Make almost no-configuration builds work

Try: nix-build \ https://github.com/danielfullmer/NixDroid/archive/master.tar.gz \ --configuration '{ device = "marlin"; }' -A config.build.img
SomeoneSerge · Sep 16, 2019 · a775bf9 · a775bf9
1 parent 8baac70
commit a775bf9
Show file tree

Hide file tree

Showing 8 changed files with 18 additions and 11 deletions.
diff --git a/default.nix b/default.nix
@@ -13,6 +13,10 @@ lib.evalModules {
       _module.args.nixdroidlib = nixdroidlib;
     }
     configuration 
+    ./flavors/grapheneos.nix
+    ./flavors/vanilla.nix
+    ./flavors/common.nix
+    ./flavors/pixel.nix
     ./modules/apps/auditor.nix
     ./modules/apps/backup.nix
     ./modules/apps/fdroid.nix

diff --git a/example.nix b/example.nix
@@ -3,7 +3,7 @@
 with pkgs;
 with lib;
 {
-  imports = [ ./profiles/grapheneos.nix ];
+  flavor = "grapheneos"; # "vanilla" is another option
 
   # Don't forget to update these for each unique build
   buildNumber = "2019.09.12.2";

diff --git a/profiles/common.nix → flavors/common.nix b/profiles/common.nix → flavors/common.nix
@@ -20,7 +20,7 @@ in
 #    #"marlin" "muskie" "wahoo" "taimen" "crosshatch" "bonito" # Exclude all devices by default
 #    # This breaks the device-name patch
   ];
-  source.includeGroups = mkDefault [ config.device config.deviceFamily config.kernel.configName ]; # But include the one we care about. Also include deviceFamily and kernel.configName, which might be an alternate name
+  #source.includeGroups = mkDefault [ config.device config.deviceFamily config.kernel.configName ]; # But include the one we care about. Also include deviceFamily and kernel.configName, which might be an alternate name
 
   # Disable some unused directories to save time downloading / extracting
   source.dirs = listToAttrs (map (dir: nameValuePair dir { enable = false; })

diff --git a/profiles/grapheneos.nix → flavors/grapheneos.nix b/profiles/grapheneos.nix → flavors/grapheneos.nix
@@ -26,9 +26,7 @@ let
     fetchSubmodules = true;
   };
 in
-{
-  imports = [ ./common.nix ./pixel.nix ];
-
+mkIf (config.flavor == "grapheneos") {
   source.manifest = {
     url = mkDefault "https://github.com/GrapheneOS/platform_manifest.git";
     rev = mkDefault "refs/tags/${release.tag}";

diff --git a/profiles/pixel.nix → flavors/pixel.nix b/profiles/pixel.nix → flavors/pixel.nix
@@ -23,7 +23,7 @@ let
   };
 in
 mkMerge [
-  { # Default settings that apply to all devices unless overridden.
+  { # Default settings that apply to all devices unless overridden. TODO: Make conditional
     deviceFamily = mkDefault {
       marlin = "marlin"; # Pixel XL
       sailfish = "marlin"; # Pixel

diff --git a/profiles/vanilla.nix → flavors/vanilla.nix b/profiles/vanilla.nix → flavors/vanilla.nix
@@ -39,9 +39,7 @@ let
     };
   }.${config.androidVersion}.${config.deviceFamily};
 in
-{
-  imports = [ ./common.nix ./pixel.nix ];
-
+mkIf (config.flavor == "vanilla") {
   source.manifest = {
     url = mkDefault "https://android.googlesource.com/platform/manifest"; # I get 100% cpu usage and no progress with this URL. Needs older curl version
     rev = mkDefault "refs/tags/${release.tag}";

diff --git a/modules/base.nix b/modules/base.nix
@@ -10,6 +10,11 @@ let
 in
 {
   options = {
+    flavor = mkOption {
+      default = "vanilla";
+      type = types.str;
+    };
+
     device = mkOption {
       type = types.str;
       description = "Code name of device build target";
@@ -22,12 +27,14 @@ in
     };
 
     buildNumber = mkOption {
+      default = "12345";
       type = types.str;
       description = "Set this to something meaningful, like the date. Needs to be unique for each build for the updater to work";
       example = "2019.08.12.1";
     };
 
     buildDateTime = mkOption {
+      default = 1;
       type = types.int;
       description = "Seconds since the epoch that this build is taking place. Needs to be monotone increasing for the updater to work. e.g. output of \"date +%s\"";
       example = 1565645583;
@@ -76,7 +83,7 @@ in
     };
 
     signBuild = mkOption {
-      default = true;
+      default = false;
       type = types.bool;
       description = "Whether to sign build using user-provided keys. Otherwise, build will be signed using insecure test-keys.";
     };

diff --git a/modules/kernel.nix b/modules/kernel.nix
@@ -90,7 +90,7 @@ in
 
       patches = config.kernel.patches;
 
-      postPatch = lib.optionalString (config.avbMode == "verity_only") ''
+      postPatch = lib.optionalString (config.signBuild && (config.avbMode == "verity_only")) ''
         rm -f verity_*.x509
         openssl x509 -outform der -in ${config.build.x509 "verity"} -out verity_user.der.x509
       '';