eth1 is lan in qemu

this is handy if you want to connect to it from the host
for e.g. seeing if min-copy-closure works

pkgs/default.nix

@@ -45,5 +45,7 @@
 
   openwrt = callPackage ./openwrt {};
 
+  initramfs-peek = callPackage ./initramfs-peek {};
+  min-copy-closure = callPackage ./min-copy-closure {};
   hi = callPackage ./hi {};
 }

pkgs/initramfs-peek/default.nix

@@ -0,0 +1,37 @@
+{
+  busybox
+, pkgsBuildBuild
+, runCommand
+, cpio
+, writeReferencesToFile
+, writeScript
+} :
+let
+  inherit (pkgsBuildBuild) gen_init_cpio;
+  script =  writeScript "init" ''
+    #!/bin/sh
+    exec >/dev/console
+    echo Running in initramfs
+    PATH=${busybox}/bin:$PATH
+    export PATH
+    mount -t proc none /proc
+    mount -t sysfs none /sys
+    ${busybox}/bin/sh
+  '';
+  refs = writeReferencesToFile busybox;
+in runCommand "initramfs.cpio" { } ''
+  cat << SPECIALS | ${gen_init_cpio}/bin/gen_init_cpio /dev/stdin > out
+  dir /proc 0755 0 0
+  dir /sys 0755 0 0
+  dir /dev 0755 0 0
+  nod /dev/console 0600 0 0 c 5 1
+  nod /dev/mtdblock0 0600 0 0 b 31 0
+  dir /nix 0755 0 0
+  dir /nix/store 0755 0 0
+  dir /bin 0755 0 0
+  file /bin/sh  ${busybox}/bin/sh 0755 0 0
+  file /init ${script} 0755 0 0
+  SPECIALS
+  find $(cat ${refs}) | ${pkgsBuildBuild.cpio}/bin/cpio -H newc -o -A -v -O out
+  cp out $out
+''

pkgs/min-copy-closure/default.nix

@@ -0,0 +1,15 @@
+{
+  stdenv
+, nix
+, cpio
+, openssh
+}: stdenv.mkDerivation {
+  name = "min-copy-closure";
+  buildInputs = [ ];
+  propagatedBuildInputs = [ cpio openssh nix ];
+  src = ./.;
+  installPhase = ''
+    mkdir -p $out/bin
+    cp min-copy-closure.sh $out/bin/min-copy-closure
+  '';
+}

pkgs/min-copy-closure/min-copy-closure.fnl

@@ -0,0 +1,2 @@
+
+(local ssh (io.popen "

pkgs/min-copy-closure/min-copy-closure.sh

@@ -0,0 +1,53 @@
+#!/usr/bin/env bash
+
+ssh_command=${SSH_COMMAND-ssh}
+target_host=$1
+shift
+
+if [ -z "$target_host" ] ; then
+    echo Usage: min-copy-closure target-host paths
+    exit 1
+fi
+
+if [ -n "$IN_NIX_BUILD" ] ; then
+    # can't run nix-store in a derivation, so we have to
+    # skip the requisites when running tests in hydra
+    paths=$@
+else
+    paths=$(nix-store -q --requisites "$@")
+fi
+needed=""
+
+coproc remote {
+    ${ssh_command} -C -T ${target_host}
+}
+
+exec 10>&${remote[1]}
+
+for p in $paths; do
+    echo -n Checking $(basename $p) ...
+    echo "test -e $p && echo skip || echo $p"  >&10
+    read n <&${remote[0]}
+    case $n in
+	skip)
+	    echo skip
+	    ;;
+	*)
+	    needed="${needed} $n"
+	    echo will copy
+	    ;;
+    esac
+done
+
+if test -z "$needed" ; then
+    echo Nothing to copy
+    exit 1
+fi
+
+echo "cd / && cpio -v -i >/dev/console"  >&10
+
+find $needed | cpio -H newc -o  >&10
+
+echo "date"  >&10
+read n <&${remote[0]}
+echo $n

pkgs/min-copy-closure/receive.sh

@@ -0,0 +1,9 @@
+#!/usr/bin/env sh
+cd /nix/store
+while read f ; do
+    test "$f" = "end" && break
+    test -e $f || echo -n $f " "
+done
+mkdir -p /tmp/store
+cd /tmp/store
+cpio -i

pkgs/mips-vm/mips-vm.sh

@@ -29,6 +29,8 @@ fi
 
 test -n "$2" || usage
 
+lan=${LAN-"socket,mcast=230.0.0.1:1235,localaddr=127.0.0.1"}
+
 rootfs=$(mktemp mips-vm-fs-XXXXXX)
 dd if=/dev/zero of=$rootfs bs=1M count=16 conv=sync
 dd if=$2 of=$rootfs bs=65536 conv=sync,nocreat,notrunc
@@ -47,7 +49,7 @@ qemu-system-mips \
     -drive file=$rootfs,format=raw,readonly=off,if=virtio,index=0 \
     ${initramfs} \
     -netdev socket,id=access,mcast=230.0.0.1:1234,localaddr=127.0.0.1 \
-    -device virtio-net-pci,disable-legacy=on,disable-modern=off,netdev=access,mac=ba:ad:1d:ea:21:02 \
-    -netdev socket,id=lan,mcast=230.0.0.1:1235,localaddr=127.0.0.1 \
-    -device virtio-net-pci,disable-legacy=on,disable-modern=off,netdev=lan,mac=ba:ad:1d:ea:21:01 \
+    -device virtio-net,disable-legacy=on,disable-modern=off,netdev=access,mac=ba:ad:1d:ea:21:02 \
+    -netdev ${lan},id=lan \
+    -device virtio-net,disable-legacy=on,disable-modern=off,netdev=lan,mac=ba:ad:1d:ea:21:01 \
     -kernel $1 -display none $flags ${QEMU_OPTIONS}

tests/ci.nix

@@ -4,4 +4,5 @@
   wlan = import ./wlan/test.nix;
   pppoe = import ./pppoe/test.nix;
   jffs2 =  import ./jffs2/test.nix;
+  min-copy-closure =  import ./min-copy-closure/test.nix;
 }

tests/min-copy-closure/configuration.nix

@@ -0,0 +1,47 @@
+{ config, pkgs, lib, ... } :
+let
+  inherit (pkgs) dropbear;
+  inherit (pkgs.pseudofile) dir symlink;
+  inherit (pkgs.liminix.services) oneshot longrun bundle target;
+  inherit
+    (pkgs.liminix.networking)
+    address
+    udhcpc
+    interface
+    route
+  ;
+in {
+  imports = [
+    ../../vanilla-configuration.nix
+    ../../modules/squashfs.nix
+    ../../modules/jffs2.nix
+  ];
+  config =  {
+    services.sshd = longrun {
+      name = "sshd";
+      run = ''
+      mkdir -p /run/dropbear
+      ${dropbear}/bin/dropbear -E -P /run/dropbear.pid -R -F
+    '';
+    };
+
+    users.root = {
+      passwd = lib.mkForce "$6$GYDbeLSyoIdgDdZW$EXlz4oI7Jz1igSYd4cxwcWR4lqEc5AWdGWuPuBarQeUskFQsBCpPc0GgIPPDl1k7SgrnC82JzSWxvx5o0bvmx/";
+      openssh.authorizedKeys.keys = [
+        (builtins.readFile ./id.pub)
+      ];
+    };
+
+    # services.dhcpc =
+    #   let iface =  config.hardware.networkInterfaces.lan;
+    #   in (udhcpc iface {
+    #     dependencies = [ config.services.hostname ];
+    #   }) // { inherit (iface) device; };
+
+    rootfsType = "jffs2";
+    services.default = lib.mkForce (target {
+      name = "default";
+      contents = with config.services; [ loopback ntp defaultroute4 sshd dhcpv4 ];
+    });
+  };
+}

tests/min-copy-closure/id

@@ -0,0 +1,38 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
+NhAAAAAwEAAQAAAYEAzCrNzkxcZlm73f1u1o8XbElUjBNd+++Hikk2t2ksDfmzJ0tRBlxh
+hccwo7rGy/zvYvSEgvWARpbwvKA+mOPRxk2vJ5SZsFrgyg2qLWpjETYnT6N4WB2qlyeXBu
+haEKIZRrXOA/rYby1zuAuh6MPt1g4bYacfX5sYFUgq1YRyrtSmfSMhNHsIHYEemVPrj13o
+RBYISIY9C031wyQjGszYY+B6gi3Py4qzw3kuft9kGOHquml0OMmNvWiPnyfW1ZrIeve5FU
+tvArCVjsUqN6sl3G+JiyeDNkT27K2Of0g1sxCvJfeHMmB6XPg0JEq57mgBnq9CXHsonZ+q
+9lfygwg4v87rn4EXwzW2GvEaKVZffGGk6y6ZF5cG8W8EL1ZOg9df4vtjcxdPCmHueU35L3
+4YZf58ibKNK6w23J2MYD1kXtj3MreMnkOsWBt267qIe/4fvbIDxtDfXdiAQSGDS1/o+btA
+jGw708CtWMKKLbmwGMKq1k9BFcr7nzmZCHMuILonAAAFiB8p2oQfKdqEAAAAB3NzaC1yc2
+EAAAGBAMwqzc5MXGZZu939btaPF2xJVIwTXfvvh4pJNrdpLA35sydLUQZcYYXHMKO6xsv8
+72L0hIL1gEaW8LygPpjj0cZNryeUmbBa4MoNqi1qYxE2J0+jeFgdqpcnlwboWhCiGUa1zg
+P62G8tc7gLoejD7dYOG2GnH1+bGBVIKtWEcq7Upn0jITR7CB2BHplT649d6EQWCEiGPQtN
+9cMkIxrM2GPgeoItz8uKs8N5Ln7fZBjh6rppdDjJjb1oj58n1tWayHr3uRVLbwKwlY7FKj
+erJdxviYsngzZE9uytjn9INbMQryX3hzJgelz4NCRKue5oAZ6vQlx7KJ2fqvZX8oMIOL/O
+65+BF8M1thrxGilWX3xhpOsumReXBvFvBC9WToPXX+L7Y3MXTwph7nlN+S9+GGX+fImyjS
+usNtydjGA9ZF7Y9zK3jJ5DrFgbduu6iHv+H72yA8bQ313YgEEhg0tf6Pm7QIxsO9PArVjC
+ii25sBjCqtZPQRXK+585mQhzLiC6JwAAAAMBAAEAAAGACfdA6oQBsqFIsVJQmbqMWyXNMb
+U0Tjrn89EVEajZlKkOnKlpgBT8UapibmuMjqJ/EOZ8nWPcahWuFJcB1zavo61hEl6Hjfsx
+o8s89lCOG2X4T0PcePihvhUZoyWuV8eB0ljHgJw6+lpOnro6ogEGV/+CSKb+ugz5BPjr1l
+ZLvsr0gYE4erZStBX8Z2GYSvw7fS9SIjAjRKz+hRL7f7BmE6H+eOJBlV7k3XLJ2TmQSkKk
+0YqaOLdl6svyzsMEEpMmhb1Uzt7Nna0m43N6e0jZ0/p1wlO8LkslXONmRw2gzQZmdp0ceq
+pAvyomQ7ywIyVrnBDZp6+PfZubA5QKkTdlXYAcQIdgcAC81BjP46P1sz9mjVzAcwN5Rf7Y
+dIus0Wv7WBWL87q2AXMAcd8YYSaN1GgkHMNFIqVR5y92riJLGNdOr9wkDCNFra1TMOVKwj
+nl/epYI84bz/umSAxVMcSJ8Wk4laiicYnsjCX1Now53w+Kzt4Qo/SVhZRFmJuR2GixAAAA
+wQCersXMwaUatzbp2/tJpLDBLVsefNqHN0PZs4CX0NI8uatRJyIYYF/wnxLmNfPZ85YQ82
+UmIejQODBR35MroRvYsnVZHphBNqX4/wHkQ8QIDlfG35PbOmhVnDHTUoKgg8X0NEriGHRG
+F2uhysYu8qIhizx7ZsDcbKZ4SDH/xDtTXQIgSqBBsqbdIxWAdudlnVHd6ufuWMEvFBVExW
+l+Zs3Daa/khpuVaQbI7Saes9bmpJtSE2UJO9KH6lzH4Kwe8sMAAADBAOw6/u30oIcpf13O
+S4Yk39Ac9ZARpGY1FyyeJ9k6MYeE8uhPkBMLwQS+CWQWthSRk0WO/rFbCu4FJWoC1mZ0i0
+0CpRApOiwyqm+8DrwEJPOPuC535nRR05aWTCcRwOFChmBrCtsWtRJ24pD+U5oe4aY1dFbZ
+oIPqqbcHMk9xuATd2J5KucTG2PnSwhz2fArbn5Jz2e0VSi5pRspKz++JiCLsZ0Co/LNJDR
+/T3rQ2KZNa++HaGT7GRNuL3wfr2uOGWQAAAMEA3UDieFsCTORFRxoWFvg4YKVYTJdj5Fy5
+vFFoiHP61b4xKADdnMBnmw5wYbKLbTL1oawCpS+063RhSDoMueiylAzgKCQDF1ulkfK0e9
+Fccs4ZfXg2niel/j+D0x7pk3kFCdCabqgI80avAjItcj8LnmrNEV3GK4VUIOqg//4SDXHV
+lWYwYGJaImzO4NAUe6U+e7iY6cxCMSh2ETzfhkWi3R3p82XE6i5Q6W1SC9gojH6ARH4oZg
+FQjzLfyJPuzzR/AAAADWRhbkBsb2FjbGhvc3QBAgMEBQ==
+-----END OPENSSH PRIVATE KEY-----

tests/min-copy-closure/id.pub

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDMKs3OTFxmWbvd/W7WjxdsSVSME13774eKSTa3aSwN+bMnS1EGXGGFxzCjusbL/O9i9ISC9YBGlvC8oD6Y49HGTa8nlJmwWuDKDaotamMRNidPo3hYHaqXJ5cG6FoQohlGtc4D+thvLXO4C6How+3WDhthpx9fmxgVSCrVhHKu1KZ9IyE0ewgdgR6ZU+uPXehEFghIhj0LTfXDJCMazNhj4HqCLc/LirPDeS5+32QY4eq6aXQ4yY29aI+fJ9bVmsh697kVS28CsJWOxSo3qyXcb4mLJ4M2RPbsrY5/SDWzEK8l94cyYHpc+DQkSrnuaAGer0Jceyidn6r2V/KDCDi/zuufgRfDNbYa8RopVl98YaTrLpkXlwbxbwQvVk6D11/i+2NzF08KYe55Tfkvfhhl/nyJso0rrDbcnYxgPWRe2Pcyt4yeQ6xYG3bruoh7/h+9sgPG0N9d2IBBIYNLX+j5u0CMbDvTwK1YwootubAYwqrWT0EVyvufOZkIcy4guic= dan@loaclhost

tests/min-copy-closure/test.nix

@@ -0,0 +1,48 @@
+{
+  liminix
+, nixpkgs
+}:
+let lmx = (import liminix {
+      device = import "${liminix}/devices/qemu/";
+      liminix-config = ./configuration.nix;
+    });
+    rogue = lmx.pkgs.rogue;
+    img = lmx.outputs.vmroot;
+    pkgs = import <nixpkgs> { overlays = [(import ../../overlay.nix)]; };
+    inherit (pkgs.pkgsBuildBuild) mips-vm;
+in pkgs.runCommand "check" {
+  nativeBuildInputs = with pkgs; [
+    expect
+    mips-vm
+    socat
+    min-copy-closure
+    rogue
+  ] ;
+} ''
+killpid(){
+  if test -e $1 && test -d /proc/`cat $1` ; then
+    pid=$(cat $1)
+    kill $pid
+  fi
+}
+
+cleanup(){
+  killpid ./vm/pid
+}
+
+trap cleanup EXIT
+fatal(){
+    err=$?
+    echo "FAIL: command $(eval echo $BASH_COMMAND) exited with code $err"
+    exit $err
+}
+trap fatal ERR
+
+mkdir vm
+LAN=user,hostfwd=tcp::2022-:22 mips-vm --background ./vm ${img}/vmlinux ${img}/rootfs
+expect ${./wait-until-ready.expect}
+export SSH_COMMAND="ssh -o StrictHostKeyChecking=no -p 2022 -i ${./id}"
+$SSH_COMMAND root@localhost echo ready
+IN_NIX_BUILD=true min-copy-closure root@localhost ${rogue}
+$SSH_COMMAND root@localhost ls -l ${rogue} >$out
+''

tests/min-copy-closure/wait-until-ready.expect

@@ -0,0 +1,5 @@
+set timeout 60
+
+spawn socat unix-connect:vm/console -
+send "\r\n"
+expect "login:"

vanilla-configuration.nix

@@ -10,17 +10,17 @@ in rec {
   services.loopback = config.hardware.networkInterfaces.lo;
 
   services.dhcpv4 =
-    let iface = interface { type = "hardware"; device = "eth0"; };
+    let iface = interface { type = "hardware"; device = "eth1"; };
     in udhcpc iface {};
 
   services.dhcpv6 =
-    let iface = interface { type = "hardware"; device = "eth0"; };
+    let iface = interface { type = "hardware"; device = "eth1"; };
     in odhcpc iface { uid = "e7"; };
 
   services.ntp = longrun {
     name = "ntp";
     run = let inherit (services) dhcpv4 dhcpv6;
-          in "${pkgs.ntp}/bin/ntpd $(output ${dhcpv4} ntp_servers) $(output ${dhcpv6} NTP_IP})";
+          in "${pkgs.ntp}/bin/ntpd $(output ${dhcpv4} ntp_servers) $(output ${dhcpv6} NTP_IP)";
 
     # I don't think it's possible to standardise the file names
     # generally, as different services have different outputs, but it