]> Git — Sourcephile - sourcephile-nix.git/blob - nixos/profiles/hardware/cubieboard2.nix
sourcephile / git / sourcephile-nix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
fail2ban: tweak parameters
[sourcephile-nix.git] / nixos / profiles / hardware / cubieboard2.nix
1 { pkgs, lib, config, modulesPath, ... }:
2 {
3 imports = [
4 "${modulesPath}/installer/sd-card/sd-image.nix"
5 ];
6
7 _module.args.CPUs = 2;
8
9 # Too CPU hungry for this hardware, for too little MiB saved
10 nix.settings.auto-optimise-store = false;
11
12 powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
13
14 boot.supportedFilesystems = [
15 #"btrfs"
16 #"reiserfs"
17 "vfat"
18 #"f2fs"
19 #"xfs"
20 #"zfs" # ZFS tools coredump with SIGSEGV
21 #"ntfs"
22 #"cifs"
23 ];
24
25 # The serial ports listed here are:
26 # - ttyS0: for Tegra (Jetson TK1)
27 # - ttymxc0: for i.MX6 (Wandboard)
28 # - ttyAMA0: for Allwinner (pcDuino3 Nano) and QEMU's -machine virt
29 # - ttyO0: for OMAP (BeagleBone Black)
30 # - ttySAC2: for Exynos (ODROID-XU3)
31 boot.consoleLogLevel = lib.mkDefault 7;
32 boot.kernelParams = [
33 "console=ttyS0,115200n8"
34 "console=ttymxc0,115200n8"
35 "console=ttyAMA0,115200n8"
36 "console=ttyO0,115200n8"
37 "console=ttySAC2,115200n8"
38 "console=tty0"
39 ];
40 boot.kernelPatches = [
41 /*
42 {
43 name = "0001-core_pattern-fix-too-small-CORENAME_MAX_SIZE";
44 patch = ../../../nixpkgs/patches/linux/0001-core_pattern-fix-too-small-CORENAME_MAX_SIZE.patch;
45 extraConfig = ''
46 '';
47 }
48 */
49 ];
50
51 nixpkgs.overlays = [
52 (finalPkgs: previousPkgs: {
53 # https://linux-sunxi.org/Mali_Open_Source_Driver#Configuration_and_Build
54 mesa = (previousPkgs.mesa.override {
55 eglPlatforms = [ "x11" ];
56 galliumDrivers = [
57 "lima"
58 #"panfrost"
59 "kmsro"
60 "swrast"
61 ];
62 enableGalliumNine = false;
63 vulkanDrivers = [
64 "swrast"
65 #"panfrost"
66 ];
67 #vulkanLayers = [ ];
68 }).overrideAttrs (previousAttrs: {
69 mesonFlags = previousAttrs.mesonFlags ++ [
70 # VDPAU state tracker requires at least the following gallium drivers:
71 # r600, radeonsi, nouveau or d3d12
72 "-Dgallium-vdpau=disabled"
73 "-Dgallium-va=disabled"
74 # XA state tracker requires at least one of the following gallium drivers:
75 # nouveau, freedreno, i915, svga.
76 "-Dgallium-xa=disabled"
77 ];
78 });
79 })
80 ];
81 boot.tmp.cleanOnBoot = true;
82 boot.tmp.useTmpfs = lib.mkForce false;
83 # TODO: is that needed?
84 hardware.enableRedistributableFirmware = true;
85 sdImage = {
86 postBuildCommands = ''
87 dd if=${pkgs.ubootCubieboard2}/u-boot-sunxi-with-spl.bin of=$img bs=1024 seek=8 conv=notrunc
88 '';
89 compressImage = true;
90 expandOnBoot = true;
91 firmwareSize = 1;
92 populateFirmwareCommands = "";
93 populateRootCommands = ''
94 mkdir -p ./files/boot
95 ${config.boot.loader.generic-extlinux-compatible.populateCmd} -c ${config.system.build.toplevel} -d ./files/boot
96 '';
97 };
98 boot.loader.grub.enable = false;
99 boot.loader.generic-extlinux-compatible.enable = true;
100 # nix -L build .#nixosConfigurations.${hostName}.config.boot.kernelPackages.kernel.configfile
101 boot.kernelPackages = lib.mkForce (
102 # FIXME: config.boot.zfs.package.latestCompatibleLinuxPackages
103 pkgs.linuxPackages_latest.extend (finalKernel: previousKernel: {
104 kernel = previousKernel.kernel.override {
105 defconfig = "sunxi_defconfig";
106 structuredExtraConfig = with lib.kernel; {
107 # Workaround https://github.com/NixOS/nixpkgs/pull/141942#issuecomment-954301443
108 DEBUG_INFO = lib.mkForce no;
109 DEBUG_INFO_BTF = lib.mkForce no;
110 SUSPEND = no;
111 PM = no;
112 PM_SLEEP = no;
113 NVME_CORE = no;
114 TORTURE_TEST = no; # TODO: check if it's possible
115 USB_SERIAL_CH341 = module;
116 USB_SERIAL_PL2303 = module;
117 REGULATOR = lib.mkForce no;
118 MFD_CORE = no;
119 PCI = yes;
120 # FIXME: Enable wdctl to work when /dev/watchdog is used by systemd
121 #WATCHDOG_SYSFS = yes;
122
123 #
124 # File systems
125 #
126 EXT4_FS = yes;
127 EXT4_USE_FOR_EXT2 = yes;
128 FUSE_FS = module;
129 PSTORE = yes;
130 CONFIGFS_FS = module;
131 VFAT_FS = yes;
132 ZSWAP = yes;
133
134 # misc
135 DAX = module;
136 DRM_DISPLAY_CONNECTOR = module;
137 NET_SCH_CODEL = module;
138 NET_SCH_FQ_CODEL = module;
139 UIO = module;
140
141 # WiFi
142 # Not built in the Cubieboard2, require an USB dongle
143 WIRELESS = yes;
144 CFG80211 = module;
145 LIB80211 = module;
146 LIB80211_CRYPT_CCMP = module;
147 MAC80211 = module;
148 MAC80211_HWSIM = module;
149 NETDEVICES = yes;
150 WLAN = yes;
151 WLAN_VENDOR_REALTEK = yes;
152 NET_VENDOR_REALTEK = yes;
153 REALTEK_PHY = yes;
154 RTL_CARDS = module;
155 RTL8188EE = module; # For 7392:7811 Edimax Technology Co., Ltd EW-7811Un 802.11n Wireless Adapter [Realtek RTL8188CUS]
156 RTLWIFI = module;
157 RTLWIFI_PCI = module;
158 RTLWIFI_DEBUG = yes;
159
160 # Sound options
161 SND_SOC_ADI = no;
162 SND_SOC_ADI_AXI_I2S = no;
163 SND_SOC_ADI_AXI_SPDIF = no;
164 SND_SOC_AMD_ACP = no;
165 SND_SOC_AMD_CZ_RT5645_MACH = no;
166 SND_ATMEL_SOC = no;
167 SND_SOC_MIKROE_PROTO = no;
168 SND_BCM63XX_I2S_WHISTLER = no;
169 SND_DESIGNWARE_I2S = no;
170 SND_SOC_FSL_ASRC = no;
171 SND_SOC_FSL_SAI = no;
172 SND_SOC_FSL_MQS = no;
173 SND_SOC_FSL_AUDMIX = no;
174 SND_SOC_FSL_SSI = no;
175 SND_SOC_FSL_SPDIF = no;
176 SND_SOC_FSL_ESAI = no;
177 SND_SOC_FSL_MICFIL = no;
178 SND_SOC_FSL_EASRC = no;
179 SND_SOC_FSL_XCVR = no;
180 SND_SOC_FSL_RPMSG = no;
181 SND_SOC_IMX_AUDMUX = no;
182 SND_I2S_HI6210_I2S = no;
183 SND_SOC_MTK_BTCVSD = no;
184 SND_SOC_XILINX_I2S = no;
185 SND_SOC_XILINX_AUDIO_FORMATTER = no;
186 SND_SOC_XILINX_SPDIF = no;
187 SND_SOC_XTFPGA_I2S = no;
188 SND_SOC_AC97_CODEC = no;
189 SND_SOC_ADAU_UTILS = no;
190 SND_SOC_ADAU1372 = no;
191 SND_SOC_ADAU1372_I2C = no;
192 SND_SOC_ADAU1372_SPI = no;
193 SND_SOC_ADAU1701 = no;
194 SND_SOC_ADAU17X1 = no;
195 SND_SOC_ADAU1761 = no;
196 SND_SOC_ADAU1761_I2C = no;
197 SND_SOC_ADAU1761_SPI = no;
198 SND_SOC_ADAU7002 = no;
199 SND_SOC_ADAU7118 = no;
200 SND_SOC_ADAU7118_HW = no;
201 SND_SOC_ADAU7118_I2C = no;
202 SND_SOC_AK4104 = no;
203 SND_SOC_AK4118 = no;
204 SND_SOC_AK4458 = no;
205 SND_SOC_AK4554 = no;
206 SND_SOC_AK4613 = no;
207 SND_SOC_AK4642 = no;
208 SND_SOC_AK5386 = no;
209 SND_SOC_AK5558 = no;
210 SND_SOC_ALC5623 = no;
211 SND_SOC_BD28623 = no;
212 SND_SOC_BT_SCO = no;
213 SND_SOC_CPCAP = no;
214 SND_SOC_CS35L32 = no;
215 SND_SOC_CS35L33 = no;
216 SND_SOC_CS35L34 = no;
217 SND_SOC_CS35L35 = no;
218 SND_SOC_CS35L36 = no;
219 SND_SOC_CS42L42 = no;
220 SND_SOC_CS42L51 = no;
221 SND_SOC_CS42L51_I2C = no;
222 SND_SOC_CS42L52 = no;
223 SND_SOC_CS42L56 = no;
224 SND_SOC_CS42L73 = no;
225 SND_SOC_CS4234 = no;
226 SND_SOC_CS4265 = no;
227 SND_SOC_CS4270 = no;
228 SND_SOC_CS4271 = no;
229 SND_SOC_CS4271_I2C = no;
230 SND_SOC_CS4271_SPI = no;
231 SND_SOC_CS42XX8 = no;
232 SND_SOC_CS42XX8_I2C = no;
233 SND_SOC_CS43130 = no;
234 SND_SOC_CS4341 = no;
235 SND_SOC_CS4349 = no;
236 SND_SOC_CS53L30 = no;
237 SND_SOC_CX2072X = no;
238 SND_SOC_DA7213 = no;
239 SND_SOC_DMIC = no;
240 SND_SOC_HDMI_CODEC = no;
241 SND_SOC_ES7134 = no;
242 SND_SOC_ES7241 = no;
243 SND_SOC_ES8316 = no;
244 SND_SOC_ES8328 = no;
245 SND_SOC_ES8328_I2C = no;
246 SND_SOC_ES8328_SPI = no;
247 SND_SOC_GTM601 = no;
248 SND_SOC_INNO_RK3036 = no;
249 SND_SOC_MAX98088 = no;
250 SND_SOC_MAX98357A = no;
251 SND_SOC_MAX98504 = no;
252 SND_SOC_MAX9867 = no;
253 SND_SOC_MAX98927 = no;
254 SND_SOC_MAX98373 = no;
255 SND_SOC_MAX98373_I2C = no;
256 SND_SOC_MAX98373_SDW = no;
257 SND_SOC_MAX98390 = no;
258 SND_SOC_MAX9860 = no;
259 SND_SOC_MSM8916_WCD_ANALOG = no;
260 SND_SOC_MSM8916_WCD_DIGITAL = no;
261 SND_SOC_PCM1681 = no;
262 SND_SOC_PCM1789 = no;
263 SND_SOC_PCM1789_I2C = no;
264 SND_SOC_PCM179X = no;
265 SND_SOC_PCM179X_I2C = no;
266 SND_SOC_PCM179X_SPI = no;
267 SND_SOC_PCM186X = no;
268 SND_SOC_PCM186X_I2C = no;
269 SND_SOC_PCM186X_SPI = no;
270 SND_SOC_PCM3060 = no;
271 SND_SOC_PCM3060_I2C = no;
272 SND_SOC_PCM3060_SPI = no;
273 SND_SOC_PCM3168A = no;
274 SND_SOC_PCM3168A_I2C = no;
275 SND_SOC_PCM3168A_SPI = no;
276 SND_SOC_PCM5102A = no;
277 SND_SOC_PCM512x = no;
278 SND_SOC_PCM512x_I2C = no;
279 SND_SOC_PCM512x_SPI = no;
280 SND_SOC_RK3328 = no;
281 SND_SOC_RK817 = no;
282 SND_SOC_RL6231 = no;
283 SND_SOC_RT1308_SDW = no;
284 SND_SOC_RT1316_SDW = no;
285 SND_SOC_RT5616 = no;
286 SND_SOC_RT5631 = no;
287 SND_SOC_RT5640 = no;
288 SND_SOC_RT5645 = no;
289 SND_SOC_RT5659 = no;
290 SND_SOC_RT5682 = no;
291 SND_SOC_RT5682_SDW = no;
292 SND_SOC_RT700 = no;
293 SND_SOC_RT700_SDW = no;
294 SND_SOC_RT711 = no;
295 SND_SOC_RT711_SDW = no;
296 SND_SOC_RT711_SDCA_SDW = no;
297 SND_SOC_RT715 = no;
298 SND_SOC_RT715_SDW = no;
299 SND_SOC_RT715_SDCA_SDW = no;
300 SND_SOC_SGTL5000 = no;
301 SND_SOC_SIGMADSP = no;
302 SND_SOC_SIGMADSP_I2C = no;
303 SND_SOC_SIGMADSP_REGMAP = no;
304 SND_SOC_SIMPLE_AMPLIFIER = no;
305 SND_SOC_SIMPLE_MUX = no;
306 SND_SOC_SPDIF = no;
307 SND_SOC_SSM2305 = no;
308 SND_SOC_SSM2518 = no;
309 SND_SOC_SSM2602 = no;
310 SND_SOC_SSM2602_SPI = no;
311 SND_SOC_SSM2602_I2C = no;
312 SND_SOC_SSM4567 = no;
313 SND_SOC_STA32X = no;
314 SND_SOC_STA350 = no;
315 SND_SOC_STI_SAS = no;
316 SND_SOC_TAS2552 = no;
317 SND_SOC_TAS2562 = no;
318 SND_SOC_TAS2764 = no;
319 SND_SOC_TAS2770 = no;
320 SND_SOC_TAS5086 = no;
321 SND_SOC_TAS571X = no;
322 SND_SOC_TAS5720 = no;
323 SND_SOC_TAS6424 = no;
324 SND_SOC_TDA7419 = no;
325 SND_SOC_TFA9879 = no;
326 SND_SOC_TFA989X = no;
327 SND_SOC_TLV320AIC23 = no;
328 SND_SOC_TLV320AIC23_I2C = no;
329 SND_SOC_TLV320AIC23_SPI = no;
330 SND_SOC_TLV320AIC31XX = no;
331 SND_SOC_TLV320AIC32X4 = no;
332 SND_SOC_TLV320AIC32X4_I2C = no;
333 SND_SOC_TLV320AIC32X4_SPI = no;
334 SND_SOC_TLV320AIC3X = no;
335 SND_SOC_TLV320AIC3X_I2C = no;
336 SND_SOC_TLV320AIC3X_SPI = no;
337 SND_SOC_TLV320ADCX140 = no;
338 SND_SOC_TS3A227E = no;
339 SND_SOC_TSCS42XX = no;
340 SND_SOC_TSCS454 = no;
341 SND_SOC_UDA1334 = no;
342 SND_SOC_WCD9335 = no;
343 SND_SOC_WCD_MBHC = no;
344 SND_SOC_WCD934X = no;
345 SND_SOC_WCD938X = no;
346 SND_SOC_WCD938X_SDW = no;
347 SND_SOC_WM8510 = no;
348 SND_SOC_WM8523 = no;
349 SND_SOC_WM8524 = no;
350 SND_SOC_WM8580 = no;
351 SND_SOC_WM8711 = no;
352 SND_SOC_WM8728 = no;
353 SND_SOC_WM8731 = no;
354 SND_SOC_WM8737 = no;
355 SND_SOC_WM8741 = no;
356 SND_SOC_WM8750 = no;
357 SND_SOC_WM8753 = no;
358 SND_SOC_WM8770 = no;
359 SND_SOC_WM8776 = no;
360 SND_SOC_WM8782 = no;
361 SND_SOC_WM8804 = no;
362 SND_SOC_WM8804_I2C = no;
363 SND_SOC_WM8804_SPI = no;
364 SND_SOC_WM8903 = no;
365 SND_SOC_WM8904 = no;
366 SND_SOC_WM8960 = no;
367 SND_SOC_WM8962 = no;
368 SND_SOC_WM8974 = no;
369 SND_SOC_WM8978 = no;
370 SND_SOC_WM8985 = no;
371 SND_SOC_WSA881X = no;
372 SND_SOC_ZL38060 = no;
373 SND_SOC_MAX9759 = no;
374 SND_SOC_MT6351 = no;
375 SND_SOC_MT6358 = no;
376 SND_SOC_MT6660 = no;
377 SND_SOC_NAU8315 = no;
378 SND_SOC_NAU8540 = no;
379 SND_SOC_NAU8810 = no;
380 SND_SOC_NAU8822 = no;
381 SND_SOC_NAU8824 = no;
382 SND_SOC_TPA6130A2 = no;
383 SND_SOC_LPASS_WSA_MACRO = no;
384 SND_SOC_LPASS_VA_MACRO = no;
385 SND_SOC_LPASS_RX_MACRO = no;
386 SND_SOC_LPASS_TX_MACRO = no;
387 SND_SIMPLE_CARD_UTILS = no;
388 SND_SIMPLE_CARD = no;
389 SND_AUDIO_GRAPH_CARD = no;
390 SND_VIRTIO = no;
391 MOST_SND = no;
392
393 #
394 # Networking options
395 #
396 TCP_CONG_BBR = module;
397 #PPP = no;
398 #PPP_MULTILINK = lib.mkForce no;
399 #PPP_FILTER = lib.mkForce no;
400 #PPPOE = no;
401 NET_DSA = no;
402 L2TP = no;
403 PARPORT = no;
404 PARIDE = no;
405 CDROM = no;
406 GPIOLIB = no;
407 NEW_LEDS = no;
408 #LEDS_CLASS = no;
409
410 IPV6 = yes;
411 IPV6_ROUTER_PREF = yes;
412 IPV6_ROUTE_INFO = yes;
413 IPV6_OPTIMISTIC_DAD = yes;
414 INET6_AH = module;
415 INET6_ESP = module;
416 INET6_ESP_OFFLOAD = module;
417 INET6_ESPINTCP = yes;
418 INET6_IPCOMP = module;
419 IPV6_MIP6 = module;
420 IPV6_ILA = module;
421 INET6_XFRM_TUNNEL = module;
422 INET6_TUNNEL = module;
423 IPV6_VTI = module;
424 IPV6_SIT = module;
425 IPV6_SIT_6RD = yes;
426 IPV6_NDISC_NODETYPE = yes;
427 IPV6_TUNNEL = module;
428 IPV6_MULTIPLE_TABLES = yes;
429 IPV6_SUBTREES = yes;
430 IPV6_MROUTE = yes;
431 IPV6_MROUTE_MULTIPLE_TABLES = yes;
432 IPV6_PIMSM_V2 = yes;
433 IPV6_SEG6_LWTUNNEL = yes;
434 IPV6_SEG6_HMAC = yes;
435 IPV6_RPL_LWTUNNEL = yes;
436 # CONFIG_MPTCP is not set
437 # CONFIG_NETWORK_SECMARK is not set
438 NET_PTP_CLASSIFY = yes;
439 # CONFIG_NETWORK_PHY_TIMESTAMPING is not set
440 NETFILTER = yes;
441 NETFILTER_ADVANCED = yes;
442
443 #
444 # Core Netfilter Configuration
445 #
446 NETFILTER_INGRESS = yes;
447 NETFILTER_NETLINK = module;
448 NETFILTER_FAMILY_ARP = yes;
449 NETFILTER_NETLINK_HOOK = module;
450 NETFILTER_NETLINK_ACCT = module;
451 NETFILTER_NETLINK_QUEUE = module;
452 NETFILTER_NETLINK_LOG = module;
453 NETFILTER_NETLINK_OSF = module;
454 NF_CONNTRACK = module;
455 NF_LOG_SYSLOG = module;
456 NETFILTER_CONNCOUNT = module;
457 NF_CONNTRACK_MARK = yes;
458 NF_CONNTRACK_ZONES = yes;
459 NF_CONNTRACK_PROCFS = yes;
460 NF_CONNTRACK_EVENTS = yes;
461 NF_CONNTRACK_TIMEOUT = yes;
462 NF_CONNTRACK_TIMESTAMP = yes;
463 NF_CONNTRACK_LABELS = yes;
464 NF_CT_PROTO_DCCP = yes;
465 NF_CT_PROTO_SCTP = yes;
466 NF_CT_PROTO_UDPLITE = yes;
467 # CONFIG_NF_CONNTRACK_AMANDA is not set
468 # CONFIG_NF_CONNTRACK_FTP is not set
469 # CONFIG_NF_CONNTRACK_H323 is not set
470 # CONFIG_NF_CONNTRACK_IRC is not set
471 # CONFIG_NF_CONNTRACK_NETBIOS_NS is not set
472 # CONFIG_NF_CONNTRACK_SNMP is not set
473 # CONFIG_NF_CONNTRACK_PPTP is not set
474 # CONFIG_NF_CONNTRACK_SANE is not set
475 # CONFIG_NF_CONNTRACK_SIP is not set
476 # CONFIG_NF_CONNTRACK_TFTP is not set
477 NF_CT_NETLINK = module;
478 NF_CT_NETLINK_TIMEOUT = module;
479 NF_CT_NETLINK_HELPER = module;
480 NETFILTER_NETLINK_GLUE_CT = yes;
481 NF_NAT = module;
482 NF_NAT_REDIRECT = yes;
483 NF_NAT_MASQUERADE = yes;
484 NETFILTER_SYNPROXY = module;
485 NF_TABLES = module;
486 NF_TABLES_INET = yes;
487 NF_TABLES_NETDEV = yes;
488 NFT_NUMGEN = module;
489 NFT_CT = module;
490 NFT_COUNTER = module;
491 NFT_CONNLIMIT = module;
492 NFT_LOG = module;
493 NFT_LIMIT = module;
494 NFT_MASQ = module;
495 NFT_REDIR = module;
496 NFT_NAT = module;
497 NFT_TUNNEL = module;
498 NFT_OBJREF = module;
499 NFT_QUEUE = module;
500 NFT_QUOTA = module;
501 NFT_REJECT = module;
502 NFT_REJECT_INET = module;
503 NFT_COMPAT = module;
504 NFT_HASH = module;
505 NFT_FIB = module;
506 NFT_FIB_INET = module;
507 NFT_XFRM = module;
508 NFT_SOCKET = module;
509 NFT_OSF = module;
510 NFT_TPROXY = module;
511 NFT_SYNPROXY = module;
512 NF_DUP_NETDEV = module;
513 NFT_DUP_NETDEV = module;
514 NFT_FWD_NETDEV = module;
515 NFT_FIB_NETDEV = module;
516 NFT_REJECT_NETDEV = module;
517 # CONFIG_NF_FLOW_TABLE is not set
518 NETFILTER_XTABLES = module;
519
520 #
521 # Xtables combined modules
522 #
523 NETFILTER_XT_MARK = module;
524 NETFILTER_XT_CONNMARK = module;
525 NETFILTER_XT_SET = module;
526
527 #
528 # Xtables targets
529 #
530 NETFILTER_XT_TARGET_CHECKSUM = module;
531 NETFILTER_XT_TARGET_CLASSIFY = module;
532 NETFILTER_XT_TARGET_CONNMARK = module;
533 NETFILTER_XT_TARGET_CT = module;
534 NETFILTER_XT_TARGET_DSCP = module;
535 NETFILTER_XT_TARGET_HL = module;
536 NETFILTER_XT_TARGET_HMARK = module;
537 NETFILTER_XT_TARGET_IDLETIMER = module;
538 NETFILTER_XT_TARGET_LED = module;
539 NETFILTER_XT_TARGET_LOG = module;
540 NETFILTER_XT_TARGET_MARK = module;
541 NETFILTER_XT_NAT = module;
542 NETFILTER_XT_TARGET_NETMAP = module;
543 NETFILTER_XT_TARGET_NFLOG = module;
544 NETFILTER_XT_TARGET_NFQUEUE = module;
545 NETFILTER_XT_TARGET_NOTRACK = module;
546 NETFILTER_XT_TARGET_RATEEST = module;
547 NETFILTER_XT_TARGET_REDIRECT = module;
548 NETFILTER_XT_TARGET_MASQUERADE = module;
549 NETFILTER_XT_TARGET_TEE = module;
550 NETFILTER_XT_TARGET_TPROXY = module;
551 NETFILTER_XT_TARGET_TRACE = module;
552 NETFILTER_XT_TARGET_TCPMSS = module;
553 NETFILTER_XT_TARGET_TCPOPTSTRIP = module;
554
555 #
556 # Xtables matches
557 #
558 NETFILTER_XT_MATCH_ADDRTYPE = module;
559 NETFILTER_XT_MATCH_BPF = module;
560 NETFILTER_XT_MATCH_CGROUP = module;
561 NETFILTER_XT_MATCH_CLUSTER = module;
562 NETFILTER_XT_MATCH_COMMENT = module;
563 NETFILTER_XT_MATCH_CONNBYTES = module;
564 NETFILTER_XT_MATCH_CONNLABEL = module;
565 NETFILTER_XT_MATCH_CONNLIMIT = module;
566 NETFILTER_XT_MATCH_CONNMARK = module;
567 NETFILTER_XT_MATCH_CONNTRACK = module;
568 NETFILTER_XT_MATCH_CPU = module;
569 NETFILTER_XT_MATCH_DCCP = module;
570 NETFILTER_XT_MATCH_DEVGROUP = module;
571 NETFILTER_XT_MATCH_DSCP = module;
572 NETFILTER_XT_MATCH_ECN = module;
573 NETFILTER_XT_MATCH_ESP = module;
574 NETFILTER_XT_MATCH_HASHLIMIT = module;
575 NETFILTER_XT_MATCH_HELPER = module;
576 NETFILTER_XT_MATCH_HL = module;
577 NETFILTER_XT_MATCH_IPCOMP = module;
578 NETFILTER_XT_MATCH_IPRANGE = module;
579 NETFILTER_XT_MATCH_L2TP = module;
580 NETFILTER_XT_MATCH_LENGTH = module;
581 NETFILTER_XT_MATCH_LIMIT = module;
582 NETFILTER_XT_MATCH_MAC = module;
583 NETFILTER_XT_MATCH_MARK = module;
584 NETFILTER_XT_MATCH_MULTIPORT = module;
585 NETFILTER_XT_MATCH_NFACCT = module;
586 NETFILTER_XT_MATCH_OSF = module;
587 NETFILTER_XT_MATCH_OWNER = module;
588 # CONFIG_NETFILTER_XT_MATCH_POLICY is not set
589 NETFILTER_XT_MATCH_PKTTYPE = module;
590 NETFILTER_XT_MATCH_QUOTA = module;
591 NETFILTER_XT_MATCH_RATEEST = module;
592 NETFILTER_XT_MATCH_REALM = module;
593 NETFILTER_XT_MATCH_RECENT = module;
594 NETFILTER_XT_MATCH_SCTP = module;
595 NETFILTER_XT_MATCH_SOCKET = module;
596 NETFILTER_XT_MATCH_STATE = module;
597 NETFILTER_XT_MATCH_STATISTIC = module;
598 NETFILTER_XT_MATCH_STRING = module;
599 NETFILTER_XT_MATCH_TCPMSS = module;
600 NETFILTER_XT_MATCH_TIME = module;
601 NETFILTER_XT_MATCH_U32 = module;
602 # end of Core Netfilter Configuration
603
604 IP_SET = module;
605 IP_SET_MAX.freeform = "256";
606 IP_SET_BITMAP_IP = module;
607 IP_SET_BITMAP_IPMAC = module;
608 IP_SET_BITMAP_PORT = module;
609 IP_SET_HASH_IP = module;
610 IP_SET_HASH_IPMARK = module;
611 IP_SET_HASH_IPPORT = module;
612 IP_SET_HASH_IPPORTIP = module;
613 IP_SET_HASH_IPPORTNET = module;
614 IP_SET_HASH_IPMAC = module;
615 IP_SET_HASH_MAC = module;
616 IP_SET_HASH_NETPORTNET = module;
617 IP_SET_HASH_NET = module;
618 IP_SET_HASH_NETNET = module;
619 IP_SET_HASH_NETPORT = module;
620 IP_SET_HASH_NETIFACE = module;
621 IP_SET_LIST_SET = module;
622 # CONFIG_IP_VS is not set
623
624 #
625 # IP: Netfilter Configuration
626 #
627 NF_DEFRAG_IPV4 = module;
628 NF_SOCKET_IPV4 = module;
629 NF_TPROXY_IPV4 = module;
630 NF_TABLES_IPV4 = yes;
631 NFT_REJECT_IPV4 = module;
632 NFT_DUP_IPV4 = module;
633 NFT_FIB_IPV4 = module;
634 # CONFIG_NF_TABLES_ARP is not set
635 NF_DUP_IPV4 = module;
636 # CONFIG_NF_LOG_ARP is not set
637 # CONFIG_NF_LOG_IPV4 is not set
638 NF_REJECT_IPV4 = module;
639 IP_NF_IPTABLES = module;
640 IP_NF_MATCH_AH = module;
641 IP_NF_MATCH_ECN = module;
642 IP_NF_MATCH_RPFILTER = module;
643 IP_NF_MATCH_TTL = module;
644 IP_NF_FILTER = module;
645 IP_NF_TARGET_REJECT = module;
646 IP_NF_TARGET_SYNPROXY = module;
647 IP_NF_NAT = module;
648 IP_NF_TARGET_MASQUERADE = module;
649 IP_NF_TARGET_NETMAP = module;
650 IP_NF_TARGET_REDIRECT = module;
651 IP_NF_MANGLE = module;
652 IP_NF_TARGET_CLUSTERIP = module;
653 IP_NF_TARGET_ECN = module;
654 IP_NF_TARGET_TTL = module;
655 # CONFIG_IP_NF_RAW is not set
656 # CONFIG_IP_NF_ARPTABLES is not set
657 # end of IP: Netfilter Configuration
658
659 #
660 # IPv6: Netfilter Configuration
661 #
662 NF_SOCKET_IPV6 = module;
663 NF_TPROXY_IPV6 = module;
664 NF_TABLES_IPV6 = yes;
665 NFT_REJECT_IPV6 = module;
666 NFT_DUP_IPV6 = module;
667 NFT_FIB_IPV6 = module;
668 NF_DUP_IPV6 = module;
669 NF_REJECT_IPV6 = module;
670 NF_LOG_IPV6 = module;
671 IP6_NF_IPTABLES = module;
672 IP6_NF_MATCH_AH = module;
673 IP6_NF_MATCH_EUI64 = module;
674 IP6_NF_MATCH_FRAG = module;
675 IP6_NF_MATCH_OPTS = module;
676 IP6_NF_MATCH_HL = module;
677 IP6_NF_MATCH_IPV6HEADER = module;
678 IP6_NF_MATCH_MH = module;
679 IP6_NF_MATCH_RPFILTER = module;
680 IP6_NF_MATCH_RT = module;
681 IP6_NF_MATCH_SRH = module;
682 IP6_NF_TARGET_HL = module;
683 IP6_NF_FILTER = module;
684 IP6_NF_TARGET_REJECT = module;
685 IP6_NF_TARGET_SYNPROXY = module;
686 IP6_NF_MANGLE = module;
687 IP6_NF_RAW = module;
688 IP6_NF_NAT = module;
689 IP6_NF_TARGET_MASQUERADE = module;
690 IP6_NF_TARGET_NPT = module;
691 # end of IPv6: Netfilter Configuration
692
693 NF_DEFRAG_IPV6 = module;
694
695 #
696 # Disabling
697 #
698 ADFS_FS = no;
699 AFFS_FS = no;
700 BEFS_FS = no;
701 BFS_FS = no;
702 BTRFS = no;
703 BTRFS_FS = no;
704 CEPH_FS = no;
705 CIFS = no;
706 CRAMFS = no;
707 ECRYPT_FS = no;
708 EFS_FS = no;
709 EROFS_FS = no;
710 EXT2_FS = no;
711 EXT3_FS = no;
712 F2FS_FS = lib.mkForce no;
713 GFS2_FS = no;
714 HFSPLUS_FS = no;
715 HFS_FS = no;
716 HPFS_FS = no;
717 JFS_FS = no;
718 MINIX_FS = no;
719 NET_9P = no;
720 NFSD = no;
721 NFS_FS = no;
722 NILFS2_FS = no;
723 OMFS_FS = no;
724 ORANGEFS_FS = no;
725 QNX4FS_FS = no;
726 QNX6FS_FS = no;
727 REISERFS_FS = no;
728 ROMFS_FS = no;
729 SQUASHFS = no;
730 SYSV_FS = no;
731 UFS_FS = no;
732 VXFS_FS = no;
733 XFS_FS = no;
734
735 MISC_FILESYSTEMS = no;
736
737 DECNET = no;
738 SCTP = no;
739 RDS = no;
740 DCCP = no;
741 TIPC = no;
742 CAIF = no;
743 CEPH = no;
744 VMW_SOCK = no;
745 HSR = no;
746 QRTR = no;
747 MPI = no;
748 RAID6 = no;
749 STAGING = lib.mkForce no;
750 ATH11K_PCI = no;
751 ATH12K = no;
752
753 "6LOWPAN" = no;
754 ARCNET = no;
755 B53 = no;
756 BATMAN_ADV = no;
757 BT = no;
758 CAN = no;
759 COMEDI = no;
760 DRM_STM = lib.mkForce no;
761
762 DRM_CDNS_DSI = no;
763 DRM_CHIPONE_ICN6211 = no;
764 DRM_CHRONTEL_CH7033 = no;
765 #DRM_DISPLAY_CONNECTOR = no;
766 DRM_LONTIUM_LT8912B = no;
767 DRM_LONTIUM_LT9611 = no;
768 DRM_LONTIUM_LT9611UXC = no;
769 DRM_ITE_IT66121 = no;
770 DRM_LVDS_CODEC = no;
771 DRM_MEGACHIPS_STDPXXXX_GE_B850V3_FW = no;
772 DRM_NWL_MIPI_DSI = no;
773 DRM_NXP_PTN3460 = no;
774 DRM_PARADE_PS8622 = no;
775 DRM_PARADE_PS8640 = no;
776 DRM_SIL_SII8620 = no;
777 DRM_SII902X = no;
778 DRM_SII9234 = no;
779 DRM_SIMPLE_BRIDGE = no;
780 DRM_THINE_THC63LVD1024 = no;
781 DRM_TOSHIBA_TC358762 = no;
782 DRM_TOSHIBA_TC358764 = no;
783 DRM_TOSHIBA_TC358767 = no;
784 DRM_TOSHIBA_TC358768 = no;
785 DRM_TOSHIBA_TC358775 = no;
786 DRM_TI_TFP410 = no;
787 DRM_TI_SN65DSI83 = no;
788 DRM_TI_SN65DSI86 = no;
789 DRM_TI_TPD12S015 = no;
790 DRM_ANALOGIX_ANX6345 = no;
791 DRM_ANALOGIX_ANX78XX = no;
792 DRM_ANALOGIX_DP = no;
793 DRM_ANALOGIX_ANX7625 = no;
794 DRM_I2C_ADV7511 = no;
795 DRM_I2C_ADV7511_CEC = no;
796 DRM_CDNS_MHDP8546 = no;
797 DRM_DW_HDMI = no;
798 DRM_DW_HDMI_AHB_AUDIO = no;
799 DRM_DW_HDMI_I2S_AUDIO = no;
800 DRM_DW_HDMI_CEC = no;
801 DRM_STI = no;
802 DRM_IMX = no;
803 DRM_IMX_PARALLEL_DISPLAY = no;
804 DRM_IMX_TVE = no;
805 DRM_IMX_LDB = no;
806 DRM_IMX_HDMI = no;
807 DRM_ETNAVIV = no;
808 DRM_ETNAVIV_THERMAL = no;
809 DRM_MXS = no;
810 DRM_MXSFB = no;
811 DRM_ARCPGU = no;
812 DRM_GM12U320 = no;
813 TINYDRM_HX8357D = no;
814 TINYDRM_ILI9225 = no;
815 TINYDRM_ILI9341 = no;
816 TINYDRM_ILI9486 = no;
817 TINYDRM_MI0283QT = no;
818 TINYDRM_REPAPER = no;
819 TINYDRM_ST7586 = no;
820 TINYDRM_ST7735R = no;
821 DRM = module;
822 DRM_BRIDGE = yes;
823 DRM_EXPORT_FOR_TESTS = no;
824 DRM_FBDEV_EMULATION = yes;
825 DRM_GUD = no;
826 DRM_KMS_FB_HELPER = yes;
827 DRM_KMS_HELPER = module;
828 DRM_LIB_RANDOM = no;
829 DRM_LIMA = module; # TODO: enable for the Mali 400 of the Cubieboard 2
830 DRM_LVDS_ENCODER = module;
831 DRM_NOUVEAU = no;
832 DRM_MCDE = no;
833 DRM_PANEL = yes;
834 DRM_PANEL_BRIDGE = yes;
835 DRM_PANEL_LVDS = module;
836 DRM_PANEL_ORIENTATION_QUIRKS = no;
837 DRM_PANFROST = no; # Not for the hardware of the Cubieboard 2not supported b
838 DRM_PL111 = no;
839 DRM_SCHED = module;
840 DRM_TIDSS = no;
841 DRM_TVE200 = no;
842 VIDEOMODE_HELPERS = yes;
843 FB = yes;
844 FB_CMDLINE = yes;
845 FB_NOTIFY = yes;
846 FB_CFB_FILLRECT = yes;
847 FB_CFB_COPYAREA = yes;
848 FB_CFB_IMAGEBLIT = yes;
849 FB_MODE_HELPERS = yes;
850 FB_TILEBLITTING = yes;
851 FB_SIMPLE = yes;
852
853 DUMMY_CONSOLE = yes;
854 FRAMEBUFFER_CONSOLE = yes;
855 FRAMEBUFFER_CONSOLE_DETECT_PRIMARY = yes;
856 FRAMEBUFFER_CONSOLE_ROTATION = yes;
857 FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER = yes;
858
859 BACKLIGHT_LCD_SUPPORT = yes;
860 LCD_CLASS_DEVICE = module;
861 LCD_PLATFORM = module;
862 BACKLIGHT_CLASS_DEVICE = module;
863 BACKLIGHT_GENERIC = module;
864 BACKLIGHT_PWM = module;
865 BACKLIGHT_GPIO = module;
866
867 INFINIBAND = lib.mkForce no;
868 INPUT_TOUCHSCREEN = no;
869 MEDIA_ANALOG_TV_SUPPORT = lib.mkForce no;
870 MEDIA_DIGITAL_TV_SUPPORT = lib.mkForce no;
871 MEDIA_TUNER = no;
872 MPLS = no;
873 MPTCP = lib.mkForce no;
874 NFC = no;
875 NF_TABLES_BRIDGE = lib.mkForce no;
876 NVME = no;
877 OPENVSWITCH = no;
878 PARAVIRT = lib.mkForce no;
879 POWER_SUPPLY = no;
880 USB_GSPCA = lib.mkForce no;
881 VIDEO_STK1160_COMMON = lib.mkForce no;
882 XEN = lib.mkForce no;
883 #NVME_CORE = no;
884 };
885 features.debug = false;
886 #ignoreConfigErrors = true;
887 };
888 }));
889 boot.initrd.availableKernelModules = lib.mkForce [
890 "mmc_block"
891 "usbhid"
892 "hid_generic"
893 "hid_microsoft"
894 ];
895 }
NixOS configurations for Sourcephile's infrastructure