bpi-r3: working config

This commit is contained in:
chayleaf 2023-06-14 17:26:54 +07:00
parent 683e9a747f
commit 9b06667b57
8 changed files with 522 additions and 325 deletions

View file

@ -9,70 +9,9 @@ let
sources = import ./_sources/generated.nix {
inherit (pkgs) fetchgit fetchurl fetchFromGitHub dockerTools;
};
armTrustedFirmwareBpiR3 = { bootDevice, uboot ? null }: pkgs.buildArmTrustedFirmware rec {
# TODO: nvfetcherify this
src = pkgs.fetchFromGitHub {
owner = "frank-w";
repo = "u-boot";
rev = "c30a1caf8274af67bf31f3fb5abc45df5737df36";
hash = "sha256-pW2yytXRIFEIbG1gnuXq8TiLe/Eew7zESe6Pijh2qVk=";
};
patches = [ ./bpi-r3-atf-backport-mkimage-support.patch ];
extraMakeFlags = assert builtins.elem bootDevice [
"nor" "snand" "spim-nand" "emmc" "sdmmc" "ram"
]; [
"BOOT_DEVICE=${bootDevice}"
"DRAM_USE_DDR4=1"
"USE_MKIMAGE=1"
"MKIMAGE=${pkgs.ubootTools}/bin/mkimage"
"all"
"fip"
] ++ lib.optionals (uboot != null) [
"BL33=${uboot}/u-boot.bin"
];
extraMeta.platforms = [ "aarch64-linux" ];
platform = "mt7986";
filesToInstall = [
"build/${platform}/release/bl2.img"
"build/${platform}/release/fip.bin"
];
nativeBuildInputs = with pkgs; [ /*pkgsCross.arm-embedded.stdenv.cc*/ dtc ];
};
# sd/emmc
# -- CONFIG_USE_BOOTCOMMAND/CONFIG_BOOTCOMMAND - distroboot stuff (override default boot command)
# -- CONFIG_BOOTDELAY - autoboot timeout
# CONFIG_BOOTSTD_DEFAULTS - stdboot stuff
# CONFIG_BOOTSTD_BOOTCOMMAND - might be? an alternative to CONFIG_BOOTCOMMAND
# CONFIG_DEFAULT_FDT_FILE - compatibility with nixos
# CONFIG_DISTRO_DEFAULTS - surely this won't hurt, it adds autocomplete and stuff and doesn't weight much in the large scale of things
# CONFIG_SYS_BOOTM_LEN - increase max initrd? size
# CONFIG_ZSTD - allow zstd initrd
ubootConfig = storage: ''
CONFIG_AUTOBOOT=y
CONFIG_BOOTCOMMAND="${builtins.replaceStrings [ "\n" ] [ "; " ] ''
setenv boot_prefixes /@boot/ /@/ /boot/ /
run distro_bootcmd
''};"
CONFIG_BOOTSTD_DEFAULTS=y
CONFIG_BOOTSTD_FULL=y
CONFIG_CMD_BTRFS=y
CONFIG_CMD_CAT=y
CONFIG_DEFAULT_FDT_FILE="mediatek/mt7986a-bananapi-bpi-r3.dtb"
CONFIG_DISTRO_DEFAULTS=y
CONFIG_ENV_IS_NOWHERE=y
CONFIG_FS_BTRFS=y
CONFIG_SYS_BOOTM_LEN=0x6000000
CONFIG_USE_BOOTCOMMAND=y
CONFIG_ZSTD=y
'';
ubootVersion = "2023.07-rc3";
ubootSrc = pkgs.fetchurl {
url = "ftp://ftp.denx.de/pub/u-boot/u-boot-${ubootVersion}.tar.bz2";
hash = "sha256-QuwINnS9MPpMFueMP19FPAjZ9zdZWne13aWVrDoJ2C8=";
};
in
rec {
{
osu-lazer-bin = nix-gaming.osu-lazer-bin;
clang-tools_latest = pkgs.clang-tools_16;
clang_latest = pkgs.clang_16;
@ -105,266 +44,6 @@ rec {
# system76-scheduler = callPackage ./system76-scheduler.nix { };
techmino = callPackage ./techmino { };
ubootBpiR3Sd = pkgs.buildUBoot {
defconfig = "mt7986a_bpir3_sd_defconfig";
extraConfig = ubootConfig "sd";
src = ubootSrc;
version = ubootVersion;
extraMeta.platforms = [ "aarch64-linux" ];
# https://github.com/nakato/nixos-bpir3-example/blob/main/pkgs/uboot/mt7986-default-bootcmd.patch
patches = [ ./mt7986-default-bootcmd.patch ];
filesToInstall = [ "u-boot.bin" ];
};
ubootBpiR3Emmc = pkgs.buildUBoot {
defconfig = "mt7986a_bpir3_emmc_defconfig";
extraConfig = ubootConfig "emmc";
src = ubootSrc;
version = ubootVersion;
extraMeta.platforms = [ "aarch64-linux" ];
patches = [ ./mt7986-default-bootcmd.patch ];
filesToInstall = [ "u-boot.bin" ];
};
armTrustedFirmwareBpiR3Sd = armTrustedFirmwareBpiR3 { uboot = ubootBpiR3Sd; bootDevice = "sdmmc"; };
armTrustedFirmwareBpiR3Emmc = armTrustedFirmwareBpiR3 { uboot = ubootBpiR3Emmc; bootDevice = "emmc"; };
bpiR3StuffCombined = pkgs.stdenvNoCC.mkDerivation {
name = "bpi-r3-stuff";
unpackPhase = "true";
buildPhase = "true";
installPhase = ''
mkdir -p $out/sd
mkdir -p $out/emmc
cp ${bpiR3StuffEmmc}/* $out/emmc
cp ${bpiR3StuffSd}/* $out/sd
'';
fixupPhase = "true";
};
bpiR3StuffEmmc = pkgs.stdenvNoCC.mkDerivation {
name = "bpi-r3-stuff-emmc";
unpackPhase = "true";
buildPhase = "true";
installPhase = ''
mkdir -p $out
cp ${ubootBpiR3Emmc}/*.* $out
cp ${armTrustedFirmwareBpiR3Emmc}/*.* $out
'';
fixupPhase = "true";
};
bpiR3StuffSd = pkgs.stdenvNoCC.mkDerivation {
name = "bpi-r3-stuff-sd";
unpackPhase = "true";
buildPhase = "true";
installPhase = ''
mkdir -p $out
cp ${ubootBpiR3Sd}/*.* $out
cp ${armTrustedFirmwareBpiR3Sd}/*.* $out
'';
fixupPhase = "true";
};
linux_bpiR3 = pkgs.linux_testing.override {
stdenv = pkgs'.ccacheStdenv;
buildPackages = pkgs'.buildPackages // {
stdenv = pkgs'.buildPackages.ccacheStdenv;
};
# there's probably more enabled-by-default configs that are better left disabled, but whatever
structuredExtraConfig = with lib.kernel; {
/* "Select this option if you are building a kernel for a server or
scientific/computation system, or if you want to maximize the
raw processing power of the kernel, irrespective of scheduling
latencies." */
PREEMPT_NONE = yes;
# disable the other preempts
PREEMPTION = no;
PREEMPT_VOLUNTARY = lib.mkForce no;
PREEMPT = no;
CPU_FREQ_GOV_ONDEMAND = yes;
CPU_FREQ_DEFAULT_GOV_ONDEMAND = yes;
CPU_FREQ_DEFAULT_GOV_PERFORMANCE = lib.mkForce no;
CPU_FREQ_GOV_CONSERVATIVE = yes;
# disable virtualisation stuff
PARAVIRT = lib.mkForce no;
VIRTUALIZATION = no;
XEN = lib.mkForce no;
# zstd
KERNEL_ZSTD = yes;
MODULE_COMPRESS_ZSTD = yes;
MODULE_DECOMPRESS = yes;
FW_LOADER_COMPRESS_ZSTD = yes;
# zram
ZRAM_DEF_COMP_ZSTD = yes;
CRYPTO_ZSTD = yes;
ZRAM_MEMORY_TRACKING = yes;
# router stuff
IP_FIB_TRIE_STATS = yes;
IP_ROUTE_CLASSID = yes;
# adds sysctl net.ipv4.tcp_syncookies
SYN_COOKIES = yes;
WIREGUARD = yes;
INET = yes;
# stuff for ss
NETLINK_DIAG = yes;
# nftables features
IP_SET = module;
NF_CONNTRACK = module;
NF_CONNTRACK_BRIDGE = module;
NF_CONNTRACK_MARK = yes;
NF_NAT = module;
NF_FLOW_TABLE = module;
NF_FLOW_TABLE_INET = module;
NF_LOG_ARP = module;
NF_LOG_IPV4 = module;
NF_LOG_IPV6 = module;
NETFILTER_NETLINK_QUEUE = module;
NFT_BRIDGE_META = module;
NFT_BRIDGE_REJECT = module;
NFT_CONNLIMIT = module;
NFT_CT = module;
NFT_DUP_IPV4 = module;
NFT_DUP_IPV6 = module;
NFT_DUP_NETDEV = module;
NFT_FIB = module;
NFT_FIB_IPV4 = module;
NFT_FIB_IPV6 = module;
NFT_FIB_INET = module;
NFT_FIB_NETDEV = module;
NFT_FLOW_OFFLOAD = module;
NFT_FWD_NETDEV = module;
NFT_HASH = module;
NFT_LIMIT = module;
NFT_LOG = module;
NFT_MASQ = module;
NFT_NAT = module;
NFT_NUMGEN = module;
NFT_OSF = module;
NFT_QUEUE = module;
NFT_QUOTA = module;
NFT_REDIR = module;
NFT_REJECT = module;
NFT_REJECT_IPV4 = module;
NFT_REJECT_IPV6 = module;
NFT_REJECT_INET = module;
NFT_SOCKET = module;
NFT_SYNPROXY = module;
NFT_TPROXY = module;
NFT_TUNNEL = module;
BRIDGE = yes;
HSR = no;
NET_DSA = yes;
# packet CLaSsification
NET_CLS_ROUTE4 = module;
NET_CLS_FW = module;
NET_CLS_U32 = module;
NET_CLS_FLOW = module;
NET_CLS_CGROUP = module;
NET_CLS_FLOWER = module;
NET_CLS_MATCHALL = module;
NET_EMATCH = yes;
NET_EMATCH_CMP = module;
NET_EMATCH_NBYTE = module;
NET_EMATCH_U32 = module;
NET_EMATCH_META = module;
NET_EMATCH_TEXT = module;
NET_EMATCH_IPSET = module;
# packet actions
NET_CLS_ACT = yes;
NET_ACT_POLICE = module;
NET_ACT_GACT = module;
NET_ACT_SAMPLE = module;
NET_ACT_NAT = module;
NET_ACT_PEDIT = module;
NET_ACT_SKBEDIT = module;
NET_ACT_CSUM = module;
NET_ACT_MPLS = module;
NET_ACT_VLAN = module;
NET_ACT_CONNMARK = module;
NET_ACT_CTINFO = module;
NET_ACT_SKBMOD = module;
NET_ACT_IFE = module;
NET_ACT_TUNNEL_KEY = module;
NET_ACT_CT = module;
# random stuff
PSAMPLE = module;
RFKILL = yes;
CRYPTO_SHA256 = yes;
# hardware specific stuff
FB = lib.mkForce no;
DRM = no;
CFG80211 = module;
MAC80211 = module;
NR_CPUS = lib.mkForce (freeform "4");
SMP = yes;
SFP = yes;
ARCH_MEDIATEK = yes;
MEDIATEK_WATCHDOG = yes;
MTD_NAND_ECC_MEDIATEK = yes;
MTD_NAND_ECC_SW_HAMMING = yes;
MTD_NAND_MTK = yes;
MTD_SPI_NAND = yes;
MTD_UBI = yes;
MTD_UBI_BLOCK = yes;
NVMEM_MTK_EFUSE = yes;
MTK_HSDMA = yes;
MTK_INFRACFG = yes;
MTK_PMIC_WRAP = yes;
MTK_THERMAL = yes;
MTK_TIMER = yes;
NET_DSA_MT7530 = yes;
NET_DSA_MT7530_MDIO = yes;
NET_DSA_MT7530_MMIO = yes;
NET_DSA_TAG_MTK = yes;
NET_MEDIATEK_SOC = yes;
NET_MEDIATEK_SOC_WED = yes;
NET_MEDIATEK_STAR_EMAC = yes;
NET_SWITCHDEV = yes;
NET_VENDOR_MEDIATEK = yes;
PCIE_MEDIATEK = yes;
PCIE_MEDIATEK_GEN3 = yes;
PINCTRL_MT7986 = yes;
PWM_MEDIATEK = yes;
MT7915E = module;
MT7986_WMAC = yes;
SPI_MT65XX = yes;
SPI_MTK_NOR = yes;
SPI_MTK_SNFI = yes;
MMC_MTK = yes;
};
};
linuxPackages_bpiR3 = pkgs.linuxPackagesFor linux_bpiR3;
# there are few direct hits with the linux kernel, so use CCACHE_NODIRECT
# (direct hits are file-based, non-direct are preprocessed file-based)
ccacheWrapper = pkgs.ccacheWrapper.override {
extraConfig = ''
export CCACHE_COMPRESS=1
export CCACHE_DIR="/var/cache/ccache"
export CCACHE_UMASK=007
export CCACHE_SLOPPINESS=include_file_mtime,time_macros
export CCACHE_NODIRECT=1
if [ ! -d "$CCACHE_DIR" ]; then
echo "====="
echo "Directory '$CCACHE_DIR' does not exist"
echo "Please create it with:"
echo " sudo mkdir -m0770 '$CCACHE_DIR'"
echo " sudo chown root:nixbld '$CCACHE_DIR'"
echo "====="
exit 1
fi
if [ ! -w "$CCACHE_DIR" ]; then
echo "====="
echo "Directory '$CCACHE_DIR' is not accessible for user $(whoami)"
echo "Please verify its access permissions"
echo "====="
exit 1
fi
'';
};
firefox-addons = lib.recurseIntoAttrs (callPackage ./firefox-addons { inherit nur sources; });
mpvScripts = pkgs.mpvScripts // (callPackage ./mpv-scripts { });
}
} // (import ../system/hardware/bpi_r3/pkgs.nix { inherit pkgs pkgs' lib sources; })

View file

@ -14,6 +14,12 @@
hardware.deviceTree.enable = true;
hardware.deviceTree.filter = "mt7986a-bananapi-bpi-r3.dtb";
hardware.enableRedistributableFirmware = true;
hardware.deviceTree.overlays = [
{
name = "mt7986a-bananapi-bpi-r3-wireless.dts";
dtsFile = ./mt7986a-bananapi-bpi-r3-wireless.dts;
}
];
# # disable a bunch of useless drivers
# boot.initrd.includeDefaultModules = false;

View file

@ -0,0 +1,183 @@
/dts-v1/;
/plugin/;
/ {
compatible = "bananapi,bpi-r3";
fragment@0 {
target = <&wifi>;
__overlay__ {
// without this it just says
// mt7986-wmac 18000000.wifi: HW/SW Version: 0x8a108a10, Build Time: 20221012174743a
// mt7986-wmac 18000000.wifi: WM Firmware Version: ____000000, Build Time: 20221012174805
// mt7986-wmac 18000000.wifi: WA Firmware Version: DEV_000000, Build Time: 20221012174937
// mt7986-wmac 18000000.wifi: eeprom load fail, use default bin
// mt7986-wmac 18000000.wifi: Direct firmware load for mediatek/mt7986_eeprom_mt7975_dual.bin failed with error -2
mediatek,eeprom-data = <0x86790900 0xc4326 0x60000000 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x1000000
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x800 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x24649090 0x280000 0x5100000 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x21e00 0x21e0002 0x1e00021e 0x22800 0x2280002 0x28000228 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x8080 0x8080fdf7
0x903150d 0x80808080 0x80808080 0x5050d0d 0x1313c6c6 0xc3c3c200
0xc200c2 0x8182
0x8585c2c2 0x82828282 0x858500c2 0xc2000081 0x82858587 0x87c2c200
0x81818285 0x858787c2
0xc2000081 0x82858587 0x87c2c200 0x818285 0x858787c2 0xc2000081
0x82858587 0x87c4c4c2
0xc100c300 0xc3c3c100 0x818383c3 0xc3c3c100 0x81838300 0xc2c2c2c0
0x81828484 0xc3
0xc3c3c100 0x81838386 0x86c3c3c3 0xc1008183 0x838686c2 0xc2c2c081
0x82848486 0x86c3c3c3
0xc1008183 0x838686c3 0xc3c3c100 0x81838386 0x86c3c3c3 0xc1008183
0x83868622 0x28002228
0x222800 0x22280000 0xdddddddd 0xdddddddd 0xddbbbbbb 0xccccccdd
0xdddddddd 0xdddddddd
0xeeeeeecc 0xccccdddd 0xdddddddd 0x4a5662 0x4a 0x56620000 0x4a5662
0x4a
0x56620000 0x88888888 0x33333326 0x26262626 0x26262600 0x33333326
0x26262626 0x26262600
0x33333326 0x26262626 0x26262600 0x33333326 0x26262626 0x26262600
0x00 0xf0f0cc00
0x00 0xaaaa 0xaabbbbbb 0xcccccccc 0xccccbbbb 0xbbbbbbbb 0xbbbbbbaa
0xaaaabbbb
0xbbaaaaaa 0x999999aa 0xaaaabbbb 0xbbcccccc 0x00 0xaaaa 0xaa000000
0xbbbbbbbb
0xbbbbaaaa 0xaa999999 0xaaaaaaaa 0xaaaaaaaa 0xaaaaaaaa 0xaaaaaaaa
0xaaaabbbb 0xbbbbbbbb
0x00 0x00 0x00 0x99999999 0x9999aaaa 0xaaaaaaaa 0x999999aa
0xaaaaaaaa
0xaaaaaaaa 0xaaaaaaaa 0xaaaabbbb 0xbbbbbbbb 0x00 0xeeee 0xeeffffff
0xcccccccc
0xccccdddd 0xddbbbbbb 0xccccccbb 0xbbbbbbbb 0xbbbbbbbb 0xbbbbbbbb
0xbbbbcccc 0xccdddddd
0x516200 0x686e0051 0x6200686e 0x516200 0x686e0051 0x6200686e
0x516200 0x686e0051
0x6200686e 0x516200 0x686e0051 0x6200686e 0x516200 0x686e0051
0x6200686e 0x516200
0x686e0051 0x6200686e 0x516200 0x686e0051 0x6200686e 0x516200
0x686e0051 0x6200686e
0x516200 0x686e0051 0x6200686e 0x516200 0x686e0051 0x6200686e
0x516200 0x686e0051
0x6200686e 0x516200 0x686e0051 0x6200686e 0x516200 0x686e0051
0x6200686e 0x516200
0x686e0051 0x6200686e 0x516200 0x686e0051 0x6200686e 0x516200
0x686e0051 0x6200686e
0x88888888 0x88888888 0x88888888 0x88888888 0x88888888 0x88888888
0x88888888 0x88888888
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x01 0x6000100 0x1050002 0xff0300
0xf900fe03 0x00 0x00 0x9b 0x6e370000 0x00 0xfc0009 0xa00fe00
0x60700fe 0x70800 0x5000b0a 0x00 0x00 0xe2 0x96460000 0x00
0x400f7 0xf8000300 0xfcfe0003 0xfbfc00 0xee00e3f2 0x00 0x00 0x11
0xbb550000 0x00 0x600f6 0xfc000300 0xfbfe0004 0xfafe00 0xf600ecf2
0x00
0x00 0x1f 0xbf580000 0x00 0x600f5 0xf6000400 0xf8f90004 0xf7f800
0xf700f0f4 0x00 0x00 0x24 0xbe570000 0x00 0x800f8 0xfe000600
0xf8fd0007 0xf9fe00 0xf500f0f4 0x00 0x00 0x2d 0xd6610000 0x00
0x400f7 0xfc000500 0xf7fc0005 0xf7fc00 0xf900f5f8 0x00 0x00 0x26
0xd96e0000 0x00 0x400f7 0xf9000600 0xf5f70005 0xf5f800 0xf900f4f7
0x00
0x00 0x1b 0xce690000 0x00 0x300f8 0xf8000600 0xf6f60004 0xf6f700
0xf900f4f7 0x00 0x00 0x18 0xd8720000 0x00 0x00 0x2404002
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0xc1c2c1c2 0x41c341c3 0x3fc13fc1 0x40c13fc2 0x3fc240c1 0x41c040c0
0x3fc23fc2 0x40c13fc2
0x3fc140c0 0x41c040c0 0x3fc33fc3 0x40c23fc2 0x3fc240c1 0x41c040c0
0x3fc23fc2 0x40c23fc2
0x3fc140c1 0x41c040c0 0x00 0x00 0x41c741c7 0xc1c7c1c7 0x00 0x00
0x3fc03fc0 0x3fc03fc0 0x3fc03fc0 0x3fc03fc0 0x3fc03fc0 0x3fc03fc0
0x3fc03fc0 0x3fc03fc0
0x3fc03fc0 0x3fc03fc0 0x3fc03fc0 0x3fc03fc0 0x3fc03fc0 0x3fc03fc0
0x3fc03fc0 0x3fc03fc0
0xa0ce00 0x00 0xb6840000 0x00 0x00 0x00 0x18181818 0x18181818
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x4b5763 0x4b 0x57630000 0x4b5763 0x4b 0x57630000 0x88888888
0x8474759
0x69780849 0x49596d7a 0x849495a 0x6d790848 0x48596c78 0x8484858
0x6a780848 0x48586a78
0x8484858 0x6c78084a 0x4a5b6d79 0x8474759 0x697a0848 0x48596b79
0x8484859 0x6c7a0848
0x48586c79 0x8484857 0x68770848 0x48576877 0x8484857 0x6a77084a
0x4a5a6a77 0x8464659
0x69790848 0x48586b79 0x8484858 0x6c7a0848 0x48596c79 0x8484857
0x68770848 0x48576877
0x8494958 0x6d7a084b 0x4b5c6c77 0x847475a 0x6a7b0849 0x495a6e7c
0x849495a 0x6e7c0849
0x495b6e7c 0x8494959 0x6a7a0849 0x49596a7a 0x84a4a5a 0x6f7d084b
0x4b5c6e7b 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x85848484
0xc3c4c4c5 0xc4c3c33f 0xc3c3c2c2 0xc2c2c03f 0xc3c3c3c4 0xc4c4c33f
0xc2c2c2c2 0xc1c3c1c1
0xc0c08282 0x83848686 0x88880000 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x1111 0x00
0x8080f703 0x10808080 0x80050d13 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0xa4 0xce000000 0xb684 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00>;
};
};
};

View file

@ -0,0 +1,329 @@
{ pkgs
, pkgs'
, lib
# , sources
, ... }:
let
armTrustedFirmwareBpiR3 = { bootDevice, uboot ? null }: pkgs.buildArmTrustedFirmware rec {
# TODO: nvfetcherify this
src = pkgs.fetchFromGitHub {
owner = "frank-w";
repo = "u-boot";
rev = "c30a1caf8274af67bf31f3fb5abc45df5737df36";
hash = "sha256-pW2yytXRIFEIbG1gnuXq8TiLe/Eew7zESe6Pijh2qVk=";
};
patches = [ ./bpi-r3-atf-backport-mkimage-support.patch ];
extraMakeFlags = assert builtins.elem bootDevice [
"nor" "snand" "spim-nand" "emmc" "sdmmc" "ram"
]; [
"BOOT_DEVICE=${bootDevice}"
"DRAM_USE_DDR4=1"
"USE_MKIMAGE=1"
"MKIMAGE=${pkgs.ubootTools}/bin/mkimage"
"all"
"fip"
] ++ lib.optionals (uboot != null) [
"BL33=${uboot}/u-boot.bin"
];
extraMeta.platforms = [ "aarch64-linux" ];
platform = "mt7986";
filesToInstall = [
"build/${platform}/release/bl2.img"
"build/${platform}/release/fip.bin"
];
nativeBuildInputs = with pkgs; [ /*pkgsCross.arm-embedded.stdenv.cc*/ dtc ];
};
# sd/emmc
# -- CONFIG_USE_BOOTCOMMAND/CONFIG_BOOTCOMMAND - distroboot stuff (override default boot command)
# -- CONFIG_BOOTDELAY - autoboot timeout
# CONFIG_BOOTSTD_DEFAULTS - stdboot stuff
# CONFIG_BOOTSTD_BOOTCOMMAND - might be? an alternative to CONFIG_BOOTCOMMAND
# CONFIG_DEFAULT_FDT_FILE - compatibility with nixos
# CONFIG_DISTRO_DEFAULTS - surely this won't hurt, it adds autocomplete and stuff and doesn't weight much in the large scale of things
# CONFIG_SYS_BOOTM_LEN - increase max initrd? size
# CONFIG_ZSTD - allow zstd initrd
ubootConfig = storage: ''
CONFIG_AUTOBOOT=y
CONFIG_BOOTCOMMAND="${builtins.replaceStrings [ "\n" ] [ "; " ] ''
setenv boot_prefixes /@boot/ /@/ /boot/ /
run distro_bootcmd
''};"
CONFIG_BOOTSTD_DEFAULTS=y
CONFIG_BOOTSTD_FULL=y
CONFIG_CMD_BTRFS=y
CONFIG_CMD_CAT=y
CONFIG_DEFAULT_FDT_FILE="mediatek/mt7986a-bananapi-bpi-r3.dtb"
CONFIG_DISTRO_DEFAULTS=y
CONFIG_ENV_IS_NOWHERE=y
CONFIG_FS_BTRFS=y
CONFIG_SYS_BOOTM_LEN=0x6000000
CONFIG_USE_BOOTCOMMAND=y
CONFIG_ZSTD=y
'';
ubootVersion = "2023.07-rc3";
ubootSrc = pkgs.fetchurl {
url = "ftp://ftp.denx.de/pub/u-boot/u-boot-${ubootVersion}.tar.bz2";
hash = "sha256-QuwINnS9MPpMFueMP19FPAjZ9zdZWne13aWVrDoJ2C8=";
};
in rec {
ubootBpiR3Sd = pkgs.buildUBoot {
defconfig = "mt7986a_bpir3_sd_defconfig";
extraConfig = ubootConfig "sd";
src = ubootSrc;
version = ubootVersion;
extraMeta.platforms = [ "aarch64-linux" ];
# https://github.com/nakato/nixos-bpir3-example/blob/main/pkgs/uboot/mt7986-default-bootcmd.patch
patches = [ ./mt7986-default-bootcmd.patch ];
filesToInstall = [ "u-boot.bin" ];
};
ubootBpiR3Emmc = pkgs.buildUBoot {
defconfig = "mt7986a_bpir3_emmc_defconfig";
extraConfig = ubootConfig "emmc";
src = ubootSrc;
version = ubootVersion;
extraMeta.platforms = [ "aarch64-linux" ];
patches = [ ./mt7986-default-bootcmd.patch ];
filesToInstall = [ "u-boot.bin" ];
};
armTrustedFirmwareBpiR3Sd = armTrustedFirmwareBpiR3 { uboot = ubootBpiR3Sd; bootDevice = "sdmmc"; };
armTrustedFirmwareBpiR3Emmc = armTrustedFirmwareBpiR3 { uboot = ubootBpiR3Emmc; bootDevice = "emmc"; };
bpiR3StuffCombined = pkgs.stdenvNoCC.mkDerivation {
name = "bpi-r3-stuff";
unpackPhase = "true";
buildPhase = "true";
installPhase = ''
mkdir -p $out/sd
mkdir -p $out/emmc
cp ${bpiR3StuffEmmc}/* $out/emmc
cp ${bpiR3StuffSd}/* $out/sd
'';
fixupPhase = "true";
};
bpiR3StuffEmmc = pkgs.stdenvNoCC.mkDerivation {
name = "bpi-r3-stuff-emmc";
unpackPhase = "true";
buildPhase = "true";
installPhase = ''
mkdir -p $out
cp ${ubootBpiR3Emmc}/*.* $out
cp ${armTrustedFirmwareBpiR3Emmc}/*.* $out
'';
fixupPhase = "true";
};
bpiR3StuffSd = pkgs.stdenvNoCC.mkDerivation {
name = "bpi-r3-stuff-sd";
unpackPhase = "true";
buildPhase = "true";
installPhase = ''
mkdir -p $out
cp ${ubootBpiR3Sd}/*.* $out
cp ${armTrustedFirmwareBpiR3Sd}/*.* $out
'';
fixupPhase = "true";
};
linux_bpiR3 = pkgs.linux_testing.override {
stdenv = pkgs'.ccacheStdenv;
buildPackages = pkgs'.buildPackages // {
stdenv = pkgs'.buildPackages.ccacheStdenv;
};
# there's probably more enabled-by-default configs that are better left disabled, but whatever
structuredExtraConfig = with lib.kernel; {
/* "Select this option if you are building a kernel for a server or
scientific/computation system, or if you want to maximize the
raw processing power of the kernel, irrespective of scheduling
latencies." */
PREEMPT_NONE = yes;
# disable the other preempts
PREEMPTION = no;
PREEMPT_VOLUNTARY = lib.mkForce no;
PREEMPT = no;
CPU_FREQ_GOV_ONDEMAND = yes;
CPU_FREQ_DEFAULT_GOV_ONDEMAND = yes;
CPU_FREQ_DEFAULT_GOV_PERFORMANCE = lib.mkForce no;
CPU_FREQ_GOV_CONSERVATIVE = yes;
# disable virtualisation stuff
PARAVIRT = lib.mkForce no;
VIRTUALIZATION = no;
XEN = lib.mkForce no;
# zstd
KERNEL_ZSTD = yes;
MODULE_COMPRESS_ZSTD = yes;
MODULE_DECOMPRESS = yes;
FW_LOADER_COMPRESS_ZSTD = yes;
# zram
ZRAM_DEF_COMP_ZSTD = yes;
CRYPTO_ZSTD = yes;
ZRAM_MEMORY_TRACKING = yes;
# router stuff
IP_FIB_TRIE_STATS = yes;
IP_ROUTE_CLASSID = yes;
# adds sysctl net.ipv4.tcp_syncookies
SYN_COOKIES = yes;
WIREGUARD = yes;
INET = yes;
# stuff for ss
NETLINK_DIAG = yes;
# nftables features
IP_SET = module;
NF_CONNTRACK = module;
NF_CONNTRACK_BRIDGE = module;
NF_CONNTRACK_MARK = yes;
NF_NAT = module;
NF_FLOW_TABLE = module;
NF_FLOW_TABLE_INET = module;
NF_LOG_ARP = module;
NF_LOG_IPV4 = module;
NF_LOG_IPV6 = module;
NETFILTER_NETLINK_QUEUE = module;
NFT_BRIDGE_META = module;
NFT_BRIDGE_REJECT = module;
NFT_CONNLIMIT = module;
NFT_CT = module;
NFT_DUP_IPV4 = module;
NFT_DUP_IPV6 = module;
NFT_DUP_NETDEV = module;
NFT_FIB = module;
NFT_FIB_IPV4 = module;
NFT_FIB_IPV6 = module;
NFT_FIB_INET = module;
NFT_FIB_NETDEV = module;
NFT_FLOW_OFFLOAD = module;
NFT_FWD_NETDEV = module;
NFT_HASH = module;
NFT_LIMIT = module;
NFT_LOG = module;
NFT_MASQ = module;
NFT_NAT = module;
NFT_NUMGEN = module;
NFT_OSF = module;
NFT_QUEUE = module;
NFT_QUOTA = module;
NFT_REDIR = module;
NFT_REJECT = module;
NFT_REJECT_IPV4 = module;
NFT_REJECT_IPV6 = module;
NFT_REJECT_INET = module;
NFT_SOCKET = module;
NFT_SYNPROXY = module;
NFT_TPROXY = module;
NFT_TUNNEL = module;
BRIDGE = yes;
HSR = no;
NET_DSA = yes;
# packet CLaSsification
NET_CLS_ROUTE4 = module;
NET_CLS_FW = module;
NET_CLS_U32 = module;
NET_CLS_FLOW = module;
NET_CLS_CGROUP = module;
NET_CLS_FLOWER = module;
NET_CLS_MATCHALL = module;
NET_EMATCH = yes;
NET_EMATCH_CMP = module;
NET_EMATCH_NBYTE = module;
NET_EMATCH_U32 = module;
NET_EMATCH_META = module;
NET_EMATCH_TEXT = module;
NET_EMATCH_IPSET = module;
# packet actions
NET_CLS_ACT = yes;
NET_ACT_POLICE = module;
NET_ACT_GACT = module;
NET_ACT_SAMPLE = module;
NET_ACT_NAT = module;
NET_ACT_PEDIT = module;
NET_ACT_SKBEDIT = module;
NET_ACT_CSUM = module;
NET_ACT_MPLS = module;
NET_ACT_VLAN = module;
NET_ACT_CONNMARK = module;
NET_ACT_CTINFO = module;
NET_ACT_SKBMOD = module;
NET_ACT_IFE = module;
NET_ACT_TUNNEL_KEY = module;
NET_ACT_CT = module;
# random stuff
PSAMPLE = module;
RFKILL = yes;
CRYPTO_SHA256 = yes;
# hardware specific stuff
FB = lib.mkForce no;
DRM = no;
CFG80211 = module;
MAC80211 = module;
NR_CPUS = lib.mkForce (freeform "4");
SMP = yes;
SFP = yes;
ARCH_MEDIATEK = yes;
MEDIATEK_WATCHDOG = yes;
MTD_NAND_ECC_MEDIATEK = yes;
MTD_NAND_ECC_SW_HAMMING = yes;
MTD_NAND_MTK = yes;
MTD_SPI_NAND = yes;
MTD_UBI = yes;
MTD_UBI_BLOCK = yes;
NVMEM_MTK_EFUSE = yes;
MTK_HSDMA = yes;
MTK_INFRACFG = yes;
MTK_PMIC_WRAP = yes;
MTK_THERMAL = yes;
MTK_TIMER = yes;
NET_DSA_MT7530 = yes;
NET_DSA_MT7530_MDIO = yes;
NET_DSA_MT7530_MMIO = yes;
NET_DSA_TAG_MTK = yes;
NET_MEDIATEK_SOC = yes;
NET_MEDIATEK_SOC_WED = yes;
NET_MEDIATEK_STAR_EMAC = yes;
NET_SWITCHDEV = yes;
NET_VENDOR_MEDIATEK = yes;
PCIE_MEDIATEK = yes;
PCIE_MEDIATEK_GEN3 = yes;
PINCTRL_MT7986 = yes;
PWM_MEDIATEK = yes;
MT7915E = module;
MT7986_WMAC = yes;
SPI_MT65XX = yes;
SPI_MTK_NOR = yes;
SPI_MTK_SNFI = yes;
MMC_MTK = yes;
};
};
linuxPackages_bpiR3 = pkgs.linuxPackagesFor linux_bpiR3;
# there are few direct hits with the linux kernel, so use CCACHE_NODIRECT
# (direct hits are file-based, non-direct are preprocessed file-based)
ccacheWrapper = pkgs.ccacheWrapper.override {
extraConfig = ''
export CCACHE_COMPRESS=1
export CCACHE_DIR="/var/cache/ccache"
export CCACHE_UMASK=007
export CCACHE_SLOPPINESS=include_file_mtime,time_macros
export CCACHE_NODIRECT=1
if [ ! -d "$CCACHE_DIR" ]; then
echo "====="
echo "Directory '$CCACHE_DIR' does not exist"
echo "Please create it with:"
echo " sudo mkdir -m0770 '$CCACHE_DIR'"
echo " sudo chown root:nixbld '$CCACHE_DIR'"
echo "====="
exit 1
fi
if [ ! -w "$CCACHE_DIR" ]; then
echo "====="
echo "Directory '$CCACHE_DIR' is not accessible for user $(whoami)"
echo "Please verify its access permissions"
echo "====="
exit 1
fi
'';
};
}

View file

@ -69,7 +69,7 @@ in {
enable = true;
path = /persist;
directories = [
{ directory = /home/${config.common.mainUsername}; user = config.common.mainUsername; group = config.common.mainUsername; mode = "0700"; }
{ directory = /home/${config.common.mainUsername}; user = config.common.mainUsername; group = "users"; mode = "0700"; }
{ directory = /root; }
{ directory = /nix; }
{ directory = /var/www/${cfg.domainName}; }

View file

@ -25,7 +25,7 @@ in {
enable = true;
path = /persist;
directories = [
{ directory = /home/${config.common.mainUsername}; user = config.common.mainUsername; group = config.common.mainUsername; mode = "0700"; }
{ directory = /home/${config.common.mainUsername}; user = config.common.mainUsername; group = "users"; mode = "0700"; }
{ directory = /root; mode = "0700"; }
];
};