cc94ef57fa
in rc.init copy log from previous boot to place of safety
2025-01-01 18:22:45 +00:00
497307588f
automate ubimage instructions a little
2025-01-01 12:38:08 +00:00
28d39cd66d
provide etc/kconfig in updater output
...
this is for debugging/documentation purposes and isn't copied to the
device
2025-01-01 11:55:33 +00:00
f2e4e77d73
firewall: don't use oifname in input rules
...
because it's empty, these are input rules for the local machine
2024-12-29 23:17:31 +00:00
4d273a9469
dropbear would like /etc/shells to exist
2024-12-29 13:27:49 +00:00
40db175b41
complain if user attempting to tftpboot a ubifs
2024-12-29 13:26:45 +00:00
ab07212a7e
include jffs2 module per default
...
it has no effect unless enabled
2024-12-29 13:26:06 +00:00
294492a176
jiggle imports
2024-12-24 13:46:19 +00:00
Arnout Engelen
f8a275d1a3
use Linux kernel sources associated with openwrt by default
2024-12-24 12:30:15 +00:00
bc20f4c6b7
rt3200 test install
2024-12-23 23:59:52 +00:00
848214d104
add ubivolume output
2024-12-23 22:37:07 +00:00
ede8f12d2b
declare options.hardware.ubi unconditionally
...
this is so it can be defined in device modules even when
ubifs is not included in the configuration
2024-12-23 22:37:07 +00:00
6cd5b90678
outputs.rootubifs -> ubifs
2024-12-23 22:37:07 +00:00
db4f098c02
add fit bootloader
...
this is for the belkin rt3200, whose uboot doesn't do
extlinux but can load a fit from a ubifs. It adds the
a kernel+dtb as /boot/fit
2024-12-23 11:21:58 +00:00
1347937345
rename file
2024-12-23 10:31:22 +00:00
a7b5f80674
rename extlinux output to bootfiles
...
this is in preparation for introducing other non-extlinux
modules that populate /boot
2024-12-23 00:09:31 +00:00
f07a38b0fd
extract uimage output module into own file
2024-12-22 21:10:07 +00:00
ac189f2977
outputs.zimage -> outputs.kernel.zImage
...
remove config option/derivation in favour of accessing
as output of the kernel derivation (matches what we do
with e.g. modulesupport)
2024-12-22 17:27:59 +00:00
f60b74f415
add a new updater output
...
this is so that we don't have to obfuscate store paths in
systemConfiguration to avoid dragging in build system
deps.
breaking-ish change to workflows, docs updated
2024-12-20 00:05:07 +00:00
56c667cfd5
extract systemConfiguration into its own output module
2024-12-19 20:55:10 +00:00
f9b4f0bc9c
move modules/squashfs.nix into outputs/
2024-12-19 14:33:50 +00:00
ffaca615ba
copy logs to /dev/pmsg0 when ogging.persistent.enabled
2024-12-18 21:11:58 +00:00
81f5550bf0
config.logging.persistent enables /dev/pmsg0
...
- whatever's written to /dev/pmsg0 appears as
/sys/fs/pstore/pmsg-ramoops-0 after reboot
- only works on devices with the relevant device tree
support (gl-ar750 and whatever has it by default)
- nothing in the system is actually writing this file yet
- or reading it at boot time, for that matter
2024-12-17 23:24:31 +00:00
b52133a28b
add hardware.dts.includes option
2024-12-17 20:36:14 +00:00
44caefcd3b
rename config.hardware.dts.includes -> includePaths
...
(1) it's a better name
(2) I want to use `includes` to specify dtsi files
2024-12-17 17:41:53 +00:00
1f7d6544e3
provide stdout to ppp callback scripts
...
pppd runs them with 0,1,2 => /dev/null but we actually quite like
seeing errors in the logs
2024-10-17 21:37:08 +01:00
1bca072509
fix chrony pidfile error
2024-10-17 21:35:33 +01:00
7b98724643
turns out we did need usepeerdns
2024-10-17 21:05:16 +01:00
b1625763ee
ppp service signal readiness only when ip-up has run
...
as downstream services need e.g. ifname which is not written by ipv6-up
2024-10-16 22:59:01 +01:00
14bfebc5c3
enable unloading modules so that scripts work
...
if we can't unload them then the service that loads them will fail
the second time it's run
2024-10-16 22:54:19 +01:00
0447ac0ff9
did we need MODULE_SIG?
...
I think this may be a hangover from using backports modules for wlan
2024-10-16 22:53:16 +01:00
e35a1514ab
send kernel logs to s6
2024-10-16 18:59:42 +01:00
4a0120487c
remove usepeerdns - it causes only errors
...
we handle dns with service outputs anyway
2024-10-16 18:58:34 +01:00
17517dd34f
remove KEXEC from base kernel config
...
we're not using it any more
2024-10-10 18:23:50 +01:00
5112eab4da
apply incoming-allowed-ip[46] rules to input as well as forward pkts
...
this makes it possible to open ports on the router itself
2024-10-10 18:18:23 +01:00
2d7e6188ac
log shipping service now gets logs on stdin
...
instead of having to open the unix socket
2024-10-06 13:26:58 +01:00
493c5f69d7
add module for certifix-client
2024-10-06 11:27:39 +01:00
635590d37a
implement log shipping config
...
to use this, you need config like for example
+ logging.shipping = {
+ enable = true;
+ service = longrun {
+ name = "ship-logs";
+ run = let path = lib.makeBinPath (with pkgs; [ s6 s6-networking s6 execline ]);
+ in ''
+ PATH=${path}:$PATH
+ s6-ipcserver -1 ${config.logging.shipping.socket} \
+ s6-tcpclient 10.0.2.2 19612 \
+ fdmove -c 1 7 cat
+ '';
+ };
+ };
but I think we can reduce the noise a bit if we use an s6-rc pipeline
with an s6-ipcserver on one side and and a (whatever the user wants)
on the other
2024-09-18 22:14:34 +01:00
707a471bc2
add logtee to catchall logger
2024-09-16 21:30:06 +01:00
e0725489ca
unbreak pppoe ci job
2024-09-06 00:33:30 +01:00
091d863710
extract pppoe/l2tp common code
2024-09-04 12:02:00 +01:00
c7bcfbfa34
make pppoe/l2tp more consistent
2024-09-03 22:57:45 +01:00
500a3c1025
make nodefaultroute explicit in ppp
2024-09-03 22:53:13 +01:00
e590c0ad3f
secrets subscriber: add provider as dep to controlled service
2024-09-01 09:56:59 +01:00
14abdd9998
tang: notify on ready
2024-08-31 23:24:50 +01:00
e745991b9d
restart pppoe/l2tp in secrets changes
2024-08-30 20:49:27 +01:00
defbfce1fb
finish converting outputRef to lambda
2024-08-30 20:46:48 +01:00
a8a19977ca
(untested) template service for tang encrypted secrets
2024-08-28 22:32:26 +01:00
7351e143c5
remove redundant sourcing of ${serviceFns}
...
this is done by the oneshot and longrun functions
2024-08-28 21:28:27 +01:00
fe7b092075
(untested) http basic auth for outboard secrets
2024-08-28 20:53:59 +01:00
