Compare commits
8 commits
dln/push-k
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
| 15227256ec | |||
| 92c204231b | |||
| 58861e6de6 | |||
| d10bd7bb04 | |||
| c470bf6d59 | |||
| 242294eb8d | |||
| bb708e3e61 | |||
| 2841610f41 |
12 changed files with 41 additions and 52 deletions
6
flake.lock
generated
6
flake.lock
generated
|
|
@ -20,11 +20,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1739020877,
|
||||
"narHash": "sha256-mIvECo/NNdJJ/bXjNqIh8yeoSjVLAuDuTUzAo7dzs8Y=",
|
||||
"lastModified": 1744932701,
|
||||
"narHash": "sha256-fusHbZCyv126cyArUwwKrLdCkgVAIaa/fQJYFlCEqiU=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "a79cfe0ebd24952b580b1cf08cd906354996d547",
|
||||
"rev": "b024ced1aac25639f8ca8fdfc2f8c4fbd66c48ef",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
|||
|
|
@ -18,12 +18,14 @@
|
|||
pkgs = import nixpkgs { inherit system; };
|
||||
patosPkgs = self.packages.${system};
|
||||
version = "0.0.1";
|
||||
secureBoot = "false";
|
||||
cpuArch = "intel";
|
||||
updateUrl = "http://10.0.2.2:8000/";
|
||||
in
|
||||
{
|
||||
packages = {
|
||||
default = patosPkgs.image;
|
||||
image = pkgs.callPackage ./pkgs/image { inherit patosPkgs version updateUrl; };
|
||||
image = pkgs.callPackage ./pkgs/image { inherit patosPkgs version updateUrl cpuArch secureBoot; };
|
||||
rootfs = pkgs.callPackage ./pkgs/rootfs/mkrootfs.nix { inherit patosPkgs version; };
|
||||
initrd = pkgs.callPackage ./pkgs/rootfs/mkinitrd.nix { inherit patosPkgs version; };
|
||||
kernel = pkgs.callPackage ./pkgs/kernel { };
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
{
|
||||
stdenv,
|
||||
lib,
|
||||
pkgs,
|
||||
buildPackages,
|
||||
fetchurl,
|
||||
fetchpatch,
|
||||
|
|
@ -57,15 +58,12 @@ in
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "busybox";
|
||||
version = "1.36.1";
|
||||
version = pkgs.busybox.version;
|
||||
|
||||
# Note to whoever is updating busybox: please verify that:
|
||||
# nix-build pkgs/stdenv/linux/make-bootstrap-tools.nix -A test
|
||||
# still builds after the update.
|
||||
src = fetchurl {
|
||||
url = "https://busybox.net/downloads/${pname}-${version}.tar.bz2";
|
||||
sha256 = "sha256-uMwkyVdNgJ5yecO+NJeVxdXOtv3xnKcJ+AzeUOR94xQ=";
|
||||
};
|
||||
src = pkgs.busybox.src;
|
||||
|
||||
hardeningDisable = [
|
||||
"format"
|
||||
|
|
|
|||
|
|
@ -100,14 +100,9 @@ in
|
|||
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "dbus-broker";
|
||||
version = "36";
|
||||
version = pkgs.dbus-broker.version;
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "bus1";
|
||||
repo = "dbus-broker";
|
||||
rev = "v${finalAttrs.version}";
|
||||
hash = "sha256-5dAMKjybqrHG57vArbtWEPR/svSj2ION75JrjvnnpVM=";
|
||||
};
|
||||
src = pkgs.dbus-broker.src;
|
||||
|
||||
nativeBuildInputs = with pkgs; [
|
||||
docutils
|
||||
|
|
|
|||
|
|
@ -1,16 +1,21 @@
|
|||
{
|
||||
lib,
|
||||
pkgs,
|
||||
patosPkgs,
|
||||
version,
|
||||
runCommand,
|
||||
updateUrl
|
||||
updateUrl,
|
||||
cpuArch ? "",
|
||||
secureBoot ? "false"
|
||||
}:
|
||||
let
|
||||
pname = "patos-image";
|
||||
in
|
||||
runCommand pname {
|
||||
inherit version;
|
||||
inherit updateUrl;
|
||||
inherit version cpuArch updateUrl secureBoot;
|
||||
|
||||
microcode = lib.optionalString (cpuArch == "amd") "--microcode ${pkgs.microcode-amd}/amd-ucode.img"
|
||||
+ lib.optionalString (cpuArch == "intel") "--microcode ${pkgs.microcode-intel}/intel-ucode.img";
|
||||
|
||||
buildInputs = with pkgs; [
|
||||
erofs-utils
|
||||
|
|
@ -25,7 +30,7 @@ runCommand pname {
|
|||
SYSTEMD_REPART_MKFS_OPTIONS_EROFS = "--all-root -zlz4hc,12 -C1048576 -Efragments,dedupe,ztailpacking";
|
||||
};
|
||||
|
||||
kernelCmdLine = "console=ttyS0 patos.secureboot=false";
|
||||
kernelCmdLine = "console=ttyS0 patos.secureboot=${secureBoot}";
|
||||
}
|
||||
''
|
||||
mkdir -p $out/init.repart.d $out/final.repart.d
|
||||
|
|
@ -176,6 +181,7 @@ ln -sf patos_$version.root.raw patos_${version}_$rootUuid.root
|
|||
${patosPkgs.systemd}/usr/bin/ukify build \
|
||||
--linux ${patosPkgs.kernel}/bzImage \
|
||||
--initrd ${patosPkgs.initrd}/initrd.xz \
|
||||
$microcode \
|
||||
--os-release @rootfs/etc/os-release \
|
||||
--cmdline "$kernelCmdLine roothash=$roothash" \
|
||||
-o patos_${version}.efi
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ pkgs }:
|
||||
let
|
||||
version = "6.13.7";
|
||||
hash = "sha256-Ojm2IDi3rC9D0mofhLQoPhl4BOHoF61jfpo9h0xHgB0=";
|
||||
version = "6.14.2";
|
||||
hash = "sha256-xcaCo1TqMZATk1elfTSnnlw3IhrOgjqTjhARa1d6Lhs=";
|
||||
in
|
||||
(pkgs.callPackage ./manual-config.nix { }) {
|
||||
version = "${version}-patos1";
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
{
|
||||
stdenv,
|
||||
pkgs,
|
||||
fetchurl,
|
||||
lib,
|
||||
pkg-config,
|
||||
|
|
@ -7,17 +8,11 @@
|
|||
udev,
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
stdenv.mkDerivation {
|
||||
pname = "lvm2";
|
||||
version = "2.03.30";
|
||||
version = pkgs.lvm2.version;
|
||||
|
||||
src = fetchurl {
|
||||
urls = [
|
||||
"https://mirrors.kernel.org/sourceware/lvm2/LVM2.${version}.tgz"
|
||||
"ftp://sourceware.org/pub/lvm2/LVM2.${version}.tgz"
|
||||
];
|
||||
hash = "sha256-rXar7LjciHcz4GxEnLmt0Eo1BvnweAwSiBem4aF87AU=";
|
||||
};
|
||||
src = pkgs.lvm2.src;
|
||||
|
||||
nativeBuildInputs = [
|
||||
pkg-config
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
{
|
||||
lib,
|
||||
pkgs,
|
||||
stdenv,
|
||||
fetchurl,
|
||||
perl,
|
||||
|
|
@ -18,13 +19,9 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "openssl";
|
||||
version = "3.4.1";
|
||||
hash = "sha256-ACotazC1i/S+pGxDvdljZar42qbEKHgqpP7uBtoZffM=";
|
||||
version = pkgs.openssl.version;
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/openssl/openssl/releases/download/openssl-${version}/openssl-${version}.tar.gz";
|
||||
hash = hash;
|
||||
};
|
||||
src = pkgs.openssl.src;
|
||||
|
||||
outputs = [ "out" ];
|
||||
|
||||
|
|
|
|||
|
|
@ -21,11 +21,12 @@ runCommand "patos-rootfs"
|
|||
''
|
||||
### create directory structure
|
||||
mkdir -p $out/etc/repart.d $out/dev $out/proc $out/sys \
|
||||
$out/tmp $out/root $out/run $out/boot $out/mnt $out/home $out/srv $out/var/tmp
|
||||
$out/tmp $out/root $out/run $out/boot $out/mnt $out/home $out/srv $out/var
|
||||
ln -sf /usr/bin $out/bin
|
||||
ln -sf /usr/bin $out/sbin
|
||||
ln -sf /usr/lib $out/lib
|
||||
ln -sf /usr/lib $out/lib64
|
||||
ln -sf /tmp $out/var/tmp
|
||||
ln -sf ../proc/self/mounts $out/etc/mtab
|
||||
|
||||
### install systemd
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
...
|
||||
}:
|
||||
let
|
||||
version = "257.4";
|
||||
version = "257.5";
|
||||
|
||||
# Use the command below to update `releaseTimestamp` on every (major) version
|
||||
# change. More details in the commentary at mesonFlags.
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
{
|
||||
stdenv,
|
||||
pkgs,
|
||||
fetchurl,
|
||||
lib,
|
||||
pandoc,
|
||||
|
|
@ -10,19 +11,17 @@
|
|||
libuuid,
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
stdenv.mkDerivation {
|
||||
pname = "tpm2-tools";
|
||||
version = "5.7";
|
||||
version = pkgs.tpm2-tools.version;
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/tpm2-software/${pname}/releases/download/${version}/${pname}-${version}.tar.gz";
|
||||
sha256 = "sha256-OBDTa1B5JW9PL3zlUuIiE9Q7EDHBMVON+KLbw8VwmDo=";
|
||||
};
|
||||
src = pkgs.tpm2-tools.src;
|
||||
|
||||
nativeBuildInputs = [
|
||||
pandoc
|
||||
pkg-config
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
curl
|
||||
openssl
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
{
|
||||
stdenv,
|
||||
pkgs,
|
||||
lib,
|
||||
fetchFromGitHub,
|
||||
autoreconfHook,
|
||||
|
|
@ -19,14 +20,9 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "tpm2-tss";
|
||||
version = "4.1.3";
|
||||
version = pkgs.tpm2-tss.version;
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "tpm2-software";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
hash = "sha256-BP28utEUI9g1VNv3lCXuiKrDtEImFQxxZfIjLiE3Wr8=";
|
||||
};
|
||||
src = pkgs.tpm2-tss.src;
|
||||
|
||||
patches = [
|
||||
./no-shadow.patch
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue