]> Git — Sourcephile - sourcephile-nix.git/blob - nixos/profiles/hardware/cubieboard2.nix
losurdo: sftp: set umask
[sourcephile-nix.git] / nixos / profiles / hardware / cubieboard2.nix
1 { pkgs, lib, config, host, modulesPath, ... }:
2 {
3 imports = [
4 "${modulesPath}/installer/sd-card/sd-image.nix"
5 ];
6
7 # Too CPU hungry for this hardware, for too little Mio saved
8 nix.autoOptimiseStore = false;
9
10 powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
11
12 boot.supportedFilesystems = [
13 #"btrfs"
14 #"reiserfs"
15 "vfat"
16 #"f2fs"
17 #"xfs"
18 #"zfs" # ZFS tools coredump with SIGSEGV
19 #"ntfs"
20 #"cifs"
21 ];
22
23 # The serial ports listed here are:
24 # - ttyS0: for Tegra (Jetson TK1)
25 # - ttymxc0: for i.MX6 (Wandboard)
26 # - ttyAMA0: for Allwinner (pcDuino3 Nano) and QEMU's -machine virt
27 # - ttyO0: for OMAP (BeagleBone Black)
28 # - ttySAC2: for Exynos (ODROID-XU3)
29 boot.consoleLogLevel = lib.mkDefault 7;
30 boot.kernelParams = [
31 "console=ttyS0,115200n8"
32 "console=ttymxc0,115200n8"
33 "console=ttyAMA0,115200n8"
34 "console=ttyO0,115200n8"
35 "console=ttySAC2,115200n8"
36 "console=tty0"
37 ];
38 boot.kernelPatches = [
39 {
40 name = "0001-core_pattern-fix-too-small-CORENAME_MAX_SIZE";
41 patch = ../../../nixpkgs/patches/linux/0001-core_pattern-fix-too-small-CORENAME_MAX_SIZE.patch;
42 extraConfig = ''
43 '';
44 }
45 ];
46
47 #nixpkgs.config.allowUnfree = true;
48 nixpkgs.crossSystem = lib.systems.examples.armv7l-hf-multiplatform;
49 nixpkgs.overlays = [
50 (final: super: {
51 # https://linux-sunxi.org/Mali_Open_Source_Driver#Configuration_and_Build
52 mesa = super.mesa.override {
53 driDrivers = [];
54 eglPlatforms = ["x11"];
55 enableGalliumNine = false;
56 galliumDrivers = ["lima" "panfrost" "kmsro" "swrast"];
57 vulkanDrivers = [];
58 };
59 })
60 (final: super: {
61 linuxPackages_latest_Cubieboard2 = super.linuxPackages_latest.extend (kfinal: ksuper: {
62 kernel = ksuper.kernel.override {
63 defconfig = "sunxi_defconfig";
64 structuredExtraConfig = with lib.kernel; {
65 # Workaround https://github.com/NixOS/nixpkgs/pull/141942#issuecomment-954301443
66 DEBUG_INFO = lib.mkForce no;
67 DEBUG_INFO_BTF = lib.mkForce no;
68 SUSPEND = no;
69 PM = no;
70 PM_SLEEP = no;
71 NVME_CORE = no;
72 TORTURE_TEST = no; # TODO: check if it's possible
73 USB_SERIAL_CH341 = module;
74 USB_SERIAL_PL2303 = module;
75 REGULATOR = lib.mkForce no;
76 MFD_CORE = no;
77
78 #
79 # File systems
80 #
81 EXT4_FS = yes;
82 EXT4_USE_FOR_EXT2 = yes;
83 FUSE_FS = module;
84 PSTORE = yes;
85 CONFIGFS_FS = module;
86 VFAT_FS = yes;
87 ZSWAP = yes;
88
89 # misc
90 DAX = module;
91 DRM_DISPLAY_CONNECTOR = module;
92 FB_SIMPLE = lib.mkForce module;
93 NET_SCH_CODEL = module;
94 NET_SCH_FQ_CODEL = module;
95 UIO = module;
96
97 # Sound options
98 SND_SOC_ADI = no;
99 SND_SOC_ADI_AXI_I2S = no;
100 SND_SOC_ADI_AXI_SPDIF = no;
101 SND_SOC_AMD_ACP = no;
102 SND_SOC_AMD_CZ_RT5645_MACH = no;
103 SND_ATMEL_SOC = no;
104 SND_SOC_MIKROE_PROTO = no;
105 SND_BCM63XX_I2S_WHISTLER = no;
106 SND_DESIGNWARE_I2S = no;
107 SND_SOC_FSL_ASRC = no;
108 SND_SOC_FSL_SAI = no;
109 SND_SOC_FSL_MQS = no;
110 SND_SOC_FSL_AUDMIX = no;
111 SND_SOC_FSL_SSI = no;
112 SND_SOC_FSL_SPDIF = no;
113 SND_SOC_FSL_ESAI = no;
114 SND_SOC_FSL_MICFIL = no;
115 SND_SOC_FSL_EASRC = no;
116 SND_SOC_FSL_XCVR = no;
117 SND_SOC_FSL_RPMSG = no;
118 SND_SOC_IMX_AUDMUX = no;
119 SND_I2S_HI6210_I2S = no;
120 SND_SOC_MTK_BTCVSD = no;
121 SND_SOC_XILINX_I2S = no;
122 SND_SOC_XILINX_AUDIO_FORMATTER = no;
123 SND_SOC_XILINX_SPDIF = no;
124 SND_SOC_XTFPGA_I2S = no;
125 SND_SOC_AC97_CODEC = no;
126 SND_SOC_ADAU_UTILS = no;
127 SND_SOC_ADAU1372 = no;
128 SND_SOC_ADAU1372_I2C = no;
129 SND_SOC_ADAU1372_SPI = no;
130 SND_SOC_ADAU1701 = no;
131 SND_SOC_ADAU17X1 = no;
132 SND_SOC_ADAU1761 = no;
133 SND_SOC_ADAU1761_I2C = no;
134 SND_SOC_ADAU1761_SPI = no;
135 SND_SOC_ADAU7002 = no;
136 SND_SOC_ADAU7118 = no;
137 SND_SOC_ADAU7118_HW = no;
138 SND_SOC_ADAU7118_I2C = no;
139 SND_SOC_AK4104 = no;
140 SND_SOC_AK4118 = no;
141 SND_SOC_AK4458 = no;
142 SND_SOC_AK4554 = no;
143 SND_SOC_AK4613 = no;
144 SND_SOC_AK4642 = no;
145 SND_SOC_AK5386 = no;
146 SND_SOC_AK5558 = no;
147 SND_SOC_ALC5623 = no;
148 SND_SOC_BD28623 = no;
149 SND_SOC_BT_SCO = no;
150 SND_SOC_CPCAP = no;
151 SND_SOC_CS35L32 = no;
152 SND_SOC_CS35L33 = no;
153 SND_SOC_CS35L34 = no;
154 SND_SOC_CS35L35 = no;
155 SND_SOC_CS35L36 = no;
156 SND_SOC_CS42L42 = no;
157 SND_SOC_CS42L51 = no;
158 SND_SOC_CS42L51_I2C = no;
159 SND_SOC_CS42L52 = no;
160 SND_SOC_CS42L56 = no;
161 SND_SOC_CS42L73 = no;
162 SND_SOC_CS4234 = no;
163 SND_SOC_CS4265 = no;
164 SND_SOC_CS4270 = no;
165 SND_SOC_CS4271 = no;
166 SND_SOC_CS4271_I2C = no;
167 SND_SOC_CS4271_SPI = no;
168 SND_SOC_CS42XX8 = no;
169 SND_SOC_CS42XX8_I2C = no;
170 SND_SOC_CS43130 = no;
171 SND_SOC_CS4341 = no;
172 SND_SOC_CS4349 = no;
173 SND_SOC_CS53L30 = no;
174 SND_SOC_CX2072X = no;
175 SND_SOC_DA7213 = no;
176 SND_SOC_DMIC = no;
177 SND_SOC_HDMI_CODEC = no;
178 SND_SOC_ES7134 = no;
179 SND_SOC_ES7241 = no;
180 SND_SOC_ES8316 = no;
181 SND_SOC_ES8328 = no;
182 SND_SOC_ES8328_I2C = no;
183 SND_SOC_ES8328_SPI = no;
184 SND_SOC_GTM601 = no;
185 SND_SOC_INNO_RK3036 = no;
186 SND_SOC_MAX98088 = no;
187 SND_SOC_MAX98357A = no;
188 SND_SOC_MAX98504 = no;
189 SND_SOC_MAX9867 = no;
190 SND_SOC_MAX98927 = no;
191 SND_SOC_MAX98373 = no;
192 SND_SOC_MAX98373_I2C = no;
193 SND_SOC_MAX98373_SDW = no;
194 SND_SOC_MAX98390 = no;
195 SND_SOC_MAX9860 = no;
196 SND_SOC_MSM8916_WCD_ANALOG = no;
197 SND_SOC_MSM8916_WCD_DIGITAL = no;
198 SND_SOC_PCM1681 = no;
199 SND_SOC_PCM1789 = no;
200 SND_SOC_PCM1789_I2C = no;
201 SND_SOC_PCM179X = no;
202 SND_SOC_PCM179X_I2C = no;
203 SND_SOC_PCM179X_SPI = no;
204 SND_SOC_PCM186X = no;
205 SND_SOC_PCM186X_I2C = no;
206 SND_SOC_PCM186X_SPI = no;
207 SND_SOC_PCM3060 = no;
208 SND_SOC_PCM3060_I2C = no;
209 SND_SOC_PCM3060_SPI = no;
210 SND_SOC_PCM3168A = no;
211 SND_SOC_PCM3168A_I2C = no;
212 SND_SOC_PCM3168A_SPI = no;
213 SND_SOC_PCM5102A = no;
214 SND_SOC_PCM512x = no;
215 SND_SOC_PCM512x_I2C = no;
216 SND_SOC_PCM512x_SPI = no;
217 SND_SOC_RK3328 = no;
218 SND_SOC_RK817 = no;
219 SND_SOC_RL6231 = no;
220 SND_SOC_RT1308_SDW = no;
221 SND_SOC_RT1316_SDW = no;
222 SND_SOC_RT5616 = no;
223 SND_SOC_RT5631 = no;
224 SND_SOC_RT5640 = no;
225 SND_SOC_RT5645 = no;
226 SND_SOC_RT5659 = no;
227 SND_SOC_RT5682 = no;
228 SND_SOC_RT5682_SDW = no;
229 SND_SOC_RT700 = no;
230 SND_SOC_RT700_SDW = no;
231 SND_SOC_RT711 = no;
232 SND_SOC_RT711_SDW = no;
233 SND_SOC_RT711_SDCA_SDW = no;
234 SND_SOC_RT715 = no;
235 SND_SOC_RT715_SDW = no;
236 SND_SOC_RT715_SDCA_SDW = no;
237 SND_SOC_SGTL5000 = no;
238 SND_SOC_SIGMADSP = no;
239 SND_SOC_SIGMADSP_I2C = no;
240 SND_SOC_SIGMADSP_REGMAP = no;
241 SND_SOC_SIMPLE_AMPLIFIER = no;
242 SND_SOC_SIMPLE_MUX = no;
243 SND_SOC_SPDIF = no;
244 SND_SOC_SSM2305 = no;
245 SND_SOC_SSM2518 = no;
246 SND_SOC_SSM2602 = no;
247 SND_SOC_SSM2602_SPI = no;
248 SND_SOC_SSM2602_I2C = no;
249 SND_SOC_SSM4567 = no;
250 SND_SOC_STA32X = no;
251 SND_SOC_STA350 = no;
252 SND_SOC_STI_SAS = no;
253 SND_SOC_TAS2552 = no;
254 SND_SOC_TAS2562 = no;
255 SND_SOC_TAS2764 = no;
256 SND_SOC_TAS2770 = no;
257 SND_SOC_TAS5086 = no;
258 SND_SOC_TAS571X = no;
259 SND_SOC_TAS5720 = no;
260 SND_SOC_TAS6424 = no;
261 SND_SOC_TDA7419 = no;
262 SND_SOC_TFA9879 = no;
263 SND_SOC_TFA989X = no;
264 SND_SOC_TLV320AIC23 = no;
265 SND_SOC_TLV320AIC23_I2C = no;
266 SND_SOC_TLV320AIC23_SPI = no;
267 SND_SOC_TLV320AIC31XX = no;
268 SND_SOC_TLV320AIC32X4 = no;
269 SND_SOC_TLV320AIC32X4_I2C = no;
270 SND_SOC_TLV320AIC32X4_SPI = no;
271 SND_SOC_TLV320AIC3X = no;
272 SND_SOC_TLV320AIC3X_I2C = no;
273 SND_SOC_TLV320AIC3X_SPI = no;
274 SND_SOC_TLV320ADCX140 = no;
275 SND_SOC_TS3A227E = no;
276 SND_SOC_TSCS42XX = no;
277 SND_SOC_TSCS454 = no;
278 SND_SOC_UDA1334 = no;
279 SND_SOC_WCD9335 = no;
280 SND_SOC_WCD_MBHC = no;
281 SND_SOC_WCD934X = no;
282 SND_SOC_WCD938X = no;
283 SND_SOC_WCD938X_SDW = no;
284 SND_SOC_WM8510 = no;
285 SND_SOC_WM8523 = no;
286 SND_SOC_WM8524 = no;
287 SND_SOC_WM8580 = no;
288 SND_SOC_WM8711 = no;
289 SND_SOC_WM8728 = no;
290 SND_SOC_WM8731 = no;
291 SND_SOC_WM8737 = no;
292 SND_SOC_WM8741 = no;
293 SND_SOC_WM8750 = no;
294 SND_SOC_WM8753 = no;
295 SND_SOC_WM8770 = no;
296 SND_SOC_WM8776 = no;
297 SND_SOC_WM8782 = no;
298 SND_SOC_WM8804 = no;
299 SND_SOC_WM8804_I2C = no;
300 SND_SOC_WM8804_SPI = no;
301 SND_SOC_WM8903 = no;
302 SND_SOC_WM8904 = no;
303 SND_SOC_WM8960 = no;
304 SND_SOC_WM8962 = no;
305 SND_SOC_WM8974 = no;
306 SND_SOC_WM8978 = no;
307 SND_SOC_WM8985 = no;
308 SND_SOC_WSA881X = no;
309 SND_SOC_ZL38060 = no;
310 SND_SOC_MAX9759 = no;
311 SND_SOC_MT6351 = no;
312 SND_SOC_MT6358 = no;
313 SND_SOC_MT6660 = no;
314 SND_SOC_NAU8315 = no;
315 SND_SOC_NAU8540 = no;
316 SND_SOC_NAU8810 = no;
317 SND_SOC_NAU8822 = no;
318 SND_SOC_NAU8824 = no;
319 SND_SOC_TPA6130A2 = no;
320 SND_SOC_LPASS_WSA_MACRO = no;
321 SND_SOC_LPASS_VA_MACRO = no;
322 SND_SOC_LPASS_RX_MACRO = no;
323 SND_SOC_LPASS_TX_MACRO = no;
324 SND_SIMPLE_CARD_UTILS = no;
325 SND_SIMPLE_CARD = no;
326 SND_AUDIO_GRAPH_CARD = no;
327 SND_VIRTIO = no;
328 MOST_SND = no;
329
330 #
331 # Networking options
332 #
333 TCP_CONG_BBR = module;
334 #PPP = no;
335 #PPP_MULTILINK = lib.mkForce no;
336 #PPP_FILTER = lib.mkForce no;
337 #PPPOE = no;
338 NET_DSA = no;
339 L2TP = no;
340 PARPORT = no;
341 PARIDE = no;
342 CDROM = no;
343 GPIOLIB = no;
344 NEW_LEDS = no;
345 #LEDS_CLASS = no;
346
347 IPV6 = yes;
348 IPV6_ROUTER_PREF = yes;
349 IPV6_ROUTE_INFO = yes;
350 IPV6_OPTIMISTIC_DAD = yes;
351 INET6_AH = module;
352 INET6_ESP = module;
353 INET6_ESP_OFFLOAD = module;
354 INET6_ESPINTCP = yes;
355 INET6_IPCOMP = module;
356 IPV6_MIP6 = module;
357 IPV6_ILA = module;
358 INET6_XFRM_TUNNEL = module;
359 INET6_TUNNEL = module;
360 IPV6_VTI = module;
361 IPV6_SIT = module;
362 IPV6_SIT_6RD = yes;
363 IPV6_NDISC_NODETYPE = yes;
364 IPV6_TUNNEL = module;
365 IPV6_MULTIPLE_TABLES = yes;
366 IPV6_SUBTREES = yes;
367 IPV6_MROUTE = yes;
368 IPV6_MROUTE_MULTIPLE_TABLES = yes;
369 IPV6_PIMSM_V2 = yes;
370 IPV6_SEG6_LWTUNNEL = yes;
371 IPV6_SEG6_HMAC = yes;
372 IPV6_RPL_LWTUNNEL = yes;
373 # CONFIG_MPTCP is not set
374 # CONFIG_NETWORK_SECMARK is not set
375 NET_PTP_CLASSIFY = yes;
376 # CONFIG_NETWORK_PHY_TIMESTAMPING is not set
377 NETFILTER = yes;
378 NETFILTER_ADVANCED = yes;
379
380 #
381 # Core Netfilter Configuration
382 #
383 NETFILTER_INGRESS = yes;
384 NETFILTER_NETLINK = module;
385 NETFILTER_FAMILY_ARP = yes;
386 NETFILTER_NETLINK_HOOK = module;
387 NETFILTER_NETLINK_ACCT = module;
388 NETFILTER_NETLINK_QUEUE = module;
389 NETFILTER_NETLINK_LOG = module;
390 NETFILTER_NETLINK_OSF = module;
391 NF_CONNTRACK = module;
392 NF_LOG_SYSLOG = module;
393 NETFILTER_CONNCOUNT = module;
394 NF_CONNTRACK_MARK = yes;
395 NF_CONNTRACK_ZONES = yes;
396 NF_CONNTRACK_PROCFS = yes;
397 NF_CONNTRACK_EVENTS = yes;
398 NF_CONNTRACK_TIMEOUT = yes;
399 NF_CONNTRACK_TIMESTAMP = yes;
400 NF_CONNTRACK_LABELS = yes;
401 NF_CT_PROTO_DCCP = yes;
402 NF_CT_PROTO_SCTP = yes;
403 NF_CT_PROTO_UDPLITE = yes;
404 # CONFIG_NF_CONNTRACK_AMANDA is not set
405 # CONFIG_NF_CONNTRACK_FTP is not set
406 # CONFIG_NF_CONNTRACK_H323 is not set
407 # CONFIG_NF_CONNTRACK_IRC is not set
408 # CONFIG_NF_CONNTRACK_NETBIOS_NS is not set
409 # CONFIG_NF_CONNTRACK_SNMP is not set
410 # CONFIG_NF_CONNTRACK_PPTP is not set
411 # CONFIG_NF_CONNTRACK_SANE is not set
412 # CONFIG_NF_CONNTRACK_SIP is not set
413 # CONFIG_NF_CONNTRACK_TFTP is not set
414 NF_CT_NETLINK = module;
415 NF_CT_NETLINK_TIMEOUT = module;
416 NF_CT_NETLINK_HELPER = module;
417 NETFILTER_NETLINK_GLUE_CT = yes;
418 NF_NAT = module;
419 NF_NAT_REDIRECT = yes;
420 NF_NAT_MASQUERADE = yes;
421 NETFILTER_SYNPROXY = module;
422 NF_TABLES = module;
423 NF_TABLES_INET = yes;
424 NF_TABLES_NETDEV = yes;
425 NFT_NUMGEN = module;
426 NFT_CT = module;
427 NFT_COUNTER = module;
428 NFT_CONNLIMIT = module;
429 NFT_LOG = module;
430 NFT_LIMIT = module;
431 NFT_MASQ = module;
432 NFT_REDIR = module;
433 NFT_NAT = module;
434 NFT_TUNNEL = module;
435 NFT_OBJREF = module;
436 NFT_QUEUE = module;
437 NFT_QUOTA = module;
438 NFT_REJECT = module;
439 NFT_REJECT_INET = module;
440 NFT_COMPAT = module;
441 NFT_HASH = module;
442 NFT_FIB = module;
443 NFT_FIB_INET = module;
444 NFT_XFRM = module;
445 NFT_SOCKET = module;
446 NFT_OSF = module;
447 NFT_TPROXY = module;
448 NFT_SYNPROXY = module;
449 NF_DUP_NETDEV = module;
450 NFT_DUP_NETDEV = module;
451 NFT_FWD_NETDEV = module;
452 NFT_FIB_NETDEV = module;
453 NFT_REJECT_NETDEV = module;
454 # CONFIG_NF_FLOW_TABLE is not set
455 NETFILTER_XTABLES = module;
456
457 #
458 # Xtables combined modules
459 #
460 NETFILTER_XT_MARK = module;
461 NETFILTER_XT_CONNMARK = module;
462 NETFILTER_XT_SET = module;
463
464 #
465 # Xtables targets
466 #
467 NETFILTER_XT_TARGET_CHECKSUM = module;
468 NETFILTER_XT_TARGET_CLASSIFY = module;
469 NETFILTER_XT_TARGET_CONNMARK = module;
470 NETFILTER_XT_TARGET_CT = module;
471 NETFILTER_XT_TARGET_DSCP = module;
472 NETFILTER_XT_TARGET_HL = module;
473 NETFILTER_XT_TARGET_HMARK = module;
474 NETFILTER_XT_TARGET_IDLETIMER = module;
475 NETFILTER_XT_TARGET_LED = module;
476 NETFILTER_XT_TARGET_LOG = module;
477 NETFILTER_XT_TARGET_MARK = module;
478 NETFILTER_XT_NAT = module;
479 NETFILTER_XT_TARGET_NETMAP = module;
480 NETFILTER_XT_TARGET_NFLOG = module;
481 NETFILTER_XT_TARGET_NFQUEUE = module;
482 NETFILTER_XT_TARGET_NOTRACK = module;
483 NETFILTER_XT_TARGET_RATEEST = module;
484 NETFILTER_XT_TARGET_REDIRECT = module;
485 NETFILTER_XT_TARGET_MASQUERADE = module;
486 NETFILTER_XT_TARGET_TEE = module;
487 NETFILTER_XT_TARGET_TPROXY = module;
488 NETFILTER_XT_TARGET_TRACE = module;
489 NETFILTER_XT_TARGET_TCPMSS = module;
490 NETFILTER_XT_TARGET_TCPOPTSTRIP = module;
491
492 #
493 # Xtables matches
494 #
495 NETFILTER_XT_MATCH_ADDRTYPE = module;
496 NETFILTER_XT_MATCH_BPF = module;
497 NETFILTER_XT_MATCH_CGROUP = module;
498 NETFILTER_XT_MATCH_CLUSTER = module;
499 NETFILTER_XT_MATCH_COMMENT = module;
500 NETFILTER_XT_MATCH_CONNBYTES = module;
501 NETFILTER_XT_MATCH_CONNLABEL = module;
502 NETFILTER_XT_MATCH_CONNLIMIT = module;
503 NETFILTER_XT_MATCH_CONNMARK = module;
504 NETFILTER_XT_MATCH_CONNTRACK = module;
505 NETFILTER_XT_MATCH_CPU = module;
506 NETFILTER_XT_MATCH_DCCP = module;
507 NETFILTER_XT_MATCH_DEVGROUP = module;
508 NETFILTER_XT_MATCH_DSCP = module;
509 NETFILTER_XT_MATCH_ECN = module;
510 NETFILTER_XT_MATCH_ESP = module;
511 NETFILTER_XT_MATCH_HASHLIMIT = module;
512 NETFILTER_XT_MATCH_HELPER = module;
513 NETFILTER_XT_MATCH_HL = module;
514 NETFILTER_XT_MATCH_IPCOMP = module;
515 NETFILTER_XT_MATCH_IPRANGE = module;
516 NETFILTER_XT_MATCH_L2TP = module;
517 NETFILTER_XT_MATCH_LENGTH = module;
518 NETFILTER_XT_MATCH_LIMIT = module;
519 NETFILTER_XT_MATCH_MAC = module;
520 NETFILTER_XT_MATCH_MARK = module;
521 NETFILTER_XT_MATCH_MULTIPORT = module;
522 NETFILTER_XT_MATCH_NFACCT = module;
523 NETFILTER_XT_MATCH_OSF = module;
524 NETFILTER_XT_MATCH_OWNER = module;
525 # CONFIG_NETFILTER_XT_MATCH_POLICY is not set
526 NETFILTER_XT_MATCH_PKTTYPE = module;
527 NETFILTER_XT_MATCH_QUOTA = module;
528 NETFILTER_XT_MATCH_RATEEST = module;
529 NETFILTER_XT_MATCH_REALM = module;
530 NETFILTER_XT_MATCH_RECENT = module;
531 NETFILTER_XT_MATCH_SCTP = module;
532 NETFILTER_XT_MATCH_SOCKET = module;
533 NETFILTER_XT_MATCH_STATE = module;
534 NETFILTER_XT_MATCH_STATISTIC = module;
535 NETFILTER_XT_MATCH_STRING = module;
536 NETFILTER_XT_MATCH_TCPMSS = module;
537 NETFILTER_XT_MATCH_TIME = module;
538 NETFILTER_XT_MATCH_U32 = module;
539 # end of Core Netfilter Configuration
540
541 IP_SET = module;
542 IP_SET_MAX.freeform = "256";
543 IP_SET_BITMAP_IP = module;
544 IP_SET_BITMAP_IPMAC = module;
545 IP_SET_BITMAP_PORT = module;
546 IP_SET_HASH_IP = module;
547 IP_SET_HASH_IPMARK = module;
548 IP_SET_HASH_IPPORT = module;
549 IP_SET_HASH_IPPORTIP = module;
550 IP_SET_HASH_IPPORTNET = module;
551 IP_SET_HASH_IPMAC = module;
552 IP_SET_HASH_MAC = module;
553 IP_SET_HASH_NETPORTNET = module;
554 IP_SET_HASH_NET = module;
555 IP_SET_HASH_NETNET = module;
556 IP_SET_HASH_NETPORT = module;
557 IP_SET_HASH_NETIFACE = module;
558 IP_SET_LIST_SET = module;
559 # CONFIG_IP_VS is not set
560
561 #
562 # IP: Netfilter Configuration
563 #
564 NF_DEFRAG_IPV4 = module;
565 NF_SOCKET_IPV4 = module;
566 NF_TPROXY_IPV4 = module;
567 NF_TABLES_IPV4 = yes;
568 NFT_REJECT_IPV4 = module;
569 NFT_DUP_IPV4 = module;
570 NFT_FIB_IPV4 = module;
571 # CONFIG_NF_TABLES_ARP is not set
572 NF_DUP_IPV4 = module;
573 # CONFIG_NF_LOG_ARP is not set
574 # CONFIG_NF_LOG_IPV4 is not set
575 NF_REJECT_IPV4 = module;
576 IP_NF_IPTABLES = module;
577 IP_NF_MATCH_AH = module;
578 IP_NF_MATCH_ECN = module;
579 IP_NF_MATCH_RPFILTER = module;
580 IP_NF_MATCH_TTL = module;
581 IP_NF_FILTER = module;
582 IP_NF_TARGET_REJECT = module;
583 IP_NF_TARGET_SYNPROXY = module;
584 IP_NF_NAT = module;
585 IP_NF_TARGET_MASQUERADE = module;
586 IP_NF_TARGET_NETMAP = module;
587 IP_NF_TARGET_REDIRECT = module;
588 IP_NF_MANGLE = module;
589 IP_NF_TARGET_CLUSTERIP = module;
590 IP_NF_TARGET_ECN = module;
591 IP_NF_TARGET_TTL = module;
592 # CONFIG_IP_NF_RAW is not set
593 # CONFIG_IP_NF_ARPTABLES is not set
594 # end of IP: Netfilter Configuration
595
596 #
597 # IPv6: Netfilter Configuration
598 #
599 NF_SOCKET_IPV6 = module;
600 NF_TPROXY_IPV6 = module;
601 NF_TABLES_IPV6 = yes;
602 NFT_REJECT_IPV6 = module;
603 NFT_DUP_IPV6 = module;
604 NFT_FIB_IPV6 = module;
605 NF_DUP_IPV6 = module;
606 NF_REJECT_IPV6 = module;
607 NF_LOG_IPV6 = module;
608 IP6_NF_IPTABLES = module;
609 IP6_NF_MATCH_AH = module;
610 IP6_NF_MATCH_EUI64 = module;
611 IP6_NF_MATCH_FRAG = module;
612 IP6_NF_MATCH_OPTS = module;
613 IP6_NF_MATCH_HL = module;
614 IP6_NF_MATCH_IPV6HEADER = module;
615 IP6_NF_MATCH_MH = module;
616 IP6_NF_MATCH_RPFILTER = module;
617 IP6_NF_MATCH_RT = module;
618 IP6_NF_MATCH_SRH = module;
619 IP6_NF_TARGET_HL = module;
620 IP6_NF_FILTER = module;
621 IP6_NF_TARGET_REJECT = module;
622 IP6_NF_TARGET_SYNPROXY = module;
623 IP6_NF_MANGLE = module;
624 IP6_NF_RAW = module;
625 IP6_NF_NAT = module;
626 IP6_NF_TARGET_MASQUERADE = module;
627 IP6_NF_TARGET_NPT = module;
628 # end of IPv6: Netfilter Configuration
629
630 NF_DEFRAG_IPV6 = module;
631
632 #
633 # Disabling
634 #
635 ADFS_FS = no;
636 AFFS_FS = no;
637 BEFS_FS = no;
638 BFS_FS = no;
639 BTRFS = no;
640 BTRFS_FS = no;
641 CEPH_FS = no;
642 CIFS = no;
643 CRAMFS = no;
644 ECRYPT_FS = no;
645 EFS_FS = no;
646 EROFS_FS = no;
647 EXT2_FS = no;
648 EXT3_FS = no;
649 F2FS_FS = lib.mkForce no;
650 GFS2_FS = no;
651 HFSPLUS_FS = no;
652 HFS_FS = no;
653 HPFS_FS = no;
654 JFS_FS = no;
655 MINIX_FS = no;
656 NET_9P = no;
657 NFSD = no;
658 NFS_FS = no;
659 NILFS2_FS = no;
660 OMFS_FS = no;
661 ORANGEFS_FS = no;
662 QNX4FS_FS = no;
663 QNX6FS_FS = no;
664 REISERFS_FS = no;
665 ROMFS_FS = no;
666 SQUASHFS = no;
667 SYSV_FS = no;
668 UFS_FS = no;
669 VXFS_FS = no;
670 XFS_FS = no;
671
672 MISC_FILESYSTEMS = no;
673
674 DECNET = no;
675 SCTP = no;
676 RDS = no;
677 DCCP = no;
678 TIPC = no;
679 CAIF = no;
680 CEPH = no;
681 VMW_SOCK = no;
682 HSR = no;
683 QRTR = no;
684 MPI = no;
685 RAID6 = no;
686 STAGING = lib.mkForce no;
687
688 "6LOWPAN" = no;
689 ARCNET = no;
690 B53 = no;
691 BATMAN_ADV = no;
692 BT = no;
693 CAN = no;
694 COMEDI = no;
695 DRM_STM = lib.mkForce no;
696 DRM_PANEL = lib.mkForce no;
697
698 DRM_BRIDGE = no;
699 DRM_PANEL_BRIDGE = no;
700 DRM_CDNS_DSI = no;
701 DRM_CHIPONE_ICN6211 = no;
702 DRM_CHRONTEL_CH7033 = no;
703 #DRM_DISPLAY_CONNECTOR = no;
704 DRM_LONTIUM_LT8912B = no;
705 DRM_LONTIUM_LT9611 = no;
706 DRM_LONTIUM_LT9611UXC = no;
707 DRM_ITE_IT66121 = no;
708 DRM_LVDS_CODEC = no;
709 DRM_MEGACHIPS_STDPXXXX_GE_B850V3_FW = no;
710 DRM_NWL_MIPI_DSI = no;
711 DRM_NXP_PTN3460 = no;
712 DRM_PARADE_PS8622 = no;
713 DRM_PARADE_PS8640 = no;
714 DRM_SIL_SII8620 = no;
715 DRM_SII902X = no;
716 DRM_SII9234 = no;
717 DRM_SIMPLE_BRIDGE = no;
718 DRM_THINE_THC63LVD1024 = no;
719 DRM_TOSHIBA_TC358762 = no;
720 DRM_TOSHIBA_TC358764 = no;
721 DRM_TOSHIBA_TC358767 = no;
722 DRM_TOSHIBA_TC358768 = no;
723 DRM_TOSHIBA_TC358775 = no;
724 DRM_TI_TFP410 = no;
725 DRM_TI_SN65DSI83 = no;
726 DRM_TI_SN65DSI86 = no;
727 DRM_TI_TPD12S015 = no;
728 DRM_ANALOGIX_ANX6345 = no;
729 DRM_ANALOGIX_ANX78XX = no;
730 DRM_ANALOGIX_DP = no;
731 DRM_ANALOGIX_ANX7625 = no;
732 DRM_I2C_ADV7511 = no;
733 DRM_I2C_ADV7511_CEC = no;
734 DRM_CDNS_MHDP8546 = no;
735 DRM_DW_HDMI = no;
736 DRM_DW_HDMI_AHB_AUDIO = no;
737 DRM_DW_HDMI_I2S_AUDIO = no;
738 DRM_DW_HDMI_CEC = no;
739 DRM_STI = no;
740 DRM_IMX = no;
741 DRM_IMX_PARALLEL_DISPLAY = no;
742 DRM_IMX_TVE = no;
743 DRM_IMX_LDB = no;
744 DRM_IMX_HDMI = no;
745 DRM_ETNAVIV = no;
746 DRM_ETNAVIV_THERMAL = no;
747 DRM_MXS = no;
748 DRM_MXSFB = no;
749 DRM_ARCPGU = no;
750 DRM_GM12U320 = no;
751 TINYDRM_HX8357D = no;
752 TINYDRM_ILI9225 = no;
753 TINYDRM_ILI9341 = no;
754 TINYDRM_ILI9486 = no;
755 TINYDRM_MI0283QT = no;
756 TINYDRM_REPAPER = no;
757 TINYDRM_ST7586 = no;
758 TINYDRM_ST7735R = no;
759 DRM_PL111 = no;
760 DRM_TVE200 = no;
761 DRM_LIMA = no;
762 DRM_PANFROST = no;
763 DRM_MCDE = no;
764 DRM_TIDSS = no;
765 DRM_GUD = no;
766 DRM_EXPORT_FOR_TESTS = no;
767 DRM_PANEL_ORIENTATION_QUIRKS = no;
768 DRM_LIB_RANDOM = no;
769
770 INFINIBAND = no;
771 INPUT_TOUCHSCREEN = no;
772 MEDIA_ANALOG_TV_SUPPORT = lib.mkForce no;
773 MEDIA_DIGITAL_TV_SUPPORT = lib.mkForce no;
774 MEDIA_TUNER = no;
775 MPLS = no;
776 MPTCP = lib.mkForce no;
777 NFC = no;
778 NF_TABLES_BRIDGE = lib.mkForce no;
779 NVME = no;
780 OPENVSWITCH = no;
781 PARAVIRT = lib.mkForce no;
782 POWER_SUPPLY = no;
783 USB_GSPCA = lib.mkForce no;
784 VIDEO_STK1160_COMMON = lib.mkForce no;
785 XEN = lib.mkForce no;
786 #NVME_CORE = no;
787 };
788 features.debug = false;
789 #ignoreConfigErrors = true;
790 };
791 });
792 })
793 ];
794 boot.cleanTmpDir = true;
795 boot.tmpOnTmpfs = lib.mkForce false;
796 # TODO: is that needed?
797 hardware.enableRedistributableFirmware = true;
798 sdImage = {
799 postBuildCommands = ''
800 dd if=${pkgs.ubootCubieboard2}/u-boot-sunxi-with-spl.bin of=$img bs=1024 seek=8 conv=notrunc
801 '';
802 compressImage = true;
803 expandOnBoot = true;
804 firmwareSize = 1;
805 populateFirmwareCommands = "";
806 populateRootCommands = ''
807 mkdir -p ./files/boot
808 ${config.boot.loader.generic-extlinux-compatible.populateCmd} -c ${config.system.build.toplevel} -d ./files/boot
809 '';
810 };
811 boot.loader.grub.enable = false;
812 boot.loader.generic-extlinux-compatible.enable = true;
813 # nix -L build .#nixosConfigurations.${hostName}.config.boot.kernelPackages.kernel.configfile
814 boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest_Cubieboard2;
815 boot.initrd.availableKernelModules = lib.mkForce [
816 "mmc_block"
817 "usbhid"
818 "hid_generic"
819 "hid_microsoft"
820 ];
821 }