diff options
Diffstat (limited to 'util/liveiso')
| -rw-r--r-- | util/liveiso/.gitignore | 1 | ||||
| -rwxr-xr-x | util/liveiso/build-console.sh | 3 | ||||
| -rwxr-xr-x | util/liveiso/build-graphical.sh | 3 | ||||
| -rw-r--r-- | util/liveiso/common.nix | 160 | ||||
| -rw-r--r-- | util/liveiso/console.nix | 11 | ||||
| -rw-r--r-- | util/liveiso/description.md | 11 | ||||
| -rw-r--r-- | util/liveiso/graphical.nix | 74 |
7 files changed, 263 insertions, 0 deletions
diff --git a/util/liveiso/.gitignore b/util/liveiso/.gitignore new file mode 100644 index 0000000000..b2be92b7db --- /dev/null +++ b/util/liveiso/.gitignore @@ -0,0 +1 @@ +result diff --git a/util/liveiso/build-console.sh b/util/liveiso/build-console.sh new file mode 100755 index 0000000000..ced2ca748c --- /dev/null +++ b/util/liveiso/build-console.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env sh + +nix-build '<nixpkgs/nixos>' -A config.system.build.isoImage -I nixos-config=console.nix diff --git a/util/liveiso/build-graphical.sh b/util/liveiso/build-graphical.sh new file mode 100755 index 0000000000..8e794787a1 --- /dev/null +++ b/util/liveiso/build-graphical.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env sh + +nix-build '<nixpkgs/nixos>' -A config.system.build.isoImage -I nixos-config=graphical.nix diff --git a/util/liveiso/common.nix b/util/liveiso/common.nix new file mode 100644 index 0000000000..941e62499a --- /dev/null +++ b/util/liveiso/common.nix @@ -0,0 +1,160 @@ +# SPDX-License-Identifier: GPL-2.0-only + +{ config, options, pkgs, ... }: + +{ + imports = [ + <nixpkgs/nixos/modules/installer/cd-dvd/channel.nix> + <nixpkgs/nixos/modules/installer/cd-dvd/iso-image.nix> + ]; + + system.stateVersion = "21.05"; + + isoImage = { + makeEfiBootable = true; + makeUsbBootable = true; + isoName = "${config.isoImage.isoBaseName}-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}.iso"; + }; + + # Tell the Nix evaluator to garbage collect more aggressively. + # This is desirable in memory-constrained environments that don't + # (yet) have swap set up. + environment.variables.GC_INITIAL_HEAP_SIZE = "1M"; + + boot = { + kernelParams = [ "console=ttyS0,115200" "console=tty0" ]; + # pkgs.linuxPackages == lts + # pkgs.linuxPackages_latest == stable + kernelPackages = pkgs.linuxPackages; + extraModulePackages = with config.boot.kernelPackages; [ + acpi_call + chipsec + zfs + ]; + # Make programs more likely to work in low memory + # environments. The kernel's overcommit heustistics bite us + # fairly often, preventing processes from forking even if + # there is plenty of free memory. + kernel.sysctl."vm.overcommit_memory" = "1"; + loader.grub.memtest86.enable = true; + postBootCommands = '' + mkdir -p /mnt + ''; + }; + + console.packages = options.console.packages.default ++ [ pkgs.terminus_font ]; + + nixpkgs.config.allowUnfree = true; + hardware = { + cpu.intel.updateMicrocode = true; + cpu.amd.updateMicrocode = true; + enableAllFirmware = true; + bluetooth = { + enable = true; + powerOnBoot = false; + package = pkgs.bluezFull; + }; + }; + + services = { + fwupd.enable = true; + udev.packages = with pkgs; [ + rfkill_udev + ]; + openssh = { + enable = true; + permitRootLogin = "yes"; + }; + }; + + networking = { + hostName = "devsystem"; + networkmanager.enable = true; + }; + + security.sudo.wheelNeedsPassword = false; + + users = { + groups.user = {}; + users = { + root.initialHashedPassword = ""; + user = { + isNormalUser = true; + group = "user"; + extraGroups = [ "users" "wheel" "networkmanager" "uucp" ]; + initialHashedPassword = ""; + }; + }; + }; + + environment.systemPackages = with pkgs; [ + acpica-tools + btrfs-progs + bzip2 + ccrypt + chipsec + coreboot-utils + cryptsetup + curl + ddrescue + dmidecode + dosfstools + e2fsprogs + efibootmgr + efivar + exfat + f2fs-tools + flashrom + fuse + fuse3 + fwts + gptfdisk + gitAndTools.gitFull + gitAndTools.tig + gzip + hdparm + hexdump + htop + i2c-tools + iasl + intel-gpu-tools + inxi + iotools + jfsutils + jq + mdadm + minicom + mkpasswd + ms-sys + msr-tools + neovim + nixos-install-tools + ntfsprogs + openssl + p7zip + pacman + parted + pciutils + phoronix-test-suite + powertop + psmisc + python3Full + rsync + screen + sdparm + smartmontools + socat + sshfs-fuse + testdisk + tmate + tmux + unzip + upterm + usbutils + wget + xfsprogs.bin + zfs + zip + zstd + ]; +} diff --git a/util/liveiso/console.nix b/util/liveiso/console.nix new file mode 100644 index 0000000000..032ca719e2 --- /dev/null +++ b/util/liveiso/console.nix @@ -0,0 +1,11 @@ +# SPDX-License-Identifier: GPL-2.0-only + +{ ... }: + +{ + imports = [ + ./common.nix + ]; + + services.getty.autologinUser = "user"; +} diff --git a/util/liveiso/description.md b/util/liveiso/description.md new file mode 100644 index 0000000000..8f282faddb --- /dev/null +++ b/util/liveiso/description.md @@ -0,0 +1,11 @@ +# Live ISO + +## What is this? + +NixOS configuration files for testing purposes and for working on firmware. + +## TODO +- Use programs.flashrom.enable (#128205) and add `user` to `flashrom` group. + Will be usable from the next NixOS release. +- Generate customized bootloader configs; FILO is WIP +- Add coreboot toolchain diff --git a/util/liveiso/graphical.nix b/util/liveiso/graphical.nix new file mode 100644 index 0000000000..35909fb14f --- /dev/null +++ b/util/liveiso/graphical.nix @@ -0,0 +1,74 @@ +# SPDX-License-Identifier: GPL-2.0-only + +{ pkgs, lib, ... }: + +{ + imports = [ + ./common.nix + ]; + + hardware.pulseaudio = { + enable = true; + package = pkgs.pulseaudioFull; + extraModules = with pkgs; [ pulseaudio-modules-bt ]; + }; + + security.polkit = { + enable = true; + extraConfig = '' + polkit.addRule(function(action, subject) { + if (subject.isInGroup("wheel")) { + return polkit.Result.YES; + } + }); + ''; + }; + + services.xserver = { + enable = true; + displayManager = { + gdm = { + enable = true; + autoSuspend = false; + }; + autoLogin = { + enable = true; + user = "user"; + }; + }; + desktopManager.gnome.enable = true; + }; + + users.users.user.extraGroups = [ "audio" "video" "input" ]; + + environment.systemPackages = with pkgs; [ + firefox + gparted + pavucontrol + ]; + + # Remove unnecessary stuff + services = { + gnome = { + evolution-data-server.enable = lib.mkForce false; + gnome-online-accounts.enable = lib.mkForce false; + gnome-online-miners.enable = lib.mkForce false; + gnome-initial-setup.enable = lib.mkForce false; + chrome-gnome-shell.enable = lib.mkForce false; + }; + telepathy.enable = lib.mkForce false; + dleyna-renderer.enable = lib.mkForce false; + dleyna-server.enable = lib.mkForce false; + }; + + programs.geary.enable = lib.mkForce false; + + environment.gnome.excludePackages = with pkgs; [ + gnome.gnome-weather + gnome.epiphany + gnome.gnome-contacts + gnome-photos + gnome.gnome-music + yelp + ]; +} |