cruft

we don't want it in the same package as min-copy-closure as
that depends on bash

THOUGHTS.txt

@@ -1678,3 +1678,53 @@ Also wondering if we should drop outputs.default, but maybe not
 
 As long as we're consistently setting the default output to whichever
 is the appropriate "full production image" I think we're good.
+
+Wed May 17 22:45:40 BST 2023
+
+Random thought: when we bind mount /target/persist/nix to /target/nix
+we could make it read-only. worth doing?
+
+Thu May 18 10:59:39 BST 2023
+
+- liminix-rebuild can't find reboot: probably the PATH is just
+  generally wrong for ssh sessions (maybe all non-login sessions?)
+
+- need to copy path registration file somewhere useful and
+  delete stuff not in it at the appropriate time. Would be safest
+  to do that either late in the shutdown process before rebooting,
+  or during boot.
+
+Fri May 19 15:18:13 BST 2023
+
+If we make min-collect-garbage - just a command you can run whenever -
+that will be fine for current capabilities.  It won't work with the
+theoretical overlayfs system, though: we need to copy-down from the
+ramfs to real flash before rebooting, and that can't happen until
+there's disk space to do it
+
+Sat May 20 22:35:25 BST 2023
+
+We have a working min-collect-garbage (seems to, anyway ...)
+
+- having ssh host key wiped on reboot is sucky. maybe we can have
+/persist/secrets and a service that looks there?
+
+- find out what files ash sources on non-login shell startup
+
+- services.default is suboptimal as there is no way to add to it
+without wiping it
+
+- decide whether to use liminix- or min- as our prefix for nixy
+  commands
+
+- should we move config.outputs  -> config.system.outputs ? see Mar 28
+
+- less crap firewall
+
+- add ipv6 support to rotuer
+
+- create an l2tp configuration
+
+- iperf and tuning
+
+- wlan country code

examples/rotuer.nix

@@ -36,7 +36,7 @@ in rec {
     ../modules/standard.nix
   ];
   rootfsType = "jffs2";
-
+  hostname = "rotuer";
   kernel = {
     config = {
       PPP = "y";
@@ -163,7 +163,7 @@ in rec {
     dir = "/run/dnsmasq";
     shell = "/bin/false";
   };
-  users.root.passwd = lib.mkForce secrets.root_password;
+  users.root = secrets.root;
 
   groups.dnsmasq = {
     gid = 51; usernames = ["dnsmasq"];
@@ -223,7 +223,7 @@ in rec {
 
   services.default = target {
     name = "default";
-    contents = with services; [
+    contents = with config.services; [
       config.hardware.networkInterfaces.lo
       config.hardware.networkInterfaces.lan
       int
@@ -236,7 +236,8 @@ in rec {
       dns
       resolvconf
       sshd
+      config.services.hostname
     ];
   };
-  defaultProfile.packages = with pkgs;  [ nftables tcpdump ] ;
+  defaultProfile.packages = with pkgs;  [min-collect-garbage nftables tcpdump] ;
 }

pkgs/default.nix

@@ -46,6 +46,7 @@
   openwrt = callPackage ./openwrt {};
 
   initramfs-peek = callPackage ./initramfs-peek {};
+  min-collect-garbage = callPackage ./min-collect-garbage {};
   min-copy-closure = callPackage ./min-copy-closure {};
   hi = callPackage ./hi {};
 }

pkgs/min-collect-garbage/default.nix

@@ -0,0 +1,17 @@
+{
+  stdenv
+, nix
+, cpio
+, openssh
+}: stdenv.mkDerivation {
+  name = "min-collect-garbage";
+  buildInputs = [ ];
+#  propagatedBuildInputs = [ openssh ];
+  src = ./.;
+  makeFlags = [ "min-list-garbage" ];
+  installPhase = ''
+    mkdir -p $out/bin
+    cp  min-collect-garbage.sh $out/bin/min-collect-garbage
+    cp min-list-garbage $out/bin
+  '';
+}

pkgs/min-collect-garbage/min-collect-garbage.sh

@@ -0,0 +1,3 @@
+#!/bin/sh
+test -f /persist/nix-store-paths || exit 1
+(cd /nix/store && min-list-garbage /persist/nix-store-paths | xargs rm -r)

pkgs/min-collect-garbage/min-list-garbage.c

@@ -19,7 +19,6 @@ int add_list_entry(char *name)
 	hash_list = realloc(hash_list, hash_list_size * sizeof(hash_t));
     }
     strncpy(hash_list[hash_list_entries++], name, 32);
-    printf("%d %d\n", hash_list_entries, hash_list_size);
 }
 
 int read_list(char *filename)

pkgs/min-copy-closure/default.nix

@@ -8,13 +8,11 @@
   buildInputs = [ ];
   propagatedBuildInputs = [ cpio openssh nix ];
   src = ./.;
-  makeFlags = [ "min-list-garbage" ];
   installPhase = ''
     mkdir -p $out/bin
     for i in min-copy-closure liminix-rebuild; do
       echo $i
       cp ''${i}.sh $out/bin/$i
     done
-    cp min-list-garbage $out/bin
   '';
 }

pkgs/min-copy-closure/liminix-rebuild.sh

@@ -9,7 +9,11 @@ if [ -z "$target_host" ] ; then
     exit 1
 fi
 
-toplevel=$(nix-build "$@" -A outputs.systemConfiguration --no-out-link)
+if toplevel=$(nix-build "$@" -A outputs.systemConfiguration --no-out-link); then
-min-copy-closure $target_host $toplevel
+    echo systemConfiguration $toplevel
-$ssh_command $target_host cp -v -fP $toplevel/bin/* /persist
+    min-copy-closure $target_host $toplevel
-$ssh_command  $target_host "sync; source /etc/profile; reboot"
+    $ssh_command $target_host cp -v -fP $toplevel/bin/* $toplevel/etc/* /persist
+    $ssh_command  $target_host "sync; source /etc/profile; reboot"
+else
+    echo Rebuild failed
+fi

tests/min-copy-closure/configuration.nix

@@ -31,12 +31,6 @@ in {
       ];
     };
 
-    # services.dhcpc =
-    #   let iface =  config.hardware.networkInterfaces.lan;
-    #   in (udhcpc iface {
-    #     dependencies = [ config.services.hostname ];
-    #   }) // { inherit (iface) device; };
-
     rootfsType = "jffs2";
     services.default = lib.mkForce (target {
       name = "default";