stary/nix-powerpc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

initial snapshot

Browse source
This commit is contained in:
Chloe Bethel 2025-02-10 11:47:09 +00:00
commit 24b41c4faf
16 changed files with 452 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

25
config.nix Normal file
View file

@ -0,0 +1,25 @@
{...} : {
networking.hostName = "nixos";
services.openssh.enable = true;
users.users.stary = {
isNormalUser = true;
createHome = true;
extraGroups = [ "wheel" ];
};
time.timeZone = "Europe/London";
i18n.defaultLocale = "en_GB.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "uk";
};
system.stateVersion = "24.11";
nixpkgs.overlays = [
(final: super: {
makeModulesClosure = x: super.makeModulesClosure (x // { allowMissing = true; });
})
];
}

101
disable-systemd-security.nix Normal file
View file

@ -0,0 +1,101 @@
{...}: {
# who needs security lmao
systemd.services.systemd-journald = {
serviceConfig = {
DeviceAllow = "";
IPAddressDeny = "";
LockPersonality = "no";
MemoryDenyWriteExecute = "no";
NoNewPrivileges = "no";
ProtectClock = "no";
RestrictAddressFamilies = "";
RestrictNamespaces = "";
RestrictRealtime = "no";
RestrictSUIDSGID = "no";
};
};
systemd.services.systemd-udevd = {
serviceConfig = {
DeviceAllow = "";
IPAddressDeny = "";
LockPersonality = "no";
MemoryDenyWriteExecute = "no";
NoNewPrivileges = "no";
ProtectClock = "no";
RestrictAddressFamilies = "";
RestrictNamespaces = "";
RestrictRealtime = "no";
RestrictSUIDSGID = "no";
};
};
systemd.services.systemd-oomd = {
serviceConfig = {
DeviceAllow = "";
IPAddressDeny = "";
LockPersonality = "no";
MemoryDenyWriteExecute = "no";
NoNewPrivileges = "no";
ProtectClock = "no";
RestrictAddressFamilies = "";
RestrictNamespaces = "";
RestrictRealtime = "no";
RestrictSUIDSGID = "no";
};
};
systemd.services.systemd-timesyncd = {
serviceConfig = {
DeviceAllow = "";
IPAddressDeny = "";
LockPersonality = "no";
MemoryDenyWriteExecute = "no";
NoNewPrivileges = "no";
ProtectClock = "no";
RestrictAddressFamilies = "";
RestrictNamespaces = "";
RestrictRealtime = "no";
RestrictSUIDSGID = "no";
};
};
systemd.services.systemd-logind = {
serviceConfig = {
DeviceAllow = "";
IPAddressDeny = "";
LockPersonality = "no";
MemoryDenyWriteExecute = "no";
NoNewPrivileges = "no";
ProtectClock = "no";
RestrictAddressFamilies = "";
RestrictNamespaces = "";
RestrictRealtime = "no";
RestrictSUIDSGID = "no";
};
};
systemd.services.dhcpcd = {
serviceConfig = {
DeviceAllow = lib.mkForce "";
IPAddressDeny = lib.mkForce "";
LockPersonality = lib.mkForce false;
MemoryDenyWriteExecute = lib.mkForce "no";
NoNewPrivileges = lib.mkForce "no";
ProtectClock = lib.mkForce "no";
RestrictAddressFamilies = lib.mkForce "";
RestrictNamespaces = lib.mkForce "";
RestrictRealtime = lib.mkForce "no";
RestrictSUIDSGID = lib.mkForce "no";
};
};
systemd.services.nginx = {
serviceConfig = {
DeviceAllow = lib.mkForce "";
IPAddressDeny = lib.mkForce "";
LockPersonality = lib.mkForce false;
MemoryDenyWriteExecute = lib.mkForce "no";
NoNewPrivileges = lib.mkForce "no";
ProtectClock = lib.mkForce "no";
RestrictAddressFamilies = lib.mkForce "";
RestrictNamespaces = lib.mkForce "";
RestrictRealtime = lib.mkForce "no";
RestrictSUIDSGID = lib.mkForce "no";
};
};
}

5
dnsmasq.conf Normal file
View file

@ -0,0 +1,5 @@
port=0 # disable DNS server
interface=enp5s0u2u2
bind-interfaces
enable-tftp

43
flake.lock generated Normal file
View file

@ -0,0 +1,43 @@
{
"nodes": {
"common": {
"locked": {
"lastModified": 1718657915,
"narHash": "sha256-bOWGumfGVCkRn5wwqtLoVnFjDPiWSUzw6aksy7ZeDXU=",
"owner": "stary2001",
"repo": "nix-common",
"rev": "c88a9f284c17790aa5d003c557883fc25d71890a",
"type": "github"
},
"original": {
"owner": "stary2001",
"repo": "nix-common",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1739114754,
"narHash": "sha256-SJhqKsnVleQKbD77pg53z9fjN4xfxq6ExDe+JJty2Jw=",
"owner": "stary2001",
"repo": "nixpkgs",
"rev": "4490ff4c27c1bc175982b1b46d4d0b4c24f219e8",
"type": "github"
},
"original": {
"owner": "stary2001",
"ref": "stary/ppc32",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"common": "common",
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}

66
flake.nix Normal file
View file

@ -0,0 +1,66 @@
# based on https://artemis.sh/2023/06/06/cross-compile-nixos-for-great-good.html
{
description = "system configuration for ppc";
inputs = {
nixpkgs.url = "github:stary2001/nixpkgs/stary/ppc32";
common.url = "github:stary2001/nix-common";
};
outputs =
{
self,
common,
nixpkgs,
}:
rec {
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt-rfc-style;
formatter.aarch64-linux = nixpkgs.legacyPackages.aarch64-linux.nixfmt-rfc-style;
nixosConfigurations.lancom = nixpkgs.legacyPackages.x86_64-linux.pkgsCross.powerpc.nixos {
imports = [
(import ./minimal.nix)
(import ./ssh-keys.nix)
(import ./locale.nix)
common.nixosModules.wait-online-any
(import ./ppc.nix)
(import ./nginx.nix)
(import ./config.nix)
(import ./disable-systemd-security.nix)
(
{ pkgs, lib, ... }:
{
networking.hostName = "lancom";
boot.kernelPackages = pkgs.linuxPackagesFor (pkgs.callPackage ./lancom-kernel.nix { });
system.boot.loader.kernelFile = "uImage";
}
)
];
};
nixosConfigurations.wiiu = nixpkgs.legacyPackages.x86_64-linux.pkgsCross.powerpc.nixos {
imports = [
(import ./minimal.nix)
(import ./ssh-keys.nix)
common.nixosModules.wait-online-any
(import ./ppc.nix)
(import ./nginx.nix)
(import ./config.nix)
(
{ pkgs, lib, ... }:
{
networking.hostName = "nixos";
boot.kernelPackages = pkgs.linuxPackagesFor (pkgs.callPackage ./wiiu-kernel.nix { });
system.boot.loader.kernelFile = "dtbImage.wiiu";
}
)
];
};
};
}

14
go.sh Executable file
View file

@ -0,0 +1,14 @@
# nix build .#pkgsCross.powerpc.ubootNwApp2
# nix build .#pkgsCross.powerpc.nixosConfigurations.ppc.config.boot.kernelPackages.kernel
nix build .#nixosConfigurations.ppc.config.system.build.toplevel --no-eval-cache
ls -l result
sed "s^INIT^$(readlink result)/init^" tftp/boot.txt.tmpl > tftp/boot.txt
mkimage -T script -n 'Boot script' -d tftp/boot.txt tftp/boot.scr
sudo cp result/kernel tftp/uImage
sudo cp result/initrd tftp/initrd
# dtb is fine. i hope
sudo ip addr add 10.0.0.1/24 dev enp5s0u2u2
sudo ip link set enp5s0u2u2 up
sudo dnsmasq -C dnsmasq.conf --tftp-root $(pwd)/tftp -d

2
html/index.html Normal file
View file

@ -0,0 +1,2 @@
Hello from NixOS on PowerPC!
<img src="logo.png" />

BIN
html/logo.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 24 KiB

53
lancom-kernel.nix Normal file
View file

@ -0,0 +1,53 @@
# see https://discourse.nixos.org/t/port-nixos-to-ppc32/11965/13
{
buildLinux,
fetchFromGitHub,
fetchurl,
lib,
stdenv,
...
}@args:
lib.overrideDerivation
(buildLinux (
args
// {
version = "6.13.0-rc4";
src = fetchFromGitHub {
owner = "neuschaefer";
repo = "linux";
rev = "sha256-Mbbw+P8Fv1OL+sN4nZ/lc/ONibkEOivLx5QVXjVO7KU="; # mpc83xx branch
hash = "sha256-Mbbw+P8Fv1OL+sN4nZ/lc/ONibkEOivLx5QVXjVO7KU=";
};
kernelPatches = [ ];
features = {
efiBootStub = false;
iwlwifi = false;
needsCifsUtils = false;
};
autoModules = false;
# enable nvme, disable kprobes because it takes too long at boot
structuredExtraConfig = with lib.kernel; {
BLK_DEV_NVME = yes;
KPROBES = lib.mkForce no;
FTRACE = lib.mkForce no;
RC_CORE = lib.mkForce no;
KEYRING = lib.mkForce no;
DEFAULT_UIMAGE = yes;
};
defconfig = "mpc83xx_defconfig";
}
))
(old: {
postInstall =
''
cp arch/powerpc/boot/uImage $out/
# lancom-nwapp2.dts ?
''
+ old.postInstall;
})

11
lancom.nix Normal file
View file

@ -0,0 +1,11 @@
{ pkgs, lib, ... }:
{
# temp hack in config
systemd.tpm2.enable = false;
nixpkgs.overlays = [
(final: super: {
makeModulesClosure = x: super.makeModulesClosure (x // { allowMissing = true; });
})
];
}

14
minimal.nix Normal file
View file

@ -0,0 +1,14 @@
{
lib,
pkgs,
modulesPath,
...
}:
{
imports = [
#(modulesPath + "/profiles/minimal.nix")
#(modulesPath + "/profiles/perlless.nix")
];
hardware.enableAllHardware = lib.mkForce false;
}

13
nginx.nix Normal file
View file

@ -0,0 +1,13 @@
{ ... }:
{
services.nginx = {
enable = true;
virtualHosts = {
"ppc" = {
locations."/" = {
root = ./html;
};
};
};
};
}

40
ppc.nix Normal file
View file

@ -0,0 +1,40 @@
{
inputs,
lib,
pkgs,
config,
...
}:
{
# Serial console
boot.kernelParams = [
"console=ttyS2,1500000"
"earlycon=uart8250,mmio32,0xff130000"
];
boot.loader.grub.enable = false;
boot.loader.generic-extlinux-compatible.enable = true;
boot.consoleLogLevel = lib.mkDefault 7;
networking = {
interfaces = {
"eth0" = {
useDHCP = true;
};
};
};
# originally from hardware-configuration.nix
nixpkgs.hostPlatform = lib.mkDefault "powerpc-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
hardware.enableAllHardware = false;
# temp hack in config
systemd.tpm2.enable = false;
fileSystems."/" = {
device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4";
};
}

10
sd-image.nix Normal file
View file

@ -0,0 +1,10 @@
{ config, ... }:
{
sdImage = {
populateFirmwareCommands = "";
populateRootCommands = ''
mkdir -p ./files/boot
${config.boot.loader.generic-extlinux-compatible.populateCmd} -c ${config.system.build.toplevel} -d ./files/boot
'';
};
}

15
ssh-keys.nix Normal file
View file

@ -0,0 +1,15 @@
{ ... }:
let
myKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJjUz1FruDlg5VNmvd4wi7DiXbMJcN4ujr8KtQ6OhlSc stary@pc"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ+q372oe3sFtBQPAH93L397gYGYrjeGewzoOW97gSy1 stary@wheatley"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOLg5nSbedQYRzm4BAU1OIYpaiTwP+afCAE3BvPcG7OI eddsa-key-20210602" # Windows VM
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK45+pMQ9LCmGLbP4fmDmjJaxEsB0JfeqXm8NK/Q9QSp JuiceSSH" # Phone
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA3cTdfUSCjbQaZQRtpGlF+C7Ez9KYI7QCMMwwNlG91H stary@vorticon" # chrome thing
];
in
{
users.users.root.password = "root";
users.users.root.openssh.authorizedKeys.keys = myKeys;
users.users.stary.openssh.authorizedKeys.keys = myKeys;
}

40
wiiu-kernel.nix Normal file
View file

@ -0,0 +1,40 @@
# see https://discourse.nixos.org/t/port-nixos-to-ppc32/11965/13
{
buildLinux,
fetchFromGitLab,
fetchurl,
lib,
stdenv,
...
}@args:
lib.overrideDerivation
(buildLinux (
args
// {
version = "6.6.75-wiiu";
src = fetchFromGitLab {
owner = "linux-wiiu";
repo = "linux-wiiu";
rev = "841387c876c096f8dd0df1756541aa57b1166577"; # rewrite-6.6
hash = "sha256-qrC9jdRGQusdZCYX/Lz1boPtEFGlc74A+lB3kEIDrSY=";
};
autoModules = false;
features = {
efiBootStub = false;
iwlwifi = false;
needsCifsUtils = false;
};
defconfig = "wiiu_defconfig";
}
))
(old: {
postInstall =
''
cp arch/powerpc/boot/dtbImage.wiiu $out/
''
+ old.postInstall;
})