Daniel Barlow
69bf6cb5fb
write-fennel quote PATH properly
...
escapeShellArg only quotes if the string contains special
characters, but for a Lua string we must quote unconditionally
2024-09-07 22:31:44 +01:00
Daniel Barlow
9f58e7b926
maybe fix nixpkgs-unstable lua
2024-09-07 00:58:11 +01:00
Daniel Barlow
5a5c27ab9f
think
2024-09-06 22:37:49 +01:00
Daniel Barlow
277c91acdf
Revert "remove luaposix ref in write-fennel"
...
This reverts commit a60c2539a6057c74c0a63cdee2f4e883c8c3b388.
2024-09-06 00:33:30 +01:00
Daniel Barlow
e0725489ca
unbreak pppoe ci job
2024-09-06 00:33:30 +01:00
Daniel Barlow
cc47515cf8
watch-outputs remove debug code
2024-09-06 00:13:54 +01:00
Daniel Barlow
464913cc8f
tangc use spawn to invoke jose
...
hopefully we are now deadlock-free
2024-09-06 00:12:45 +01:00
Daniel Barlow
e604d628e3
fennel anoia.process.spawn
...
runs a subprocess and invokes a callback whenever its io
descriptors are ready
2024-09-06 00:11:33 +01:00
Daniel Barlow
e2a597589b
anoia.fs.find-executable looks for bin in colon-sep list of directories
2024-09-06 00:08:40 +01:00
Raito Bezarius
a139a262c1
seedrng: init at 2022.04
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-05 14:18:00 +01:00
Daniel Barlow
6a5fed83dd
conditional fetch in json-to-fstree
2024-09-05 11:14:47 +01:00
Daniel Barlow
bcf5ab24e8
tidy watch-outputs startup message
2024-09-05 10:11:16 +01:00
Daniel Barlow
32bf80c6fa
devout: unlink socket pathname before binding
2024-09-05 10:05:13 +01:00
Daniel Barlow
12275f6896
add more test for table=
2024-09-04 21:21:30 +01:00
Daniel Barlow
a60c2539a6
remove luaposix ref in write-fennel
2024-09-04 21:21:02 +01:00
Daniel Barlow
146a2d9ac0
fix startup race/fencepost in watch-ssh-keys
...
if it starts _after_ the outputs are populated, it should
write the first lot of outputs without waiting for a change
2024-09-04 21:19:51 +01:00
Daniel Barlow
091d863710
extract pppoe/l2tp common code
2024-09-04 12:02:00 +01:00
Daniel Barlow
c7bcfbfa34
make pppoe/l2tp more consistent
2024-09-03 22:57:45 +01:00
Daniel Barlow
500a3c1025
make nodefaultroute explicit in ppp
2024-09-03 22:53:13 +01:00
Daniel Barlow
0c0d0eed8a
make watch-ssh-keys robust against missing key
2024-09-03 22:51:29 +01:00
Daniel Barlow
699cf97206
improve tangc http error messages
2024-09-03 22:50:55 +01:00
Daniel Barlow
cd0093279c
think
2024-09-01 10:14:31 +01:00
Daniel Barlow
034d6aacc4
tangc handle non-zero exit from jwe dec
...
Sometimes it exits non-zero but decrypts the file *anyway*. It only
does this on the device and I haven't been able to reproduce on build,
so this is a workaround until we find the root cause
2024-09-01 09:57:38 +01:00
Daniel Barlow
e590c0ad3f
secrets subscriber: add provider as dep to controlled service
2024-09-01 09:56:59 +01:00
Daniel Barlow
14abdd9998
tang: notify on ready
2024-08-31 23:24:50 +01:00
Daniel Barlow
6287b92000
fix bugs handling base64 padding
2024-08-31 22:43:25 +01:00
Daniel Barlow
d2215d3e56
tangc popen retry on short read
2024-08-31 22:18:23 +01:00
Daniel Barlow
3cf2308bee
tangc: stop printing unexpected blank lines
2024-08-31 15:29:10 +01:00
Daniel Barlow
3913989be3
provide string to perform-encryption
...
instead of letting it read stdin, which I think may have been read
by a subprocess already sometimes?
2024-08-31 15:27:54 +01:00
Daniel Barlow
43e5e6876e
improve tangc error messages
2024-08-31 15:22:26 +01:00
Daniel Barlow
7d6c80570c
refactor all writeFennelScript calls to use writeFennel directly
2024-08-30 20:57:42 +01:00
Daniel Barlow
e745991b9d
restart pppoe/l2tp in secrets changes
2024-08-30 20:49:27 +01:00
Daniel Barlow
defbfce1fb
finish converting outputRef to lambda
2024-08-30 20:46:48 +01:00
Daniel Barlow
0df2c83382
tighten perms on service state directory
2024-08-29 23:56:43 +01:00
Daniel Barlow
01c28de88d
think
2024-08-29 23:56:20 +01:00
Daniel Barlow
2bf197cad8
document outputs and secrets
2024-08-29 23:55:32 +01:00
Daniel Barlow
a8a19977ca
(untested) template service for tang encrypted secrets
2024-08-28 22:32:26 +01:00
Daniel Barlow
8a9284af1e
think
2024-08-28 22:23:00 +01:00
Daniel Barlow
7351e143c5
remove redundant sourcing of ${serviceFns}
...
this is done by the oneshot and longrun functions
2024-08-28 21:28:27 +01:00
Daniel Barlow
283c3154a7
missing file in s6-rc-up-tree test fixture
2024-08-28 21:18:54 +01:00
Daniel Barlow
34f37d60d9
missed adding this
2024-08-28 20:56:52 +01:00
Daniel Barlow
fe7b092075
(untested) http basic auth for outboard secrets
2024-08-28 20:53:59 +01:00
Daniel Barlow
b56f121e04
fetch lua glue: handle missing content-length
2024-08-28 19:52:00 +01:00
Daniel Barlow
d5d621f310
rename http-fstree => json-to-fstree
...
it works for file urls as well, not just http
2024-08-28 16:36:49 +01:00
Daniel Barlow
da95a9fa62
tangc support encryption
2024-08-28 18:55:20 +01:00
Daniel Barlow
85071c88e7
remove argv0 from calls to jose
2024-08-28 11:16:43 +01:00
Daniel Barlow
74093b7ee3
josep! runs jose without json parsing the output
2024-08-28 08:13:50 +01:00
Daniel Barlow
41733e58d6
remove unused code, tidy string parsing
2024-08-28 07:20:07 +01:00
Daniel Barlow
9041d5d63a
add jose! fn to reduce error-checking boilerplate
2024-08-28 07:10:47 +01:00
Daniel Barlow
001ebdc601
remove unused requires
2024-08-28 06:52:04 +01:00
Daniel Barlow
1f97409474
add popen2 to anoia.fs
2024-08-28 06:49:43 +01:00
Daniel Barlow
a41839f3d1
clevis-decrypt-tang in fennel
...
needs a lot of tidying up, but works on my test file
2024-08-28 01:37:44 +01:00
Daniel Barlow
ff76d854fc
extend libfetch lua glue to other HTTP methods
2024-08-28 01:37:02 +01:00
Daniel Barlow
81a6480a4f
anoia add base64 deode
2024-08-27 22:42:03 +01:00
Daniel Barlow
c7164a6f4a
sshd can use outputRef for authorized_keys
2024-08-25 16:35:50 +01:00
Daniel Barlow
83ca86fe42
keys in service output tree are strings
2024-08-25 15:59:24 +01:00
Daniel Barlow
1b4106e2a3
ssh-keys service, draft
2024-08-25 15:09:31 +01:00
Daniel Barlow
89912c766b
nixpkgs 24.11 qemu does not expect texinfo
2024-08-25 14:23:29 +01:00
Daniel Barlow
9828b007ae
watch-ssh-keys turns secrets-service into authorized_keys files
2024-08-24 23:25:32 +01:00
Daniel Barlow
f34abc85ae
add macros param to write-fennel
2024-08-24 23:19:46 +01:00
Daniel Barlow
b475a680fb
define-tests macro, evals body only when inside fennelrepl --test
2024-08-24 22:26:25 +01:00
Daniel Barlow
43612af71a
anoia: %% is alias for string.formt
2024-08-24 13:56:54 +01:00
Daniel Barlow
5695c47496
add dig to anoia
2024-08-23 23:27:29 +01:00
Daniel Barlow
e3ec514710
think
2024-08-23 23:27:17 +01:00
Daniel Barlow
99f68e5421
destructure params in ssh service
2024-08-23 23:13:49 +01:00
Daniel Barlow
9c30b6f882
change output references from attrset to lambda
...
this is so that we can distinguish a ref from a literal parameter that
might be a attrset
2024-08-23 22:25:57 +01:00
Daniel Barlow
dd75322c10
think
2024-08-23 21:45:18 +01:00
Daniel Barlow
869a508c0a
add authorizedKeys option to ssh service
...
this has no apparent use as it stands, but opens the door to
having the keys managed by an external secrets service
2024-08-23 20:35:07 +01:00
Daniel Barlow
e835473945
patch dropbear to add -U option
2024-08-23 19:58:05 +01:00
Daniel Barlow
055268d5d2
upgrade dropbear
2024-08-23 19:57:10 +01:00
Daniel Barlow
ff38bcacbb
improve devout error reporting
2024-08-21 23:24:13 +01:00
Daniel Barlow
a6128955e7
ppp modules: permit (mostly) same params for l2tp as pppoe
...
this also means that l2tp can use secrets for username/password
2024-08-21 23:10:28 +01:00
Daniel Barlow
531cb113be
devout needs a longer startup timeout
...
seems to be taking around 40 seconds now, would be worth digging in to
find out why
2024-08-21 23:09:11 +01:00
Daniel Barlow
daede666cb
in router-with-l2tp use secrets for ppp username/password
2024-08-21 00:17:53 +01:00
Daniel Barlow
2992771c7e
pppoe allow secrets for username/password
2024-08-21 00:17:22 +01:00
Daniel Barlow
4cc82e1502
liminix.types.replacable is a string or ref to an output
2024-08-21 00:16:14 +01:00
Daniel Barlow
21f2320d86
inline method
2024-08-20 23:26:11 +01:00
Daniel Barlow
d40ada4251
use structured ppp params in ppp test
2024-08-20 23:25:31 +01:00
Daniel Barlow
4053ea9481
secrets/subscriber implement different restart types
2024-08-20 22:56:26 +01:00
Daniel Barlow
54d3415885
pppoe convert to using a config file
...
mostly for ease of implementation but does mean we don't
have username/password secrets on the command line
2024-08-20 22:55:30 +01:00
Daniel Barlow
264d83c98d
move some secret-watching stuff from hostapd to secrets
2024-08-20 21:49:11 +01:00
Daniel Barlow
97defc2076
hostapd: get secrets service/path from attrs
2024-08-17 22:25:30 +01:00
Daniel Barlow
ddaa5476d3
override clevis derivation (experimental)
2024-08-15 23:02:54 +01:00
Daniel Barlow
bcd9d56624
start devout after mdevd
...
not 100% sure that there's a dependency but it's plausible, and
would explain the observed occasional failure to start at boot
2024-08-15 23:01:29 +01:00
Daniel Barlow
e2c883356c
add secrets-subscriber service, make hostapd use it
2024-08-15 23:00:41 +01:00
Daniel Barlow
d79a941504
new package watch-outputs and example of its use
2024-08-14 22:58:17 +01:00
Daniel Barlow
2f82e0dab8
hostapd set permissions on dir in /run/
2024-08-14 22:57:02 +01:00
Daniel Barlow
fc03965915
hostapd literal_or_output use an attrset for dispatch
2024-08-14 22:56:01 +01:00
Daniel Barlow
d2d3af2587
outboard secrets: loop in service
...
if we just quit and expect s6 to restart us, the finish script
wipes our outputs and anything with an inotify watch gets confused
2024-08-14 22:41:56 +01:00
Daniel Barlow
310ac30f24
http-fstree needs to write state and .lock for anoia.svc
2024-08-14 22:39:41 +01:00
Daniel Barlow
45a7f96bd4
anoia table= compares tables
2024-08-14 22:36:28 +01:00
Daniel Barlow
79445fd962
support multi-arg assoc
2024-08-14 22:34:37 +01:00
Daniel Barlow
a9ddd78482
think
2024-08-12 22:59:03 +01:00
Daniel Barlow
4fb8253e57
first pass at outboard secrets
...
- a module to fetch them with http(s)
- a service using templating to consume them
- update an example to use it
needs service restarts
needs other services to use the template mechanism
needs tidying up
2024-08-12 22:57:21 +01:00
Daniel Barlow
ff3a1905a5
pass service to `output` fn in output-template
...
instead of on command line
2024-08-12 22:53:07 +01:00
Daniel Barlow
3c353e4aff
support json quoting in output-template
2024-08-10 23:42:08 +01:00
Daniel Barlow
ba21384fde
new: output-template interpolates output values into config file
2024-08-10 23:06:47 +01:00
Daniel Barlow
2480fdef5b
set up nginx on bordervm for testing outboard secrets
2024-08-10 23:05:50 +01:00
Daniel Barlow
409c1cfb16
think
2024-08-10 23:05:15 +01:00
Daniel Barlow
9767078878
add the example used in the video
2024-08-08 19:24:58 +01:00
Daniel Barlow
d760c2d27b
http-fstree downloads a json file and converts to service outputs
2024-08-08 15:35:11 +01:00
Daniel Barlow
1e139c22fd
think
2024-08-08 15:21:24 +01:00
Daniel Barlow
a1ff07b063
add rxi/json lua module
2024-08-08 15:05:26 +01:00
Daniel Barlow
9550772cec
add lua binding to fetch-freebsd
2024-08-08 15:05:03 +01:00
Daniel Barlow
64cd1626c6
new package fetch-freebsd: small http(s) client library
...
[*] smaller than curl, maybe not maximally small
2024-08-08 11:38:38 +01:00
Daniel Barlow
eb79928b37
anoia.svc allow writing outputs
2024-08-08 11:37:50 +01:00
Daniel Barlow
0a629df48d
anoia.fs: improve error messages
2024-08-08 11:36:47 +01:00
Daniel Barlow
64afd18e2a
why does this fail on hydra?
2024-08-06 23:18:39 +01:00
Daniel Barlow
47e96ddc15
think
2024-08-06 18:43:49 +01:00
Daniel Barlow
5db9d7269e
ppoe structured options are optional
2024-08-06 18:43:27 +01:00
Daniel Barlow
985df8792d
overlay: handle cross-only overrides consistently
2024-08-06 18:42:58 +01:00
Daniel Barlow
528afae8b1
doc: punctuate
2024-08-06 14:15:57 +01:00
Daniel Barlow
384835c89d
admin doc: updte round-robin, explain health check
2024-08-06 14:14:52 +01:00
Daniel Barlow
5051625d31
mention health check in docs
2024-07-30 22:53:21 +01:00
Daniel Barlow
c4d00e062a
add health check service and example that uses it
2024-07-30 22:37:43 +01:00
Daniel Barlow
8fa3443923
Revert "anoia.svc use timeout for inotify"
...
This reverts commit eca8e37e7a
.
2024-07-30 17:37:38 +01:00
Daniel Barlow
8091e207b6
some notes on controlled services
2024-07-28 22:57:23 +01:00
Daniel Barlow
39020607ad
rename service-trigger rule to match service name
2024-07-28 22:35:37 +01:00
Daniel Barlow
fe735408a1
v:address is nil if missing, but code expects an array
2024-07-27 17:40:32 +01:00
Daniel Barlow
a9d1582b53
remove unused arg
2024-07-26 23:41:50 +01:00
Daniel Barlow
eca8e37e7a
anoia.svc use timeout for inotify
...
in case we miss a message, check the directory every 5s
anyway
2024-07-26 23:40:40 +01:00
Daniel Barlow
d300373b96
anoia fs.dir use case not match
...
match was accidentally pinning the return from readdir against the
function parameter. Which didn't work.
2024-07-26 23:37:40 +01:00
Daniel Barlow
70ca7fac17
elfutils is reqd by iproute2 (for bpf?), build sans kitchen sink
2024-07-24 22:07:58 +01:00
Daniel Barlow
79a3a45061
build iproute2 without rb to avoid stdatomic
2024-07-24 21:13:55 +01:00
Daniel Barlow
612d6d7a51
build openssl without threads to avoid stdatomic
2024-07-24 21:12:52 +01:00
Daniel Barlow
e1ae986cf6
convert l2tp example to use gateway profile
2024-07-23 09:31:34 +01:00
Daniel Barlow
bce0c7ffb6
rename services.dhcpc in l2tp example
...
it's only used to get the address of the l2tp server, not for
name lookups in general
2024-07-23 09:31:34 +01:00
Daniel Barlow
28ca1e68ab
wwan module needs mdevd
2024-07-23 09:31:34 +01:00
Daniel Barlow
acf33a100f
think
2024-07-23 09:31:34 +01:00
Daniel Barlow
7f9cae9d5c
generalise profile.gateway.wan so not just pppoe
2024-07-23 09:31:34 +01:00
Daniel Barlow
3012c91b47
executive decision: rotuer example should build on gl-ar750
2024-07-23 09:31:34 +01:00
Daniel Barlow
1edf20c08f
fix whitespace
2024-07-23 09:31:34 +01:00
Daniel Barlow
7195cb10ce
add structured config for common pppoe options
2024-07-23 09:31:34 +01:00
Daniel Barlow
135a445672
restore param removed by deadnix
...
dochain is called with `family` even if it never uses it
2024-07-16 20:41:21 +01:00
Daniel Barlow
3899daee56
create a module for round-robin
2024-07-15 22:37:37 +01:00
Daniel Barlow
b17f623d03
need insmod when we habve kmodloader
2024-07-15 22:35:26 +01:00
Daniel Barlow
df395a4d5d
finish moving pkgs.linimix.callService to config.system
2024-07-15 19:00:08 +01:00
Daniel Barlow
75e9f8210c
remove the fixpoint we didn't need
2024-07-15 18:54:04 +01:00
Daniel Barlow
1c3242cab1
doc: swap order of configuration and installation
...
you can get a device up and running using a lightly edited example
config before you need to read all the reference info, so let's
have the documentation in that order.
2024-07-14 12:26:07 +01:00
Daniel Barlow
44ea683391
think
2024-07-14 12:08:02 +01:00
Daniel Barlow
725d8b608f
huawei-cdc-ncm kernel driver -> module
2024-07-14 12:07:28 +01:00
Daniel Barlow
bc9ced5d38
fix doc ref from admin section -> configuration
2024-07-14 11:56:35 +01:00
Daniel Barlow
73ae7788b9
rename wwan-related modules/services
...
we only currently support huawei e3372/cdc ncm so let's make that
explicit in the naming
2024-07-14 11:53:45 +01:00
Daniel Barlow
d34919766a
improve reinstallation docs
2024-07-12 18:38:04 +01:00
Daniel Barlow
2fe0cd2f48
add first draft instructions for using Levitate
2024-07-12 00:17:25 +01:00
Daniel Barlow
241f1013ed
add new Installation guide
...
move the u-boot/serial stuff here from development, as the
reality of Liminix development in 2024 is that serial connection
is still the smoothest installation method
2024-07-11 23:31:00 +01:00
Daniel Barlow
2ce361d4e3
think
2024-07-11 09:39:38 +01:00
Daniel Barlow
3f8cc24dcc
fix most doc warnings
2024-07-10 23:36:24 +01:00
Daniel Barlow
57e3b449f8
proofreading
2024-07-10 21:23:24 +01:00
Daniel Barlow
3964505131
some notes on services
2024-07-10 20:50:08 +01:00
Daniel Barlow
941479b144
use round-robin failiover in l2tp example
2024-07-08 22:01:54 +01:00
Daniel Barlow
ac551536da
set cwd before exec xl2tpd
2024-07-08 21:56:26 +01:00
Daniel Barlow
6f908156af
fix dependency between modem-atz and modeswitch
...
for values of "fix" more than slightly reminiscent of "kludge"
2024-07-08 21:55:05 +01:00
Daniel Barlow
534a49e827
s6-rc-round-robin
...
runs services in order, starting the next one when the previous one
dies or fails to start
2024-07-08 21:53:51 +01:00
Daniel Barlow
07a6eb73cd
set lcp-echo timeout in l2tp
2024-07-08 21:45:54 +01:00
Daniel Barlow
159bfa3057
make xl2tpd quit when the connections close
2024-07-08 21:44:15 +01:00
Daniel Barlow
8f0ab5be40
enable tail -F
2024-07-08 21:37:07 +01:00
Daniel Barlow
7f9971512d
a6-rc-up-tree: handle blocked deps, exit 1 if nothing started
2024-07-08 21:28:31 +01:00
Daniel Barlow
f0f6cc80d7
remove dead code
2024-07-08 21:28:11 +01:00
Daniel Barlow
afcc6a6436
s6-rc-up-tree pass -b to s6-rc command
2024-07-08 21:27:54 +01:00
Daniel Barlow
2e8e05f31a
wip: rewrite s6-rc-up-tree in an actual procgramming language
...
and write some tests for it, too
2024-07-08 21:27:42 +01:00
Daniel Barlow
143137cbc6
pppoe: set lcp echo failure timeout
2024-07-08 21:25:42 +01:00
Daniel Barlow
8d228f2bef
mess with redial
2024-07-08 21:24:44 +01:00
Daniel Barlow
5751058d59
gl-ar750 swap lan and wan
...
I don't know if I just got it wrong the first time or if something
weird is going on
2024-07-08 21:19:30 +01:00
Daniel Barlow
5ac7e1e9b2
write-fennel: set $PATH if lualinux is available
2024-07-08 21:18:02 +01:00
Daniel Barlow
c75452549b
think
2024-07-08 21:17:12 +01:00
Daniel Barlow
2663f58807
disable security for bordervm "liminix" share
...
tftp needs to be able to follow symlinks into the store
2024-07-01 20:53:03 +01:00
Daniel Barlow
9dbc285605
build libusb1 without libatomic
2024-06-30 17:52:17 +01:00
Daniel Barlow
8b6aa2134e
zyxel dual image; restore deleted params
2024-06-30 17:50:45 +01:00
Daniel Barlow
3df1ec76ff
cleanup whitespace and commas
...
* [] is now [ ]
* {} is now { }
* commas in arglists go at end of line not beginning
In short, I ran the whole thing through nixfmt-rfc-style but only
accepted about 30% of its changes. I might grow accustomed to more
of it over time
2024-06-30 17:16:28 +01:00
Daniel Barlow
0d3218127f
remove unused makeWrapper input
2024-06-30 10:46:37 +01:00
Daniel Barlow
e94bf62ec1
remove dead code (run deadnix)
2024-06-29 22:59:27 +01:00
Daniel Barlow
16a2499d74
avoid makeWrapper on host, it requires bash
2024-06-29 22:36:05 +01:00
Daniel Barlow
d4d8093f97
working l2tp-over-wwan stick example
2024-06-20 10:15:54 +01:00
Daniel Barlow
7c9c801afc
rename isTrigger to restart-on-upgrade
...
we're moving away from "trigger" services to "controller" services,
and "restart-on-upgrade" is the name used by s6-rc
2024-06-16 12:58:06 +01:00
Daniel Barlow
c4185617c0
a6-rc-up-tree wait for lock if needed
2024-06-15 15:36:07 +01:00
Daniel Barlow
06d28e9b08
dhcpc handle case when env vars are missing
...
the notify-script should continue and signal readiness even if one or
more of the outputs it writes are mssing in the environment
2024-06-15 15:34:49 +01:00
Daniel Barlow
9540fc2641
add writeAshScriptBin (forgot to add file)
2024-06-15 15:04:56 +01:00
Daniel Barlow
adc84108ad
Revert "wwan gets address from ppp ipcp not dhcp"
...
This reverts commit be13ab23ca
.
2024-06-15 15:04:33 +01:00
Daniel Barlow
eae99051fa
exec devout in service definition
...
makes little practical difference but saves a process slot
2024-06-15 15:01:57 +01:00
Daniel Barlow
49d1703428
add s6-rc-up-tree: start reverse deps of controlled service
...
When s6-rc stops a service, it also stops everything that
depends on it. but when it starts a service it starts only
that service, so we have to go through the other services
depending on it and figure out if they should be started too.
2024-06-15 14:59:34 +01:00
Daniel Barlow
1d337588f9
think
2024-06-15 09:04:19 +01:00
Daniel Barlow
29a869b4fa
qemu: use kmodloader for wifi
2024-06-13 10:12:17 +01:00
Daniel Barlow
5ae1b0a193
Revert "bodervm: remove usbutils until we can fix the udev dep"
...
This reverts commit c22e3fb2ef
.
2024-06-12 20:58:13 +01:00
Daniel Barlow
473a4947a5
inout test: wait longer for disk to appear
2024-06-12 20:44:03 +01:00
Daniel Barlow
50bad5c604
libusb needs udev on build
...
this is a workaround to make CI work again, but what we really need to
do is completely separate the nixpkgs used for nixos build-system
tools from the nixpkgs we use for liminix host binaries
2024-06-12 18:55:30 +01:00
Daniel Barlow
c22e3fb2ef
bodervm: remove usbutils until we can fix the udev dep
2024-06-12 13:07:29 +01:00
Daniel Barlow
f898e4dca2
remove debug
2024-06-12 13:03:26 +01:00
Daniel Barlow
5121a8563d
callService: dependencies are services not names
2024-06-12 12:58:57 +01:00
Daniel Barlow
78be354b6e
think
2024-06-12 12:52:52 +01:00
Daniel Barlow
be13ab23ca
wwan gets address from ppp ipcp not dhcp
2024-06-12 12:51:07 +01:00
Daniel Barlow
4b30cd7a75
think
2024-06-11 14:05:32 +01:00
Daniel Barlow
b15542b668
start correct services at boot
...
- uncontrolled services that are not dependent on a controlled service
- controllers
- _not_ controlled services or any other service that depends on one
2024-06-11 14:04:14 +01:00
Daniel Barlow
6daeaf29a0
flip controller/controlled relationship for wwan services
2024-06-11 14:02:48 +01:00
Daniel Barlow
e6ca5ea064
store derivations not just names for service deps
...
.. also controllers, contents. This is to make it possible (easier)
to work out transitive dependencies at build time
2024-06-11 14:01:06 +01:00
Daniel Barlow
e6e4665a18
flip dependencies for triggered/controlled services
...
Instead of treating the trigger as the "main" service and the
triggered service as subsidary, now we treat the triggered
service as the service and the trigger as "subsidary". This
needs some special handling when we work out which services
go in the default bundle, but it works better for declaring
dependencies on triggered services because it means the
dependency runs after the triggered service comes up, not
just when the watcher-for-events starts
2024-06-09 22:37:45 +01:00
Daniel Barlow
2c10790a6d
think
2024-06-09 11:19:38 +01:00
Daniel Barlow
571adf84c0
inherit builtins.map
2024-06-07 16:55:45 +01:00
Daniel Barlow
c8c79fd75a
update all calls to uevent-watch
2024-06-02 20:42:09 +01:00
Daniel Barlow
884d8d194e
wrap uevent-watch in a service
2024-06-02 20:42:09 +01:00
Daniel Barlow
f091bbd706
devout: recognise attr,attrs when parsing search term string
2024-06-01 23:48:05 +01:00
Daniel Barlow
37d7e20582
wwan use uevent-watch to find tty for AT commands
2024-06-01 23:47:20 +01:00
Daniel Barlow
04b068f7a3
delete unused code
2024-06-01 22:43:48 +01:00
Daniel Barlow
53f57c1a8c
devout: support sysfs attributes for (grand*)parent device
2024-06-01 22:43:27 +01:00
Daniel Barlow
19aba0d873
devout: support search for sysfs attributes
2024-06-01 21:20:41 +01:00
Daniel Barlow
7d00b39249
rename attributes->properties when referring to uevent fields
...
properties: key-value pairs in the uevent message
attributes: file contents in sysfs
2024-06-01 12:17:49 +01:00
Daniel Barlow
7aa8633cde
think
2024-06-01 12:16:21 +01:00
Daniel Barlow
58bec8a40f
semi-automate tftpbooting with minicom
2024-05-26 18:03:32 +01:00
Daniel Barlow
a3fca5bf05
devout: add functions to read sysfs attributes
2024-05-26 18:03:32 +01:00
Daniel Barlow
e0bd7aec1e
wwan: hook usb-modeswitch to uevent
2024-05-26 18:03:32 +01:00
Daniel Barlow
e815f61bb5
think
2024-05-26 18:00:31 +01:00
Daniel Barlow
af9200a136
skip symlink handing unless linkname was provided
2024-05-26 18:00:31 +01:00
Daniel Barlow
898958fa10
make a serviceDefn for wwan
2024-05-22 18:54:49 +01:00
Daniel Barlow
fa0f262706
commentary
2024-05-22 18:54:49 +01:00
Daniel Barlow
71aeb27b2f
add hacky wwan service with hardcoding all over
2024-05-22 18:54:49 +01:00
Daniel Barlow
530b4080c9
create cdc-ncm module
2024-05-22 18:54:49 +01:00
Daniel Barlow
58cd007ccc
barebones usb_modeswitch package
2024-05-22 18:54:49 +01:00
Daniel Barlow
3a56798eb5
l2tp set default route via tunnel
2024-05-22 18:54:49 +01:00
Daniel Barlow
758c7ef657
exec xl2tpd
...
haven't fully worked out why, but without this s6 is unable to stop it.
2024-05-22 18:54:49 +01:00
Daniel Barlow
73225a70b2
add rudimentary l2tp service module
2024-05-22 18:54:49 +01:00
Daniel Barlow
ab304dd3f1
bordervm enable nat
2024-05-22 18:47:37 +01:00
Daniel Barlow
0d49f0f7a7
gl-ar750 appendDTB
2024-05-22 18:47:16 +01:00
Daniel Barlow
e64390460a
memorable net device names for gl-ar750
...
linux's view of eth1 and eth0 are opposite to that of u-boot
2024-05-22 18:47:08 +01:00
Daniel Barlow
c0ef6ce282
list pkgs we need in bordervm build
...
it's a bit silly trying to build it with the whole liminix overlay
when it's a nixos system not a liminix system
2024-05-22 18:45:35 +01:00
Daniel Barlow
bd6ec5201f
run dhcp server on bordervm
...
this is for testing clients that have dhcp upstream
2024-05-22 18:45:35 +01:00
Daniel Barlow
b4068da9fe
tftp addresses
2024-05-22 18:45:35 +01:00
Daniel Barlow
aa4b09da85
think (foreshadowing)
2024-05-22 18:45:23 +01:00
Daniel Barlow
471c63b399
s6-rc do cleanup in "finish", don't append to "run" script
...
s6-supervise sends signals (e.g. SIGTERM) to the pid of the process
running "run", so how do we know if the ceanup commands are even
getting executed if the shell interpreter that is supposed to do that
got killed already?
2024-05-13 17:53:02 +01:00
Daniel Barlow
782feaeafa
set default for firewall extraRules
2024-05-03 16:28:53 +01:00
Daniel Barlow
ac54c89427
add busybox to bordervm for udhcpd
2024-05-01 23:09:23 +01:00
Daniel Barlow
5a3646cb29
add authorized keys to bordervm
...
You don't often need this because it has autologin, but sometimes
you want to do antics involving sshing through it to the wan port
of a test device.
Note that you probably wanted to start bordervm with funny qemu
options to even make that possible
nix-shell --run "QEMU_NET_OPTS=hostfwd=tcp::10022-:22 run-border-vm"
2024-05-01 23:07:11 +01:00
Daniel Barlow
e249f48cff
add deps on {ins,rm}mod and kconfig for firewall module
2024-05-01 23:06:12 +01:00
Daniel Barlow
6661e42684
mt300a tftpboot needs appendDTB
2024-05-01 23:04:25 +01:00
Daniel Barlow
b9ba9ef835
mt300a remove unneeded service dependencies
2024-05-01 23:03:55 +01:00
Daniel Barlow
8b69dcc209
pass entire config fragment to levitate, not just services
...
to make it useful we need to be able to set packages, passwords, ssh
keys etc
2024-04-29 20:07:01 +01:00
Daniel Barlow
9b3a3b9ff7
add levitate to arhcive
...
this is largely untested
2024-04-28 21:38:13 +01:00
Daniel Barlow
7d08497bcb
arhcive remove coldplug fudge
2024-04-28 21:37:30 +01:00
Daniel Barlow
0e84adaa0e
maybe don't need deps for gl-mt300a vlan devices?
...
will delete them next time I have that device open to test
2024-04-28 21:35:09 +01:00
Daniel Barlow
660ed5df8f
vlan interface services depend on primary
2024-04-28 21:33:36 +01:00
Daniel Barlow
792a11c8c0
gl-mt300n-v2 use full path to swconfig in service stop
2024-04-28 21:32:42 +01:00
Daniel Barlow
7e4a05bbf8
separate kernel and base modules
...
this is needed for levitate
2024-04-28 12:44:27 +01:00
Daniel Barlow
a4ba5c85e1
alphabetize list in all-modules
2024-04-28 12:42:47 +01:00
Daniel Barlow
723ef73d5a
inout: test hotplug and coldplug
2024-04-27 22:41:30 +01:00
Daniel Barlow
3d4e782929
devout: run tests in postBuild
...
because checkPhase is not executed when cross-compiling, and this
package is always only cross-compiled
2024-04-27 21:07:25 +01:00
Daniel Barlow
1b6a05aec5
make uevent-watch use devout instead of direct netlink
2024-04-27 21:07:25 +01:00
Daniel Barlow
80628a3d90
move event matching tests to devout
...
in preparation for future uevent-watch not needing to do
event matching
2024-04-27 21:07:25 +01:00
Daniel Barlow
bf0cafffed
start devout alongside mdevd
...
ensure it starts before mdevd-coldplug so it can populate
its database
2024-04-26 20:52:12 +01:00
Daniel Barlow
e49aba127c
devout: improve socket error handling
2024-04-26 20:49:23 +01:00
Daniel Barlow
324465bc18
devout: write uevent KEY=value format to clients
2024-04-26 17:37:28 +01:00
Daniel Barlow
b33249a050
devout: add readiness notification
2024-04-26 17:23:29 +01:00
Daniel Barlow
b9c084415e
devout: handle readiness on netlink socket but no event
2024-04-26 17:20:33 +01:00
Daniel Barlow
cf9cadd212
devout: replay relevant events to new subscriber
2024-04-26 17:20:33 +01:00
Daniel Barlow
a116fe084a
devout: use socket constants from anoia.net.constants
2024-04-26 16:48:51 +01:00
Daniel Barlow
74cf3e0711
add anoia.net.constants for SOCK_{STREAM,DGRAM} etc
...
we use an ugly bit of C preprocessor to get the values from
header files, because certain constants are different on MIPS
than on other architectures
2024-04-26 16:43:09 +01:00
Daniel Barlow
9795f03da4
think
2024-04-26 16:41:31 +01:00
Daniel Barlow
cdb23b147c
convert anoia.fs to use lualinux
2024-04-25 21:14:37 +01:00
Daniel Barlow
dbd1264352
convert anoia.fs to use lualinux instead of lfs
2024-04-24 20:44:32 +01:00
Daniel Barlow
834858d5bc
think
2024-04-24 18:33:57 +01:00
Daniel Barlow
18335b95e3
devout: strip newlines from client terms
...
this is just to make testing with socat easier
2024-04-24 18:33:02 +01:00
Daniel Barlow
6bee2f67ac
devout: add incoming netlink messages to database
2024-04-24 18:32:27 +01:00
Daniel Barlow
b4ba3eea21
fix revents in unpack-pollfds
2024-04-24 18:31:26 +01:00
Daniel Barlow
16af3984c9
add lualinux to fennelrepl
2024-04-24 18:30:34 +01:00
Daniel Barlow
ce7e395295
devout test: replace minisock with lualinux
2024-04-24 18:29:24 +01:00
Daniel Barlow
7e13e017eb
add readline suport to fennelrepl
2024-04-24 18:28:39 +01:00
Daniel Barlow
bbf2f53c0e
cross-compile lualinux
2024-04-24 18:28:14 +01:00
Daniel Barlow
032d0f8aca
add netlink socket
...
it's not hooked up to anything yet, but it proves we can
do this with lualinux
2024-04-23 23:34:25 +01:00
Daniel Barlow
b8ac9e5279
convert devout from minisock to lualinux
2024-04-23 23:33:11 +01:00
Daniel Barlow
ff2604ca5d
think
2024-04-23 23:30:50 +01:00
Daniel Barlow
72789984ce
add lualinux package
2024-04-23 22:41:38 +01:00
Daniel Barlow
90d9d0e811
update minisock to not scribble on lua strings
2024-04-23 20:19:33 +01:00
Daniel Barlow
97a8ae1c84
devout: add event loop and main `run` function
2024-04-23 20:15:02 +01:00
Daniel Barlow
52eb283a26
implement unsubscribe
...
and add ids to subscribe so that there's a unique identifier
to pass to unsubscribe
2024-04-23 20:12:46 +01:00
Daniel Barlow
cbb1de804e
switch to minisock fork witj poll() call
...
this is likely to be temporary as minisock is getting
replaced with lualinux
2024-04-23 20:09:41 +01:00
Daniel Barlow
f9c03998b8
implement subscriptions with callback
2024-04-21 13:19:17 +01:00
Daniel Barlow
50de1b090f
add the rest of the test list (all we've thought of)
2024-04-21 11:22:26 +01:00
Daniel Barlow
648382f64a
report bodyless tests as PENDING
2024-04-21 11:19:42 +01:00
Daniel Barlow
e9370358ae
implement "remove" events
2024-04-21 11:19:06 +01:00
Daniel Barlow
762ce7b6b8
cut/paste devout implementation into a real module
2024-04-20 22:48:00 +01:00
Daniel Barlow
b1c0560f4f
implement fetch by path
2024-04-20 22:20:43 +01:00
Daniel Barlow
e34135c41a
improve failed test reporting
2024-04-20 21:46:37 +01:00
Daniel Barlow
712c9b266f
implement find
2024-04-20 18:42:42 +01:00
Daniel Barlow
4df963996c
devout: add device
2024-04-20 18:24:10 +01:00
Daniel Barlow
349bfecbb8
new package "devout", does nothing yet
2024-04-20 17:45:40 +01:00
Daniel Barlow
450d3820b2
clean up uevent-watch test using writeFennel and mainFunction
...
requires less cavorting with globals and stuff
2024-04-20 16:53:43 +01:00
Daniel Barlow
771585546d
import expect= where previously it was copy-pasted
2024-04-20 15:09:50 +01:00
Daniel Barlow
73abf952d5
package minisock, a minimal Lua socket library
2024-04-20 15:09:17 +01:00
Daniel Barlow
8af4e9fd5b
package anoia assert macros and point fennelrepl at them
2024-04-20 14:59:14 +01:00
Daniel Barlow
7e19d80130
anoia: add assert macro module
...
contains expect and expect=
2024-04-20 14:04:32 +01:00
Daniel Barlow
0f0688c802
think
2024-04-20 14:03:48 +01:00
Daniel Barlow
b43f17f655
think
2024-04-20 12:23:04 +01:00
Daniel Barlow
adf62d4483
arhcive: make it work when disk is attached before boot
...
This is a bit of a kludge (a lot of a kludge) but it will
get it running whilt I work on something better
2024-04-17 18:49:30 +01:00
Daniel Barlow
68eb1360f6
use appended dtb in gl-mt300n-v2 tftpboot
...
probably the A variant needs this as well
2024-04-17 18:48:19 +01:00
Daniel Barlow
19ad6cd278
watchdog: put s6 pkg on $PATH for s6-svstat
2024-04-17 13:01:10 +01:00
Daniel Barlow
00076c7b81
mount service: use uevent-watch
2024-04-17 12:59:13 +01:00
Daniel Barlow
721e7499f3
arhcive: use usb module instead of harcoded kconfig
2024-04-17 12:53:43 +01:00
Daniel Barlow
fc723b9a35
think
2024-04-16 18:59:01 +01:00
Daniel Barlow
a5f16dfa81
convert inout test to use uevent-watch
2024-04-15 22:15:27 +01:00
Daniel Barlow
41a4b1f7ef
clean cruft from inout test script
2024-04-15 22:00:44 +01:00
Daniel Barlow
42a5699326
remove unneeded config from inout test
2024-04-15 21:19:18 +01:00
Daniel Barlow
ea2b25168e
add uevent-watch, which toggles services based on uevent msgs
2024-04-15 21:15:07 +01:00
Daniel Barlow
5564cf0554
add nellie.close
2024-04-14 22:45:29 +01:00
Daniel Barlow
f3a13630d3
add multicast groups param to nellie.open
2024-04-14 22:45:29 +01:00
Daniel Barlow
f233acf9ff
netlink uevent hello world
2024-04-14 22:45:29 +01:00
Daniel Barlow
b6a054c588
add mdevd as module
...
following the upstream example, it republishes uevent messages
using multicast group 4 instead of group 2 as used by udev.
2024-04-14 21:59:23 +01:00
Daniel Barlow
b231664a06
anoia: add basename, dirname
2024-04-11 23:11:20 +01:00
Daniel Barlow
f4bf3029fa
anoia: alphabetize exports
2024-04-11 23:11:13 +01:00
Daniel Barlow
05f2c9a2f7
add lua in nix-shell environment
2024-04-11 23:11:06 +01:00
Daniel Barlow
5df5c822ea
convert mount service to trigger
...
Good: this means it's not hanging holding the s6 dataase lock.
Bad: it's the ugliest implementation and doesn't deserve to be preserved
(tbf the ugliness is not new)
2024-04-03 23:17:36 +01:00
Daniel Barlow
4795dd05b7
unconditionally restart trigger services on liminix-rebuild
...
We call s6-rc -u -p default to restart/start the base services
on a rebuild, otherwise services that are only in the new
configuration won't come up. However, this stops any service
started by a trigger. So, workaround is to restart the trigger
service and expect it to restart the services it manages if they're
needed
2024-04-03 23:07:56 +01:00
Daniel Barlow
a192f08881
remove missing module
2024-03-29 17:34:10 +00:00
Daniel Barlow
a873dc6608
Merge commit 'efcfdcc'
2024-03-28 23:47:04 +00:00
Daniel Barlow
2fb4756a7f
add soft restart option to liminix-rebuild
...
instead of doing a full reboot, it runs activate / and uses
s6-rc-update to install the new service database
2024-03-28 23:45:10 +00:00
Daniel Barlow
04f5174425
fix vanilla-configuration defaultroute
2024-03-28 22:13:21 +00:00
Daniel Barlow
dca2e4def1
fix params to s6-rc-init
...
flags must precede scandir otherwise they're ignored
2024-03-28 21:56:28 +00:00
Daniel Barlow
b60126775a
improve liminix-rebuild test
...
* make it executable
* improve robustness
* do't hardcode services.default (why did it do this?)
2024-03-28 21:37:47 +00:00
Daniel Barlow
76f11bcc93
liminix-rebuild: remove -f flag from reboot call
...
now we have timeouts in service definitions, shouldn't need this
any more
2024-03-28 21:37:47 +00:00
Daniel Barlow
efcfdcc21d
think
2024-03-28 20:59:39 +00:00
Daniel Barlow
77f1a78331
ifwait block if s6-rc lock is held
...
otherwise it doesn't trigger the service if something else is
slow to start
2024-03-28 20:59:39 +00:00
Daniel Barlow
28a5dec7dd
implement ifwait trigger service and use in bridge
...
should we convert all ifwait uses to this trigger too? seems
reasonable
2024-03-28 20:59:39 +00:00
Daniel Barlow
fad0a47b75
add config.system.callService
...
this is like pkgs.callService except that it passes
config.system.service as a param so that the service
being defined can invoke other services
if this proves to be a good idea, all uses of
pkgs.callService should be changed to use it instead
2024-03-28 20:59:39 +00:00
Daniel Barlow
af52aafc84
deep thoughts
2024-03-28 20:59:39 +00:00
Daniel Barlow
34442b6069
failing test for ifwait
2024-03-28 20:59:39 +00:00
Daniel Barlow
b8a46fc05e
allow buildInputs param to s6 service
...
this is in preparation for trigger services that need to
close over the triggered service without adding it to
s6-rc dependencies
2024-03-28 20:58:53 +00:00
Daniel Barlow
8ac2c6cec1
support timeouts (default 30s) for starting s6-rc services
2024-03-28 20:58:47 +00:00
Daniel Barlow
8879b2d1ba
fix rt2x00 wifi
2024-03-28 20:58:39 +00:00
Daniel Barlow
83e346d5a0
add deviceName param
2024-03-22 21:55:44 +00:00
Daniel Barlow
156b1fe64a
deep thoughts
2024-03-22 21:54:38 +00:00
Daniel Barlow
1a314e55b7
firewall module: provide default rules and merge extraRules
...
a firewall with no configuration will get a relatively sane ruleset. a
firewall with `extraRules` will get them deep merged into the default
rules. Specifying `rules` will override the defaults
2024-03-21 12:00:34 +00:00
Daniel Barlow
9263b21faa
create gateway profile by extracting from rotuer example
2024-03-21 10:04:42 +00:00
Daniel Barlow
0a820a702a
extneder: delete nftables kernel config
...
don't need nftables on a bridge. (do we? hope not)
2024-03-20 19:05:31 +00:00
Daniel Barlow
4ea518e296
expose modulesPath to ease out-of-tree configuration.nix
2024-03-20 18:58:44 +00:00
Daniel Barlow
98318b450d
deep thoughts
2024-03-16 20:16:49 +00:00
Daniel Barlow
e4ac7f19dc
fix ifwait deps
2024-03-16 20:16:49 +00:00
Daniel Barlow
9c22744850
deep thoughts
2024-03-16 20:16:49 +00:00
Daniel Barlow
c697be8c28
temporary fix for cmake cross-compilation
2024-03-16 20:16:49 +00:00
dan
202a37221a
Merge pull request 'tftpboot: use commandLineDtbNode' ( #11 ) from flokli/liminix:tftpboot-honor-commandLineDtbNode into main
...
Reviewed-on: dan/liminix#11
2024-03-16 18:18:18 +00:00
Florian Klink
436eb03a7b
tftpboot: use commandLineDtbNode
...
config.boot.commandLineDtbNode can be set from `bootargs` to
`bootargs-override` (used for boards where the u-boot on the board does
set `bootargs` on its own).
In that case, the code updating the cmdline for tftpboot purposes also
needs to update this node, not the `bootargs` node.
Otherwise the kernel won't find the phram device, as it never heard
about it, as it didn't get the necessary cmdline options.
2024-03-16 20:06:38 +02:00
Daniel Barlow
e5963ae3f7
deep thoughts
2024-03-06 23:19:47 +00:00
Daniel Barlow
f164f19d95
service starts and stops
2024-03-06 23:19:47 +00:00
Daniel Barlow
dd4ab41f6a
rename run-event
2024-03-06 23:19:47 +00:00
Daniel Barlow
5d5dff6729
WIP add failing test that service starts
2024-03-06 23:19:47 +00:00
Daniel Barlow
570d29c368
pass command line params to run instead of reffing global
2024-03-06 23:19:47 +00:00
Daniel Barlow
725af00dc9
improve test for dummy0 up
...
if we run off the end of the events fixture, it didn't work
2024-03-06 23:19:47 +00:00
Daniel Barlow
e1b932ec27
remove hardcoded filename in test event generator
2024-03-06 23:19:47 +00:00
Daniel Barlow
7173b6fb1c
don't call os.exit
2024-03-06 23:19:47 +00:00
Daniel Barlow
ed9548f21d
pass event producer fn as param
2024-03-06 23:19:47 +00:00
Daniel Barlow
0787807a7f
ifwait: don't run on load if in test harness
2024-03-06 23:19:47 +00:00
Daniel Barlow
38ed91f641
simplify assertion
2024-03-06 23:19:47 +00:00
Daniel Barlow
ffe9603c39
remove file-scoped parameters var
2024-03-06 23:19:47 +00:00
Daniel Barlow
cbd3dfefc5
ifwait fixture/test harness
2024-03-06 23:19:47 +00:00
Daniel Barlow
018c1868b5
ifwait: use anoia.assoc
2024-03-06 23:19:47 +00:00
Daniel Barlow
5184ff63f7
add anoia.nl, a convenience wrapper on netlink
2024-03-06 23:19:47 +00:00
Daniel Barlow
35909c9a23
add netlink to fennelrepl
2024-03-06 23:19:47 +00:00
Daniel Barlow
4383462199
deep thoughts
2024-03-06 23:19:47 +00:00
Daniel Barlow
9730cdd63b
add assoc to anoia
2024-03-06 23:19:47 +00:00
dan
095853214b
Merge pull request 'Fix kernel build on belkin' ( #10 ) from sinavir/liminix:fix_kernel_build_on_belkin into main
...
Reviewed-on: dan/liminix#10
2024-03-06 18:21:13 +00:00
Daniel Barlow
9d6e50cbbc
extract extneder example to a "profile"
...
this is a bit of an experiment to reduce the copy-paste in
examples by turning them into "application" modules.
planning to follow up with another module for "wifi router"
2024-02-27 23:13:12 +00:00
Daniel Barlow
94dbc56595
fix doc
2024-02-27 20:08:30 +00:00
Daniel Barlow
2cd7f932eb
alignment may be null
2024-02-27 19:47:46 +00:00
sinavir
27c7735f02
belkin-RT3200: fix kernel options
2024-02-22 21:57:40 +01:00
sinavir
29c9de248d
fix import of openwrt sources
2024-02-22 21:57:33 +01:00
Daniel Barlow
3ca0d87c27
ci.nix: alphabetise systems
2024-02-21 19:49:14 +00:00
Daniel Barlow
8f30db58ae
New port to Zyxel NWA50AX: update NEWS and ci.nix
2024-02-21 19:32:50 +00:00
Daniel Barlow
f9ab0590a6
Merge remote-tracking branch 'raito/nwa50ax'
2024-02-21 19:27:23 +00:00
Daniel Barlow
84fa8d65f4
fennel: system: verbose log of command that was run
2024-02-21 19:27:14 +00:00
Daniel Barlow
9b0149ecb7
deep thoughts
2024-02-21 19:26:33 +00:00
Raito Bezarius
baf3cf7413
devices/zyxel-nwa50ax: fix dual image mgmt after DTB expansion
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 03:13:35 +01:00
Raito Bezarius
c5145b5fc9
devices/zyxel-nwa50ax: make `zyxel-bootconfig` executable
...
Otherwise, it doesn't work well…
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 03:13:21 +01:00
Raito Bezarius
628f4dfdbe
devices/zyxel-nwa50ax: developer todo
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 03:13:21 +01:00
Raito Bezarius
da59e2a349
devices/zyxel-nwa50ax: complete documentation
...
It covers everything I know more or less.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:57:34 +01:00
Raito Bezarius
c0a9571a13
devices/zyxel-nwa50ax: upgrade MT7915 firmware from OpenWRT repository
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:57:34 +01:00
Raito Bezarius
d6ffdd7be6
devices/zyxel-nwa50ax: expose primary and secondary images
...
To support A/B a bit better.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:57:34 +01:00
Raito Bezarius
985f982435
examples/nwa50ax-ap: support bridge between lan and ethernet
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:48:50 +01:00
Raito Bezarius
a893c0dc4c
devices/zyxel-nwa50ax: use our own more advanced DTB
...
OpenWRT had a DTB for the NWA50AX LEDs that I didn't pick up.
Anyway, we need to include our own special DTB for the NWA platform in general
to support A/B operations, because OpenWRT original one just mark everything else read-only.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:48:50 +01:00
Raito Bezarius
3ec29dc1b9
examples/nwa50ax-ap: ensure `mtdutils` is available for further flashing
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:48:50 +01:00
Raito Bezarius
0e81953b67
devices/zyxel-nwa50ax: cleanup of `flash` attribute and `rootDevice`
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:48:50 +01:00
Raito Bezarius
3c70a0d037
devices/zyxel-nwa50ax: ensure bridge is always available
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:48:50 +01:00
Raito Bezarius
422f3edab1
modules/zyxel-dual-image: init
...
This adds a simple boot blessing module, to be used, with the Zyxel NWA50AX.
There's a lot of elephant in the rooms: how do you upgrade kernel, etc.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:48:50 +01:00
Raito Bezarius
c14b2f6356
modules/busybox: add `dhcprelay`
...
This enables to run a DHCP relay from multiple interfaces.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:48:50 +01:00
Raito Bezarius
cdafff2095
examples/nwa50ax-ap: init
...
This is a quite comprehensive example using maximally the hardware
available to reach nice performance.
In the future, I will even add RADIUS examples.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:48:50 +01:00
Raito Bezarius
13f1bb9f52
devices/zyxel-nwa50ax: init
2024-02-19 02:48:48 +01:00
Raito Bezarius
019fef6929
zyxel-bootconfig: init at no version
...
This tool is useful for manipulating the A/B boot status of the image.
2024-02-18 20:30:41 +01:00
Raito Bezarius
63007859c2
modules/outputs/zyxel-nwa-fit: init
...
Zyxel "firmware" format is just… a FIT with some metadata on the models.
This FIT is like this:
--------------------------
uImage FIT header
--------------------------
Linux kernel
--------------------------
FDT DTB
--------------------------
Padding so that
this makes
8192kb [1]
--------------------------
UBI volume
as a root filesystem
--------------------------
We just reproduce this in a very brutal and naive way.
In the future, this seems worth to generalize and modularize this idea
so that zyxel-nwa-fit is just an instance of a more general output.
[1]: https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob;f=target/linux/ramips/image/mt7621.mk;h=ab1b829ba0086cb9fc9ca8cbbf3cbc14735034d6;hb=refs/heads/main#l3097
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-18 20:30:41 +01:00
Raito Bezarius
e9ab8d7183
modules/outputs/ubivolume: introduce ubinization
...
It creates an UBI image based on an UBI volume configuration.
For now, it creates only an empty rootfs.
2024-02-18 20:30:41 +01:00
Raito Bezarius
3dc58de0eb
modules/outputs: expose `commandLineDtbNode` option
...
We allow `bootargs` and `bootargs-override` for now only.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-18 20:30:41 +01:00
Raito Bezarius
dde8386f75
builders/uimage: support aligning the FIT
...
This is necessary when writing to a MTD partition with a certain erasesize.
2024-02-18 20:30:41 +01:00
Raito Bezarius
c59364d623
modules/outputs/ubifs: expose `rootubifs` rather than `rootfs`
...
I believe there should be another module exposing `rootubifs` as `rootfs`
or let any other module just subsume that component like `zyxel-nwa-fit` output.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-18 20:30:41 +01:00
Raito Bezarius
b76c5b4abe
modules/ubifs: revamp to offer directly access to the UBIfs partition
...
Adds the LEB and PEB option and let the user remove the boot image in case
where U-Boot does not support UBI boot.
2024-02-18 20:30:41 +01:00
Raito Bezarius
0a8343be66
pkgs/kernel/uimage: introduce `commandLineDtbNode`
...
Certain devices like the Zyxel NWA50AX will pass information on the command-line
to explain what is the current image (`bootImage=1` vs. `bootImage=0`).
Unfortunately, if we set the `chosen/bootargs` node, this will be overridden forcibly
by U-Boot.
To avoid this problem, it's easier to simply just use another DTB node like `bootargs-override` which
is what OpenWRT does [1].
[1]: https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob;f=target/linux/ramips/patches-5.15/314-MIPS-add-bootargs-override-property.patch;h=e7dca7af886e8c0b69ba2b23f5855ddfeeb0d4a1;hb=refs/heads/main
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-18 20:30:41 +01:00
Raito Bezarius
d14ee41325
liminix-rebuild: use `-f` flag to reboot effectively
...
My AP does not reboot upon `reboot` but `reboot -f`… why?
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-17 11:45:17 +00:00
Raito Bezarius
8f814658fe
hostapd: enable 802.11ax
...
For people enjoying WiFi 6 heaven… :>
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-17 11:45:10 +00:00
Daniel Barlow
60508f4d4e
update NEWS
...
* Turris Omnia
* possible wifi regressions
2024-02-16 21:00:59 +00:00
Daniel Barlow
ca64e9035e
gl-ar750 ath9k needs cal data from MTD
2024-02-16 20:44:56 +00:00
Daniel Barlow
4bcc3d5b28
dhcpc6 scripts: simplify (and improve correctness)
2024-02-16 18:47:12 +00:00
Daniel Barlow
28fe37d555
deep thoughts
2024-02-16 18:30:54 +00:00
Daniel Barlow
175db9f604
tail -F for rotuer
2024-02-16 18:30:24 +00:00
Daniel Barlow
b5722a0153
gl-ar750: ath10k wireless depends on firmware
...
so make sure the firmware is present _first_
the ath10k is still broken anyway, looking into why
2024-02-16 00:38:36 +00:00
Daniel Barlow
c373152673
make tftpboot work on devices with old u-boot
...
Some devices have a U-boot variant that does not accept a third
parameter on the "bootm" command, meaning we can't override the dtb
in the bootloader so have to smush it back into the kernel image
This doesn't work in QEMU but I think the problem is with the
U-Boot configuration for QEMU. It does work on at least one
hardware device so I'm pushing it anyway
Based on
https://gti.telent.net/raboof/liminix/src/branch/tftp-old-uboot
Co-authored-by: Arnout Engelen <arnout@bzzt.net>
2024-02-15 23:44:47 +00:00
Daniel Barlow
7e7171556f
subdue dnsmasq logs
...
we need to find a better way of doing this. people might _want_
to have All The Logs from evey dns query
2024-02-15 23:43:54 +00:00
Daniel Barlow
6920ee765d
deep thoughts
2024-02-15 09:11:54 +00:00
Daniel Barlow
71a1ef286e
deep thoughts
2024-02-13 22:32:57 +00:00
Daniel Barlow
ffe0e9d26b
use mkstate for dropbear keys
2024-02-13 22:12:26 +00:00
Daniel Barlow
2b22c7aa91
dnsmasq: store dhcp lease file on /persist
2024-02-13 21:54:45 +00:00
Daniel Barlow
3c950704e1
rename /run/service-state to /run/services/outputs
2024-02-13 21:41:43 +00:00
Daniel Barlow
8578a554c7
deep thoughts
2024-02-13 21:11:30 +00:00
Daniel Barlow
3851698d35
fix tftpboot compressed rootfs
2024-02-13 18:16:17 +00:00
Daniel Barlow
f69ebbb6f5
fix doc CI target
2024-02-13 15:41:45 +00:00
Daniel Barlow
16e4b05653
dhcp6c: set preferred and valid address lifetimes
...
also workaround a bug in rebinding/updates where we get an error
from "ip addr add" trying to add an address that's already present
2024-02-13 13:49:12 +00:00
Daniel Barlow
8ac848b1e6
ath10k_pci: wifi modules must be modules
2024-02-13 12:56:03 +00:00
Daniel Barlow
b7efbd3e21
update NEWS file
2024-02-12 21:10:52 +00:00
Daniel Barlow
a654577ac2
improve port-forwarding comment
2024-02-12 21:05:01 +00:00
Daniel Barlow
c50423f689
turris omnia: upgrade to mainline 6.7.4 kernel
...
On this device we don't need the openwrt kernel or patches. The
newer kernel also fixes the weird one minute pause at boot when
it was doing something with either mmc or switch.
2024-02-12 20:43:01 +00:00
Daniel Barlow
65479e206b
use regular kernel not backports for mac80211
...
the kernel on most devices is now newer than the version that the
backported drivers were backported from
2024-02-12 20:41:10 +00:00
Daniel Barlow
79926c6fe7
remove call to deleted package
2024-02-12 14:56:12 +00:00
Daniel Barlow
ae4856ea7c
improve firewall comment
2024-02-12 13:56:56 +00:00
Daniel Barlow
b9c0d93670
build modules at same time as main kernel vmlinux
...
This changes the practice for building kernel modules: now we expect
that the appropriate Kconfig symbols are set to =m in
config.kernel.config, and then use pkgs.kmodloader to create
a service that loads and unloads all the modules depended on by
a particular requirement.
Note that modules won't be installed on the target device just by
virue of having been built: only the modules that are referenced by a
kmodloader package will be in the closure.
An example may make this clearer: see modules/firewall/default.nix
in this commit.
Why?
If you have a compiled Linux kernel source tree and you change some
symbol from "is not set" to m and then run make modules, you cannot in
general expect that newly compiled module to work. This is because
there are places in the build of the main kernel where it looks to see
which modules _may_ be defined and uses that information to
accommodate them.
For example in an in-kernel build of
https://github.com/torvalds/linux/blob/master/net/netfilter/core.c#L689
some symbols are defined only if CONFIG_NF_CONNTRACK is set, meaning
this code won't work if we have it unset initially then try later to
enable it and build modules only. Or see
https://github.com/torvalds/linux/blob/master/include/linux/netdevice.h#L160
2024-02-11 23:47:11 +00:00
Daniel Barlow
11287a8436
allow lan dns queries (ipv6)
2024-02-11 23:32:46 +00:00
Daniel Barlow
57aece0709
rotuer: don't forward queries for local domain
2024-02-11 23:32:46 +00:00
Daniel Barlow
c1d285a220
rotuer: network debugging tools
2024-02-11 23:32:46 +00:00
Daniel Barlow
dce983ec79
move kernel module to its own subdir
2024-02-11 18:15:55 +00:00
Daniel Barlow
812f497660
add kernel.version param to allow for version-specific patches
...
default to 5.15.137 to avoid breaking the devices that don't declare it
2024-02-11 16:19:52 +00:00
Daniel Barlow
1206d02200
rotuer-secrets: remove root_password, add wifi ssid and domainName
...
this is step one towards getting rid of rotuer-secrets completely and
turning rotuer into a "profile" module that can be less hackily
customised for other people's networks
2024-02-11 15:56:14 +00:00
Daniel Barlow
7c196bf9b4
rotuer: make 5GHz wifi faster
...
VHT doesn't work unless HT is enabled, apparently
2024-02-11 15:38:19 +00:00
Daniel Barlow
86d19c54b3
turris omnia kernel: add RTC, i2c mux, eeprom
2024-02-09 22:34:46 +00:00
Daniel Barlow
aca3e11631
firewall: make ipv4 work
2024-02-08 23:15:48 +00:00
dan
273c66b2d3
Merge pull request 'Add support for TP-Link Archer AX23' ( #6 ) from raboof/liminix:add-archer-ax23-v1-bak into main
...
Reviewed-on: dan/liminix#6
2024-02-08 17:47:46 +00:00
Daniel Barlow
87f6a31a06
improve firewall log format
2024-02-08 17:21:26 +00:00
Daniel Barlow
a9ea01428e
firewall: don't drop in conntrack rule
...
as there are other rules following that might want to accept
2024-02-08 17:20:39 +00:00
Daniel Barlow
92b0bec038
rotuer: add schnapps and the rest of the lan interfaces
2024-02-07 23:48:10 +00:00
Daniel Barlow
82537bbe68
delete commented-out code
2024-02-07 23:47:38 +00:00
Daniel Barlow
efb29c5901
demo-firewall: add some rules for ipv4
2024-02-07 23:47:09 +00:00
Daniel Barlow
29e61be26c
rotuer: get lan rfc1918 prefix from secrets
2024-02-07 23:46:16 +00:00
Daniel Barlow
6f1f9d6f20
firewall: fix module loading
2024-02-07 23:43:41 +00:00
Daniel Barlow
34291292c0
fix dependency on kernel moduels in firewall service
2024-02-07 16:21:14 +00:00
Daniel Barlow
c9e4c1b0da
kernel-modules: use linuxArch instead of case expression
2024-02-07 16:20:34 +00:00
Daniel Barlow
891d6e5f20
thenk
2024-02-05 19:20:13 +00:00
dan
c4041b00f6
Merge pull request 'docs: add hardware recommendation' ( #2 ) from raboof/liminix:hardware-recommendations into main
...
Reviewed-on: dan/liminix#2
2024-02-05 15:56:07 +00:00
Daniel Barlow
f875622100
improve formatting
2024-02-04 18:24:01 +00:00
Daniel Barlow
49ec4a2961
installation instructions for Turris Omnia
...
feels like a milestone, or at least a big step towards one
2024-02-04 18:20:04 +00:00
Daniel Barlow
c8154a2db9
kernel: add "conditional" config
...
imagine: you are using a device that requires
CONFIG_MYDEVICE_FROBOZZ_DRIVER but only if CONFIG_FROBOZZ has been
specified elsewhere. Because we check that every requested config
symbol actually appears in .config then it can't be added
unconditionally or the build will fail if CONFIG_FROBOZZ wasn't asked
for.
I'm not 100% happy about this design but it's the best I've thought of
so far.
2024-02-04 18:12:15 +00:00
Daniel Barlow
02cf2c6b80
add ssh keys in recovry image
2024-02-04 18:10:58 +00:00
Daniel Barlow
b0709a6443
systemconfig: fix missing backslashes on env vars
2024-02-04 17:19:03 +00:00
Daniel Barlow
86f5c9b568
schnapps needs util-linux for mount
...
specifically, it expects mount /dev/foo -o blah /dest to work,
but busybox mount expects options to precede all the other
command line args
2024-02-04 15:50:25 +00:00
Daniel Barlow
ef707de8b1
add extlinux in recovery example
...
this needlessly bloats the TFTP image, which is a shame, but is
needed for installing onto usb stick
2024-02-02 19:51:41 +00:00
Daniel Barlow
89c88dd472
specify type for rootDevice module option
2024-02-02 19:50:13 +00:00
Daniel Barlow
c1ad139310
whitespace
2024-02-02 19:43:34 +00:00
Daniel Barlow
f682b26c29
omnia seems very fussy about tftp load address
...
when loading with 0x1000000 base address, something was getting
corrupted in the uncompressed rootfs
$ head -c $(printf "%d" 0x2be0000) rootfs | sha1sum
142571fe0436c18191727d1d4c2fd32163c1f2e1 -
=> sha1sum 0x1000000 2be0000
sha1 for 01000000 ... 03bdffff ==> 142571fe0436c18191727d1d4c2fd32163c1f2e1
but!
$ head -c $(printf "%d" 0x2bf0000) rootfs | sha1sum
7aa004ba87c6772bade491fbade164e2dfe100f9 -
=> sha1sum 0x1000000 2bf0000
sha1 for 01000000 ... 03beffff ==> 1a0923a94784d0c0b86006c5e6fff1649770dad3
2024-02-02 19:36:11 +00:00
Arnout Engelen
d5026c2074
docs: add hardware recommendation
...
Also add infrastructure to also generate the supported hardware
page when building the docs locally
2024-01-04 14:35:00 +01:00