178 lines
5.8 KiB
Nix
178 lines
5.8 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
{
|
|
config = {
|
|
|
|
boot.initrd = {
|
|
enable = true;
|
|
network.enable = false;
|
|
systemd.enable = false;
|
|
verbose = true;
|
|
};
|
|
|
|
environment.etc = {
|
|
|
|
"syndicate/boot/001-console-getty.pr".text = ''
|
|
<require-service <daemon console-getty>>
|
|
<daemon console-getty [
|
|
"${lib.getBin pkgs.util-linux}/bin/agetty"
|
|
"--login-program"
|
|
"${config.services.getty.loginProgram}"
|
|
"--noclear"
|
|
"--keep-baud"
|
|
"console"
|
|
"115200,38400,9600"
|
|
"linux"
|
|
]>
|
|
'';
|
|
|
|
"syndicate/boot/020-load-core-layer.pr".text = ''
|
|
; Attenuate `$config` by rewriting plain `require-service` assertions to `require-core-service`
|
|
; assertions. Allow all other assertions through.
|
|
;
|
|
let ?sys = <* $config [
|
|
<rewrite <require-service ?s> <require-core-service $s>>
|
|
<filter _>
|
|
]>
|
|
|
|
; Give meaning to `require-core-service`: it is an ordinary `require-service`, plus a
|
|
; declaration that the `core` milestone depends on the service.
|
|
;
|
|
? <require-core-service ?s> [
|
|
<depends-on <milestone core> <service-state $s up>>
|
|
<require-service $s>
|
|
]
|
|
|
|
; Load config in the `core` directory, using the wrapped `config` so that all plain services
|
|
; required are changed to be *core* services.
|
|
;
|
|
<require-service <config-watcher "/run/current-system/etc/syndicate/core" {
|
|
config: $sys
|
|
gatekeeper: $gatekeeper
|
|
log: $log
|
|
}>>
|
|
|
|
; In addition, require the `core` milestone explicitly.
|
|
;
|
|
<require-service <milestone core>>
|
|
'';
|
|
|
|
"syndicate/boot/030-load-services.pr".text = ''
|
|
; Attenuate `$config` by rewriting plain `require-service` assertions to
|
|
; `require-basic-service` assertions. Allow all other assertions through.
|
|
;
|
|
let ?basic = <* $config [
|
|
<rewrite <require-service ?s> <require-basic-service $s>>
|
|
<filter _>
|
|
]>
|
|
|
|
; Give meaning to `require-basic-service`: it is an ordinary `require-service`, plus a
|
|
; declaration that the service depends on the `core` milestone.
|
|
;
|
|
? <require-basic-service ?s> [
|
|
<depends-on $s <service-state <milestone core> up>>
|
|
<require-service $s>
|
|
]
|
|
|
|
; Once we see that the `core` milestone is ready, start processing the `services`
|
|
; directory.
|
|
;
|
|
? <service-state <milestone core> up> [
|
|
<require-service <config-watcher "/run/current-system/etc/syndicate/services" {
|
|
config: $basic
|
|
gatekeeper: $gatekeeper
|
|
log: $log
|
|
}>>
|
|
]
|
|
'';
|
|
|
|
"syndicate/core/configdirs.pr".text = ''
|
|
<require-service <config-watcher "/run/etc/syndicate/core" $.>>
|
|
<require-service <config-watcher "/etc/syndicate/core" $.>>
|
|
'';
|
|
|
|
"syndicate/core/hostname.pr".text = ''
|
|
<require-service <daemon hostname>>
|
|
<daemon hostname <one-shot ["${pkgs.nettools}/bin/hostname" "${config.networking.hostName}"]>>
|
|
'';
|
|
|
|
"syndicate/core/eudev.pr".text = let
|
|
initialScanScript = pkgs.writeScript "eudev-initial-scan.sh" ''
|
|
#!${pkgs.runtimeShell}
|
|
set -e
|
|
export PATH=${lib.makeBinPath [ pkgs.eudev ]}
|
|
echo "" > /proc/sys/kernel/hotplug
|
|
udevadm trigger --type=subsystems --action=add
|
|
udevadm trigger --type=devices --action=add
|
|
udevadm settle --timeout=30
|
|
'';
|
|
in ''
|
|
<require-service <daemon eudev>>
|
|
<daemon eudev ["${pkgs.eudev}/bin/udevd" "--children-max=5"]>
|
|
|
|
<require-service <daemon eudev-initial-scan>>
|
|
<depends-on <daemon eudev-initial-scan> <service-state <daemon eudev> up>>
|
|
<daemon eudev-initial-scan <one-shot ${initialScanScript}>>
|
|
'';
|
|
|
|
"syndicate/core/machine-dataspace.pr".text = ''
|
|
let ?ds = dataspace
|
|
<machine-dataspace $ds>
|
|
|
|
$ds ? ?r [
|
|
$log ! <log "-" { line: "machine" |+++|: $r }>
|
|
?- $log ! <log "-" { line: "machine" |---|: $r }>
|
|
]
|
|
'';
|
|
|
|
"syndicate/services/configdirs.pr".source =
|
|
./syndicate/services/configdirs.pr;
|
|
|
|
"syndicate/services/network.pr".source = pkgs.substituteAll {
|
|
src = ./syndicate/services/network.pr;
|
|
interfaceMonitor =
|
|
"${pkgs.python3Packages.synit-daemons}/bin/interface-monitor";
|
|
ip = "${pkgs.iproute2}/bin/ip";
|
|
udhcpc = "${pkgs.busybox}/bin/udhcpc";
|
|
};
|
|
|
|
"syndicate/services/ntpd.pr".source = pkgs.substituteAll {
|
|
src = ./syndicate/services/ntpd.pr;
|
|
ntpd = "${pkgs.busybox}/bin/ntpd";
|
|
};
|
|
|
|
"syndicate/services/sshd.pr".source = pkgs.substituteAll {
|
|
src = ./syndicate/services/sshd.pr;
|
|
sshd = "${pkgs.openssh}/bin/sshd";
|
|
ssh-keygen = "${pkgs.openssh}/bin/ssh-keygen";
|
|
};
|
|
|
|
"syndicate/services/userSettings.pr".source = pkgs.substituteAll {
|
|
src = ./syndicate/services/userSettings.pr;
|
|
user-settings-daemon =
|
|
"${pkgs.python3Packages.synit-daemons}/bin/user-settings-daemon";
|
|
};
|
|
|
|
} // (builtins.listToAttrs (map (file: {
|
|
name = "syndicate/boot/${file}";
|
|
value.source =
|
|
"${pkgs.synit-pid1.src}/packaging/packages/synit-config/files/etc/syndicate/boot/${file}";
|
|
}) [ "010-exec.pr" "010-milestone.pr" "010-service-state-up.pr" ]));
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
synit-pid1
|
|
syndicate-server
|
|
(writeScriptBin "synit-log" ''
|
|
#! ${lib.getBin bash}/bin/bash
|
|
${lib.getBin coreutils}/bin/mkdir -p /var/log/synit
|
|
exec ${lib.getBin s6}/bin/s6-log t /var/log/synit
|
|
'')
|
|
];
|
|
|
|
systemd.package = pkgs.systemd // { meta.broken = true; };
|
|
|
|
};
|
|
}
|