util/liveiso: Move NixOS configs to subdirectory

Move the NixOS configuration into a subdirectory so that configurations
for other distros can be added as well.

Change-Id: I0462c1a6541878c973be4302c5c5e9e9bfaed2a6
Signed-off-by: Felix Singer <felix.singer@secunet.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/73684
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Elyes Haouas <ehaouas@noos.fr>
Reviewed-by: Michael Niewöhner <foss@mniewoehner.de>
This commit is contained in:
Felix Singer
2023-03-13 14:03:45 +01:00
committed by Felix Singer
parent d054bbd4f1
commit 0e2fc554a7
6 changed files with 0 additions and 0 deletions

View File

@@ -0,0 +1,9 @@
# Live ISO
## What is this?
NixOS configuration files for testing purposes and for working on firmware.
## TODO
- Generate customized bootloader configs; FILO is WIP
- Switch to `programs.neovim` when the module is fixed.

14
util/liveiso/nixos/build.sh Executable file
View File

@@ -0,0 +1,14 @@
#!/usr/bin/env sh
config=$1
if [ -z "$config" ] || [ ! -f "$config" ]; then
echo "Usage: $0 <config.nix>"
echo "No config given. Exiting."
exit 1
fi
nix-build '<nixpkgs/nixos>' \
-A config.system.build.isoImage \
-I nixos-config=$config \
-I nixpkgs=https://github.com/NixOS/nixpkgs/archive/refs/heads/nixos-22.11.tar.gz

View File

@@ -0,0 +1,178 @@
# SPDX-License-Identifier: GPL-2.0-only
{ config, options, pkgs, ... }:
{
imports = [
<nixpkgs/nixos/modules/installer/cd-dvd/channel.nix>
<nixpkgs/nixos/modules/installer/cd-dvd/iso-image.nix>
];
system.stateVersion = "22.11";
isoImage = {
makeEfiBootable = true;
makeUsbBootable = true;
isoName = "${config.isoImage.isoBaseName}-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}.iso";
};
environment = {
variables = {
EDITOR = "nvim";
VISUAL = "nvim";
# Tell the Nix evaluator to garbage collect more aggressively.
# This is desirable in memory-constrained environments that don't
# (yet) have swap set up.
GC_INITIAL_HEAP_SIZE = "1M";
};
shellAliases.vim = "nvim";
};
boot = {
kernelParams = [
"console=ttyS0,115200"
"console=tty0"
"iomem=relaxed"
"intel-spi.writeable=1"
];
# pkgs.linuxPackages == lts
# pkgs.linuxPackages_latest == stable
kernelPackages = pkgs.linuxPackages;
extraModulePackages = with config.boot.kernelPackages; [
acpi_call
chipsec
zfs
];
# Make programs more likely to work in low memory
# environments. The kernel's overcommit heustistics bite us
# fairly often, preventing processes from forking even if
# there is plenty of free memory.
kernel.sysctl."vm.overcommit_memory" = "1";
loader.grub.memtest86.enable = true;
postBootCommands = ''
mkdir -p /mnt
'';
};
console.packages = options.console.packages.default ++ [ pkgs.terminus_font ];
nixpkgs.config.allowUnfree = true;
hardware = {
cpu.intel.updateMicrocode = true;
cpu.amd.updateMicrocode = true;
enableAllFirmware = true;
bluetooth = {
enable = true;
powerOnBoot = false;
package = pkgs.bluezFull;
};
};
services = {
fwupd.enable = true;
udev.packages = with pkgs; [
rfkill_udev
];
openssh = {
enable = true;
permitRootLogin = "yes";
};
};
networking = {
hostName = "devsystem";
networkmanager.enable = true;
};
security.sudo.wheelNeedsPassword = false;
users = {
groups.user = {};
users = {
root.initialHashedPassword = "";
user = {
isNormalUser = true;
group = "user";
extraGroups = [ "users" "wheel" "networkmanager" "uucp" "flashrom" ];
initialHashedPassword = "";
};
};
};
programs.flashrom.enable = true;
environment.systemPackages = with pkgs; [
acpica-tools
btrfs-progs
bzip2
ccrypt
chipsec
coreboot-utils
cryptsetup
curl
ddrescue
devmem2
dmidecode
dosfstools
e2fsprogs
efibootmgr
efivar
exfat
f2fs-tools
fuse
fuse3
fwts
gptfdisk
gitAndTools.gitFull
gitAndTools.tig
gzip
hdparm
hexdump
htop
i2c-tools
intel-gpu-tools
inxi
iotools
jfsutils
jq
mdadm
minicom
mkpasswd
ms-sys
msr-tools
mtdutils
neovim
nixos-install-tools
ntfsprogs
nvme-cli
openssl
p7zip
pacman
parted
pcimem
pciutils
phoronix-test-suite
powertop
psmisc
python3Full
rsync
screen
sdparm
smartmontools
socat
sshfs-fuse
testdisk
tmate
tmux
uefitool
uefitoolPackages.old-engine
unzip
upterm
usbutils
wget
xfsprogs.bin
zfs
zip
zstd
];
}

View File

@@ -0,0 +1,9 @@
# SPDX-License-Identifier: GPL-2.0-only
{
imports = [
./common.nix
];
services.getty.autologinUser = "user";
}

View File

@@ -0,0 +1,2 @@
A script and NixOS configuration files to create an ISO image for
testing purposes and for working on firmware. `Bash`

View File

@@ -0,0 +1,73 @@
# SPDX-License-Identifier: GPL-2.0-only
{ pkgs, lib, ... }:
{
imports = [
./common.nix
];
hardware.pulseaudio = {
enable = true;
package = pkgs.pulseaudioFull;
};
security.polkit = {
enable = true;
extraConfig = ''
polkit.addRule(function(action, subject) {
if (subject.isInGroup("wheel")) {
return polkit.Result.YES;
}
});
'';
};
services.xserver = {
enable = true;
displayManager = {
gdm = {
enable = true;
autoSuspend = false;
};
autoLogin = {
enable = true;
user = "user";
};
};
desktopManager.gnome.enable = true;
};
users.users.user.extraGroups = [ "audio" "video" "input" ];
environment.systemPackages = with pkgs; [
firefox
gparted
pavucontrol
];
# Remove unnecessary stuff
services = {
gnome = {
evolution-data-server.enable = lib.mkForce false;
gnome-online-accounts.enable = lib.mkForce false;
gnome-online-miners.enable = lib.mkForce false;
gnome-initial-setup.enable = lib.mkForce false;
gnome-browser-connector.enable = lib.mkForce false;
};
telepathy.enable = lib.mkForce false;
dleyna-renderer.enable = lib.mkForce false;
dleyna-server.enable = lib.mkForce false;
};
programs.geary.enable = lib.mkForce false;
environment.gnome.excludePackages = with pkgs; [
gnome.gnome-weather
gnome.epiphany
gnome.gnome-contacts
gnome-photos
gnome.gnome-music
yelp
];
}