]> Git — Sourcephile - sourcephile-nix.git/blob - nixos/profiles/hardware/cubieboard2.nix
mermet: nftables: use meta l4proto
[sourcephile-nix.git] / nixos / profiles / hardware / cubieboard2.nix
1 { pkgs, lib, config, host, modulesPath, ... }:
2 {
3 imports = [
4 "${modulesPath}/installer/sd-card/sd-image.nix"
5 ];
6
7 # Too CPU hungry for this hardware, for too little Mio saved
8 nix.settings.auto-optimise-store = false;
9
10 powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
11
12 boot.supportedFilesystems = [
13 #"btrfs"
14 #"reiserfs"
15 "vfat"
16 #"f2fs"
17 #"xfs"
18 #"zfs" # ZFS tools coredump with SIGSEGV
19 #"ntfs"
20 #"cifs"
21 ];
22
23 # The serial ports listed here are:
24 # - ttyS0: for Tegra (Jetson TK1)
25 # - ttymxc0: for i.MX6 (Wandboard)
26 # - ttyAMA0: for Allwinner (pcDuino3 Nano) and QEMU's -machine virt
27 # - ttyO0: for OMAP (BeagleBone Black)
28 # - ttySAC2: for Exynos (ODROID-XU3)
29 boot.consoleLogLevel = lib.mkDefault 7;
30 boot.kernelParams = [
31 "console=ttyS0,115200n8"
32 "console=ttymxc0,115200n8"
33 "console=ttyAMA0,115200n8"
34 "console=ttyO0,115200n8"
35 "console=ttySAC2,115200n8"
36 "console=tty0"
37 ];
38 boot.kernelPatches = [
39 {
40 name = "0001-core_pattern-fix-too-small-CORENAME_MAX_SIZE";
41 patch = ../../../nixpkgs/patches/linux/0001-core_pattern-fix-too-small-CORENAME_MAX_SIZE.patch;
42 extraConfig = ''
43 '';
44 }
45 ];
46
47 #nixpkgs.config.allowUnfree = true;
48 nixpkgs.crossSystem = lib.systems.examples.armv7l-hf-multiplatform;
49 nixpkgs.overlays = [
50 (final: super: {
51 # https://linux-sunxi.org/Mali_Open_Source_Driver#Configuration_and_Build
52 mesa = super.mesa.override {
53 driDrivers = [];
54 eglPlatforms = ["x11"];
55 enableGalliumNine = false;
56 galliumDrivers = ["lima" "panfrost" "kmsro" "swrast"];
57 vulkanDrivers = [];
58 };
59 })
60 (final: super: {
61 linuxPackages_latest_Cubieboard2 = super.linuxPackages_latest.extend (kfinal: ksuper: {
62 kernel = ksuper.kernel.override {
63 defconfig = "sunxi_defconfig";
64 structuredExtraConfig = with lib.kernel; {
65 # Workaround https://github.com/NixOS/nixpkgs/pull/141942#issuecomment-954301443
66 DEBUG_INFO = lib.mkForce no;
67 DEBUG_INFO_BTF = lib.mkForce no;
68 SUSPEND = no;
69 PM = no;
70 PM_SLEEP = no;
71 NVME_CORE = no;
72 TORTURE_TEST = no; # TODO: check if it's possible
73 USB_SERIAL_CH341 = module;
74 USB_SERIAL_PL2303 = module;
75 REGULATOR = lib.mkForce no;
76 MFD_CORE = no;
77 PCI = yes;
78
79 #
80 # File systems
81 #
82 EXT4_FS = yes;
83 EXT4_USE_FOR_EXT2 = yes;
84 FUSE_FS = module;
85 PSTORE = yes;
86 CONFIGFS_FS = module;
87 VFAT_FS = yes;
88 ZSWAP = yes;
89
90 # misc
91 DAX = module;
92 DRM_DISPLAY_CONNECTOR = module;
93 FB_SIMPLE = lib.mkForce module;
94 NET_SCH_CODEL = module;
95 NET_SCH_FQ_CODEL = module;
96 UIO = module;
97
98 # WiFi
99 # Not built in the Cubieboard2, require an USB dongle
100 WIRELESS = yes;
101 CFG80211 = module;
102 LIB80211 = module;
103 LIB80211_CRYPT_CCMP = module;
104 MAC80211 = module;
105 MAC80211_HWSIM = module;
106 NETDEVICES = yes;
107 WLAN = yes;
108 WLAN_VENDOR_REALTEK = yes;
109 NET_VENDOR_REALTEK = yes;
110 REALTEK_PHY = yes;
111 RTL_CARDS = module;
112 RTL8188EE = module; # For 7392:7811 Edimax Technology Co., Ltd EW-7811Un 802.11n Wireless Adapter [Realtek RTL8188CUS]
113 RTLWIFI = module;
114 RTLWIFI_PCI = module;
115 RTLWIFI_DEBUG = yes;
116
117 # Sound options
118 SND_SOC_ADI = no;
119 SND_SOC_ADI_AXI_I2S = no;
120 SND_SOC_ADI_AXI_SPDIF = no;
121 SND_SOC_AMD_ACP = no;
122 SND_SOC_AMD_CZ_RT5645_MACH = no;
123 SND_ATMEL_SOC = no;
124 SND_SOC_MIKROE_PROTO = no;
125 SND_BCM63XX_I2S_WHISTLER = no;
126 SND_DESIGNWARE_I2S = no;
127 SND_SOC_FSL_ASRC = no;
128 SND_SOC_FSL_SAI = no;
129 SND_SOC_FSL_MQS = no;
130 SND_SOC_FSL_AUDMIX = no;
131 SND_SOC_FSL_SSI = no;
132 SND_SOC_FSL_SPDIF = no;
133 SND_SOC_FSL_ESAI = no;
134 SND_SOC_FSL_MICFIL = no;
135 SND_SOC_FSL_EASRC = no;
136 SND_SOC_FSL_XCVR = no;
137 SND_SOC_FSL_RPMSG = no;
138 SND_SOC_IMX_AUDMUX = no;
139 SND_I2S_HI6210_I2S = no;
140 SND_SOC_MTK_BTCVSD = no;
141 SND_SOC_XILINX_I2S = no;
142 SND_SOC_XILINX_AUDIO_FORMATTER = no;
143 SND_SOC_XILINX_SPDIF = no;
144 SND_SOC_XTFPGA_I2S = no;
145 SND_SOC_AC97_CODEC = no;
146 SND_SOC_ADAU_UTILS = no;
147 SND_SOC_ADAU1372 = no;
148 SND_SOC_ADAU1372_I2C = no;
149 SND_SOC_ADAU1372_SPI = no;
150 SND_SOC_ADAU1701 = no;
151 SND_SOC_ADAU17X1 = no;
152 SND_SOC_ADAU1761 = no;
153 SND_SOC_ADAU1761_I2C = no;
154 SND_SOC_ADAU1761_SPI = no;
155 SND_SOC_ADAU7002 = no;
156 SND_SOC_ADAU7118 = no;
157 SND_SOC_ADAU7118_HW = no;
158 SND_SOC_ADAU7118_I2C = no;
159 SND_SOC_AK4104 = no;
160 SND_SOC_AK4118 = no;
161 SND_SOC_AK4458 = no;
162 SND_SOC_AK4554 = no;
163 SND_SOC_AK4613 = no;
164 SND_SOC_AK4642 = no;
165 SND_SOC_AK5386 = no;
166 SND_SOC_AK5558 = no;
167 SND_SOC_ALC5623 = no;
168 SND_SOC_BD28623 = no;
169 SND_SOC_BT_SCO = no;
170 SND_SOC_CPCAP = no;
171 SND_SOC_CS35L32 = no;
172 SND_SOC_CS35L33 = no;
173 SND_SOC_CS35L34 = no;
174 SND_SOC_CS35L35 = no;
175 SND_SOC_CS35L36 = no;
176 SND_SOC_CS42L42 = no;
177 SND_SOC_CS42L51 = no;
178 SND_SOC_CS42L51_I2C = no;
179 SND_SOC_CS42L52 = no;
180 SND_SOC_CS42L56 = no;
181 SND_SOC_CS42L73 = no;
182 SND_SOC_CS4234 = no;
183 SND_SOC_CS4265 = no;
184 SND_SOC_CS4270 = no;
185 SND_SOC_CS4271 = no;
186 SND_SOC_CS4271_I2C = no;
187 SND_SOC_CS4271_SPI = no;
188 SND_SOC_CS42XX8 = no;
189 SND_SOC_CS42XX8_I2C = no;
190 SND_SOC_CS43130 = no;
191 SND_SOC_CS4341 = no;
192 SND_SOC_CS4349 = no;
193 SND_SOC_CS53L30 = no;
194 SND_SOC_CX2072X = no;
195 SND_SOC_DA7213 = no;
196 SND_SOC_DMIC = no;
197 SND_SOC_HDMI_CODEC = no;
198 SND_SOC_ES7134 = no;
199 SND_SOC_ES7241 = no;
200 SND_SOC_ES8316 = no;
201 SND_SOC_ES8328 = no;
202 SND_SOC_ES8328_I2C = no;
203 SND_SOC_ES8328_SPI = no;
204 SND_SOC_GTM601 = no;
205 SND_SOC_INNO_RK3036 = no;
206 SND_SOC_MAX98088 = no;
207 SND_SOC_MAX98357A = no;
208 SND_SOC_MAX98504 = no;
209 SND_SOC_MAX9867 = no;
210 SND_SOC_MAX98927 = no;
211 SND_SOC_MAX98373 = no;
212 SND_SOC_MAX98373_I2C = no;
213 SND_SOC_MAX98373_SDW = no;
214 SND_SOC_MAX98390 = no;
215 SND_SOC_MAX9860 = no;
216 SND_SOC_MSM8916_WCD_ANALOG = no;
217 SND_SOC_MSM8916_WCD_DIGITAL = no;
218 SND_SOC_PCM1681 = no;
219 SND_SOC_PCM1789 = no;
220 SND_SOC_PCM1789_I2C = no;
221 SND_SOC_PCM179X = no;
222 SND_SOC_PCM179X_I2C = no;
223 SND_SOC_PCM179X_SPI = no;
224 SND_SOC_PCM186X = no;
225 SND_SOC_PCM186X_I2C = no;
226 SND_SOC_PCM186X_SPI = no;
227 SND_SOC_PCM3060 = no;
228 SND_SOC_PCM3060_I2C = no;
229 SND_SOC_PCM3060_SPI = no;
230 SND_SOC_PCM3168A = no;
231 SND_SOC_PCM3168A_I2C = no;
232 SND_SOC_PCM3168A_SPI = no;
233 SND_SOC_PCM5102A = no;
234 SND_SOC_PCM512x = no;
235 SND_SOC_PCM512x_I2C = no;
236 SND_SOC_PCM512x_SPI = no;
237 SND_SOC_RK3328 = no;
238 SND_SOC_RK817 = no;
239 SND_SOC_RL6231 = no;
240 SND_SOC_RT1308_SDW = no;
241 SND_SOC_RT1316_SDW = no;
242 SND_SOC_RT5616 = no;
243 SND_SOC_RT5631 = no;
244 SND_SOC_RT5640 = no;
245 SND_SOC_RT5645 = no;
246 SND_SOC_RT5659 = no;
247 SND_SOC_RT5682 = no;
248 SND_SOC_RT5682_SDW = no;
249 SND_SOC_RT700 = no;
250 SND_SOC_RT700_SDW = no;
251 SND_SOC_RT711 = no;
252 SND_SOC_RT711_SDW = no;
253 SND_SOC_RT711_SDCA_SDW = no;
254 SND_SOC_RT715 = no;
255 SND_SOC_RT715_SDW = no;
256 SND_SOC_RT715_SDCA_SDW = no;
257 SND_SOC_SGTL5000 = no;
258 SND_SOC_SIGMADSP = no;
259 SND_SOC_SIGMADSP_I2C = no;
260 SND_SOC_SIGMADSP_REGMAP = no;
261 SND_SOC_SIMPLE_AMPLIFIER = no;
262 SND_SOC_SIMPLE_MUX = no;
263 SND_SOC_SPDIF = no;
264 SND_SOC_SSM2305 = no;
265 SND_SOC_SSM2518 = no;
266 SND_SOC_SSM2602 = no;
267 SND_SOC_SSM2602_SPI = no;
268 SND_SOC_SSM2602_I2C = no;
269 SND_SOC_SSM4567 = no;
270 SND_SOC_STA32X = no;
271 SND_SOC_STA350 = no;
272 SND_SOC_STI_SAS = no;
273 SND_SOC_TAS2552 = no;
274 SND_SOC_TAS2562 = no;
275 SND_SOC_TAS2764 = no;
276 SND_SOC_TAS2770 = no;
277 SND_SOC_TAS5086 = no;
278 SND_SOC_TAS571X = no;
279 SND_SOC_TAS5720 = no;
280 SND_SOC_TAS6424 = no;
281 SND_SOC_TDA7419 = no;
282 SND_SOC_TFA9879 = no;
283 SND_SOC_TFA989X = no;
284 SND_SOC_TLV320AIC23 = no;
285 SND_SOC_TLV320AIC23_I2C = no;
286 SND_SOC_TLV320AIC23_SPI = no;
287 SND_SOC_TLV320AIC31XX = no;
288 SND_SOC_TLV320AIC32X4 = no;
289 SND_SOC_TLV320AIC32X4_I2C = no;
290 SND_SOC_TLV320AIC32X4_SPI = no;
291 SND_SOC_TLV320AIC3X = no;
292 SND_SOC_TLV320AIC3X_I2C = no;
293 SND_SOC_TLV320AIC3X_SPI = no;
294 SND_SOC_TLV320ADCX140 = no;
295 SND_SOC_TS3A227E = no;
296 SND_SOC_TSCS42XX = no;
297 SND_SOC_TSCS454 = no;
298 SND_SOC_UDA1334 = no;
299 SND_SOC_WCD9335 = no;
300 SND_SOC_WCD_MBHC = no;
301 SND_SOC_WCD934X = no;
302 SND_SOC_WCD938X = no;
303 SND_SOC_WCD938X_SDW = no;
304 SND_SOC_WM8510 = no;
305 SND_SOC_WM8523 = no;
306 SND_SOC_WM8524 = no;
307 SND_SOC_WM8580 = no;
308 SND_SOC_WM8711 = no;
309 SND_SOC_WM8728 = no;
310 SND_SOC_WM8731 = no;
311 SND_SOC_WM8737 = no;
312 SND_SOC_WM8741 = no;
313 SND_SOC_WM8750 = no;
314 SND_SOC_WM8753 = no;
315 SND_SOC_WM8770 = no;
316 SND_SOC_WM8776 = no;
317 SND_SOC_WM8782 = no;
318 SND_SOC_WM8804 = no;
319 SND_SOC_WM8804_I2C = no;
320 SND_SOC_WM8804_SPI = no;
321 SND_SOC_WM8903 = no;
322 SND_SOC_WM8904 = no;
323 SND_SOC_WM8960 = no;
324 SND_SOC_WM8962 = no;
325 SND_SOC_WM8974 = no;
326 SND_SOC_WM8978 = no;
327 SND_SOC_WM8985 = no;
328 SND_SOC_WSA881X = no;
329 SND_SOC_ZL38060 = no;
330 SND_SOC_MAX9759 = no;
331 SND_SOC_MT6351 = no;
332 SND_SOC_MT6358 = no;
333 SND_SOC_MT6660 = no;
334 SND_SOC_NAU8315 = no;
335 SND_SOC_NAU8540 = no;
336 SND_SOC_NAU8810 = no;
337 SND_SOC_NAU8822 = no;
338 SND_SOC_NAU8824 = no;
339 SND_SOC_TPA6130A2 = no;
340 SND_SOC_LPASS_WSA_MACRO = no;
341 SND_SOC_LPASS_VA_MACRO = no;
342 SND_SOC_LPASS_RX_MACRO = no;
343 SND_SOC_LPASS_TX_MACRO = no;
344 SND_SIMPLE_CARD_UTILS = no;
345 SND_SIMPLE_CARD = no;
346 SND_AUDIO_GRAPH_CARD = no;
347 SND_VIRTIO = no;
348 MOST_SND = no;
349
350 #
351 # Networking options
352 #
353 TCP_CONG_BBR = module;
354 #PPP = no;
355 #PPP_MULTILINK = lib.mkForce no;
356 #PPP_FILTER = lib.mkForce no;
357 #PPPOE = no;
358 NET_DSA = no;
359 L2TP = no;
360 PARPORT = no;
361 PARIDE = no;
362 CDROM = no;
363 GPIOLIB = no;
364 NEW_LEDS = no;
365 #LEDS_CLASS = no;
366
367 IPV6 = yes;
368 IPV6_ROUTER_PREF = yes;
369 IPV6_ROUTE_INFO = yes;
370 IPV6_OPTIMISTIC_DAD = yes;
371 INET6_AH = module;
372 INET6_ESP = module;
373 INET6_ESP_OFFLOAD = module;
374 INET6_ESPINTCP = yes;
375 INET6_IPCOMP = module;
376 IPV6_MIP6 = module;
377 IPV6_ILA = module;
378 INET6_XFRM_TUNNEL = module;
379 INET6_TUNNEL = module;
380 IPV6_VTI = module;
381 IPV6_SIT = module;
382 IPV6_SIT_6RD = yes;
383 IPV6_NDISC_NODETYPE = yes;
384 IPV6_TUNNEL = module;
385 IPV6_MULTIPLE_TABLES = yes;
386 IPV6_SUBTREES = yes;
387 IPV6_MROUTE = yes;
388 IPV6_MROUTE_MULTIPLE_TABLES = yes;
389 IPV6_PIMSM_V2 = yes;
390 IPV6_SEG6_LWTUNNEL = yes;
391 IPV6_SEG6_HMAC = yes;
392 IPV6_RPL_LWTUNNEL = yes;
393 # CONFIG_MPTCP is not set
394 # CONFIG_NETWORK_SECMARK is not set
395 NET_PTP_CLASSIFY = yes;
396 # CONFIG_NETWORK_PHY_TIMESTAMPING is not set
397 NETFILTER = yes;
398 NETFILTER_ADVANCED = yes;
399
400 #
401 # Core Netfilter Configuration
402 #
403 NETFILTER_INGRESS = yes;
404 NETFILTER_NETLINK = module;
405 NETFILTER_FAMILY_ARP = yes;
406 NETFILTER_NETLINK_HOOK = module;
407 NETFILTER_NETLINK_ACCT = module;
408 NETFILTER_NETLINK_QUEUE = module;
409 NETFILTER_NETLINK_LOG = module;
410 NETFILTER_NETLINK_OSF = module;
411 NF_CONNTRACK = module;
412 NF_LOG_SYSLOG = module;
413 NETFILTER_CONNCOUNT = module;
414 NF_CONNTRACK_MARK = yes;
415 NF_CONNTRACK_ZONES = yes;
416 NF_CONNTRACK_PROCFS = yes;
417 NF_CONNTRACK_EVENTS = yes;
418 NF_CONNTRACK_TIMEOUT = yes;
419 NF_CONNTRACK_TIMESTAMP = yes;
420 NF_CONNTRACK_LABELS = yes;
421 NF_CT_PROTO_DCCP = yes;
422 NF_CT_PROTO_SCTP = yes;
423 NF_CT_PROTO_UDPLITE = yes;
424 # CONFIG_NF_CONNTRACK_AMANDA is not set
425 # CONFIG_NF_CONNTRACK_FTP is not set
426 # CONFIG_NF_CONNTRACK_H323 is not set
427 # CONFIG_NF_CONNTRACK_IRC is not set
428 # CONFIG_NF_CONNTRACK_NETBIOS_NS is not set
429 # CONFIG_NF_CONNTRACK_SNMP is not set
430 # CONFIG_NF_CONNTRACK_PPTP is not set
431 # CONFIG_NF_CONNTRACK_SANE is not set
432 # CONFIG_NF_CONNTRACK_SIP is not set
433 # CONFIG_NF_CONNTRACK_TFTP is not set
434 NF_CT_NETLINK = module;
435 NF_CT_NETLINK_TIMEOUT = module;
436 NF_CT_NETLINK_HELPER = module;
437 NETFILTER_NETLINK_GLUE_CT = yes;
438 NF_NAT = module;
439 NF_NAT_REDIRECT = yes;
440 NF_NAT_MASQUERADE = yes;
441 NETFILTER_SYNPROXY = module;
442 NF_TABLES = module;
443 NF_TABLES_INET = yes;
444 NF_TABLES_NETDEV = yes;
445 NFT_NUMGEN = module;
446 NFT_CT = module;
447 NFT_COUNTER = module;
448 NFT_CONNLIMIT = module;
449 NFT_LOG = module;
450 NFT_LIMIT = module;
451 NFT_MASQ = module;
452 NFT_REDIR = module;
453 NFT_NAT = module;
454 NFT_TUNNEL = module;
455 NFT_OBJREF = module;
456 NFT_QUEUE = module;
457 NFT_QUOTA = module;
458 NFT_REJECT = module;
459 NFT_REJECT_INET = module;
460 NFT_COMPAT = module;
461 NFT_HASH = module;
462 NFT_FIB = module;
463 NFT_FIB_INET = module;
464 NFT_XFRM = module;
465 NFT_SOCKET = module;
466 NFT_OSF = module;
467 NFT_TPROXY = module;
468 NFT_SYNPROXY = module;
469 NF_DUP_NETDEV = module;
470 NFT_DUP_NETDEV = module;
471 NFT_FWD_NETDEV = module;
472 NFT_FIB_NETDEV = module;
473 NFT_REJECT_NETDEV = module;
474 # CONFIG_NF_FLOW_TABLE is not set
475 NETFILTER_XTABLES = module;
476
477 #
478 # Xtables combined modules
479 #
480 NETFILTER_XT_MARK = module;
481 NETFILTER_XT_CONNMARK = module;
482 NETFILTER_XT_SET = module;
483
484 #
485 # Xtables targets
486 #
487 NETFILTER_XT_TARGET_CHECKSUM = module;
488 NETFILTER_XT_TARGET_CLASSIFY = module;
489 NETFILTER_XT_TARGET_CONNMARK = module;
490 NETFILTER_XT_TARGET_CT = module;
491 NETFILTER_XT_TARGET_DSCP = module;
492 NETFILTER_XT_TARGET_HL = module;
493 NETFILTER_XT_TARGET_HMARK = module;
494 NETFILTER_XT_TARGET_IDLETIMER = module;
495 NETFILTER_XT_TARGET_LED = module;
496 NETFILTER_XT_TARGET_LOG = module;
497 NETFILTER_XT_TARGET_MARK = module;
498 NETFILTER_XT_NAT = module;
499 NETFILTER_XT_TARGET_NETMAP = module;
500 NETFILTER_XT_TARGET_NFLOG = module;
501 NETFILTER_XT_TARGET_NFQUEUE = module;
502 NETFILTER_XT_TARGET_NOTRACK = module;
503 NETFILTER_XT_TARGET_RATEEST = module;
504 NETFILTER_XT_TARGET_REDIRECT = module;
505 NETFILTER_XT_TARGET_MASQUERADE = module;
506 NETFILTER_XT_TARGET_TEE = module;
507 NETFILTER_XT_TARGET_TPROXY = module;
508 NETFILTER_XT_TARGET_TRACE = module;
509 NETFILTER_XT_TARGET_TCPMSS = module;
510 NETFILTER_XT_TARGET_TCPOPTSTRIP = module;
511
512 #
513 # Xtables matches
514 #
515 NETFILTER_XT_MATCH_ADDRTYPE = module;
516 NETFILTER_XT_MATCH_BPF = module;
517 NETFILTER_XT_MATCH_CGROUP = module;
518 NETFILTER_XT_MATCH_CLUSTER = module;
519 NETFILTER_XT_MATCH_COMMENT = module;
520 NETFILTER_XT_MATCH_CONNBYTES = module;
521 NETFILTER_XT_MATCH_CONNLABEL = module;
522 NETFILTER_XT_MATCH_CONNLIMIT = module;
523 NETFILTER_XT_MATCH_CONNMARK = module;
524 NETFILTER_XT_MATCH_CONNTRACK = module;
525 NETFILTER_XT_MATCH_CPU = module;
526 NETFILTER_XT_MATCH_DCCP = module;
527 NETFILTER_XT_MATCH_DEVGROUP = module;
528 NETFILTER_XT_MATCH_DSCP = module;
529 NETFILTER_XT_MATCH_ECN = module;
530 NETFILTER_XT_MATCH_ESP = module;
531 NETFILTER_XT_MATCH_HASHLIMIT = module;
532 NETFILTER_XT_MATCH_HELPER = module;
533 NETFILTER_XT_MATCH_HL = module;
534 NETFILTER_XT_MATCH_IPCOMP = module;
535 NETFILTER_XT_MATCH_IPRANGE = module;
536 NETFILTER_XT_MATCH_L2TP = module;
537 NETFILTER_XT_MATCH_LENGTH = module;
538 NETFILTER_XT_MATCH_LIMIT = module;
539 NETFILTER_XT_MATCH_MAC = module;
540 NETFILTER_XT_MATCH_MARK = module;
541 NETFILTER_XT_MATCH_MULTIPORT = module;
542 NETFILTER_XT_MATCH_NFACCT = module;
543 NETFILTER_XT_MATCH_OSF = module;
544 NETFILTER_XT_MATCH_OWNER = module;
545 # CONFIG_NETFILTER_XT_MATCH_POLICY is not set
546 NETFILTER_XT_MATCH_PKTTYPE = module;
547 NETFILTER_XT_MATCH_QUOTA = module;
548 NETFILTER_XT_MATCH_RATEEST = module;
549 NETFILTER_XT_MATCH_REALM = module;
550 NETFILTER_XT_MATCH_RECENT = module;
551 NETFILTER_XT_MATCH_SCTP = module;
552 NETFILTER_XT_MATCH_SOCKET = module;
553 NETFILTER_XT_MATCH_STATE = module;
554 NETFILTER_XT_MATCH_STATISTIC = module;
555 NETFILTER_XT_MATCH_STRING = module;
556 NETFILTER_XT_MATCH_TCPMSS = module;
557 NETFILTER_XT_MATCH_TIME = module;
558 NETFILTER_XT_MATCH_U32 = module;
559 # end of Core Netfilter Configuration
560
561 IP_SET = module;
562 IP_SET_MAX.freeform = "256";
563 IP_SET_BITMAP_IP = module;
564 IP_SET_BITMAP_IPMAC = module;
565 IP_SET_BITMAP_PORT = module;
566 IP_SET_HASH_IP = module;
567 IP_SET_HASH_IPMARK = module;
568 IP_SET_HASH_IPPORT = module;
569 IP_SET_HASH_IPPORTIP = module;
570 IP_SET_HASH_IPPORTNET = module;
571 IP_SET_HASH_IPMAC = module;
572 IP_SET_HASH_MAC = module;
573 IP_SET_HASH_NETPORTNET = module;
574 IP_SET_HASH_NET = module;
575 IP_SET_HASH_NETNET = module;
576 IP_SET_HASH_NETPORT = module;
577 IP_SET_HASH_NETIFACE = module;
578 IP_SET_LIST_SET = module;
579 # CONFIG_IP_VS is not set
580
581 #
582 # IP: Netfilter Configuration
583 #
584 NF_DEFRAG_IPV4 = module;
585 NF_SOCKET_IPV4 = module;
586 NF_TPROXY_IPV4 = module;
587 NF_TABLES_IPV4 = yes;
588 NFT_REJECT_IPV4 = module;
589 NFT_DUP_IPV4 = module;
590 NFT_FIB_IPV4 = module;
591 # CONFIG_NF_TABLES_ARP is not set
592 NF_DUP_IPV4 = module;
593 # CONFIG_NF_LOG_ARP is not set
594 # CONFIG_NF_LOG_IPV4 is not set
595 NF_REJECT_IPV4 = module;
596 IP_NF_IPTABLES = module;
597 IP_NF_MATCH_AH = module;
598 IP_NF_MATCH_ECN = module;
599 IP_NF_MATCH_RPFILTER = module;
600 IP_NF_MATCH_TTL = module;
601 IP_NF_FILTER = module;
602 IP_NF_TARGET_REJECT = module;
603 IP_NF_TARGET_SYNPROXY = module;
604 IP_NF_NAT = module;
605 IP_NF_TARGET_MASQUERADE = module;
606 IP_NF_TARGET_NETMAP = module;
607 IP_NF_TARGET_REDIRECT = module;
608 IP_NF_MANGLE = module;
609 IP_NF_TARGET_CLUSTERIP = module;
610 IP_NF_TARGET_ECN = module;
611 IP_NF_TARGET_TTL = module;
612 # CONFIG_IP_NF_RAW is not set
613 # CONFIG_IP_NF_ARPTABLES is not set
614 # end of IP: Netfilter Configuration
615
616 #
617 # IPv6: Netfilter Configuration
618 #
619 NF_SOCKET_IPV6 = module;
620 NF_TPROXY_IPV6 = module;
621 NF_TABLES_IPV6 = yes;
622 NFT_REJECT_IPV6 = module;
623 NFT_DUP_IPV6 = module;
624 NFT_FIB_IPV6 = module;
625 NF_DUP_IPV6 = module;
626 NF_REJECT_IPV6 = module;
627 NF_LOG_IPV6 = module;
628 IP6_NF_IPTABLES = module;
629 IP6_NF_MATCH_AH = module;
630 IP6_NF_MATCH_EUI64 = module;
631 IP6_NF_MATCH_FRAG = module;
632 IP6_NF_MATCH_OPTS = module;
633 IP6_NF_MATCH_HL = module;
634 IP6_NF_MATCH_IPV6HEADER = module;
635 IP6_NF_MATCH_MH = module;
636 IP6_NF_MATCH_RPFILTER = module;
637 IP6_NF_MATCH_RT = module;
638 IP6_NF_MATCH_SRH = module;
639 IP6_NF_TARGET_HL = module;
640 IP6_NF_FILTER = module;
641 IP6_NF_TARGET_REJECT = module;
642 IP6_NF_TARGET_SYNPROXY = module;
643 IP6_NF_MANGLE = module;
644 IP6_NF_RAW = module;
645 IP6_NF_NAT = module;
646 IP6_NF_TARGET_MASQUERADE = module;
647 IP6_NF_TARGET_NPT = module;
648 # end of IPv6: Netfilter Configuration
649
650 NF_DEFRAG_IPV6 = module;
651
652 #
653 # Disabling
654 #
655 ADFS_FS = no;
656 AFFS_FS = no;
657 BEFS_FS = no;
658 BFS_FS = no;
659 BTRFS = no;
660 BTRFS_FS = no;
661 CEPH_FS = no;
662 CIFS = no;
663 CRAMFS = no;
664 ECRYPT_FS = no;
665 EFS_FS = no;
666 EROFS_FS = no;
667 EXT2_FS = no;
668 EXT3_FS = no;
669 F2FS_FS = lib.mkForce no;
670 GFS2_FS = no;
671 HFSPLUS_FS = no;
672 HFS_FS = no;
673 HPFS_FS = no;
674 JFS_FS = no;
675 MINIX_FS = no;
676 NET_9P = no;
677 NFSD = no;
678 NFS_FS = no;
679 NILFS2_FS = no;
680 OMFS_FS = no;
681 ORANGEFS_FS = no;
682 QNX4FS_FS = no;
683 QNX6FS_FS = no;
684 REISERFS_FS = no;
685 ROMFS_FS = no;
686 SQUASHFS = no;
687 SYSV_FS = no;
688 UFS_FS = no;
689 VXFS_FS = no;
690 XFS_FS = no;
691
692 MISC_FILESYSTEMS = no;
693
694 DECNET = no;
695 SCTP = no;
696 RDS = no;
697 DCCP = no;
698 TIPC = no;
699 CAIF = no;
700 CEPH = no;
701 VMW_SOCK = no;
702 HSR = no;
703 QRTR = no;
704 MPI = no;
705 RAID6 = no;
706 STAGING = lib.mkForce no;
707 ATH11K_PCI = no;
708
709 "6LOWPAN" = no;
710 ARCNET = no;
711 B53 = no;
712 BATMAN_ADV = no;
713 BT = no;
714 CAN = no;
715 COMEDI = no;
716 DRM_STM = lib.mkForce no;
717 DRM_PANEL = lib.mkForce no;
718
719 DRM_BRIDGE = no;
720 DRM_PANEL_BRIDGE = no;
721 DRM_CDNS_DSI = no;
722 DRM_CHIPONE_ICN6211 = no;
723 DRM_CHRONTEL_CH7033 = no;
724 #DRM_DISPLAY_CONNECTOR = no;
725 DRM_LONTIUM_LT8912B = no;
726 DRM_LONTIUM_LT9611 = no;
727 DRM_LONTIUM_LT9611UXC = no;
728 DRM_ITE_IT66121 = no;
729 DRM_LVDS_CODEC = no;
730 DRM_MEGACHIPS_STDPXXXX_GE_B850V3_FW = no;
731 DRM_NWL_MIPI_DSI = no;
732 DRM_NXP_PTN3460 = no;
733 DRM_PARADE_PS8622 = no;
734 DRM_PARADE_PS8640 = no;
735 DRM_SIL_SII8620 = no;
736 DRM_SII902X = no;
737 DRM_SII9234 = no;
738 DRM_SIMPLE_BRIDGE = no;
739 DRM_THINE_THC63LVD1024 = no;
740 DRM_TOSHIBA_TC358762 = no;
741 DRM_TOSHIBA_TC358764 = no;
742 DRM_TOSHIBA_TC358767 = no;
743 DRM_TOSHIBA_TC358768 = no;
744 DRM_TOSHIBA_TC358775 = no;
745 DRM_TI_TFP410 = no;
746 DRM_TI_SN65DSI83 = no;
747 DRM_TI_SN65DSI86 = no;
748 DRM_TI_TPD12S015 = no;
749 DRM_ANALOGIX_ANX6345 = no;
750 DRM_ANALOGIX_ANX78XX = no;
751 DRM_ANALOGIX_DP = no;
752 DRM_ANALOGIX_ANX7625 = no;
753 DRM_I2C_ADV7511 = no;
754 DRM_I2C_ADV7511_CEC = no;
755 DRM_CDNS_MHDP8546 = no;
756 DRM_DW_HDMI = no;
757 DRM_DW_HDMI_AHB_AUDIO = no;
758 DRM_DW_HDMI_I2S_AUDIO = no;
759 DRM_DW_HDMI_CEC = no;
760 DRM_STI = no;
761 DRM_IMX = no;
762 DRM_IMX_PARALLEL_DISPLAY = no;
763 DRM_IMX_TVE = no;
764 DRM_IMX_LDB = no;
765 DRM_IMX_HDMI = no;
766 DRM_ETNAVIV = no;
767 DRM_ETNAVIV_THERMAL = no;
768 DRM_MXS = no;
769 DRM_MXSFB = no;
770 DRM_ARCPGU = no;
771 DRM_GM12U320 = no;
772 TINYDRM_HX8357D = no;
773 TINYDRM_ILI9225 = no;
774 TINYDRM_ILI9341 = no;
775 TINYDRM_ILI9486 = no;
776 TINYDRM_MI0283QT = no;
777 TINYDRM_REPAPER = no;
778 TINYDRM_ST7586 = no;
779 TINYDRM_ST7735R = no;
780 DRM_PL111 = no;
781 DRM_TVE200 = no;
782 DRM_LIMA = no;
783 DRM_PANFROST = no;
784 DRM_MCDE = no;
785 DRM_TIDSS = no;
786 DRM_GUD = no;
787 DRM_EXPORT_FOR_TESTS = no;
788 DRM_PANEL_ORIENTATION_QUIRKS = no;
789 DRM_LIB_RANDOM = no;
790
791 INFINIBAND = no;
792 INPUT_TOUCHSCREEN = no;
793 MEDIA_ANALOG_TV_SUPPORT = lib.mkForce no;
794 MEDIA_DIGITAL_TV_SUPPORT = lib.mkForce no;
795 MEDIA_TUNER = no;
796 MPLS = no;
797 MPTCP = lib.mkForce no;
798 NFC = no;
799 NF_TABLES_BRIDGE = lib.mkForce no;
800 NVME = no;
801 OPENVSWITCH = no;
802 PARAVIRT = lib.mkForce no;
803 POWER_SUPPLY = no;
804 USB_GSPCA = lib.mkForce no;
805 VIDEO_STK1160_COMMON = lib.mkForce no;
806 XEN = lib.mkForce no;
807 #NVME_CORE = no;
808 };
809 features.debug = false;
810 #ignoreConfigErrors = true;
811 };
812 });
813 })
814 ];
815 boot.cleanTmpDir = true;
816 boot.tmpOnTmpfs = lib.mkForce false;
817 # TODO: is that needed?
818 hardware.enableRedistributableFirmware = true;
819 sdImage = {
820 postBuildCommands = ''
821 dd if=${pkgs.ubootCubieboard2}/u-boot-sunxi-with-spl.bin of=$img bs=1024 seek=8 conv=notrunc
822 '';
823 compressImage = true;
824 expandOnBoot = true;
825 firmwareSize = 1;
826 populateFirmwareCommands = "";
827 populateRootCommands = ''
828 mkdir -p ./files/boot
829 ${config.boot.loader.generic-extlinux-compatible.populateCmd} -c ${config.system.build.toplevel} -d ./files/boot
830 '';
831 };
832 boot.loader.grub.enable = false;
833 boot.loader.generic-extlinux-compatible.enable = true;
834 # nix -L build .#nixosConfigurations.${hostName}.config.boot.kernelPackages.kernel.configfile
835 boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest_Cubieboard2;
836 boot.initrd.availableKernelModules = lib.mkForce [
837 "mmc_block"
838 "usbhid"
839 "hid_generic"
840 "hid_microsoft"
841 ];
842 }