kerrigan: init MochaBin
This commit is contained in:
parent
e85f6fc6ce
commit
3fdced1c68
12 changed files with 281 additions and 0 deletions
|
@ -46,6 +46,7 @@ let
|
||||||
"bvm-logger"
|
"bvm-logger"
|
||||||
"bvm-paperless"
|
"bvm-paperless"
|
||||||
"oracle-lon01"
|
"oracle-lon01"
|
||||||
|
"kerrigan"
|
||||||
];
|
];
|
||||||
rebuilder = system: (import ./lib/rebuilder.nix (args // { system = system; }));
|
rebuilder = system: (import ./lib/rebuilder.nix (args // { system = system; }));
|
||||||
systemCfgs = lib.genAttrs systems
|
systemCfgs = lib.genAttrs systems
|
||||||
|
|
8
ops/nixos/kerrigan/boot-builder.nix
Normal file
8
ops/nixos/kerrigan/boot-builder.nix
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
{ substituteAll, coreutils, gnused, gnugrep, bash, ubootTools }:
|
||||||
|
|
||||||
|
substituteAll {
|
||||||
|
src = ./boot-builder.sh;
|
||||||
|
isExecutable = true;
|
||||||
|
path = [coreutils gnused gnugrep ubootTools];
|
||||||
|
inherit bash;
|
||||||
|
}
|
110
ops/nixos/kerrigan/boot-builder.sh
Executable file
110
ops/nixos/kerrigan/boot-builder.sh
Executable file
|
@ -0,0 +1,110 @@
|
||||||
|
#! @bash@/bin/sh -e
|
||||||
|
|
||||||
|
shopt -s nullglob
|
||||||
|
|
||||||
|
export PATH=/empty
|
||||||
|
for i in @path@; do PATH=$PATH:$i/bin; done
|
||||||
|
|
||||||
|
usage() {
|
||||||
|
echo "usage: $0 -c <path-to-default-configuration> [-d <boot-dir>] [-g <num-generations>]" >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
default= # Default configuration
|
||||||
|
target=/boot # Target directory
|
||||||
|
numGenerations=0 # Number of other generations to include in the menu
|
||||||
|
|
||||||
|
while getopts "c:d:g:" opt; do
|
||||||
|
case "$opt" in
|
||||||
|
c) default="$OPTARG" ;;
|
||||||
|
d) target="$OPTARG" ;;
|
||||||
|
g) numGenerations="$OPTARG" ;;
|
||||||
|
\?) usage ;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
|
||||||
|
[ "$default" = "" ] && usage
|
||||||
|
|
||||||
|
mkdir -p $target/nixos
|
||||||
|
|
||||||
|
# Convert a path to a file in the Nix store such as
|
||||||
|
# /nix/store/<hash>-<name>/file to <hash>-<name>-<file>.
|
||||||
|
cleanName() {
|
||||||
|
local path="$1"
|
||||||
|
echo "$path" | sed 's|^/nix/store/||' | sed 's|/|-|g'
|
||||||
|
}
|
||||||
|
|
||||||
|
# Copy a file from the Nix store to $target/nixos.
|
||||||
|
declare -A filesCopied
|
||||||
|
|
||||||
|
copyToKernelsDir() {
|
||||||
|
local src=$(readlink -f "$1")
|
||||||
|
local dst="$target/nixos/$(cleanName $src)"
|
||||||
|
# Don't copy the file if $dst already exists. This means that we
|
||||||
|
# have to create $dst atomically to prevent partially copied
|
||||||
|
# kernels or initrd if this script is ever interrupted.
|
||||||
|
if ! test -e $dst; then
|
||||||
|
local dstTmp=$dst.tmp.$$
|
||||||
|
cp -r $src $dstTmp
|
||||||
|
mv $dstTmp $dst
|
||||||
|
fi
|
||||||
|
filesCopied[$dst]=1
|
||||||
|
result=$dst
|
||||||
|
}
|
||||||
|
|
||||||
|
# Copy its kernel, initrd and dtbs to $target/nixos, and echo out an
|
||||||
|
# extlinux menu entry
|
||||||
|
addEntry() {
|
||||||
|
local path=$(readlink -f "$1")
|
||||||
|
local tag="$2" # Generation number or 'default'
|
||||||
|
|
||||||
|
if ! test -e $path/kernel -a -e $path/initrd; then
|
||||||
|
return
|
||||||
|
fi
|
||||||
|
|
||||||
|
copyToKernelsDir "$path/kernel"; kernel=$result
|
||||||
|
copyToKernelsDir "$path/initrd"; initrd=$result
|
||||||
|
dtbDir=$(readlink -m "$path/dtbs")
|
||||||
|
if [ -e "$dtbDir" ]; then
|
||||||
|
copyToKernelsDir "$dtbDir"; dtbs=$result
|
||||||
|
fi
|
||||||
|
|
||||||
|
timestampEpoch=$(stat -L -c '%Z' $path)
|
||||||
|
|
||||||
|
timestamp=$(date "+%Y-%m-%d %H:%M" -d @$timestampEpoch)
|
||||||
|
nixosLabel="$(cat $path/nixos-version)"
|
||||||
|
extraParams="$(cat $path/kernel-params)"
|
||||||
|
|
||||||
|
filesCopied[$target/nixos/$tag]=1
|
||||||
|
echo > $target/nixos/$tag.tmp
|
||||||
|
echo "ext4load usb 0:2 \$kernel_addr_r boot/nixos/$(basename $kernel)" >> $target/nixos/$tag.tmp
|
||||||
|
echo "ext4load usb 0:2 \$fdt_addr_r boot/nixos/$(basename $dtbs)/marvell/armada-7040-mochabin.dtb" >> $target/nixos/$tag.tmp
|
||||||
|
echo "ext4load usb 0:2 0xa700000 boot/nixos/$(basename $initrd)" >> $target/nixos/$tag.tmp
|
||||||
|
echo "setenv bootargs \$console init=$path/init $extraParams" >> $target/nixos/$tag.tmp
|
||||||
|
echo "booti \$kernel_addr_r 0xa700000:\$filesize \$fdt_addr_r" >> $target/nixos/$tag.tmp
|
||||||
|
mkimage -A arm64 -O u-boot -T script -C none -a 0 -e 0 -n "Boot Script ${nixosLabel} ${timestamp}" -d $target/nixos/$tag.tmp $target/nixos/$tag
|
||||||
|
}
|
||||||
|
|
||||||
|
addEntry $default default
|
||||||
|
|
||||||
|
if [ "$numGenerations" -gt 0 ]; then
|
||||||
|
# Add up to $numGenerations generations of the system profile to the menu,
|
||||||
|
# in reverse (most recent to least recent) order.
|
||||||
|
for generation in $(
|
||||||
|
(cd /nix/var/nix/profiles && ls -d system-*-link) \
|
||||||
|
| sed 's/system-\([0-9]\+\)-link/\1/' \
|
||||||
|
| sort -n -r \
|
||||||
|
| head -n $numGenerations); do
|
||||||
|
link=/nix/var/nix/profiles/system-$generation-link
|
||||||
|
addEntry $link $generation
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Remove obsolete files from $target/nixos.
|
||||||
|
for fn in $target/nixos/*; do
|
||||||
|
if ! test "${filesCopied[$fn]}" = 1; then
|
||||||
|
echo "Removing no longer needed boot file: $fn"
|
||||||
|
chmod +w -- "$fn"
|
||||||
|
rm -rf -- "$fn"
|
||||||
|
fi
|
||||||
|
done
|
79
ops/nixos/kerrigan/default.nix
Normal file
79
ops/nixos/kerrigan/default.nix
Normal file
|
@ -0,0 +1,79 @@
|
||||||
|
# SPDX-FileCopyrightText: 2023 Luke Granger-Brown <depot@lukegb.com>
|
||||||
|
#
|
||||||
|
# SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
{ depot, lib, pkgs, config, modulesPath, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
nmFiles = builtins.attrNames (lib.filterAttrs (n: v: v == "regular" && lib.hasSuffix ".nmconnection" n) (builtins.readDir ./networkmanager));
|
||||||
|
nmBits = lib.mkMerge (map (filename: {
|
||||||
|
"NetworkManager/system-connections/${filename}" = {
|
||||||
|
source = ./networkmanager + "/${filename}";
|
||||||
|
mode = "0600";
|
||||||
|
};
|
||||||
|
}) nmFiles);
|
||||||
|
|
||||||
|
boot-builder = pkgs.callPackage ./boot-builder.nix { };
|
||||||
|
populate-boot-builder = pkgs.buildPackages.callPackage ./boot-builder.nix { };
|
||||||
|
in
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
"${modulesPath}/installer/sd-card/sd-image.nix"
|
||||||
|
];
|
||||||
|
|
||||||
|
fileSystems = {
|
||||||
|
"/" = { device = "/dev/disk/by-label/NIXOS_SD"; fsType = "ext4"; };
|
||||||
|
"/boot/firmware" = { device = "/dev/disk/by-label/FIRMWARE"; fsType = "vfat"; };
|
||||||
|
};
|
||||||
|
|
||||||
|
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||||
|
boot.kernelParams = [ "console=ttyS0,115200n8" ];
|
||||||
|
boot.initrd.kernelModules = [ "phy-mvebu-cp110-utmi" ];
|
||||||
|
|
||||||
|
networking = {
|
||||||
|
hostName = "kerrigan";
|
||||||
|
domain = "as205479.net";
|
||||||
|
hostId = "c424eeb8";
|
||||||
|
useNetworkd = true;
|
||||||
|
networkmanager = {
|
||||||
|
enable = true;
|
||||||
|
dns = "systemd-resolved";
|
||||||
|
unmanaged = [ "eth1" "eth2" ];
|
||||||
|
extraConfig = ''
|
||||||
|
[main]
|
||||||
|
no-auto-default=*
|
||||||
|
|
||||||
|
[logging]
|
||||||
|
level=TRACE
|
||||||
|
domains=ALL
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
nameservers = [
|
||||||
|
"2001:4860:4860::8888"
|
||||||
|
"2001:4860:4860::8844"
|
||||||
|
"8.8.8.8"
|
||||||
|
"8.8.4.4"
|
||||||
|
];
|
||||||
|
interfaces.eth2.useDHCP = true;
|
||||||
|
};
|
||||||
|
users.users.lukegb.extraGroups = lib.mkAfter [ "networkmanager" ];
|
||||||
|
my.systemType = "aarch64-linux";
|
||||||
|
|
||||||
|
systemd.services.ModemManager = {
|
||||||
|
wantedBy = [ "network.target" ];
|
||||||
|
};
|
||||||
|
environment.etc = nmBits;
|
||||||
|
|
||||||
|
sdImage.populateFirmwareCommands = lib.mkForce "";
|
||||||
|
|
||||||
|
boot.loader.grub.enable = false;
|
||||||
|
boot.loader.generic-extlinux-compatible.enable = lib.mkForce false;
|
||||||
|
boot.consoleLogLevel = lib.mkDefault 7;
|
||||||
|
system.build.installBootLoader = "${boot-builder} -g 10 -c";
|
||||||
|
sdImage.populateRootCommands = lib.mkAfter ''
|
||||||
|
mkdir -p ./files/boot
|
||||||
|
${populate-boot-builder} -c ${config.system.build.toplevel} -d ./files/boot
|
||||||
|
'';
|
||||||
|
|
||||||
|
system.stateVersion = "23.05";
|
||||||
|
}
|
16
ops/nixos/kerrigan/networkmanager/EE.nmconnection
Normal file
16
ops/nixos/kerrigan/networkmanager/EE.nmconnection
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
[connection]
|
||||||
|
id=EE
|
||||||
|
uuid=f4c3ad45-d4a3-44ee-b29f-af10b5974d22
|
||||||
|
type=gsm
|
||||||
|
|
||||||
|
[gsm]
|
||||||
|
apn=everywhere
|
||||||
|
|
||||||
|
[ipv4]
|
||||||
|
method=auto
|
||||||
|
|
||||||
|
[ipv6]
|
||||||
|
addr-gen-mode=default
|
||||||
|
method=auto
|
||||||
|
|
||||||
|
[proxy]
|
19
ops/nixos/kerrigan/networkmanager/bridge-br0.nmconnection
Normal file
19
ops/nixos/kerrigan/networkmanager/bridge-br0.nmconnection
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
[connection]
|
||||||
|
id=bridge-br0
|
||||||
|
uuid=bb1df01a-67f4-44f6-99b7-a94a8d91c00e
|
||||||
|
type=bridge
|
||||||
|
interface-name=br0
|
||||||
|
|
||||||
|
[ethernet]
|
||||||
|
|
||||||
|
[bridge]
|
||||||
|
forward-delay=3
|
||||||
|
|
||||||
|
[ipv4]
|
||||||
|
method=shared
|
||||||
|
|
||||||
|
[ipv6]
|
||||||
|
addr-gen-mode=default
|
||||||
|
method=shared
|
||||||
|
|
||||||
|
[proxy]
|
|
@ -0,0 +1,11 @@
|
||||||
|
[connection]
|
||||||
|
id=bridge-slave-lan0
|
||||||
|
uuid=a9bee559-325f-4ac4-9c02-b129d08b0c03
|
||||||
|
type=ethernet
|
||||||
|
interface-name=lan0
|
||||||
|
master=br0
|
||||||
|
slave-type=bridge
|
||||||
|
|
||||||
|
[ethernet]
|
||||||
|
|
||||||
|
[bridge-port]
|
|
@ -0,0 +1,11 @@
|
||||||
|
[connection]
|
||||||
|
id=bridge-slave-lan1
|
||||||
|
uuid=a1d80f6a-a7c8-4888-911f-82041324ab84
|
||||||
|
type=ethernet
|
||||||
|
interface-name=lan1
|
||||||
|
master=br0
|
||||||
|
slave-type=bridge
|
||||||
|
|
||||||
|
[ethernet]
|
||||||
|
|
||||||
|
[bridge-port]
|
|
@ -0,0 +1,11 @@
|
||||||
|
[connection]
|
||||||
|
id=bridge-slave-lan2
|
||||||
|
uuid=99e29121-71a4-40d1-886f-fa10410a4897
|
||||||
|
type=ethernet
|
||||||
|
interface-name=lan2
|
||||||
|
master=br0
|
||||||
|
slave-type=bridge
|
||||||
|
|
||||||
|
[ethernet]
|
||||||
|
|
||||||
|
[bridge-port]
|
|
@ -0,0 +1,11 @@
|
||||||
|
[connection]
|
||||||
|
id=bridge-slave-lan3
|
||||||
|
uuid=8943379a-dc7a-453d-a16a-6be42e842f2c
|
||||||
|
type=ethernet
|
||||||
|
interface-name=lan3
|
||||||
|
master=br0
|
||||||
|
slave-type=bridge
|
||||||
|
|
||||||
|
[ethernet]
|
||||||
|
|
||||||
|
[bridge-port]
|
|
@ -357,6 +357,8 @@ in {
|
||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
|
||||||
|
|
||||||
# This value determines the NixOS release with which your system is to be
|
# This value determines the NixOS release with which your system is to be
|
||||||
# compatible, in order to avoid breaking some software such as database
|
# compatible, in order to avoid breaking some software such as database
|
||||||
# servers. You should change this only after NixOS release notes say you
|
# servers. You should change this only after NixOS release notes say you
|
||||||
|
|
|
@ -578,5 +578,7 @@ in {
|
||||||
"invoices.lukegb.com" = { hostnames = [ "invoices.lukegb.com" ]; nginxVirtualHosts = [ "invoices.lukegb.com" ]; };
|
"invoices.lukegb.com" = { hostnames = [ "invoices.lukegb.com" ]; nginxVirtualHosts = [ "invoices.lukegb.com" ]; };
|
||||||
};
|
};
|
||||||
|
|
||||||
|
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
|
||||||
|
|
||||||
system.stateVersion = "22.11";
|
system.stateVersion = "22.11";
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue