp = config.system.callService ./l2tp.nix { @@ -104,7 +110,7 @@ in { default = 3; description = "send an LCP echo-request frame to the peer every n seconds"; }; - failure = mkOption { + failure = mkOption { type = types.nullOr types.int; default = 3; description = "terminate connection if n LCP echo-requests are sent without receiving a valid LCP echo-reply"; @@ -117,7 +123,7 @@ in { }; ppp-options = mkOption { type = types.listOf types.str; - default = []; + default = [ ]; description = "options supplied on ppp command line"; }; }; diff --git a/modules/ppp/l2tp.nix b/modules/ppp/l2tp.nix index d6b71c8..cd7e6a8 100644 --- a/modules/ppp/l2tp.nix +++ b/modules/ppp/l2tp.nix @@ -7,14 +7,15 @@ writeAshScript, writeText, xl2tpd, - callPackage -} : -{ lns, + callPackage, +}: +{ + lns, ppp-options, lcpEcho, username, password, - debug + debug, }: let name = "${lns}.l2tp"; @@ -31,8 +32,16 @@ let max redials = 2 # this gives 1 actual retry, as xl2tpd can't count ''; control = "/run/${name}/control"; -in common { - inherit name debug username password lcpEcho ppp-options; +in +common { + inherit + name + debug + username + password + lcpEcho + ppp-options + ; command = '' touch ${control} exec ${xl2tpd}/bin/xl2tpd -D -p /run/${name}/${name}.pid -c ${conf} -C ${control} diff --git a/modules/ppp/pppoe.nix b/modules/ppp/pppoe.nix index 61957b9..714111a 100644 --- a/modules/ppp/pppoe.nix +++ b/modules/ppp/pppoe.nix @@ -7,22 +7,32 @@ serviceFns, svc, writeAshScript, - callPackage -} : -{ interface, + callPackage, +}: +{ + interface, ppp-options, lcpEcho, username, password, - debug + debug, }: let name = "${interface.name}.pppoe"; common = callPackage ./common.nix { inherit svc; }; - timeoutOpt = if lcpEcho.interval != null then "-T ${builtins.toString (4 * lcpEcho.interval)}" else ""; -in common { - inherit name debug username password lcpEcho ppp-options; + timeoutOpt = + if lcpEcho.interval != null then "-T ${builtins.toString (4 * lcpEcho.interval)}" else ""; +in +common { + inherit + name + debug + username + password + lcpEcho + ppp-options + ; command = '' exec ${ppp}/bin/pppd pty "${pppoe}/bin/pppoe ${timeoutOpt} -I $(output ${interface} ifname)" file /run/${name}/ppp-options ''; diff --git a/modules/profiles/gateway.nix b/modules/profiles/gateway.nix index c62c816..a2f5db2 100644 --- a/modules/profiles/gateway.nix +++ b/modules/profiles/gateway.nix @@ -1,8 +1,18 @@ -{ config, pkgs, lib, ... } : +{ + config, + pkgs, + lib, + ... +}: let svc = config.system.service; cfg = config.profile.gateway; - inherit (lib) mkOption mkEnableOption mkIf types; + inherit (lib) + mkOption + mkEnableOption + mkIf + types + ; inherit (pkgs) liminix serviceFns; inherit (liminix.services) bundle oneshot; hostaps = @@ -14,24 +24,27 @@ let wpa_pairwise = "TKIP CCMP"; # auth for wpa (may not need this?) rsn_pairwise = "CCMP"; # auth for wpa2 }; - in lib.mapAttrs' - (name : value : - let - attrs = defaults // { ssid = name; } // value; - in lib.nameValuePair - "hostap-${name}" - (svc.hostapd.build { - interface = attrs.interface; - params = lib.filterAttrs (k: v: k != "interface") attrs; - })) - cfg.wireless.networks; -in { + in + lib.mapAttrs' ( + name: value: + let + attrs = defaults // { ssid = name; } // value; + in + lib.nameValuePair "hostap-${name}" ( + svc.hostapd.build { + interface = attrs.interface; + params = lib.filterAttrs (k: v: k != "interface") attrs; + } + ) + ) cfg.wireless.networks; +in +{ options.profile.gateway = { lan = { interfaces = mkOption { type = types.listOf liminix.lib.types.interface; - default = []; + default = [ ]; }; address = mkOption { type = types.attrs; @@ -49,7 +62,7 @@ in { enable = mkEnableOption "firewall"; rules = mkOption { type = types.attrsOf types.attrs; }; zones = mkOption { - type = types.attrsOf (types.listOf liminix.lib.types.service); + type = types.attrsOf (types.listOf liminix.lib.types.service); default = { lan = [ config.services.int ]; wan = [ config.services.wan ]; @@ -82,11 +95,14 @@ in { ]; config = { - services.int = svc.network.address.build ({ - interface = svc.bridge.primary.build { ifname = "int"; }; - } // cfg.lan.address); + services.int = svc.network.address.build ( + { + interface = svc.bridge.primary.build { ifname = "int"; }; + } + // cfg.lan.address + ); - services.bridge = svc.bridge.members.build { + services.bridge = svc.bridge.members.build { primary = config.services.int; members = cfg.lan.interfaces; }; @@ -113,12 +129,15 @@ in { }) ]; }; - in mkIf cfg.wan.dhcp6.enable bundl; + in + mkIf cfg.wan.dhcp6.enable bundl; services.dns = - let interface = config.services.int; - dcfg = cfg.lan.dhcp; - in svc.dnsmasq.build { + let + interface = config.services.int; + dcfg = cfg.lan.dhcp; + in + svc.dnsmasq.build { resolvconf = config.services.resolvconf; inherit interface; ranges = [ @@ -147,11 +166,12 @@ in { interface = config.services.wan; }; - services.firewall = mkIf cfg.firewall.enable - (svc.firewall.build { + services.firewall = mkIf cfg.firewall.enable ( + svc.firewall.build { extraRules = cfg.firewall.rules; inherit (cfg.firewall) zones; - }); + } + ); services.resolvconf = oneshot rec { dependencies = [ config.services.wan ]; @@ -166,11 +186,13 @@ in { }; filesystem = - let inherit (pkgs.pseudofile) dir symlink; - in dir { + let + inherit (pkgs.pseudofile) dir symlink; + in + dir { etc = dir { "resolv.conf" = symlink "${config.services.resolvconf}/.outputs/resolv.conf"; }; }; }; - } +} diff --git a/modules/profiles/wap.nix b/modules/profiles/wap.nix index 815d974..08efda6 100644 --- a/modules/profiles/wap.nix +++ b/modules/profiles/wap.nix @@ -3,9 +3,10 @@ pkgs, lib, ... -}: let +}: +let inherit (pkgs) liminix; - inherit (lib) mkOption types ; + inherit (lib) mkOption types; inherit (pkgs.liminix.services) oneshot target; inherit (pkgs.pseudofile) dir symlink; @@ -22,19 +23,22 @@ wpa_pairwise = "TKIP CCMP"; # auth for wpa (may not need this?) rsn_pairwise = "CCMP"; # auth for wpa2 }; - in lib.mapAttrs' - (name : value : - let - attrs = defaults // { ssid = name; } // value; - in lib.nameValuePair - "hostap-${name}" - (svc.hostapd.build { - interface = attrs.interface; - params = lib.filterAttrs (k: v: k != "interface") attrs; - })) - cfg.wireless.networks; + in + lib.mapAttrs' ( + name: value: + let + attrs = defaults // { ssid = name; } // value; + in + lib.nameValuePair "hostap-${name}" ( + svc.hostapd.build { + interface = attrs.interface; + params = lib.filterAttrs (k: v: k != "interface") attrs; + } + ) + ) cfg.wireless.networks; -in { +in +{ imports = [ ../wlan.nix ../network @@ -46,7 +50,7 @@ in { options.profile.wap = { interfaces = mkOption { type = types.listOf liminix.lib.types.interface; - default = []; + default = [ ]; }; wireless = mkOption { type = types.attrsOf types.anything; @@ -71,7 +75,7 @@ in { services.defaultroute4 = svc.network.route.build { via = "$(output ${config.services.dhcpc} router)"; target = "default"; - dependencies = [config.services.dhcpc]; + dependencies = [ config.services.dhcpc ]; }; services.resolvconf = oneshot rec { diff --git a/modules/ramdisk.nix b/modules/ramdisk.nix index 1e3be6b..3f1ae28 100644 --- a/modules/ramdisk.nix +++ b/modules/ramdisk.nix @@ -1,7 +1,8 @@ { config, lib, ... }: let inherit (lib) mkIf mkEnableOption; # types concatStringsSep; -in { +in +{ options = { boot = { ramdisk = { diff --git a/modules/round-robin/default.nix b/modules/round-robin/default.nix index c87db97..31e11dd 100644 --- a/modules/round-robin/default.nix +++ b/modules/round-robin/default.nix @@ -3,13 +3,18 @@ ## Given a list of services, run each in turn until it exits, then ## runs the next. - -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types; inherit (pkgs) liminix; inherit (pkgs.liminix.services) longrun; -in { +in +{ options = { system.service.round-robin = mkOption { description = "run services one at a time and failover to next"; @@ -18,9 +23,9 @@ in { }; config.system.service.round-robin = config.system.callService ./service.nix { services = mkOption { - type = types.listOf liminix.lib.types.service; + type = types.listOf liminix.lib.types.service; }; - name = mkOption { + name = mkOption { type = types.str; }; }; diff --git a/modules/round-robin/service.nix b/modules/round-robin/service.nix index e215111..a28b55a 100644 --- a/modules/round-robin/service.nix +++ b/modules/round-robin/service.nix @@ -1,22 +1,30 @@ { - liminix, lib, s6-rc-round-robin + liminix, + lib, + s6-rc-round-robin, }: -{ services, name} : +{ services, name }: let - inherit (liminix.services) oneshot longrun; - controlled-services = builtins.map - (s: s.overrideAttrs(o: { inherit controller; })) - services; - controller = let name' = "control-${name}"; in longrun { - name = name'; - run = '' - in_outputs ${name'} - exec ${s6-rc-round-robin}/bin/s6-rc-round-robin \ - -p ${proxy.name} \ - ${lib.concatStringsSep " " - (builtins.map (f: f.name) controlled-services)} - ''; - }; + inherit (liminix.services) oneshot longrun; + controlled-services = builtins.map ( + s: + s.overrideAttrs (o: { + inherit controller; + }) + ) services; + controller = + let + name' = "control-${name}"; + in + longrun { + name = name'; + run = '' + in_outputs ${name'} + exec ${s6-rc-round-robin}/bin/s6-rc-round-robin \ + -p ${proxy.name} \ + ${lib.concatStringsSep " " (builtins.map (f: f.name) controlled-services)} + ''; + }; proxy = oneshot rec { inherit name; inherit controller; @@ -29,4 +37,5 @@ let ) ''; }; -in proxy +in +proxy diff --git a/modules/s6/default.nix b/modules/s6/default.nix index 08d7152..302224f 100644 --- a/modules/s6/default.nix +++ b/modules/s6/default.nix @@ -1,27 +1,39 @@ -{ config, pkgs, lib, lim, ... }: +{ + config, + pkgs, + lib, + lim, + ... +}: let inherit (pkgs) execline s6 s6-init-bin s6-linux-init - stdenvNoCC; + stdenvNoCC + ; inherit (lib.lists) unique concatMap; inherit (lib) concatStrings; inherit (builtins) map; inherit (pkgs.pseudofile) dir symlink; inherit (pkgs.liminix.services) oneshot bundle longrun; - inherit (lib) mkIf mkEnableOption mkOption types; + inherit (lib) + mkIf + mkEnableOption + mkOption + types + ; cfg = config.logging; logger = - let pipecmds = - ["${s6}/bin/s6-log -bpd3 -- ${cfg.script} 1"] ++ - (lib.optional (cfg ? persistent && cfg.persistent.enable) - "/bin/tee /dev/pmsg0") ++ - (lib.optional cfg.shipping.enable - "${pkgs.logshipper}/bin/logtap ${cfg.shipping.socket} logshipper-socket-event"); - in '' + let + pipecmds = + [ "${s6}/bin/s6-log -bpd3 -- ${cfg.script} 1" ] + ++ (lib.optional (cfg ? persistent && cfg.persistent.enable) "/bin/tee /dev/pmsg0") + ++ (lib.optional cfg.shipping.enable "${pkgs.logshipper}/bin/logtap ${cfg.shipping.socket} logshipper-socket-event"); + in + '' #!${execline}/bin/execlineb -P ${execline}/bin/redirfd -w 1 /dev/null ${execline}/bin/redirfd -rnb 0 fifo @@ -40,14 +52,12 @@ let # services and all services that have a controlled service as # dependency - isControlled = s : s ? controller && s.controller != null; - deps = s : s.dependencies ++ - lib.optional (isControlled s) s.controller; - flatDeps = s : [s] ++ concatMap flatDeps (deps s); + isControlled = s: s ? controller && s.controller != null; + deps = s: s.dependencies ++ lib.optional (isControlled s) s.controller; + flatDeps = s: [ s ] ++ concatMap flatDeps (deps s); allServices = unique (concatMap flatDeps (builtins.attrValues config.services)); - isDependentOnControlled = s : - isControlled s || - (lib.lists.any isDependentOnControlled s.dependencies); + isDependentOnControlled = + s: isControlled s || (lib.lists.any isDependentOnControlled s.dependencies); # all controlled services depend on this oneshot, which # makes a list of them so we can identify them at runtime @@ -62,42 +72,45 @@ let down = "rm -r /run/services/controlled"; }; - defaultStart = - builtins.filter - (s: !(isDependentOnControlled s)) allServices; + defaultStart = builtins.filter (s: !(isDependentOnControlled s)) allServices; defaultDefaultTarget = bundle { name = "default"; - contents = defaultStart ++ [controlled]; + contents = defaultStart ++ [ controlled ]; }; servicesAttrs = { default = defaultDefaultTarget; } // config.services; in - pkgs.s6-rc-database.override { - services = builtins.attrValues servicesAttrs; - }; + pkgs.s6-rc-database.override { + services = builtins.attrValues servicesAttrs; + }; s6-init-scripts = stdenvNoCC.mkDerivation { name = "s6-scripts"; src = ./scripts; - phases = ["unpackPhase" "installPhase" ]; - buildInputs = []; + phases = [ + "unpackPhase" + "installPhase" + ]; + buildInputs = [ ]; installPhase = '' mkdir $out cp -r $src $out/scripts chmod -R +w $out ''; }; - service = dir { + service = dir { s6-linux-init-runleveld = dir { - notification-fd = { file = "3"; }; + notification-fd = { + file = "3"; + }; run = { file = '' - #!${execline}/bin/execlineb -P - ${execline}/bin/fdmove -c 2 1 - ${execline}/bin/fdmove 1 3 - ${s6}/bin/s6-ipcserver -1 -a 0700 -c 1 -- s - ${s6}/bin/s6-sudod -dt30000 -- "/etc/s6-linux-init/current"/scripts/runlevel - ''; + #!${execline}/bin/execlineb -P + ${execline}/bin/fdmove -c 2 1 + ${execline}/bin/fdmove 1 3 + ${s6}/bin/s6-ipcserver -1 -a 0700 -c 1 -- s + ${s6}/bin/s6-sudod -dt30000 -- "/etc/s6-linux-init/current"/scripts/runlevel + ''; mode = "0755"; }; }; @@ -108,12 +121,12 @@ let }; run = { file = '' - #!${execline}/bin/execlineb -P - importas PATH PATH - export PATH ${s6}/bin:''${PATH} - foreground { echo path is ''${PATH} } - ${s6-linux-init}/bin/s6-linux-init-shutdownd -c "/etc/s6-linux-init/current" -g 3000 - ''; + #!${execline}/bin/execlineb -P + importas PATH PATH + export PATH ${s6}/bin:''${PATH} + foreground { echo path is ''${PATH} } + ${s6-linux-init}/bin/s6-linux-init-shutdownd -c "/etc/s6-linux-init/current" -g 3000 + ''; mode = "0755"; }; }; @@ -122,8 +135,13 @@ let type = "i"; mode = "0600"; }; - notification-fd = { file = "3"; }; - run = { file = logger; mode = "0755"; }; + notification-fd = { + file = "3"; + }; + run = { + file = logger; + mode = "0755"; + }; }; getty = dir { run = { @@ -166,7 +184,8 @@ let ${s6-linux-init}/bin/s6-linux-init-shutdown -a #{action} -- now ''; empty = "#!${execline}/bin/execlineb -P\n"; - in dir { + in + dir { crash = { file = quit "s6-svscan crashed. Rebooting."; mode = "0755"; @@ -212,13 +231,15 @@ let }; }; -in { +in +{ options = { logging = { shipping = { enable = mkEnableOption "unix socket for log shipping"; socket = mkOption { - description = "socket pathname"; type = types.path; + description = "socket pathname"; + type = types.path; default = "/run/.log-shipping.sock"; }; service = mkOption { @@ -239,31 +260,46 @@ in { }; }; imports = [ - ( {config, pkgs, lib, ...}: + ( + { + config, + pkgs, + lib, + ... + }: let cfg = config.logging; - pipeline = shipper: bundle { - name = "log-shipping-pipe"; - contents = let - eat = longrun { - name = "log-shipping-pipe-eat"; - run = '' - fdmove -c 12 1 \ - ${pkgs.s6}/bin/s6-ipcserver ${cfg.shipping.socket} \ - fdmove -c 1 12 \ - cat - ''; - producer-for = spew.name; - }; - spew = shipper.override { - consumer-for ="log-shipping-pipe-eat"; - }; - in [ eat spew ]; - }; - in mkIf cfg.shipping.enable { + pipeline = + shipper: + bundle { + name = "log-shipping-pipe"; + contents = + let + eat = longrun { + name = "log-shipping-pipe-eat"; + run = '' + fdmove -c 12 1 \ + ${pkgs.s6}/bin/s6-ipcserver ${cfg.shipping.socket} \ + fdmove -c 1 12 \ + cat + ''; + producer-for = spew.name; + }; + spew = shipper.override { + consumer-for = "log-shipping-pipe-eat"; + }; + in + [ + eat + spew + ]; + }; + in + mkIf cfg.shipping.enable { services.${cfg.shipping.service.name} = pipeline cfg.shipping.service; } - )]; + ) + ]; config = { filesystem = dir { @@ -274,9 +310,11 @@ in { s6-linux-init = dir { current = dir { scripts = symlink "${s6-init-scripts}/scripts"; - env = dir {}; + env = dir { }; run-image = dir { - uncaught-logs = (dir {}) // {mode = "2750";}; + uncaught-logs = (dir { }) // { + mode = "2750"; + }; inherit service; }; }; diff --git a/modules/schnapps/default.nix b/modules/schnapps/default.nix index ce5c7e6..47d8086 100644 --- a/modules/schnapps/default.nix +++ b/modules/schnapps/default.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... } : +{ config, pkgs, ... }: { config = { programs.busybox = { @@ -14,6 +14,6 @@ FEATURE_FANCY_ECHO = "y"; }; }; - defaultProfile.packages = [ pkgs.schnapps ] ; + defaultProfile.packages = [ pkgs.schnapps ]; }; } diff --git a/modules/secrets/default.nix b/modules/secrets/default.nix index c17c9fa..177617d 100644 --- a/modules/secrets/default.nix +++ b/modules/secrets/default.nix @@ -3,12 +3,18 @@ ## various ways to manage secrets without writing them to the ## nix store -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types; inherit (pkgs) liminix; inherit (pkgs.liminix.services) longrun; -in { +in +{ options.system.service.secrets = { outboard = mkOption { description = "fetch secrets from external vault with https"; @@ -42,7 +48,7 @@ in { description = "service name"; type = types.str; }; - interval = mkOption { + interval = mkOption { type = types.int; default = 30; description = "how often to check the source, in minutes"; @@ -57,7 +63,7 @@ in { description = "service name"; type = types.str; }; - interval = mkOption { + interval = mkOption { type = types.int; default = 30; description = "how often to check the source, in minutes"; @@ -76,9 +82,16 @@ in { description = "how do we notify the service to regenerate its config"; default = "restart-all"; type = types.enum [ - "restart" "restart-all" - "hup" "int" "quit" "kill" "term" - "winch" "usr1" "usr2" + "restart" + "restart-all" + "hup" + "int" + "quit" + "kill" + "term" + "winch" + "usr1" + "usr2" ]; }; }; diff --git a/modules/secrets/outboard.nix b/modules/secrets/outboard.nix index c443843..e1dc1ea 100644 --- a/modules/secrets/outboard.nix +++ b/modules/secrets/outboard.nix @@ -1,11 +1,21 @@ { - liminix, lib, json-to-fstree, serviceFns + liminix, + lib, + json-to-fstree, + serviceFns, +}: +{ + name, + url, + interval, + username, + password, }: -{ name, url, interval, username, password } : let inherit (liminix.services) oneshot longrun; inherit (lib) optionalString; -in longrun { +in +longrun { inherit name; buildInputs = [ json-to-fstree ]; run = '' diff --git a/modules/secrets/subscriber.nix b/modules/secrets/subscriber.nix index 14f7675..578ccf3 100644 --- a/modules/secrets/subscriber.nix +++ b/modules/secrets/subscriber.nix @@ -1,7 +1,16 @@ { - liminix, lib, lim, s6, s6-rc, watch-outputs + liminix, + lib, + lim, + s6, + s6-rc, + watch-outputs, +}: +{ + watch, + service, + action, }: -{ watch, service, action } : let inherit (liminix.services) oneshot longrun; inherit (builtins) length head toString; @@ -11,41 +20,51 @@ let watched-services = unique (map (f: f "service") watch); paths = unique (map (f: f "path") watch); - restart-flag = { - restart = "-r"; - restart-all = "-R"; - "hup" = "-s 1"; - "int" = "-s 2"; - "quit" = "-s 3"; - "kill" = "-s 9"; - "term" = "-s 15"; - "winch" = "-s 28"; - "usr1" = "-s 10"; - "usr2" = "-s 12"; - }.${action}; + restart-flag = + { + restart = "-r"; + restart-all = "-R"; + "hup" = "-s 1"; + "int" = "-s 2"; + "quit" = "-s 3"; + "kill" = "-s 9"; + "term" = "-s 15"; + "winch" = "-s 28"; + "usr1" = "-s 10"; + "usr2" = "-s 12"; + } + .${action}; watched-service = - if length watched-services == 0 - then null - else if length watched-services == 1 - then head watched-services - else throw "cannot subscribe to more than one source service for secrets"; + if length watched-services == 0 then + null + else if length watched-services == 1 then + head watched-services + else + throw "cannot subscribe to more than one source service for secrets"; - watcher = let name' = "restart-${name}"; in longrun { - name = name'; - run = '' - dir=/run/service/${name} - echo waiting for $dir - if test -e $dir/notification-fd; then flag="-U"; else flag="-u"; fi - ${s6}/bin/s6-svwait $flag /run/service/${name} || exit - PATH=${s6-rc}/bin:${s6}/bin:$PATH - ${watch-outputs}/bin/watch-outputs ${restart-flag} ${name} ${watched-service.name} ${lib.concatStringsSep " " paths} - ''; - }; -in service.overrideAttrs(o: { - buildInputs = (lim.orEmpty o.buildInputs) ++ - optional (watched-service != null) watcher; - dependencies = (lim.orEmpty o.dependencies) ++ - optionals (watched-service != null) - [ watcher watched-service ]; + watcher = + let + name' = "restart-${name}"; + in + longrun { + name = name'; + run = '' + dir=/run/service/${name} + echo waiting for $dir + if test -e $dir/notification-fd; then flag="-U"; else flag="-u"; fi + ${s6}/bin/s6-svwait $flag /run/service/${name} || exit + PATH=${s6-rc}/bin:${s6}/bin:$PATH + ${watch-outputs}/bin/watch-outputs ${restart-flag} ${name} ${watched-service.name} ${lib.concatStringsSep " " paths} + ''; + }; +in +service.overrideAttrs (o: { + buildInputs = (lim.orEmpty o.buildInputs) ++ optional (watched-service != null) watcher; + dependencies = + (lim.orEmpty o.dependencies) + ++ optionals (watched-service != null) [ + watcher + watched-service + ]; }) diff --git a/modules/secrets/tang.nix b/modules/secrets/tang.nix index 7c30abf..68f25f6 100644 --- a/modules/secrets/tang.nix +++ b/modules/secrets/tang.nix @@ -1,11 +1,20 @@ { - liminix, lib, json-to-fstree, serviceFns, tangc + liminix, + lib, + json-to-fstree, + serviceFns, + tangc, +}: +{ + name, + path, + interval, }: -{ name, path, interval } : let inherit (liminix.services) longrun; inherit (lib) optionalString; -in longrun { +in +longrun { inherit name; buildInputs = [ json-to-fstree ]; notification-fd = 10; diff --git a/modules/ssh/default.nix b/modules/ssh/default.nix index 8f731e8..693522d 100644 --- a/modules/ssh/default.nix +++ b/modules/ssh/default.nix @@ -3,18 +3,26 @@ ## ## Provide SSH service using Dropbear -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types; inherit (pkgs) liminix; inherit (pkgs.pseudofile) dir file; - mkBoolOption = description : mkOption { - type = types.bool; - inherit description; - default = true; - }; + mkBoolOption = + description: + mkOption { + type = types.bool; + inherit description; + default = true; + }; -in { +in +{ options = { system.service.ssh = mkOption { type = liminix.lib.types.serviceDefn; @@ -47,15 +55,16 @@ in { allowLocalPortForward = mkBoolOption "Enable local port forwarding"; allowRemotePortForward = mkBoolOption "Enable remote port forwarding"; allowRemoteConnectionToForwardedPorts = mkOption { - type = types.bool; default = false; + type = types.bool; + default = false; description = "Allow remote hosts to connect to local forwarded ports (by default they are bound to loopback)"; }; authorizedKeys = mkOption { type = types.nullOr (liminix.lib.types.replacable (types.attrsOf (types.listOf types.nonEmptyStr))); example = { - root = ["ssh-rsa AAAAB3N...aZaZ"]; - alice = ["ssh-rsa AAAAB3N...qS4r"]; - bob = []; + root = [ "ssh-rsa AAAAB3N...aZaZ" ]; + alice = [ "ssh-rsa AAAAB3N...qS4r" ]; + bob = [ ]; }; default = null; description = "Authorized SSH public keys for each username. If this optin is provided it overrides any keys found in /home/{username}/.ssh"; diff --git a/modules/ssh/ssh.nix b/modules/ssh/ssh.nix index a2a97aa..6a502d1 100644 --- a/modules/ssh/ssh.nix +++ b/modules/ssh/ssh.nix @@ -1,8 +1,8 @@ { - liminix -, dropbear -, lib -, watch-ssh-keys + liminix, + dropbear, + lib, + watch-ssh-keys, }: { address, @@ -14,7 +14,7 @@ allowRoot, authorizedKeys, port, - extraConfig + extraConfig, }: let name = "sshd"; @@ -24,37 +24,39 @@ let keydir = "/run/${name}/authorized_keys"; options = [ - "-e" # pass environment to child - "-E" # log to stderr - "-R" # create hostkeys if needed + "-e" # pass environment to child + "-E" # log to stderr + "-R" # create hostkeys if needed "-P /run/dropbear.pid" - "-F" # don't fork into background - ] ++ - (lib.optional (! allowRoot) "-w") ++ - (lib.optional (! allowPasswordLogin) "-s") ++ - (lib.optional (! allowPasswordLoginForRoot) "-g") ++ - (lib.optional (! allowLocalPortForward) "-j") ++ - (lib.optional (! allowRemotePortForward) "-k") ++ - (lib.optional (! allowRemoteConnectionToForwardedPorts) "-a") ++ - (lib.optionals (authorizedKeys != null) ["-U" "${keydir}/%n"]) ++ - [(if address != null - then "-p ${address}:${toString port}" - else "-p ${toString port}")] ++ - [extraConfig]; + "-F" # don't fork into background + ] + ++ (lib.optional (!allowRoot) "-w") + ++ (lib.optional (!allowPasswordLogin) "-s") + ++ (lib.optional (!allowPasswordLoginForRoot) "-g") + ++ (lib.optional (!allowLocalPortForward) "-j") + ++ (lib.optional (!allowRemotePortForward) "-k") + ++ (lib.optional (!allowRemoteConnectionToForwardedPorts) "-a") + ++ (lib.optionals (authorizedKeys != null) [ + "-U" + "${keydir}/%n" + ]) + ++ [ + (if address != null then "-p ${address}:${toString port}" else "-p ${toString port}") + ] + ++ [ extraConfig ]; isKeyservice = typeOf authorizedKeys == "lambda"; authKeysConcat = - if authorizedKeys != null && !isKeyservice - then mapAttrs - (n : v : concatStringsSep "\\n" v) - authorizedKeys - else {}; + if authorizedKeys != null && !isKeyservice then + mapAttrs (n: v: concatStringsSep "\\n" v) authorizedKeys + else + { }; keyservice = longrun { name = "${name}-watch-keys"; run = '' mkdir -p ${keydir} exec ${watch-ssh-keys}/bin/watch-ssh-keys -d ${keydir} ${authorizedKeys "service"} ${authorizedKeys "path"} ''; - dependencies = [ (authorizedKeys "service") ] ; + dependencies = [ (authorizedKeys "service") ]; }; in longrun { @@ -66,12 +68,9 @@ longrun { run = '' ln -s $(mkstate dropbear) /run mkdir -p /run/${name}/authorized_keys - ${concatStringsSep "\n" - (mapAttrsToList - (n : v : "echo -e '${v}' > /run/${name}/authorized_keys/${n} ") - authKeysConcat - ) - } + ${concatStringsSep "\n" ( + mapAttrsToList (n: v: "echo -e '${v}' > /run/${name}/authorized_keys/${n} ") authKeysConcat + )} . /etc/profile # sets PATH but do we need this? it's the same file as ashrc exec env -i ENV=/etc/ashrc PATH=$PATH ${dropbear}/bin/dropbear ${concatStringsSep " " options} ''; diff --git a/modules/tls-certificate/certifix-client.nix b/modules/tls-certificate/certifix-client.nix index f90af27..0c02d05 100644 --- a/modules/tls-certificate/certifix-client.nix +++ b/modules/tls-certificate/certifix-client.nix @@ -1,9 +1,16 @@ -{ liminix, certifix-client, svc, lib, writeText, serviceFns }: +{ + liminix, + certifix-client, + svc, + lib, + writeText, + serviceFns, +}: { caCertificate, secret, subject, - serviceUrl + serviceUrl, }: let inherit (builtins) filter isString split; @@ -11,7 +18,8 @@ let name = "certifix-${lib.strings.sanitizeDerivationName subject}"; caCertFile = writeText "ca.crt" caCertificate; secretFile = writeText "secret" secret; -in oneshot { +in +oneshot { inherit name; up = '' (in_outputs ${name} diff --git a/modules/tls-certificate/default.nix b/modules/tls-certificate/default.nix index e69cdbe..9b825a2 100644 --- a/modules/tls-certificate/default.nix +++ b/modules/tls-certificate/default.nix @@ -1,5 +1,9 @@ - -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types; inherit (pkgs) liminix; @@ -7,34 +11,35 @@ in { options = { system.service.tls-certificate = { - certifix-client = mkOption { + certifix-client = mkOption { type = liminix.lib.types.serviceDefn; }; }; }; config.system.service.tls-certificate.certifix-client = - config.system.callService ./certifix-client.nix { - # this is probably read from files on the build machine, - # but are not named with ...File suffix because they are - # not files on the device (they get embedded into the store) - caCertificate = mkOption { - description = "CA certificate in PEM format. This must be the same CA as that which signed the certificate of the Certifix server"; - type = types.str; + config.system.callService ./certifix-client.nix + { + # this is probably read from files on the build machine, + # but are not named with ...File suffix because they are + # not files on the device (they get embedded into the store) + caCertificate = mkOption { + description = "CA certificate in PEM format. This must be the same CA as that which signed the certificate of the Certifix server"; + type = types.str; + }; + secret = mkOption { + description = "The shared secret to embed in signing request. This must match the secret configured in the Certifix service, otherwise it will refuse to sign the CSR."; + type = types.str; + }; + subject = mkOption { + description = "Subject of the certificate request, as an X509 DN. The CN ('Common Name') you provide here is also used as the value of the SubjectAlternativeName extension."; + type = types.str; + example = "C=GB,ST=London,O=Liminix,OU=IT,CN=myhostname"; + }; + serviceUrl = mkOption { + description = "Certifix server endpoint URL"; + type = types.str; + example = "https://certifix.lan:19613/sign"; + }; }; - secret = mkOption { - description = "The shared secret to embed in signing request. This must match the secret configured in the Certifix service, otherwise it will refuse to sign the CSR."; - type = types.str; - }; - subject = mkOption { - description = "Subject of the certificate request, as an X509 DN. The CN ('Common Name') you provide here is also used as the value of the SubjectAlternativeName extension."; - type = types.str; - example = "C=GB,ST=London,O=Liminix,OU=IT,CN=myhostname"; - }; - serviceUrl = mkOption { - description = "Certifix server endpoint URL"; - type = types.str; - example = "https://certifix.lan:19613/sign"; - }; - }; } diff --git a/modules/uevent-rule/default.nix b/modules/uevent-rule/default.nix index 56faad1..9540308 100644 --- a/modules/uevent-rule/default.nix +++ b/modules/uevent-rule/default.nix @@ -1,12 +1,18 @@ # this is unlikely to be the final form or location of this code, it's # an interim module which wraps the uevent-watch command -{ lib, pkgs, config, ... }: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types; inherit (pkgs) liminix; +in # inherit (pkgs.liminix.services) bundle; -in { +{ options = { system.service.uevent-rule = mkOption { description = "a service which starts other services based on device state (sysfs)"; @@ -25,7 +31,7 @@ in { devtype = "usb_device"; attrs.idVendor = "8086"; }; - default = {}; + default = { }; }; symlink = mkOption { description = "create symlink targeted on devpath"; diff --git a/modules/uevent-rule/rule.nix b/modules/uevent-rule/rule.nix index 0a97630..753b102 100644 --- a/modules/uevent-rule/rule.nix +++ b/modules/uevent-rule/rule.nix @@ -1,23 +1,30 @@ { - liminix -, uevent-watch -, lib }: + liminix, + uevent-watch, + lib, +}: { - serviceName, terms, symlink + serviceName, + terms, + symlink, }: let inherit (liminix.services) longrun; inherit (lib.attrsets) collect mapAttrsRecursive; inherit (lib.strings) concatStringsSep; - stringify = attrs : - concatStringsSep " " - (collect lib.isString - (mapAttrsRecursive - (path : value : "${concatStringsSep "." path}=${value}") - attrs)); + stringify = + attrs: + concatStringsSep " " ( + collect lib.isString ( + mapAttrsRecursive (path: value: "${concatStringsSep "." path}=${value}") attrs + ) + ); termsString = stringify terms; -in longrun { +in +longrun { name = "watch-for-${serviceName}"; restart-on-upgrade = true; - run = "${uevent-watch}/bin/uevent-watch ${if symlink != null then "-n ${symlink}" else ""} -s ${serviceName} ${termsString}"; + run = "${uevent-watch}/bin/uevent-watch ${ + if symlink != null then "-n ${symlink}" else "" + } -s ${serviceName} ${termsString}"; } diff --git a/modules/users.nix b/modules/users.nix index 89774f2..5f0f1ad 100644 --- a/modules/users.nix +++ b/modules/users.nix @@ -10,11 +10,20 @@ ## the immutable store, so you can't e.g change a password with ## :command:`passwd` - -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) - concatStrings concatStringsSep mapAttrsToList mkOption types; + concatStrings + concatStringsSep + mapAttrsToList + mkOption + types + ; inherit (builtins) toString; inherit (pkgs.pseudofile) dir; passwd-file = @@ -28,82 +37,98 @@ let in concatStrings lines; group-file = - let lines = mapAttrsToList - (name: {gid, usernames ? []}: - "${name}:x:${toString gid}:${concatStringsSep "," usernames}\n" ) - config.groups; - in concatStrings lines; -in { + let + lines = mapAttrsToList ( + name: + { + gid, + usernames ? [ ], + }: + "${name}:x:${toString gid}:${concatStringsSep "," usernames}\n" + ) config.groups; + in + concatStrings lines; +in +{ options = { - users = mkOption { - type = types.attrsOf (types.submodule { - options = { - passwd = mkOption { - type = types.str; - description = "encrypted password, as generated by mkpasswd -m sha512crypt"; - example = "$6$RIYL.EgWOrtoJ0/7$Z53a8sc0o6AU/kuFOGiLJKhwVavTG/deoM7JTs6luNczYSUsh4UYmhvT8sVzm.l8F/LZXhhhkC7IHQs5UGAIM/"; - default = "!!"; + users = mkOption { + type = types.attrsOf ( + types.submodule { + options = { + passwd = mkOption { + type = types.str; + description = "encrypted password, as generated by mkpasswd -m sha512crypt"; + example = "$6$RIYL.EgWOrtoJ0/7$Z53a8sc0o6AU/kuFOGiLJKhwVavTG/deoM7JTs6luNczYSUsh4UYmhvT8sVzm.l8F/LZXhhhkC7IHQs5UGAIM/"; + default = "!!"; + }; + uid = mkOption { + type = types.int; + }; + gid = mkOption { + type = types.int; + }; + gecos = mkOption { + type = types.str; + default = ""; + example = "Jo Q User"; + }; + dir = mkOption { + type = types.str; + default = "/run"; + }; + shell = mkOption { + type = types.str; + default = "/bin/sh"; + }; + openssh.authorizedKeys.keys = mkOption { + type = types.listOf types.str; + default = [ ]; + }; }; - uid = mkOption { - type = types.int; - }; - gid = mkOption { - type = types.int; - }; - gecos = mkOption { - type = types.str; - default = ""; - example = "Jo Q User"; - }; - dir = mkOption { - type = types.str; - default = "/run"; - }; - shell = mkOption { - type = types.str; - default = "/bin/sh"; - }; - openssh.authorizedKeys.keys = mkOption { - type = types.listOf types.str; - default = []; - }; - }; - }); + } + ); }; - groups = mkOption { - type = types.attrsOf (types.submodule { - options = { - gid = mkOption { - type = types.int; + groups = mkOption { + type = types.attrsOf ( + types.submodule { + options = { + gid = mkOption { + type = types.int; + }; + usernames = mkOption { + type = types.listOf types.str; + default = [ ]; + }; }; - usernames = mkOption { - type = types.listOf types.str; - default = []; - }; - }; - }); + } + ); }; }; config = - let authorized_key_files = - lib.attrsets.mapAttrs - (name: val: dir { - ".ssh" = dir { - authorized_keys = { - inherit (val) uid gid; - type = "f"; - mode = "0400"; - file = lib.concatStringsSep - "\n" val.openssh.authorizedKeys.keys; - }; - }; - }) - config.users; - in { + let + authorized_key_files = lib.attrsets.mapAttrs ( + name: val: + dir { + ".ssh" = dir { + authorized_keys = { + inherit (val) uid gid; + type = "f"; + mode = "0400"; + file = lib.concatStringsSep "\n" val.openssh.authorizedKeys.keys; + }; + }; + } + ) config.users; + in + { filesystem = dir { etc = dir { - passwd = { file = passwd-file; }; - group = { file = group-file; }; + passwd = { + file = passwd-file; + }; + group = { + file = group-file; + }; }; home = dir authorized_key_files; }; diff --git a/modules/vlan/default.nix b/modules/vlan/default.nix index a0fa212..2be9b9a 100644 --- a/modules/vlan/default.nix +++ b/modules/vlan/default.nix @@ -10,7 +10,12 @@ ## and require using VLAN in order to send different traffic to ## different ports (e.g. LAN vs WAN) -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types; inherit (pkgs) liminix; diff --git a/modules/vlan/service.nix b/modules/vlan/service.nix index 1311545..3a1aafc 100644 --- a/modules/vlan/service.nix +++ b/modules/vlan/service.nix @@ -1,11 +1,16 @@ { - liminix -, lib + liminix, + lib, +}: +{ + ifname, + primary, + vid, }: -{ ifname, primary, vid } : let inherit (liminix.services) oneshot; -in oneshot rec { +in +oneshot rec { name = "${ifname}.link"; up = '' ip link add link $(output ${primary} ifname) name ${ifname} type vlan id ${vid} diff --git a/modules/watchdog/default.nix b/modules/watchdog/default.nix index e654522..a687d7b 100644 --- a/modules/watchdog/default.nix +++ b/modules/watchdog/default.nix @@ -4,14 +4,19 @@ ## feed it by checking the health of specified critical services. ## If the watchdog feeder stops, the device will reboot. -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (lib) mkOption types; inherit (pkgs) liminix; in { options = { - system.service.watchdog = mkOption { + system.service.watchdog = mkOption { type = liminix.lib.types.serviceDefn; }; }; diff --git a/modules/watchdog/watchdog.nix b/modules/watchdog/watchdog.nix index e4d8805..8e743ef 100644 --- a/modules/watchdog/watchdog.nix +++ b/modules/watchdog/watchdog.nix @@ -1,13 +1,15 @@ { - liminix -, lib -, s6 + liminix, + lib, + s6, }: -{ watched, headStart } : +{ watched, headStart }: let inherit (liminix.services) longrun; -in longrun { +in +longrun { name = "watchdog"; - run = - "PATH=${s6}/bin:$PATH HEADSTART=${toString headStart} ${./gaspode.sh} ${lib.concatStringsSep " " (builtins.map (s: s.name) watched)}"; + run = "PATH=${s6}/bin:$PATH HEADSTART=${toString headStart} ${./gaspode.sh} ${ + lib.concatStringsSep " " (builtins.map (s: s.name) watched) + }"; } diff --git a/modules/wlan.nix b/modules/wlan.nix index 8a63406..6b6a843 100644 --- a/modules/wlan.nix +++ b/modules/wlan.nix @@ -1,4 +1,9 @@ -{ lib, pkgs, config, ...}: +{ + lib, + pkgs, + config, + ... +}: let inherit (pkgs.pseudofile) dir symlink; inherit (pkgs) stdenv wireless-regdb; @@ -10,7 +15,8 @@ let cp ${wireless-regdb}/lib/firmware/regulatory.db $out/ ''; }; -in { +in +{ config = { filesystem = dir { lib = dir { @@ -20,7 +26,8 @@ in { }; }; programs.busybox.applets = [ - "insmod" "rmmod" + "insmod" + "rmmod" ]; kernel = rec { config = { diff --git a/modules/wwan/default.nix b/modules/wwan/default.nix index dc0560e..aedc023 100644 --- a/modules/wwan/default.nix +++ b/modules/wwan/default.nix @@ -1,12 +1,18 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let inherit (pkgs) liminix; inherit (lib) mkOption types; huawei-cdc-ncm = pkgs.kmodloader.override { - targets = ["huawei_cdc_ncm"]; + targets = [ "huawei_cdc_ncm" ]; inherit (config.system.outputs) kernel; }; -in { +in +{ imports = [ ../uevent-rule ../mdevd.nix @@ -25,25 +31,35 @@ in { USB_SERIAL_OPTION = "y"; }; programs.busybox.applets = [ - "insmod" "rmmod" + "insmod" + "rmmod" ]; # https://www.0xf8.org/2017/01/flashing-a-huawei-e3372h-4g-lte-stick-from-hilink-to-stick-mode/ system.service.wwan.huawei-e3372 = - let svc = config.system.callService ./huawei-e3372.nix { - apn = mkOption { type = types.str; }; - username = mkOption { type = types.str; }; - password = mkOption { type = types.str; }; - authType = mkOption { type = types.enum [ "pap" "chap" ]; }; + let + svc = config.system.callService ./huawei-e3372.nix { + apn = mkOption { type = types.str; }; + username = mkOption { type = types.str; }; + password = mkOption { type = types.str; }; + authType = mkOption { + type = types.enum [ + "pap" + "chap" + ]; }; - in - svc // { - build = args : - let args' = args // { - dependencies = (args.dependencies or []) ++ - [huawei-cdc-ncm]; - }; - in svc.build args' ; }; + in + svc + // { + build = + args: + let + args' = args // { + dependencies = (args.dependencies or [ ]) ++ [ huawei-cdc-ncm ]; + }; + in + svc.build args'; + }; }; } diff --git a/modules/wwan/huawei-e3372.nix b/modules/wwan/huawei-e3372.nix index 9a69d4d..cb46ae7 100644 --- a/modules/wwan/huawei-e3372.nix +++ b/modules/wwan/huawei-e3372.nix @@ -1,12 +1,17 @@ { - liminix -, usb-modeswitch -, ppp -, lib -, svc -, uevent-watch + liminix, + usb-modeswitch, + ppp, + lib, + svc, + uevent-watch, +}: +{ + apn, + username, + password, + authType, }: -{ apn, username, password, authType }: let inherit (liminix.services) oneshot; authTypeNum = if authType == "pap" then "1" else "2"; @@ -16,25 +21,36 @@ let # kind is to be preferred, at least in principle, because it's # faster. This initialization sequence works for the Huawei # E3372, and took much swearing: the error messages are *awful* - "" "AT" - "OK" "ATZ" + "" + "AT" + "OK" + "ATZ" # create PDP context - "OK" "AT+CGDCONT=1,\"IP\",\"${apn}\"" + "OK" + "AT+CGDCONT=1,\"IP\",\"${apn}\"" # activate PDP context - "OK" "AT+CGACT=1,1" + "OK" + "AT+CGACT=1,1" # setup username and password per requirements of sim provider. # (caret is special to chat, so needs escaping in AT commands) - "OK" "AT\\^AUTHDATA=1,${authTypeNum},\"\",\"${password}\",\"${username}\"" + "OK" + "AT\\^AUTHDATA=1,${authTypeNum},\"\",\"${password}\",\"${username}\"" # start the thing (I am choosing to read this as "NDIS DialUP") - "OK" "AT\\^NDISDUP=1,1" + "OK" + "AT\\^NDISDUP=1,1" "OK" ]; modeswitch = oneshot rec { name = "modem-modeswitch"; - controller = (svc.uevent-rule.build { - serviceName = name; - terms = { devtype = "usb_device"; product = "12d1/14fe/102"; }; - }); + controller = ( + svc.uevent-rule.build { + serviceName = name; + terms = { + devtype = "usb_device"; + product = "12d1/14fe/102"; + }; + } + ); up = '' ${usb-modeswitch}/bin/usb_modeswitch -v 12d1 -p 14fe --huawei-new-mode ''; @@ -45,17 +61,19 @@ let # is only running when the stick is in the wrong mode dependencies = [ modeswitch.controller ]; buildInputs = [ modeswitch ]; - controller = (svc.uevent-rule.build { - serviceName = name; - terms = { - subsystem = "tty"; - attrs = { - idVendor = "12d1"; - idProduct = "1506"; + controller = ( + svc.uevent-rule.build { + serviceName = name; + terms = { + subsystem = "tty"; + attrs = { + idVendor = "12d1"; + idProduct = "1506"; + }; }; - }; - symlink = "/dev/modem"; - }); + symlink = "/dev/modem"; + } + ); up = '' ls -l /dev/modem test -L /dev/modem || exit 1 @@ -64,7 +82,8 @@ let down = "${ppp}/bin/chat -v '' ATZ OK 0<>/dev/modem 1>&0"; }; -in svc.network.link.build { +in +svc.network.link.build { ifname = "wwan0"; dependencies = [ atz ]; } diff --git a/modules/zyxel-dual-image/default.nix b/modules/zyxel-dual-image/default.nix index 1b2c2e2..eb23f12 100644 --- a/modules/zyxel-dual-image/default.nix +++ b/modules/zyxel-dual-image/default.nix @@ -10,7 +10,12 @@ ## failure on the primary partition. The exact details are specifics to your device. ## See the Zyxel NWA50AX for an example. ## TODO: generalize this module. -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let inherit (lib) mkOption types; inherit (pkgs) liminix; @@ -22,23 +27,31 @@ in config.boot.zyxel-dual-image = config.system.callService ./service.nix { ensureActiveImage = mkOption { - type = types.enum [ "primary" "secondary" ]; + type = types.enum [ + "primary" + "secondary" + ]; default = "primary"; - description = ''At boot, ensure that the active image is the one specified. + description = '' + At boot, ensure that the active image is the one specified. - If you are already on a broken image, you need to manually boot - into the right image via `atgo ` in U-Boot. + If you are already on a broken image, you need to manually boot + into the right image via `atgo ` in U-Boot. ''; }; kernelCommandLineSource = mkOption { - type = types.enum [ "/proc/cmdline" "/proc/device-tree/chosen/bootargs" ]; + type = types.enum [ + "/proc/cmdline" + "/proc/device-tree/chosen/bootargs" + ]; default = "/proc/device-tree/chosen/bootargs"; - description = ''Kernel command line arguments source file. - On MIPS, Liminix embeds the kernel command line in /proc/device-tree/chosen/bootargs-override. + description = '' + Kernel command line arguments source file. + On MIPS, Liminix embeds the kernel command line in /proc/device-tree/chosen/bootargs-override. - In this instance, it does not get concatenated with `/proc/cmdline`. - Therefore you may prefer to source it from another place, like `/proc/device-tree/chosen/bootargs`. + In this instance, it does not get concatenated with `/proc/cmdline`. + Therefore you may prefer to source it from another place, like `/proc/device-tree/chosen/bootargs`. ''; }; diff --git a/modules/zyxel-dual-image/service.nix b/modules/zyxel-dual-image/service.nix index 3edd642..82f9f24 100644 --- a/modules/zyxel-dual-image/service.nix +++ b/modules/zyxel-dual-image/service.nix @@ -1,13 +1,20 @@ { - liminix -, lib -, zyxel-bootconfig + liminix, + lib, + zyxel-bootconfig, +}: +{ + ensureActiveImage, + primaryMtdPartition, + secondaryMtdPartition, + bootConfigurationMtdPartition, + kernelCommandLineSource, }: -{ ensureActiveImage, primaryMtdPartition, secondaryMtdPartition, bootConfigurationMtdPartition, kernelCommandLineSource }: let inherit (liminix.services) oneshot; activeImageIndex = if ensureActiveImage == "primary" then 0 else 1; -in oneshot { +in +oneshot { name = "zyxel-boot-configure"; up = '' set -- $(cat /proc/device-tree/chosen/bootargs) diff --git a/overlay.nix b/overlay.nix index bf302cf..97b2c53 100644 --- a/overlay.nix +++ b/overlay.nix @@ -1,29 +1,29 @@ final: prev: let isCross = final.stdenv.buildPlatform != final.stdenv.hostPlatform; - crossOnly = pkg : amendFn : if isCross then (amendFn pkg) else pkg; + crossOnly = pkg: amendFn: if isCross then (amendFn pkg) else pkg; extraPkgs = import ./pkgs/default.nix { inherit (final) lib callPackage; }; inherit (final) fetchpatch lib; luaHost = let - l = prev.lua5_3.overrideAttrs(o: { + l = prev.lua5_3.overrideAttrs (o: { name = "lua-tty"; preBuild = '' makeFlagsArray+=(PLAT="posix" SYSLIBS="-Wl,-E -ldl" CFLAGS="-O2 -fPIC -DLUA_USE_POSIX -DLUA_USE_DLOPEN") - ''; + ''; # lua in nixpkgs has a postInstall stanza that assumes only # one output, we need to override that if we're going to # convert to multi-output # outputs = ["bin" "man" "out"]; - makeFlags = - builtins.filter (x: (builtins.match "(PLAT|MYLIBS).*" x) == null) - o.makeFlags; + makeFlags = builtins.filter (x: (builtins.match "(PLAT|MYLIBS).*" x) == null) o.makeFlags; }); - in l.override { self = l; }; + in + l.override { self = l; }; - s6 = prev.s6.overrideAttrs(o: + s6 = prev.s6.overrideAttrs ( + o: let patch = fetchpatch { # add "p" directive in s6-log @@ -31,100 +31,116 @@ let hash = "sha256-fBtUinBdp5GqoxgF6fcR44Tu8hakxs/rOShhuZOgokc="; }; patch_needed = builtins.compareVersions o.version "2.11.1.2" <= 0; - in { - configureFlags = (builtins.filter - (x: (builtins.match ".*shared.*" x) == null) - o.configureFlags) ++ - [ - "--disable-allstatic" - "--disable-static" - "--enable-shared" + in + { + configureFlags = + (builtins.filter (x: (builtins.match ".*shared.*" x) == null) o.configureFlags) + ++ [ + "--disable-allstatic" + "--disable-static" + "--enable-shared" + ]; + hardeningDisable = [ "all" ]; + stripAllList = [ + "sbin" + "bin" ]; - hardeningDisable = ["all"]; - stripAllList = [ "sbin" "bin" ]; - patches = - (if o ? patches then o.patches else []) ++ - (if patch_needed then [ patch ] else []); - }); + patches = (if o ? patches then o.patches else [ ]) ++ (if patch_needed then [ patch ] else [ ]); + } + ); in -extraPkgs // { +extraPkgs +// { # liminix library functions lim = { parseInt = s: (builtins.fromTOML "r=${s}").r; - orEmpty = x: if x != null then x else []; + orEmpty = x: if x != null then x else [ ]; }; # keep these alphabetical btrfs-progs = crossOnly prev.btrfs-progs ( - d: d.override { + d: + d.override { udevSupport = false; udev = null; } ); chrony = - let chrony' = prev.chrony.overrideAttrs(o: { - configureFlags = [ - "--chronyvardir=$(out)/var/lib/chrony" - "--disable-readline" - "--disable-editline" - ]; - }); - in chrony'.override { + let + chrony' = prev.chrony.overrideAttrs (o: { + configureFlags = [ + "--chronyvardir=$(out)/var/lib/chrony" + "--disable-readline" + "--disable-editline" + ]; + }); + in + chrony'.override { gnutls = null; libedit = null; libseccomp = null; # should texinfo be in nativeBuildInputs instead of # buildInputs? texinfo = null; - } // lib.optionalAttrs (lib.versionOlder lib.version "24.10") { + } + // lib.optionalAttrs (lib.versionOlder lib.version "24.10") { nss = null; nspr = null; readline = null; }; # clevis without luks/tpm - clevis = crossOnly prev.clevis - (d: let c = d.overrideAttrs(o: { - outputs = ["out"]; - preConfigure = '' - rm -rf src/luks - sed -i -e '/luks/d' src/meson.build - ''; - }); in c.override { - asciidoc = null; - cryptsetup = null; - luksmeta = null; - tpm2-tools = null; - }); + clevis = crossOnly prev.clevis ( + d: + let + c = d.overrideAttrs (o: { + outputs = [ "out" ]; + preConfigure = '' + rm -rf src/luks + sed -i -e '/luks/d' src/meson.build + ''; + }); + in + c.override { + asciidoc = null; + cryptsetup = null; + luksmeta = null; + tpm2-tools = null; + } + ); # luarocks wants a cross-compiled cmake (which seems like a bug, # we're never going to run luarocks on the device, but ...) # but https://github.com/NixOS/nixpkgs/issues/284734 # so we do surgery on the cmake derivation until that's fixed - cmake = crossOnly prev.cmake - (d: d.overrideAttrs(o: { + cmake = crossOnly prev.cmake ( + d: + d.overrideAttrs (o: { preConfigure = - builtins.replaceStrings - ["$configureFlags"] ["$configureFlags $cmakeFlags"] o.preConfigure; - } - )); + builtins.replaceStrings [ "$configureFlags" ] [ "$configureFlags $cmakeFlags" ] + o.preConfigure; + }) + ); dnsmasq = - let d = prev.dnsmasq.overrideAttrs(o: { - preBuild = '' - makeFlagsArray=("COPTS=") - ''; - }); - in d.override { + let + d = prev.dnsmasq.overrideAttrs (o: { + preBuild = '' + makeFlagsArray=("COPTS=") + ''; + }); + in + d.override { dbusSupport = false; nettle = null; }; - dropbear = crossOnly prev.dropbear - (d: d.overrideAttrs (o: rec { + dropbear = crossOnly prev.dropbear ( + d: + d.overrideAttrs (o: rec { version = "2024.85"; src = final.fetchurl { url = "https://matt.ucc.asn.au/dropbear/releases/dropbear-${version}.tar.bz2"; @@ -132,34 +148,41 @@ extraPkgs // { }; patches = # need to update nixpkgs patch for new version of dropbear - let passPath = final.runCommand "pass-path" {} '' - sed < ${builtins.head o.patches} -e 's,svr-chansession.c,src/svr-chansession.c,g' > $out - ''; - in [ + let + passPath = final.runCommand "pass-path" { } '' + sed < ${builtins.head o.patches} -e 's,svr-chansession.c,src/svr-chansession.c,g' > $out + ''; + in + [ passPath ./pkgs/dropbear/add-authkeyfile-option.patch ]; postPatch = '' - (echo '#define DSS_PRIV_FILENAME "/run/dropbear/dropbear_dss_host_key"' - echo '#define RSA_PRIV_FILENAME "/run/dropbear/dropbear_rsa_host_key"' - echo '#define ECDSA_PRIV_FILENAME "/run/dropbear/dropbear_ecdsa_host_key"' - echo '#define ED25519_PRIV_FILENAME "/run/dropbear/dropbear_ed25519_host_key"') > localoptions.h + (echo '#define DSS_PRIV_FILENAME "/run/dropbear/dropbear_dss_host_key"' + echo '#define RSA_PRIV_FILENAME "/run/dropbear/dropbear_rsa_host_key"' + echo '#define ECDSA_PRIV_FILENAME "/run/dropbear/dropbear_ecdsa_host_key"' + echo '#define ED25519_PRIV_FILENAME "/run/dropbear/dropbear_ed25519_host_key"') > localoptions.h ''; - })); + }) + ); - elfutils = crossOnly prev.elfutils - (d: let e = d.overrideAttrs(o: { - configureFlags = o.configureFlags ++[ - "ac_cv_has_stdatomic=no" - ]; - }); - in e.override { - enableDebuginfod = false; - }); + elfutils = crossOnly prev.elfutils ( + d: + let + e = d.overrideAttrs (o: { + configureFlags = o.configureFlags ++ [ + "ac_cv_has_stdatomic=no" + ]; + }); + in + e.override { + enableDebuginfod = false; + } + ); hostapd = let - config = [ + config = [ "CONFIG_DRIVER_NL80211=y" "CONFIG_IAPP=y" "CONFIG_IEEE80211AC=y" @@ -174,7 +197,7 @@ extraPkgs // { "CONFIG_RSN_PREAUTH=y" "CONFIG_TLS=internal" ]; - h = prev.hostapd.overrideAttrs(o: { + h = prev.hostapd.overrideAttrs (o: { extraConfig = ""; configurePhase = '' cat > hostapd/defconfig < 0 then - if arg[1] == '--test' then - eval_as_test(arg[2]) - else - script = table.remove(arg, 1) - fennel.dofile(script, {correlate = true}, arg) - end + local more_fennel = os.getenv("FENNEL_PATH") + if more_fennel then + fennel.path = more_fennel .. ";" .. fennel.path + end + if #arg > 0 then + if arg[1] == '--test' then + eval_as_test(arg[2]) else - fennel.repl() + script = table.remove(arg, 1) + fennel.dofile(script, {correlate = true}, arg) end - '' + else + fennel.repl() + end +'' diff --git a/pkgs/fetch-freebsd/default.nix b/pkgs/fetch-freebsd/default.nix index a2e144e..44641ff 100644 --- a/pkgs/fetch-freebsd/default.nix +++ b/pkgs/fetch-freebsd/default.nix @@ -3,14 +3,15 @@ stdenv, openssl, lua, - fetchFromGitHub -}: stdenv.mkDerivation { + fetchFromGitHub, +}: +stdenv.mkDerivation { pname = "fetch-freebsd"; version = "v12.0.11"; src = fetchFromGitHub { - owner= "jrmarino"; + owner = "jrmarino"; repo = "fetch-freebsd"; - rev = "v12.0.11"; + rev = "v12.0.11"; hash = "sha256-nLNqjQFV9x2NntBdUlabxjS9q+er28zi8uXjWvCK2Ps="; }; cmakeFlags = [ @@ -22,7 +23,10 @@ $CC -shared -o fetch-lua.so ${./lua-glue.c} -I$src -Llibrary -lssl -lfetch -llua ''; nativeBuildInputs = [ cmake ]; - buildInputs = [ lua openssl ]; + buildInputs = [ + lua + openssl + ]; postInstall = '' rm -r $out/lib/lib*.a mkdir -p $out/lib/lua/${lua.luaversion} diff --git a/pkgs/firewallgen/default.nix b/pkgs/firewallgen/default.nix index dc7b907..c9bd96f 100644 --- a/pkgs/firewallgen/default.nix +++ b/pkgs/firewallgen/default.nix @@ -1,79 +1,94 @@ { - nftables -, writeScript -, lib -} : -name : ruleset : + nftables, + writeScript, + lib, +}: +name: ruleset: let - inherit (lib.strings) concatStringsSep splitString hasInfix substring; + inherit (lib.strings) + concatStringsSep + splitString + hasInfix + substring + ; inherit (lib.lists) groupBy; inherit (lib.attrsets) mapAttrsToList; inherit (builtins) map head tail; - indentLines = offset : lines : - if lines == [] - then "" + indentLines = + offset: lines: + if lines == [ ] then + "" else let line = head lines; isOpen = hasInfix "{" line; isClose = hasInfix "}" line; - offset' = offset + - (if isOpen then 4 else 0) + - (if isClose then -4 else 0); + offset' = offset + (if isOpen then 4 else 0) + (if isClose then -4 else 0); padding = offset: substring 0 offset " "; in - if (isClose && !isOpen) - then - (padding offset') + line + "\n" + indentLines offset' (tail lines) - else - (padding offset) + line + "\n" + indentLines offset' (tail lines); + if (isClose && !isOpen) then + (padding offset') + line + "\n" + indentLines offset' (tail lines) + else + (padding offset) + line + "\n" + indentLines offset' (tail lines); - indent = text : indentLines 0 (splitString "\n" text); + indent = text: indentLines 0 (splitString "\n" text); - dochain = { name, type, family, rules, - policy ? null, - priority ? "filter", - hook ? null } : '' - chain ${name} { - ${if hook != null - then "type ${type} hook ${hook} priority ${priority}; policy ${policy};" - else "" - } - ${concatStringsSep "\n" rules} - } - ''; + dochain = + { + name, + type, + family, + rules, + policy ? null, + priority ? "filter", + hook ? null, + }: + '' + chain ${name} { + ${if hook != null then "type ${type} hook ${hook} priority ${priority}; policy ${policy};" else ""} + ${concatStringsSep "\n" rules} + } + ''; - doset = { name, type, elements ? [], ... } : '' - set ${name} { - type ${type} - ${if elements != [] - then "elements = { ${concatStringsSep ", " elements } }" - else "" - } - } - ''; + doset = + { + name, + type, + elements ? [ ], + ... + }: + '' + set ${name} { + type ${type} + ${if elements != [ ] then "elements = { ${concatStringsSep ", " elements} }" else ""} + } + ''; dochainorset = - { kind ? "chain", ... } @ params : + { + kind ? "chain", + ... + }@params: { chain = dochain; set = doset; - }.${kind} params; + } + .${kind} + params; - dotable = family : chains : '' + dotable = family: chains: '' table ${family} table-${family} { ${concatStringsSep "\n" (map dochainorset chains)} } ''; - categorise = chains : - groupBy - ({ family, ... } : family) - (mapAttrsToList (n : v : { name = n; } // v ) chains); -in writeScript name '' -#!${nftables}/sbin/nft -f + categorise = + chains: groupBy ({ family, ... }: family) (mapAttrsToList (n: v: { name = n; } // v) chains); +in +writeScript name '' + #!${nftables}/sbin/nft -f -flush ruleset + flush ruleset -${indent (concatStringsSep "\n" (mapAttrsToList dotable (categorise ruleset)))} + ${indent (concatStringsSep "\n" (mapAttrsToList dotable (categorise ruleset)))} '' diff --git a/pkgs/firewallgen/test-rules-min.nix b/pkgs/firewallgen/test-rules-min.nix index f4cb160..3ba4e39 100644 --- a/pkgs/firewallgen/test-rules-min.nix +++ b/pkgs/firewallgen/test-rules-min.nix @@ -1,6 +1,6 @@ let - drop = expr : "${expr} drop"; - accept = expr : "${expr} accept"; + drop = expr: "${expr} drop"; + accept = expr: "${expr} accept"; mcast-scope = 8; allow-incoming = false; bogons-ip6 = { @@ -41,7 +41,7 @@ let "jump bogons-ip6" (drop "ip6 saddr ::1/128") # loopback address [RFC4291] (drop "ip6 daddr ::1/128") - (drop "ip6 saddr ::FFFF:0:0/96")# IPv4-mapped addresses + (drop "ip6 saddr ::FFFF:0:0/96") # IPv4-mapped addresses (drop "ip6 daddr ::FFFF:0:0/96") (drop "ip6 saddr fe80::/10") # link-local unicast (drop "ip6 daddr fe80::/10") @@ -57,7 +57,8 @@ let (drop # dest addr first byte 0xff, low nibble of second byte <= scope # https://www.mankier.com/8/nft#Payload_Expressions-Raw_Payload_Expression - "@nh,192,8 eq 0xff @nh,204,4 le ${toString mcast-scope}") + "@nh,192,8 eq 0xff @nh,204,4 le ${toString mcast-scope}" + ) (accept "oifname \"int\" iifname \"ppp0\" meta l4proto udp ct state established,related") (accept "iifname \"int\" oifname \"ppp0\" meta l4proto udp") @@ -85,9 +86,11 @@ let # we can allow all reasonable inbound, or we can use an explicit # allowlist to enumerate the endpoints that are allowed to # accept inbound from the WAN - (if allow-incoming - then accept "oifname \"int\" iifname \"ppp0\"" - else "oifname \"int\" iifname \"ppp0\" jump incoming-allowed-ip6" + ( + if allow-incoming then + accept "oifname \"int\" iifname \"ppp0\"" + else + "oifname \"int\" iifname \"ppp0\" jump incoming-allowed-ip6" ) # allow all outbound and any inbound that's part of a # recognised (outbound-initiated) flow @@ -103,9 +106,11 @@ let rules = [ "jump bogons-ip6" (accept "meta l4proto icmpv6") - (if allow-incoming - then accept "oifname \"int\" iifname \"ppp0\"" - else "oifname \"int\" iifname \"ppp0\" jump incoming-allowed-ip6" + ( + if allow-incoming then + accept "oifname \"int\" iifname \"ppp0\"" + else + "oifname \"int\" iifname \"ppp0\" jump incoming-allowed-ip6" ) (accept "oifname \"int\" iifname \"ppp0\" ct state established,related") (accept "iifname \"int\" oifname \"ppp0\" ") @@ -119,14 +124,21 @@ let "oifname \"int\" ip6 daddr 2001:8b0:de3a:40de::e9d tcp dport 22" ]; }; -in { - inherit input-ip6 forward-ip6 bogons-ip6 incoming-allowed-ip6; +in +{ + inherit + input-ip6 + forward-ip6 + bogons-ip6 + incoming-allowed-ip6 + ; lan-set-ip = { kind = "set"; family = "ip"; type = "ifname"; elements = [ - "eth0" "eth1" + "eth0" + "eth1" ]; }; @@ -136,7 +148,8 @@ in { family = "ip6"; type = "ifname"; elements = [ - "eth0" "eth1" + "eth0" + "eth1" ]; }; diff --git a/pkgs/firewallgen/test.nix b/pkgs/firewallgen/test.nix index 5b11cb7..9846cc1 100644 --- a/pkgs/firewallgen/test.nix +++ b/pkgs/firewallgen/test.nix @@ -1,4 +1,5 @@ let - pkgs = import { overlays = [( import ../../overlay.nix)]; }; + pkgs = import { overlays = [ (import ../../overlay.nix) ]; }; ruleset = import ./test-rules-min.nix; -in pkgs.firewallgen "firewall.nft" ruleset +in +pkgs.firewallgen "firewall.nft" ruleset diff --git a/pkgs/firmware-utils/default.nix b/pkgs/firmware-utils/default.nix index 5c8e1f3..59a245d 100644 --- a/pkgs/firmware-utils/default.nix +++ b/pkgs/firmware-utils/default.nix @@ -1,8 +1,9 @@ -{ stdenv -, fetchFromGitHub -, cmake -, zlib -, openssl +{ + stdenv, + fetchFromGitHub, + cmake, + zlib, + openssl, }: stdenv.mkDerivation { diff --git a/pkgs/gen_init_cpio/default.nix b/pkgs/gen_init_cpio/default.nix index 63440e6..cee20b9 100644 --- a/pkgs/gen_init_cpio/default.nix +++ b/pkgs/gen_init_cpio/default.nix @@ -1,6 +1,6 @@ { - stdenv -, fetchurl + stdenv, + fetchurl, }: stdenv.mkDerivation rec { name = "gen_init_cpio"; diff --git a/pkgs/hi/default.nix b/pkgs/hi/default.nix index 3dd65e4..098efa7 100644 --- a/pkgs/hi/default.nix +++ b/pkgs/hi/default.nix @@ -1,27 +1,31 @@ # A "hello world" program that's smaller than the GNU # one. Used for testing the toolchain/linker behaviour. { - runCommandCC + runCommandCC, }: -let code = '' - #include - int main() +let + code = '' + #include + int main() + { + printf("hello world\n"); + return 0; + } + ''; +in +runCommandCC "hello" { - printf("hello world\n"); - return 0; + name = "hi"; + inherit code; + executable = true; + # hardeningDisable = ["all"]; + passAsFile = [ "code" ]; + preferLocalBuild = true; + allowSubstitutes = false; } -''; -in runCommandCC "hello" { - name = "hi"; - inherit code; - executable = true; - # hardeningDisable = ["all"]; - passAsFile = ["code"]; - preferLocalBuild = true; - allowSubstitutes = false; -} '' - n=$out/bin/$name - mkdir -p "$(dirname "$n")" - mv "$codePath" code.c - $CC -x c code.c -o "$n" -'' + '' + n=$out/bin/$name + mkdir -p "$(dirname "$n")" + mv "$codePath" code.c + $CC -x c code.c -o "$n" + '' diff --git a/pkgs/ifwait/default.nix b/pkgs/ifwait/default.nix index 7252c92..9383a28 100644 --- a/pkgs/ifwait/default.nix +++ b/pkgs/ifwait/default.nix @@ -8,7 +8,10 @@ runCommand "ifwait" { } '' mkdir -p $out/bin cp -p ${ writeFennel "ifwait" { - packages = [ anoia netlink-lua ]; + packages = [ + anoia + netlink-lua + ]; } ./ifwait.fnl } $out/bin/ifwait '' diff --git a/pkgs/incz/default.nix b/pkgs/incz/default.nix index 237dc5b..6b30376 100644 --- a/pkgs/incz/default.nix +++ b/pkgs/incz/default.nix @@ -7,29 +7,33 @@ lua, anoia, lualinux, - stdenv + stdenv, }: -let name = "incz"; -in stdenv.mkDerivation { +let + name = "incz"; +in +stdenv.mkDerivation { inherit name; src = ./.; - buildInputs = [lua]; - nativeBuildInputs = [fennelrepl]; + buildInputs = [ lua ]; + nativeBuildInputs = [ fennelrepl ]; buildPhase = '' fennelrepl --test ./incz.fnl - cp -p ${writeFennel name { - packages = [ - anoia - lualinux - fennel - ]; - macros = [ - anoia.dev - ]; - mainFunction = "run"; - } ./incz.fnl } ${name} + cp -p ${ + writeFennel name { + packages = [ + anoia + lualinux + fennel + ]; + macros = [ + anoia.dev + ]; + mainFunction = "run"; + } ./incz.fnl + } ${name} ''; installPhase = '' diff --git a/pkgs/initramfs-peek/default.nix b/pkgs/initramfs-peek/default.nix index a20aeba..7424338 100644 --- a/pkgs/initramfs-peek/default.nix +++ b/pkgs/initramfs-peek/default.nix @@ -19,7 +19,8 @@ let ${busybox}/bin/sh ''; refs = writeReferencesToFile busybox; -in runCommand "initramfs.cpio" { } '' +in +runCommand "initramfs.cpio" { } '' cat << SPECIALS | ${gen_init_cpio}/bin/gen_init_cpio /dev/stdin > out dir /proc 0755 0 0 dir /sys 0755 0 0 diff --git a/pkgs/json-to-fstree/default.nix b/pkgs/json-to-fstree/default.nix index 45c60a2..65cc80f 100644 --- a/pkgs/json-to-fstree/default.nix +++ b/pkgs/json-to-fstree/default.nix @@ -11,27 +11,36 @@ fetch-freebsd, openssl, rxi-json, - stdenv + stdenv, }: -let name = "json-to-fstree"; -in stdenv.mkDerivation { +let + name = "json-to-fstree"; +in +stdenv.mkDerivation { inherit name; src = ./.; - buildInputs = [fetch-freebsd rxi-json openssl lua]; + buildInputs = [ + fetch-freebsd + rxi-json + openssl + lua + ]; buildPhase = ""; installPhase = '' mkdir -p $out/bin - cp -p ${writeFennel name { - packages = [ - fetch-freebsd - rxi-json - anoia - lualinux - linotify - ] ; - mainFunction = "run"; - } ./${name}.fnl } $out/bin/${name} + cp -p ${ + writeFennel name { + packages = [ + fetch-freebsd + rxi-json + anoia + lualinux + linotify + ]; + mainFunction = "run"; + } ./${name}.fnl + } $out/bin/${name} ''; } diff --git a/pkgs/kernel-backport/default.nix b/pkgs/kernel-backport/default.nix index a2e7990..adccc63 100644 --- a/pkgs/kernel-backport/default.nix +++ b/pkgs/kernel-backport/default.nix @@ -45,11 +45,12 @@ let # hash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="; # })# ./gentree-writable-outputs.patch -# ./update-usb-sg-backport-patch.patch -# ./backport_kfree_sensitive.patch + # ./update-usb-sg-backport-patch.patch + # ./backport_kfree_sensitive.patch ]; }; -in stdenv.mkDerivation rec { +in +stdenv.mkDerivation rec { inherit donorTree; KERNEL_VERSION = builtins.substring 0 11 donorTree.rev; BACKPORTS_VERSION = backports.version; @@ -59,10 +60,15 @@ in stdenv.mkDerivation rec { # and I don't have the patience to patch it out. There is no other # reason we need either of them as build inputs. depsBuildBuild = [ coccinelle ]; - nativeBuildInputs = [ which git python2 ]; + nativeBuildInputs = [ + which + git + python2 + ]; phases = [ - "backportFromFuture" "installPhase" + "backportFromFuture" + "installPhase" ]; backportFromFuture = '' diff --git a/pkgs/kernel/default.nix b/pkgs/kernel/default.nix index 879a785..0fe25a7 100644 --- a/pkgs/kernel/default.nix +++ b/pkgs/kernel/default.nix @@ -34,9 +34,9 @@ stdenv.mkDerivation rec { perl ]); CC = "${stdenv.cc.bintools.targetPrefix}gcc"; - HOSTCC = with buildPackages.pkgs; - "gcc -I${openssl}/include -I${ncurses}/include"; - HOST_EXTRACFLAGS = with buildPackages.pkgs; + HOSTCC = with buildPackages.pkgs; "gcc -I${openssl}/include -I${ncurses}/include"; + HOST_EXTRACFLAGS = + with buildPackages.pkgs; "-I${openssl.dev}/include -L${openssl.out}/lib -L${ncurses.out}/lib"; PKG_CONFIG_PATH = "./pkgconfig"; CROSS_COMPILE = stdenv.cc.bintools.targetPrefix; @@ -45,7 +45,12 @@ stdenv.mkDerivation rec { dontStrip = true; dontPatchELF = true; - outputs = ["out" "headers" "modulesupport" "config"] ++ targetNames; + outputs = [ + "out" + "headers" + "modulesupport" + "config" + ] ++ targetNames; phases = [ "unpackPhase" "butcherPkgconfig" @@ -61,8 +66,7 @@ stdenv.mkDerivation rec { patches = [ ./cmdline-cookie.patch ./mips-malta-fdt-from-bootloader.patch - ] ++ lib.optional (lib.versionOlder version "5.18.0") - ./phram-allow-cached-mappings.patch; + ] ++ lib.optional (lib.versionOlder version "5.18.0") ./phram-allow-cached-mappings.patch; # this is here to work around what I think is a bug in nixpkgs # packaging of ncurses: it installs pkg-config data files which diff --git a/pkgs/kernel/dtb.nix b/pkgs/kernel/dtb.nix index 505c4a6..a58d3e4 100644 --- a/pkgs/kernel/dtb.nix +++ b/pkgs/kernel/dtb.nix @@ -1,24 +1,25 @@ { - stdenv -, dtc -, lib -, runCommand -, writeText + stdenv, + dtc, + lib, + runCommand, + writeText, }: -{ dts -, includes -, commandLine -}:let +{ + dts, + includes, + commandLine, +}: +let cppDtSearchFlags = builtins.concatStringsSep " " (map (f: "-I${f}") includes); dtcSearchFlags = builtins.concatStringsSep " " (map (f: "-i${f}") includes); cmdline = lib.concatStringsSep " " commandLine; chosen = writeText "chosen.dtsi" "/{ chosen { bootargs = ${builtins.toJSON cmdline}; }; };"; - combined = writeText "combined-dts-fragments" - (lib.concatStrings - (builtins.map - (f: "#include \"${f}\"\n") - (dts ++ [ chosen ]))); -in stdenv.mkDerivation { + combined = writeText "combined-dts-fragments" ( + lib.concatStrings (builtins.map (f: "#include \"${f}\"\n") (dts ++ [ chosen ])) + ); +in +stdenv.mkDerivation { name = "dtb"; phases = [ "buildPhase" ]; nativeBuildInputs = [ dtc ]; diff --git a/pkgs/kernel/uimage.nix b/pkgs/kernel/uimage.nix index 001f9c9..a28d339 100644 --- a/pkgs/kernel/uimage.nix +++ b/pkgs/kernel/uimage.nix @@ -1,10 +1,10 @@ { - lzma -, stdenv -, ubootTools -, dtc -, lib -} : + lzma, + stdenv, + ubootTools, + dtc, + lib, +}: let objcopy = "${stdenv.cc.bintools.targetPrefix}objcopy"; arch = stdenv.hostPlatform.linuxArch; @@ -12,21 +12,29 @@ let ${objcopy} -O binary -R .reginfo -R .notes -R .note -R .comment -R .mdebug -R .note.gnu.build-id -S vmlinux.elf vmlinux.bin rm -f vmlinux.bin.lzma ; lzma -k -z vmlinux.bin ''; -in { - kernel -, commandLine -, commandLineDtbNode ? "bootargs" -, entryPoint -, extraName ? "" # e.g. socFamily -, loadAddress -, imageFormat -, alignment ? null -, dtb ? null -} : stdenv.mkDerivation { +in +{ + kernel, + commandLine, + commandLineDtbNode ? "bootargs", + entryPoint, + extraName ? "", # e.g. socFamily + loadAddress, + imageFormat, + alignment ? null, + dtb ? null, +}: +stdenv.mkDerivation { name = "kernel.image"; phases = [ "preparePhase" - (if commandLine != null then assert dtb != null; "mungeDtbPhase" else ":") + ( + if commandLine != null then + assert dtb != null; + "mungeDtbPhase" + else + ":" + ) (if imageFormat == "fit" then "buildPhaseFIT" else "buildPhaseUImage") "installPhase" ]; @@ -71,7 +79,9 @@ in { }; }; _VARS - mkimage -f mkimage.its -E ${lib.optionalString (alignment != null) "-B 0x${lib.toHexString alignment}"} kernel.uimage + mkimage -f mkimage.its -E ${ + lib.optionalString (alignment != null) "-B 0x${lib.toHexString alignment}" + } kernel.uimage mkimage -l kernel.uimage ''; diff --git a/pkgs/kernel/write-kconfig.nix b/pkgs/kernel/write-kconfig.nix index 7d064b2..0b6b87b 100644 --- a/pkgs/kernel/write-kconfig.nix +++ b/pkgs/kernel/write-kconfig.nix @@ -1,11 +1,12 @@ { - lib -, writeText + lib, + writeText, }: -name : config: writeText name - (builtins.concatStringsSep - "\n" - (lib.mapAttrsToList - (name: value: (if value == "n" then "# CONFIG_${name} is not set" else "CONFIG_${name}=${value}")) - config - )) +name: config: +writeText name ( + builtins.concatStringsSep "\n" ( + lib.mapAttrsToList ( + name: value: (if value == "n" then "# CONFIG_${name} is not set" else "CONFIG_${name}=${value}") + ) config + ) +) diff --git a/pkgs/kmodloader/default.nix b/pkgs/kmodloader/default.nix index 5011d28..d423b17 100644 --- a/pkgs/kmodloader/default.nix +++ b/pkgs/kmodloader/default.nix @@ -10,33 +10,39 @@ let inherit (liminix.services) oneshot; inherit (lib) concatStringsSep; - loader = runCommand "modules" { - nativeBuildInputs = with pkgsBuildBuild ;[ - kmod cpio gawk - ]; - } '' - kernel=${kernel.modulesupport} + loader = + runCommand "modules" + { + nativeBuildInputs = with pkgsBuildBuild; [ + kmod + cpio + gawk + ]; + } + '' + kernel=${kernel.modulesupport} - mkdir -p lib/modules/0.0 - (cd $kernel && find . -name \*.ko | cpio --verbose --make-directories -p $NIX_BUILD_TOP/lib/modules/0.0) - cp $kernel/modules.* lib/modules/0.0 - depmod -b . 0.0 + mkdir -p lib/modules/0.0 + (cd $kernel && find . -name \*.ko | cpio --verbose --make-directories -p $NIX_BUILD_TOP/lib/modules/0.0) + cp $kernel/modules.* lib/modules/0.0 + depmod -b . 0.0 - (for i in ${lib.concatStringsSep " " targets}; do - modprobe -S 0.0 -d $NIX_BUILD_TOP --show-depends $i | sed "s,^insmod $NIX_BUILD_TOP/lib/modules/0.0/,,g" - done) | awk '!a[$0]++' > load-order + (for i in ${lib.concatStringsSep " " targets}; do + modprobe -S 0.0 -d $NIX_BUILD_TOP --show-depends $i | sed "s,^insmod $NIX_BUILD_TOP/lib/modules/0.0/,,g" + done) | awk '!a[$0]++' > load-order - mkdir $out - for i in $(cat load-order); do - install -v $NIX_BUILD_TOP/lib/modules/0.0/$i -D $out/$i - done - echo "O=$out" > $out/load.sh - sed "s,^,insmod \$O/,g" < load-order >> $out/load.sh - echo "O=$out" > $out/unload.sh - tac load-order | sed "s,^,rmmod \$O/,g" > $out/unload.sh - ''; -in oneshot { - name = "kmodloader-" + (concatStringsSep "-" targets); + mkdir $out + for i in $(cat load-order); do + install -v $NIX_BUILD_TOP/lib/modules/0.0/$i -D $out/$i + done + echo "O=$out" > $out/load.sh + sed "s,^,insmod \$O/,g" < load-order >> $out/load.sh + echo "O=$out" > $out/unload.sh + tac load-order | sed "s,^,rmmod \$O/,g" > $out/unload.sh + ''; +in +oneshot { + name = "kmodloader-" + (concatStringsSep "-" targets); up = "sh ${loader}/load.sh"; down = "sh ${loader}/unload.sh"; inherit dependencies; diff --git a/pkgs/levitate/default.nix b/pkgs/levitate/default.nix index 9e70bd0..8172177 100644 --- a/pkgs/levitate/default.nix +++ b/pkgs/levitate/default.nix @@ -25,49 +25,67 @@ let fdmove -c 2 1 emptyenv chroot . /bin/init ''; - base = {...} : { - config = { - services = { - banner = oneshot { - name = "banner"; - up = "cat /etc/banner > /dev/console"; - down = "true"; + base = + { ... }: + { + config = { + services = { + banner = oneshot { + name = "banner"; + up = "cat /etc/banner > /dev/console"; + down = "true"; + }; }; - }; - filesystem = dir { - exec = symlink doChroot; - etc = dir { - banner = symlink (pkgs.writeText "banner" '' + filesystem = dir { + exec = symlink doChroot; + etc = dir { + banner = symlink ( + pkgs.writeText "banner" '' - LADIES AND GENTLEMEN WE ARE FLOATING IN SPACE + LADIES AND GENTLEMEN WE ARE FLOATING IN SPACE - Most services are disabled. The system is operating - with a ram-based root filesystem, making it safe to - overwrite the flash devices in order to perform - upgrades and maintenance. + Most services are disabled. The system is operating + with a ram-based root filesystem, making it safe to + overwrite the flash devices in order to perform + upgrades and maintenance. - Don't forget to reboot when you have finished. + Don't forget to reboot when you have finished. - ''); + '' + ); + }; }; }; }; - }; eval = lib.evalModules { modules = [ - { _module.args = { inherit pkgs; inherit (pkgs) lim; }; } + { + _module.args = { + inherit pkgs; + inherit (pkgs) lim; + }; + } ../../modules/base.nix ../../modules/users.nix ../../modules/busybox.nix base - ({ ... } : paramConfig) - ({ ... } : { config = { logging.script = "t"; }; }) + ({ ... }: paramConfig) + ( + { ... }: + { + config = { + logging.script = "t"; + }; + } + ) ../../modules/s6 ]; }; - in systemconfig eval.config.filesystem.contents; -in writeScriptBin "levitate" '' + in + systemconfig eval.config.filesystem.contents; +in +writeScriptBin "levitate" '' #!/bin/sh destdir=${newRoot} mkdir -p $destdir $destdir/nix/store diff --git a/pkgs/libubootenv/default.nix b/pkgs/libubootenv/default.nix index 5389fcd..fa7e7c5 100644 --- a/pkgs/libubootenv/default.nix +++ b/pkgs/libubootenv/default.nix @@ -13,6 +13,9 @@ stdenv.mkDerivation { rev = "3f4d15e36ceb58085b08dd13f3f2788e9299877b"; # v0.3.5 hash = "sha256-i7gUb1A6FTOBCpympQpndhOG9pCDA4P0iH7ZNBqo+PA="; }; - buildInputs = [ zlib libyaml ]; + buildInputs = [ + zlib + libyaml + ]; nativeBuildInputs = [ cmake ]; } diff --git a/pkgs/liminix-tools/builders/squashfs.nix b/pkgs/liminix-tools/builders/squashfs.nix index 5a82c43..b199b13 100644 --- a/pkgs/liminix-tools/builders/squashfs.nix +++ b/pkgs/liminix-tools/builders/squashfs.nix @@ -1,9 +1,11 @@ -{ buildPackages -, callPackage -, pseudofile -, runCommand -, writeText -} : filesystem : +{ + buildPackages, + callPackage, + pseudofile, + runCommand, + writeText, +}: +filesystem: let pseudofiles = pseudofile.write "files.pf" filesystem; @@ -14,12 +16,18 @@ let # the pseudofile will give us all the needed packages storeContents = [ pseudofiles ]; }; -in runCommand "frob-squashfs" { - nativeBuildInputs = with buildPackages; [ squashfsTools qprint ]; -} '' +in +runCommand "frob-squashfs" + { + nativeBuildInputs = with buildPackages; [ + squashfsTools + qprint + ]; + } + '' cp ${storefs} ./store.img chmod +w store.img mksquashfs - store.img -exit-on-error -no-recovery -quiet -no-progress -root-becomes store -p "/ d 0755 0 0" mksquashfs - store.img -exit-on-error -no-recovery -quiet -no-progress -root-becomes nix -p "/ d 0755 0 0" -pf ${pseudofiles} cp store.img $out -'' + '' diff --git a/pkgs/liminix-tools/networking/default.nix b/pkgs/liminix-tools/networking/default.nix index aed7c4e..bbf0f05 100644 --- a/pkgs/liminix-tools/networking/default.nix +++ b/pkgs/liminix-tools/networking/default.nix @@ -1,9 +1,9 @@ { - ifwait -, serviceFns + ifwait, + serviceFns, }: { - ifup = name : ifname : '' + ifup = name: ifname: '' . ${serviceFns} ${ifwait}/bin/ifwait -v ${ifname} present ip link set up dev ${ifname} diff --git a/pkgs/liminix-tools/services/default.nix b/pkgs/liminix-tools/services/default.nix index 0824c65..79b4a8f 100644 --- a/pkgs/liminix-tools/services/default.nix +++ b/pkgs/liminix-tools/services/default.nix @@ -1,100 +1,135 @@ { - stdenvNoCC -, s6 -, lib -, writeScript -, serviceFns + stdenvNoCC, + s6, + lib, + writeScript, + serviceFns, }: let prefix = "/run/services/outputs"; output = service: name: "${prefix}/${service.name}/${name}"; - serviceScript = commands : '' + serviceScript = commands: '' #!/bin/sh exec 2>&1 . ${serviceFns} ${commands} ''; - cleanupScript = name : cmds : '' + cleanupScript = name: cmds: '' #!/bin/sh ${if cmds != null then cmds else ""} if test -d ${prefix}/${name} ; then rm -rf ${prefix}/${name} ; fi ''; - service = { - name - , serviceType - , run ? null - , up ? null - , down ? null - , finish ? null - , notification-fd ? null - , producer-for ? null - , consumer-for ? null - , pipeline-name ? null - , timeout-up ? 30000 # milliseconds - , timeout-down ? 0 - , dependencies ? [] - , contents ? [] - , buildInputs ? [] - , restart-on-upgrade ? false - , controller ? null - }: + service = + { + name, + serviceType, + run ? null, + up ? null, + down ? null, + finish ? null, + notification-fd ? null, + producer-for ? null, + consumer-for ? null, + pipeline-name ? null, + timeout-up ? 30000, # milliseconds + timeout-down ? 0, + dependencies ? [ ], + contents ? [ ], + buildInputs ? [ ], + restart-on-upgrade ? false, + controller ? null, + }: stdenvNoCC.mkDerivation { # we use stdenvNoCC to avoid generating derivations with names # like foo.service-mips-linux-musl - inherit name serviceType up down run finish notification-fd - producer-for consumer-for pipeline-name timeout-up timeout-down - restart-on-upgrade; - buildInputs = buildInputs ++ dependencies ++ contents ++ lib.optional (controller != null) controller; + inherit + name + serviceType + up + down + run + finish + notification-fd + producer-for + consumer-for + pipeline-name + timeout-up + timeout-down + restart-on-upgrade + ; + buildInputs = + buildInputs ++ dependencies ++ contents ++ lib.optional (controller != null) controller; inherit controller dependencies contents; builder = ./builder.sh; }; - longrun = { - name - , run - , finish ? null - , notification-fd ? null - , buildInputs ? [] - , producer-for ? null - , ... - } @ args: - let logger = service { - serviceType = "longrun"; - name = "${name}-log"; - run = serviceScript "${s6}/bin/s6-log -d 10 -- p${name} 1"; - notification-fd = 10; - consumer-for = name; - pipeline-name = "${name}-pipeline"; - }; - in service (args // { - buildInputs = buildInputs ++ lib.optional (producer-for == null) logger; - serviceType = "longrun"; - run = serviceScript run; - finish = cleanupScript name finish; - producer-for = if producer-for != null then producer-for else "${name}-log"; - }); + longrun = + { + name, + run, + finish ? null, + notification-fd ? null, + buildInputs ? [ ], + producer-for ? null, + ... + }@args: + let + logger = service { + serviceType = "longrun"; + name = "${name}-log"; + run = serviceScript "${s6}/bin/s6-log -d 10 -- p${name} 1"; + notification-fd = 10; + consumer-for = name; + pipeline-name = "${name}-pipeline"; + }; + in + service ( + args + // { + buildInputs = buildInputs ++ lib.optional (producer-for == null) logger; + serviceType = "longrun"; + run = serviceScript run; + finish = cleanupScript name finish; + producer-for = if producer-for != null then producer-for else "${name}-log"; + } + ); - oneshot = { - name - , up - , down ? "" - , ... - } @ args : service (args // { - serviceType = "oneshot"; - up = writeScript "${name}-up" (serviceScript up); - down = writeScript - "${name}-down" - "${serviceScript down}\n${cleanupScript name null}"; - }); - bundle = { contents ? [] - , dependencies ? [] - , ... - } @ args: service (args // { - serviceType = "bundle"; - inherit contents dependencies; - }); + oneshot = + { + name, + up, + down ? "", + ... + }@args: + service ( + args + // { + serviceType = "oneshot"; + up = writeScript "${name}-up" (serviceScript up); + down = writeScript "${name}-down" "${serviceScript down}\n${cleanupScript name null}"; + } + ); + bundle = + { + contents ? [ ], + dependencies ? [ ], + ... + }@args: + service ( + args + // { + serviceType = "bundle"; + inherit contents dependencies; + } + ); target = bundle; -in { - inherit target bundle oneshot output; +in +{ + inherit + target + bundle + oneshot + output + ; longrun = lib.makeOverridable longrun; } diff --git a/pkgs/linotify/default.nix b/pkgs/linotify/default.nix index f05a0e4..02c5143 100644 --- a/pkgs/linotify/default.nix +++ b/pkgs/linotify/default.nix @@ -1,6 +1,8 @@ { lua, fetchFromGitHub }: -let pname = "linotify"; -in lua.pkgs.buildLuaPackage { +let + pname = "linotify"; +in +lua.pkgs.buildLuaPackage { inherit pname; version = "0.5"; diff --git a/pkgs/logshipper/default.nix b/pkgs/logshipper/default.nix index 3177693..a367458 100644 --- a/pkgs/logshipper/default.nix +++ b/pkgs/logshipper/default.nix @@ -1,5 +1,5 @@ { - stdenv + stdenv, }: stdenv.mkDerivation { name = "logshipper"; diff --git a/pkgs/lualinux/default.nix b/pkgs/lualinux/default.nix index cb56146..ada29bf 100644 --- a/pkgs/lualinux/default.nix +++ b/pkgs/lualinux/default.nix @@ -7,15 +7,21 @@ let rev = "1d4c962aad9cbe01c05df741b91e8b39c356362c"; hash = "sha256-+Ys4sERG+TI8nRzG38UP+KqbH0efspaX0j4IHCt56RI="; }; -in lua.pkgs.buildLuaPackage { +in +lua.pkgs.buildLuaPackage { inherit pname; - version = "0.1"; # :shrug: + version = "0.1"; # :shrug: inherit src; postPatch = '' sed -i -e '/strip/d' Makefile ''; - makeFlags = [ "LUADIR=." "CC:=$(CC)" "STRIP=true" "lualinux.so" ]; + makeFlags = [ + "LUADIR=." + "CC:=$(CC)" + "STRIP=true" + "lualinux.so" + ]; installPhase = '' mkdir -p "$out/lib/lua/${lua.luaversion}" diff --git a/pkgs/lzma/default.nix b/pkgs/lzma/default.nix index 3d611ce..68b952c 100644 --- a/pkgs/lzma/default.nix +++ b/pkgs/lzma/default.nix @@ -2,7 +2,10 @@ stdenv.mkDerivation { pname = "lzma"; version = "4.32.7"; - configureFlags = [ "--enable-static" "--disable-shared"]; + configureFlags = [ + "--enable-static" + "--disable-shared" + ]; src = fetchurl { url = "https://tukaani.org/lzma/lzma-4.32.7.tar.gz"; sha256 = "0b03bdvm388kwlcz97aflpr3ir1zpa3m0bq3s6cd3pp5a667lcwz"; diff --git a/pkgs/mac80211/default.nix b/pkgs/mac80211/default.nix index 13fbb74..2d0213a 100644 --- a/pkgs/mac80211/default.nix +++ b/pkgs/mac80211/default.nix @@ -53,7 +53,8 @@ let RT2800SOC = "m"; RT2X00 = "m"; }; - mt7603e.kconfig = { # XXX find a better name for this + mt7603e.kconfig = { + # XXX find a better name for this WLAN_VENDOR_RALINK = "y"; WLAN_VENDOR_MEDIATEK = "y"; MT7603E = "y"; @@ -70,32 +71,36 @@ let MAC80211_HWSIM = "y"; }; }; - kconfig = (foldl (config: d: (config // configs.${d}.kconfig)) { - WLAN = "y"; - CFG80211 = "m"; - MAC80211 = "m"; + kconfig = + (foldl (config: d: (config // configs.${d}.kconfig)) { + WLAN = "y"; + CFG80211 = "m"; + MAC80211 = "m"; - # (nixwrt comment) I am reluctant to have to enable this but - # can't transmit on 5GHz bands without it (they are all marked - # NO-IR) - CFG80211_CERTIFICATION_ONUS = "y"; - # (nixwrt comment) can't get signed regdb to work rn, it just - # gives me "loaded regulatory.db is malformed or signature is - # missing/invalid" - CFG80211_REQUIRE_SIGNED_REGDB = "n"; # depends on ONUS + # (nixwrt comment) I am reluctant to have to enable this but + # can't transmit on 5GHz bands without it (they are all marked + # NO-IR) + CFG80211_CERTIFICATION_ONUS = "y"; + # (nixwrt comment) can't get signed regdb to work rn, it just + # gives me "loaded regulatory.db is malformed or signature is + # missing/invalid" + CFG80211_REQUIRE_SIGNED_REGDB = "n"; # depends on ONUS - CFG80211_CRDA_SUPPORT = "n"; + CFG80211_CRDA_SUPPORT = "n"; - MAC80211_MESH = "y"; - } drivers) // extraConfig; + MAC80211_MESH = "y"; + } drivers) + // extraConfig; - writeConfig = name : config: writeText name - (builtins.concatStringsSep - "\n" - (lib.mapAttrsToList - (name: value: (if value == "n" then "# CPTCFG_${name} is not set" else "CPTCFG_${name}=${value}")) - config - )); + writeConfig = + name: config: + writeText name ( + builtins.concatStringsSep "\n" ( + lib.mapAttrsToList ( + name: value: (if value == "n" then "# CPTCFG_${name} is not set" else "CPTCFG_${name}=${value}") + ) config + ) + ); kconfigFile = writeConfig "backports_kconfig" kconfig; src = kernel-backport; CROSS_COMPILE = stdenv.cc.bintools.targetPrefix; @@ -104,12 +109,19 @@ let name = "mac80211"; inherit src; - hardeningDisable = ["all"]; - nativeBuildInputs = [buildPackages.stdenv.cc] ++ - (with buildPackages.pkgs; - [bc bison flex pkg-config openssl - which kmod cpio - ]); + hardeningDisable = [ "all" ]; + nativeBuildInputs = + [ buildPackages.stdenv.cc ] + ++ (with buildPackages.pkgs; [ + bc + bison + flex + pkg-config + openssl + which + kmod + cpio + ]); inherit CC CROSS_COMPILE; ARCH = arch; dontStrip = true; @@ -166,18 +178,27 @@ let find . -name \*.ko | cpio --make-directories -p $out/lib/modules/0.0 depmod -b $out -v 0.0 touch $out/load.sh - for i in ${lib.concatStringsSep " " - (map - (d: let c = { module = d; } // configs.${d} ; - in c.module) - drivers)}; do + for i in ${ + lib.concatStringsSep " " ( + map ( + d: + let + c = { + module = d; + } // configs.${d}; + in + c.module + ) drivers + ) + }; do modprobe -S 0.0 -d $out --show-depends $i >> $out/load.sh done tac < $out/load.sh | sed 's/^insmod/rmmod/g' > $out/unload.sh ''; }; -in oneshot { - name = "wlan.module"; - up = "sh ${module}/load.sh"; - down = "sh ${module}/unload.sh"; - } +in +oneshot { + name = "wlan.module"; + up = "sh ${module}/load.sh"; + down = "sh ${module}/unload.sh"; +} diff --git a/pkgs/min-collect-garbage/default.nix b/pkgs/min-collect-garbage/default.nix index c904804..efd32a6 100644 --- a/pkgs/min-collect-garbage/default.nix +++ b/pkgs/min-collect-garbage/default.nix @@ -1,6 +1,7 @@ { - stdenv -}: stdenv.mkDerivation { + stdenv, +}: +stdenv.mkDerivation { name = "min-collect-garbage"; buildInputs = [ ]; src = ./.; diff --git a/pkgs/min-copy-closure/default.nix b/pkgs/min-copy-closure/default.nix index 450e2fd..6eff1a2 100644 --- a/pkgs/min-copy-closure/default.nix +++ b/pkgs/min-copy-closure/default.nix @@ -7,7 +7,11 @@ stdenv.mkDerivation { name = "min-copy-closure"; buildInputs = [ ]; - propagatedBuildInputs = [ cpio openssh nix ]; + propagatedBuildInputs = [ + cpio + openssh + nix + ]; src = ./.; installPhase = '' mkdir -p $out/bin diff --git a/pkgs/minisock/default.nix b/pkgs/minisock/default.nix index 7f61f0e..5e1b077 100644 --- a/pkgs/minisock/default.nix +++ b/pkgs/minisock/default.nix @@ -7,12 +7,16 @@ let rev = "46e0470ff88c68f3a873dedbcf1dc351f4916b1a"; hash = "sha256-uTV5gpfEMvHMBgdu41Gy2uizc3K9bXtO5BiCY70cYUs="; }; -in lua.pkgs.buildLuaPackage { +in +lua.pkgs.buildLuaPackage { inherit pname; - version = "0.1"; # :shrug: + version = "0.1"; # :shrug: inherit src; - makeFlags = [ "LUADIR=." "minisock.so" ]; + makeFlags = [ + "LUADIR=." + "minisock.so" + ]; installPhase = '' mkdir -p "$out/lib/lua/${lua.luaversion}" diff --git a/pkgs/nellie/default.nix b/pkgs/nellie/default.nix index 9db9f62..c41b2b9 100644 --- a/pkgs/nellie/default.nix +++ b/pkgs/nellie/default.nix @@ -1,7 +1,9 @@ { lua, stdenv }: -let pname = "nellie"; -in lua.pkgs.buildLuaPackage { +let + pname = "nellie"; +in +lua.pkgs.buildLuaPackage { inherit pname; version = "0.1.1-1"; diff --git a/pkgs/netlink-lua/default.nix b/pkgs/netlink-lua/default.nix index 3edf390..07de575 100644 --- a/pkgs/netlink-lua/default.nix +++ b/pkgs/netlink-lua/default.nix @@ -1,6 +1,12 @@ -{ lua, fetchFromGitHub, libmnl }: -let pname = "netlink"; -in lua.pkgs.buildLuaPackage { +{ + lua, + fetchFromGitHub, + libmnl, +}: +let + pname = "netlink"; +in +lua.pkgs.buildLuaPackage { inherit pname; version = "0.1.1-1"; diff --git a/pkgs/nginx-small/default.nix b/pkgs/nginx-small/default.nix index 314fea8..65d2e45 100644 --- a/pkgs/nginx-small/default.nix +++ b/pkgs/nginx-small/default.nix @@ -6,14 +6,14 @@ # essential for making the package cross-compilable { - stdenv -, openssl -, fetchzip -, fetchpatch -, pcre -, zlib -, lib -, options ? [] + stdenv, + openssl, + fetchzip, + fetchpatch, + pcre, + zlib, + lib, + options ? [ ], }: let # nginx configure script does not accept a with-foo_module flag for @@ -81,21 +81,24 @@ let withouts = lib.subtractLists options defaultEnabled; withs = lib.subtractLists defaultEnabled options; -in stdenv.mkDerivation { +in +stdenv.mkDerivation { pname = "nginx-small"; - version = ""; - buildInputs = [ openssl pcre zlib ]; + version = ""; + buildInputs = [ + openssl + pcre + zlib + ]; configureFlags = (map (f: "--with-${f}") withs) ++ (map (f: "--without-${f}") withouts) - ++ lib.optional (pcre == null) - "--without-http_rewrite_module" - ++ lib.optional (zlib == null) - "--without-http_gzip_module"; + ++ lib.optional (pcre == null) "--without-http_rewrite_module" + ++ lib.optional (zlib == null) "--without-http_gzip_module"; env.NIX_CFLAGS_COMPILE = "-Wno-error=cpp"; # musl - configurePlatforms = []; + configurePlatforms = [ ]; patches = [ (fetchpatch { url = "https://raw.githubusercontent.com/openwrt/packages/c057dfb09c7027287c7862afab965a4cd95293a3/net/nginx/patches/102-sizeof_test_fix.patch"; diff --git a/pkgs/odhcp-script/default.nix b/pkgs/odhcp-script/default.nix index 90565dd..ed06d6e 100644 --- a/pkgs/odhcp-script/default.nix +++ b/pkgs/odhcp-script/default.nix @@ -3,6 +3,9 @@ anoia, lualinux, }: -writeFennel "odhcpc-script" { - packages = [anoia lualinux]; +writeFennel "odhcpc-script" { + packages = [ + anoia + lualinux + ]; } ./odhcp6-script.fnl diff --git a/pkgs/openwrt/2410.nix b/pkgs/openwrt/2410.nix index 3154eb6..d1ab07e 100644 --- a/pkgs/openwrt/2410.nix +++ b/pkgs/openwrt/2410.nix @@ -1,4 +1,8 @@ -{ fetchFromGitHub, pkgsBuildBuild, lib }: +{ + fetchFromGitHub, + pkgsBuildBuild, + lib, +}: let src = fetchFromGitHub { name = "openwrt-source"; @@ -27,7 +31,8 @@ let ${./make-mtdsplit-jffs2-endian-agnostic.patch} \ ${./fix-mtk-wed-bm-desc-ptr.patch} ''; -in { +in +{ inherit src; # The kernel sources typically used with this version of openwrt diff --git a/pkgs/openwrt/default.nix b/pkgs/openwrt/default.nix index 7376dd8..f932ce0 100644 --- a/pkgs/openwrt/default.nix +++ b/pkgs/openwrt/default.nix @@ -27,7 +27,8 @@ let patches ${src}/target/linux/${family}/patches-5.15/*.patch patches ${./make-mtdsplit-jffs2-endian-agnostic.patch} ''; -in { +in +{ inherit src; # The kernel sources typically used with this version of openwrt diff --git a/pkgs/output-template/default.nix b/pkgs/output-template/default.nix index 19566e4..ae7e525 100644 --- a/pkgs/output-template/default.nix +++ b/pkgs/output-template/default.nix @@ -7,25 +7,29 @@ anoia, linotify, lualinux, - stdenv + stdenv, }: -let name = "output-template"; -in stdenv.mkDerivation { +let + name = "output-template"; +in +stdenv.mkDerivation { inherit name; src = ./.; - buildInputs = [lua]; + buildInputs = [ lua ]; doCheck = true; buildPhase = '' - cp -p ${writeFennel name { - packages = [ - anoia - lualinux - linotify - ] ; - mainFunction = "run"; - } ./output-template.fnl } ${name} + cp -p ${ + writeFennel name { + packages = [ + anoia + lualinux + linotify + ]; + mainFunction = "run"; + } ./output-template.fnl + } ${name} ''; checkPhase = "make check"; installPhase = '' diff --git a/pkgs/ppp/default.nix b/pkgs/ppp/default.nix index 363723b..f6ea09e 100644 --- a/pkgs/ppp/default.nix +++ b/pkgs/ppp/default.nix @@ -3,8 +3,9 @@ stdenv, autoreconfHook, substituteAll, -}: stdenv.mkDerivation { - pname = "ppp"; +}: +stdenv.mkDerivation { + pname = "ppp"; version = "2.5.0"; nativeBuildInputs = [ autoreconfHook ]; diff --git a/pkgs/preinit/shell.nix b/pkgs/preinit/shell.nix index b6da65d..29b4424 100644 --- a/pkgs/preinit/shell.nix +++ b/pkgs/preinit/shell.nix @@ -1,4 +1,4 @@ -with import {}; +with import { }; mkShell { name = "preinit-env"; src = ./.; diff --git a/pkgs/pseudofile/default.nix b/pkgs/pseudofile/default.nix index 7bc2eb1..8ace57d 100644 --- a/pkgs/pseudofile/default.nix +++ b/pkgs/pseudofile/default.nix @@ -1,45 +1,56 @@ { writeText, lib }: let inherit (lib.attrsets) mapAttrsToList; - visit = prefix: attrset: + visit = + prefix: attrset: let - qprint = msg : builtins.replaceStrings - ["\n" "=" "\"" "$" ] - ["=0A" "=3D" "=22" "=24"] - msg; - l = - mapAttrsToList - (filename: { - type ? "f" - , mode ? null - , target ? null - , contents ? null - , file ? null - , major ? null - , minor ? null - , uid ? 0 - , gid ? 0 - }: - let - mode' = if mode != null then mode else - (if type == "d" then "0755" else "0644"); - pathname = "${prefix}/${filename}"; - line = "${pathname} ${type} ${mode'} ${toString uid} ${toString gid}"; - in - if type == "f" then - "${line} echo -n \"${qprint file}\" |qprint -d" - else if type == "d" then - (visit pathname contents) + "\n" + line - else if type == "c" then "${line} ${major} ${minor}" - else if type == "b" then "${line} ${major} ${minor}" - else if type == "s" then "${line} ${target}" - else if type == "l" then "${pathname} l ${target}" - else if type == "i" then "${line} f" - else line) - attrset; - in builtins.concatStringsSep "\n" l; -in { - write = filename : attrset : writeText filename (visit "" attrset); - dir = contents: { type = "d"; inherit contents; }; - symlink = target: { type = "s"; inherit target; }; + qprint = msg: builtins.replaceStrings [ "\n" "=" "\"" "$" ] [ "=0A" "=3D" "=22" "=24" ] msg; + l = mapAttrsToList ( + filename: + { + type ? "f", + mode ? null, + target ? null, + contents ? null, + file ? null, + major ? null, + minor ? null, + uid ? 0, + gid ? 0, + }: + let + mode' = if mode != null then mode else (if type == "d" then "0755" else "0644"); + pathname = "${prefix}/${filename}"; + line = "${pathname} ${type} ${mode'} ${toString uid} ${toString gid}"; + in + if type == "f" then + "${line} echo -n \"${qprint file}\" |qprint -d" + else if type == "d" then + (visit pathname contents) + "\n" + line + else if type == "c" then + "${line} ${major} ${minor}" + else if type == "b" then + "${line} ${major} ${minor}" + else if type == "s" then + "${line} ${target}" + else if type == "l" then + "${pathname} l ${target}" + else if type == "i" then + "${line} f" + else + line + ) attrset; + in + builtins.concatStringsSep "\n" l; +in +{ + write = filename: attrset: writeText filename (visit "" attrset); + dir = contents: { + type = "d"; + inherit contents; + }; + symlink = target: { + type = "s"; + inherit target; + }; } diff --git a/pkgs/routeros/default.nix b/pkgs/routeros/default.nix index cff3079..9ce0a21 100644 --- a/pkgs/routeros/default.nix +++ b/pkgs/routeros/default.nix @@ -24,30 +24,34 @@ let }; routeros = writeShellApplication { name = "routeros"; - runtimeInputs = [ qemu ros-exec-script ]; + runtimeInputs = [ + qemu + ros-exec-script + ]; text = '' - RUNTIME_DIRECTORY=$1 - test -d "$RUNTIME_DIRECTORY" || exit 1 - ${qemu}/bin/qemu-system-x86_64 \ - -M q35 \ - -m 1024 \ - -accel kvm \ - -display none \ - -daemonize \ - -pidfile "$RUNTIME_DIRECTORY/pid" \ - -serial "unix:$RUNTIME_DIRECTORY/console,server,nowait"\ - -monitor "unix:$RUNTIME_DIRECTORY/monitor,server,nowait" \ - -snapshot -drive file=${chr-image}/chr-7.7.img,format=raw,if=virtio \ - -chardev "socket,path=$RUNTIME_DIRECTORY/qmp,server=on,wait=off,id=qga0" \ - -device virtio-serial \ - -device virtserialport,chardev=qga0,name=org.qemu.guest_agent.0 \ - -netdev socket,id=access,mcast=230.0.0.1:1234,localaddr=127.0.0.1 \ - -device virtio-net-pci,disable-legacy=on,disable-modern=off,netdev=access,mac=ba:ad:1d:ea:11:02 \ - -netdev socket,id=world,mcast=230.0.0.1:1236,localaddr=127.0.0.1 \ - -device virtio-net-pci,disable-legacy=on,disable-modern=off,netdev=world,mac=ba:ad:1d:ea:11:01 - ros-exec-script "$RUNTIME_DIRECTORY/qmp" ${./routeros.config} + RUNTIME_DIRECTORY=$1 + test -d "$RUNTIME_DIRECTORY" || exit 1 + ${qemu}/bin/qemu-system-x86_64 \ + -M q35 \ + -m 1024 \ + -accel kvm \ + -display none \ + -daemonize \ + -pidfile "$RUNTIME_DIRECTORY/pid" \ + -serial "unix:$RUNTIME_DIRECTORY/console,server,nowait"\ + -monitor "unix:$RUNTIME_DIRECTORY/monitor,server,nowait" \ + -snapshot -drive file=${chr-image}/chr-7.7.img,format=raw,if=virtio \ + -chardev "socket,path=$RUNTIME_DIRECTORY/qmp,server=on,wait=off,id=qga0" \ + -device virtio-serial \ + -device virtserialport,chardev=qga0,name=org.qemu.guest_agent.0 \ + -netdev socket,id=access,mcast=230.0.0.1:1234,localaddr=127.0.0.1 \ + -device virtio-net-pci,disable-legacy=on,disable-modern=off,netdev=access,mac=ba:ad:1d:ea:11:02 \ + -netdev socket,id=world,mcast=230.0.0.1:1236,localaddr=127.0.0.1 \ + -device virtio-net-pci,disable-legacy=on,disable-modern=off,netdev=world,mac=ba:ad:1d:ea:11:01 + ros-exec-script "$RUNTIME_DIRECTORY/qmp" ${./routeros.config} ''; }; -in { +in +{ inherit routeros ros-exec-script; } diff --git a/pkgs/run-liminix-vm/default.nix b/pkgs/run-liminix-vm/default.nix index 4b926e3..75f29cc 100644 --- a/pkgs/run-liminix-vm/default.nix +++ b/pkgs/run-liminix-vm/default.nix @@ -12,13 +12,18 @@ let writeFennel = pkgsBuildBuild.writeFennel.override { inherit lua; }; run-liminix-vm = writeFennel "run-liminix-vm" { - packages = [ qemuLim lua.pkgs.luaposix fennel ]; + packages = [ + qemuLim + lua.pkgs.luaposix + fennel + ]; } ./run-liminix-vm.fnl; connect = writeShellScript "connect-vm" '' export PATH="${lib.makeBinPath [ socat ]}:$PATH" socat -,raw,echo=0,icanon=0,isig=0,icrnl=0,escape=0x0f unix-connect:$1 ''; -in runCommand "vm" {} '' +in +runCommand "vm" { } '' mkdir -p $out/bin cd $out/bin ln -s ${connect} ./connect-vm diff --git a/pkgs/rxi-json/default.nix b/pkgs/rxi-json/default.nix index 6fa9655..7af9d1a 100644 --- a/pkgs/rxi-json/default.nix +++ b/pkgs/rxi-json/default.nix @@ -8,7 +8,8 @@ let url = "https://raw.githubusercontent.com/rxi/json.lua/11077824d7cfcd28a4b2f152518036b295e7e4ce/json.lua"; hash = "sha256-DqzNpX+rwDMHNt4l9Fz1iYIaQrXg/gLk4xJffcC/K34="; }; -in runCommand "json" {} '' +in +runCommand "json" { } '' mkdir -p $out/share/lua/${lua.luaversion}/ cp ${src} $out/share/lua/${lua.luaversion}/json.lua '' diff --git a/pkgs/s6-init-bin/default.nix b/pkgs/s6-init-bin/default.nix index 3f19e06..d82e19d 100644 --- a/pkgs/s6-init-bin/default.nix +++ b/pkgs/s6-init-bin/default.nix @@ -7,17 +7,26 @@ s6-rc, }: let - hpr = name: arg: writeScript name '' - #!${execline}/bin/execlineb -S0 - ${s6-linux-init}/bin/s6-linux-init-hpr ${arg} \$@ - ''; + hpr = + name: arg: + writeScript name '' + #!${execline}/bin/execlineb -S0 + ${s6-linux-init}/bin/s6-linux-init-hpr ${arg} \$@ + ''; init = writeScript "init" '' #!${execline}/bin/execlineb -S0 - ${s6-linux-init}/bin/s6-linux-init -c /etc/s6-linux-init/current -m 0022 -p ${lib.makeBinPath [execline s6-linux-init s6-rc]}:/usr/bin:/bin -d /dev -- "\$@" + ${s6-linux-init}/bin/s6-linux-init -c /etc/s6-linux-init/current -m 0022 -p ${ + lib.makeBinPath [ + execline + s6-linux-init + s6-rc + ] + }:/usr/bin:/bin -d /dev -- "\$@" ''; -in stdenvNoCC.mkDerivation { +in +stdenvNoCC.mkDerivation { name = "s6-init-bin"; - phases = ["installPhase"]; + phases = [ "installPhase" ]; installPhase = '' bin=$out/bin mkdir -p $bin diff --git a/pkgs/s6-rc-database/default.nix b/pkgs/s6-rc-database/default.nix index 8879a89..0fbd588 100644 --- a/pkgs/s6-rc-database/default.nix +++ b/pkgs/s6-rc-database/default.nix @@ -8,10 +8,12 @@ writeText, services ? [ ], }: -let closure-info = closureInfo { rootPaths = services; }; -in stdenvNoCC.mkDerivation { +let + closure-info = closureInfo { rootPaths = services; }; +in +stdenvNoCC.mkDerivation { name = "s6-rc-database"; - nativeBuildInputs = [buildPackages.s6-rc]; + nativeBuildInputs = [ buildPackages.s6-rc ]; builder = writeText "find-s6-services" '' source $stdenv/setup mkdir -p $out diff --git a/pkgs/s6-rc-round-robin/default.nix b/pkgs/s6-rc-round-robin/default.nix index ec23008..ab4471e 100644 --- a/pkgs/s6-rc-round-robin/default.nix +++ b/pkgs/s6-rc-round-robin/default.nix @@ -13,9 +13,17 @@ stdenv.mkDerivation { propagatedBuildInputs = [ s6-rc-up-tree ]; installPhase = '' mkdir -p $out/bin - cp -p ${writeFennel "s6-rc-round-robin" { - packages = [fennel anoia linotify lualinux s6-rc-up-tree] ; - mainFunction = "run"; - } ./robin.fnl} $out/bin/s6-rc-round-robin + cp -p ${ + writeFennel "s6-rc-round-robin" { + packages = [ + fennel + anoia + linotify + lualinux + s6-rc-up-tree + ]; + mainFunction = "run"; + } ./robin.fnl + } $out/bin/s6-rc-round-robin ''; } diff --git a/pkgs/s6-rc-up-tree/default.nix b/pkgs/s6-rc-up-tree/default.nix index b1186ee..a8168bc 100644 --- a/pkgs/s6-rc-up-tree/default.nix +++ b/pkgs/s6-rc-up-tree/default.nix @@ -13,11 +13,15 @@ stdenv.mkDerivation { # propagatedBuildInputs = [ s6-rc-up-tree ]; installPhase = '' mkdir -p $out/bin - cp -p ${writeFennel "s6-rc-up-tree" { - packages = [fennel - lualinux ] ; - mainFunction = "run"; - } ./s6-rc-up-tree.fnl } $out/bin/s6-rc-up-tree + cp -p ${ + writeFennel "s6-rc-up-tree" { + packages = [ + fennel + lualinux + ]; + mainFunction = "run"; + } ./s6-rc-up-tree.fnl + } $out/bin/s6-rc-up-tree ''; postBuild = '' export PATH=./scripts:$PATH diff --git a/pkgs/schnapps/default.nix b/pkgs/schnapps/default.nix index e3518b8..63e154c 100644 --- a/pkgs/schnapps/default.nix +++ b/pkgs/schnapps/default.nix @@ -6,8 +6,13 @@ util-linux-small, lib, }: -let search_path = lib.makeBinPath [btrfs-progs util-linux-small]; -in stdenv.mkDerivation { +let + search_path = lib.makeBinPath [ + btrfs-progs + util-linux-small + ]; +in +stdenv.mkDerivation { pname = "schnapps"; version = "2.13.0"; diff --git a/pkgs/swconfig/default.nix b/pkgs/swconfig/default.nix index 7bbd6de..dd91056 100644 --- a/pkgs/swconfig/default.nix +++ b/pkgs/swconfig/default.nix @@ -1,10 +1,17 @@ -{ stdenv, buildPackages, libnl, ...} : -let switchDotH = buildPackages.fetchurl { - url = "https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob_plain;f=target/linux/generic/files/include/uapi/linux/switch.h;hb=99a188828713d6ff9c541590b08d4e63ef52f6d7"; - sha256 = "15kmhhcpd84y4f45rf8zai98c61jyvkc37p90pcxirna01x33wi8"; - name="switch.h"; -}; -in stdenv.mkDerivation { +{ + stdenv, + buildPackages, + libnl, + ... +}: +let + switchDotH = buildPackages.fetchurl { + url = "https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob_plain;f=target/linux/generic/files/include/uapi/linux/switch.h;hb=99a188828713d6ff9c541590b08d4e63ef52f6d7"; + sha256 = "15kmhhcpd84y4f45rf8zai98c61jyvkc37p90pcxirna01x33wi8"; + name = "switch.h"; + }; +in +stdenv.mkDerivation { src = buildPackages.fetchFromGitHub { owner = "jekader"; repo = "swconfig"; diff --git a/pkgs/systemconfig/default.nix b/pkgs/systemconfig/default.nix index 1610d38..a68d6ee 100644 --- a/pkgs/systemconfig/default.nix +++ b/pkgs/systemconfig/default.nix @@ -15,97 +15,104 @@ }: let inherit (lib.attrsets) mapAttrsToList; - escaped = msg : builtins.replaceStrings - ["\n" "=" "\"" "$" ] - ["\\x0a" "\\x3d" "\\x22" "\\x24"] - msg; + escaped = + msg: builtins.replaceStrings [ "\n" "=" "\"" "$" ] [ "\\x0a" "\\x3d" "\\x22" "\\x24" ] msg; - visit = prefix: attrset: - let makeFile = prefix : filename: { - type ? "f" - , mode ? null - , target ? null - , contents ? null - , file ? null - , major ? null - , minor ? null - , uid ? 0 - , gid ? 0 + visit = + prefix: attrset: + let + makeFile = + prefix: filename: + { + type ? "f", + mode ? null, + target ? null, + contents ? null, + file ? null, + major ? null, + minor ? null, + uid ? 0, + gid ? 0, }: - let - pathname = "${prefix}/${filename}"; - qpathname = builtins.toJSON pathname; - mode' = if mode != null - then mode - else - (if type == "d" then "0755" else "0644"); - cmds = { - "f" = "PRINTFILE(${qpathname}, ${mode'}, ${builtins.toJSON (escaped file)});"; - "d" = "MKDIR(${qpathname}, ${mode'});\n" + - (builtins.concatStringsSep "\n" - (visit pathname contents)); - "c" = "MKNOD_C(${qpathname}, ${mode'}, ${major}, ${minor});"; - "b" = "MKNOD_B(${qpathname}, ${mode'}, ${major}, ${minor});"; - "s" = "LN_S(${builtins.toJSON target}, ${qpathname});"; - "l" = "LN(${builtins.toJSON target}, ${qpathname})"; - "i" = "MKNOD_P(${qpathname}, ${mode'});"; - }; - cmd = cmds.${type}; - chown = if uid>0 || gid>0 - then "\nCHOWN(${qpathname},${toString uid},${toString gid});\n" - else ""; - in "unlink(${qpathname}); ${cmd} ${chown}"; - in mapAttrsToList (makeFile prefix) attrset; -in attrset: - let - activateScript = writeText "activate.c" '' - #include "defs.h" - int main(int argc, char* argv[]) { - chdir(argv[1]); - ${(builtins.concatStringsSep "\n" (visit "." attrset))} - } - ''; - in stdenv.mkDerivation { - name="system-configuration"; - src = ./.; + let + pathname = "${prefix}/${filename}"; + qpathname = builtins.toJSON pathname; + mode' = if mode != null then mode else (if type == "d" then "0755" else "0644"); + cmds = { + "f" = "PRINTFILE(${qpathname}, ${mode'}, ${builtins.toJSON (escaped file)});"; + "d" = + "MKDIR(${qpathname}, ${mode'});\n" + (builtins.concatStringsSep "\n" (visit pathname contents)); + "c" = "MKNOD_C(${qpathname}, ${mode'}, ${major}, ${minor});"; + "b" = "MKNOD_B(${qpathname}, ${mode'}, ${major}, ${minor});"; + "s" = "LN_S(${builtins.toJSON target}, ${qpathname});"; + "l" = "LN(${builtins.toJSON target}, ${qpathname})"; + "i" = "MKNOD_P(${qpathname}, ${mode'});"; + }; + cmd = cmds.${type}; + chown = + if uid > 0 || gid > 0 then "\nCHOWN(${qpathname},${toString uid},${toString gid});\n" else ""; + in + "unlink(${qpathname}); ${cmd} ${chown}"; + in + mapAttrsToList (makeFile prefix) attrset; +in +attrset: +let + activateScript = writeText "activate.c" '' + #include "defs.h" + int main(int argc, char* argv[]) { + chdir(argv[1]); + ${(builtins.concatStringsSep "\n" (visit "." attrset))} + } + ''; +in +stdenv.mkDerivation { + name = "system-configuration"; + src = ./.; - CFLAGS = "-Os"; - LDFLAGS = "-static -Xlinker -static"; + CFLAGS = "-Os"; + LDFLAGS = "-static -Xlinker -static"; - postConfigure = '' - cp ${activateScript} activate.c - ''; - makeFlags = ["activate"]; - installPhase = '' - closure=${closureInfo { rootPaths = [ activateScript ]; }} - mkdir -p $out/bin $out/etc - cp $closure/store-paths $out/etc/nix-store-paths - $STRIP --remove-section=.note --remove-section=.comment --strip-all activate -o $out/bin/activate - ln -s ${s6-init-bin}/bin/init $out/bin/init - cp -p ${writeFennel "restart-services" {} ./restart-services.fnl} $out/bin/restart-services - cat > $out/bin/install < $out/bin/install < ${name}.lua ''; diff --git a/shell.nix b/shell.nix index 353a52b..7be2a60 100644 --- a/shell.nix +++ b/shell.nix @@ -1,12 +1,15 @@ let nixpkgs = ; - liminix = (import ./default.nix { - device = (import ./devices/qemu); - liminix-config = ./vanilla-configuration.nix; - }); + liminix = ( + import ./default.nix { + device = (import ./devices/qemu); + liminix-config = ./vanilla-configuration.nix; + } + ); here = builtins.toString ./.; -in liminix.buildEnv.overrideAttrs (o: { - nativeBuildInputs = o.nativeBuildInputs ++ [ (import nixpkgs {}).sphinx ] ; +in +liminix.buildEnv.overrideAttrs (o: { + nativeBuildInputs = o.nativeBuildInputs ++ [ (import nixpkgs { }).sphinx ]; shellHook = '' publish(){ make -C doc html && rsync -azv doc/_build/html/ myhtic.telent.net:/var/www/blogs/www.liminix.org/_site/doc; } ''; diff --git a/tests/ext4/configuration.nix b/tests/ext4/configuration.nix index cdb5eed..6770bbc 100644 --- a/tests/ext4/configuration.nix +++ b/tests/ext4/configuration.nix @@ -1,7 +1,8 @@ -{ config, pkgs, ... } : +{ config, pkgs, ... }: let inherit (pkgs.pseudofile) dir; -in { +in +{ imports = [ ../../modules/outputs/ext4fs.nix ]; diff --git a/tests/ext4/test.nix b/tests/ext4/test.nix index 972362e..0717a6a 100644 --- a/tests/ext4/test.nix +++ b/tests/ext4/test.nix @@ -1,15 +1,20 @@ -let img = (import { +let + img = + (import { device = import ; liminix-config = ./configuration.nix; }).outputs.vmroot; - pkgs = import { overlays = [(import ../../overlay.nix)]; }; -in pkgs.runCommand "check" { - nativeBuildInputs = with pkgs; [ - expect - socat - ] ; -} '' -mkdir vm -${img}/run.sh --background ./vm -expect ${./script.expect} >$out -'' + pkgs = import { overlays = [ (import ../../overlay.nix) ]; }; +in +pkgs.runCommand "check" + { + nativeBuildInputs = with pkgs; [ + expect + socat + ]; + } + '' + mkdir vm + ${img}/run.sh --background ./vm + expect ${./script.expect} >$out + '' diff --git a/tests/fennel/test.nix b/tests/fennel/test.nix index b52f56f..c4fae00 100644 --- a/tests/fennel/test.nix +++ b/tests/fennel/test.nix @@ -1,17 +1,25 @@ let overlay = import ; - pkgs = import { overlays = [overlay]; }; - script = pkgs.writeFennel "foo" {} ./hello.fnl; + pkgs = import { overlays = [ overlay ]; }; + script = pkgs.writeFennel "foo" { } ./hello.fnl; inherit (pkgs.lua.pkgs) fifo; netlink = pkgs.netlink-lua; - script2 = pkgs.writeFennel "foo2" { packages = [fifo netlink];} ./hello.fnl; -in pkgs.runCommand "check" { - } '' -set -e -# test that it works -test $(${script}) = "hello" -# test that lua path, cpath are set -grep -q ${fifo}/share/lua/5.3 ${script2} -grep -q ${netlink}/lib/lua/5.3 ${script2} -date > $out -'' + script2 = pkgs.writeFennel "foo2" { + packages = [ + fifo + netlink + ]; + } ./hello.fnl; +in +pkgs.runCommand "check" + { + } + '' + set -e + # test that it works + test $(${script}) = "hello" + # test that lua path, cpath are set + grep -q ${fifo}/share/lua/5.3 ${script2} + grep -q ${netlink}/lib/lua/5.3 ${script2} + date > $out + '' diff --git a/tests/inout/configuration.nix b/tests/inout/configuration.nix index 864e986..7adb45c 100644 --- a/tests/inout/configuration.nix +++ b/tests/inout/configuration.nix @@ -1,10 +1,16 @@ -{ config, pkgs, modulesPath, ... } : +{ + config, + pkgs, + modulesPath, + ... +}: let inherit (pkgs.pseudofile) dir; svc = config.system.service; -in rec { +in +rec { imports = [ "${modulesPath}/dhcp6c" "${modulesPath}/dnsmasq" @@ -16,7 +22,7 @@ in rec { "${modulesPath}/mdevd.nix" ]; - filesystem = dir { srv = dir {}; }; + filesystem = dir { srv = dir { }; }; kernel = { config = { diff --git a/tests/inout/test.nix b/tests/inout/test.nix index 4ace394..dc483c3 100644 --- a/tests/inout/test.nix +++ b/tests/inout/test.nix @@ -1,37 +1,42 @@ -let img = (import { +let + img = + (import { device = import ; liminix-config = ./configuration.nix; }).outputs.vmroot; - pkgs = import { overlays = [(import ../../overlay.nix)]; }; -in pkgs.runCommand "check" { - nativeBuildInputs = with pkgs; [ - expect - socat - e2fsprogs - util-linux # for sfdisk, fallocate - parted - ] ; -} '' -mkdir vm -dd if=/dev/zero of=./vm/stick.e2fs bs=1M count=32 -mkfs.ext2 -L backup-disk ./vm/stick.e2fs -dd if=/dev/zero of=./vm/stick.img bs=1M count=38 -dd if=./vm/stick.e2fs of=./vm/stick.img bs=512 seek=34 conv=notrunc -parted -s ./vm/stick.img -- mklabel gpt mkpart backup-disk ext2 34s -0M -sync -cp ./vm/stick.img ./vm/stick.img.orig + pkgs = import { overlays = [ (import ../../overlay.nix) ]; }; +in +pkgs.runCommand "check" + { + nativeBuildInputs = with pkgs; [ + expect + socat + e2fsprogs + util-linux # for sfdisk, fallocate + parted + ]; + } + '' + mkdir vm + dd if=/dev/zero of=./vm/stick.e2fs bs=1M count=32 + mkfs.ext2 -L backup-disk ./vm/stick.e2fs + dd if=/dev/zero of=./vm/stick.img bs=1M count=38 + dd if=./vm/stick.e2fs of=./vm/stick.img bs=512 seek=34 conv=notrunc + parted -s ./vm/stick.img -- mklabel gpt mkpart backup-disk ext2 34s -0M + sync + cp ./vm/stick.img ./vm/stick.img.orig -{ + { -${img}/run.sh --background ./vm --flag -device --flag usb-ehci,id=xhci --flag -drive --flag if=none,id=usbstick,format=raw,file=$(pwd)/vm/stick.img -expect ${./script.expect} late -kill $(cat ./vm/pid) + ${img}/run.sh --background ./vm --flag -device --flag usb-ehci,id=xhci --flag -drive --flag if=none,id=usbstick,format=raw,file=$(pwd)/vm/stick.img + expect ${./script.expect} late + kill $(cat ./vm/pid) -cp ./vm/stick.img.orig ./vm/stick.img -${img}/run.sh --background ./vm --flag -device --flag usb-ehci,id=xhci --flag -drive --flag if=none,id=usbstick,format=raw,file=$(pwd)/vm/stick.img -expect ${./script.expect} early + cp ./vm/stick.img.orig ./vm/stick.img + ${img}/run.sh --background ./vm --flag -device --flag usb-ehci,id=xhci --flag -drive --flag if=none,id=usbstick,format=raw,file=$(pwd)/vm/stick.img + expect ${./script.expect} early -} | tee $out + } | tee $out -'' + '' diff --git a/tests/jffs2/configuration.nix b/tests/jffs2/configuration.nix index 010aa15..7036e52 100644 --- a/tests/jffs2/configuration.nix +++ b/tests/jffs2/configuration.nix @@ -1,7 +1,8 @@ -{ config, pkgs, ... } : +{ config, pkgs, ... }: let inherit (pkgs.pseudofile) dir; -in { +in +{ imports = [ ../../vanilla-configuration.nix ../../modules/outputs/squashfs.nix diff --git a/tests/jffs2/test.nix b/tests/jffs2/test.nix index 972362e..0717a6a 100644 --- a/tests/jffs2/test.nix +++ b/tests/jffs2/test.nix @@ -1,15 +1,20 @@ -let img = (import { +let + img = + (import { device = import ; liminix-config = ./configuration.nix; }).outputs.vmroot; - pkgs = import { overlays = [(import ../../overlay.nix)]; }; -in pkgs.runCommand "check" { - nativeBuildInputs = with pkgs; [ - expect - socat - ] ; -} '' -mkdir vm -${img}/run.sh --background ./vm -expect ${./script.expect} >$out -'' + pkgs = import { overlays = [ (import ../../overlay.nix) ]; }; +in +pkgs.runCommand "check" + { + nativeBuildInputs = with pkgs; [ + expect + socat + ]; + } + '' + mkdir vm + ${img}/run.sh --background ./vm + expect ${./script.expect} >$out + '' diff --git a/tests/min-copy-closure/config-ext4.nix b/tests/min-copy-closure/config-ext4.nix index 69818f9..d16ea74 100644 --- a/tests/min-copy-closure/config-ext4.nix +++ b/tests/min-copy-closure/config-ext4.nix @@ -1,6 +1,6 @@ -{ lib, ... } : +{ lib, ... }: { - imports= [ + imports = [ ./configuration.nix ../../modules/outputs/ext4fs.nix ]; diff --git a/tests/min-copy-closure/configuration.nix b/tests/min-copy-closure/configuration.nix index f7bb704..f97a8fd 100644 --- a/tests/min-copy-closure/configuration.nix +++ b/tests/min-copy-closure/configuration.nix @@ -1,19 +1,25 @@ -{ config, pkgs, lib, ... } : +{ + config, + pkgs, + lib, + ... +}: let inherit (pkgs) dropbear; inherit (pkgs.liminix.services) longrun; -in { +in +{ imports = [ ../../vanilla-configuration.nix ../../modules/outputs/jffs2.nix ]; - config = { + config = { services.sshd = longrun { name = "sshd"; run = '' - mkdir -p /run/dropbear - ${dropbear}/bin/dropbear -E -P /run/dropbear.pid -R -F - ''; + mkdir -p /run/dropbear + ${dropbear}/bin/dropbear -E -P /run/dropbear.pid -R -F + ''; }; users.root = { diff --git a/tests/min-copy-closure/test.nix b/tests/min-copy-closure/test.nix index cd53f28..0e23611 100644 --- a/tests/min-copy-closure/test.nix +++ b/tests/min-copy-closure/test.nix @@ -1,29 +1,35 @@ -let lmx = (import { +let + lmx = ( + import { device = import ; liminix-config = ./configuration.nix; - }); - rogue = lmx.pkgs.rogue; - img = lmx.outputs.vmroot; - pkgs = import { overlays = [(import ../../overlay.nix)]; }; -in pkgs.runCommand "check" { - nativeBuildInputs = with pkgs; [ - expect - socat - min-copy-closure - rogue - ] ; -} '' -. ${../test-helpers.sh} + } + ); + rogue = lmx.pkgs.rogue; + img = lmx.outputs.vmroot; + pkgs = import { overlays = [ (import ../../overlay.nix) ]; }; +in +pkgs.runCommand "check" + { + nativeBuildInputs = with pkgs; [ + expect + socat + min-copy-closure + rogue + ]; + } + '' + . ${../test-helpers.sh} -( -mkdir vm -${img}/run.sh --lan user,hostfwd=tcp::2022-:22 --background ./vm -expect ${./wait-until-ready.expect} -export SSH_COMMAND="ssh -o StrictHostKeyChecking=no -p 2022 -i ${./id}" -$SSH_COMMAND root@localhost echo ready -IN_NIX_BUILD=true min-copy-closure --quiet root@localhost ${rogue} -$SSH_COMMAND root@localhost ls -ld ${rogue} -IN_NIX_BUILD=true min-copy-closure --root /run root@localhost ${rogue} -$SSH_COMMAND root@localhost ls -ld /run/${rogue} -) 2>&1 | tee $out -'' + ( + mkdir vm + ${img}/run.sh --lan user,hostfwd=tcp::2022-:22 --background ./vm + expect ${./wait-until-ready.expect} + export SSH_COMMAND="ssh -o StrictHostKeyChecking=no -p 2022 -i ${./id}" + $SSH_COMMAND root@localhost echo ready + IN_NIX_BUILD=true min-copy-closure --quiet root@localhost ${rogue} + $SSH_COMMAND root@localhost ls -ld ${rogue} + IN_NIX_BUILD=true min-copy-closure --root /run root@localhost ${rogue} + $SSH_COMMAND root@localhost ls -ld /run/${rogue} + ) 2>&1 | tee $out + '' diff --git a/tests/min-copy-closure/with-figlet.nix b/tests/min-copy-closure/with-figlet.nix index 09ec47c..c4e02d0 100644 --- a/tests/min-copy-closure/with-figlet.nix +++ b/tests/min-copy-closure/with-figlet.nix @@ -1,6 +1,6 @@ -{ pkgs, ... } : +{ pkgs, ... }: { - imports= [./config-ext4.nix]; + imports = [ ./config-ext4.nix ]; defaultProfile.packages = with pkgs; [ figlet ]; diff --git a/tests/pppoe/configuration.nix b/tests/pppoe/configuration.nix index 2906360..3d5e522 100644 --- a/tests/pppoe/configuration.nix +++ b/tests/pppoe/configuration.nix @@ -1,11 +1,14 @@ -{ config, pkgs, ... } : +{ config, pkgs, ... }: let inherit (pkgs.liminix.services) target; svc = config.system.service; -in rec { +in +rec { services.lan4 = svc.network.address.build { interface = config.hardware.networkInterfaces.lan; - family = "inet"; address ="192.168.19.1"; prefixLength = 24; + family = "inet"; + address = "192.168.19.1"; + prefixLength = 24; }; imports = [ @@ -14,12 +17,11 @@ in rec { ../../modules/network ]; - services.pppoe = - svc.pppoe.build { - interface = config.hardware.networkInterfaces.wan; - username = "db123@a.1"; - password= "NotReallyTheSecret"; - }; + services.pppoe = svc.pppoe.build { + interface = config.hardware.networkInterfaces.wan; + username = "db123@a.1"; + password = "NotReallyTheSecret"; + }; services.defaultroute4 = svc.network.route.build { via = "$(output ${services.pppoe} address)"; @@ -28,15 +30,14 @@ in rec { }; services.packet_forwarding = svc.network.forward.build { - dependencies = [services.pppoe]; + dependencies = [ services.pppoe ]; }; - services.dns = - svc.dnsmasq.build { - interface = services.lan4; - ranges = ["192.168.19.10,192.168.19.253"]; - domain = "fake.liminix.org"; - }; + services.dns = svc.dnsmasq.build { + interface = services.lan4; + ranges = [ "192.168.19.10,192.168.19.253" ]; + domain = "fake.liminix.org"; + }; - defaultProfile.packages = [ pkgs.hello ] ; + defaultProfile.packages = [ pkgs.hello ]; } diff --git a/tests/pppoe/test.nix b/tests/pppoe/test.nix index 7798919..1e9458d 100644 --- a/tests/pppoe/test.nix +++ b/tests/pppoe/test.nix @@ -1,34 +1,39 @@ -let img = (import { +let + img = + (import { device = import ; liminix-config = ./configuration.nix; }).outputs.default; - pkgs = import { overlays = [(import ../../overlay.nix)]; }; - inherit (pkgs.pkgsBuildBuild) routeros; -in pkgs.runCommand "check" { - nativeBuildInputs = with pkgs; [ - python3Packages.scapy - expect - jq - socat - routeros.routeros - ] ; -} '' -serverstatedir=$(mktemp -d -t routeros-XXXXXX) -# python scapy drags in matplotlib which doesn't enjoy running in -# a sandbox with no $HOME, hence this environment variable -export MPLCONFIGDIR=$(mktemp -d -t routeros-XXXXXX) -export XDG_CONFIG_HOME=/tmp -export XDG_CACHE_HOME=/tmp + pkgs = import { overlays = [ (import ../../overlay.nix) ]; }; + inherit (pkgs.pkgsBuildBuild) routeros; +in +pkgs.runCommand "check" + { + nativeBuildInputs = with pkgs; [ + python3Packages.scapy + expect + jq + socat + routeros.routeros + ]; + } + '' + serverstatedir=$(mktemp -d -t routeros-XXXXXX) + # python scapy drags in matplotlib which doesn't enjoy running in + # a sandbox with no $HOME, hence this environment variable + export MPLCONFIGDIR=$(mktemp -d -t routeros-XXXXXX) + export XDG_CONFIG_HOME=/tmp + export XDG_CACHE_HOME=/tmp -. ${../test-helpers.sh} + . ${../test-helpers.sh} -routeros $serverstatedir -mkdir vm -${img}/run.sh --background ./vm -expect ${./getaddress.expect} + routeros $serverstatedir + mkdir vm + ${img}/run.sh --background ./vm + expect ${./getaddress.expect} -set -o pipefail -response=$(python ${./test-dhcp-service.py}) -echo "$response" | jq -e 'select((.router == "192.168.19.1") and (.server_id=="192.168.19.1"))' -echo $response > $out -'' + set -o pipefail + response=$(python ${./test-dhcp-service.py}) + echo "$response" | jq -e 'select((.router == "192.168.19.1") and (.server_id=="192.168.19.1"))' + echo $response > $out + '' diff --git a/tests/pseudofiles/fixture.nix b/tests/pseudofiles/fixture.nix index da96e6a..2d50ba0 100644 --- a/tests/pseudofiles/fixture.nix +++ b/tests/pseudofiles/fixture.nix @@ -1,15 +1,18 @@ { - pseudofile -}: let + pseudofile, +}: +let inherit (pseudofile) dir; structure = { service = dir { s6-linux-init-runleveld = dir { - notification-fd = { file = "3"; }; + notification-fd = { + file = "3"; + }; run = { file = '' - hello - world + hello + world ''; mode = "0755"; }; @@ -21,8 +24,8 @@ }; run = { file = '' - s6-linux-init/bin/s6-linux-init-shutdownd -c "/etc/s6-linux-init/current" -g 3000 - ''; + s6-linux-init/bin/s6-linux-init-shutdownd -c "/etc/s6-linux-init/current" -g 3000 + ''; mode = "0755"; }; @@ -32,14 +35,19 @@ type = "i"; mode = "0600"; }; - notification-fd = { file = "3"; }; + notification-fd = { + file = "3"; + }; run = { file = '' - gdsgdfgsdgf + gdsgdfgsdgf ''; }; }; }; - uncaught-logs = (dir {}) // {mode = "2750";}; + uncaught-logs = (dir { }) // { + mode = "2750"; + }; }; -in pseudofile.write "pseudo.s6-init" structure +in +pseudofile.write "pseudo.s6-init" structure diff --git a/tests/pseudofiles/test.nix b/tests/pseudofiles/test.nix index 7ad121b..39f7cd2 100755 --- a/tests/pseudofiles/test.nix +++ b/tests/pseudofiles/test.nix @@ -1,15 +1,21 @@ let overlay = import ; - pkgs = import { overlays = [overlay]; }; - fixture = pkgs.callPackage ./fixture.nix {}; -in pkgs.runCommand "check" { - nativeBuildInputs = with pkgs; [ squashfsTools qprint ] ; - } '' -set -e -diff ${fixture} ${./result.expected} -test -f /tmp/out.squashfs && rm /tmp/out.squashfs -mksquashfs - /tmp/out.squashfs -p '/ d 755 0 0' -pf ${fixture} -quiet -no-progress -foo="$(unsquashfs -cat /tmp/out.squashfs service/s6-linux-init-runleveld/run)" -test "$foo" = "$(printf "hello\nworld")" -date > $out -'' + pkgs = import { overlays = [ overlay ]; }; + fixture = pkgs.callPackage ./fixture.nix { }; +in +pkgs.runCommand "check" + { + nativeBuildInputs = with pkgs; [ + squashfsTools + qprint + ]; + } + '' + set -e + diff ${fixture} ${./result.expected} + test -f /tmp/out.squashfs && rm /tmp/out.squashfs + mksquashfs - /tmp/out.squashfs -p '/ d 755 0 0' -pf ${fixture} -quiet -no-progress + foo="$(unsquashfs -cat /tmp/out.squashfs service/s6-linux-init-runleveld/run)" + test "$foo" = "$(printf "hello\nworld")" + date > $out + '' diff --git a/tests/smoke/test.nix b/tests/smoke/test.nix index 53563f3..73c0c15 100644 --- a/tests/smoke/test.nix +++ b/tests/smoke/test.nix @@ -1,24 +1,32 @@ -let img = (import { +let + img = + (import { device = import ; liminix-config = ; }).outputs.rootfs; - pkgs = import {}; -in pkgs.runCommand "check" { - nativeBuildInputs = with pkgs; [ squashfsTools s6-rc ] ; -} '' -destpath=$(mktemp -d)/smoke.img -echo $destpath -cleanup(){ test -n $destpath && test -d $destpath && chmod -R +w $destpath && rm -rf $destpath; } -trap cleanup EXIT -trap 'echo "command $(eval echo $BASH_COMMAND) failed with exit code $?"; exit $?' ERR -unsquashfs -q -d $destpath -excludes ${img} /dev -cd $destpath; -db=nix/store/*-s6-rc-database/compiled/ -test -d $db -chmod -R +w $db -# check we have closure of config.services (lo.link service exists only -# as a dependency) -test "$(s6-rc-db -c $db type lo.link)" = "oneshot" -test "$(s6-rc-db -c $db type ntp)" = "longrun" -echo OK > $out -'' + pkgs = import { }; +in +pkgs.runCommand "check" + { + nativeBuildInputs = with pkgs; [ + squashfsTools + s6-rc + ]; + } + '' + destpath=$(mktemp -d)/smoke.img + echo $destpath + cleanup(){ test -n $destpath && test -d $destpath && chmod -R +w $destpath && rm -rf $destpath; } + trap cleanup EXIT + trap 'echo "command $(eval echo $BASH_COMMAND) failed with exit code $?"; exit $?' ERR + unsquashfs -q -d $destpath -excludes ${img} /dev + cd $destpath; + db=nix/store/*-s6-rc-database/compiled/ + test -d $db + chmod -R +w $db + # check we have closure of config.services (lo.link service exists only + # as a dependency) + test "$(s6-rc-db -c $db type lo.link)" = "oneshot" + test "$(s6-rc-db -c $db type ntp)" = "longrun" + echo OK > $out + '' diff --git a/tests/tftpboot/configuration.nix b/tests/tftpboot/configuration.nix index a10cce2..7058948 100644 --- a/tests/tftpboot/configuration.nix +++ b/tests/tftpboot/configuration.nix @@ -1,18 +1,31 @@ -{ config, pkgs, lib, lim, ... } : +{ + config, + pkgs, + lib, + lim, + ... +}: let inherit (pkgs.pseudofile) dir; - dts = pkgs.runCommand "qemu.dts" { - nativeBuildInputs = with pkgs.pkgsBuildBuild; [ dtc qemu ]; - } '' - qemu-system-${pkgs.stdenv.hostPlatform.qemuArch} \ - -machine virt -machine dumpdtb=tmp.dtb - dtc -I dtb -O dts -o $out tmp.dtb - # https://stackoverflow.com/a/69890137, - # XXX try fdtput $out -p -t s /pl061@9030000 status disabled - # instead of using sed - sed -i $out -e 's/compatible = "arm,pl061.*/status = "disabled";/g' - ''; -in { + dts = + pkgs.runCommand "qemu.dts" + { + nativeBuildInputs = with pkgs.pkgsBuildBuild; [ + dtc + qemu + ]; + } + '' + qemu-system-${pkgs.stdenv.hostPlatform.qemuArch} \ + -machine virt -machine dumpdtb=tmp.dtb + dtc -I dtb -O dts -o $out tmp.dtb + # https://stackoverflow.com/a/69890137, + # XXX try fdtput $out -p -t s /pl061@9030000 status disabled + # instead of using sed + sed -i $out -e 's/compatible = "arm,pl061.*/status = "disabled";/g' + ''; +in +{ imports = [ ../../modules/outputs/ext4fs.nix ../../modules/outputs/tftpboot.nix @@ -25,12 +38,14 @@ in { hardware.dts.src = lib.mkOverride 500 dts; boot.tftp = { loadAddress = - let offsets = { - mips = "0x88000000"; - arm = "0x44000000"; - aarch64 = "0x44000000"; - }; - in lim.parseInt offsets.${pkgs.stdenv.hostPlatform.qemuArch} ; + let + offsets = { + mips = "0x88000000"; + arm = "0x44000000"; + aarch64 = "0x44000000"; + }; + in + lim.parseInt offsets.${pkgs.stdenv.hostPlatform.qemuArch}; serverip = "10.0.2.2"; ipaddr = "10.0.2.15"; }; diff --git a/tests/tftpboot/test.nix b/tests/tftpboot/test.nix index 9906824..5cc2bf2 100644 --- a/tests/tftpboot/test.nix +++ b/tests/tftpboot/test.nix @@ -1,44 +1,55 @@ -let check = deviceName : config : -let derivation = (import { - device = import ( + "/${deviceName}"); - liminix-config = { ... } : { - imports = [./configuration.nix]; - inherit config; - }; - }); - img = derivation.outputs.tftpboot; - uboot = derivation.outputs.u-boot; - pkgsBuild = derivation.pkgs.pkgsBuildBuild; -in pkgsBuild.runCommand "check-${deviceName}" { - nativeBuildInputs = with pkgsBuild; [ - expect - socat - run-liminix-vm - ] ; -} '' -mkdir vm -ln -s ${img} result +let + check = + deviceName: config: + let + derivation = ( + import { + device = import ( + "/${deviceName}"); + liminix-config = + { ... }: + { + imports = [ ./configuration.nix ]; + inherit config; + }; + } + ); + img = derivation.outputs.tftpboot; + uboot = derivation.outputs.u-boot; + pkgsBuild = derivation.pkgs.pkgsBuildBuild; + in + pkgsBuild.runCommand "check-${deviceName}" + { + nativeBuildInputs = with pkgsBuild; [ + expect + socat + run-liminix-vm + ]; + } + '' + mkdir vm + ln -s ${img} result -touch empty empty2 + touch empty empty2 -run-liminix-vm \ - --background ./vm \ - --u-boot ${uboot}/u-boot.bin \ - --arch ${derivation.pkgs.stdenv.hostPlatform.qemuArch} \ - --wan "user,tftp=`pwd`" \ - --disk-image empty2 \ - empty empty2 + run-liminix-vm \ + --background ./vm \ + --u-boot ${uboot}/u-boot.bin \ + --arch ${derivation.pkgs.stdenv.hostPlatform.qemuArch} \ + --wan "user,tftp=`pwd`" \ + --disk-image empty2 \ + empty empty2 -expect ${./script.expect} 2>&1 |tee $out -''; -in { - aarch64 = check "qemu-aarch64" {}; - arm = check "qemu-armv7l" {}; - armZimage = check "qemu-armv7l" { + expect ${./script.expect} 2>&1 |tee $out + ''; +in +{ + aarch64 = check "qemu-aarch64" { }; + arm = check "qemu-armv7l" { }; + armZimage = check "qemu-armv7l" { boot.tftp.kernelFormat = "zimage"; }; - mips = check "qemu" {}; - mipsLz = check "qemu" { + mips = check "qemu" { }; + mipsLz = check "qemu" { boot.tftp.compressRoot = true; }; # this works on real hardware but I haven't figured out how diff --git a/tests/updown/configuration.nix b/tests/updown/configuration.nix index ea9263b..10ef4c1 100644 --- a/tests/updown/configuration.nix +++ b/tests/updown/configuration.nix @@ -1,11 +1,12 @@ -{ config, pkgs, ... } : +{ config, pkgs, ... }: let # EDIT: you can pick your preferred RFC1918 address space # for NATted connections, if you don't like this one. ipv4LocalNet = "10.8.0"; svc = config.system.service; -in rec { +in +rec { imports = [ ../../modules/bridge ../../modules/dhcp6c @@ -22,13 +23,14 @@ in rec { services.int = svc.network.address.build { interface = svc.bridge.primary.build { ifname = "int"; }; - family = "inet"; address = "${ipv4LocalNet}.1"; prefixLength = 16; + family = "inet"; + address = "${ipv4LocalNet}.1"; + prefixLength = 16; }; - services.bridge = svc.bridge.members.build { + services.bridge = svc.bridge.members.build { primary = services.int; - members = with config.hardware.networkInterfaces; - [ lan ]; + members = with config.hardware.networkInterfaces; [ lan ]; }; services.sshd = svc.ssh.build { }; @@ -46,7 +48,7 @@ in rec { defaultProfile.packages = with pkgs; [ min-collect-garbage -# strace + # strace # ethtool tcpdump ]; diff --git a/tests/updown/test.nix b/tests/updown/test.nix index 80525a4..f1ba1a9 100644 --- a/tests/updown/test.nix +++ b/tests/updown/test.nix @@ -1,15 +1,20 @@ -let img = (import { +let + img = + (import { device = import ; liminix-config = ./configuration.nix; }).outputs.vmroot; - pkgs = import { overlays = [(import ../../overlay.nix)]; }; -in pkgs.runCommand "check" { - nativeBuildInputs = with pkgs; [ - expect - socat - ] ; -} '' -mkdir vm -${img}/run.sh --flag -S --background ./vm -expect ${./script.expect} | tee $out -'' + pkgs = import { overlays = [ (import ../../overlay.nix) ]; }; +in +pkgs.runCommand "check" + { + nativeBuildInputs = with pkgs; [ + expect + socat + ]; + } + '' + mkdir vm + ${img}/run.sh --flag -S --background ./vm + expect ${./script.expect} | tee $out + '' diff --git a/tests/wlan/configuration.nix b/tests/wlan/configuration.nix index e94f6f6..a43e85f 100644 --- a/tests/wlan/configuration.nix +++ b/tests/wlan/configuration.nix @@ -1,7 +1,8 @@ -{ config, pkgs, ... } : +{ config, pkgs, ... }: let inherit (pkgs.liminix.networking) interface hostapd; -in rec { +in +rec { imports = [ ../../modules/wlan.nix ../../modules/hostapd @@ -13,18 +14,18 @@ in rec { params = { ssid = "liminix"; country_code = "GB"; - hw_mode="g"; + hw_mode = "g"; channel = "2"; wmm_enabled = 1; ieee80211n = 1; wpa_passphrase = "colourless green ideas"; auth_algs = 1; # 1=wpa2, 2=wep, 3=both - wpa = 2; # 1=wpa, 2=wpa2, 3=both + wpa = 2; # 1=wpa, 2=wpa2, 3=both wpa_key_mgmt = "WPA-PSK"; - wpa_pairwise = "TKIP CCMP"; # auth for wpa (may not need this?) - rsn_pairwise = "CCMP"; # auth for wpa2 + wpa_pairwise = "TKIP CCMP"; # auth for wpa (may not need this?) + rsn_pairwise = "CCMP"; # auth for wpa2 }; }; - defaultProfile.packages = with pkgs; [ tcpdump ] ; + defaultProfile.packages = with pkgs; [ tcpdump ]; } diff --git a/tests/wlan/test.nix b/tests/wlan/test.nix index a4dbc8e..40f96dd 100644 --- a/tests/wlan/test.nix +++ b/tests/wlan/test.nix @@ -1,16 +1,22 @@ -let img = (import { +let + img = + (import { device = import ; liminix-config = ./configuration.nix; }).outputs.default; - pkgs = import { overlays = [(import ../../overlay.nix)]; }; -in pkgs.runCommand "check" { - nativeBuildInputs = with pkgs; [ - expect socat - ] ; -} '' -. ${../test-helpers.sh} + pkgs = import { overlays = [ (import ../../overlay.nix) ]; }; +in +pkgs.runCommand "check" + { + nativeBuildInputs = with pkgs; [ + expect + socat + ]; + } + '' + . ${../test-helpers.sh} -mkdir vm -${img}/run.sh --background ./vm -expect ${./wait-for-wlan.expect} |tee output && mv output $out -'' + mkdir vm + ${img}/run.sh --background ./vm + expect ${./wait-for-wlan.expect} |tee output && mv output $out + '' diff --git a/vanilla-configuration.nix b/vanilla-configuration.nix index 1096b82..7e1de95 100644 --- a/vanilla-configuration.nix +++ b/vanilla-configuration.nix @@ -2,7 +2,8 @@ let inherit (pkgs.liminix.services) target; svc = config.system.service; -in rec { +in +rec { imports = [ ./modules/wlan.nix ./modules/network @@ -11,8 +12,10 @@ in rec { ]; services.dhcpv4 = - let iface = svc.network.link.build { ifname = "eth1"; }; - in svc.network.dhcp.client.build { interface = iface; }; + let + iface = svc.network.link.build { ifname = "eth1"; }; + in + svc.network.dhcp.client.build { interface = iface; }; services.defaultroute4 = svc.network.route.build { via = "$(output ${services.dhcpv4} ip)"; @@ -23,7 +26,9 @@ in rec { services.packet_forwarding = svc.network.forward.build { }; services.ntp = config.system.service.ntp.build { - pools = { "pool.ntp.org" = ["iburst"] ; }; + pools = { + "pool.ntp.org" = [ "iburst" ]; + }; }; boot.tftp = {