diff --git a/.dockerignore b/.dockerignore new file mode 120000 index 0000000..3e4e48b --- /dev/null +++ b/.dockerignore @@ -0,0 +1 @@ +.gitignore \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index d2a08a6..57739de 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,20 +4,19 @@ RUN apt-get update && apt-get install -y \ curl git sudo qemu-system-x86 qemu-utils \ debian-archive-keyring systemd-boot reprepro xz-utils -RUN adduser --disabled-password --gecos '' nix && \ - echo "nix ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/nix && \ - chmod 0440 /etc/sudoers.d/nix +RUN echo "ubuntu ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/ubuntu && \ + chmod 0440 /etc/sudoers.d/ubuntu -COPY --chown=nix:nix . /home/nix/mkosi -RUN mkdir -p /home/nix/mkosi/mkosi.packages /home/nix/mkosi/mkosi.cache \ - /home/nix/mkosi/mkosi.builddir /home/nix/mkosi/build /nix && \ - chown -R nix:nix /home/nix/mkosi /nix +COPY --chown=ubuntu:ubuntu . /home/ubuntu/mkosi +RUN mkdir -p /home/ubuntu/mkosi/mkosi.packages /home/ubuntu/mkosi/mkosi.cache \ + /home/ubuntu/mkosi/mkosi.builddir /home/ubuntu/mkosi/build /nix && \ + chown -R ubuntu:ubuntu /home/ubuntu/mkosi /nix -USER nix +USER ubuntu RUN curl -L https://nixos.org/nix/install | sh -s -- --no-daemon && \ mkdir -p ~/.config/nix ~/.cache/mkosi/ && \ echo 'experimental-features = nix-command flakes' > ~/.config/nix/nix.conf -RUN /home/nix/.nix-profile/bin/nix develop -c /bin/true -WORKDIR /home/nix/mkosi -ENTRYPOINT ["/home/nix/.nix-profile/bin/nix", "develop", "-c", "/bin/bash"] \ No newline at end of file +WORKDIR /home/ubuntu/mkosi +RUN /home/ubuntu/.nix-profile/bin/nix develop -c /bin/true +ENTRYPOINT ["/home/ubuntu/.nix-profile/bin/nix", "develop", "-c", "/bin/bash"] \ No newline at end of file diff --git a/base/base.conf b/base/base.conf index 7872d2b..75163fa 100644 --- a/base/base.conf +++ b/base/base.conf @@ -4,7 +4,6 @@ Release=trixie [Build] PackageCacheDirectory=mkosi.cache -Environment=KERNEL_IMAGE KERNEL_VERSION [Output] Format=uki @@ -23,7 +22,7 @@ SkeletonTrees=base/mkosi.skeleton FinalizeScripts=base/debloat.sh PostInstallationScripts=base/debloat-systemd.sh PostInstallationScripts=base/efi-stub.sh -BuildScripts=base/mkosi.build +BuildScripts=kernel/mkosi.build CleanPackageMetadata=true Packages=kmod @@ -44,3 +43,11 @@ BuildPackages=build-essential pkg-config clang cargo + flex + bison + elfutils + bc + perl + gawk + zstd + libssl-dev diff --git a/base/mkosi.build b/base/mkosi.build deleted file mode 100755 index aee1b99..0000000 --- a/base/mkosi.build +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -set -euxo pipefail - -if [ -z "$KERNEL_IMAGE" ] || [ -z "$KERNEL_VERSION" ]; then - echo "KERNEL_IMAGE and KERNEL_VERSION must be set" - exit 1 -fi - -# Copy kernel and config to a place where mkosi can find it -mkdir -p "$DESTDIR/usr/lib/modules/$KERNEL_VERSION" -cp "$KERNEL_IMAGE" "$DESTDIR/usr/lib/modules/$KERNEL_VERSION/vmlinuz" \ No newline at end of file diff --git a/buildernet/buildernet.conf b/buildernet/buildernet.conf index ac7bfca..bd42339 100644 --- a/buildernet/buildernet.conf +++ b/buildernet/buildernet.conf @@ -21,5 +21,4 @@ BuildPackages=libleveldb-dev zlib1g-dev libzstd-dev libpq-dev - libssl-dev protobuf-compiler diff --git a/flake.nix b/flake.nix index c1bd83b..922cdf9 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,6 @@ let system = "x86_64-linux"; pkgs = import nixpkgs { inherit system; }; - kernel = import ./kernel.nix { inherit pkgs; }; reprepro = pkgs.stdenv.mkDerivation rec { name = "reprepro-${version}"; version = "4.16.0"; @@ -32,17 +31,8 @@ ] ++ [ reprepro ]; }; in { - packages.${system} = { - kernel = kernel; - default = kernel; - }; - devShells.${system}.default = pkgs.mkShell { nativeBuildInputs = [ pkgs.qemu mkosi ]; - - KERNEL_IMAGE = "${kernel}/bzImage"; - KERNEL_VERSION = kernel.version; - shellHook = '' mkdir -p mkosi.packages mkosi.cache mkosi.builddir ''; diff --git a/kernel.nix b/kernel.nix deleted file mode 100644 index 87ed618..0000000 --- a/kernel.nix +++ /dev/null @@ -1,55 +0,0 @@ -{ pkgs ? import {} }: -pkgs.stdenv.mkDerivation rec { - pname = "linux-tdx"; - version = "6.13.1"; - - depsBuildBuild = with pkgs.pkgsBuildBuild; [ - stdenv.cc - ]; - - nativeBuildInputs = with pkgs.buildPackages; [ - git flex bison elfutils openssl - bc perl gawk zstd - ]; - - src = pkgs.fetchFromGitHub { - owner = "gregkh"; - repo = "linux"; - rev = "v${version}"; - sha256 = "sha256-eiceHrOC2K2nBEbs7dD9AfpCNesorMhC9X24UtSPkMY="; - }; - - # patches = []; - - configurePhase = ''cp ${./kernel-yocto.config} .config''; - - buildPhase = '' - patchShebangs ./scripts/ld-version.sh - export KBUILD_BUILD_TIMESTAMP="$(date -u -d @$SOURCE_DATE_EPOCH)" - export KBUILD_BUILD_USER="nixbuild" - export KBUILD_BUILD_HOST="nixbuilder" - make olddefconfig bzImage -j "$NIX_BUILD_CORES" \ - ARCH="x86_64" \ - HOSTCC="$CC_FOR_BUILD" \ - HOSTCXX="$CXX_FOR_BUILD" \ - HOSTAR="$AR_FOR_BUILD" \ - HOSTLD="$LD_FOR_BUILD" \ - CC="$CC" LD="$LD" \ - OBJCOPY="$OBJCOPY" \ - OBJDUMP="$OBJDUMP" \ - READELF="$READELF" \ - STRIP="$STRIP" \ - CONFIG_EFI_STUB=y - ''; - - installPhase = '' - mkdir -p $out - cp arch/x86_64/boot/bzImage $out/ - ''; - - meta = { - description = "Linux Kernel ${version}"; - homepage = https://kernel.org; - license = "gpl2Only"; - }; -} \ No newline at end of file diff --git a/kernel-yocto.config b/kernel/kernel-yocto.config similarity index 100% rename from kernel-yocto.config rename to kernel/kernel-yocto.config diff --git a/kernel/mkosi.build b/kernel/mkosi.build new file mode 100755 index 0000000..72f80da --- /dev/null +++ b/kernel/mkosi.build @@ -0,0 +1,58 @@ +#!/bin/bash +set -euo pipefail + +# Configuration +KERNEL_VERSION="6.13.12" +KERNEL_REPO="https://github.com/gregkh/linux" +BASE_CONFIG="$SRCDIR/kernel/kernel-yocto.config" +SNIPPETS_DIR="$SRCDIR/kernel/snippets" + +echo "Building kernel $KERNEL_VERSION with snippets: ${KERNEL_CONFIG_SNIPPETS:-none}" + +# Generate final config +config_file=$(mktemp) +cp "$BASE_CONFIG" "$config_file" +if [[ -n "${KERNEL_CONFIG_SNIPPETS:-}" ]]; then + IFS=',' read -ra snippets <<< "$KERNEL_CONFIG_SNIPPETS" + for snippet in "${snippets[@]}"; do + snippet_file="$SNIPPETS_DIR/${snippet}.config" + [[ -f "$snippet_file" ]] && cat "$snippet_file" >> "$config_file" + done +fi + +# Calculate cache key and paths +config_hash=$(sha256sum "$config_file" | cut -d' ' -f1 | cut -c1-12) +cache_dir="$BUILDDIR/kernel-${KERNEL_VERSION}-${config_hash}" +kernel_file="$cache_dir/bzImage" + +# Use cached kernel if available +if [[ -f "$kernel_file" ]]; then + echo "Using cached kernel: $kernel_file" +else + echo "Building kernel from source..." + build_dir="$BUILDROOT/build/kernel-${KERNEL_VERSION}" + + # Clone if needed + [[ ! -d "$build_dir" ]] && git clone --depth 1 --branch "v${KERNEL_VERSION}" "$KERNEL_REPO" "$build_dir" + + # Build kernel + cd "$build_dir" + cp "$config_file" .config + export KBUILD_BUILD_TIMESTAMP="$(date -u -d @${SOURCE_DATE_EPOCH:-$(date +%s)})" + export KBUILD_BUILD_USER="mkosi" KBUILD_BUILD_HOST="mkosi-builder" + + mkosi-chroot make olddefconfig + mkosi-chroot make -j "$(nproc 2>/dev/null || echo 2)" bzImage ARCH=x86_64 CONFIG_EFI_STUB=y + + # Cache result + mkdir -p "$cache_dir" + cp arch/x86_64/boot/bzImage "$cache_dir/" + cp .config "$cache_dir/config" +fi + +# Install kernel +mkdir -p "$DESTDIR/usr/lib/modules/$KERNEL_VERSION" +cp "$kernel_file" "$DESTDIR/usr/lib/modules/$KERNEL_VERSION/vmlinuz" +rm -f "$config_file" + +echo "Kernel installed successfully" \ No newline at end of file