most of the changes to make rpi and nix work on not-os

base.nix

@@ -23,29 +23,77 @@ with lib;
         ignoreCollisions = true;
       };
     };
+    not-os.nix = mkOption {
+      type = types.bool;
+      description = "enable nix-daemon and a writeable store";
+    };
   };
   config = {
+    environment.systemPackages = lib.optional config.not-os.nix pkgs.nix;
     nixpkgs.config = {
       packageOverrides = self: {
         utillinux = self.utillinux.override { systemd = null; };
         toxvpn = self.toxvpn.override { systemd = null; };
+        linux_rpixxx = self.linux_rpi.override {
+          extraConfig = ''
+            DEBUG_LL y
+            EARLY_PRINTK y
+            DEBUG_BCM2708_UART0 y
+            ARM_APPENDED_DTB n
+            ARM_ATAG_DTB_COMPAT n
+            ARCH_BCM2709 y
+            BCM2708_GPIO y
+            BCM2708_NOL2CACHE y
+            BCM2708_SPIDEV y
+          '';
+        };
       };
     };
     environment.etc = {
+      "nix/nix.conf".source = pkgs.runCommand "nix.conf" {} ''
+        extraPaths=$(for i in $(cat ${pkgs.writeReferencesToFile pkgs.stdenv.shell}); do if test -d $i; then echo $i; fi; done)
+        cat > $out << EOF
+        build-use-sandbox = true
+        build-users-group = nixbld
+        build-sandbox-paths = /bin/sh=${pkgs.stdenv.shell} $(echo $extraPaths)
+        build-max-jobs = 1
+        build-cores = 4
+        EOF
+      '';
+      bashrc.text = "export PATH=/run/current-system/sw/bin";
       profile.text = "export PATH=/run/current-system/sw/bin";
       "resolv.conf".text = "nameserver 10.0.2.3";
       passwd.text = ''
         root:x:0:0:System administrator:/root:/run/current-system/sw/bin/bash
         sshd:x:498:65534:SSH privilege separation user:/var/empty:/run/current-system/sw/bin/nologin
         toxvpn:x:1010:65534::/var/lib/toxvpn:/run/current-system/sw/bin/nologin
+        nixbld1:x:30001:30000:Nix build user 1:/var/empty:/run/current-system/sw/bin/nologin
+        nixbld2:x:30002:30000:Nix build user 2:/var/empty:/run/current-system/sw/bin/nologin
+        nixbld3:x:30003:30000:Nix build user 3:/var/empty:/run/current-system/sw/bin/nologin
+        nixbld4:x:30004:30000:Nix build user 4:/var/empty:/run/current-system/sw/bin/nologin
+        nixbld5:x:30005:30000:Nix build user 5:/var/empty:/run/current-system/sw/bin/nologin
+        nixbld6:x:30006:30000:Nix build user 6:/var/empty:/run/current-system/sw/bin/nologin
+        nixbld7:x:30007:30000:Nix build user 7:/var/empty:/run/current-system/sw/bin/nologin
+        nixbld8:x:30008:30000:Nix build user 8:/var/empty:/run/current-system/sw/bin/nologin
+        nixbld9:x:30009:30000:Nix build user 9:/var/empty:/run/current-system/sw/bin/nologin
+        nixbld10:x:30010:30000:Nix build user 10:/var/empty:/run/current-system/sw/bin/nologin
+      '';
+      "nsswitch.conf".text = ''
+        hosts:     files  dns   myhostname mymachines
+        networks:  files dns
+      '';
+      "services".source = pkgs.iana_etc + "/etc/services";
+      group.text = ''
+        root:x:0:
+        nixbld:x:30000:nixbld1,nixbld10,nixbld2,nixbld3,nixbld4,nixbld5,nixbld6,nixbld7,nixbld8,nixbld9
       '';
       "ssh/ssh_host_rsa_key.pub".source = ./ssh/ssh_host_rsa_key.pub;
       "ssh/ssh_host_rsa_key" = { mode = "0600"; source = ./ssh/ssh_host_rsa_key; };
       "ssh/ssh_host_ed25519_key.pub".source = ./ssh/ssh_host_ed25519_key.pub;
       "ssh/ssh_host_ed25519_key" = { mode = "0600"; source = ./ssh/ssh_host_ed25519_key; };
     };
     boot.kernelParams = [ "systemConfig=${config.system.build.toplevel}" ];
-    boot.kernelPackages = if pkgs.system == "armv6l-linux" then pkgs.linuxPackages_rpi else pkgs.linuxPackages;
+    boot.kernelPackages = if pkgs.system == "armv7l-linux" then pkgs.linuxPackages_rpi else pkgs.linuxPackages;
     system.build.earlyMountScript = pkgs.writeScript "dummy" ''
     '';
     system.build.runvm = pkgs.writeScript "runner" ''

configuration.nix

@@ -1,6 +1,8 @@
 { pkgs, ... }:
 
 {
+  not-os.nix = true;
+  environment.systemPackages = [ pkgs.utillinux ];
   environment.etc = {
     "service/toxvpn/run".source = pkgs.writeScript "toxvpn_run" ''
       #!/bin/sh
@@ -12,6 +14,7 @@
     "ssh/authorized_keys.d/root" = {
       text = ''
         ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC34wZQFEOGkA5b0Z6maE3aKy/ix1MiK1D0Qmg4E9skAA57yKtWYzjA23r5OCF4Nhlj1CuYd6P1sEI/fMnxf+KkqqgW3ZoZ0+pQu4Bd8Ymi3OkkQX9kiq2coD3AFI6JytC6uBi6FaZQT5fG59DbXhxO5YpZlym8ps1obyCBX0hyKntD18RgHNaNM+jkQOhQ5OoxKsBEobxQOEdjIowl2QeEHb99n45sFr53NFqk3UCz0Y7ZMf1hSFQPuuEC/wExzBBJ1Wl7E1LlNA4p9O3qJUSadGZS4e5nSLqMnbQWv2icQS/7J8IwY0M8r1MsL8mdnlXHUofPlG1r4mtovQ2myzOx clever@nixos
+        ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKITUnIETct0d1Ky7iEofM8BV/U9ViuAd72abm26ibhkVKYuLlIvNBtf7+fsyaHR3cc4kmiUz26co4LV2q10HLO7nua7Ry0QhtPvPnpudandB4LbV4ieW1cqcWcPpsM1GssUZhZthbkwLf7h2exojqVj8vqPm5RaBl1eULXaPTldCiSe5ZxNuVbm3qT8Lfc2E3ifKT6A7WqZN00f1+YSnaA9uy0VgVDReDqyujAZaKGUwSa2G8eqzN3guN7VcBZek2p1v1n0EwpFdBxzT3Ncqh5wIYPNn084q5lU13TAjw+tTO7Q059e4HFLaR24w8NT60BrO1dbGYLbjWNri1G3pz root@router
       '';
       mode = "0444";
     };

default.nix

@@ -1,12 +1,13 @@
-{ configuration ? import ./configuration.nix, nixpkgs ? <nixpkgs>, extraModules ? [], system ? builtins.currentSystem }:
+{ configuration ? import ./configuration.nix, nixpkgs ? <nixpkgs>, extraModules ? [], system ? builtins.currentSystem, platform ? null }:
 
 let
-  pkgs = import nixpkgs { inherit system; config = {}; };
+  pkgs = import nixpkgs { inherit system; platform = platform; config = {}; };
   pkgsModule = rec {
     _file = ./default.nix;
     key = _file;
     config = {
       nixpkgs.system = pkgs.lib.mkDefault system;
+      nixpkgs.config.platform = platform;
     };
   };
   baseModules = [
@@ -22,7 +23,6 @@ let
       <nixpkgs/nixos/modules/misc/assertions.nix>
       <nixpkgs/nixos/modules/misc/lib.nix>
       <nixpkgs/nixos/modules/config/sysctl.nix>
-      <nixpkgs/nixos/modules/system/boot/kernel.nix>
       ./ipxe.nix
       ./systemd-compat.nix
       pkgsModule

linux-rpi.nix

@@ -0,0 +1,50 @@
+{ stdenv, fetchFromGitHub, perl, buildLinux, ... } @ args:
+
+let
+  modDirVersion = "4.4.36";
+  tag = "1.20161020-1";
+in
+stdenv.lib.overrideDerivation (import <nixpkgs/pkgs/os-specific/linux/kernel/generic.nix> (args // rec {
+  version = "${modDirVersion}-${tag}";
+  inherit modDirVersion;
+
+  src = fetchFromGitHub {
+    owner = "raspberrypi";
+    repo = "linux";
+    rev = "c6d86f7aa554854b04614ebb4d394766081fb41f";
+    sha256 = "13rjmks4whh7kn0wrswanwq3b0ia9bxsq8a6xiqiivh6k3vxqhys";
+  };
+
+  features.iwlwifi = true;
+  features.needsCifsUtils = true;
+  features.canDisableNetfilterConntrackHelpers = true;
+  features.netfilterRPFilter = true;
+
+  extraMeta.hydraPlatforms = [];
+})) (oldAttrs: {
+  postConfigure = ''
+    # The v7 defconfig has this set to '-v7' which screws up our modDirVersion.
+    sed -i $buildRoot/.config -e 's/^CONFIG_LOCALVERSION=.*/CONFIG_LOCALVERSION=""/'
+  '';
+
+  postFixup = ''
+    # Make copies of the DTBs so that U-Boot finds them, as it is looking for the upstream names.
+    # This is ugly as heck.
+    copyDTB() {
+      if [ -f "$out/dtbs/$1" ]; then
+        cp -v "$out/dtbs/$1" "$out/dtbs/$2"
+      fi
+    }
+
+    # I am not sure if all of these are correct...
+    copyDTB bcm2708-rpi-b.dtb bcm2835-rpi-a.dtb
+    copyDTB bcm2708-rpi-b.dtb bcm2835-rpi-b.dtb
+    copyDTB bcm2708-rpi-b.dtb bcm2835-rpi-b-rev2.dtb
+    copyDTB bcm2708-rpi-b-plus.dtb bcm2835-rpi-a-plus.dtb
+    copyDTB bcm2708-rpi-b-plus.dtb bcm2835-rpi-b-plus.dtb
+    copyDTB bcm2708-rpi-b-plus.dtb bcm2835-rpi-zero.dtb
+    copyDTB bcm2708-rpi-cm.dtb bcm2835-rpi-cm.dtb
+    copyDTB bcm2709-rpi-2-b.dtb bcm2836-rpi-2-b.dtb
+    copyDTB bcm2710-rpi-3-b.dtb bcm2837-rpi-3-b.dtb
+  '';
+})

nix.nix

@@ -0,0 +1,4 @@
+{ ... }:
+
+{
+}

qemu.nix

@@ -0,0 +1,5 @@
+{ ... }:
+
+{
+  boot.initrd.kernelModules = [ "virtio" "virtio_pci" "virtio_net" "virtio_rng" "virtio_blk" "virtio_console" ];
+}

release.nix

@@ -22,8 +22,10 @@ let
   # system instead of generating attributes for all available systems.
   in if args ? system then discover (import fn args)
      else foldAttrs mergeAttrs {} (map discoverForSystem supportedSystems);
+  platforms = import <nixpkgs/pkgs/top-level/platforms.nix>;
+  platformForSystem = system: if system == "armv7l-linux" then platforms.raspberrypi2 else null;
   fetchClosure = f: forAllSystems (system: f (import ./default.nix { inherit system; }).config );
-  fetchClosure2 = f: forAllSystems2 (system: f (import ./default.nix { inherit system; }).config );
+  fetchClosure2 = f: forAllSystems2 (system: f (import ./default.nix { inherit system; platform = platformForSystem system; }).config );
 in
 {
   tests.boot = callSubTests tests/boot.nix {};
@@ -32,12 +34,19 @@ in
     initialRamdisk = fetchClosure2 (cfg: cfg.system.build.initialRamdisk);
     squashed = fetchClosure2 (cfg: cfg.system.build.squashfs);
   };
-  dist_test = fetchClosure2 (cfg: pkgs.runCommand "dist" { inherit (cfg.system.build) dist; }''
+  dist_test = fetchClosure2 (cfg: pkgs.runCommand "dist" { inherit (cfg.system.build) dist kernel; config = cfg.system.build.kernel.configfile; }''
     #!/bin/sh
     mkdir -p $out/nix-support
     echo file kernel ''${dist}/kernel > $out/nix-support/hydra-build-products
     echo file rootfs ''${dist}/root.squashfs >> $out/nix-support/hydra-build-products
     echo file initrd ''${dist}/initrd >> $out/nix-support/hydra-build-products
     echo file command-line ''${dist}/command-line >> $out/nix-support/hydra-build-products
+    cd $out
+    ln -sv ''${dist}/initrd
+    ln -sv ''${dist}/kernel
+    ln -sv ''${dist}/root.squashfs
+    ln -sv ''${config} config
+    for x in $kernel/dtbs/*;do ln -sv $x $out/;done
   '');
+  rpi_image = (import ./default.nix { extraModules = [ ./rpi_image.nix ]; platform = system: platforms.raspberrypi2; }).config.system.build.rpi_image;
 }

rpi_image.nix

@@ -0,0 +1,32 @@
+{ config, pkgs, ... }:
+
+{
+  nixpkgs.system = "armv7l-linux";
+  system.build.rpi_image = let
+    config_txt = pkgs.writeText "config.txt" ''
+      initramfs initrd followkernel
+      dtoverlay=pi3-disable-bt
+      enable_uart=1
+    '';
+    cmdline = pkgs.writeText "cmdline.txt" ''
+      console=ttyS0,115200 pi3-disable-bt kgdboc=ttyS0,115200 systemConfig=${builtins.unsafeDiscardStringContext config.system.build.toplevel} netroot=192.168.2.1=9080d9b6/root.squashfs quiet splash plymouth.ignore-serial-consoles plymouth.ignore-udev
+    '';
+  in pkgs.runCommand "rpi_image" {} ''
+    mkdir $out
+    cd $out
+    cp ${config_txt} config.txt
+    cp ${cmdline} cmdline.txt
+    cp -s ${config.system.build.kernel}/*zImage kernel7.img
+    cp -s ${config.system.build.squashfs} root.squashfs
+    cp ${./../bcm2710-rpi-3-b.dtb} bcm2710-rpi-3-b.dtb
+    cp -r ${./../../overlays} overlays
+    cp -s ${../../start.elf} start.elf
+    cp ${../../fixup.dat} fixup.dat
+    cp -s ${config.system.build.initialRamdisk}/initrd initrd
+    ls -ltrhL
+  '';
+  environment.systemPackages = [ pkgs.strace ];
+  nixpkgs.config.packageOverrides = pkgs: {
+    linux_rpi = pkgs.callPackage ./linux-rpi.nix {};
+  };
+}

runit.nix

@@ -29,14 +29,20 @@ in
   environment.etc = {
     "runit/1".source = pkgs.writeScript "1" ''
       #!${pkgs.stdenv.shell}
-      ip addr add 10.0.2.15 dev eth0
-      ip link set eth0 up
-      ip route add 10.0.2.0/24 dev eth0
-      ip  route add default via 10.0.2.2 dev eth0
+      # ip addr add 10.0.2.15 dev eth0
+      # ip link set eth0 up
+      # ip route add 10.0.2.0/24 dev eth0
+      # ip  route add default via 10.0.2.2 dev eth0
       mkdir /bin/
       ln -s ${pkgs.stdenv.shell} /bin/sh
+      ${pkgs.ntp}/bin/ntpdate 192.168.2.1
+
+      # disable DPMS on tty's
+      echo -ne "\033[9;0]" > /dev/tty0
+
       touch /etc/runit/stopit
       chmod 0 /etc/runit/stopit
+      # ${pkgs.dhcpcd.override { udev = null; }}/sbin/dhcpcd
     '';
     "runit/2".source = pkgs.writeScript "2" ''
       #!/bin/sh
@@ -56,5 +62,10 @@ in
       export PATH=$PATH:${pkgs.rng_tools}/bin
       exec rngd -r /dev/hwrng
     '';
+    "service/nix/run".source = pkgs.writeScript "nix" ''
+      #!/bin/sh
+      nix-store --load-db < /nix/store/nix-path-registration
+      nix-daemon
+    '';
   };
 }