summaryrefslogtreecommitdiff
path: root/util/liveiso/nixos
diff options
context:
space:
mode:
authorFelix Singer <felix.singer@secunet.com>2023-03-13 14:03:45 +0100
committerFelix Singer <felixsinger@posteo.net>2023-03-17 19:27:31 +0000
commit0e2fc554a778e2a47a9ad906a56159055c7187d1 (patch)
tree8484f0f782347c14c32dc4b535fa8bb1cc32ddef /util/liveiso/nixos
parentd054bbd4f1ba1675486df38afdc186d9f31760f1 (diff)
util/liveiso: Move NixOS configs to subdirectory
Move the NixOS configuration into a subdirectory so that configurations for other distros can be added as well. Change-Id: I0462c1a6541878c973be4302c5c5e9e9bfaed2a6 Signed-off-by: Felix Singer <felix.singer@secunet.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/73684 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Elyes Haouas <ehaouas@noos.fr> Reviewed-by: Michael Niewöhner <foss@mniewoehner.de>
Diffstat (limited to 'util/liveiso/nixos')
-rw-r--r--util/liveiso/nixos/README.md9
-rwxr-xr-xutil/liveiso/nixos/build.sh14
-rw-r--r--util/liveiso/nixos/common.nix178
-rw-r--r--util/liveiso/nixos/console.nix9
-rw-r--r--util/liveiso/nixos/description.md2
-rw-r--r--util/liveiso/nixos/graphical.nix73
6 files changed, 285 insertions, 0 deletions
diff --git a/util/liveiso/nixos/README.md b/util/liveiso/nixos/README.md
new file mode 100644
index 0000000000..48420e6f6c
--- /dev/null
+++ b/util/liveiso/nixos/README.md
@@ -0,0 +1,9 @@
+# Live ISO
+
+## What is this?
+
+NixOS configuration files for testing purposes and for working on firmware.
+
+## TODO
+- Generate customized bootloader configs; FILO is WIP
+- Switch to `programs.neovim` when the module is fixed.
diff --git a/util/liveiso/nixos/build.sh b/util/liveiso/nixos/build.sh
new file mode 100755
index 0000000000..e2e1d65672
--- /dev/null
+++ b/util/liveiso/nixos/build.sh
@@ -0,0 +1,14 @@
+#!/usr/bin/env sh
+
+config=$1
+
+if [ -z "$config" ] || [ ! -f "$config" ]; then
+ echo "Usage: $0 <config.nix>"
+ echo "No config given. Exiting."
+ exit 1
+fi
+
+nix-build '<nixpkgs/nixos>' \
+ -A config.system.build.isoImage \
+ -I nixos-config=$config \
+ -I nixpkgs=https://github.com/NixOS/nixpkgs/archive/refs/heads/nixos-22.11.tar.gz
diff --git a/util/liveiso/nixos/common.nix b/util/liveiso/nixos/common.nix
new file mode 100644
index 0000000000..93a4168524
--- /dev/null
+++ b/util/liveiso/nixos/common.nix
@@ -0,0 +1,178 @@
+# SPDX-License-Identifier: GPL-2.0-only
+
+{ config, options, pkgs, ... }:
+
+{
+ imports = [
+ <nixpkgs/nixos/modules/installer/cd-dvd/channel.nix>
+ <nixpkgs/nixos/modules/installer/cd-dvd/iso-image.nix>
+ ];
+
+ system.stateVersion = "22.11";
+
+ isoImage = {
+ makeEfiBootable = true;
+ makeUsbBootable = true;
+ isoName = "${config.isoImage.isoBaseName}-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}.iso";
+ };
+
+ environment = {
+ variables = {
+ EDITOR = "nvim";
+ VISUAL = "nvim";
+ # Tell the Nix evaluator to garbage collect more aggressively.
+ # This is desirable in memory-constrained environments that don't
+ # (yet) have swap set up.
+ GC_INITIAL_HEAP_SIZE = "1M";
+ };
+ shellAliases.vim = "nvim";
+ };
+
+ boot = {
+ kernelParams = [
+ "console=ttyS0,115200"
+ "console=tty0"
+ "iomem=relaxed"
+ "intel-spi.writeable=1"
+ ];
+ # pkgs.linuxPackages == lts
+ # pkgs.linuxPackages_latest == stable
+ kernelPackages = pkgs.linuxPackages;
+ extraModulePackages = with config.boot.kernelPackages; [
+ acpi_call
+ chipsec
+ zfs
+ ];
+ # Make programs more likely to work in low memory
+ # environments. The kernel's overcommit heustistics bite us
+ # fairly often, preventing processes from forking even if
+ # there is plenty of free memory.
+ kernel.sysctl."vm.overcommit_memory" = "1";
+ loader.grub.memtest86.enable = true;
+ postBootCommands = ''
+ mkdir -p /mnt
+ '';
+ };
+
+ console.packages = options.console.packages.default ++ [ pkgs.terminus_font ];
+
+ nixpkgs.config.allowUnfree = true;
+ hardware = {
+ cpu.intel.updateMicrocode = true;
+ cpu.amd.updateMicrocode = true;
+ enableAllFirmware = true;
+ bluetooth = {
+ enable = true;
+ powerOnBoot = false;
+ package = pkgs.bluezFull;
+ };
+ };
+
+ services = {
+ fwupd.enable = true;
+ udev.packages = with pkgs; [
+ rfkill_udev
+ ];
+ openssh = {
+ enable = true;
+ permitRootLogin = "yes";
+ };
+ };
+
+ networking = {
+ hostName = "devsystem";
+ networkmanager.enable = true;
+ };
+
+ security.sudo.wheelNeedsPassword = false;
+
+ users = {
+ groups.user = {};
+ users = {
+ root.initialHashedPassword = "";
+ user = {
+ isNormalUser = true;
+ group = "user";
+ extraGroups = [ "users" "wheel" "networkmanager" "uucp" "flashrom" ];
+ initialHashedPassword = "";
+ };
+ };
+ };
+
+ programs.flashrom.enable = true;
+
+ environment.systemPackages = with pkgs; [
+ acpica-tools
+ btrfs-progs
+ bzip2
+ ccrypt
+ chipsec
+ coreboot-utils
+ cryptsetup
+ curl
+ ddrescue
+ devmem2
+ dmidecode
+ dosfstools
+ e2fsprogs
+ efibootmgr
+ efivar
+ exfat
+ f2fs-tools
+ fuse
+ fuse3
+ fwts
+ gptfdisk
+ gitAndTools.gitFull
+ gitAndTools.tig
+ gzip
+ hdparm
+ hexdump
+ htop
+ i2c-tools
+ intel-gpu-tools
+ inxi
+ iotools
+ jfsutils
+ jq
+ mdadm
+ minicom
+ mkpasswd
+ ms-sys
+ msr-tools
+ mtdutils
+ neovim
+ nixos-install-tools
+ ntfsprogs
+ nvme-cli
+ openssl
+ p7zip
+ pacman
+ parted
+ pcimem
+ pciutils
+ phoronix-test-suite
+ powertop
+ psmisc
+ python3Full
+ rsync
+ screen
+ sdparm
+ smartmontools
+ socat
+ sshfs-fuse
+ testdisk
+ tmate
+ tmux
+ uefitool
+ uefitoolPackages.old-engine
+ unzip
+ upterm
+ usbutils
+ wget
+ xfsprogs.bin
+ zfs
+ zip
+ zstd
+ ];
+}
diff --git a/util/liveiso/nixos/console.nix b/util/liveiso/nixos/console.nix
new file mode 100644
index 0000000000..9bd75971fb
--- /dev/null
+++ b/util/liveiso/nixos/console.nix
@@ -0,0 +1,9 @@
+# SPDX-License-Identifier: GPL-2.0-only
+
+{
+ imports = [
+ ./common.nix
+ ];
+
+ services.getty.autologinUser = "user";
+}
diff --git a/util/liveiso/nixos/description.md b/util/liveiso/nixos/description.md
new file mode 100644
index 0000000000..fb4b89d280
--- /dev/null
+++ b/util/liveiso/nixos/description.md
@@ -0,0 +1,2 @@
+A script and NixOS configuration files to create an ISO image for
+testing purposes and for working on firmware. `Bash`
diff --git a/util/liveiso/nixos/graphical.nix b/util/liveiso/nixos/graphical.nix
new file mode 100644
index 0000000000..8d51caf071
--- /dev/null
+++ b/util/liveiso/nixos/graphical.nix
@@ -0,0 +1,73 @@
+# SPDX-License-Identifier: GPL-2.0-only
+
+{ pkgs, lib, ... }:
+
+{
+ imports = [
+ ./common.nix
+ ];
+
+ hardware.pulseaudio = {
+ enable = true;
+ package = pkgs.pulseaudioFull;
+ };
+
+ security.polkit = {
+ enable = true;
+ extraConfig = ''
+ polkit.addRule(function(action, subject) {
+ if (subject.isInGroup("wheel")) {
+ return polkit.Result.YES;
+ }
+ });
+ '';
+ };
+
+ services.xserver = {
+ enable = true;
+ displayManager = {
+ gdm = {
+ enable = true;
+ autoSuspend = false;
+ };
+ autoLogin = {
+ enable = true;
+ user = "user";
+ };
+ };
+ desktopManager.gnome.enable = true;
+ };
+
+ users.users.user.extraGroups = [ "audio" "video" "input" ];
+
+ environment.systemPackages = with pkgs; [
+ firefox
+ gparted
+ pavucontrol
+ ];
+
+ # Remove unnecessary stuff
+ services = {
+ gnome = {
+ evolution-data-server.enable = lib.mkForce false;
+ gnome-online-accounts.enable = lib.mkForce false;
+ gnome-online-miners.enable = lib.mkForce false;
+ gnome-initial-setup.enable = lib.mkForce false;
+ gnome-browser-connector.enable = lib.mkForce false;
+ };
+ telepathy.enable = lib.mkForce false;
+ dleyna-renderer.enable = lib.mkForce false;
+ dleyna-server.enable = lib.mkForce false;
+ };
+
+ programs.geary.enable = lib.mkForce false;
+
+ environment.gnome.excludePackages = with pkgs; [
+ gnome.gnome-weather
+ gnome.epiphany
+ gnome.gnome-contacts
+ gnome-photos
+ gnome.gnome-music
+ yelp
+ ];
+}