Initial commit
This commit is contained in:
parent
cf5e23eaa7
commit
8865d590c3
|
@ -0,0 +1,69 @@
|
||||||
|
{ pkgs, lib, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
# Work-around for running out of space on /boot
|
||||||
|
disabledModules = [ "system/boot/loader/raspberrypi/raspberrypi.nix" ];
|
||||||
|
imports = [
|
||||||
|
./modules/system/boot/loader/raspberrypi/raspberrypi.nix
|
||||||
|
./hardware-configuration.nix
|
||||||
|
./inquisitor.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
nix.maxJobs = 2;
|
||||||
|
|
||||||
|
console = {
|
||||||
|
font = "sun12x22";
|
||||||
|
keyMap = "us";
|
||||||
|
};
|
||||||
|
i18n = {
|
||||||
|
defaultLocale = "en_US.UTF-8";
|
||||||
|
};
|
||||||
|
time.timeZone = "America/Los_Angeles";
|
||||||
|
|
||||||
|
# Hostname, host ID, etc. Note that a host ID (chosen 32-bit integer) is necessary for ZFS.
|
||||||
|
networking = {
|
||||||
|
hostName = "conduit";
|
||||||
|
hostId = "758371f0";
|
||||||
|
firewall = {
|
||||||
|
enable = true;
|
||||||
|
allowedTCPPorts = [ 22 ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
security = {
|
||||||
|
hideProcessInformation = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs;
|
||||||
|
[
|
||||||
|
wget vimHugeX curl git htop tmux manpages
|
||||||
|
zip unzip
|
||||||
|
tinc_pre
|
||||||
|
];
|
||||||
|
|
||||||
|
# SSH config. Change passwordAuthentication if you want to log in with a password.
|
||||||
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
passwordAuthentication = false;
|
||||||
|
permitRootLogin = "prohibit-password";
|
||||||
|
forwardX11 = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.tinc.networks.beatific = {
|
||||||
|
listenAddress = "0.0.0.0";
|
||||||
|
chroot = false;
|
||||||
|
};
|
||||||
|
|
||||||
|
users = {
|
||||||
|
users.tvb = {
|
||||||
|
uid = 1000;
|
||||||
|
isNormalUser = true;
|
||||||
|
extraGroups = ["wheel" "audio" "tty"];
|
||||||
|
openssh.authorizedKeys.keys = [
|
||||||
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCKsKkD9S2gRlRgdf3JD06dRTGUQkDgBMWn+2kqVEPA/K1W/f083+odyXLVeg4IWV/fOwVKBgi9YNTavM8hkKRDGElkVq6Y8slApgu1k51QiKvAqqj4yJKE28pMCeHGGfTBdXbaRAaAfsD7Oh7dHOoadBIxUcq4RjN84+srhR2/p7xN+5rlp/uljU85uPA6JhW4tFEjsAQPUBnlI2EMf6SjKScuYsf5kiyE740NxPPpFSaKIU09dR/oR/nXORqOTzJbWC5tRlpeRFrKDrTeoAZnsl+vjqtVjJRIVjJoON50u3W9qfFKcPcfgtqUbpi1D8Xk8cibGo/0I8ruIwuZrD4Q9v1zGUGbXnAVwoJ5Yn8uVcHnFCbqndN+bDA5M0Fe7zLk6/ui9Z3LJdTWD2aT7mTSmW+5puHlNsAnqD1du1Yh7QbJSBNPdJCq/hceb4JKxUpFH8AXZ6km8j4GTYw0BhPYk2OFrFOG/KUOo1Ez8KRGIkisRTqJU2kFhQ5oSKmD+JbtDA5L6X8ibAUNh67eBJUXRvG/AWUeDDoVdYmEj6yCEi5MrcNJY+b41ywa8mTjjEJlsg+oUdD+1RA9c3px+98ulauhyFw2WfUVQc0ihCDqqqXYkwl0jK3e9Uwlgn4Lkwj9jTsWRwalAoJTXwIPbaAiwDH+UhfiPoLl5yHuoFXdw== tvb@palamas"
|
||||||
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDAbmOSvKJoW+akurv/tMD/jfaDuDg0S/FvIMAOS9WauBI9JyMaQh5NfV+fhOSbjqmvrdm+dGttthqi56MZ090Qps1340TGjY6mVap36pa+fZWSajnUjCW+Tk5T0CqbWJkeDvKwSxY73lhBG4QG+SUFkDvhR6XZXfVksJZ++3aaoSmw6E0LCVL4+CAjTf7lm6Zs9Tq62Skf/5tKhk9ASk+QwBTKpPj/0ZKtBDLJfzrwvT+6K2jFohWPKMXkgZiVFVhbIMatdyZo+Mi+To4YDicyf4KW8OuE0zYb06naWeCgEKH8nSB6xEnosdzrhNwkyJi1TEJHmsn1+PjJ/KWWBOTDFVgueWF0ql2ERAtY/hbe36lNBf0lLRzxIugbxMdix8Oqjy0E9wI3E9/X7j0JGHkDzbzX6xeaTwIRFEFtKqK4zcqOMbUWVujUEnOvIKS9dP4uP08gH9HaIE/0bTb+6RRLmnDA9T6dVXc+dCGMAeqxhZYwuO9XJNxXp4byPFRC29OdEShNp9Yqt9sgLMepAzzFiIXgzIcjg5AOnn2qv4SId2rslX0hkMN05a+Cxn2qAj1ign3BuYRzMnaHyA+R+oHN9314/hTYF7wlYws6Fu3P229arfE2d4UqvnMRmY8vWAjfJr40FyRCxS/6qdVPgJWVevkPx69MMJ+BKAomc/s7fw== tvb@stagirite"
|
||||||
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCzx37PqIaJVWdQs5meVgI4Cg1GRGk6srrix0AUvQeaBS9MOVtJLi+HfnNkcW4GPk9qVlz1E7ciQ7YUw+ny7QbHxcbib2Tawwfk3cx9xiNcN6UI9EzF/rTbNB2Cex8A4sEr5UvoE0BjT5yPaXyrjn8vLksGWq4dlZBM3xeJqe3KP+OxPL0vik3SVGOr/6ZQ7H9cwX5+/p6rCWQuVtwZMcaE6QyXYg5J5FQUaIrFvKbOVklJIkQSbXGzIYQO/QlQC0xWGBapJtGQw/lsQ3YqnFSMkkw8qrKbde07rg8p1FSuqTu+a1ePK+/F4klNel174+39YSobY2/6biPP3Uj/Yhorf4Tw141tIT75e3ebtK5faatQmNOyXcA7LULXK7XemJkZy8PmbNNTeBIKyoI6XQdzk95gpb2C4LEJmV040YMgXhOIiKsHQVgss9FuC+oP5jXWU/JuNXBRHa1IpJjcJhIhg7jnh6ZNZHyK0EpeUs3Zp7usv7mz6CGwb04yvTsWOhZRc+6EoHaHyrNvFPfkPeGsZzxhIbprCyDMtKWsI9GCtztcRhQWBgornUVEs5CurLJBbClQTrZLVv2fn9UnXWPYZTLYL7aFwRIGyKr8ZOOMFxbLOGdeFlqc5TGCP416e8PZvhE+BuDmxiKtQJ/dsQFqVzvOZb2WQRsYRPYvvXbvUw== monitor@isidore"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -0,0 +1,52 @@
|
||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
disabledModules = [ "system/boot/loader/raspberrypi/raspberrypi.nix" ];
|
||||||
|
imports = [ ./modules/system/boot/loader/raspberrypi/raspberrypi.nix ];
|
||||||
|
|
||||||
|
boot.loader.grub.enable = false;
|
||||||
|
boot.loader.raspberryPi = {
|
||||||
|
enable = true;
|
||||||
|
version = 3;
|
||||||
|
firmwareConfig = ''
|
||||||
|
gpu_mem=192
|
||||||
|
dtparam=audio=on
|
||||||
|
disable_overscan=1
|
||||||
|
hdmi_drive=2
|
||||||
|
disable_audio_dither=1
|
||||||
|
|
||||||
|
# Can be shortened if desired.
|
||||||
|
boot_delay=10
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
boot.loader.systemd-boot.configurationLimit = 1;
|
||||||
|
|
||||||
|
# This is necessary for the rpi3.
|
||||||
|
boot.kernelPackages = pkgs.linuxPackages_rpi4;
|
||||||
|
|
||||||
|
# Enable nonfree firmware (necessary for the rpi)
|
||||||
|
hardware.enableRedistributableFirmware = true;
|
||||||
|
|
||||||
|
boot.supportedFilesystems = [ "ext4" ];
|
||||||
|
|
||||||
|
# Log important messages to the system console.
|
||||||
|
boot.consoleLogLevel = lib.mkDefault 7;
|
||||||
|
|
||||||
|
# These are the filesystems defined on the SD image.
|
||||||
|
fileSystems = {
|
||||||
|
"/boot" = {
|
||||||
|
device = "/dev/disk/by-label/FIRMWARE";
|
||||||
|
fsType = "vfat";
|
||||||
|
options = [ "nofail" ];
|
||||||
|
};
|
||||||
|
"/" = {
|
||||||
|
device = "/dev/disk/by-label/NIXOS_SD";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
# Prevent use of swapspace as much as possible
|
||||||
|
boot.kernel.sysctl = { "vm.swappiness" = 0; };
|
||||||
|
|
||||||
|
swapDevices = [ { device = "/swap"; size = 2048; } ];
|
||||||
|
}
|
|
@ -0,0 +1,64 @@
|
||||||
|
{pkgs, ...}:
|
||||||
|
|
||||||
|
let
|
||||||
|
# Import the inquisitor package
|
||||||
|
inquisitorSource = fetchFromGitHub {
|
||||||
|
owner = "Jaculabilis";
|
||||||
|
repo = "Inquisitor";
|
||||||
|
rev = "9001bd8f920cc120f38e998d63a8134969a00032";
|
||||||
|
sha256 = "0nx1dszvmn6a86jhj3c9607jqy0bmijjjz3jb3v5lsnpwwkjs5w6";
|
||||||
|
};
|
||||||
|
inquisitor = callPackage inquisitorSource {};
|
||||||
|
|
||||||
|
# Create the inquisitor config file in the nix store
|
||||||
|
inquisitorConfig = pkgs.writeTextFile "inquisitor.conf" ''
|
||||||
|
DataPath = /var/lib/inquisitor/data/
|
||||||
|
SourcePath = /var/lib/inquisitor/sources/
|
||||||
|
CachePath = /var/lib/inquisitor/cache/
|
||||||
|
Verbose = false
|
||||||
|
LogFile = /var/log/inquisitor.log
|
||||||
|
'';
|
||||||
|
in
|
||||||
|
{
|
||||||
|
# Create a user for the service
|
||||||
|
users.users.inquisitor = {
|
||||||
|
description = "Inquisitor service user";
|
||||||
|
isSystemUser = true;
|
||||||
|
packages = [ inquisitor ];
|
||||||
|
};
|
||||||
|
|
||||||
|
# TODO replace with wrapper that sets envvar
|
||||||
|
environment.systemPackages = [ inquisitor ];
|
||||||
|
|
||||||
|
# Set up the inquisitor service
|
||||||
|
systemd.services.inquisitor =
|
||||||
|
let
|
||||||
|
# Inquisitor needs some state set up to work properly
|
||||||
|
inquisitorSetup = pkgs.writeShellScriptBin "setup.sh" ''
|
||||||
|
mkdir -p /var/lib/inquisitor/data/inquisitor/
|
||||||
|
mkdir -p /var/lib/inquisitor/sources/
|
||||||
|
mkdir -p /var/lib/inquisitor/cache/
|
||||||
|
echo "{}" > /var/lib/inquisitor/data/inquisitor/state
|
||||||
|
'';
|
||||||
|
# Set up server invocation
|
||||||
|
#inquisitorRun = pkgs.writeShellScriptBin "run.sh" ''
|
||||||
|
# ${pkgs.gunicorn}/bin/gunicorn
|
||||||
|
#''; TODO
|
||||||
|
inquisitorRun = pkgs.writeShellScriptBin "run.sh" ''
|
||||||
|
${inquisitor}/bin/inquisitor run
|
||||||
|
'';
|
||||||
|
in {
|
||||||
|
description = "Inquisitor server";
|
||||||
|
environment = { INQUISITOR_CONFIG = $"{inquisitorConfig}"; }; # TODO gunicorn -e
|
||||||
|
preStart = "${inquisitorSetup}/bin/setup.sh";
|
||||||
|
script = $"${inquisitorRun}/bin/run.sh";
|
||||||
|
serviceConfig = {
|
||||||
|
User = "inquisitor";
|
||||||
|
Type = "simple";
|
||||||
|
WorkingDirectory = "/var/lib/inquisitor/";
|
||||||
|
};
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
after = [ "network.target" ];
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
}
|
|
@ -0,0 +1,13 @@
|
||||||
|
{ pkgs, configTxt }:
|
||||||
|
|
||||||
|
pkgs.substituteAll {
|
||||||
|
src = ./raspberrypi-builder.sh;
|
||||||
|
isExecutable = true;
|
||||||
|
#postInstall = "shellcheck $out";
|
||||||
|
#nativeBuildInputs = [ pkgs.buildPackages.shellcheck ];
|
||||||
|
|
||||||
|
inherit (pkgs.buildPackages) bash;
|
||||||
|
path = with pkgs.buildPackages; [coreutils gnused gnugrep];
|
||||||
|
firmware = pkgs.raspberrypifw;
|
||||||
|
inherit configTxt;
|
||||||
|
}
|
|
@ -0,0 +1,179 @@
|
||||||
|
#! @bash@/bin/bash
|
||||||
|
|
||||||
|
# This can end up being called disregarding the shebang.
|
||||||
|
set -e
|
||||||
|
|
||||||
|
shopt -s nullglob
|
||||||
|
|
||||||
|
export PATH=/empty
|
||||||
|
for i in @path@; do PATH=$PATH:$i/bin; done
|
||||||
|
|
||||||
|
usage() {
|
||||||
|
echo "usage: $0 -c <path-to-default-configuration> [-d <boot-dir>] [-g <num-generations>]" >&2
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
default= # Default configuration
|
||||||
|
target=/boot # Target directory
|
||||||
|
numGenerations=0 # Number of other generations to include in the menu
|
||||||
|
|
||||||
|
while getopts "c:d:g:" opt; do
|
||||||
|
case "$opt" in
|
||||||
|
c) default="$OPTARG" ;;
|
||||||
|
d) target="$OPTARG" ;;
|
||||||
|
g) numGenerations="$OPTARG" ;;
|
||||||
|
\?) usage ;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
|
||||||
|
echo "updating the boot generations directory..."
|
||||||
|
|
||||||
|
mkdir -p "$target/old"
|
||||||
|
|
||||||
|
# Convert a path to a file in the Nix store such as
|
||||||
|
# /nix/store/<hash>-<name>/file to <hash>-<name>-<file>.
|
||||||
|
cleanName() {
|
||||||
|
local path="$1"
|
||||||
|
echo "$path" | sed 's|^/nix/store/||' | sed 's|/|-|g'
|
||||||
|
}
|
||||||
|
|
||||||
|
atomicCopy() {
|
||||||
|
local src="$1"
|
||||||
|
local dst="$2"
|
||||||
|
local dstTmp=$dst.tmp.$$
|
||||||
|
cp "$src" "$dstTmp"
|
||||||
|
mv "$dstTmp" "$dst"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Copy a file from the Nix store to $target/nixos.
|
||||||
|
declare -A filesCopied
|
||||||
|
|
||||||
|
copyToOldDir() {
|
||||||
|
local src dst
|
||||||
|
src=$(readlink -f "$1")
|
||||||
|
dst="$target/old/$(cleanName "$src")"
|
||||||
|
# Don't copy the file if $dst already exists. This means that we
|
||||||
|
# have to create $dst atomically to prevent partially copied
|
||||||
|
# kernels or initrd if this script is ever interrupted.
|
||||||
|
if ! test -e "$dst"; then
|
||||||
|
atomicCopy "$src" "$dst"
|
||||||
|
fi
|
||||||
|
filesCopied[$dst]=1
|
||||||
|
}
|
||||||
|
|
||||||
|
copyDtbDir() {
|
||||||
|
local dtb_dir="$1"
|
||||||
|
local dst_dir="$2"
|
||||||
|
mkdir -p "$dst_dir"
|
||||||
|
for dtb in "$dtb_dir"/{broadcom,}/bcm*.dtb; do
|
||||||
|
local dst
|
||||||
|
dst="$dst_dir/$(basename "$dtb")"
|
||||||
|
local dstTmp=$dst.tmp.$$
|
||||||
|
cp "$dtb" "$dstTmp"
|
||||||
|
mv "$dstTmp" "$dst"
|
||||||
|
filesCopied[$dst]=1
|
||||||
|
done
|
||||||
|
filesCopied[$dst_dir]=1
|
||||||
|
}
|
||||||
|
|
||||||
|
cpMarked() {
|
||||||
|
local src="$1"
|
||||||
|
local dst="$2"
|
||||||
|
cp "$src" "$dst"
|
||||||
|
filesCopied[$dst]=1
|
||||||
|
}
|
||||||
|
|
||||||
|
echoMarked() {
|
||||||
|
local src="$1"
|
||||||
|
local dst="$2"
|
||||||
|
echo "$src" >"$dst"
|
||||||
|
filesCopied[$dst]=1
|
||||||
|
}
|
||||||
|
|
||||||
|
# Copy its kernel, initrd and dtbs to $target/old
|
||||||
|
addEntry() {
|
||||||
|
local path
|
||||||
|
path=$(readlink -f "$1")
|
||||||
|
local tag="$2" # Generation number or 'default'
|
||||||
|
|
||||||
|
if ! test -e "$path/kernel" -a -e "$path/initrd"; then
|
||||||
|
return
|
||||||
|
fi
|
||||||
|
|
||||||
|
local kernel initrd dtb_path init kernel_params
|
||||||
|
kernel=$(readlink -f "$path/kernel")
|
||||||
|
initrd=$(readlink -f "$path/initrd")
|
||||||
|
dtb_path=$(readlink -f "$path/dtbs")
|
||||||
|
init=$(readlink -f "$path/init")
|
||||||
|
kernel_params=$(readlink -f "$path/kernel-params")
|
||||||
|
|
||||||
|
if [ "$tag" = "default" ]; then
|
||||||
|
atomicCopy "$kernel" "$target/kernel.img"
|
||||||
|
atomicCopy "$initrd" "$target/initrd"
|
||||||
|
copyDtbDir "$dtb_path" "$target"
|
||||||
|
atomicCopy "$init" "$target/nixos-init"
|
||||||
|
|
||||||
|
tmpFile="$target/cmdline.txt.$$"
|
||||||
|
echo "$(cat "$kernel_params") init=$init" >"$tmpFile"
|
||||||
|
mv -f "$tmpFile" "$target/cmdline.txt"
|
||||||
|
else
|
||||||
|
copyToOldDir "$kernel"
|
||||||
|
copyToOldDir "$initrd"
|
||||||
|
|
||||||
|
copyDtbDir "$dtb_path" "$target/old/$(cleanName "$dtb_path")"
|
||||||
|
|
||||||
|
echoMarked "$path" "$target/old/$generation-system"
|
||||||
|
echoMarked "$init" "$target/old/$generation-init"
|
||||||
|
cpMarked "$kernel_params" "$target/old/$generation-cmdline.txt"
|
||||||
|
echoMarked "$initrd" "$target/old/$generation-initrd"
|
||||||
|
echoMarked "$kernel" "$target/old/$generation-kernel"
|
||||||
|
echoMarked "$dtb_path" "$target/old/$generation-dtbs"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
addEntry "$default" default
|
||||||
|
|
||||||
|
if [ "$numGenerations" -gt 0 ]; then
|
||||||
|
# Add up to $numGenerations generations of the system profile to $target/old,
|
||||||
|
# in reverse (most recent to least recent) order.
|
||||||
|
for generation in $(
|
||||||
|
(cd /nix/var/nix/profiles && ls -d system-*-link) \
|
||||||
|
| sed 's/system-\([0-9]\+\)-link/\1/' \
|
||||||
|
| sort -n -r \
|
||||||
|
| head -n "$numGenerations"); do
|
||||||
|
link=/nix/var/nix/profiles/system-$generation-link
|
||||||
|
addEntry "$link" "$generation"
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Add the firmware files
|
||||||
|
fwdir=@firmware@/share/raspberrypi/boot/
|
||||||
|
atomicCopy $fwdir/bootcode.bin "$target/bootcode.bin"
|
||||||
|
atomicCopy $fwdir/fixup.dat "$target/fixup.dat"
|
||||||
|
atomicCopy $fwdir/fixup4.dat "$target/fixup4.dat"
|
||||||
|
atomicCopy $fwdir/fixup4cd.dat "$target/fixup4cd.dat"
|
||||||
|
atomicCopy $fwdir/fixup4db.dat "$target/fixup4db.dat"
|
||||||
|
atomicCopy $fwdir/fixup4x.dat "$target/fixup4x.dat"
|
||||||
|
atomicCopy $fwdir/fixup_cd.dat "$target/fixup_cd.dat"
|
||||||
|
atomicCopy $fwdir/fixup_db.dat "$target/fixup_db.dat"
|
||||||
|
atomicCopy $fwdir/fixup_x.dat "$target/fixup_x.dat"
|
||||||
|
atomicCopy $fwdir/start.elf "$target/start.elf"
|
||||||
|
atomicCopy $fwdir/start4.elf "$target/start4.elf"
|
||||||
|
atomicCopy $fwdir/start4cd.elf "$target/start4cd.elf"
|
||||||
|
atomicCopy $fwdir/start4db.elf "$target/start4db.elf"
|
||||||
|
atomicCopy $fwdir/start4x.elf "$target/start4x.elf"
|
||||||
|
atomicCopy $fwdir/start_cd.elf "$target/start_cd.elf"
|
||||||
|
atomicCopy $fwdir/start_db.elf "$target/start_db.elf"
|
||||||
|
atomicCopy $fwdir/start_x.elf "$target/start_x.elf"
|
||||||
|
|
||||||
|
# Add the config.txt
|
||||||
|
atomicCopy @configTxt@ "$target/config.txt"
|
||||||
|
|
||||||
|
# Remove obsolete files from $target and $target/nixos.
|
||||||
|
for fn in "$target"/old/* "$target"/bcm*.dtb "$target"/cmdline.txt.*; do
|
||||||
|
if ! test "${filesCopied[$fn]}" = 1; then
|
||||||
|
echo "Removing no longer needed boot file: $fn"
|
||||||
|
chmod +w -- "$fn"
|
||||||
|
rm -rf -- "$fn"
|
||||||
|
fi
|
||||||
|
done
|
|
@ -0,0 +1,107 @@
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
with lib;
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.boot.loader.raspberryPi;
|
||||||
|
|
||||||
|
inherit (pkgs.stdenv.hostPlatform) platform;
|
||||||
|
|
||||||
|
builderUboot = import ./uboot-builder.nix { inherit pkgs configTxt; inherit (cfg) version; };
|
||||||
|
builderGeneric = import ./raspberrypi-builder.nix { inherit pkgs configTxt; };
|
||||||
|
|
||||||
|
builder =
|
||||||
|
if cfg.uboot.enable then
|
||||||
|
"${builderUboot} -g ${toString cfg.configurationLimit} -t ${timeoutStr} -c"
|
||||||
|
else
|
||||||
|
"${builderGeneric} -g ${toString cfg.configurationLimit} -c";
|
||||||
|
|
||||||
|
blCfg = config.boot.loader;
|
||||||
|
timeoutStr = if blCfg.timeout == null then "-1" else toString blCfg.timeout;
|
||||||
|
|
||||||
|
isAarch64 = pkgs.stdenv.hostPlatform.isAarch64;
|
||||||
|
optional = pkgs.stdenv.lib.optionalString;
|
||||||
|
|
||||||
|
configTxt =
|
||||||
|
pkgs.writeText "config.txt" (''
|
||||||
|
# U-Boot used to need this to work, regardless of whether UART is actually used or not.
|
||||||
|
# TODO: check when/if this can be removed.
|
||||||
|
enable_uart=1
|
||||||
|
|
||||||
|
# Prevent the firmware from smashing the framebuffer setup done by the mainline kernel
|
||||||
|
# when attempting to show low-voltage or overtemperature warnings.
|
||||||
|
avoid_warnings=1
|
||||||
|
'' + optional isAarch64 ''
|
||||||
|
# Boot in 64-bit mode.
|
||||||
|
arm_64bit=1
|
||||||
|
'' + (if cfg.uboot.enable then ''
|
||||||
|
kernel=u-boot-rpi.bin
|
||||||
|
'' else ''
|
||||||
|
kernel=kernel.img
|
||||||
|
initramfs initrd followkernel
|
||||||
|
'') + optional (cfg.firmwareConfig != null) cfg.firmwareConfig);
|
||||||
|
|
||||||
|
in
|
||||||
|
|
||||||
|
{
|
||||||
|
options = {
|
||||||
|
|
||||||
|
boot.loader.raspberryPi = {
|
||||||
|
enable = mkOption {
|
||||||
|
default = false;
|
||||||
|
type = types.bool;
|
||||||
|
description = ''
|
||||||
|
Whether to create files with the system generations in
|
||||||
|
<literal>/boot</literal>.
|
||||||
|
<literal>/boot/old</literal> will hold files from old generations.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
version = mkOption {
|
||||||
|
default = 2;
|
||||||
|
type = types.enum [ 0 1 2 3 4 ];
|
||||||
|
description = ''
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
configurationLimit = mkOption {
|
||||||
|
default = 20;
|
||||||
|
example = 10;
|
||||||
|
type = types.int;
|
||||||
|
description = ''
|
||||||
|
Maximum number of configurations in the boot menu.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
uboot = {
|
||||||
|
enable = mkOption {
|
||||||
|
default = false;
|
||||||
|
type = types.bool;
|
||||||
|
description = ''
|
||||||
|
Enable using uboot as bootmanager for the raspberry pi.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
firmwareConfig = mkOption {
|
||||||
|
default = null;
|
||||||
|
type = types.nullOr types.lines;
|
||||||
|
description = ''
|
||||||
|
Extra options that will be appended to <literal>/boot/config.txt</literal> file.
|
||||||
|
For possible values, see: https://www.raspberrypi.org/documentation/configuration/config-txt/
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = mkIf cfg.enable {
|
||||||
|
assertions = singleton {
|
||||||
|
assertion = !pkgs.stdenv.hostPlatform.isAarch64 || cfg.version >= 3;
|
||||||
|
message = "Only Raspberry Pi >= 3 supports aarch64.";
|
||||||
|
};
|
||||||
|
|
||||||
|
system.build.installBootLoader = builder;
|
||||||
|
system.boot.loader.id = "raspberrypi";
|
||||||
|
system.boot.loader.kernelFile = platform.kernelTarget;
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in New Issue