THOUGHTS.txt

@@ -1810,72 +1810,3 @@ The service can depend on odhcp
 add inotify to packages
 use writeFennelScript with that dep
 see if it works
-
-Wed May 31 23:33:00 BST 2023
-
-We have a thing that sets ipv6 address on lan interface, yay us
-
-A firewall would be a very good idea
-
-Thu Jun  1 18:46:59 BST 2023
-
-TODO for now:
-
-- services.default is suboptimal as there is no way to add to it
-without wiping it
-
-- decide whether to use liminix- or min- as our prefix for nixy
-  commands
-
-- should we move config.outputs  -> config.system.outputs ? see Mar 28
-
-- less crap firewall
-
-- create an l2tp configuration
-
-- iperf and tuning
-
-- wlan country code
-
-Thu Jun  1 21:26:37 BST 2023
-
-how can a client machine "opt out" of using the firewall, to allow
-incoming connections?  Most convenient would be to have a separate SSID
-for grownups. Assuming it shows up as a separate wlan device, we can
-write firewall rules to allow incoming connections on that interface
-(can we? only if the packet is identifiable as destined for that interface)
-
-https://www.rfc-editor.org/rfc/rfc6092.html
-https://emailstuff.org/rfc/rfc7084
-
-We could block incoming for slaac and dhcp addresses and permit it for
-stable private addresses. If we were fairly sure that devices won't
-ask for stable private addresses just for funsies.
-
-https://wiki.archlinux.org/title/IPv6_#Stable_private_addresses
-
-
-
-Fri Jun  2 14:42:43 BST 2023
-
-I found a handy guide to nftables at https://ww.telent.net/2023/6/2/turning_the_nftables
-
-Mon Jun  5 16:56:44 BST 2023
-
-
-How are we going to do this firewall thing then?
-I can see no reason to have more than one table per family, so lets
-just name the tables after families
-
-There is nothing in nftables for functionally grouping rules by
-requirement that may touch multiple hooks/chains, so we need our own
-abstraction - and we can't call it any name that nftables uses already
-(so, not "ruleset"). rulegroup?
-
-"policy" would be a good name except that it's already taken
-
-"concern"? "requirement"? "feature"?
-
-Mon Jun 19 20:45:48 BST 2023
-
-why is chrony using libedit?

doc/user.rst

@@ -22,21 +22,6 @@ helpful in understanding it.  The steps are as follows:
 
 * Flash it to the device
 
-Supported devices
-=================
-
-For a list of devices that Liminix (present or previous versions)
-has run on, refer to `devices/ in the source repo <https://gti.telent.net/dan/liminix/src/branch/main/devices>`_. For devices that _currently_ build,
-cross-reference it with `the CI status <https://build.liminix.org/jobset/liminix/build#tabs-jobs>`_. Everything that builds is (usually) expected
-to run, so if you end up with an image that builds but doesn't
-boot, please report it as a bug.
-
-As of June 2023 the device list is a little thin. Adding devices based
-on the Atheros or Mediatek (Ralink) platform should be quite
-straightforward if you have some C/Linux kernel experience and are
-prepared to open it up and attach serial wires: please refer to the
-Developer Manual.
-
 
 Choosing a flavour (read-only or updatable)
 ===========================================