diff --git a/pkgs/default.nix b/pkgs/default.nix index 4facadd..96299fd 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -9,70 +9,9 @@ let sources = import ./_sources/generated.nix { inherit (pkgs) fetchgit fetchurl fetchFromGitHub dockerTools; }; - armTrustedFirmwareBpiR3 = { bootDevice, uboot ? null }: pkgs.buildArmTrustedFirmware rec { - # TODO: nvfetcherify this - src = pkgs.fetchFromGitHub { - owner = "frank-w"; - repo = "u-boot"; - rev = "c30a1caf8274af67bf31f3fb5abc45df5737df36"; - hash = "sha256-pW2yytXRIFEIbG1gnuXq8TiLe/Eew7zESe6Pijh2qVk="; - }; - patches = [ ./bpi-r3-atf-backport-mkimage-support.patch ]; - extraMakeFlags = assert builtins.elem bootDevice [ - "nor" "snand" "spim-nand" "emmc" "sdmmc" "ram" - ]; [ - "BOOT_DEVICE=${bootDevice}" - "DRAM_USE_DDR4=1" - "USE_MKIMAGE=1" - "MKIMAGE=${pkgs.ubootTools}/bin/mkimage" - "all" - "fip" - ] ++ lib.optionals (uboot != null) [ - "BL33=${uboot}/u-boot.bin" - ]; - extraMeta.platforms = [ "aarch64-linux" ]; - platform = "mt7986"; - filesToInstall = [ - "build/${platform}/release/bl2.img" - "build/${platform}/release/fip.bin" - ]; - nativeBuildInputs = with pkgs; [ /*pkgsCross.arm-embedded.stdenv.cc*/ dtc ]; - }; - # sd/emmc - # -- CONFIG_USE_BOOTCOMMAND/CONFIG_BOOTCOMMAND - distroboot stuff (override default boot command) - # -- CONFIG_BOOTDELAY - autoboot timeout - # CONFIG_BOOTSTD_DEFAULTS - stdboot stuff - # CONFIG_BOOTSTD_BOOTCOMMAND - might be? an alternative to CONFIG_BOOTCOMMAND - # CONFIG_DEFAULT_FDT_FILE - compatibility with nixos - # CONFIG_DISTRO_DEFAULTS - surely this won't hurt, it adds autocomplete and stuff and doesn't weight much in the large scale of things - # CONFIG_SYS_BOOTM_LEN - increase max initrd? size - # CONFIG_ZSTD - allow zstd initrd - ubootConfig = storage: '' - CONFIG_AUTOBOOT=y - CONFIG_BOOTCOMMAND="${builtins.replaceStrings [ "\n" ] [ "; " ] '' - setenv boot_prefixes /@boot/ /@/ /boot/ / - run distro_bootcmd - ''};" - CONFIG_BOOTSTD_DEFAULTS=y - CONFIG_BOOTSTD_FULL=y - CONFIG_CMD_BTRFS=y - CONFIG_CMD_CAT=y - CONFIG_DEFAULT_FDT_FILE="mediatek/mt7986a-bananapi-bpi-r3.dtb" - CONFIG_DISTRO_DEFAULTS=y - CONFIG_ENV_IS_NOWHERE=y - CONFIG_FS_BTRFS=y - CONFIG_SYS_BOOTM_LEN=0x6000000 - CONFIG_USE_BOOTCOMMAND=y - CONFIG_ZSTD=y - ''; - ubootVersion = "2023.07-rc3"; - ubootSrc = pkgs.fetchurl { - url = "ftp://ftp.denx.de/pub/u-boot/u-boot-${ubootVersion}.tar.bz2"; - hash = "sha256-QuwINnS9MPpMFueMP19FPAjZ9zdZWne13aWVrDoJ2C8="; - }; in -rec { +{ osu-lazer-bin = nix-gaming.osu-lazer-bin; clang-tools_latest = pkgs.clang-tools_16; clang_latest = pkgs.clang_16; @@ -105,266 +44,6 @@ rec { # system76-scheduler = callPackage ./system76-scheduler.nix { }; techmino = callPackage ./techmino { }; - ubootBpiR3Sd = pkgs.buildUBoot { - defconfig = "mt7986a_bpir3_sd_defconfig"; - extraConfig = ubootConfig "sd"; - src = ubootSrc; - version = ubootVersion; - extraMeta.platforms = [ "aarch64-linux" ]; - # https://github.com/nakato/nixos-bpir3-example/blob/main/pkgs/uboot/mt7986-default-bootcmd.patch - patches = [ ./mt7986-default-bootcmd.patch ]; - filesToInstall = [ "u-boot.bin" ]; - }; - ubootBpiR3Emmc = pkgs.buildUBoot { - defconfig = "mt7986a_bpir3_emmc_defconfig"; - extraConfig = ubootConfig "emmc"; - src = ubootSrc; - version = ubootVersion; - extraMeta.platforms = [ "aarch64-linux" ]; - patches = [ ./mt7986-default-bootcmd.patch ]; - filesToInstall = [ "u-boot.bin" ]; - }; - armTrustedFirmwareBpiR3Sd = armTrustedFirmwareBpiR3 { uboot = ubootBpiR3Sd; bootDevice = "sdmmc"; }; - armTrustedFirmwareBpiR3Emmc = armTrustedFirmwareBpiR3 { uboot = ubootBpiR3Emmc; bootDevice = "emmc"; }; - bpiR3StuffCombined = pkgs.stdenvNoCC.mkDerivation { - name = "bpi-r3-stuff"; - unpackPhase = "true"; - buildPhase = "true"; - installPhase = '' - mkdir -p $out/sd - mkdir -p $out/emmc - cp ${bpiR3StuffEmmc}/* $out/emmc - cp ${bpiR3StuffSd}/* $out/sd - ''; - fixupPhase = "true"; - }; - bpiR3StuffEmmc = pkgs.stdenvNoCC.mkDerivation { - name = "bpi-r3-stuff-emmc"; - unpackPhase = "true"; - buildPhase = "true"; - installPhase = '' - mkdir -p $out - cp ${ubootBpiR3Emmc}/*.* $out - cp ${armTrustedFirmwareBpiR3Emmc}/*.* $out - ''; - fixupPhase = "true"; - }; - bpiR3StuffSd = pkgs.stdenvNoCC.mkDerivation { - name = "bpi-r3-stuff-sd"; - unpackPhase = "true"; - buildPhase = "true"; - installPhase = '' - mkdir -p $out - cp ${ubootBpiR3Sd}/*.* $out - cp ${armTrustedFirmwareBpiR3Sd}/*.* $out - ''; - fixupPhase = "true"; - }; - linux_bpiR3 = pkgs.linux_testing.override { - stdenv = pkgs'.ccacheStdenv; - buildPackages = pkgs'.buildPackages // { - stdenv = pkgs'.buildPackages.ccacheStdenv; - }; - # there's probably more enabled-by-default configs that are better left disabled, but whatever - structuredExtraConfig = with lib.kernel; { - /* "Select this option if you are building a kernel for a server or - scientific/computation system, or if you want to maximize the - raw processing power of the kernel, irrespective of scheduling - latencies." */ - PREEMPT_NONE = yes; - # disable the other preempts - PREEMPTION = no; - PREEMPT_VOLUNTARY = lib.mkForce no; - PREEMPT = no; - - CPU_FREQ_GOV_ONDEMAND = yes; - CPU_FREQ_DEFAULT_GOV_ONDEMAND = yes; - CPU_FREQ_DEFAULT_GOV_PERFORMANCE = lib.mkForce no; - CPU_FREQ_GOV_CONSERVATIVE = yes; - # disable virtualisation stuff - PARAVIRT = lib.mkForce no; - VIRTUALIZATION = no; - XEN = lib.mkForce no; - # zstd - KERNEL_ZSTD = yes; - MODULE_COMPRESS_ZSTD = yes; - MODULE_DECOMPRESS = yes; - FW_LOADER_COMPRESS_ZSTD = yes; - # zram - ZRAM_DEF_COMP_ZSTD = yes; - CRYPTO_ZSTD = yes; - ZRAM_MEMORY_TRACKING = yes; - # router stuff - IP_FIB_TRIE_STATS = yes; - IP_ROUTE_CLASSID = yes; - # adds sysctl net.ipv4.tcp_syncookies - SYN_COOKIES = yes; - WIREGUARD = yes; - INET = yes; - # stuff for ss - NETLINK_DIAG = yes; - # nftables features - IP_SET = module; - NF_CONNTRACK = module; - NF_CONNTRACK_BRIDGE = module; - NF_CONNTRACK_MARK = yes; - NF_NAT = module; - NF_FLOW_TABLE = module; - NF_FLOW_TABLE_INET = module; - NF_LOG_ARP = module; - NF_LOG_IPV4 = module; - NF_LOG_IPV6 = module; - NETFILTER_NETLINK_QUEUE = module; - NFT_BRIDGE_META = module; - NFT_BRIDGE_REJECT = module; - NFT_CONNLIMIT = module; - NFT_CT = module; - NFT_DUP_IPV4 = module; - NFT_DUP_IPV6 = module; - NFT_DUP_NETDEV = module; - NFT_FIB = module; - NFT_FIB_IPV4 = module; - NFT_FIB_IPV6 = module; - NFT_FIB_INET = module; - NFT_FIB_NETDEV = module; - NFT_FLOW_OFFLOAD = module; - NFT_FWD_NETDEV = module; - NFT_HASH = module; - NFT_LIMIT = module; - NFT_LOG = module; - NFT_MASQ = module; - NFT_NAT = module; - NFT_NUMGEN = module; - NFT_OSF = module; - NFT_QUEUE = module; - NFT_QUOTA = module; - NFT_REDIR = module; - NFT_REJECT = module; - NFT_REJECT_IPV4 = module; - NFT_REJECT_IPV6 = module; - NFT_REJECT_INET = module; - NFT_SOCKET = module; - NFT_SYNPROXY = module; - NFT_TPROXY = module; - NFT_TUNNEL = module; - - BRIDGE = yes; - HSR = no; - NET_DSA = yes; - - # packet CLaSsification - NET_CLS_ROUTE4 = module; - NET_CLS_FW = module; - NET_CLS_U32 = module; - NET_CLS_FLOW = module; - NET_CLS_CGROUP = module; - NET_CLS_FLOWER = module; - NET_CLS_MATCHALL = module; - NET_EMATCH = yes; - NET_EMATCH_CMP = module; - NET_EMATCH_NBYTE = module; - NET_EMATCH_U32 = module; - NET_EMATCH_META = module; - NET_EMATCH_TEXT = module; - NET_EMATCH_IPSET = module; - - # packet actions - NET_CLS_ACT = yes; - NET_ACT_POLICE = module; - NET_ACT_GACT = module; - NET_ACT_SAMPLE = module; - NET_ACT_NAT = module; - NET_ACT_PEDIT = module; - NET_ACT_SKBEDIT = module; - NET_ACT_CSUM = module; - NET_ACT_MPLS = module; - NET_ACT_VLAN = module; - NET_ACT_CONNMARK = module; - NET_ACT_CTINFO = module; - NET_ACT_SKBMOD = module; - NET_ACT_IFE = module; - NET_ACT_TUNNEL_KEY = module; - NET_ACT_CT = module; - - # random stuff - PSAMPLE = module; - RFKILL = yes; - CRYPTO_SHA256 = yes; - - # hardware specific stuff - FB = lib.mkForce no; - DRM = no; - CFG80211 = module; - MAC80211 = module; - - NR_CPUS = lib.mkForce (freeform "4"); - SMP = yes; - - SFP = yes; - ARCH_MEDIATEK = yes; - MEDIATEK_WATCHDOG = yes; - MTD_NAND_ECC_MEDIATEK = yes; - MTD_NAND_ECC_SW_HAMMING = yes; - MTD_NAND_MTK = yes; - MTD_SPI_NAND = yes; - MTD_UBI = yes; - MTD_UBI_BLOCK = yes; - NVMEM_MTK_EFUSE = yes; - MTK_HSDMA = yes; - MTK_INFRACFG = yes; - MTK_PMIC_WRAP = yes; - MTK_THERMAL = yes; - MTK_TIMER = yes; - NET_DSA_MT7530 = yes; - NET_DSA_MT7530_MDIO = yes; - NET_DSA_MT7530_MMIO = yes; - NET_DSA_TAG_MTK = yes; - NET_MEDIATEK_SOC = yes; - NET_MEDIATEK_SOC_WED = yes; - NET_MEDIATEK_STAR_EMAC = yes; - NET_SWITCHDEV = yes; - NET_VENDOR_MEDIATEK = yes; - PCIE_MEDIATEK = yes; - PCIE_MEDIATEK_GEN3 = yes; - PINCTRL_MT7986 = yes; - PWM_MEDIATEK = yes; - MT7915E = module; - MT7986_WMAC = yes; - SPI_MT65XX = yes; - SPI_MTK_NOR = yes; - SPI_MTK_SNFI = yes; - MMC_MTK = yes; - }; - }; - linuxPackages_bpiR3 = pkgs.linuxPackagesFor linux_bpiR3; - # there are few direct hits with the linux kernel, so use CCACHE_NODIRECT - # (direct hits are file-based, non-direct are preprocessed file-based) - ccacheWrapper = pkgs.ccacheWrapper.override { - extraConfig = '' - export CCACHE_COMPRESS=1 - export CCACHE_DIR="/var/cache/ccache" - export CCACHE_UMASK=007 - export CCACHE_SLOPPINESS=include_file_mtime,time_macros - export CCACHE_NODIRECT=1 - if [ ! -d "$CCACHE_DIR" ]; then - echo "=====" - echo "Directory '$CCACHE_DIR' does not exist" - echo "Please create it with:" - echo " sudo mkdir -m0770 '$CCACHE_DIR'" - echo " sudo chown root:nixbld '$CCACHE_DIR'" - echo "=====" - exit 1 - fi - if [ ! -w "$CCACHE_DIR" ]; then - echo "=====" - echo "Directory '$CCACHE_DIR' is not accessible for user $(whoami)" - echo "Please verify its access permissions" - echo "=====" - exit 1 - fi - ''; - }; - firefox-addons = lib.recurseIntoAttrs (callPackage ./firefox-addons { inherit nur sources; }); mpvScripts = pkgs.mpvScripts // (callPackage ./mpv-scripts { }); -} +} // (import ../system/hardware/bpi_r3/pkgs.nix { inherit pkgs pkgs' lib sources; }) diff --git a/pkgs/bpi-r3-atf-backport-mkimage-support.patch b/system/hardware/bpi_r3/bpi-r3-atf-backport-mkimage-support.patch similarity index 100% rename from pkgs/bpi-r3-atf-backport-mkimage-support.patch rename to system/hardware/bpi_r3/bpi-r3-atf-backport-mkimage-support.patch diff --git a/system/hardware/bpi_r3/default.nix b/system/hardware/bpi_r3/default.nix index 10a2f83..1bd2f69 100644 --- a/system/hardware/bpi_r3/default.nix +++ b/system/hardware/bpi_r3/default.nix @@ -14,6 +14,12 @@ hardware.deviceTree.enable = true; hardware.deviceTree.filter = "mt7986a-bananapi-bpi-r3.dtb"; hardware.enableRedistributableFirmware = true; + hardware.deviceTree.overlays = [ + { + name = "mt7986a-bananapi-bpi-r3-wireless.dts"; + dtsFile = ./mt7986a-bananapi-bpi-r3-wireless.dts; + } + ]; # # disable a bunch of useless drivers # boot.initrd.includeDefaultModules = false; diff --git a/pkgs/mt7986-default-bootcmd.patch b/system/hardware/bpi_r3/mt7986-default-bootcmd.patch similarity index 100% rename from pkgs/mt7986-default-bootcmd.patch rename to system/hardware/bpi_r3/mt7986-default-bootcmd.patch diff --git a/system/hardware/bpi_r3/mt7986a-bananapi-bpi-r3-wireless.dts b/system/hardware/bpi_r3/mt7986a-bananapi-bpi-r3-wireless.dts new file mode 100644 index 0000000..cdbdae6 --- /dev/null +++ b/system/hardware/bpi_r3/mt7986a-bananapi-bpi-r3-wireless.dts @@ -0,0 +1,183 @@ +/dts-v1/; +/plugin/; + +/ { + compatible = "bananapi,bpi-r3"; + + fragment@0 { + target = <&wifi>; + __overlay__ { + // without this it just says + // mt7986-wmac 18000000.wifi: HW/SW Version: 0x8a108a10, Build Time: 20221012174743a + // mt7986-wmac 18000000.wifi: WM Firmware Version: ____000000, Build Time: 20221012174805 + // mt7986-wmac 18000000.wifi: WA Firmware Version: DEV_000000, Build Time: 20221012174937 + // mt7986-wmac 18000000.wifi: eeprom load fail, use default bin + // mt7986-wmac 18000000.wifi: Direct firmware load for mediatek/mt7986_eeprom_mt7975_dual.bin failed with error -2 + mediatek,eeprom-data = <0x86790900 0xc4326 0x60000000 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x1000000 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x800 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x24649090 0x280000 0x5100000 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x21e00 0x21e0002 0x1e00021e 0x22800 0x2280002 0x28000228 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x8080 0x8080fdf7 + 0x903150d 0x80808080 0x80808080 0x5050d0d 0x1313c6c6 0xc3c3c200 + 0xc200c2 0x8182 + 0x8585c2c2 0x82828282 0x858500c2 0xc2000081 0x82858587 0x87c2c200 + 0x81818285 0x858787c2 + 0xc2000081 0x82858587 0x87c2c200 0x818285 0x858787c2 0xc2000081 + 0x82858587 0x87c4c4c2 + 0xc100c300 0xc3c3c100 0x818383c3 0xc3c3c100 0x81838300 0xc2c2c2c0 + 0x81828484 0xc3 + 0xc3c3c100 0x81838386 0x86c3c3c3 0xc1008183 0x838686c2 0xc2c2c081 + 0x82848486 0x86c3c3c3 + 0xc1008183 0x838686c3 0xc3c3c100 0x81838386 0x86c3c3c3 0xc1008183 + 0x83868622 0x28002228 + 0x222800 0x22280000 0xdddddddd 0xdddddddd 0xddbbbbbb 0xccccccdd + 0xdddddddd 0xdddddddd + 0xeeeeeecc 0xccccdddd 0xdddddddd 0x4a5662 0x4a 0x56620000 0x4a5662 + 0x4a + 0x56620000 0x88888888 0x33333326 0x26262626 0x26262600 0x33333326 + 0x26262626 0x26262600 + 0x33333326 0x26262626 0x26262600 0x33333326 0x26262626 0x26262600 + 0x00 0xf0f0cc00 + 0x00 0xaaaa 0xaabbbbbb 0xcccccccc 0xccccbbbb 0xbbbbbbbb 0xbbbbbbaa + 0xaaaabbbb + 0xbbaaaaaa 0x999999aa 0xaaaabbbb 0xbbcccccc 0x00 0xaaaa 0xaa000000 + 0xbbbbbbbb + 0xbbbbaaaa 0xaa999999 0xaaaaaaaa 0xaaaaaaaa 0xaaaaaaaa 0xaaaaaaaa + 0xaaaabbbb 0xbbbbbbbb + 0x00 0x00 0x00 0x99999999 0x9999aaaa 0xaaaaaaaa 0x999999aa + 0xaaaaaaaa + 0xaaaaaaaa 0xaaaaaaaa 0xaaaabbbb 0xbbbbbbbb 0x00 0xeeee 0xeeffffff + 0xcccccccc + 0xccccdddd 0xddbbbbbb 0xccccccbb 0xbbbbbbbb 0xbbbbbbbb 0xbbbbbbbb + 0xbbbbcccc 0xccdddddd + 0x516200 0x686e0051 0x6200686e 0x516200 0x686e0051 0x6200686e + 0x516200 0x686e0051 + 0x6200686e 0x516200 0x686e0051 0x6200686e 0x516200 0x686e0051 + 0x6200686e 0x516200 + 0x686e0051 0x6200686e 0x516200 0x686e0051 0x6200686e 0x516200 + 0x686e0051 0x6200686e + 0x516200 0x686e0051 0x6200686e 0x516200 0x686e0051 0x6200686e + 0x516200 0x686e0051 + 0x6200686e 0x516200 0x686e0051 0x6200686e 0x516200 0x686e0051 + 0x6200686e 0x516200 + 0x686e0051 0x6200686e 0x516200 0x686e0051 0x6200686e 0x516200 + 0x686e0051 0x6200686e + 0x88888888 0x88888888 0x88888888 0x88888888 0x88888888 0x88888888 + 0x88888888 0x88888888 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x01 0x6000100 0x1050002 0xff0300 + 0xf900fe03 0x00 0x00 0x9b 0x6e370000 0x00 0xfc0009 0xa00fe00 + 0x60700fe 0x70800 0x5000b0a 0x00 0x00 0xe2 0x96460000 0x00 + 0x400f7 0xf8000300 0xfcfe0003 0xfbfc00 0xee00e3f2 0x00 0x00 0x11 + 0xbb550000 0x00 0x600f6 0xfc000300 0xfbfe0004 0xfafe00 0xf600ecf2 + 0x00 + 0x00 0x1f 0xbf580000 0x00 0x600f5 0xf6000400 0xf8f90004 0xf7f800 + 0xf700f0f4 0x00 0x00 0x24 0xbe570000 0x00 0x800f8 0xfe000600 + 0xf8fd0007 0xf9fe00 0xf500f0f4 0x00 0x00 0x2d 0xd6610000 0x00 + 0x400f7 0xfc000500 0xf7fc0005 0xf7fc00 0xf900f5f8 0x00 0x00 0x26 + 0xd96e0000 0x00 0x400f7 0xf9000600 0xf5f70005 0xf5f800 0xf900f4f7 + 0x00 + 0x00 0x1b 0xce690000 0x00 0x300f8 0xf8000600 0xf6f60004 0xf6f700 + 0xf900f4f7 0x00 0x00 0x18 0xd8720000 0x00 0x00 0x2404002 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0xc1c2c1c2 0x41c341c3 0x3fc13fc1 0x40c13fc2 0x3fc240c1 0x41c040c0 + 0x3fc23fc2 0x40c13fc2 + 0x3fc140c0 0x41c040c0 0x3fc33fc3 0x40c23fc2 0x3fc240c1 0x41c040c0 + 0x3fc23fc2 0x40c23fc2 + 0x3fc140c1 0x41c040c0 0x00 0x00 0x41c741c7 0xc1c7c1c7 0x00 0x00 + 0x3fc03fc0 0x3fc03fc0 0x3fc03fc0 0x3fc03fc0 0x3fc03fc0 0x3fc03fc0 + 0x3fc03fc0 0x3fc03fc0 + 0x3fc03fc0 0x3fc03fc0 0x3fc03fc0 0x3fc03fc0 0x3fc03fc0 0x3fc03fc0 + 0x3fc03fc0 0x3fc03fc0 + 0xa0ce00 0x00 0xb6840000 0x00 0x00 0x00 0x18181818 0x18181818 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x4b5763 0x4b 0x57630000 0x4b5763 0x4b 0x57630000 0x88888888 + 0x8474759 + 0x69780849 0x49596d7a 0x849495a 0x6d790848 0x48596c78 0x8484858 + 0x6a780848 0x48586a78 + 0x8484858 0x6c78084a 0x4a5b6d79 0x8474759 0x697a0848 0x48596b79 + 0x8484859 0x6c7a0848 + 0x48586c79 0x8484857 0x68770848 0x48576877 0x8484857 0x6a77084a + 0x4a5a6a77 0x8464659 + 0x69790848 0x48586b79 0x8484858 0x6c7a0848 0x48596c79 0x8484857 + 0x68770848 0x48576877 + 0x8494958 0x6d7a084b 0x4b5c6c77 0x847475a 0x6a7b0849 0x495a6e7c + 0x849495a 0x6e7c0849 + 0x495b6e7c 0x8494959 0x6a7a0849 0x49596a7a 0x84a4a5a 0x6f7d084b + 0x4b5c6e7b 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x85848484 + 0xc3c4c4c5 0xc4c3c33f 0xc3c3c2c2 0xc2c2c03f 0xc3c3c3c4 0xc4c4c33f + 0xc2c2c2c2 0xc1c3c1c1 + 0xc0c08282 0x83848686 0x88880000 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x1111 0x00 + 0x8080f703 0x10808080 0x80050d13 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0xa4 0xce000000 0xb684 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 + 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00>; + }; + }; +}; diff --git a/system/hardware/bpi_r3/pkgs.nix b/system/hardware/bpi_r3/pkgs.nix new file mode 100644 index 0000000..0051b4f --- /dev/null +++ b/system/hardware/bpi_r3/pkgs.nix @@ -0,0 +1,329 @@ +{ pkgs +, pkgs' +, lib +# , sources +, ... }: + +let + armTrustedFirmwareBpiR3 = { bootDevice, uboot ? null }: pkgs.buildArmTrustedFirmware rec { + # TODO: nvfetcherify this + src = pkgs.fetchFromGitHub { + owner = "frank-w"; + repo = "u-boot"; + rev = "c30a1caf8274af67bf31f3fb5abc45df5737df36"; + hash = "sha256-pW2yytXRIFEIbG1gnuXq8TiLe/Eew7zESe6Pijh2qVk="; + }; + patches = [ ./bpi-r3-atf-backport-mkimage-support.patch ]; + extraMakeFlags = assert builtins.elem bootDevice [ + "nor" "snand" "spim-nand" "emmc" "sdmmc" "ram" + ]; [ + "BOOT_DEVICE=${bootDevice}" + "DRAM_USE_DDR4=1" + "USE_MKIMAGE=1" + "MKIMAGE=${pkgs.ubootTools}/bin/mkimage" + "all" + "fip" + ] ++ lib.optionals (uboot != null) [ + "BL33=${uboot}/u-boot.bin" + ]; + extraMeta.platforms = [ "aarch64-linux" ]; + platform = "mt7986"; + filesToInstall = [ + "build/${platform}/release/bl2.img" + "build/${platform}/release/fip.bin" + ]; + nativeBuildInputs = with pkgs; [ /*pkgsCross.arm-embedded.stdenv.cc*/ dtc ]; + }; + # sd/emmc + # -- CONFIG_USE_BOOTCOMMAND/CONFIG_BOOTCOMMAND - distroboot stuff (override default boot command) + # -- CONFIG_BOOTDELAY - autoboot timeout + # CONFIG_BOOTSTD_DEFAULTS - stdboot stuff + # CONFIG_BOOTSTD_BOOTCOMMAND - might be? an alternative to CONFIG_BOOTCOMMAND + # CONFIG_DEFAULT_FDT_FILE - compatibility with nixos + # CONFIG_DISTRO_DEFAULTS - surely this won't hurt, it adds autocomplete and stuff and doesn't weight much in the large scale of things + # CONFIG_SYS_BOOTM_LEN - increase max initrd? size + # CONFIG_ZSTD - allow zstd initrd + ubootConfig = storage: '' + CONFIG_AUTOBOOT=y + CONFIG_BOOTCOMMAND="${builtins.replaceStrings [ "\n" ] [ "; " ] '' + setenv boot_prefixes /@boot/ /@/ /boot/ / + run distro_bootcmd + ''};" + CONFIG_BOOTSTD_DEFAULTS=y + CONFIG_BOOTSTD_FULL=y + CONFIG_CMD_BTRFS=y + CONFIG_CMD_CAT=y + CONFIG_DEFAULT_FDT_FILE="mediatek/mt7986a-bananapi-bpi-r3.dtb" + CONFIG_DISTRO_DEFAULTS=y + CONFIG_ENV_IS_NOWHERE=y + CONFIG_FS_BTRFS=y + CONFIG_SYS_BOOTM_LEN=0x6000000 + CONFIG_USE_BOOTCOMMAND=y + CONFIG_ZSTD=y + ''; + ubootVersion = "2023.07-rc3"; + ubootSrc = pkgs.fetchurl { + url = "ftp://ftp.denx.de/pub/u-boot/u-boot-${ubootVersion}.tar.bz2"; + hash = "sha256-QuwINnS9MPpMFueMP19FPAjZ9zdZWne13aWVrDoJ2C8="; + }; +in rec { + ubootBpiR3Sd = pkgs.buildUBoot { + defconfig = "mt7986a_bpir3_sd_defconfig"; + extraConfig = ubootConfig "sd"; + src = ubootSrc; + version = ubootVersion; + extraMeta.platforms = [ "aarch64-linux" ]; + # https://github.com/nakato/nixos-bpir3-example/blob/main/pkgs/uboot/mt7986-default-bootcmd.patch + patches = [ ./mt7986-default-bootcmd.patch ]; + filesToInstall = [ "u-boot.bin" ]; + }; + ubootBpiR3Emmc = pkgs.buildUBoot { + defconfig = "mt7986a_bpir3_emmc_defconfig"; + extraConfig = ubootConfig "emmc"; + src = ubootSrc; + version = ubootVersion; + extraMeta.platforms = [ "aarch64-linux" ]; + patches = [ ./mt7986-default-bootcmd.patch ]; + filesToInstall = [ "u-boot.bin" ]; + }; + armTrustedFirmwareBpiR3Sd = armTrustedFirmwareBpiR3 { uboot = ubootBpiR3Sd; bootDevice = "sdmmc"; }; + armTrustedFirmwareBpiR3Emmc = armTrustedFirmwareBpiR3 { uboot = ubootBpiR3Emmc; bootDevice = "emmc"; }; + bpiR3StuffCombined = pkgs.stdenvNoCC.mkDerivation { + name = "bpi-r3-stuff"; + unpackPhase = "true"; + buildPhase = "true"; + installPhase = '' + mkdir -p $out/sd + mkdir -p $out/emmc + cp ${bpiR3StuffEmmc}/* $out/emmc + cp ${bpiR3StuffSd}/* $out/sd + ''; + fixupPhase = "true"; + }; + bpiR3StuffEmmc = pkgs.stdenvNoCC.mkDerivation { + name = "bpi-r3-stuff-emmc"; + unpackPhase = "true"; + buildPhase = "true"; + installPhase = '' + mkdir -p $out + cp ${ubootBpiR3Emmc}/*.* $out + cp ${armTrustedFirmwareBpiR3Emmc}/*.* $out + ''; + fixupPhase = "true"; + }; + bpiR3StuffSd = pkgs.stdenvNoCC.mkDerivation { + name = "bpi-r3-stuff-sd"; + unpackPhase = "true"; + buildPhase = "true"; + installPhase = '' + mkdir -p $out + cp ${ubootBpiR3Sd}/*.* $out + cp ${armTrustedFirmwareBpiR3Sd}/*.* $out + ''; + fixupPhase = "true"; + }; + linux_bpiR3 = pkgs.linux_testing.override { + stdenv = pkgs'.ccacheStdenv; + buildPackages = pkgs'.buildPackages // { + stdenv = pkgs'.buildPackages.ccacheStdenv; + }; + # there's probably more enabled-by-default configs that are better left disabled, but whatever + structuredExtraConfig = with lib.kernel; { + /* "Select this option if you are building a kernel for a server or + scientific/computation system, or if you want to maximize the + raw processing power of the kernel, irrespective of scheduling + latencies." */ + PREEMPT_NONE = yes; + # disable the other preempts + PREEMPTION = no; + PREEMPT_VOLUNTARY = lib.mkForce no; + PREEMPT = no; + + CPU_FREQ_GOV_ONDEMAND = yes; + CPU_FREQ_DEFAULT_GOV_ONDEMAND = yes; + CPU_FREQ_DEFAULT_GOV_PERFORMANCE = lib.mkForce no; + CPU_FREQ_GOV_CONSERVATIVE = yes; + # disable virtualisation stuff + PARAVIRT = lib.mkForce no; + VIRTUALIZATION = no; + XEN = lib.mkForce no; + # zstd + KERNEL_ZSTD = yes; + MODULE_COMPRESS_ZSTD = yes; + MODULE_DECOMPRESS = yes; + FW_LOADER_COMPRESS_ZSTD = yes; + # zram + ZRAM_DEF_COMP_ZSTD = yes; + CRYPTO_ZSTD = yes; + ZRAM_MEMORY_TRACKING = yes; + # router stuff + IP_FIB_TRIE_STATS = yes; + IP_ROUTE_CLASSID = yes; + # adds sysctl net.ipv4.tcp_syncookies + SYN_COOKIES = yes; + WIREGUARD = yes; + INET = yes; + # stuff for ss + NETLINK_DIAG = yes; + # nftables features + IP_SET = module; + NF_CONNTRACK = module; + NF_CONNTRACK_BRIDGE = module; + NF_CONNTRACK_MARK = yes; + NF_NAT = module; + NF_FLOW_TABLE = module; + NF_FLOW_TABLE_INET = module; + NF_LOG_ARP = module; + NF_LOG_IPV4 = module; + NF_LOG_IPV6 = module; + NETFILTER_NETLINK_QUEUE = module; + NFT_BRIDGE_META = module; + NFT_BRIDGE_REJECT = module; + NFT_CONNLIMIT = module; + NFT_CT = module; + NFT_DUP_IPV4 = module; + NFT_DUP_IPV6 = module; + NFT_DUP_NETDEV = module; + NFT_FIB = module; + NFT_FIB_IPV4 = module; + NFT_FIB_IPV6 = module; + NFT_FIB_INET = module; + NFT_FIB_NETDEV = module; + NFT_FLOW_OFFLOAD = module; + NFT_FWD_NETDEV = module; + NFT_HASH = module; + NFT_LIMIT = module; + NFT_LOG = module; + NFT_MASQ = module; + NFT_NAT = module; + NFT_NUMGEN = module; + NFT_OSF = module; + NFT_QUEUE = module; + NFT_QUOTA = module; + NFT_REDIR = module; + NFT_REJECT = module; + NFT_REJECT_IPV4 = module; + NFT_REJECT_IPV6 = module; + NFT_REJECT_INET = module; + NFT_SOCKET = module; + NFT_SYNPROXY = module; + NFT_TPROXY = module; + NFT_TUNNEL = module; + + BRIDGE = yes; + HSR = no; + NET_DSA = yes; + + # packet CLaSsification + NET_CLS_ROUTE4 = module; + NET_CLS_FW = module; + NET_CLS_U32 = module; + NET_CLS_FLOW = module; + NET_CLS_CGROUP = module; + NET_CLS_FLOWER = module; + NET_CLS_MATCHALL = module; + NET_EMATCH = yes; + NET_EMATCH_CMP = module; + NET_EMATCH_NBYTE = module; + NET_EMATCH_U32 = module; + NET_EMATCH_META = module; + NET_EMATCH_TEXT = module; + NET_EMATCH_IPSET = module; + + # packet actions + NET_CLS_ACT = yes; + NET_ACT_POLICE = module; + NET_ACT_GACT = module; + NET_ACT_SAMPLE = module; + NET_ACT_NAT = module; + NET_ACT_PEDIT = module; + NET_ACT_SKBEDIT = module; + NET_ACT_CSUM = module; + NET_ACT_MPLS = module; + NET_ACT_VLAN = module; + NET_ACT_CONNMARK = module; + NET_ACT_CTINFO = module; + NET_ACT_SKBMOD = module; + NET_ACT_IFE = module; + NET_ACT_TUNNEL_KEY = module; + NET_ACT_CT = module; + + # random stuff + PSAMPLE = module; + RFKILL = yes; + CRYPTO_SHA256 = yes; + + # hardware specific stuff + FB = lib.mkForce no; + DRM = no; + CFG80211 = module; + MAC80211 = module; + + NR_CPUS = lib.mkForce (freeform "4"); + SMP = yes; + + SFP = yes; + ARCH_MEDIATEK = yes; + MEDIATEK_WATCHDOG = yes; + MTD_NAND_ECC_MEDIATEK = yes; + MTD_NAND_ECC_SW_HAMMING = yes; + MTD_NAND_MTK = yes; + MTD_SPI_NAND = yes; + MTD_UBI = yes; + MTD_UBI_BLOCK = yes; + NVMEM_MTK_EFUSE = yes; + MTK_HSDMA = yes; + MTK_INFRACFG = yes; + MTK_PMIC_WRAP = yes; + MTK_THERMAL = yes; + MTK_TIMER = yes; + NET_DSA_MT7530 = yes; + NET_DSA_MT7530_MDIO = yes; + NET_DSA_MT7530_MMIO = yes; + NET_DSA_TAG_MTK = yes; + NET_MEDIATEK_SOC = yes; + NET_MEDIATEK_SOC_WED = yes; + NET_MEDIATEK_STAR_EMAC = yes; + NET_SWITCHDEV = yes; + NET_VENDOR_MEDIATEK = yes; + PCIE_MEDIATEK = yes; + PCIE_MEDIATEK_GEN3 = yes; + PINCTRL_MT7986 = yes; + PWM_MEDIATEK = yes; + MT7915E = module; + MT7986_WMAC = yes; + SPI_MT65XX = yes; + SPI_MTK_NOR = yes; + SPI_MTK_SNFI = yes; + MMC_MTK = yes; + }; + }; + linuxPackages_bpiR3 = pkgs.linuxPackagesFor linux_bpiR3; + # there are few direct hits with the linux kernel, so use CCACHE_NODIRECT + # (direct hits are file-based, non-direct are preprocessed file-based) + ccacheWrapper = pkgs.ccacheWrapper.override { + extraConfig = '' + export CCACHE_COMPRESS=1 + export CCACHE_DIR="/var/cache/ccache" + export CCACHE_UMASK=007 + export CCACHE_SLOPPINESS=include_file_mtime,time_macros + export CCACHE_NODIRECT=1 + if [ ! -d "$CCACHE_DIR" ]; then + echo "=====" + echo "Directory '$CCACHE_DIR' does not exist" + echo "Please create it with:" + echo " sudo mkdir -m0770 '$CCACHE_DIR'" + echo " sudo chown root:nixbld '$CCACHE_DIR'" + echo "=====" + exit 1 + fi + if [ ! -w "$CCACHE_DIR" ]; then + echo "=====" + echo "Directory '$CCACHE_DIR' is not accessible for user $(whoami)" + echo "Please verify its access permissions" + echo "=====" + exit 1 + fi + ''; + }; +} diff --git a/system/hosts/nixserver/default.nix b/system/hosts/nixserver/default.nix index e4c4e43..aaf014e 100644 --- a/system/hosts/nixserver/default.nix +++ b/system/hosts/nixserver/default.nix @@ -69,7 +69,7 @@ in { enable = true; path = /persist; directories = [ - { directory = /home/${config.common.mainUsername}; user = config.common.mainUsername; group = config.common.mainUsername; mode = "0700"; } + { directory = /home/${config.common.mainUsername}; user = config.common.mainUsername; group = "users"; mode = "0700"; } { directory = /root; } { directory = /nix; } { directory = /var/www/${cfg.domainName}; } diff --git a/system/hosts/router/default.nix b/system/hosts/router/default.nix index ac34ce2..1540390 100644 --- a/system/hosts/router/default.nix +++ b/system/hosts/router/default.nix @@ -25,7 +25,7 @@ in { enable = true; path = /persist; directories = [ - { directory = /home/${config.common.mainUsername}; user = config.common.mainUsername; group = config.common.mainUsername; mode = "0700"; } + { directory = /home/${config.common.mainUsername}; user = config.common.mainUsername; group = "users"; mode = "0700"; } { directory = /root; mode = "0700"; } ]; };