From 15517f45a584b329ddb6baaaed0941e2dc49bb43 Mon Sep 17 00:00:00 2001 From: tdro Date: Tue, 21 Feb 2023 08:30:43 -0500 Subject: .config/nixpkgs/shells: Move shells to own folder mkShellMinimal not needed anymore. --- .config/nixpkgs/helpers/mkShellMinimal.nix | 83 ------------ .config/nixpkgs/shells/ansible.nix | 32 ----- .config/nixpkgs/shells/ansible/shell.nix | 32 +++++ .config/nixpkgs/shells/cake.nix | 201 ----------------------------- .config/nixpkgs/shells/cake/shell.nix | 201 +++++++++++++++++++++++++++++ .config/nixpkgs/shells/coreboot.nix | 108 ---------------- .config/nixpkgs/shells/coreboot/shell.nix | 108 ++++++++++++++++ .config/nixpkgs/shells/falcon.nix | 42 ------ .config/nixpkgs/shells/falcon/shell.nix | 42 ++++++ .config/nixpkgs/shells/pure.nix | 22 ---- .config/nixpkgs/shells/pure/shell.nix | 22 ++++ 11 files changed, 405 insertions(+), 488 deletions(-) delete mode 100644 .config/nixpkgs/helpers/mkShellMinimal.nix delete mode 100644 .config/nixpkgs/shells/ansible.nix create mode 100644 .config/nixpkgs/shells/ansible/shell.nix delete mode 100644 .config/nixpkgs/shells/cake.nix create mode 100644 .config/nixpkgs/shells/cake/shell.nix delete mode 100644 .config/nixpkgs/shells/coreboot.nix create mode 100644 .config/nixpkgs/shells/coreboot/shell.nix delete mode 100644 .config/nixpkgs/shells/falcon.nix create mode 100644 .config/nixpkgs/shells/falcon/shell.nix delete mode 100644 .config/nixpkgs/shells/pure.nix create mode 100644 .config/nixpkgs/shells/pure/shell.nix (limited to '.config/nixpkgs') diff --git a/.config/nixpkgs/helpers/mkShellMinimal.nix b/.config/nixpkgs/helpers/mkShellMinimal.nix deleted file mode 100644 index 54d0e68..0000000 --- a/.config/nixpkgs/helpers/mkShellMinimal.nix +++ /dev/null @@ -1,83 +0,0 @@ -### Source: https://github.com/NixOS/nixpkgs/commit/459771518d44f60b59a19381d07b12297908215d -### Article: https://fzakaria.com/2021/08/02/a-minimal-nix-shell.html -### Usage: - -# let -# -# name = "nix-shell.minimal"; -# pkgs = import { }; -# -# mkShellMinimal = pkgs.callPackage (builtins.fetchurl { -# url = "https://raw.githubusercontent.com/tdro/dotfiles/0aac4414559235f8cd8c454acce30c0471e0f6b1/.config/nixpkgs/helpers/mkShellMinimal.nix"; -# sha256 = "06vbyyhaam3nmzimzasz6la590ni9cbdql3jy29hhw9ln0xf09yy"; -# }) { }; -# -# in mkShellMinimal { -# buildInputs = [ pkgs.coreutils pkgs.hello pkgs.gnugrep pkgs.which ]; -# ENV = "ENV"; -# shellHook = '' -# hello -# printf "%s\n" "$ENV" -# which mkdir -# printf "\nPATH is $PATH\n\n" -# grep --version -# export PS1='\h (${name}) \W \$ ' -# ''; -# } - -{ lib }: - -{ packages ? [ ], inputsFrom ? [ ], buildInputs ? [ ], nativeBuildInputs ? [ ] -, propagatedBuildInputs ? [ ], propagatedNativeBuildInputs ? [ ], ... }@attrs: -let - mergeInputs = name: - (attrs.${name} or [ ]) ++ (lib.subtractLists inputsFrom - (lib.flatten (lib.catAttrs name inputsFrom))); - - rest = builtins.removeAttrs attrs [ - "packages" - "inputsFrom" - "buildInputs" - "nativeBuildInputs" - "propagatedBuildInputs" - "propagatedNativeBuildInputs" - "shellHook" - ]; - - pkgs = import (builtins.fetchTarball { - url = "https://releases.nixos.org/nixos/21.05/nixos-21.05.1510.a165aeceda9/nixexprs.tar.xz"; - sha256 = "124s05b0xk97arw0vvq8b4wcvsw6024dfdzwcx9qjxf3a2zszmam"; - }) { }; - - stdenv = pkgs.stdenvNoCC.override { - cc = null; - preHook = ""; - allowedRequisites = null; - initialPath = pkgs.coreutils; - extraNativeBuildInputs = [ ]; - }; - -in stdenv.mkDerivation ({ - name = "nix-shell"; - phases = [ "nobuildPhase" ]; - - buildInputs = mergeInputs "buildInputs"; - nativeBuildInputs = packages ++ (mergeInputs "nativeBuildInputs"); - propagatedBuildInputs = mergeInputs "propagatedBuildInputs"; - propagatedNativeBuildInputs = mergeInputs "propagatedNativeBuildInputs"; - - shellHook = '' - PATH=${stdenv.initialPath}/bin - for package in ${toString buildInputs}; do - export PATH=$package/bin:$PATH - done - '' + lib.concatStringsSep "\n" - (lib.catAttrs "shellHook" (lib.reverseList inputsFrom ++ [ attrs ])); - - nobuildPhase = '' - echo - echo "This derivation is not meant to be built, aborting"; - echo - exit 1 - ''; -} // rest) diff --git a/.config/nixpkgs/shells/ansible.nix b/.config/nixpkgs/shells/ansible.nix deleted file mode 100644 index 33f0836..0000000 --- a/.config/nixpkgs/shells/ansible.nix +++ /dev/null @@ -1,32 +0,0 @@ -let - - # nix-shell -E 'import (builtins.fetchurl "$url")' - - name = "nix-shell.ansible"; - - pkgs = import (builtins.fetchTarball { - url = "https://releases.nixos.org/nixos/21.11/nixos-21.11.336020.2128d0aa28e/nixexprs.tar.xz"; - sha256 = "0w8plbxms0di6gnh0k2yhj0pgxzxas7g5x0m01zjzixf16i2bapj"; - }) { }; - - project = "${builtins.getEnv "HOME"}/Shares/Projects/infrastructure/ansible"; - -in pkgs.mkShell { - - inherit name; - - buildInputs = [ pkgs.python38.pkgs.pip pkgs.ansible_2_9 ]; - - shellHook = '' - export virtualenvs=$HOME/.local/share/virtualenvs - mkdir -p $virtualenvs - python -m venv $virtualenvs/ansible-mitogen - . $virtualenvs/ansible-mitogen/bin/activate - pip install mitogen==0.2.9 - export ANSIBLE_STRATEGY_PLUGINS=$virtualenvs/ansible-mitogen/lib/*/site-packages/ansible_mitogen/plugins - export ANSIBLE_STRATEGY=mitogen_linear - export PS1='\h (${name}) \W \$ ' - cd '${project}' || exit 1 - ssh -T git@github.com - ''; -} diff --git a/.config/nixpkgs/shells/ansible/shell.nix b/.config/nixpkgs/shells/ansible/shell.nix new file mode 100644 index 0000000..33f0836 --- /dev/null +++ b/.config/nixpkgs/shells/ansible/shell.nix @@ -0,0 +1,32 @@ +let + + # nix-shell -E 'import (builtins.fetchurl "$url")' + + name = "nix-shell.ansible"; + + pkgs = import (builtins.fetchTarball { + url = "https://releases.nixos.org/nixos/21.11/nixos-21.11.336020.2128d0aa28e/nixexprs.tar.xz"; + sha256 = "0w8plbxms0di6gnh0k2yhj0pgxzxas7g5x0m01zjzixf16i2bapj"; + }) { }; + + project = "${builtins.getEnv "HOME"}/Shares/Projects/infrastructure/ansible"; + +in pkgs.mkShell { + + inherit name; + + buildInputs = [ pkgs.python38.pkgs.pip pkgs.ansible_2_9 ]; + + shellHook = '' + export virtualenvs=$HOME/.local/share/virtualenvs + mkdir -p $virtualenvs + python -m venv $virtualenvs/ansible-mitogen + . $virtualenvs/ansible-mitogen/bin/activate + pip install mitogen==0.2.9 + export ANSIBLE_STRATEGY_PLUGINS=$virtualenvs/ansible-mitogen/lib/*/site-packages/ansible_mitogen/plugins + export ANSIBLE_STRATEGY=mitogen_linear + export PS1='\h (${name}) \W \$ ' + cd '${project}' || exit 1 + ssh -T git@github.com + ''; +} diff --git a/.config/nixpkgs/shells/cake.nix b/.config/nixpkgs/shells/cake.nix deleted file mode 100644 index 1649559..0000000 --- a/.config/nixpkgs/shells/cake.nix +++ /dev/null @@ -1,201 +0,0 @@ -let - - # nix-shell -E 'import (builtins.fetchurl "$url")' - # NIX_CONFIG="sandbox = relaxed" nix-shell --option builders '' cake.nix - - name = "nix-shell.cake"; - - pkgs = import (builtins.fetchTarball { - url = "https://releases.nixos.org/nixos/21.05/nixos-21.05.650.eaba7870ffc/nixexprs.tar.xz"; - sha256 = "08fpds1bkv9106c6s5w3p5r4v3dc24bhk9asm9vqbxxypjglqg9l"; }) { }; - - alpine-3-12-amd64 = pkgs.dockerTools.pullImage rec { - imageName = "alpine"; - imageDigest = "sha256:2a8831c57b2e2cb2cda0f3a7c260d3b6c51ad04daea0b3bfc5b55f489ebafd71"; - sha256 = "1px8xhk0a3b129cc98d3wm4s0g1z2mahnrxd648gkdbfsdj9dlxp"; - finalImageName = imageName; - finalImageTag = "3.12"; - }; - - cook = { name, src, contents ? [ ], path ? [ ], script ? "", prepare ? "", cleanup ? "", sha256 ? pkgs.lib.fakeSha256 }: pkgs.stdenvNoCC.mkDerivation { - __noChroot = true; - inherit name src contents; - phases = [ "unpackPhase" "installPhase" ]; - buildInputs = [ pkgs.proot pkgs.rsync pkgs.tree pkgs.kmod ]; - bootstrap = pkgs.writeScript "bootstrap-${name}" '' - ${script} - rm "$0" - ''; - PROOT_NO_SECCOMP = "1"; - installPhase = '' - set -euo pipefail - mkdir --parents rootfs $out/rootfs - tar --extract --file=layer.tar -C rootfs - - ${prepare} - - cp $bootstrap rootfs/bootstrap - proot --cwd=/ --root-id --rootfs=rootfs /usr/bin/env - /bin/sh -euc '. /etc/profile && /bootstrap' - printf 'PATH=${pkgs.lib.strings.makeBinPath path}:$PATH' >> rootfs/etc/profile - - [ -n "$contents" ] && { - printf "\n" - for paths in $contents; do - printf "Cooking... Adding %s \n" "$paths" - rsync --copy-dirlinks --relative --archive --chown=0:0 "$paths/" "rootfs" || exit 1 - done - printf "\n" - } || printf '\n%s\n' 'No contents to cook.'; - - ${cleanup} - - printf '\n%s\n\n' "$(du --all --max-depth 1 --human-readable rootfs | sort --human-numeric-sort)" - cp -rT rootfs $out/rootfs - ''; - }; - - bake = { name, image, size ? "1G", debug ? false, kernel ? pkgs.linux, options ? [ ], modules ? [ ], uuid ? "99999999-9999-9999-9999-999999999999", sha256 ? pkgs.lib.fakeSha256 }: let - initrd = cook { - inherit sha256; - name = "initrd-${name}"; - src = alpine-3-12-amd64; - script = '' - rm -rf home opt media root run srv tmp var - printf '#!/bin/sh -eu - mount -t devtmpfs none /dev - mount -t proc none /proc - mount -t sysfs none /sys - sh /lib/modules/initrd/init - ${pkgs.lib.optionalString (debug) "sh +m"} - mount -r "$(findfs UUID=${uuid})" /mnt - mount -o move /dev /mnt/dev - umount /proc /sys - exec switch_root /mnt /sbin/init - ' > init - chmod +x init - find . ! -name bootstrap ! -name initramfs.cpio | cpio -H newc -ov > initramfs.cpio - gzip -9 initramfs.cpio - ''; - prepare = '' - modules='${pkgs.lib.strings.concatMapStringsSep " " (module: module) modules}' - initrd_directory=rootfs/lib/modules/initrd - [ -n "$modules" ] && { - mkdir --parents "$initrd_directory" - printf "\n" - for module in $modules; do - module_file=$(find ${kernel} -name "$module.ko*" -type f) - module_basename=$(basename "$module_file") - printf "Cooking initrd... Adding module %s \n" "$module" - cp "$module_file" "$initrd_directory" || exit 1 - printf 'insmod /lib/modules/initrd/%s\n' "$module_basename" >> "$initrd_directory/init" - done - } || printf '\n%s\n' 'No modules to cook.' - ''; - }; in pkgs.writeScript name '' - set -euo pipefail - PATH=${pkgs.lib.strings.makeBinPath [ - pkgs.coreutils - pkgs.e2fsprogs - pkgs.gawk - pkgs.rsync - pkgs.syslinux - pkgs.tree - pkgs.utillinux - ]} - IMAGE=${name}.img - LOOP=/dev/loop0 - ROOTFS=rootfs - rm "$IMAGE" || true - fallocate --length ${size} $IMAGE && chmod o+rw "$IMAGE" - printf 'o\nn\np\n1\n2048\n\na\nw\n' | fdisk "$IMAGE" - dd bs=440 count=1 conv=notrunc if=${pkgs.syslinux}/share/syslinux/mbr.bin of="$IMAGE" - mkdir --parents "$ROOTFS" - umount --verbose "$ROOTFS" || true - losetup --detach "$LOOP" || true - losetup --offset "$((2048 * 512))" "$LOOP" "$IMAGE" - mkfs.ext4 -U ${uuid} "$LOOP" - mount --verbose "$LOOP" "$ROOTFS" - rsync --archive --chown=0:0 "${image}/rootfs/" "$ROOTFS"; - mkdir --parents "$ROOTFS/boot" - cp ${kernel}/bzImage "$ROOTFS/boot/vmlinux" - cp ${initrd}/rootfs/initramfs.cpio.gz "$ROOTFS/boot/initrd" - printf ' - DEFAULT linux - LABEL linux - LINUX /boot/vmlinux - INITRD /boot/initrd - APPEND ${pkgs.lib.strings.concatMapStringsSep " " (option: option) options} - ' > "$ROOTFS/boot/syslinux.cfg" - extlinux --heads 64 --sectors 32 --install $ROOTFS/boot - printf '\n%s\n\n' "$(du --max-depth 1 --human-readable $ROOTFS | sort --human-numeric-sort)" - umount --verbose "$ROOTFS" - rm -r "$ROOTFS" - losetup --detach "$LOOP" - ''; - - alpine = cook { - name = "alpine"; - src = alpine-3-12-amd64; - sha256 = "1ss4rh1fgs99h0v6czqq5rnfk1cag1ldazarm9jr5a0ahc4bnk0v"; - contents = [ pkgs.glibc pkgs.gawk ]; - path = [ pkgs.gawk ]; - script = '' - cat /etc/alpine-release - sed -i 's/#ttyS0/ttyS0/' /etc/inittab - ''; - }; - - alpine-machine = bake { - name = "alpine-machine"; - image = alpine; - sha256 = "0k5migqcrf5hz99ka5p6pr9qv86bd69y7fbs9m5qpby9qh3xmskf"; - kernel = pkgs.linuxPackages_5_10.kernel; - options = [ "console=tty1" "console=ttyS0" ]; - size = "128M"; - modules = [ - "virtio" - "virtio_ring" - "virtio_blk" - "virtio_pci" - "jbd2" - "mbcache" - "crc16" - "crc32c_generic" - "ext4" - ]; - }; - - container = { rootfs, binds ? [ ], options ? [] }: - pkgs.writeScript name '' - set -euxo pipefail - PATH=${pkgs.lib.strings.makeBinPath [ pkgs.proot ]} - proot \ - --cwd=/ \ - --rootfs='${rootfs}' \ - ${pkgs.lib.strings.concatMapStringsSep " " (option: "--bind=${option}") binds} \ - ${pkgs.lib.strings.concatMapStringsSep " " (value: value) options} \ - /usr/bin/env - /bin/sh -c '. /etc/profile && sh' - ''; - -in pkgs.mkShell { - - inherit name; - - buildInputs = [ pkgs.proot pkgs.qemu ]; - - shellHook = '' - export PS1='\h (${name}) \W \$ ' - - # sudo ${alpine-machine} - # doas ${alpine-machine} - # qemu-system-x86_64 -nographic -drive if=virtio,file=./${alpine-machine.name}.img,format=raw - # qemu-system-x86_64 -curses -drive if=virtio,file=./${alpine-machine.name}.img,format=raw - - ${container { - rootfs = "${alpine}/rootfs"; - binds = [ "/proc" "/dev" ]; - options = [ "--verbose=0" ]; - }} - exit - ''; -} diff --git a/.config/nixpkgs/shells/cake/shell.nix b/.config/nixpkgs/shells/cake/shell.nix new file mode 100644 index 0000000..1649559 --- /dev/null +++ b/.config/nixpkgs/shells/cake/shell.nix @@ -0,0 +1,201 @@ +let + + # nix-shell -E 'import (builtins.fetchurl "$url")' + # NIX_CONFIG="sandbox = relaxed" nix-shell --option builders '' cake.nix + + name = "nix-shell.cake"; + + pkgs = import (builtins.fetchTarball { + url = "https://releases.nixos.org/nixos/21.05/nixos-21.05.650.eaba7870ffc/nixexprs.tar.xz"; + sha256 = "08fpds1bkv9106c6s5w3p5r4v3dc24bhk9asm9vqbxxypjglqg9l"; }) { }; + + alpine-3-12-amd64 = pkgs.dockerTools.pullImage rec { + imageName = "alpine"; + imageDigest = "sha256:2a8831c57b2e2cb2cda0f3a7c260d3b6c51ad04daea0b3bfc5b55f489ebafd71"; + sha256 = "1px8xhk0a3b129cc98d3wm4s0g1z2mahnrxd648gkdbfsdj9dlxp"; + finalImageName = imageName; + finalImageTag = "3.12"; + }; + + cook = { name, src, contents ? [ ], path ? [ ], script ? "", prepare ? "", cleanup ? "", sha256 ? pkgs.lib.fakeSha256 }: pkgs.stdenvNoCC.mkDerivation { + __noChroot = true; + inherit name src contents; + phases = [ "unpackPhase" "installPhase" ]; + buildInputs = [ pkgs.proot pkgs.rsync pkgs.tree pkgs.kmod ]; + bootstrap = pkgs.writeScript "bootstrap-${name}" '' + ${script} + rm "$0" + ''; + PROOT_NO_SECCOMP = "1"; + installPhase = '' + set -euo pipefail + mkdir --parents rootfs $out/rootfs + tar --extract --file=layer.tar -C rootfs + + ${prepare} + + cp $bootstrap rootfs/bootstrap + proot --cwd=/ --root-id --rootfs=rootfs /usr/bin/env - /bin/sh -euc '. /etc/profile && /bootstrap' + printf 'PATH=${pkgs.lib.strings.makeBinPath path}:$PATH' >> rootfs/etc/profile + + [ -n "$contents" ] && { + printf "\n" + for paths in $contents; do + printf "Cooking... Adding %s \n" "$paths" + rsync --copy-dirlinks --relative --archive --chown=0:0 "$paths/" "rootfs" || exit 1 + done + printf "\n" + } || printf '\n%s\n' 'No contents to cook.'; + + ${cleanup} + + printf '\n%s\n\n' "$(du --all --max-depth 1 --human-readable rootfs | sort --human-numeric-sort)" + cp -rT rootfs $out/rootfs + ''; + }; + + bake = { name, image, size ? "1G", debug ? false, kernel ? pkgs.linux, options ? [ ], modules ? [ ], uuid ? "99999999-9999-9999-9999-999999999999", sha256 ? pkgs.lib.fakeSha256 }: let + initrd = cook { + inherit sha256; + name = "initrd-${name}"; + src = alpine-3-12-amd64; + script = '' + rm -rf home opt media root run srv tmp var + printf '#!/bin/sh -eu + mount -t devtmpfs none /dev + mount -t proc none /proc + mount -t sysfs none /sys + sh /lib/modules/initrd/init + ${pkgs.lib.optionalString (debug) "sh +m"} + mount -r "$(findfs UUID=${uuid})" /mnt + mount -o move /dev /mnt/dev + umount /proc /sys + exec switch_root /mnt /sbin/init + ' > init + chmod +x init + find . ! -name bootstrap ! -name initramfs.cpio | cpio -H newc -ov > initramfs.cpio + gzip -9 initramfs.cpio + ''; + prepare = '' + modules='${pkgs.lib.strings.concatMapStringsSep " " (module: module) modules}' + initrd_directory=rootfs/lib/modules/initrd + [ -n "$modules" ] && { + mkdir --parents "$initrd_directory" + printf "\n" + for module in $modules; do + module_file=$(find ${kernel} -name "$module.ko*" -type f) + module_basename=$(basename "$module_file") + printf "Cooking initrd... Adding module %s \n" "$module" + cp "$module_file" "$initrd_directory" || exit 1 + printf 'insmod /lib/modules/initrd/%s\n' "$module_basename" >> "$initrd_directory/init" + done + } || printf '\n%s\n' 'No modules to cook.' + ''; + }; in pkgs.writeScript name '' + set -euo pipefail + PATH=${pkgs.lib.strings.makeBinPath [ + pkgs.coreutils + pkgs.e2fsprogs + pkgs.gawk + pkgs.rsync + pkgs.syslinux + pkgs.tree + pkgs.utillinux + ]} + IMAGE=${name}.img + LOOP=/dev/loop0 + ROOTFS=rootfs + rm "$IMAGE" || true + fallocate --length ${size} $IMAGE && chmod o+rw "$IMAGE" + printf 'o\nn\np\n1\n2048\n\na\nw\n' | fdisk "$IMAGE" + dd bs=440 count=1 conv=notrunc if=${pkgs.syslinux}/share/syslinux/mbr.bin of="$IMAGE" + mkdir --parents "$ROOTFS" + umount --verbose "$ROOTFS" || true + losetup --detach "$LOOP" || true + losetup --offset "$((2048 * 512))" "$LOOP" "$IMAGE" + mkfs.ext4 -U ${uuid} "$LOOP" + mount --verbose "$LOOP" "$ROOTFS" + rsync --archive --chown=0:0 "${image}/rootfs/" "$ROOTFS"; + mkdir --parents "$ROOTFS/boot" + cp ${kernel}/bzImage "$ROOTFS/boot/vmlinux" + cp ${initrd}/rootfs/initramfs.cpio.gz "$ROOTFS/boot/initrd" + printf ' + DEFAULT linux + LABEL linux + LINUX /boot/vmlinux + INITRD /boot/initrd + APPEND ${pkgs.lib.strings.concatMapStringsSep " " (option: option) options} + ' > "$ROOTFS/boot/syslinux.cfg" + extlinux --heads 64 --sectors 32 --install $ROOTFS/boot + printf '\n%s\n\n' "$(du --max-depth 1 --human-readable $ROOTFS | sort --human-numeric-sort)" + umount --verbose "$ROOTFS" + rm -r "$ROOTFS" + losetup --detach "$LOOP" + ''; + + alpine = cook { + name = "alpine"; + src = alpine-3-12-amd64; + sha256 = "1ss4rh1fgs99h0v6czqq5rnfk1cag1ldazarm9jr5a0ahc4bnk0v"; + contents = [ pkgs.glibc pkgs.gawk ]; + path = [ pkgs.gawk ]; + script = '' + cat /etc/alpine-release + sed -i 's/#ttyS0/ttyS0/' /etc/inittab + ''; + }; + + alpine-machine = bake { + name = "alpine-machine"; + image = alpine; + sha256 = "0k5migqcrf5hz99ka5p6pr9qv86bd69y7fbs9m5qpby9qh3xmskf"; + kernel = pkgs.linuxPackages_5_10.kernel; + options = [ "console=tty1" "console=ttyS0" ]; + size = "128M"; + modules = [ + "virtio" + "virtio_ring" + "virtio_blk" + "virtio_pci" + "jbd2" + "mbcache" + "crc16" + "crc32c_generic" + "ext4" + ]; + }; + + container = { rootfs, binds ? [ ], options ? [] }: + pkgs.writeScript name '' + set -euxo pipefail + PATH=${pkgs.lib.strings.makeBinPath [ pkgs.proot ]} + proot \ + --cwd=/ \ + --rootfs='${rootfs}' \ + ${pkgs.lib.strings.concatMapStringsSep " " (option: "--bind=${option}") binds} \ + ${pkgs.lib.strings.concatMapStringsSep " " (value: value) options} \ + /usr/bin/env - /bin/sh -c '. /etc/profile && sh' + ''; + +in pkgs.mkShell { + + inherit name; + + buildInputs = [ pkgs.proot pkgs.qemu ]; + + shellHook = '' + export PS1='\h (${name}) \W \$ ' + + # sudo ${alpine-machine} + # doas ${alpine-machine} + # qemu-system-x86_64 -nographic -drive if=virtio,file=./${alpine-machine.name}.img,format=raw + # qemu-system-x86_64 -curses -drive if=virtio,file=./${alpine-machine.name}.img,format=raw + + ${container { + rootfs = "${alpine}/rootfs"; + binds = [ "/proc" "/dev" ]; + options = [ "--verbose=0" ]; + }} + exit + ''; +} diff --git a/.config/nixpkgs/shells/coreboot.nix b/.config/nixpkgs/shells/coreboot.nix deleted file mode 100644 index 242c621..0000000 --- a/.config/nixpkgs/shells/coreboot.nix +++ /dev/null @@ -1,108 +0,0 @@ -let - - # Shell derivation condensed from https://git.petabyte.dev/petabyteboy/corenix - - # nix-shell -E 'import (builtins.fetchurl "$url")' - - name = "nix-shell.coreboot"; - architecture = "i386"; - url = "https://review.coreboot.org/coreboot"; - project = "${builtins.getEnv "HOME"}/Shares/Projects/coreboot"; - - pkgs = import (builtins.fetchTarball { - url = "https://releases.nixos.org/nixos/20.09/nixos-20.09.3824.dec334fa196/nixexprs.tar.xz"; - sha256 = "1i38d1z672gzn73k6gsas2zjbbradg06w7dw3zs9f64l0hr3qd94"; }) {}; - - dependencies = { fetchurl }: [ - rec { name = "llvm-${version}.src.tar.xz"; version = "11.0.0"; archive = fetchurl { sha256 = "0s94lwil98w7zb7cjrbnxli0z7gklb312pkw74xs1d6zk346hgwi"; url = "https://github.com/llvm/llvm-project/releases/download/llvmorg-${version}/${name}"; }; } - rec { name = "clang-${version}.src.tar.xz"; version = "11.0.0"; archive = fetchurl { sha256 = "091bvcny2lh32zy8f3m9viayyhb2zannrndni7325rl85cwgr6pr"; url = "https://github.com/llvm/llvm-project/releases/download/llvmorg-${version}/${name}"; }; } - rec { name = "clang-tools-extra-${version}.src.tar.xz"; version = "11.0.0"; archive = fetchurl { sha256 = "02bcwwn54661madhq4nxc069s7p7pj5gpqi8ww50w3anbpviilzy"; url = "https://github.com/llvm/llvm-project/releases/download/llvmorg-${version}/${name}"; }; } - rec { name = "compiler-rt-${version}.src.tar.xz"; version = "11.0.0"; archive = fetchurl { sha256 = "1yjqjri753w0fzmxcyz687nvd97sbc9rsqrxzpq720na47hwh3fr"; url = "https://github.com/llvm/llvm-project/releases/download/llvmorg-${version}/${name}"; }; } - rec { name = "Python-${version}.tar.xz"; version = "3.8.5"; archive = fetchurl { sha256 = "1c43dbv9lvlp3ynqmgdi4rh8q94swanhqarqrdx62zmigpakw073"; url = "https://www.python.org/ftp/python/${version}/${name}"; }; } - rec { name = "acpica-unix2-${version}.tar.gz"; version = "20200925"; archive = fetchurl { sha256 = "18n6129fkgj85piid7v4zxxksv3h0amqp4p977vcl9xg3bq0zd2w"; url = "https://acpica.org/sites/acpica/files/${name}"; }; } - rec { name = "binutils-${version}.tar.xz"; version = "2.35.1"; archive = fetchurl { sha256 = "01w6xvfy7sjpw8j08k111bnkl27j760bdsi0wjvq44ghkgdr3v9w"; url = "https://ftpmirror.gnu.org/binutils/${name}"; }; } - rec { name = "cmake-${version}.1.tar.gz"; version = "3.18"; archive = fetchurl { sha256 = "0215srmc9l7ygwdpfms8yx0wbd96qgz2d58ykmdiarvysf5k7qy0"; url = "https://cmake.org/files/v${version}/${name}"; }; } - rec { name = "expat-${version}.tar.bz2"; version = "2.2.9"; archive = fetchurl { sha256 = "0dx2m58gkj7cadk51lmp54ma7cqjhff4kjmwv8ks80j3vj2301pi"; url = "https://distfiles.macports.org/expat/${name}"; }; } - rec { name = "gcc-${version}.tar.xz"; version = "8.3.0"; archive = fetchurl { sha256 = "0b3xv411xhlnjmin2979nxcbnidgvzqdf4nbhix99x60dkzavfk4"; url = "https://ftpmirror.gnu.org/gcc/gcc-${version}/${name}"; }; } - rec { name = "gdb-${version}.tar.xz"; version = "9.2"; archive = fetchurl { sha256 = "0mf5fn8v937qwnal4ykn3ji1y2sxk0fa1yfqi679hxmpg6pdf31n"; url = "https://ftpmirror.gnu.org/gdb/${name}"; }; } - rec { name = "gmp-${version}.tar.xz"; version = "6.2.0"; archive = fetchurl { sha256 = "09hmg8k63mbfrx1x3yy6y1yzbbq85kw5avbibhcgrg9z3ganr3i5"; url = "https://ftpmirror.gnu.org/gmp/${name}"; }; } - rec { name = "mpc-${version}.tar.gz"; version = "1.2.0"; archive = fetchurl { sha256 = "19pxx3gwhwl588v496g3aylhcw91z1dk1d5x3a8ik71sancjs3z9"; url = "https://ftpmirror.gnu.org/mpc/${name}"; }; } - rec { name = "mpfr-${version}.tar.xz"; version = "4.1.0"; archive = fetchurl { sha256 = "0zwaanakrqjf84lfr5hfsdr7hncwv9wj0mchlr7cmxigfgqs760c"; url = "https://ftpmirror.gnu.org/mpfr/${name}"; }; } - rec { name = "nasm-${version}.tar.bz2"; version = "2.15.05"; archive = fetchurl { sha256 = "1l1gxs5ncdbgz91lsl4y7w5aapask3w02q9inayb2m5bwlwq6jrw"; url = "https://www.nasm.us/pub/nasm/releasebuilds/${version}/${name}"; }; } - ]; - - toolchain = pkgs.stdenv.mkDerivation rec { - pname = "crossgcc-${architecture}"; - version = "4.14"; - src = pkgs.fetchgit { - inherit url; - rev = version; - fetchSubmodules = true; - sha256 = "00xr74yc0kj9rrqa1a8b7bih865qlp9i4zs67ysavkfrjrwwssxm"; - }; - - hardeningDisable = [ "format" ]; - nativeBuildInputs = builtins.attrValues { inherit (pkgs) curl m4 flex bison zlib gnat; }; - - buildPhase = '' - mkdir --parents util/crossgcc/tarballs - ${pkgs.lib.concatMapStringsSep "\n" (file: "ln -s ${file.archive} util/crossgcc/tarballs/${file.name}") (pkgs.callPackage dependencies { })} - sed "s/SOURCE_DATE_EPOCH := .*/SOURCE_DATE_EPOCH := $SOURCE_DATE_EPOCH/" --in-place Makefile - make crossgcc-${architecture} CPUS=$(nproc) - ''; - - installPhase = '' - runHook preInstall - cp -r util/crossgcc $out - runHook postInstall - ''; - }; - -in pkgs.mkShell { - - inherit name; - - buildInputs = builtins.attrValues { inherit (pkgs) git coreboot-utils flashrom me_cleaner ncurses qemu m4 flex bison zlib gnat; }; - - shellHook = '' - export PS1='\h (${name}) \W \$ ' - mkdir -p '${project}' - git clone '${url}' '${project}' || true - cd '${project}' || exit 1 - rm -rf util/crossgcc - git fetch --all - git reset --hard origin/master - git checkout ${toolchain.version} - rm -rf util/crossgcc - ln -sf ${toolchain} util/crossgcc - sed -i 's|$(OBJCOPY) --strip-$(STRIP) $< $@|$(OBJCOPY) --strip-debug $< $@|g' payloads/libpayload/Makefile.payload - - printf ' - flashrom --programmer internal # read BIOS chipset internally if possible - flashrom --programmer internal --read backup.rom --chip $chipset # read BIOS internally if possible with selected chipset - flashrom --programmer internal --read backup1.rom --chip $chipset - flashrom --programmer internal --read backup2.rom --chip $chipset - flashrom --programmer internal --read backup3.rom --chip $chipset - flashrom --programmer ch341a_spi --read backup.rom --chip $chipset # use an external programmer if internal does not work - sha256sum *.rom # check BIOS hashes for exactness - me_cleaner.py --soft-disable backup.rom # clean management engine and overwrite bios inplace - ifdtool --extract backup.rom # split regions of cleaned bios - - # Rename and move descriptor.bin, gbe.bin, me.bin into 3rdparty/blobs/mainboard/$vendor/$model where - # $vendor and $model are variable (for example lenovo/t420). Create folders if they do not exist. - # To test in qemu select model/vendor Emulation/QEMU x86 i440fx/piix4 in nconfig. - # In real world situations, one might only read and write internally to the bios region. - - flashrom --programmer internal --read bios.rom --chip $chipset --ifd --image bios - flashrom --programmer internal --write bios.rom --chip $chipset --ifd --image bios - - make distclean # clear old configuration - make clean # clear old compilation and keep configuration - make nconfig # setup configurtion - cat .config # check configuration - make # build coreboot - qemu-system-x86_64 -bios build/coreboot.rom -serial stdio # test image in qemu - - ' - ''; -} diff --git a/.config/nixpkgs/shells/coreboot/shell.nix b/.config/nixpkgs/shells/coreboot/shell.nix new file mode 100644 index 0000000..242c621 --- /dev/null +++ b/.config/nixpkgs/shells/coreboot/shell.nix @@ -0,0 +1,108 @@ +let + + # Shell derivation condensed from https://git.petabyte.dev/petabyteboy/corenix + + # nix-shell -E 'import (builtins.fetchurl "$url")' + + name = "nix-shell.coreboot"; + architecture = "i386"; + url = "https://review.coreboot.org/coreboot"; + project = "${builtins.getEnv "HOME"}/Shares/Projects/coreboot"; + + pkgs = import (builtins.fetchTarball { + url = "https://releases.nixos.org/nixos/20.09/nixos-20.09.3824.dec334fa196/nixexprs.tar.xz"; + sha256 = "1i38d1z672gzn73k6gsas2zjbbradg06w7dw3zs9f64l0hr3qd94"; }) {}; + + dependencies = { fetchurl }: [ + rec { name = "llvm-${version}.src.tar.xz"; version = "11.0.0"; archive = fetchurl { sha256 = "0s94lwil98w7zb7cjrbnxli0z7gklb312pkw74xs1d6zk346hgwi"; url = "https://github.com/llvm/llvm-project/releases/download/llvmorg-${version}/${name}"; }; } + rec { name = "clang-${version}.src.tar.xz"; version = "11.0.0"; archive = fetchurl { sha256 = "091bvcny2lh32zy8f3m9viayyhb2zannrndni7325rl85cwgr6pr"; url = "https://github.com/llvm/llvm-project/releases/download/llvmorg-${version}/${name}"; }; } + rec { name = "clang-tools-extra-${version}.src.tar.xz"; version = "11.0.0"; archive = fetchurl { sha256 = "02bcwwn54661madhq4nxc069s7p7pj5gpqi8ww50w3anbpviilzy"; url = "https://github.com/llvm/llvm-project/releases/download/llvmorg-${version}/${name}"; }; } + rec { name = "compiler-rt-${version}.src.tar.xz"; version = "11.0.0"; archive = fetchurl { sha256 = "1yjqjri753w0fzmxcyz687nvd97sbc9rsqrxzpq720na47hwh3fr"; url = "https://github.com/llvm/llvm-project/releases/download/llvmorg-${version}/${name}"; }; } + rec { name = "Python-${version}.tar.xz"; version = "3.8.5"; archive = fetchurl { sha256 = "1c43dbv9lvlp3ynqmgdi4rh8q94swanhqarqrdx62zmigpakw073"; url = "https://www.python.org/ftp/python/${version}/${name}"; }; } + rec { name = "acpica-unix2-${version}.tar.gz"; version = "20200925"; archive = fetchurl { sha256 = "18n6129fkgj85piid7v4zxxksv3h0amqp4p977vcl9xg3bq0zd2w"; url = "https://acpica.org/sites/acpica/files/${name}"; }; } + rec { name = "binutils-${version}.tar.xz"; version = "2.35.1"; archive = fetchurl { sha256 = "01w6xvfy7sjpw8j08k111bnkl27j760bdsi0wjvq44ghkgdr3v9w"; url = "https://ftpmirror.gnu.org/binutils/${name}"; }; } + rec { name = "cmake-${version}.1.tar.gz"; version = "3.18"; archive = fetchurl { sha256 = "0215srmc9l7ygwdpfms8yx0wbd96qgz2d58ykmdiarvysf5k7qy0"; url = "https://cmake.org/files/v${version}/${name}"; }; } + rec { name = "expat-${version}.tar.bz2"; version = "2.2.9"; archive = fetchurl { sha256 = "0dx2m58gkj7cadk51lmp54ma7cqjhff4kjmwv8ks80j3vj2301pi"; url = "https://distfiles.macports.org/expat/${name}"; }; } + rec { name = "gcc-${version}.tar.xz"; version = "8.3.0"; archive = fetchurl { sha256 = "0b3xv411xhlnjmin2979nxcbnidgvzqdf4nbhix99x60dkzavfk4"; url = "https://ftpmirror.gnu.org/gcc/gcc-${version}/${name}"; }; } + rec { name = "gdb-${version}.tar.xz"; version = "9.2"; archive = fetchurl { sha256 = "0mf5fn8v937qwnal4ykn3ji1y2sxk0fa1yfqi679hxmpg6pdf31n"; url = "https://ftpmirror.gnu.org/gdb/${name}"; }; } + rec { name = "gmp-${version}.tar.xz"; version = "6.2.0"; archive = fetchurl { sha256 = "09hmg8k63mbfrx1x3yy6y1yzbbq85kw5avbibhcgrg9z3ganr3i5"; url = "https://ftpmirror.gnu.org/gmp/${name}"; }; } + rec { name = "mpc-${version}.tar.gz"; version = "1.2.0"; archive = fetchurl { sha256 = "19pxx3gwhwl588v496g3aylhcw91z1dk1d5x3a8ik71sancjs3z9"; url = "https://ftpmirror.gnu.org/mpc/${name}"; }; } + rec { name = "mpfr-${version}.tar.xz"; version = "4.1.0"; archive = fetchurl { sha256 = "0zwaanakrqjf84lfr5hfsdr7hncwv9wj0mchlr7cmxigfgqs760c"; url = "https://ftpmirror.gnu.org/mpfr/${name}"; }; } + rec { name = "nasm-${version}.tar.bz2"; version = "2.15.05"; archive = fetchurl { sha256 = "1l1gxs5ncdbgz91lsl4y7w5aapask3w02q9inayb2m5bwlwq6jrw"; url = "https://www.nasm.us/pub/nasm/releasebuilds/${version}/${name}"; }; } + ]; + + toolchain = pkgs.stdenv.mkDerivation rec { + pname = "crossgcc-${architecture}"; + version = "4.14"; + src = pkgs.fetchgit { + inherit url; + rev = version; + fetchSubmodules = true; + sha256 = "00xr74yc0kj9rrqa1a8b7bih865qlp9i4zs67ysavkfrjrwwssxm"; + }; + + hardeningDisable = [ "format" ]; + nativeBuildInputs = builtins.attrValues { inherit (pkgs) curl m4 flex bison zlib gnat; }; + + buildPhase = '' + mkdir --parents util/crossgcc/tarballs + ${pkgs.lib.concatMapStringsSep "\n" (file: "ln -s ${file.archive} util/crossgcc/tarballs/${file.name}") (pkgs.callPackage dependencies { })} + sed "s/SOURCE_DATE_EPOCH := .*/SOURCE_DATE_EPOCH := $SOURCE_DATE_EPOCH/" --in-place Makefile + make crossgcc-${architecture} CPUS=$(nproc) + ''; + + installPhase = '' + runHook preInstall + cp -r util/crossgcc $out + runHook postInstall + ''; + }; + +in pkgs.mkShell { + + inherit name; + + buildInputs = builtins.attrValues { inherit (pkgs) git coreboot-utils flashrom me_cleaner ncurses qemu m4 flex bison zlib gnat; }; + + shellHook = '' + export PS1='\h (${name}) \W \$ ' + mkdir -p '${project}' + git clone '${url}' '${project}' || true + cd '${project}' || exit 1 + rm -rf util/crossgcc + git fetch --all + git reset --hard origin/master + git checkout ${toolchain.version} + rm -rf util/crossgcc + ln -sf ${toolchain} util/crossgcc + sed -i 's|$(OBJCOPY) --strip-$(STRIP) $< $@|$(OBJCOPY) --strip-debug $< $@|g' payloads/libpayload/Makefile.payload + + printf ' + flashrom --programmer internal # read BIOS chipset internally if possible + flashrom --programmer internal --read backup.rom --chip $chipset # read BIOS internally if possible with selected chipset + flashrom --programmer internal --read backup1.rom --chip $chipset + flashrom --programmer internal --read backup2.rom --chip $chipset + flashrom --programmer internal --read backup3.rom --chip $chipset + flashrom --programmer ch341a_spi --read backup.rom --chip $chipset # use an external programmer if internal does not work + sha256sum *.rom # check BIOS hashes for exactness + me_cleaner.py --soft-disable backup.rom # clean management engine and overwrite bios inplace + ifdtool --extract backup.rom # split regions of cleaned bios + + # Rename and move descriptor.bin, gbe.bin, me.bin into 3rdparty/blobs/mainboard/$vendor/$model where + # $vendor and $model are variable (for example lenovo/t420). Create folders if they do not exist. + # To test in qemu select model/vendor Emulation/QEMU x86 i440fx/piix4 in nconfig. + # In real world situations, one might only read and write internally to the bios region. + + flashrom --programmer internal --read bios.rom --chip $chipset --ifd --image bios + flashrom --programmer internal --write bios.rom --chip $chipset --ifd --image bios + + make distclean # clear old configuration + make clean # clear old compilation and keep configuration + make nconfig # setup configurtion + cat .config # check configuration + make # build coreboot + qemu-system-x86_64 -bios build/coreboot.rom -serial stdio # test image in qemu + + ' + ''; +} diff --git a/.config/nixpkgs/shells/falcon.nix b/.config/nixpkgs/shells/falcon.nix deleted file mode 100644 index 7bd0b54..0000000 --- a/.config/nixpkgs/shells/falcon.nix +++ /dev/null @@ -1,42 +0,0 @@ -let - - # nix-shell -E 'import (builtins.fetchurl "$url")' - - name = "nix-shell.falcon-kernel"; - - pkgs = import (builtins.fetchTarball { - url = "https://github.com/NixOS/nixpkgs/archive/360e2af4f87.tar.gz"; - sha256 = "1i3i9cpn6m3r07pgw4w3xinbqmxkm7pmnqjlz96x424ngbc21sg2"; }) {}; - - project = "${builtins.getEnv "HOME"}/Desktop/moto-falcon/lineageos-kernel/lineageos-motorala-msm8226"; - - toolchain = pkgs.stdenv.mkDerivation rec { - name = "gcc-linaro-4.9.4"; - src = builtins.fetchTarball { - url = "https://releases.linaro.org/components/toolchain/binaries/4.9-2017.01/arm-linux-gnueabihf/gcc-linaro-4.9.4-2017.01-x86_64_arm-linux-gnueabihf.tar.xz"; - sha256 = "11zznrx0hkq34bn7x7kxn5q9icrf22vqgmd1ifxmdskm2g14x3l8"; - }; - dontBuild = true; - buildInputs = builtins.attrValues { inherit (pkgs) python2 zlib ncurses5 expat lzma; }; - nativeBuildInputs = builtins.attrValues { inherit (pkgs) autoPatchelfHook; }; - installPhase = '' - runHook preInstall - mkdir $out - cp -rT ${src} $out - runHook postInstall - ''; - }; - -in pkgs.mkShell { - - inherit name; - - buildInputs = builtins.attrValues { inherit (pkgs) gnumake ncurses; }; - - shellHook = '' - export CROSS_COMPILE=${toolchain}/bin/arm-linux-gnueabihf- - export ARCH=arm - export PS1='\h (${name}) \W \$ ' - cd '${project}' || exit 1 - ''; -} diff --git a/.config/nixpkgs/shells/falcon/shell.nix b/.config/nixpkgs/shells/falcon/shell.nix new file mode 100644 index 0000000..7bd0b54 --- /dev/null +++ b/.config/nixpkgs/shells/falcon/shell.nix @@ -0,0 +1,42 @@ +let + + # nix-shell -E 'import (builtins.fetchurl "$url")' + + name = "nix-shell.falcon-kernel"; + + pkgs = import (builtins.fetchTarball { + url = "https://github.com/NixOS/nixpkgs/archive/360e2af4f87.tar.gz"; + sha256 = "1i3i9cpn6m3r07pgw4w3xinbqmxkm7pmnqjlz96x424ngbc21sg2"; }) {}; + + project = "${builtins.getEnv "HOME"}/Desktop/moto-falcon/lineageos-kernel/lineageos-motorala-msm8226"; + + toolchain = pkgs.stdenv.mkDerivation rec { + name = "gcc-linaro-4.9.4"; + src = builtins.fetchTarball { + url = "https://releases.linaro.org/components/toolchain/binaries/4.9-2017.01/arm-linux-gnueabihf/gcc-linaro-4.9.4-2017.01-x86_64_arm-linux-gnueabihf.tar.xz"; + sha256 = "11zznrx0hkq34bn7x7kxn5q9icrf22vqgmd1ifxmdskm2g14x3l8"; + }; + dontBuild = true; + buildInputs = builtins.attrValues { inherit (pkgs) python2 zlib ncurses5 expat lzma; }; + nativeBuildInputs = builtins.attrValues { inherit (pkgs) autoPatchelfHook; }; + installPhase = '' + runHook preInstall + mkdir $out + cp -rT ${src} $out + runHook postInstall + ''; + }; + +in pkgs.mkShell { + + inherit name; + + buildInputs = builtins.attrValues { inherit (pkgs) gnumake ncurses; }; + + shellHook = '' + export CROSS_COMPILE=${toolchain}/bin/arm-linux-gnueabihf- + export ARCH=arm + export PS1='\h (${name}) \W \$ ' + cd '${project}' || exit 1 + ''; +} diff --git a/.config/nixpkgs/shells/pure.nix b/.config/nixpkgs/shells/pure.nix deleted file mode 100644 index 2e58365..0000000 --- a/.config/nixpkgs/shells/pure.nix +++ /dev/null @@ -1,22 +0,0 @@ -let - - name = "nix-shell.pure"; - pkgs = import { }; - - shell = pkgs.writeShellApplication { - inherit name; - text = '' - /usr/bin/env --ignore-environment /bin/sh -c ${ - pkgs.writeScript name '' - export PS1='\h (${name}) \W \$ ' - export PATH=${pkgs.lib.strings.makeBinPath [ pkgs.busybox ]} - /bin/sh - '' - }; - ''; - }; - -in pkgs.mkShell { - inherit name; - shellHook = "exec ${shell}/bin/${shell.name}"; -} diff --git a/.config/nixpkgs/shells/pure/shell.nix b/.config/nixpkgs/shells/pure/shell.nix new file mode 100644 index 0000000..2e58365 --- /dev/null +++ b/.config/nixpkgs/shells/pure/shell.nix @@ -0,0 +1,22 @@ +let + + name = "nix-shell.pure"; + pkgs = import { }; + + shell = pkgs.writeShellApplication { + inherit name; + text = '' + /usr/bin/env --ignore-environment /bin/sh -c ${ + pkgs.writeScript name '' + export PS1='\h (${name}) \W \$ ' + export PATH=${pkgs.lib.strings.makeBinPath [ pkgs.busybox ]} + /bin/sh + '' + }; + ''; + }; + +in pkgs.mkShell { + inherit name; + shellHook = "exec ${shell}/bin/${shell.name}"; +} -- cgit v1.2.3