init commit
This commit is contained in:
commit
e9319bc885
|
@ -0,0 +1,4 @@
|
|||
*.img
|
||||
*.qcow2
|
||||
.direnv
|
||||
linux*
|
|
@ -0,0 +1,25 @@
|
|||
{
|
||||
"nodes": {
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1707238373,
|
||||
"narHash": "sha256-WKxT0yLzWbFZwYi92lI0yWJpYtRaFSWHGX8QXzejapw=",
|
||||
"rev": "fb0c047e30b69696acc42e669d02452ca1b55755",
|
||||
"revCount": 555442,
|
||||
"type": "tarball",
|
||||
"url": "https://api.flakehub.com/f/pinned/NixOS/nixpkgs/0.2311.555442%2Brev-fb0c047e30b69696acc42e669d02452ca1b55755/018d8628-6732-76b7-b9c7-12c4fc4e280f/source.tar.gz"
|
||||
},
|
||||
"original": {
|
||||
"type": "tarball",
|
||||
"url": "https://flakehub.com/f/NixOS/nixpkgs/%2A.tar.gz"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"nixpkgs": "nixpkgs"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
"version": 7
|
||||
}
|
|
@ -0,0 +1,75 @@
|
|||
{
|
||||
inputs = {
|
||||
# a better way of using the latest stable version of nixpkgs
|
||||
# without specifying specific release
|
||||
nixpkgs.url = "https://flakehub.com/f/NixOS/nixpkgs/*.tar.gz";
|
||||
};
|
||||
|
||||
outputs = { self, nixpkgs }:
|
||||
let
|
||||
# helpers for producing system-specific outputs
|
||||
supportedSystems = [ "x86_64-linux" "aarch64-linux" ];
|
||||
forEachSupportedSystem = f: nixpkgs.lib.genAttrs supportedSystems (system: f {
|
||||
pkgs = import nixpkgs { inherit system; };
|
||||
});
|
||||
in {
|
||||
devShells = forEachSupportedSystem ({ pkgs }: {
|
||||
default = pkgs.mkShell {
|
||||
inputsFrom = with pkgs; [ linux_latest ];
|
||||
packages = with pkgs; [
|
||||
# for a better kernel developer workflow
|
||||
b4
|
||||
neovim
|
||||
rustup
|
||||
|
||||
# for "make menuconfig"
|
||||
pkg-config
|
||||
ncurses.dev
|
||||
|
||||
# formatting this flake
|
||||
nixpkgs-fmt
|
||||
]
|
||||
# testing the built kernel in a VM using QEMU
|
||||
++ (with pkgs; [
|
||||
qemu_kvm
|
||||
debootstrap # fur creating ze rootfs
|
||||
])
|
||||
# extra utilities _I_ find useful
|
||||
++ (with pkgs; [
|
||||
bat
|
||||
broot
|
||||
choose
|
||||
fd
|
||||
ripgrep
|
||||
])
|
||||
# packages related to debugging
|
||||
# BE CAREFUL NOT TO MIX LLVM TOOLCHAIN'S TOOLS WITH GNU'S TOOLS
|
||||
++ (with pkgs; [
|
||||
#clang-tools
|
||||
#gdb
|
||||
#lldb
|
||||
])
|
||||
# LLVM 15 toolchain (as per Linux 6.6)
|
||||
# but commented out since there is some Nix fuckery with stdenv which has
|
||||
# GNU toolchain and that interferes with LLVM's
|
||||
++ (with pkgs.llvmPackages_15; [
|
||||
#bintools
|
||||
#clang
|
||||
#libcxx
|
||||
#lld
|
||||
]);
|
||||
|
||||
# Disable '-fno-strict-overflow' compiler flag because it causes the build to fail with the following error:
|
||||
# clang-16: error: argument unused during compilation: '-fno-strict-overflow' [-Werror,-Wunused-command-line-argument]
|
||||
hardeningDisable = [ "strictoverflow" ];
|
||||
|
||||
env = {
|
||||
#LLVM = 1;
|
||||
};
|
||||
|
||||
shellHook = ''
|
||||
'';
|
||||
};
|
||||
});
|
||||
};
|
||||
}
|
|
@ -0,0 +1,16 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
set -xeuf
|
||||
|
||||
qemu-kvm \
|
||||
-machine virt \
|
||||
-cpu host \
|
||||
-smp 2 \
|
||||
-m 2048 \
|
||||
-accel kvm \
|
||||
-nographic \
|
||||
-kernel "$1" \
|
||||
-hda "$2" \
|
||||
-netdev user,id=mynet0,hostfwd=tcp::6902-:22 \
|
||||
-device virtio-net-pci,netdev=mynet0 \
|
||||
-append 'root=/dev/vda rw systemd.show_status=false'
|
|
@ -0,0 +1,97 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
set -xeu -o pipefail
|
||||
|
||||
# TODO:
|
||||
# 1. Verify options' states
|
||||
# 2. UKI
|
||||
|
||||
ALL_JOBS=$(( $(nproc) + 2 ))
|
||||
SUDO_ALIAS='sudo --preserve-env=PATH env' # use this alias for su-do-ing binaries provided by Nix
|
||||
K_CONFIG="${1:-}"
|
||||
K_LOCALVERSION="-$(date +%Y.%m.%d.%H%M)"
|
||||
|
||||
function remove_kernel() {
|
||||
INSTALL_DIRS=(/boot /lib/modules /usr)
|
||||
K_RELEASE="$(make -s kernelrelease)"
|
||||
for d in "${INSTALL_DIRS[@]}"; do
|
||||
sudo rm -rvf "$d"/*"${K_RELEASE}"*
|
||||
done
|
||||
}
|
||||
|
||||
if [[ "${K_CONFIG}" == 'clean' ]]; then
|
||||
remove_kernel
|
||||
exit 0
|
||||
fi
|
||||
|
||||
function configure_kernel() {
|
||||
if [[ -z "${K_CONFIG}" ]]; then
|
||||
cp "/boot/config-$(uname -r)" .config
|
||||
else
|
||||
make "${K_CONFIG}"
|
||||
fi
|
||||
common_config
|
||||
}
|
||||
|
||||
function common_config() {
|
||||
# internal Kconfig
|
||||
./scripts/config --enable CONFIG_IKCONFIG
|
||||
./scripts/config --enable CONFIG_IKCONFIG_PROC
|
||||
# internal headers
|
||||
./scripts/config --enable CONFIG_IKHEADERS
|
||||
|
||||
# UKI
|
||||
./scripts/config --enable CONFIG_EFI_ZBOOT
|
||||
|
||||
# debugging
|
||||
./scripts/config --enable CONFIG_SCHED_DEBUG
|
||||
|
||||
if [[ "${K_CONFIG}" == 'tinyconfig' ]]; then
|
||||
tinyconfig_prep
|
||||
elif [[ "${K_CONFIG}" == 'defconfig' ]]; then
|
||||
defconfig_prep
|
||||
else
|
||||
# disable the Debian/Ubuntu module signing key thingy
|
||||
./scripts/config --disable CONFIG_MODULE_SIG
|
||||
|
||||
# disable AEGIS-128 (ARM{,64} NEON})
|
||||
# https://github.com/NixOS/nixpkgs/issues/74744
|
||||
# plus, this kernel won't run in "prod", so this isn't even a "nice to have"
|
||||
./scripts/config --disable CONFIG_CRYPTO_AEGIS128_SIMD
|
||||
fi
|
||||
}
|
||||
|
||||
function defconfig_prep() {
|
||||
# empty for now
|
||||
echo 'empati'
|
||||
}
|
||||
function tinyconfig_prep() {
|
||||
# initramfs
|
||||
./scripts/config --enable CONFIG_BLK_DEV_INITRD
|
||||
./scripts/config --set-str CONFIG_INITRAMFS_SOURCE ''
|
||||
./scripts/config --enable CONFIG_RD_ZSTD
|
||||
./scripts/config --enable CONFIG_XXHASH
|
||||
./scripts/config --enable CONFIG_ZSTD_COMMON
|
||||
./scripts/config --enable CONFIG_ZSTD_DECOMPRESS
|
||||
./scripts/config --enable CONFIG_DECOMPRESS_ZSTD
|
||||
|
||||
# EFI stub
|
||||
./scripts/config --enable CONFIG_EFI
|
||||
./scripts/config --enable CONFIG_EFI_STUB
|
||||
}
|
||||
|
||||
rm -vf .config*
|
||||
${SUDO_ALIAS} make distclean
|
||||
configure_kernel
|
||||
./scripts/config --set-str LOCALVERSION "${K_LOCALVERSION}"
|
||||
make -j$ALL_JOBS olddefconfig all
|
||||
|
||||
sudo cp .config "/boot/config-$(make -s kernelrelease)"
|
||||
${SUDO_ALIAS} make -j$ALL_JOBS headers_install dtbs_install modules_install || remove_kernel
|
||||
${SUDO_ALIAS} make install || echo "WARNING: \`sudo make install\` failed, you're on your own now."
|
||||
|
||||
if command -v update-grub > /dev/null; then
|
||||
sudo update-grub
|
||||
elif command -v grub2-mkconfig > /dev/null; then
|
||||
sudo grub2-mkconfig -o /boot/grub2/grub.cfg
|
||||
fi
|
|
@ -0,0 +1,41 @@
|
|||
PKGS=(
|
||||
network-manager
|
||||
sudo
|
||||
)
|
||||
USER_COMMENT='Pratham Patel'
|
||||
USER_NAME='pratham'
|
||||
USER_GROUPS='sudo'
|
||||
|
||||
apt-get update
|
||||
apt-get install -y "${PKGS[@]}"
|
||||
apt-get upgrade -y
|
||||
|
||||
useradd \
|
||||
--uid 1000 \
|
||||
--create-home \
|
||||
--comment "${USER_COMMENT}" \
|
||||
--user-group "${USER_NAME}" \
|
||||
--groups "${USER_GROUPS}"
|
||||
sed -i "s/# %wheel\tALL=(ALL)\tNOPASSWD: ALL/%wheel\tALL=(ALL)\tNOPASSWD: ALL/" /etc/sudoers
|
||||
chsh -s "$(which bash)" "${USER_NAME}"
|
||||
passwd -d "${USER_NAME}"
|
||||
chsh -s "$(which bash)" root
|
||||
passwd -d root
|
||||
|
||||
systemctl enable NetworkManager.service
|
||||
mkdir -p /etc/systemd/system/getty@tty1.service.d/
|
||||
mkdir -p /etc/systemd/system/serial-getty@tty{AMA,S}0.service.d/
|
||||
cat << EOF > /etc/systemd/system/getty@tty1.service.d/autologin.conf
|
||||
[Service]
|
||||
ExecStart=
|
||||
ExecStart=-/sbin/agetty -o '-p -f -- \\u' --noclear --autologin ${USER_NAME} %I \$TERM
|
||||
EOF
|
||||
cat << EOF > /etc/systemd/system/serial-getty@ttyS0.service.d/autologin.conf
|
||||
[Service]
|
||||
ExecStart=
|
||||
ExecStart=-/sbin/agetty -o '-p -f -- \\u' --keep-baud --autologin ${USER_NAME} 1500000,115200,57600,38400,9600 - \$TERM
|
||||
EOF
|
||||
cp /etc/systemd/system/serial-getty@tty{S,AMA}0.service.d/autologin.conf
|
||||
|
||||
echo 'debian' | tee /etc/hostname
|
||||
echo '127.0.0.1 debian' | tee -a /etc/hosts
|
|
@ -0,0 +1,54 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
set -xeuf -o pipefail
|
||||
|
||||
# unless specified, use stable since bootstrapping sid **has** resulted in failed bootstraps
|
||||
VERSION_CODENAME="${1:-stable}"
|
||||
BOOTSTRAP_DIR='bootstrap.tmp'
|
||||
IMAGE_NAME="debian-$(uname -m)-${VERSION_CODENAME}-$(TZ='Asia/Kolkata' date +%Y%m%d).img"
|
||||
IMAGE_SIZE='10240M'
|
||||
export VERSION_CODENAME BOOTSTRAP_DIR IMAGE_NAME IMAGE_SIZE PKGS
|
||||
|
||||
function errr() {
|
||||
# 1. unmount
|
||||
# 2. rmdir bootstrap_dir
|
||||
# 3. detach from loopback
|
||||
# 4. rm image
|
||||
if mount | grep "${BOOTSTRAP_DIR}" > /dev/null; then
|
||||
sudo umount -R "${BOOTSTRAP_DIR}"
|
||||
fi
|
||||
rmdir "${BOOTSTRAP_DIR}"
|
||||
|
||||
if losetup --list --all | grep "${LOOP_DEV}" > /dev/null; then
|
||||
sudo losetup -d "${LOOP_DEV}"
|
||||
fi
|
||||
rm "${IMAGE_NAME}"
|
||||
}
|
||||
trap errr ERR
|
||||
|
||||
if [[ -f "${IMAGE_NAME}" ]]; then
|
||||
echo 'Image already exists, no need to run this script.'
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# create img and bootstrap_dir
|
||||
truncate -s "${IMAGE_SIZE}" "${IMAGE_NAME}"
|
||||
mkdir -p "${BOOTSTRAP_DIR}"
|
||||
|
||||
# format
|
||||
# mount to loopback
|
||||
# mount loopback to bootstrap_dir
|
||||
mkfs.ext4 "${IMAGE_NAME}"
|
||||
LOOP_DEV="$(sudo losetup --find --partscan --show "${IMAGE_NAME}")"
|
||||
export LOOP_DEV
|
||||
sudo mount "${LOOP_DEV}" "${BOOTSTRAP_DIR}"
|
||||
|
||||
# bootstrap and set empty password for root
|
||||
# shellcheck disable=SC2046
|
||||
sudo $(command -v debootstrap) "${VERSION_CODENAME}" "${BOOTSTRAP_DIR}"
|
||||
sudo cp chroot-script.sh "${BOOTSTRAP_DIR}/root/chroot-script.sh"
|
||||
sudo chroot "${BOOTSTRAP_DIR}" bash -c 'bash /root/chroot-script.sh'
|
||||
|
||||
# "cleanup"
|
||||
sudo umount -R "${BOOTSTRAP_DIR}"
|
||||
rmdir "${BOOTSTRAP_DIR}"
|
Loading…
Reference in New Issue