dan
/
liminix
1
0
Fork 5
Code Issues 3 Pull Requests 1 Projects Releases Wiki Activity
434 Commits 11 Branches 0 Tags 2.1 MiB
Commit Graph

135 Commits

Author SHA1 Message Date
Daniel Barlow c595ae0ccb firewallgen: make nft shebang work 2023-06-27 21:26:23 +01:00
Daniel Barlow 6101f3f3d8 load necessary kernel modules for firewall 2023-06-27 21:18:09 +01:00
Daniel Barlow 591bd78509 extract writeKconfig to its own file 2023-06-26 20:49:43 +01:00
Daniel Barlow 6bc45c2b55 preinit: null-terminate argv array for execve 2023-06-22 09:29:44 +01:00
Daniel Barlow d79a1e15bb get fennel from source instead of luarocks 2023-06-20 20:19:11 +01:00
Daniel Barlow a7e7146887 preinit: disable nolibc 
- it stopped working with 22.11->23.05
- linking statically against musl is about 17k, so
  this is costing us 11k or so
 2023-06-18 23:04:26 +01:00
Daniel Barlow d66f5901a2 fix nftables syntax 2023-06-18 22:18:44 +01:00
Daniel Barlow 80639a7256 add firewallgen package, which creates an nft script 2023-06-18 17:40:16 +01:00
Daniel Barlow 3f4dbfcfd3 ipv6 prefix delegation for rotuer 
much tidying needed, but it works
 2023-05-31 23:29:05 +01:00
Daniel Barlow fdffdbb22a add writeFennelScript function, make ifwait use it 2023-05-29 20:20:12 +01:00
Daniel Barlow 447f068569 partly support getting IPv6 addresses 
- gets interface id from ppp
- runs odhcpc to get RA and prefix delegation
- doesn't do anything useful with the data yet
 2023-05-24 23:01:50 +01:00
Daniel Barlow 339c2d9873 upgrade to ppp 2.5.0 2023-05-22 23:31:57 +01:00
Daniel Barlow 39b09df4d7 liminix-rebuild: test if nix-build succeeds 2023-05-20 22:30:22 +01:00
Daniel Barlow ea2f48cfc9 liminix-rebuild copy nix-store-paths to /persist 2023-05-20 21:55:37 +01:00
Daniel Barlow b0098f1c8e move min-list-garbage into min-collect-garbage pkg 
we don't want it in the same package as min-copy-closure as
that depends on bash
 2023-05-20 21:55:23 +01:00
Daniel Barlow 68ab6faeb3 write etc/nix-store-paths in systemConfiguration 2023-05-19 23:57:50 +01:00
Daniel Barlow 00aeb81811 min-list-garbage: check all store paths against file 
this is step 1 of min-collect-garbage, no point implementing
deletion ourselves when rm -r exists

(arguably no point in implementing any of it, but this is the bit we
can't do efficiently in bourne shell - it means we're reading the
store-paths list once instead of grepping it afresh for every entry in
/nix/store/)
 2023-05-19 23:49:11 +01:00
Daniel Barlow a809c28dde liminix-rebuild source /etc/profile to get PATH for reboot 2023-05-18 22:43:08 +01:00
Daniel Barlow 292a4c4d46 liminix-rebuild: put activate in /persist 2023-05-17 22:49:10 +01:00
Daniel Barlow b1f4db00a0 add liminix-rebuild command 2023-05-17 15:38:22 +01:00
Daniel Barlow ddd7b68b30 min-copy-closure: remove verbose output 2023-05-11 23:52:13 +01:00
Daniel Barlow cc6c790746 set up path for min-copy-closure 2023-05-07 22:51:10 +01:00
Daniel Barlow bcf5dac5d7 min-copy-closure: honour $SSH_COMMAND env var 2023-05-07 22:07:35 +01:00
Daniel Barlow 1c002c4065 min-copy-closure: improve output 2023-05-07 22:06:49 +01:00
Daniel Barlow 74f2aa6247 initramfs-peek: an initramfs image with a shell, for debugging 2023-05-06 23:03:51 +01:00
Daniel Barlow 888a0d5f74 mips-vm: allow env var to override la network interface 
this is handy if you want to connect to it from the host
for e.g. seeing if min-copy-closure works
 2023-05-06 23:01:56 +01:00
Daniel Barlow 30153a2d4e add min-copy-closure, a minimal nix-copy-closure substitute 2023-05-06 22:47:03 +01:00
Daniel Barlow 28264febdb add smaller-than-gnu "hello world" package 2023-04-23 20:56:20 +01:00
Daniel Barlow 65dfbad365 systemconfig: chown files if uid/gid > 0 2023-04-15 22:53:28 +01:00
Daniel Barlow 5dd0c6e3c0 rewrite preinit as very small C program 
By using the kernel "nolibc" header to avoid requiring a C library, we
can bring the initramfs size to around 4k

This does involve a tiny bit of inline mips assembly which I'm not
sure about. gcc seems unwilling to generate the code to load $gp at
function entry of main(), so we do it by hand - but I'd rather find
out why gcc doesn't.
 2023-04-15 18:27:39 +01:00
Daniel Barlow 11f2715d18 mips-vm: enlarge mtd 2023-04-15 17:22:35 +01:00
Daniel Barlow 1cc0b13b57 rewrite systemconfig in C and link statically 
systemconfig (a.k.a "activate") is run from the initramfs. Converting
it from a shell script to an executable means it doesn't depend on
there being a shell in the initramfs
 2023-04-15 17:21:27 +01:00
Daniel Barlow c744ef8c17 systemconfig: accept uid and gid options 
all we do with them is assert they're zero, to unbreak CI.
This code is getting rewritten anyway
 2023-04-14 23:19:56 +01:00
Brian McKenna fb796e61e0 pseudofile: allow setting uid and gid of files 
Necessary for Dropbear to accept non-root authorized_keys files.
 2023-04-14 23:12:52 +01:00
Daniel Barlow 2e15acd61c whitespace 2023-04-10 17:46:39 +01:00
Daniel Barlow 54a1ab3529 support jffs2, with initramfs 
the jffs2 filesystem contains only /nix/store and a script which is
run in early init (initramfs) and is responsible for recreating
"traditional" directories (/bin /etc/**/* /var &c) based on the
configuration.

this is tested only in qemu so far and could use some cleanup
 2023-04-04 23:35:49 +01:00
Daniel Barlow 25d9da967c remove support for sockets in pseudofiles 
(1) we can't make them on a real filesystem except by running
something that calls socket()
(2) whyever would we want to?
 2023-04-04 23:23:22 +01:00
Daniel Barlow aa1a2e5d75 package gen_init_cpio, tool for making an initramfs 2023-04-04 22:54:20 +01:00
Daniel Barlow f02efa3fe3 refactor 2023-04-04 21:11:28 +01:00
Daniel Barlow 342c87b256 qemu: boot from mtd using mtd2block 
doesn't make much difference for squashfs but this will make it much
simpler to test jffs2/ubifs
 2023-04-04 21:07:02 +01:00
Daniel Barlow 07e7d63ade fixup 98243d43da 2023-04-02 18:46:27 +01:00
Daniel Barlow 98243d43da add mtdutils mkfs.jffs2 --graft option 
we'd like a bit more of the convenience of mksquashfs
(never thought I'd say _that_) for jffs2, in particular
not having to copy all the desired store paths into a
single directory just so we can create an image from them
 2023-03-31 23:42:13 +01:00
Daniel Barlow a172180be8 don't set lua5_3 in overlay 
sphinx depends on lua5_3, so overriding it globally means rebuilding
that - which isn't really necessary
 2023-03-24 23:43:13 +00:00
Daniel Barlow 3608cc5e33 add kenrel command line cookie to mips-vm script 2023-03-24 18:48:38 +00:00
Daniel Barlow a5cfa37ed3 unify kernel command line handling 
We now use MIPS_CMDLINE_DTB_EXTEND for all boot varieties
(tftpboot, flash boot, kexec) with the addition of
MIPS_BOOTLOADER_CMDLINE_REQUIRE_COOKIE - local patch -
so that the bootloader args are ignored unless they
contain the string "liminix"
 2023-03-23 22:24:44 +00:00
Daniel Barlow 4b19568f1b add kexecboot 
This allows booting a new image from a running OS, creating a
phram mtd for the root squashfs

* enable CONFIG_KEXEC
* add modules/kexecboot
* patch kexec-tools to add --map-file option for the squashfs
* patch kernel kexec code to call new kernel with DTB
 2023-03-19 20:25:43 +00:00
Daniel Barlow 429ffa8e7d make applyPatches work for ramips 2023-03-19 20:25:23 +00:00
Daniel Barlow efd878dc5e extract common code for patching kernel source fdorm openwrt 2023-03-18 19:17:58 +00:00
Daniel Barlow a4e1dcedd3 redirect stderr 2023-03-10 23:39:53 +00:00
Daniel Barlow 225fc6fe51 configurable busybox 
allows modules to add to the busybox applets and change config
 2023-03-10 18:40:45 +00:00