THOUGHTS.txt

@@ -1678,53 +1678,3 @@ Also wondering if we should drop outputs.default, but maybe not
 
 As long as we're consistently setting the default output to whichever
 is the appropriate "full production image" I think we're good.
-
-Wed May 17 22:45:40 BST 2023
-
-Random thought: when we bind mount /target/persist/nix to /target/nix
-we could make it read-only. worth doing?
-
-Thu May 18 10:59:39 BST 2023
-
-- liminix-rebuild can't find reboot: probably the PATH is just
-  generally wrong for ssh sessions (maybe all non-login sessions?)
-
-- need to copy path registration file somewhere useful and
-  delete stuff not in it at the appropriate time. Would be safest
-  to do that either late in the shutdown process before rebooting,
-  or during boot.
-
-Fri May 19 15:18:13 BST 2023
-
-If we make min-collect-garbage - just a command you can run whenever -
-that will be fine for current capabilities.  It won't work with the
-theoretical overlayfs system, though: we need to copy-down from the
-ramfs to real flash before rebooting, and that can't happen until
-there's disk space to do it
-
-Sat May 20 22:35:25 BST 2023
-
-We have a working min-collect-garbage (seems to, anyway ...)
-
-- having ssh host key wiped on reboot is sucky. maybe we can have
-/persist/secrets and a service that looks there?
-
-- find out what files ash sources on non-login shell startup
-
-- services.default is suboptimal as there is no way to add to it
-without wiping it
-
-- decide whether to use liminix- or min- as our prefix for nixy
-  commands
-
-- should we move config.outputs  -> config.system.outputs ? see Mar 28
-
-- less crap firewall
-
-- add ipv6 support to rotuer
-
-- create an l2tp configuration
-
-- iperf and tuning
-
-- wlan country code

examples/rotuer.nix

@@ -36,7 +36,7 @@ in rec {
     ../modules/standard.nix
   ];
   rootfsType = "jffs2";
-  hostname = "rotuer";
+
   kernel = {
     config = {
       PPP = "y";
@@ -163,7 +163,7 @@ in rec {
     dir = "/run/dnsmasq";
     shell = "/bin/false";
   };
-  users.root = secrets.root;
+  users.root.passwd = lib.mkForce secrets.root_password;
 
   groups.dnsmasq = {
     gid = 51; usernames = ["dnsmasq"];
@@ -223,7 +223,7 @@ in rec {
 
   services.default = target {
     name = "default";
-    contents = with config.services; [
+    contents = with services; [
       config.hardware.networkInterfaces.lo
       config.hardware.networkInterfaces.lan
       int
@@ -236,8 +236,7 @@ in rec {
       dns
       resolvconf
       sshd
-      config.services.hostname
     ];
   };
-  defaultProfile.packages = with pkgs;  [min-collect-garbage nftables tcpdump] ;
+  defaultProfile.packages = with pkgs;  [ nftables tcpdump ] ;
 }

pkgs/default.nix

@@ -46,7 +46,6 @@
   openwrt = callPackage ./openwrt {};
 
   initramfs-peek = callPackage ./initramfs-peek {};
-  min-collect-garbage = callPackage ./min-collect-garbage {};
   min-copy-closure = callPackage ./min-copy-closure {};
   hi = callPackage ./hi {};
 }

pkgs/min-collect-garbage/default.nix

@@ -1,17 +0,0 @@
-{
-  stdenv
-, nix
-, cpio
-, openssh
-}: stdenv.mkDerivation {
-  name = "min-collect-garbage";
-  buildInputs = [ ];
-#  propagatedBuildInputs = [ openssh ];
-  src = ./.;
-  makeFlags = [ "min-list-garbage" ];
-  installPhase = ''
-    mkdir -p $out/bin
-    cp  min-collect-garbage.sh $out/bin/min-collect-garbage
-    cp min-list-garbage $out/bin
-  '';
-}

pkgs/min-collect-garbage/min-collect-garbage.sh

@@ -1,3 +0,0 @@
-#!/bin/sh
-test -f /persist/nix-store-paths || exit 1
-(cd /nix/store && min-list-garbage /persist/nix-store-paths | xargs rm -r)

pkgs/min-copy-closure/default.nix

@@ -8,11 +8,13 @@
   buildInputs = [ ];
   propagatedBuildInputs = [ cpio openssh nix ];
   src = ./.;
+  makeFlags = [ "min-list-garbage" ];
   installPhase = ''
     mkdir -p $out/bin
     for i in min-copy-closure liminix-rebuild; do
       echo $i
       cp ''${i}.sh $out/bin/$i
     done
+    cp min-list-garbage $out/bin
   '';
 }

pkgs/min-copy-closure/liminix-rebuild.sh

@@ -9,11 +9,7 @@ if [ -z "$target_host" ] ; then
     exit 1
 fi
 
-if toplevel=$(nix-build "$@" -A outputs.systemConfiguration --no-out-link); then
-    echo systemConfiguration $toplevel
-    min-copy-closure $target_host $toplevel
-    $ssh_command $target_host cp -v -fP $toplevel/bin/* $toplevel/etc/* /persist
-    $ssh_command  $target_host "sync; source /etc/profile; reboot"
-else
-    echo Rebuild failed
-fi
+toplevel=$(nix-build "$@" -A outputs.systemConfiguration --no-out-link)
+min-copy-closure $target_host $toplevel
+$ssh_command $target_host cp -v -fP $toplevel/bin/* /persist
+$ssh_command  $target_host "sync; source /etc/profile; reboot"

pkgs/min-copy-closure/min-list-garbage.c

@@ -19,6 +19,7 @@ int add_list_entry(char *name)
 	hash_list = realloc(hash_list, hash_list_size * sizeof(hash_t));
     }
     strncpy(hash_list[hash_list_entries++], name, 32);
+    printf("%d %d\n", hash_list_entries, hash_list_size);
 }
 
 int read_list(char *filename)

tests/min-copy-closure/configuration.nix

@@ -31,6 +31,12 @@ in {
       ];
     };
 
+    # services.dhcpc =
+    #   let iface =  config.hardware.networkInterfaces.lan;
+    #   in (udhcpc iface {
+    #     dependencies = [ config.services.hostname ];
+    #   }) // { inherit (iface) device; };
+
     rootfsType = "jffs2";
     services.default = lib.mkForce (target {
       name = "default";